last executing test programs:

40m19.740601708s ago: executing program 32 (id=815):
r0 = socket$kcm(0x21, 0x2, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYRESDEC=r0], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x71, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
preadv(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000001640)=""/4108, 0x100c}], 0x1, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x35, 0x1, 0x8, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000140)={0x3, 'team0\x00', {0x9}})
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="020d0000100000000000000000000000080012000200020000000000000000001200326a03030000001b000000000000000010002b0001000000000000000000fc020000000000000000000000000000030005000000000002000000ac1414aa0000000000000000030006000000000002"], 0x80}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000063016200000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)

40m7.121910798s ago: executing program 33 (id=850):
r0 = socket$kcm(0x21, 0x2, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYRESDEC=r0], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x71, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_procfs(0x0, &(0x7f0000000480)='attr/prev\x00')
preadv(r5, &(0x7f00000003c0)=[{&(0x7f0000001640)=""/4108, 0x100c}], 0x1, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x35, 0x1, 0x8, 0x0, 0x0)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000140)={0x3, 'team0\x00', {0x9}})
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="020d0000100000000000000000000000080012000200020000000000000000001200326a03030000001b000000000000000010002b0001000000000000000000fc020000000000000000000000000000030005000000000002000000ac1414aa0000000000000000030006000000000002"], 0x80}}, 0x0)
write$binfmt_aout(r7, &(0x7f0000000100)=ANY=[], 0xc1)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000063016200000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)=ANY=[], 0x20)
lseek(r6, 0x200000002, 0x0)
sendmsg$inet(r0, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @empty}}}, @ip_retopts={{0x18, 0x110, 0xd, {[@timestamp_addr={0x44, 0x4}]}}}], 0x38}, 0x0)
r9 = syz_open_dev$video4linux(&(0x7f0000000140), 0x0, 0x800)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r9, 0x80885659, &(0x7f0000000080)={0x8, 0x980902, 0x0, 0x4, 0x2, 0x0, 0xfffffffc})

34m46.413360859s ago: executing program 34 (id=1818):
socket$packet(0x11, 0x2, 0x300)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_SHUTDOWN={0x22, 0x9})
io_uring_enter(0xffffffffffffffff, 0x3516, 0x0, 0x0, 0x0, 0x0)
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
listen(r0, 0x0)
accept4$x25(r0, 0x0, 0x0, 0x80800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x2)
syz_open_dev$sndctrl(0x0, 0x3, 0x490c80)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}], {0x14}}, 0x64}}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

30m43.798371069s ago: executing program 35 (id=2587):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/packet\x00')
preadv(r1, &(0x7f0000000080)=[{&(0x7f0000000140)=""/249, 0xf9}], 0x1, 0x103, 0x3)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000100))
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = dup3(r3, r2, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000800)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000004c0)={@fd={0x66642a85, 0x0, r2}, @fd, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x2, 0x34}}, &(0x7f0000000300)={0x0, 0x18, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r8=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@newlink={0x40, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x15a11}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @hsr={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_HSR_SLAVE2={0x8, 0x2, r6}, @IFLA_HSR_SLAVE1={0x8, 0x1, r8}]}}}]}, 0x40}}, 0x44)
syz_emit_ethernet(0x2a, &(0x7f0000000a00)=ANY=[@ANYBLOB="0180c200000800000000000088fb45cf001c006500000e021eb6ac1414bb9078ffffffff"], 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xfff, 0x6)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
openat$smackfs_cipso(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/smackfs/cipso2\x00', 0x2, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)

26m33.744148446s ago: executing program 36 (id=3191):
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x64440, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
mount$overlay(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1900060, &(0x7f0000000340)={[], [{@rootcontext={'rootcontext', 0x3d, 'user_u'}}, {@obj_type={'obj_type', 0x3d, 'fuse\x00'}}]})
ioctl$VHOST_VDPA_GET_VRING_NUM(r0, 0x8002af76, &(0x7f0000000000))
r2 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f0000001040)={0x9, {"a2e3ad21ed0d52f90b9b500987f70e06d038e7ff7fc6e5539b324b298b089b0708346d090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d1780700523c921b1b9b31070d075d0936cd3b78130daa61f94b61404d64aec1b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801116bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c088215ec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6f44ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d208001349b41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2a15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb8744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee53259289d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c1980778efa5ea59796b7430acc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a0700d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8440daaa69bf5c8f4350aeae9ca1207e76061b28f27da19acc7e658828163e2d25c46a348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5d2639a10477f1f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b942c1c7f12de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211c7847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039e7799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2fe81ddb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec93b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fadeaa57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb10000000000000004d3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e781171e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b906ce2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157fa2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416e4872aaad8c653f52cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7ae288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289d8523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f426596e1cd7655b904801784c78e2724f43f1e504f6a18a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f07b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e7c7b2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f69f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df06720ba2b26bbfcc807c8aabb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db38b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf95a06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xffffffffffff8001, 0x8, &(0x7f0000000040)=0x1)
syz_usb_connect(0x5, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010102c03a4d20041605008c00080904529800a7a6ae0409049f0600ffffff0509049c0300fffffffb000000000000000000000000ab0a5b58c096a7b47d01b41418dd9c956ac1cae188643d90"], &(0x7f0000001b40)={0x0, 0x0, 0x0, 0x0})

24m56.876127971s ago: executing program 9 (id=3440):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket(0x1e, 0x1, 0x0)
connect$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
write$binfmt_misc(r1, &(0x7f0000000080), 0x2000011a)
recvmmsg(r1, &(0x7f00000051c0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000001c0)=""/173, 0xad}], 0x1}, 0xffffff42}], 0x1, 0x40000160, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000540), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r2)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r4, 0x8933, &(0x7f0000000340)={'wpan0\x00', <r5=>0x0})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001c80)={&(0x7f0000001a00)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x20, 0x20, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x2, [{}]}, @struct]}}, 0x0, 0x3a, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="4d7e00000000000000002a00000008002f000000000005003600000000000c0005000000000200000000050037000000000008000200", @ANYRES32=r5, @ANYBLOB="06000600fe0000000600040000000000f117a95d93f1e49c3b61e620bde8d9a5905bdb3d0f04b56da72a688f02729b9029b6bf0060e53d3d5a"], 0x50}, 0x4, 0x700000000000000}, 0x0)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r6)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r9, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r10 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r10, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r11 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r12=>0x0})
sendto$packet(r10, &(0x7f0000000180)="10030600e0ff020004004788aa96a13bb100001100007fca1a00", 0x10608, 0x0, &(0x7f0000000140)={0x11, 0x0, r12}, 0x14)
ioctl$sock_SIOCGIFINDEX_802154(r8, 0x8933, &(0x7f0000000340)={'wpan0\x00', <r13=>0x0})
sendmsg$IEEE802154_SET_MACPARAMS(r2, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x34, r3, 0x4, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_FRAME_RETRIES={0x5, 0x28, 0x7}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r13}, @IEEE802154_ATTR_CSMA_MAX_BE={0x5, 0x27, 0xc}, @IEEE802154_ATTR_CSMA_MAX_BE={0x5, 0x27, 0x5}]}, 0x34}}, 0x1)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)={0x50, r7, 0x852dd6c070cd7e4d, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_DEV_KEY_MODE={0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r13}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_SHORT_ADDR={0x6}]}, 0x50}, 0x4, 0x700000000000000}, 0x0)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r0, 0x0, 0x0)

24m55.360625339s ago: executing program 9 (id=3449):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000010850000006d00000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f00000002c0)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r3, 0x0, &(0x7f0000ffa000/0x3000)=nil, 0x3000})
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f0000000380)={0x28, 0x4, r3, 0x0, &(0x7f0000ffb000/0x1000)=nil, 0x1000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r2, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r3, 0x0, <r4=>0xffffffffffffffff})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r2, 0x3ba0, &(0x7f0000000300)={0x48, 0x8, r4, 0x0, 0x2fff, 0x2, &(0x7f0000000180)='\x00\x00', 0x5})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000880)='skb_copy_datagram_iovec\x00', r1}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
recvmsg$unix(r5, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdc8}, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmmsg$unix(r7, &(0x7f00000bd000), 0x318, 0x0)
ioprio_set$pid(0x1, 0x0, 0x0)
pipe2$9p(&(0x7f0000000080), 0x80080)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r8, &(0x7f00000000c0)={0x1f, 0x21, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
write$binfmt_script(r8, &(0x7f0000000000)={'#! ', './file1'}, 0xfdef)

24m53.358109725s ago: executing program 9 (id=3455):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = add_key(&(0x7f00000002c0)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, 0x0, &(0x7f0000000480)=@keyring)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r5, 0x0, 0x40, &(0x7f00000004c0)=@nat={'nat\x00', 0x670, 0x5, 0x4b8, 0x450, 0x2c0, 0xffffffff, 0x3a8, 0x2c0, 0x450, 0x450, 0xffffffff, 0x450, 0x450, 0x5, 0x0, {[{{@uncond, 0x0, 0x1f0, 0x228, 0x48, {}, [@common=@unspec=@string={{0xc0}, {0x5, 0xc, 'kmp\x00', "0d01d3e4c6b2bfd892aa7400051624fa86999b13d39b99407a9b7abe75a728baa18da576811985de44110b8602025e1298ea55f1c5087ab16f67b18ca90ac68f0b3d6a068f727f7d23fa5fad26a59a5da2651212bdf9d29248ae63e2349b2470915eea2c39ade5129ff26b6fe772493180cfda2cdd49412e9469d85abdb467ba", 0x79, 0x2, {0x1}}}, @common=@unspec=@conntrack2={{0xc0}, {{@ipv6=@dev={0xfe, 0x80, '\x00', 0x10}, [0xffffff00, 0xff000000, 0x0, 0xffffff00], @ipv4=@dev={0xac, 0x14, 0x14, 0x29}, [0x0, 0xffffff00, 0xff000000, 0xffffffff], @ipv6=@local, [0xff000000, 0xff, 0x0, 0xff], @ipv4=@broadcast, [0xffffffff, 0xffffff00, 0xff], 0x3ff, 0x1, 0x5c, 0x4e20, 0x4e22, 0x4e24, 0x4e24, 0x804, 0x20c0}, 0x80, 0x2}}]}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x801, {0x0, @broadcast, @multicast2, @port=0x1, @port=0x4e24}}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@ip={@multicast2, @broadcast, 0x0, 0x0, 'virt_wifi0\x00', 'veth1_vlan\x00'}, 0x0, 0x70, 0xb8}, @unspec=@SNAT1={0x48, 'SNAT\x00', 0x1, {0xe, @ipv6=@ipv4={'\x00', '\xff\xff', @empty}, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @icmp_id=0x65, @port=0x4e21}}}, {{@ip={@private=0xa010100, @rand_addr, 0x0, 0x0, 'nicvf0\x00', 'nr0\x00'}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @rand_addr, @dev={0xac, 0x14, 0x14, 0x2a}, @icmp_id, @icmp_id}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x518)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f00000003c0)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mbind(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x1, 0x0, 0x0, 0x0)
pipe2(0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
openat$userio(0xffffffffffffff9c, 0x0, 0x40101, 0x0)

24m49.658686245s ago: executing program 9 (id=3463):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4001, 0x0, @loopback}, 0x1c)
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f00000001c0)={0x0, &(0x7f0000000180)})
r1 = socket(0xa, 0x2, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r2=>0x0, <r3=>0x0}, &(0x7f0000cab000)=0xa)
setresgid(0x0, 0xffffffffffffffff, r3)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
r4 = socket$kcm(0x29, 0x2, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x89e1, &(0x7f0000000000))
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000080)='./file1\x00')
socket$netlink(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000100)='./file1\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x0, 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
sendfile(r1, r6, 0x0, 0x80000002)
setregid(0x0, r3)
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000380)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x1})
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000002c0)={'vcan0\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@can_newroute={0x2c, 0x18, 0x400, 0x0, 0x0, {0x1d, 0x1, 0x4}, [@CGW_MOD_UID={0x8}, @CGW_DST_IF={0x8, 0xa, r8}, @CGW_MOD_UID={0x58, 0xe, r2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x50}, 0x20000080)
syz_usb_connect(0x5, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x110, 0x60, 0xbb, 0x41, 0x8, 0xc2e, 0x700, 0xe13b, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0xa2, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x61, 0x1, 0x2, 0x23, 0x53, 0x83, 0x3, [], [{{0x9, 0x5, 0x3, 0x3, 0x3ff, 0x8, 0x40, 0x4}}, {{0x9, 0x5, 0x85, 0x3, 0x40, 0xb, 0x2, 0xb}}]}}]}}]}}, 0x0)

24m46.199633434s ago: executing program 9 (id=3472):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000840)={0x80, r1, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_PEERS={0x58, 0x8, 0x0, 0x1, [{0x54, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_ALLOWEDIPS={0x2c, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x1}}]}]}]}]}]}, 0x80}}, 0x20000010)

24m44.808281815s ago: executing program 9 (id=3479):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000840)={0x80, r1, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_PEERS={0x58, 0x8, 0x0, 0x1, [{0x54, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_ALLOWEDIPS={0x2c, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x1}}]}]}]}]}]}, 0x80}}, 0x20000010) (fail_nth: 3)

24m43.652080209s ago: executing program 37 (id=3479):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000600), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000840)={0x80, r1, 0x1, 0x0, 0x0, {}, [@WGDEVICE_A_IFNAME={0x14, 0x2, 'wg1\x00'}, @WGDEVICE_A_PEERS={0x58, 0x8, 0x0, 0x1, [{0x54, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_ALLOWEDIPS={0x2c, 0x9, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x1}}]}]}]}]}]}, 0x80}}, 0x20000010) (fail_nth: 3)

18m57.586210001s ago: executing program 5 (id=4714):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, &(0x7f00000002c0)=0xa0000)
r1 = dup(r0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000040)={@my=0x0})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r1, 0x7ab, &(0x7f0000000080)={&(0x7f0000000300)={{@my=0x0}, {@local}, 0x400, "1a0b5dbeaad6e12581edfd3e937bb049a5b6150777cdfc3f662aaa33c62804d786b79e9434331a65305e1ca8b12f2ef78b51d868fcacb8c1ce634287005fa21eae9125b9b5f78afe5816253c1d8179a25109c92aca81cbefee8bfee6e64f7d09541b3b54b464b08cd356e1cb5c49e7deaccfce3d06dbdf2318dfb309890458cb7a7b2a21743cec8f1ad4a7cbea7ea1ed37d1bab65c1bf52f9b1559ea51ed0e07f0184f39018109c38b561e132a99d1248964ca540bf022b6977bfaca7f9fc8e1b6826807127484d9835b5a1b710478b2a67c3f68d4d065d59140309232f0b5884f1d1dc6a575f990d0685a0cd095f6b4b79d0cffdb57b0bac719e4a9f39ccdc79fa6aeafa3a71ed3f46987cc1fda18e3bc34e56a441eb3e7f47476c52a400597b01eaf894da3428b4027a6ce2657b267932e83053be08f450510a0df068e3907290e7d104a8f79838bdc762cfe081260ff54b6b2fb4670b89be06c40b3c4ba8387586f5b84d2547d75125356f478523b8604452d0898c94f6d0bc75d9a34f063c979d519e0379eec57aa7a48d2120ae28682229213017a2215e0755c3b71e56ebaf2c928d6cf53dbc0190864d0b6ea928e933474e58a193c880bd90bb39d3291142687e8f9a10c60887898a931e34dac504220200401a7b26973590621222a74aa843becaec07a70456dad98ab32c225872a699f7aa849a035b8d513c97198d5a790b85a14375bc00f0635db6eaf0741fb9ab5bfb72dde3c1992b0157a1a34933caf5fa679435f34a756e0366a4f7d604958e6ede55883ca9f11e388306612489528887a45d7f67588bae91ec6f4b28ac26ccdae64cc82948fe99b2002df2d93236faacccc629f41a6981fffbb640e60399c5fe7288112bba82046197ef850d9f225987a6022fef9ad89b4798dc92b7cb5a1e1d2c698f86c4f99317ba87530b874ac3bd7899dffd2393a1d93ddb5143678831d94aaa2bf4267bfffefb44ec03fadcae8e8d89617ed926ad635559a7cdf61e2638dc3d8c424403c8121ad89aec8277a64955cf090c187113f4484c30f6246643a0600000015869e58fe86ba3ab33ed7646b21846bd4f754ccffac9a96223971e4c44a36eef33c09d1b57a3790bec363a2c7333b07629874ad2119f2ccda107b183477df18f175d7e9132720d7cd7e671f8b62dee95433fa1db34dfb1bcae6a22863d1f592be8f6c64dcbb93bc5131711c7156829f77fe17b5bbfb1ac2eac809daeeeb804994b61c5e4a40c1fcbe7ee925ac8a6b0c52e24eee6d713060e407752ad35aef68040a4e68ba07c6d0548b32b12b62401c8349c6c53084bad6300d2b5e371efa569bb3a67ad15797389b8fe8dfa267fe203555bb15f36807894643f3f7f081a1e584f959c7716a46fe455837fc44c561c41ccebb845434b86b354b4a0c7796d713a500"}, 0x418})
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000002840)=ANY=[@ANYRESOCT=r0, @ANYRESHEX=r0], 0x78}, 0x1, 0x7}, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000280)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1b, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]})
syz_open_procfs(0x0, &(0x7f0000002b00)='stat\x00')
r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000640), 0xd71d77cc3772daad, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000240)='smaps_rollup\x00')
r4 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$int_in(r4, 0x5452, &(0x7f00000001c0)=0x1)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r4, 0xc0045516, &(0x7f0000000000)=0xffb)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e00010069703665727370616e000000180002800400120005001600020000000600"], 0x4c}}, 0x0)
gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000600)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
ppoll(&(0x7f0000000100)=[{r6}], 0x1, 0x0, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f0000000780)={{0x1, 0x1, 0x18, r4, {0x1}}, './file0\x00'})
socket$kcm(0x29, 0x2, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

18m56.487735374s ago: executing program 5 (id=4715):
r0 = socket$kcm(0x21, 0x2, 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x4, &(0x7f0000000240)=ANY=[@ANYRESDEC=r0], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x71, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_open_procfs(0x0, &(0x7f0000000480)='attr/prev\x00')
preadv(r5, &(0x7f00000003c0)=[{&(0x7f0000001640)=""/4108, 0x100c}], 0x1, 0x3, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x35, 0x1, 0x8, 0x0, 0x0)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000140)={0x3, 'team0\x00', {0x9}})
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r8, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="020d0000100000000000000000000000080012000200020000000000000000001200326a03030000001b000000000000000010002b0001000000000000000000fc020000000000000000000000000000030005000000000002000000ac1414aa0000000000000000030006000000000002"], 0x80}}, 0x0)
write$binfmt_aout(r7, &(0x7f0000000100)=ANY=[], 0xc1)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000063016200000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000040)=ANY=[], 0x20)
lseek(r6, 0x200000002, 0x0)
sendmsg$inet(r0, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @empty}}}, @ip_retopts={{0x18, 0x110, 0xd, {[@timestamp_addr={0x44, 0x4}]}}}], 0x38}, 0x0)
r9 = syz_open_dev$video4linux(0x0, 0x0, 0x800)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r9, 0x4020565a, &(0x7f0000000040)={0x3, 0x980902, 0x2023})
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r9, 0x80885659, &(0x7f0000000080)={0x8, 0x980902, 0x0, 0x4, 0x2, 0x0, 0xfffffffc})

18m55.387298725s ago: executing program 5 (id=4718):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$xdp(0x2c, 0x3, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r4=>0x0})
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r5, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000000440)=0x400, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f00000002c0)={'batadv_slave_1\x00', <r7=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r5, &(0x7f0000000100)={0x2c, 0x0, r7}, 0x10)
bind$xdp(r2, &(0x7f0000000240)={0x2c, 0x1, r4, 0x0, r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0xfff, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES32=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r8}, &(0x7f0000000340), &(0x7f00000004c0)}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r9}, 0x10)

18m54.230547373s ago: executing program 5 (id=4722):
modify_ldt$write(0x1, 0x0, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x4000, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0}, 0x18)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$sock_SIOCGIFCONF(r2, 0x8912, &(0x7f0000000100))
ioctl$TCSETA(0xffffffffffffffff, 0x5406, &(0x7f0000000200)={0xff07, 0x0, 0x0, 0x1ff, 0x0, "5f330000a90100f9"})
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900030073797a32000000001400048008000240326565a708000140000000000900010073797a300000000048000000060a010400000000000000000100000008000b40000000000900010073797a3000000000200004801c0001800b00010072656a65637400000c000280080001400000000114000000110001"], 0xd0}}, 0x0) (fail_nth: 1)

18m53.188865894s ago: executing program 5 (id=4727):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockopt$sock_int(r3, 0x1, 0x1, 0x0, &(0x7f0000000040))
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "df3f0400000000000000000000000609000040"})
syz_open_pts(r4, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r4, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f00000014c0)={0x2, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)={0x2, 0x18, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r6, &(0x7f000000e280)={0x2020, 0x0, <r7=>0x0}, 0x2020)
syz_fuse_handle_req(r6, &(0x7f00000021c0)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5400201fd6eb4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1de50cfd84f94266b87610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a100000000899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c099a6f7594c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824bdadc0522251203aa6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f050d8986a8ccf6405e611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a18971b6389a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a48480900000097b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9717b4112c9e54cbfa504000000d42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5e46a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e3e1052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad621ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a00", 0x2000, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x0, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc000, 0x10}}}, 0x0, 0x0, 0x0, 0x0})
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000e00)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
write$FUSE_INIT(r6, &(0x7f0000000380)={0x50, 0x0, r7, {0x7, 0x28, 0x0, 0x400022, 0x0, 0x0, 0x80}}, 0x50)
rename(&(0x7f0000000100)='./file0/../file0/file0\x00', &(0x7f0000000140)='./file0/../file0/file0\x00')

18m51.300217419s ago: executing program 5 (id=4731):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='qi_submit\x00', r0, 0x0, 0x100000001}, 0x18)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r1, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000005b40)={0x0, 0x0, &(0x7f0000005980)=[{&(0x7f00000007c0)=ANY=[], 0x1708}], 0x1, 0x0, 0x0, 0x20000004}, 0x8010)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="98030000", @ANYRES16=r4, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r6, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c09000056033300"], 0x398}}, 0x0)

18m36.102089885s ago: executing program 38 (id=4731):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='qi_submit\x00', r0, 0x0, 0x100000001}, 0x18)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r1, 0x0, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000005b40)={0x0, 0x0, &(0x7f0000005980)=[{&(0x7f00000007c0)=ANY=[], 0x1708}], 0x1, 0x0, 0x0, 0x20000004}, 0x8010)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)=ANY=[@ANYBLOB="98030000", @ANYRES16=r4, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r6, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c09000056033300"], 0x398}}, 0x0)

16m14.368182204s ago: executing program 2 (id=5238):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r2, &(0x7f0000000040)={0x1f, 0x0, @none}, 0xe)
setsockopt$bt_BT_FLUSHABLE(r2, 0x112, 0x8, &(0x7f0000005e00), 0x4)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_ext={0x1c, 0xd, &(0x7f0000000080)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x9}}, @map_idx={0x18, 0x5, 0x5, 0x0, 0x6}, @map_idx={0x18, 0x1, 0x5, 0x0, 0x5}], &(0x7f0000000100)='GPL\x00', 0xd, 0xc5, &(0x7f0000000180)=""/197, 0x40f00, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000280)={0xa, 0x1}, 0x8, 0x10, &(0x7f00000002c0)={0x0, 0x4}, 0x10, 0x2c5f1, 0xffffffffffffffff, 0x1, &(0x7f0000000340)=[0x1], &(0x7f0000000380)=[{0x1, 0x3, 0x4, 0x3}], 0x10, 0x2, @void, @value}, 0x94)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r3)
ioctl$SIOCSIFHWADDR(r1, 0x8937, &(0x7f0000000000)={'bridge_slave_0\x00', @random="010000201000"})
writev(r0, &(0x7f0000000300)=[{&(0x7f0000000140)='\n\x00\x00\x00', 0x4}], 0x1)

16m13.341185347s ago: executing program 2 (id=5244):
r0 = socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07)
socket$packet(0x11, 0x2, 0x300)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000200)={r4, r4, r4}, &(0x7f0000000040)=""/217, 0xd9, &(0x7f00000001c0)={&(0x7f0000000140)={'sha384-avx\x00'}})
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r7=>0x0})
r8 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r7, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=@newlink={0x20, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, r7}}, 0x20}}, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r9 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000ac0), 0x8002, 0x0)
write$FUSE_NOTIFY_STORE(r9, &(0x7f0000000180)={0x2b, 0x4, 0x0, {0x3, 0xe0, 0x3, 0x0, [0x0, 0x0, 0x0]}}, 0x2b)

16m11.602573913s ago: executing program 2 (id=5248):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_ARM_EAGER_SPLIT_CHUNK_SIZE(r1, 0x4068aea3, &(0x7f0000000040)={0xe4, 0x0, 0xfffffffffffffff7})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000000000096000040"])

16m9.976750652s ago: executing program 2 (id=5252):
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r0, &(0x7f0000000180)='./file0/file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1/file0\x00', 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x44, 0x10, 0x403, 0x0, 0x4, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MODE={0x5, 0x1, 0x6}, @IFLA_BOND_ARP_ALL_TARGETS={0x8, 0x1e}]}}}]}, 0x44}, 0x1, 0x2000000000000000}, 0x0)
setsockopt(r0, 0x621, 0x40b7e6, 0x0, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1c, 0x8, &(0x7f0000003880)=ANY=[], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
capset(&(0x7f0000000300)={0x20080522}, &(0x7f0000000340))
r4 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x8202)
r5 = fcntl$dupfd(r4, 0x0, r4)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000000)='.\x00', 0x0)
ioctl$SCSI_IOCTL_GET_PCI(r5, 0x5393, &(0x7f0000000000))
syz_emit_ethernet(0x11, &(0x7f00000004c0)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x2e}, @random="64c6882ba87d", @void, {@llc={0x4, {@llc={0x4e, 0xbc, "13"}}}}}, &(0x7f0000000280)={0x0, 0x2, [0xfe6, 0xd35, 0x441, 0x806]})
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r3, 0xffffffffffffffff, 0x2f, 0x0, 0x0, @void, @value}, 0x20)
syz_emit_ethernet(0x2a, 0x0, 0x0)
syz_io_uring_setup(0x3b, 0x0, 0x0, &(0x7f0000000100)=<r6=>0x0)
syz_io_uring_submit(0x0, r6, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r7, 0x8923, &(0x7f0000000000)={'veth0_vlan\x00', @random="0135014010ff"})
chdir(&(0x7f0000000140)='./bus\x00')
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x600)

16m9.528196381s ago: executing program 2 (id=5254):
r0 = syz_usb_connect(0x3, 0x4a, &(0x7f00000001c0)={{0x12, 0x1, 0x0, 0x6d, 0xf5, 0x71, 0x8, 0x4e2, 0x1424, 0xc7eb, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x38, 0x2, 0x96, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xcc, 0x7, 0x0, 0x2, 0x59, 0x61, 0x5, [@cdc_ncm={{0x5}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0x890, 0x0, 0x7, 0x8}, {0x6, 0x24, 0x1a, 0x5, 0x11}}]}}, {{0x9, 0x4, 0x1, 0xff, 0x0, 0x6e, 0xb8, 0xc1}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r0, &(0x7f0000000000)={0x14, 0x0, &(0x7f0000000240)={0x0, 0x3, 0x1a, {0x1a}}}, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)

16m8.783960909s ago: executing program 2 (id=5258):
r0 = socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07)
socket$packet(0x11, 0x2, 0x300)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000200)={r4, r4, r4}, &(0x7f0000000040)=""/217, 0xd9, &(0x7f00000001c0)={&(0x7f0000000140)={'sha384-avx\x00'}})
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r7=>0x0})
r8 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r7, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=@newlink={0x20, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, r7}}, 0x20}}, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r9 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000ac0), 0x8002, 0x0)
write$FUSE_NOTIFY_STORE(r9, &(0x7f0000000180)={0x2b, 0x4, 0x0, {0x3, 0xe0, 0x3, 0x0, [0x0, 0x0, 0x0]}}, 0x2b)

16m7.80889356s ago: executing program 39 (id=5258):
r0 = socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x5, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$LOOP_SET_CAPACITY(0xffffffffffffffff, 0x4c07)
socket$packet(0x11, 0x2, 0x300)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000200)={r4, r4, r4}, &(0x7f0000000040)=""/217, 0xd9, &(0x7f00000001c0)={&(0x7f0000000140)={'sha384-avx\x00'}})
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r7=>0x0})
r8 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r7, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=@newlink={0x20, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, r7}}, 0x20}}, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r9 = openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000ac0), 0x8002, 0x0)
write$FUSE_NOTIFY_STORE(r9, &(0x7f0000000180)={0x2b, 0x4, 0x0, {0x3, 0xe0, 0x3, 0x0, [0x0, 0x0, 0x0]}}, 0x2b)

16m7.798492719s ago: executing program 1 (id=5260):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0xd, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r6 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x42, r7, <r8=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r6, 0xc06864ce, &(0x7f0000000440)={r8, 0x0, 0x0, 0x0, 0x0, [0x0, <r9=>0x0], [], [0x0, 0x0, 0x0, 0x400]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000100)={0xfff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, &(0x7f0000000080)={r9, 0x0, <r10=>0xffffffffffffffff})
set_mempolicy(0x4005, &(0x7f0000000080)=0x7e, 0x9)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r6, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r10})
ioctl$sock_bt_hci(r4, 0x400448ca, 0x0)
r11 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r11, 0x7a0, &(0x7f0000000240)={@hyper, 0x2})
socket$nl_generic(0x10, 0x3, 0x10)

16m6.502530629s ago: executing program 1 (id=5263):
syz_usb_connect(0x2, 0x36, &(0x7f0000000000)=ANY=[], &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0})
r0 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, r0)
add_key(&(0x7f0000000000)='id_resolver\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f00000000c0)="1e0edbc536647dd9246b2d20a7a0bac00a3493c47d6f2d5decb4a6eb8f37e88a32a97338871fbd4fbaccba41285f2edff1778121141d02fc8d2c28a4e8ab53b755cbccc0a0f086b849c2feb2e6beb0d050f643fd1b15d4f01a8f57b5a3bc86d2f75344209b26c1785c50a4a275225471", 0x70, r0)

16m2.827990582s ago: executing program 1 (id=5271):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = socket$xdp(0x2c, 0x3, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r3, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', <r4=>0x0})
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r5, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r6 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r5, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f00000002c0)={'batadv_slave_1\x00', <r7=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r5, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r5, &(0x7f0000000100)={0x2c, 0x0, r7}, 0x10)
bind$xdp(r2, &(0x7f0000000240)={0x2c, 0x1, r4, 0x0, r5}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{}, &(0x7f0000000340), &(0x7f00000004c0)}, 0x20)

16m1.792976302s ago: executing program 1 (id=5275):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
r1 = socket(0x1d, 0x2, 0x6)
getsockopt$nfc_llcp(r1, 0x6a, 0x3, 0x0, 0x2000003b)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, &(0x7f0000000000)=[{{}, {0x0, 0x0, 0x1, 0x1}}, {{0x0, 0x0, 0x0, 0x1}, {0x3, 0x0, 0x1}}], 0x10)
bind$can_raw(0xffffffffffffffff, &(0x7f0000000040), 0x10)
setsockopt$CAN_RAW_FILTER(0xffffffffffffffff, 0x65, 0x1, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r5, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f00000006c0)=ANY=[@ANYBLOB="1b00000000000000000000000020000000000000a856ed3c6c91510686ff8ded24efab8e87dcbc0e079ad98ba058f134f6761703acdab7153ee105993a38f508894234dbb25a670e92c1c04ee289888b2a4e617230dbc632d37540950a7283717f21e8d52dc307d584412ca5b7b1e9a048d4fed6784796f1f37d9882cb5d240d48475a52504d5d2bb8669a8d193d3009e80c9d5636dc3effcbc85a9b8f26f21c2f1e0b61b6c5e3d6696485ac6d73c924d75ab62b8f78ca799a082b551a97199f9c418d9a68acfba46eb78cce4e60a7453a774887f04e99fb43990faa4b0191", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x19, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$gtp(&(0x7f0000000080), 0xffffffffffffffff)
socket$can_j1939(0x1d, 0x2, 0x7)
sendmsg$GTP_CMD_GETPDP(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="0100000000000000000002000000080002000000000008000100", @ANYRES32=0x0, @ANYBLOB="e29bdcc00b223d0a255ffb0f11d2287e198064f5ffbb1bbc9cb07bc7cc854b91ccdada3e34b477812d639660924ac4c1281b027b4305d9"], 0x24}}, 0x0)
ioctl$FIONREAD(r0, 0x541b, 0x0)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000380)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f0000000300)={0x80, 0x0, 0x4, 0x70bd2b, 0x25dfdbfb, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'ipvlan0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'ip6tnl0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'bond0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}]}, 0x80}, 0x1, 0x0, 0x0, 0x800}, 0x4000004)

16m0.362144412s ago: executing program 1 (id=5277):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=@upd={0xe8, 0x12, 0x1, 0x70bd26, 0x25dfdbfb, {{'drbg_pr_hmac_sha384\x00'}, '\x00', '\x00', 0x2000, 0x2000}, [{0x8, 0x1, 0x1}]}, 0xe8}, 0x1, 0x0, 0x0, 0xc385b0818445394c}, 0x8000)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000800)={0x44, &(0x7f00000005c0)=ANY=[@ANYBLOB="401400520500"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

15m58.184585484s ago: executing program 1 (id=5281):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000040), 0x205, 0x8401)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x2, 0x3, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x1)
close(0x3)

15m42.80015201s ago: executing program 40 (id=5281):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440), 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000000)={0x28, 0x0, 0x0, @local}, 0x10)
r2 = syz_open_dev$usbfs(&(0x7f0000000040), 0x205, 0x8401)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$USBDEVFS_SUBMITURB(r3, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x2, 0x3, 0x0, 0x0, 0x7995}, 0xfcb5, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0})
writev(r1, &(0x7f00000002c0)=[{&(0x7f0000000080)='?', 0x20000081}], 0x1)
close(0x3)

1m35.405345061s ago: executing program 8 (id=7947):
syz_init_net_socket$x25(0x9, 0x5, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {}, [], {{}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000000))
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)}, 0x40000)
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000040)={[{0x0, 0xb214, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50, 0x4}, {0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfc, 0x0, 0x5, 0x0, 0xfd, 0x201}, {0x4, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfb, 0x3, 0x0, 0x6, 0x800000000000000}], 0x2})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000200)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x26e1, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@bloom_filter={0x1e, 0xfd8, 0x9, 0xbb, 0x8, r4, 0x9e4e, '\x00', 0x0, r4, 0x5, 0x0, 0x0, 0x6, @void, @value, @void, @value}, 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)

1m33.387498633s ago: executing program 8 (id=7955):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000a80)={0x28, 0x0, 0x0, @local}, 0x10)
getsockopt(0xffffffffffffffff, 0x28, 0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$TCSETSW(0xffffffffffffffff, 0x5403, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "b0877f007fff07eb00"})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
madvise(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x65)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$netlink(r5, &(0x7f0000001c00)={0x0, 0x0, &(0x7f0000001b80)=[{&(0x7f0000000000)={0x14, 0x23, 0x1, 0x0, 0x0, "", [@typed={0x4}]}, 0x14}], 0x1}, 0x0)
listen(r0, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000140)=0x6)
accept4$vsock_stream(r0, 0x0, 0x0, 0x0)

1m32.440087038s ago: executing program 8 (id=7956):
open(&(0x7f0000000140)='./file1\x00', 0x60142, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000002380)={{}, 0x2c, {'rootmode', 0x3d, 0x8000}})
read$FUSE(0xffffffffffffffff, &(0x7f0000000200)={0x2020, 0x0, <r0=>0x0}, 0x2020)
open(&(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000002300)={0x50, 0x0, r0, {0x7, 0x9, 0x0, 0x1030002}}, 0x50)
read$FUSE(0xffffffffffffffff, &(0x7f00000065c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r1}, 0x10)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x20080, 0x0)
dup3(r2, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x37, 0x0)

1m32.216593277s ago: executing program 8 (id=7958):
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone3(&(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)
setuid(0xee01)
r1 = syz_pidfd_open(r0, 0x0)
pidfd_send_signal(r1, 0x2, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f00000004c0)={{0x1, 0x1, 0x18, <r2=>r1, {0xffff}}, './file1\x00'})
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f00000005c0)={{{@in6=@loopback, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@initdev}, 0x0, @in6=@empty}}, &(0x7f0000000340)=0xe8)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f00000001c0)=@nullb, r3, &(0x7f00000003c0)='./file1\x00')
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='configfs\x00', 0x0, 0x0)
r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r4, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r5}, './file0\x00'})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_PROBE_MESH_LINK(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r7, @ANYRESHEX=r6, @ANYRES32, @ANYBLOB="1a093a85b9689d12997d03a1d70006"], 0x40}}, 0x0)

1m32.052203538s ago: executing program 8 (id=7961):
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000006c0)={0x18, 0x0, 0x4, 0x70bd26, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_TX_RATES={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4004}, 0x4004000)
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
write(r2, &(0x7f0000000000)="fc0000", 0x3)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000fc0)=@filter={'filter\x00', 0xe, 0x4, 0x440, 0xffffffff, 0x190, 0x298, 0x190, 0xffffffff, 0xffffffff, 0x370, 0x370, 0x370, 0xffffffff, 0x4, &(0x7f0000000040), {[{{@ipv6={@dev={0xfe, 0x80, '\x00', 0x1e}, @private2, [0xff, 0x0, 0xff000000], [0xffffff00, 0xff, 0xffffff00], 'veth1_to_team\x00', 'tunl0\x00', {}, {}, 0x2, 0x89, 0x2, 0x1e}, 0x0, 0x168, 0x190, 0x0, {}, [@common=@srh1={{0x90}, {0x73, 0x3d, 0x6, 0x80, 0x35b, @private2, @ipv4={'\x00', '\xff\xff', @loopback}, @loopback, [0xff000000, 0xff, 0xffffffff, 0xff000000], [0xff, 0xffffff00, 0xff000000, 0xff], [0x0, 0x0, 0xffffffff, 0xffffffff], 0x800, 0x11a0}}, @common=@ah={{0x30}, {[0x4d6, 0x4d5], 0x9, 0x9, 0x3}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x7}}}, {{@ipv6={@local, @local, [0xff, 0x0, 0xffffff00], [0xff000000, 0xffffff00, 0x0, 0xffffffff], 'lo\x00', 'veth0_to_bond\x00', {0xff}, {}, 0x67, 0x6, 0x0, 0x8}, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@remote, [0xffffff00, 0xff000080, 0xffffff00, 0xff000000], 0x4e21, 0x4e21, 0x4e24, 0x4e24, 0x3, 0x10, 0x800, 0x7f, 0x9}}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{0x1, 0x5, 0x1}, {0x1, 0x0, 0x4}, 0xffff, 0x7}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4a0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
connect$pppl2tp(r3, &(0x7f0000000980)=@pppol2tpin6={0x18, 0x1, {0x0, r4, 0x1, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x32)
connect$pppl2tp(r1, &(0x7f0000000980)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}, 0x1, 0x2}}, 0x26)
getsockopt$bt_BT_SECURITY(r1, 0x111, 0x7ffff, 0x0, 0x20001f00)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x3c)
sendmmsg(0xffffffffffffffff, &(0x7f0000000000), 0x4000000000001f2, 0x0)
connect$inet6(r5, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0x1c)
writev(r5, &(0x7f00000000c0)=[{&(0x7f0000000100)="88", 0xfdef}], 0x1)

1m31.642190206s ago: executing program 8 (id=7964):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r0, 0x0, 0x0, 0x40088d0)

1m30.153460423s ago: executing program 41 (id=7964):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
sendmmsg$inet6(r0, 0x0, 0x0, 0x40088d0)

18.668125313s ago: executing program 7 (id=8196):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
sendmmsg$inet6(r0, &(0x7f0000000a00)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @local, 0x9}, 0x1c, 0x0, 0x0, &(0x7f00000020c0)=ANY=[], 0x590}}], 0x1, 0x8008801)
sendmmsg$inet6(r0, &(0x7f0000000b00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

18.472964018s ago: executing program 7 (id=8200):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3589], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x22, 0x5, 0x0)
syz_io_uring_setup(0x360b, 0x0, 0x0, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000007301360000000000950000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @local}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r6, &(0x7f0000000280)='O', 0x1, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @private2}, 0x1c)
shutdown(r6, 0x1)
setsockopt$inet_sctp6_SCTP_MAXSEG(r6, 0x84, 0xd, &(0x7f00000003c0)=@assoc_value, 0x8)

17.132142733s ago: executing program 7 (id=8203):
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file8\x00', 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
shmat(0x0, &(0x7f0000fa4000/0x4000)=nil, 0x0)
syz_open_dev$radio(&(0x7f00000000c0), 0x2, 0x2)
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000a40)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x0, 0x18121})
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
io_uring_enter(r1, 0x5b43, 0x0, 0x0, 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\x00\'\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB="00000000000000000c001a800800058004"], 0x2c}}, 0x0)

17.062683808s ago: executing program 0 (id=8204):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r0, 0x4601, &(0x7f0000000100)={0x400, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x0, 0x5})
ioctl$FBIOPUT_CON2FBMAP(r0, 0x4610, &(0x7f0000000000)={0x1c})
pwrite64(r0, &(0x7f0000000100)="7c8afa7ea326d4986833f1b1401ac11d27a9631bfe0cc5a6b0d07014e92cba96dbf87388eeda9aa75bf7f16e8b9179c6dd2fd105019fc7c0dc84a6b4cf528564d87f26a04695a7ff025107228d809ed2d692340389a611b2ac6fe637e1ad1646ad9dfc58767660fd8cc36a13d279a027c48ea9570613c6ce0daf9c3b77ba521e5c576b0177020e148ae775e340e1d22dd43969ba766c0f0555be9806c8bd0b8463edd3503df86d5c359d43c93bb76b79e515c48bdaa087f30838680dd184226730fc49ae03663d0dcdc707bfac3b91c4cc232f2b751aaf55fc424518cbed25d0f861a2aa5117f825621fff0990bfb87cb9c5f86e88fe5cc5b6d59266", 0xfc, 0x8)
umount2(&(0x7f0000000000)='./file0\x00', 0x4)
sched_setscheduler(0x0, 0x1, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB=','], 0x0)
stat(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280))
syz_emit_ethernet(0x50, &(0x7f0000003940)={@link_local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x1a, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ns={0x87, 0x0, 0x0, @mcast1, [{0xe, 0x0, "a94f010c"}]}}}}}}, 0x0)

15.666058548s ago: executing program 7 (id=8208):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/rpc\x00')
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
dup(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0xfffffffe, 0x0, 0x1}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r2, 0x0, &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x28}, 0x0, 0x0, 0x1})
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000200))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000002700)=""/102392, 0x18ff8)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
io_uring_enter(r3, 0x47f9, 0x0, 0x0, 0x0, 0x0)
fchdir(r0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r7, &(0x7f0000000500)=""/30, 0x1e)
getdents64(r7, 0x0, 0x18)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000040000000000020000000000850000004100000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)

14.46935036s ago: executing program 4 (id=8212):
r0 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
r1 = syz_io_uring_setup(0x17af, &(0x7f0000000380)={0x0, 0x0, 0x13290}, &(0x7f0000000300)=<r2=>0x0, &(0x7f0000000340)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r1})
io_uring_enter(r1, 0x1, 0x3, 0x1, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000180), r4)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c000000020301010000000000000000f20000000800010001"], 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
openat$zero(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r9 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x24280, 0x40)
ioctl$F2FS_IOC_SET_COMPRESS_OPTION(r9, 0x4002f516, &(0x7f0000000180)={0x1, 0x1})
mount(&(0x7f0000000140)=@sg0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ubifs\x00', 0x0, 0x0)
r10 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo\x00')
getdents(r10, &(0x7f0000000080)=""/36, 0x24)
getdents(r10, 0xffffffffffffffff, 0x18)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r11=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r11}}, 0x24}}, 0x0)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r4, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, r6, 0x400, 0x70bd2d, 0x25dfdbfb, {}, [@L2TP_ATTR_UDP_SPORT={0x6, 0x1a, 0x4e22}]}, 0x1c}, 0x1, 0x0, 0x0, 0x90}, 0xdc)
r12 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r12, 0x29, 0x36, &(0x7f00000000c0)=ANY=[], 0x8)
add_key$user(0x0, &(0x7f0000000300)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
connect$inet6(r12, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r12, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r12, &(0x7f0000004b80)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="8252", 0x2}], 0x1}}], 0x1, 0x4000c000)
sendto$inet6(r12, &(0x7f0000000300), 0x16, 0xe803000000000000, 0x0, 0xfffffffffffffdfd)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="0700000000000000000005000000180001801400020073797a5f74756e000000000000000000180003800800040000000000080002002000000004000100080005"], 0x4c}}, 0x0)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(0xffffffffffffffff, &(0x7f0000001a80)={0x0, 0x0, &(0x7f0000001a40)={&(0x7f0000000040)=ANY=[@ANYBLOB="2400000088fa84adb09657f5eb9d2fda6afe16db8685f4ae42ae847f4d15d17c13725d59fb94df", @ANYRES16=r0, @ANYBLOB="010000000000000000000a00000004000180080004000000000004000680"], 0x24}}, 0x0)

14.432201956s ago: executing program 7 (id=8213):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3589], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x22, 0x5, 0x0)
syz_io_uring_setup(0x360b, 0x0, 0x0, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000007301360000000000950000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @local}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r6, &(0x7f0000000280)='O', 0x1, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @private2}, 0x1c)
shutdown(r6, 0x1)
setsockopt$inet_sctp6_SCTP_MAXSEG(r6, 0x84, 0xd, &(0x7f00000003c0)=@assoc_value, 0x8)

13.399704823s ago: executing program 0 (id=8216):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/protocols\x00')
preadv(r3, &(0x7f0000001400)=[{&(0x7f00000015c0)=""/207, 0xcf}], 0x1, 0x10000, 0x3000000)

13.309372379s ago: executing program 4 (id=8217):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3800000010004b0400000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="480001000000000018802b6308400f"], 0x38}}, 0x0)
syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000020000402505a1a440000102030109025c0002010000000904000001020d00000424"], 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000100)=0x10000)
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000280)=0x8)
r1 = socket(0x40000000015, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f0000000440), 0x4)
bind$inet6(r1, &(0x7f0000000280)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000380)={'wlan0\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r6 = syz_open_dev$loop(&(0x7f0000000080), 0x0, 0x0)
fstat(r6, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
setresuid(0xee01, r7, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x4)
writev(r8, &(0x7f0000000300)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560aff820fffff5bab003a0000002058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100030c100000000000224e0000", 0x58}], 0x1)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r4, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x44, r5, 0x1, 0xfffffffd, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_USE_ADAPTIVE_TX={0x5, 0xc, 0x1}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES={0x8, 0x3, 0x7fff}, @ETHTOOL_A_COALESCE_RX_USECS={0x8, 0x2, 0x6f43}]}, 0x44}, 0x1, 0x0, 0x0, 0x2400c000}, 0x0)
socket$rds(0x15, 0x5, 0x0)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000840), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_STATION(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000000c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="0100fe0000002000000000000000080003a0", @ANYRES32=r3, @ANYBLOB="0a000600080211000000000005001900020000000c0043000600000001000000"], 0x3c}, 0x1, 0x0, 0x0, 0x20004001}, 0x4020000)
eventfd2(0x8, 0x801)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000500)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r10}, {}, {0x7, 0x0, 0xb, 0x2}, {0x85, 0x0, 0x0, 0x51}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r12 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000240)={r11, 0xffffffffffffffff, 0x14, 0x0, @void}, 0x10)
capget(&(0x7f0000000140)={0x20080522}, &(0x7f0000000180)={0x6, 0x9, 0x9, 0x6b, 0x2, 0x10000})
ioctl$KVM_IOEVENTFD(0xffffffffffffffff, 0x4040ae79, 0x0)
poll(&(0x7f00000001c0)=[{r10}, {r12, 0xa224}, {r0, 0xc014}, {r2, 0x10}], 0x4, 0x2)

13.15310507s ago: executing program 7 (id=8218):
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file8\x00', 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
shmat(0x0, &(0x7f0000fa4000/0x4000)=nil, 0x0)
syz_open_dev$radio(&(0x7f00000000c0), 0x2, 0x2)
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000a40)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xe}, 0x0, 0x18121})
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
io_uring_enter(r1, 0x5b43, 0x0, 0x0, 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\a\x00\x00\x00\x00\x00\x00\x00\x00\'\x00\x00\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB="00000000000000000c001a800800058004"], 0x2c}}, 0x0)

10.872115599s ago: executing program 6 (id=8223):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r4=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
r8 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r8, 0x40000000af01, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r8, 0x4008af03, &(0x7f0000000300))
r9 = socket$packet(0x11, 0x3, 0x300)
r10 = dup(r9)
ioctl$VHOST_NET_SET_BACKEND(r8, 0x4008af30, &(0x7f0000000000)={0x0, r10})
ioctl$VHOST_SET_FEATURES(r8, 0x4008af00, 0x0)
sendmsg$NL80211_CMD_DEL_PMKSA(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x50, r2, 0x1, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_PMK={0x14, 0xfe, "3beebc9333f6d1afec1e269e3647e30c"}, @NL80211_ATTR_SSID={0x4}, @NL80211_ATTR_PMKID={0x14, 0x55, "addb6d067f5186b4de0f3c6c321bebee"}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0xf6}]}, 0x50}, 0x1, 0x0, 0x0, 0x1}, 0x8080)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={0xffffffffffffffff, 0x27, 0x8, 0x0, &(0x7f0000000180)="f9ad48cc429d29fc", 0x0, 0x100, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x6}, 0x1c, &(0x7f0000001440)=[{&(0x7f00000000c0)="aa", 0x1}], 0x1}}], 0x1, 0xc008845)

9.937269332s ago: executing program 4 (id=8225):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f00000000c0)={@dev, 0x800, 0x0, 0x2000000000903, 0x1}, 0x20)
setsockopt$inet6_int(r4, 0x29, 0x1000000000021, &(0x7f00000005c0)=0x7fff, 0x4)
setsockopt$inet6_int(r4, 0x29, 0x24, &(0x7f0000000100)=0x40, 0x4)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000000)={@local, 0x10000, 0x0, 0x1, 0x1, 0x0, 0x2}, 0x20)
connect$inet6(r4, &(0x7f0000000080)={0xa, 0x0, 0x380000, @loopback}, 0x1c)
sendmsg$inet6(r4, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x6b87bd76ddbcbbe)
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560702000f0200006706000020000000620a00ff0ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce040000000000001c000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56bb5df3083d20f8c2bf304000000815dcf0066d7ded3c5c49a08a503ea6d54f7f3125a8200578ac0836d6454745e70a27444003c5b20451b624db6f5320e9befc1e00b8b32917c4d30d16b7edb732bc3ac330b16c442aff70d27659bc58e296b16750c5577c848754b4894b07f15bab1c640a5c0c4fd62f9db829b301ef67fd2b2736f3af0c54af2412313b17c4c8081c4ed0572261960e227d34cfbfdb247bc2351c9d8363a8cb18b7330604da78b0aba47545f9a25a80dd7d28a5ae41824f611dd2de6dd581c52698f9542a444a8a3969946faded5d0e14c6c946eeb44fe63275c00000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

8.805895644s ago: executing program 4 (id=8227):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r0)
r1 = syz_open_dev$dri(0x0, 0x1, 0x0)
r2 = userfaultfd(0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
open$dir(0x0, 0x2, 0x0)
rename(&(0x7f0000000200)='./file0\x00', 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, 0x0)
ioctl$UFFDIO_COPY(r2, 0xc028aa03, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = gettid()
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x30, r8, 0x5, 0x0, 0x2, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0xb}, @NL80211_ATTR_BSSID={0xa, 0xf5, @from_mac=@broadcast}]}, 0x30}, 0x1, 0x0, 0x0, 0x24}, 0x0)
sendmsg$unix(r4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@cred={{0x1c, 0x1, 0x2, {r6}}}], 0x20}, 0x0)
recvmmsg(r5, &(0x7f0000007340)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/61, 0x3d}}], 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000040)=[0x0], 0x0, 0x0, 0x0, 0x1})
mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[])
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x100000000)
syz_clone(0x41080, 0x0, 0x0, 0x0, 0x0, 0x0)

7.831689477s ago: executing program 4 (id=8229):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_G_CROP(r0, 0xc014563b, &(0x7f0000000040)={0x3, {0x9, 0x4, 0x2, 0x9}})
r1 = syz_open_dev$vim2m(&(0x7f0000000440), 0x4, 0x2)
r2 = syz_open_dev$vcsa(&(0x7f0000000100), 0x40, 0x1202)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newlink={0x3c, 0x10, 0x403, 0x6101, 0x0, {0x0, 0x0, 0x0, 0x0, 0xff7f}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_VALIDATION={0x5, 0xd, 0x4d}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x88c89f4a26451bde)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
syz_open_dev$vbi(&(0x7f0000000180), 0x0, 0x2)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000002700)=""/102392, 0x18ff8)
getsockopt$bt_hci(r4, 0x0, 0x2, &(0x7f0000000a80)=""/4096, &(0x7f0000000280)=0x1000)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000096c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newtaction={0x6c, 0x30, 0x9, 0x0, 0x0, {}, [{0x58, 0x1, [@m_vlan={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_VLAN_PARMS={0x1c, 0x2, {{0x0, 0x0, 0x20000000}, 0x3}}, @TCA_VLAN_PUSH_VLAN_ID={0x6}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
read$hidraw(0xffffffffffffffff, &(0x7f0000000240)=""/15, 0xf)
r7 = syz_open_dev$evdev(&(0x7f00000000c0), 0x20000000000, 0x822b01)
ioctl$EVIOCGRAB(r7, 0x40044590, 0x0)
ioctl$vim2m_VIDIOC_PREPARE_BUF(r1, 0xc0405602, &(0x7f00000001c0)=@multiplanar_overlay={0x9, 0x1, 0x4, 0x10000, 0x7, {}, {0x1, 0x1, 0xa, 0xc, 0x1, 0x81, "bdec4180"}, 0xfffffff9, 0x3, {&(0x7f0000000080)=[{0x5b2bc309, 0x2, {0x5}, 0x200}, {0x9, 0x7, {0x6}, 0x1}]}, 0xad, 0x0, r2})

7.096496649s ago: executing program 0 (id=8230):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff})
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000001180)={&(0x7f0000001080), 0xc, &(0x7f0000001140)={&(0x7f00000010c0)={0x70, 0x1, 0x4, 0x201, 0x0, 0x0, {0x3}, [@NFULA_CFG_MODE={0xa, 0x2, {0x9, 0x2}}, @NFULA_CFG_MODE={0xa, 0x2, {0x7fffffff}}, @NFULA_CFG_QTHRESH={0x0, 0x5, 0x1, 0x0, 0x6}, @NFULA_CFG_FLAGS={0x6}, @NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0x6}, @NFULA_CFG_CMD={0x5, 0x1, 0x2}, @NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x2}, @NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x10001}, @NFULA_CFG_FLAGS={0x6, 0x6, 0x1, 0x0, 0x6}, @NFULA_CFG_MODE={0xa, 0x2, {0x88e, 0x2}}]}, 0x70}, 0x1, 0x0, 0x0, 0x20004080}, 0x20000000)
r1 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = socket$unix(0x1, 0x2, 0x0)
readv(r2, &(0x7f0000000040)=[{&(0x7f0000000200)=""/253, 0xfd}], 0x1)
connect$unix(r2, &(0x7f00000005c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r2, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_NAME_TABLE_GET(r3, &(0x7f00000013c0)={&(0x7f00000011c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000001380)={&(0x7f0000001200)={0x180, 0x0, 0x8, 0x70bd2b, 0x25dfdbfd, {}, [@TIPC_NLA_NODE={0x94, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x800a}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x40}, @TIPC_NLA_NODE_ID={0x1f, 0x3, "2eb941faf22185bf9dfb7ddfab4d31cc6553a58b8b08ec46c7dc87"}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x41, 0x4, {'gcm(aes)\x00', 0x19, "59ed3cc03aaa1bd687c33cbcb6ecab151283b3f9758e816218"}}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NET={0x68, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x349}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffffd}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xa8a}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x6}]}, @TIPC_NLA_NODE={0x64, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x45, 0x4, {'gcm(aes)\x00', 0x1d, "02176e4531a4a4ff12c3b714cc3dd88eeb8aed216aa16b46a978248439"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x8}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xd6a}]}, @TIPC_NLA_SOCK={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}]}]}, 0x180}, 0x1, 0x0, 0x0, 0x4000000}, 0x800)
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000006c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\x00', @ANYRES16, @ANYBLOB="00032dbd7000fbdbdf258700000008"], 0x110}}, 0x24000054)
r4 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
socket$inet6(0xa, 0x3, 0x3c)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x800, 0x4)

6.915617258s ago: executing program 3 (id=8231):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000a40)=@newsa={0x17c, 0x10, 0x1, 0x0, 0x0, {{@in=@multicast2, @in6=@empty}, {@in=@broadcast, 0x0, 0x33}, @in=@local, {0x0, 0x0, 0x0, 0x6bd}, {}, {}, 0x0, 0x0, 0xa}, [@algo_auth={0x89, 0x1, {{'sha256\x00'}, 0x208, "1a8886b72111952045494ed5009e68a7239818d5eeb99571cc1fb7d4d46b1fbc3de98a7e1cb2b0d7276c38cf385b0000a79d7a3455359b3eb0c7b2c02315614c05"}}]}, 0x17c}}, 0x0)

6.312345251s ago: executing program 3 (id=8232):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @empty, 0x1}, 0x1c)
sendto$inet6(r0, &(0x7f0000000180)="1a", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r1 = memfd_create(&(0x7f0000000580)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc5\x1d\xe7jDf\x87@\x8fg\x15RJw\x82\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7g\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05', 0x6)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0x0, 0x2012, r1, 0x0)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
sendto$inet6(r0, &(0x7f0000004dc0)='\x00', 0x1, 0x0, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000040)="93", 0x34000, 0x0, 0x0, 0x44)
r2 = userfaultfd(0x1)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x152})
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000010000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000002c0)='tlb_flush\x00', r3}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x9, 0x100008b}, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$SNDCTL_DSP_SETTRIGGER(0xffffffffffffffff, 0x40045010, 0x0)

6.153987726s ago: executing program 6 (id=8233):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/rpc\x00')
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
dup(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0xfffffffe, 0x0, 0x1}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r2, 0x0, &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x28}, 0x0, 0x0, 0x1})
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000200))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000002700)=""/102392, 0x18ff8)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
io_uring_enter(r3, 0x47f9, 0x0, 0x0, 0x0, 0x0)
fchdir(r0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r7, &(0x7f0000000500)=""/30, 0x1e)
getdents64(r7, 0x0, 0x18)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000040000000000020000000000850000004100000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)

5.184223083s ago: executing program 6 (id=8234):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) (async)
r1 = socket$l2tp6(0xa, 0x2, 0x73) (async)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sigaltstack(0x0, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
syz_open_dev$vbi(0x0, 0x3, 0x2)
openat$nullb(0xffffffffffffff9c, &(0x7f0000001500), 0x0, 0x0) (async)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x70, 0x0, &(0x7f0000000580))
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x7, &(0x7f0000000080)={&(0x7f0000000300)=ANY=[@ANYBLOB="5c000000020605000000000000000000000000000900020073797a3200000000050004000000000005000100060000001400078008000640000000000800134000000000050005000a00000010000300686173683a69702c6d6163"], 0x5c}}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) (async)
r7 = syz_open_dev$sg(&(0x7f0000002d00), 0x0, 0x103802)
ioctl$SCSI_IOCTL_STOP_UNIT(r7, 0x6) (async)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r2, 0x40186f40, 0x20000502) (async)
setsockopt$inet6_int(r1, 0x29, 0x10, &(0x7f00000002c0), 0x4)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='+)\x00', &(0x7f0000000040)=',@-!.\x00', 0x0) (async)
sendmmsg$inet6(r1, &(0x7f0000008b40)=[{{&(0x7f0000001940)={0xa, 0x0, 0x0, @loopback}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[], 0xf}}], 0x1, 0x0) (async)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f00000003c0)={0x15, 0x110, 0xfa00, {0xffffffffffffffff, 0x9, 0x0, 0x0, 0x0, @in6={0xa, 0x4e21, 0x1, @dev={0xfe, 0x80, '\x00', 0x2b}, 0x6}, @in6={0xa, 0x4e21, 0x9, @mcast1, 0xb}}}, 0x118)

5.120687327s ago: executing program 0 (id=8235):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
sendmmsg$inet6(r0, &(0x7f0000000a00)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @local, 0x9}, 0x1c, 0x0, 0x0, &(0x7f00000020c0)=ANY=[@ANYBLOB], 0x590}}], 0x1, 0x8008801)
sendmmsg$inet6(r0, &(0x7f0000000b00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

5.119701127s ago: executing program 3 (id=8236):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/rpc\x00')
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
dup(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0xfffffffe, 0x0, 0x1}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r2, 0x0, &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x28}, 0x0, 0x0, 0x1})
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000200))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000002700)=""/102392, 0x18ff8)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
io_uring_enter(r3, 0x47f9, 0x0, 0x0, 0x0, 0x0)
fchdir(r0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r7, &(0x7f0000000500)=""/30, 0x1e)
getdents64(r7, 0x0, 0x18)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000040000000000020000000000850000004100000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)

5.020105259s ago: executing program 6 (id=8237):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, 0x0, 0x0)
modify_ldt$write(0x1, &(0x7f0000000000)={0x1001}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_open_dev$dri(0x0, 0x1f, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00')
pwritev(r2, &(0x7f0000000100)=[{&(0x7f0000000000)='0', 0x1}], 0x1, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000040)="8db42640452d591175c9d623b515c6d2d075d57080200000ea0001000000dae5", 0x20)
ioctl$SG_EMULATED_HOST(r4, 0x2283, &(0x7f0000000000))
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000005c0)={@map, 0xffffffffffffffff, 0x2, 0x0, 0x0, @void, @value=r0}, 0x20)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r6 = memfd_create(&(0x7f0000001380)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\xa7\x1dp\t\x9a\xceb \x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc#\v\x00\x00\x00\x00\x00\x00\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00J[\xc4\x04\xc1\xa6\x10\xc2\x9d\x11\t|\xc0\t\xd9(\x80\xe6s\xaa\x88\x8a\xd6\xa2\x01\x10W]Z\x8d\xf7\xd1P\xf9d\x01|\xa3\x03hSq\x95\x8f\xe1J\xd3#/fcCz\xff\x80\xe2M\xa3-r\xf6\x1a\xd74\xdc\xe1\xe4\xc3\x9dU t}\x02\x9a{C|S\xf4\x98\x05\xb9\x15}\xfa\"\xdc\xc2r\xf9\a\xadnD\xb6\x06\xd3\'\x10\x9f|\x17\xd6\x89O\f\x98@\x85\xa5m\x9d\\&\x17o\x11Z=l\xfb\x93\x8exZ', 0x7)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x8010002})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x10, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)

4.715802403s ago: executing program 0 (id=8238):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r0)
r1 = syz_open_dev$dri(0x0, 0x1, 0x0)
r2 = userfaultfd(0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
open$dir(0x0, 0x2, 0x0)
rename(&(0x7f0000000200)='./file0\x00', 0x0)
syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, 0x0)
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000180)={&(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ff7000/0x4000)=nil, 0x2000})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = gettid()
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x30, r8, 0x5, 0x0, 0x2, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_SCAN_FLAGS={0x8, 0x9e, 0xb}, @NL80211_ATTR_BSSID={0xa, 0xf5, @from_mac=@broadcast}]}, 0x30}, 0x1, 0x0, 0x0, 0x24}, 0x0)
sendmsg$unix(r4, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)=[@cred={{0x1c, 0x1, 0x2, {r6}}}], 0x20}, 0x0)
recvmmsg(r5, &(0x7f0000007340)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/61, 0x3d}}], 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000040)=[0x0], 0x0, 0x0, 0x0, 0x1})
mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[])
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x100000000)
syz_clone(0x41080, 0x0, 0x0, 0x0, 0x0, 0x0)

3.508775921s ago: executing program 0 (id=8239):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/protocols\x00')
preadv(r3, &(0x7f0000001400)=[{&(0x7f00000015c0)=""/207, 0xcf}], 0x1, 0x10000, 0x3000000)

3.492978851s ago: executing program 6 (id=8240):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x22, 0x5, 0x0)
syz_io_uring_setup(0x360b, 0x0, 0x0, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r5, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000007301360000000000950000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xd, 0x3, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xa8, &(0x7f00000002c0)=""/168, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000200), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @local}, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r6 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r6, &(0x7f0000000280)='O', 0x1, 0x0, &(0x7f0000000180)={0xa, 0x0, 0x0, @private2}, 0x1c)
shutdown(r6, 0x1)
setsockopt$inet_sctp6_SCTP_MAXSEG(r6, 0x84, 0xd, &(0x7f00000003c0)=@assoc_value, 0x8)

3.484185488s ago: executing program 3 (id=8241):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, 0x0, 0x0)
modify_ldt$write(0x1, &(0x7f0000000000)={0x1001}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
syz_open_dev$dri(0x0, 0x1f, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='loginuid\x00')
pwritev(r2, &(0x7f0000000100)=[{&(0x7f0000000000)='0', 0x1}], 0x1, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r3 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000040)="8db42640452d591175c9d623b515c6d2d075d57080200000ea0001000000dae5", 0x20)
ioctl$SG_EMULATED_HOST(r4, 0x2283, &(0x7f0000000000))
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000005c0)={@map, 0xffffffffffffffff, 0x2, 0x0, 0x0, @void, @value=r0}, 0x20)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r6 = memfd_create(&(0x7f0000001380)='\xfd\x0fm3#/\x00n\xaa\xaa\xe4\x01U\x8b\xc2\f\x03\x19\x9c\x8e\xcb\x90\x00\x00\xaegQ\x0e\x94\\y\x0fU2@\'\x8a\x80\x00$\x12\xfc\xe4.)\x9b\xf2@\xf0\xe0\xdb\x1f\xe6\xb4gc\x13\xda\xf9\xcd7el\xb7\xe6\b\x00\x00\x00\x00\xef\xff\x00vob/~\xc2\x00\b\x00\x00\x00\x00\x00\x00 \xff\xf1\xdem\x9c;%\xb5\"\xe4\xf1x2\x8a\x19p\x04\\\xaa-\x93\xd1\xc4 )\xbfK\xf7E\xf3\x05\xa0\xd0\xe6%\x97\x15\xf0\xab\x86\x90k\x10\xcer\x14\xe0a\xaf\xab\xfe\xd9V\x19\xa5d\x16\x8e]:3\xff\t\xe6\xf7\xb3\xbf\xa3\b[?\xb5\x14t\xd3\x8e\xc0\xe8\xefd\x88\xddz\xa25)\x17\xef\xfb4\xff\xdb\t\x8e\xeb\x1d\\\xf9\x14\xc7\v\xa8\x89\xdb A\xbaBAj\xfe\x18\xc3-+\xd6\xb0K\xee\x1b+\xc7lA\x84\xa6\xfe\x8bU<&\x1a\xe7m\x86\xb7\xa1A\xf9\x02S;C\x99\a.$K\x833\x82\x7f\x1b\'nj\x06\b\xb7\xe8] \x87A[y\xdc\x14\f\xcet\x00\x1f\x0f\xef\xca\xcfz\x7f\an0\xebB\xb8}&\xdd\xc9\xa7\x1dp\t\x9a\xceb \x81\xaaq{H\x88\xdf\xf8\x80\\\x1c8\xfe\xc4\xe3\xb0\x90\xcb\x8b1r\x94\x9f\x00\xce\xc8\xc3\x84\xa0\xc9\b\x00\x81Ks\xba\xbbC6\xd6\x13\xb5\xe086EzD\x18\xd5\x16\x88E\xc6\xf0A9\xf1u\xb3\x85\x02\x12\\Sp\xf4\x9a\xe8\x96^\xe6\xa8K\x12\b}\xff\xcb{\xc6\xf6\xb4\x8b\xb6\xa8Y\xf2\x91\xeeR\v#\xb5)\xb0\x99\x9b-p\xe3\x17\x04\xb0\xdc\x0fk\x11\xe1\x9a\a\x16\xb7\x9b\x88\xfa\x1e`\x84$\xfc\xd7\xf5^X\xd8[}\x032\xd0\x84\xdby\x94Vp\xa5\xcd(\xab\xb6\x95sR\xab\xfc\x8c\'\x9c\x16Q\xad\xbc\xb04%\xb7\xe5\x14\xb1`\x87#X\\W`;\'_4\xc5\xc9\x921<\xd9\xad\x9f\x12@!\xfaI\x88\xab\xef\x86\xe9\a>\xdd7\xb7\x8e\x9c0-o\xc9\xec_|\x02\xc8Ru\x95\xa8#U\xd6J\x87\xf6X\xb6{\x11$\x00\xc8\x14\xcb\xd1nK\xd8\xb9\x0e\x9bA\xed\xbcs\x1fS\r\x12O\x83\x15\xcb(\xdb\xb1S\x1f%\x04\x9a\xa0l\xa3}\xe7r\x02\x00\x00\x00\x8aeh;F[\xe2\x1c<L\xaa\x87A\xcdN#\xfb\xb0\xf2\x1e\x0e#J\xd0hB<\xc0\x82A0)p\xe7&J\x82\x83\x83\xd14\x01\xcf\x1b\xa9\x1d\x1ef\x0f\x86(1\xd6l\xd2\x8f\xb0\xad\t\x15\xdb|\x87\xf1\xc4\xb8\xb2\x9a\xd2A\x80\xbf\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xd6\x80\x00\x00\x00\x00\x00\x00\x00\x88&}\xd1\x00\x00\x00\xe6\xaf\t\x9f\x96\rN\xc9\x90\xbe\xed\x1ad\x14\xe7\x84\t\'\x8b\x00\xdd\xc9\x0f\x14v\xb6\x04\xf2U\xb4\xf6\xbe\xddT\xcb\x00\x00\x00\x00\x00\x00\xe9\x00\x00\x00\x00\x00\x00o:}\xa7jmH\xedn\x11\xfe\xe2\x0fT\x00\x94\xbc\xc6\x7f\x93eE1xp\xa3\xdc\xd7K9J<\xeb\xd2!\xf4\x19\xbd#\xb8\x83\x858\n\xf8\x12Z\x1a\x12\xfa\xcc\x04\r\xf3\xf4;\v\x15b^\xea\xa2\x04 \xe8\x99\xb3\x97\x9e\r\xb0\x05\xbb(f\xd0\x85\xc5\x15\xae#\x12Q\xacF\xfb\xc8\xbd\xcc#\v\x00\x00\x00\x00\x00\x00\x8f\x9b\x00\x03\xc8}\x11\xbc\x01\x8fi\xf5\x7f\xaf\x11\xfb\x16\x95\xdfc\xc9\x8a/&\x81w\xdf]ao\\\x88\xf7\xce\xbd\xb0\xa6J~\x8d\xf1\xe9\x1c\xcfo\xb3\xdc\x04Y\x8e\r\xf5\xa0\xeft\x06G0\xe3D\xd6\xa3L\xedN\x0e\xdc@7\xd8^\xae\xea\x92\xbe\x9c\xf9~c\xc1|\xca\x8d\x93R\xe5\xceU\xa5\x0f\xbf\xd8l\x96`\x0f\x00e\x8aR{\x17Y\x15m>\xe26 \x19k&.\x7f\x1d~\xdaI\xd4\x99\a+\xdf]\xbc\xa6\xc3\x0f\x99W\x9c-t\v\xc7J\xfd\x91\x853\xd1j;\x19W\x96V\x8az+\xf9\x82#\xfaC\xa3YN:\xe8\xda\xbc\xb2h\x8f\xe0\xc6d\x96\xccy\xb3\xc2\x98\x1c\xca\xde\"\xaeW\x89\x83\xc2sB\xe7\b\x9b9~}\xc2\xb3\x1d\xcc?\xd1\x89\xef\xca\x00\x00\x00\x00\x00\x00\x00\x00\x00J[\xc4\x04\xc1\xa6\x10\xc2\x9d\x11\t|\xc0\t\xd9(\x80\xe6s\xaa\x88\x8a\xd6\xa2\x01\x10W]Z\x8d\xf7\xd1P\xf9d\x01|\xa3\x03hSq\x95\x8f\xe1J\xd3#/fcCz\xff\x80\xe2M\xa3-r\xf6\x1a\xd74\xdc\xe1\xe4\xc3\x9dU t}\x02\x9a{C|S\xf4\x98\x05\xb9\x15}\xfa\"\xdc\xc2r\xf9\a\xadnD\xb6\x06\xd3\'\x10\x9f|\x17\xd6\x89O\f\x98@\x85\xa5m\x9d\\&\x17o\x11Z=l\xfb\x93\x8exZ', 0x7)
ioctl$FS_IOC_RESVSP(r6, 0x40305828, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x8010002})
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x10, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)

2.364070042s ago: executing program 6 (id=8242):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r4=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
socket$rds(0x15, 0x5, 0x0)
r8 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r8, 0x40000000af01, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r8, 0x4008af03, &(0x7f0000000300))
r9 = socket$packet(0x11, 0x3, 0x300)
r10 = dup(r9)
ioctl$VHOST_NET_SET_BACKEND(r8, 0x4008af30, &(0x7f0000000000)={0x0, r10})
ioctl$VHOST_SET_FEATURES(r8, 0x4008af00, 0x0)
sendmsg$NL80211_CMD_DEL_PMKSA(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)={0x50, r2, 0x1, 0x70bd29, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_PMK={0x14, 0xfe, "3beebc9333f6d1afec1e269e3647e30c"}, @NL80211_ATTR_SSID={0x4}, @NL80211_ATTR_PMKID={0x14, 0x55, "addb6d067f5186b4de0f3c6c321bebee"}, @NL80211_ATTR_FILS_CACHE_ID={0x6, 0xfd, 0xf6}]}, 0x50}, 0x1, 0x0, 0x0, 0x1}, 0x8080)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={0xffffffffffffffff, 0x27, 0x8, 0x0, &(0x7f0000000180)="f9ad48cc429d29fc", 0x0, 0x100, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000002740)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @local, 0x6}, 0x1c, &(0x7f0000001440)=[{&(0x7f00000000c0)="aa", 0x1}], 0x1}}], 0x1, 0xc008845)

1.642713983s ago: executing program 3 (id=8243):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/rpc\x00')
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
dup(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0xfffffffe, 0x0, 0x1}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r2, 0x0, &(0x7f0000001c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x28}, 0x0, 0x0, 0x1})
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000200))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000002700)=""/102392, 0x18ff8)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
io_uring_enter(r3, 0x47f9, 0x0, 0x0, 0x0, 0x0)
fchdir(r0)
r7 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r7, &(0x7f0000000500)=""/30, 0x1e)
getdents64(r7, 0x0, 0x18)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0xd, &(0x7f0000000340)=ANY=[@ANYBLOB="18020000040000000000020000000000850000004100000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000820000009500000000000000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r9, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00'})
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)

864.170603ms ago: executing program 3 (id=8244):
socket$key(0xf, 0x3, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r0 = openat$mixer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
dup(r0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000040)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0)
mmap(&(0x7f000001a000/0x3000)=nil, 0x3000, 0xf, 0x11012, r4, 0x0)
r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000340), 0x1a1402, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f00000001c0))
ioctl$SNDCTL_DSP_SETFMT(r5, 0xc0045005, &(0x7f0000000a00)=0x40000)

0s ago: executing program 4 (id=8245):
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000), 0xad82, 0x0)
write$sndseq(r0, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x8, @tick=0xb96, {0x7}, {}, @raw8={"3ad5e4aa05fd1f1646e53f27"}}, {0x0, 0x0, 0x0, 0x0, @time={0x0, 0x2}, {}, {}, @queue}, {0x0, 0xae, 0x16, 0x3e, @time, {}, {}, @note={0xb9, 0xc, 0x9, 0x4, 0x2}}, {0x0, 0x0, 0x0, 0x0, @tick=0x8, {}, {}, @note={0x0, 0x0, 0x0, 0x0, 0x4}}], 0x70)
unshare(0x4000400)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1ff)

kernel console output (not intermixed with test programs):

? fdget_pos+0x24e/0x320
[ 2467.015641][ T1636]  ksys_read+0x183/0x2b0
[ 2467.019887][ T1636]  ? __pfx_ksys_read+0x10/0x10
[ 2467.024652][ T1636]  ? do_syscall_64+0x100/0x230
[ 2467.029418][ T1636]  ? do_syscall_64+0xb6/0x230
[ 2467.034126][ T1636]  do_syscall_64+0xf3/0x230
[ 2467.038628][ T1636]  ? clear_bhb_loop+0x35/0x90
[ 2467.043333][ T1636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2467.049223][ T1636] RIP: 0033:0x7fa09717d15c
[ 2467.053633][ T1636] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[ 2467.073250][ T1636] RSP: 002b:00007fa097f67030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2467.081669][ T1636] RAX: ffffffffffffffda RBX: 00007fa097335f80 RCX: 00007fa09717d15c
[ 2467.089646][ T1636] RDX: 000000000000000f RSI: 00007fa097f670a0 RDI: 0000000000000004
[ 2467.097620][ T1636] RBP: 00007fa097f67090 R08: 0000000000000000 R09: 0000000000000000
[ 2467.105591][ T1636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2467.113558][ T1636] R13: 0000000000000000 R14: 00007fa097335f80 R15: 00007ffee8058168
[ 2467.121543][ T1636]  </TASK>
[ 2467.124853][T20386] usb 9-1: new high-speed USB device number 100 using dummy_hcd
[ 2467.304171][T20386] usb 9-1: Using ep0 maxpacket: 8
[ 2468.043204][T20386] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2468.053816][T20386] usb 9-1: config 0 has no interfaces?
[ 2468.059883][T20386] usb 9-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 2468.070707][T20386] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2468.188169][T20386] usb 9-1: config 0 descriptor??
[ 2468.594153][ T1629] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2468.602935][ T1629] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2468.673577][ T1649] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2468.713567][ T1649] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2469.084130][T20386] usb 9-1: string descriptor 0 read error: -71
[ 2469.108209][T20386] usb 9-1: USB disconnect, device number 100
[ 2469.267349][ T1667] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[ 2469.276427][ T1667] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[ 2470.291649][ T1683] netlink: 244 bytes leftover after parsing attributes in process `syz.7.7414'.
[ 2471.628982][ T1691] openvswitch: netlink: Key type 12312 is out of range max 32
[ 2473.032994][ T1713] sctp: [Deprecated]: syz.7.7425 (pid 1713) Use of int in max_burst socket option deprecated.
[ 2473.032994][ T1713] Use struct sctp_assoc_value instead
[ 2473.378812][ T1721] FAULT_INJECTION: forcing a failure.
[ 2473.378812][ T1721] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2473.548083][ T1721] CPU: 0 UID: 0 PID: 1721 Comm: syz.7.7428 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[ 2473.558823][ T1721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 2473.568903][ T1721] Call Trace:
[ 2473.572202][ T1721]  <TASK>
[ 2473.575148][ T1721]  dump_stack_lvl+0x241/0x360
[ 2473.579854][ T1721]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2473.585077][ T1721]  ? __pfx__printk+0x10/0x10
[ 2473.589714][ T1721]  should_fail_ex+0x3b0/0x4e0
[ 2473.594655][ T1721]  _copy_to_user+0x31/0xb0
[ 2473.599099][ T1721]  bpf_test_finish+0x212/0x890
[ 2473.603907][ T1721]  ? __pfx_bpf_test_finish+0x10/0x10
[ 2473.609221][ T1721]  ? convert___skb_to_skb+0x41/0x620
[ 2473.614526][ T1721]  ? convert_skb_to___skb+0x2d3/0x510
[ 2473.619920][ T1721]  bpf_prog_test_run_skb+0xfe5/0x1820
[ 2473.625329][ T1721]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 2473.631158][ T1721]  ? fput+0x1a8/0x230
[ 2473.635152][ T1721]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 2473.640972][ T1721]  bpf_prog_test_run+0x2e4/0x360
[ 2473.645933][ T1721]  __sys_bpf+0x48d/0x810
[ 2473.650191][ T1721]  ? __pfx___sys_bpf+0x10/0x10
[ 2473.654978][ T1721]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2473.661083][ T1721]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2473.667461][ T1721]  ? do_syscall_64+0x100/0x230
[ 2473.672269][ T1721]  __x64_sys_bpf+0x7c/0x90
[ 2473.676712][ T1721]  do_syscall_64+0xf3/0x230
[ 2473.681242][ T1721]  ? clear_bhb_loop+0x35/0x90
[ 2473.686033][ T1721]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2473.691941][ T1721] RIP: 0033:0x7fa09717e719
[ 2473.696374][ T1721] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2473.716001][ T1721] RSP: 002b:00007fa097f67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2473.724437][ T1721] RAX: ffffffffffffffda RBX: 00007fa097335f80 RCX: 00007fa09717e719
[ 2473.732424][ T1721] RDX: 0000000000000050 RSI: 00000000200002c0 RDI: 000000000000000a
[ 2473.740413][ T1721] RBP: 00007fa097f67090 R08: 0000000000000000 R09: 0000000000000000
[ 2473.748397][ T1721] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2473.756381][ T1721] R13: 0000000000000000 R14: 00007fa097335f80 R15: 00007ffee8058168
[ 2473.764389][ T1721]  </TASK>
[ 2474.329723][T20386] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[ 2474.508689][T20386] usb 5-1: Using ep0 maxpacket: 16
[ 2474.520737][T20386] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[ 2474.541088][T20386] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 0
[ 2474.561658][T20386] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x87 has invalid wMaxPacketSize 0
[ 2474.599289][T20386] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x87 has invalid maxpacket 0
[ 2474.631651][T20386] usb 5-1: New USB device found, idVendor=104f, idProduct=0004, bcdDevice=8f.af
[ 2474.641242][T20386] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2474.659298][T20386] usb 5-1: Product: syz
[ 2474.669364][T20386] usb 5-1: Manufacturer: syz
[ 2474.689245][T20386] usb 5-1: SerialNumber: syz
[ 2474.700901][T20386] usb 5-1: config 0 descriptor??
[ 2474.717260][T20386] iuu_phoenix 5-1:0.0: iuu_phoenix converter detected
[ 2474.736928][T20386] usb 5-1: iuu_phoenix converter now attached to ttyUSB0
[ 2475.289238][    T9] usb 5-1: USB disconnect, device number 11
[ 2475.299908][    T9] iuu_phoenix ttyUSB0: iuu_phoenix converter now disconnected from ttyUSB0
[ 2475.319888][    T9] iuu_phoenix 5-1:0.0: device disconnected
[ 2475.601729][ T1750] tc_dump_action: action bad kind
[ 2476.596261][ T1774] netlink: 'syz.6.7444': attribute type 10 has an invalid length.
[ 2477.116413][ T1774] team0: Device veth0_macvtap failed to register rx_handler
[ 2479.102105][ T1805] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7450'.
[ 2480.052603][ T1815] netlink: 'syz.8.7457': attribute type 10 has an invalid length.
[ 2480.635570][ T1826] netlink: 244 bytes leftover after parsing attributes in process `syz.4.7458'.
[ 2480.639174][ T1815] netlink: 40 bytes leftover after parsing attributes in process `syz.8.7457'.
[ 2480.839647][ T1818] bond2: entered promiscuous mode
[ 2480.864671][ T1818] bond2: entered allmulticast mode
[ 2480.893803][ T1818] 8021q: adding VLAN 0 to HW filter on device bond2
[ 2486.926752][T26743] usb 7-1: new high-speed USB device number 51 using dummy_hcd
[ 2487.148330][T26743] usb 7-1: Using ep0 maxpacket: 8
[ 2487.186315][T26743] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2487.375015][ T1893] FAULT_INJECTION: forcing a failure.
[ 2487.375015][ T1893] name failslab, interval 1, probability 0, space 0, times 0
[ 2487.387771][ T1893] CPU: 1 UID: 0 PID: 1893 Comm: syz.7.7475 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[ 2487.398466][ T1893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 2487.408538][ T1893] Call Trace:
[ 2487.411831][ T1893]  <TASK>
[ 2487.414780][ T1893]  dump_stack_lvl+0x241/0x360
[ 2487.419488][ T1893]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2487.424699][ T1893]  ? __pfx__printk+0x10/0x10
[ 2487.429307][ T1893]  ? fs_reclaim_acquire+0x93/0x130
[ 2487.434439][ T1893]  ? __pfx___might_resched+0x10/0x10
[ 2487.439745][ T1893]  should_fail_ex+0x3b0/0x4e0
[ 2487.444450][ T1893]  ? tomoyo_encode+0x26f/0x540
[ 2487.449241][ T1893]  should_failslab+0xac/0x100
[ 2487.453934][ T1893]  ? tomoyo_encode+0x26f/0x540
[ 2487.458721][ T1893]  __kmalloc_noprof+0xd8/0x400
[ 2487.463504][ T1893]  tomoyo_encode+0x26f/0x540
[ 2487.468119][ T1893]  tomoyo_realpath_from_path+0x59e/0x5e0
[ 2487.473783][ T1893]  tomoyo_path_number_perm+0x23a/0x880
[ 2487.479273][ T1893]  ? tomoyo_path_number_perm+0x208/0x880
[ 2487.484924][ T1893]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2487.490962][ T1893]  ? __fget_files+0x29/0x470
[ 2487.495576][ T1893]  ? __fget_files+0x3f3/0x470
[ 2487.500280][ T1893]  security_file_ioctl+0xc6/0x2a0
[ 2487.505328][ T1893]  __se_sys_ioctl+0x47/0x170
[ 2487.509942][ T1893]  do_syscall_64+0xf3/0x230
[ 2487.514462][ T1893]  ? clear_bhb_loop+0x35/0x90
[ 2487.519156][ T1893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2487.525062][ T1893] RIP: 0033:0x7fa09717e719
[ 2487.529666][ T1893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2487.549290][ T1893] RSP: 002b:00007fa097f25038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2487.557742][ T1893] RAX: ffffffffffffffda RBX: 00007fa097336130 RCX: 00007fa09717e719
[ 2487.565738][ T1893] RDX: 0000000020000200 RSI: 0000000040345632 RDI: 000000000000000b
[ 2487.573725][ T1893] RBP: 00007fa097f25090 R08: 0000000000000000 R09: 0000000000000000
[ 2487.581795][ T1893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2487.589787][ T1893] R13: 0000000000000000 R14: 00007fa097336130 R15: 00007ffee8058168
[ 2487.597795][ T1893]  </TASK>
[ 2487.601681][ T1893] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2487.752956][T26743] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2487.763928][T26743] usb 7-1: New USB device found, idVendor=04d8, idProduct=f002, bcdDevice= 0.00
[ 2487.773122][T26743] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2487.805931][T26743] usb 7-1: config 0 descriptor??
[ 2488.319415][T26743] hid-picolcd 0003:04D8:F002.001B: No report with id 0xf3 found
[ 2489.129210][T26743] hid-picolcd 0003:04D8:F002.001B: No report with id 0xf4 found
[ 2489.169479][T26743] usb 7-1: USB disconnect, device number 51
[ 2494.259789][   T29] audit: type=1400 audit(1731609724.709:1919): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="?" object="_" requested=w pid=1945 comm="syz.7.7492" daddr=255.255.255.255 dest=20002
[ 2494.488056][T26725] Bluetooth: hci4: ACL packet for unknown connection handle 200
[ 2494.543236][ T1958] netlink: 48 bytes leftover after parsing attributes in process `syz.7.7494'.
[ 2495.362356][ T1958] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 2495.717874][ T1971] netlink: 244 bytes leftover after parsing attributes in process `syz.7.7498'.
[ 2497.352340][ T1981] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[ 2497.363013][ T1981] netlink: 'syz.4.7501': attribute type 10 has an invalid length.
[ 2497.410108][ T1981] bridge0: port 3(team0) entered disabled state
[ 2497.508161][ T1981] team0: left allmulticast mode
[ 2497.513530][ T1981] team_slave_0: left allmulticast mode
[ 2497.519191][ T1981] team_slave_1: left allmulticast mode
[ 2497.524685][ T1981] team0: left promiscuous mode
[ 2497.529528][ T1981] team_slave_0: left promiscuous mode
[ 2497.535549][ T1981] team_slave_1: left promiscuous mode
[ 2497.541257][ T1981] bridge0: port 3(team0) entered disabled state
[ 2497.712088][ T1981] batman_adv: batadv0: Adding interface: team0
[ 2497.718308][ T1981] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2497.744248][ T1981] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 2497.768892][ T1982] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[ 2497.779408][ T1982] macvtap1: entered promiscuous mode
[ 2497.785827][ T1982] macvtap1: entered allmulticast mode
[ 2497.856898][ T1982] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[ 2497.880282][ T1982] netdevsim netdevsim0 netdevsim0: left allmulticast mode
[ 2497.899355][ T1982] netdevsim netdevsim0 netdevsim0: left promiscuous mode
[ 2500.045799][ T2008] syz.6.7509[2008] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2500.045924][ T2008] syz.6.7509[2008] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2500.124126][ T2008] syz.6.7509[2008] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2500.152860][ T2012] netlink: 244 bytes leftover after parsing attributes in process `syz.4.7510'.
[ 2501.598889][ T2039] netlink: 'syz.0.7516': attribute type 1 has an invalid length.
[ 2501.607003][ T2039] netlink: 112865 bytes leftover after parsing attributes in process `syz.0.7516'.
[ 2501.632050][ T2039] netlink: 256 bytes leftover after parsing attributes in process `syz.0.7516'.
[ 2502.994000][ T2048] netlink: 36 bytes leftover after parsing attributes in process `syz.4.7519'.
[ 2503.451348][ T2056] syz.4.7523[2056] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2503.451473][ T2056] syz.4.7523[2056] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2503.456839][ T2055] team0: entered promiscuous mode
[ 2503.481036][ T2056] syz.4.7523[2056] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2503.520936][ T2055] team_slave_0: entered promiscuous mode
[ 2503.558883][ T2063] netlink: 244 bytes leftover after parsing attributes in process `syz.7.7524'.
[ 2503.573569][ T2055] team_slave_1: entered promiscuous mode
[ 2504.192415][   T29] audit: type=1326 audit(1731609734.749:1920): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2073 comm="syz.7.7528" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa09717e719 code=0x0
[ 2504.218015][ T2052] team0: left promiscuous mode
[ 2504.231220][ T2052] team_slave_0: left promiscuous mode
[ 2504.251489][ T2052] team_slave_1: left promiscuous mode
[ 2504.745748][ T2087] syzkaller1: entered promiscuous mode
[ 2504.771896][ T2087] syzkaller1: entered allmulticast mode
[ 2505.785769][ T2099] syz.0.7535[2099] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2505.785890][ T2099] syz.0.7535[2099] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2505.823092][ T2106] netlink: 244 bytes leftover after parsing attributes in process `syz.7.7536'.
[ 2505.852054][ T2099] syz.0.7535[2099] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 2507.438477][ T2119] Process accounting resumed
[ 2507.479330][ T2119] kernel write not supported for file /asound/timers (pid: 2119 comm: syz.0.7540)
[ 2508.596819][ T2145] netlink: 244 bytes leftover after parsing attributes in process `syz.6.7548'.
[ 2508.749299][T13453] usb 1-1: new high-speed USB device number 106 using dummy_hcd
[ 2508.919311][T13453] usb 1-1: Using ep0 maxpacket: 32
[ 2508.940604][T13453] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2508.965954][T13453] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2509.000462][T13453] usb 1-1: New USB device found, idVendor=1e71, idProduct=200f, bcdDevice= 0.00
[ 2509.024795][T13453] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2509.059225][T13453] usb 1-1: config 0 descriptor??
[ 2509.167457][ T2161] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7552'.
[ 2510.387536][ T2165] FAULT_INJECTION: forcing a failure.
[ 2510.387536][ T2165] name failslab, interval 1, probability 0, space 0, times 0
[ 2510.401561][ T2165] CPU: 0 UID: 0 PID: 2165 Comm: syz.4.7553 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[ 2510.412291][ T2165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 2510.422337][ T2165] Call Trace:
[ 2510.425602][ T2165]  <TASK>
[ 2510.428536][ T2165]  dump_stack_lvl+0x241/0x360
[ 2510.433231][ T2165]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2510.438423][ T2165]  ? __pfx__printk+0x10/0x10
[ 2510.443007][ T2165]  ? fs_reclaim_acquire+0x93/0x130
[ 2510.448125][ T2165]  ? __pfx___might_resched+0x10/0x10
[ 2510.453400][ T2165]  should_fail_ex+0x3b0/0x4e0
[ 2510.458065][ T2165]  ? tomoyo_encode+0x26f/0x540
[ 2510.462842][ T2165]  should_failslab+0xac/0x100
[ 2510.467543][ T2165]  ? tomoyo_encode+0x26f/0x540
[ 2510.472312][ T2165]  __kmalloc_noprof+0xd8/0x400
[ 2510.477074][ T2165]  tomoyo_encode+0x26f/0x540
[ 2510.481669][ T2165]  tomoyo_realpath_from_path+0x59e/0x5e0
[ 2510.487311][ T2165]  tomoyo_path_number_perm+0x23a/0x880
[ 2510.492775][ T2165]  ? tomoyo_path_number_perm+0x208/0x880
[ 2510.498431][ T2165]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2510.504435][ T2165]  ? __fget_files+0x29/0x470
[ 2510.509038][ T2165]  ? __fget_files+0x3f3/0x470
[ 2510.513734][ T2165]  security_file_ioctl+0xc6/0x2a0
[ 2510.518769][ T2165]  __se_sys_ioctl+0x47/0x170
[ 2510.523362][ T2165]  do_syscall_64+0xf3/0x230
[ 2510.527868][ T2165]  ? clear_bhb_loop+0x35/0x90
[ 2510.532543][ T2165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2510.538436][ T2165] RIP: 0033:0x7f8ab897e719
[ 2510.542850][ T2165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2510.562452][ T2165] RSP: 002b:00007f8ab9793038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2510.570866][ T2165] RAX: ffffffffffffffda RBX: 00007f8ab8b36058 RCX: 00007f8ab897e719
[ 2510.578835][ T2165] RDX: 0000000020000080 RSI: 0000000040045612 RDI: 0000000000000005
[ 2510.586800][ T2165] RBP: 00007f8ab9793090 R08: 0000000000000000 R09: 0000000000000000
[ 2510.594765][ T2165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2510.602730][ T2165] R13: 0000000000000000 R14: 00007f8ab8b36058 R15: 00007ffe12096c38
[ 2510.610711][ T2165]  </TASK>
[ 2510.613769][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2510.623213][ T2165] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2510.719215][ T2168] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2510.763444][ T2168] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2511.658708][ T2179] syz.6.7556 (2179) used greatest stack depth: 16304 bytes left
[ 2511.823600][ T2190] netlink: 'syz.7.7559': attribute type 1 has an invalid length.
[ 2511.831634][ T2190] netlink: 112865 bytes leftover after parsing attributes in process `syz.7.7559'.
[ 2511.845941][ T2190] netlink: 256 bytes leftover after parsing attributes in process `syz.7.7559'.
[ 2512.678698][T13453] usbhid 1-1:0.0: can't add hid device: -71
[ 2512.684998][T13453] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 2512.709225][T13453] usb 1-1: USB disconnect, device number 106
[ 2512.714922][ T2192] netlink: 244 bytes leftover after parsing attributes in process `syz.7.7560'.
[ 2514.660535][ T2208] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7564'.
[ 2515.946716][ T2217] FAULT_INJECTION: forcing a failure.
[ 2515.946716][ T2217] name failslab, interval 1, probability 0, space 0, times 0
[ 2516.056417][ T2217] CPU: 1 UID: 0 PID: 2217 Comm: syz.7.7568 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[ 2516.067160][ T2217] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 2516.077248][ T2217] Call Trace:
[ 2516.080586][ T2217]  <TASK>
[ 2516.083541][ T2217]  dump_stack_lvl+0x241/0x360
[ 2516.088241][ T2217]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2516.093469][ T2217]  ? __pfx__printk+0x10/0x10
[ 2516.098086][ T2217]  ? irqentry_exit+0x63/0x90
[ 2516.102676][ T2217]  ? __pfx___might_resched+0x10/0x10
[ 2516.107962][ T2217]  should_fail_ex+0x3b0/0x4e0
[ 2516.112655][ T2217]  should_failslab+0xac/0x100
[ 2516.117340][ T2217]  ? __alloc_skb+0x1c3/0x440
[ 2516.121944][ T2217]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 2516.127771][ T2217]  __alloc_skb+0x1c3/0x440
[ 2516.132183][ T2217]  ? __pfx___alloc_skb+0x10/0x10
[ 2516.137118][ T2217]  netlink_dump+0x2cd/0xd80
[ 2516.141624][ T2217]  ? __pfx_netlink_dump+0x10/0x10
[ 2516.146685][ T2217]  ? __pfx_nfnl_acct_start+0x10/0x10
[ 2516.151969][ T2217]  ? __rcu_read_unlock+0xa1/0x110
[ 2516.156993][ T2217]  __netlink_dump_start+0x5a2/0x790
[ 2516.162188][ T2217]  nfnl_acct_get+0x27c/0x580
[ 2516.166775][ T2217]  ? __pfx_nfnl_acct_get+0x10/0x10
[ 2516.171881][ T2217]  ? __pfx_nfnl_acct_start+0x10/0x10
[ 2516.177160][ T2217]  ? __pfx_nfnl_acct_dump+0x10/0x10
[ 2516.182353][ T2217]  ? __pfx_nfnl_acct_done+0x10/0x10
[ 2516.187554][ T2217]  ? nfnetlink_rcv_msg+0x225/0x1180
[ 2516.192747][ T2217]  nfnetlink_rcv_msg+0xbec/0x1180
[ 2516.197764][ T2217]  ? nfnetlink_rcv_msg+0x225/0x1180
[ 2516.202964][ T2217]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 2516.208454][ T2217]  netlink_rcv_skb+0x1e3/0x430
[ 2516.213212][ T2217]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 2516.218667][ T2217]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2516.223951][ T2217]  ? __pfx___sanitizer_cov_trace_pc+0x10/0x10
[ 2516.230036][ T2217]  ? bpf_lsm_capable+0x9/0x10
[ 2516.234718][ T2217]  ? security_capable+0x7e/0x2d0
[ 2516.239662][ T2217]  nfnetlink_rcv+0x297/0x2ab0
[ 2516.244344][ T2217]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2516.250323][ T2217]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2516.256650][ T2217]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[ 2516.262541][ T2217]  ? lockdep_hardirqs_on+0x99/0x150
[ 2516.267741][ T2217]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 2516.272866][ T2217]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 2516.278852][ T2217]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2516.285188][ T2217]  ? rcu_preempt_deferred_qs_irqrestore+0x87b/0xc70
[ 2516.291819][ T2217]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[ 2516.298798][ T2217]  ? rcu_is_watching+0x15/0xb0
[ 2516.303565][ T2217]  ? rcu_read_unlock_special+0x497/0x570
[ 2516.309199][ T2217]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2516.314389][ T2217]  ? skb_clone+0x240/0x390
[ 2516.318821][ T2217]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[ 2516.324818][ T2217]  ? __netlink_deliver_tap+0x77e/0x7c0
[ 2516.330303][ T2217]  ? __rcu_read_unlock+0xa1/0x110
[ 2516.335347][ T2217]  netlink_unicast+0x7f6/0x990
[ 2516.340118][ T2217]  ? __pfx_netlink_unicast+0x10/0x10
[ 2516.345407][ T2217]  ? __virt_addr_valid+0x183/0x530
[ 2516.350545][ T2217]  ? __check_object_size+0x48e/0x900
[ 2516.355847][ T2217]  netlink_sendmsg+0x8e4/0xcb0
[ 2516.360623][ T2217]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2516.365911][ T2217]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2516.371379][ T2217]  __sock_sendmsg+0x221/0x270
[ 2516.376052][ T2217]  ____sys_sendmsg+0x52a/0x7e0
[ 2516.380814][ T2217]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2516.386102][ T2217]  __sys_sendmsg+0x292/0x380
[ 2516.390686][ T2217]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2516.395823][ T2217]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2516.402166][ T2217]  ? do_syscall_64+0x100/0x230
[ 2516.406944][ T2217]  ? do_syscall_64+0xb6/0x230
[ 2516.411623][ T2217]  do_syscall_64+0xf3/0x230
[ 2516.416129][ T2217]  ? clear_bhb_loop+0x35/0x90
[ 2516.420825][ T2217]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2516.426742][ T2217] RIP: 0033:0x7fa09717e719
[ 2516.431168][ T2217] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2516.450767][ T2217] RSP: 002b:00007fa097f67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2516.459178][ T2217] RAX: ffffffffffffffda RBX: 00007fa097335f80 RCX: 00007fa09717e719
[ 2516.467141][ T2217] RDX: 0000000020004890 RSI: 0000000020000ac0 RDI: 0000000000000003
[ 2516.475540][ T2217] RBP: 00007fa097f67090 R08: 0000000000000000 R09: 0000000000000000
[ 2516.483512][ T2217] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2516.491492][ T2217] R13: 0000000000000000 R14: 00007fa097335f80 R15: 00007ffee8058168
[ 2516.499466][ T2217]  </TASK>
[ 2517.197118][ T2224] netlink: 'syz.7.7570': attribute type 1 has an invalid length.
[ 2517.205140][ T2224] netlink: 112865 bytes leftover after parsing attributes in process `syz.7.7570'.
[ 2517.215434][ T2224] netlink: 256 bytes leftover after parsing attributes in process `syz.7.7570'.
[ 2517.243354][ T2229] netlink: 244 bytes leftover after parsing attributes in process `syz.8.7569'.
[ 2519.056656][ T2252] netlink: 8 bytes leftover after parsing attributes in process `syz.7.7575'.
[ 2520.407792][ T2262] sp0: Synchronizing with TNC
[ 2520.415446][ T2262] IPv6: addrconf: prefix option has invalid lifetime
[ 2521.400446][ T2283] netlink: 244 bytes leftover after parsing attributes in process `syz.8.7584'.
[ 2521.569391][ T2285] netlink: 'syz.0.7585': attribute type 1 has an invalid length.
[ 2521.577275][ T2285] netlink: 112865 bytes leftover after parsing attributes in process `syz.0.7585'.
[ 2521.588287][ T2285] netlink: 256 bytes leftover after parsing attributes in process `syz.0.7585'.
[ 2522.223976][ T2288] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7587'.
[ 2522.233947][ T2288] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7587'.
[ 2522.558301][ T2297] fuse: root generation should be zero
[ 2523.191411][ T2294] Process accounting resumed
[ 2524.103290][ T2328] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[ 2524.122562][ T2328] netlink: 'syz.0.7596': attribute type 10 has an invalid length.
[ 2524.690875][ T2328] batman_adv: batadv0: Adding interface: team0
[ 2524.697113][ T2328] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2524.722495][ T2328] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 2526.251744][ T2335] netlink: 244 bytes leftover after parsing attributes in process `syz.6.7600'.
[ 2526.767971][ T2346] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[ 2526.782044][ T2346] netlink: 'syz.8.7601': attribute type 10 has an invalid length.
[ 2527.380349][ T2346] batman_adv: batadv0: Adding interface: team0
[ 2527.386564][ T2346] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2527.411939][ T2346] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 2527.980891][T13453] usb 1-1: new high-speed USB device number 107 using dummy_hcd
[ 2528.616922][T13453] usb 1-1: New USB device found, idVendor=04a5, idProduct=3035, bcdDevice=b8.ef
[ 2528.684722][T13453] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2528.837306][T13453] usb 1-1: Product: syz
[ 2528.842410][T13453] usb 1-1: Manufacturer: syz
[ 2528.847257][T13453] usb 1-1: SerialNumber: syz
[ 2528.860567][T13453] usb 1-1: config 0 descriptor??
[ 2529.777145][T13453] gspca_main: benq-2.14.0 probing 04a5:3035
[ 2531.873221][ T5881] usb 1-1: USB disconnect, device number 107
[ 2532.635839][ T2402] netlink: 244 bytes leftover after parsing attributes in process `syz.4.7615'.
[ 2533.303563][ T2407] overlayfs: failed to resolve './file0': -2
[ 2533.499301][ T2410] fuseblk: Bad value for 'user_id'
[ 2533.504641][ T2410] fuseblk: Bad value for 'user_id'
[ 2537.729253][T20387] usb 9-1: new high-speed USB device number 101 using dummy_hcd
[ 2537.979831][T20387] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2538.158022][T20387] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2538.168475][T20387] usb 9-1: New USB device found, idVendor=056a, idProduct=00d0, bcdDevice= 0.00
[ 2538.177897][T20387] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2538.665540][T20387] usb 9-1: config 0 descriptor??
[ 2539.638888][T20387] wacom 0003:056A:00D0.001C: Unknown device_type for 'HID 056a:00d0'. Assuming pen.
[ 2539.663611][T20387] wacom 0003:056A:00D0.001C: hidraw0: USB HID v0.00 Device [HID 056a:00d0] on usb-dummy_hcd.8-1/input0
[ 2539.688497][T20387] input: Wacom Bamboo 2FG Pen as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:056A:00D0.001C/input/input171
[ 2540.509188][T20387] usb 9-1: USB disconnect, device number 101
[ 2540.669265][T26743] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[ 2541.120845][T26743] usb 5-1: config 255 has an invalid interface number: 225 but max is 0
[ 2541.804507][T26743] usb 5-1: config 255 has no interface number 0
[ 2541.901939][T26743] usb 5-1: config 255 interface 225 has no altsetting 0
[ 2542.023731][T26743] usb 5-1: New USB device found, idVendor=045e, idProduct=045a, bcdDevice=a1.60
[ 2542.033375][T26743] usb 5-1: New USB device strings: Mfr=33, Product=2, SerialNumber=3
[ 2542.053595][T26743] usb 5-1: Product: syz
[ 2542.057852][T26743] usb 5-1: Manufacturer: syz
[ 2542.069180][T26743] usb 5-1: SerialNumber: syz
[ 2542.645720][T26743] usb 5-1: USB disconnect, device number 12
[ 2544.731839][ T2552] UBIFS error (pid: 2552): cannot open "/dev/sg0", error -22
[ 2544.787588][ T2553] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7653'.
[ 2545.295080][ T2567] netlink: 'syz.0.7655': attribute type 10 has an invalid length.
[ 2545.555934][ T2569] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[ 2545.566733][ T2569] netlink: 'syz.7.7656': attribute type 10 has an invalid length.
[ 2546.182216][ T2569] batman_adv: batadv0: Adding interface: team0
[ 2546.188469][ T2569] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2546.214570][ T2569] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 2546.301798][ T2576] netlink: 'syz.4.7657': attribute type 21 has an invalid length.
[ 2546.344071][ T2576] netlink: 'syz.4.7657': attribute type 6 has an invalid length.
[ 2546.375635][ T2576] netlink: 132 bytes leftover after parsing attributes in process `syz.4.7657'.
[ 2547.632289][ T5881] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[ 2548.479986][ T5881] usb 5-1: too many configurations: 9, using maximum allowed: 8
[ 2548.579367][ T5881] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2548.612010][ T5881] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2548.650571][ T2605] netlink: 9 bytes leftover after parsing attributes in process `syz.0.7664'.
[ 2548.675123][ T5881] usb 5-1: config 0 interface 0 has no altsetting 0
[ 2548.689554][ T2605] 0·: renamed from hsr0 (while UP)
[ 2548.707301][ T5881] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2548.817777][ T2605] 0·: entered promiscuous mode
[ 2548.828803][ T2605] A link change request failed with some changes committed already. Interface 
70· may have been left with an inconsistent configuration, please check.
[ 2548.848864][ T5881] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2548.901394][ T5881] usb 5-1: config 0 interface 0 has no altsetting 0
[ 2548.929880][ T5881] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2548.969347][ T5881] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2548.983943][ T5881] usb 5-1: config 0 interface 0 has no altsetting 0
[ 2549.218429][ T5881] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2549.234981][ T5881] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2549.275226][ T5881] usb 5-1: config 0 interface 0 has no altsetting 0
[ 2549.336862][ T5881] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2549.446108][ T5881] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2549.695295][ T5881] usb 5-1: config 0 interface 0 has no altsetting 0
[ 2549.944752][ T5881] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2549.957419][ T5881] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2550.039280][ T5881] usb 5-1: config 0 interface 0 has no altsetting 0
[ 2550.138026][ T5881] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2550.155258][ T5881] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2550.169307][ T5881] usb 5-1: config 0 interface 0 has no altsetting 0
[ 2550.177165][ T5881] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 2550.188875][ T5881] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 2550.205067][ T5881] usb 5-1: config 0 interface 0 has no altsetting 0
[ 2550.214582][ T5881] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 2550.231588][ T5881] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 2550.261047][ T5881] usb 5-1: Product: syz
[ 2550.397380][ T2646] netlink: 'syz.7.7671': attribute type 21 has an invalid length.
[ 2550.457960][ T5881] usb 5-1: Manufacturer: syz
[ 2550.463241][ T5881] usb 5-1: SerialNumber: syz
[ 2550.470418][ T5881] usb 5-1: config 0 descriptor??
[ 2550.470814][ T2646] netlink: 'syz.7.7671': attribute type 6 has an invalid length.
[ 2550.476863][ T5881] usb 5-1: can't set config #0, error -71
[ 2550.504272][ T5881] usb 5-1: USB disconnect, device number 13
[ 2550.512315][ T2648] kernel read not supported for file / 
 (pid: 2648 comm: syz.0.7673)
[ 2551.494600][ T2646] netlink: 132 bytes leftover after parsing attributes in process `syz.7.7671'.
[ 2551.519824][   T29] audit: type=1800 audit(1731609782.069:1921): pid=2648 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.7673" name=2001 dev="mqueue" ino=135005 res=0 errno=0
[ 2551.666351][ T2655] netlink: 'syz.0.7673': attribute type 10 has an invalid length.
[ 2552.491690][ T2655] syz_tun: entered promiscuous mode
[ 2552.536713][ T2655] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[ 2552.580136][ T2653] netlink: 'syz.4.7674': attribute type 10 has an invalid length.
[ 2553.624812][ T2669] Process accounting paused
[ 2553.790754][ T2678] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2553.814119][ T2678] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 2554.034112][ T2685] netlink: 244 bytes leftover after parsing attributes in process `syz.7.7679'.
[ 2554.927956][ T2688] FAULT_INJECTION: forcing a failure.
[ 2554.927956][ T2688] name failslab, interval 1, probability 0, space 0, times 0
[ 2555.014659][ T2688] CPU: 0 UID: 0 PID: 2688 Comm: syz.7.7683 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[ 2555.025395][ T2688] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 2555.035482][ T2688] Call Trace:
[ 2555.038791][ T2688]  <TASK>
[ 2555.041763][ T2688]  dump_stack_lvl+0x241/0x360
[ 2555.046476][ T2688]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2555.051712][ T2688]  ? __pfx__printk+0x10/0x10
[ 2555.056346][ T2688]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[ 2555.062419][ T2688]  ? __pfx___might_resched+0x10/0x10
[ 2555.067749][ T2688]  should_fail_ex+0x3b0/0x4e0
[ 2555.073505][ T2688]  should_failslab+0xac/0x100
[ 2555.078223][ T2688]  ? __alloc_skb+0x1c3/0x440
[ 2555.082846][ T2688]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 2555.088687][ T2688]  __alloc_skb+0x1c3/0x440
[ 2555.093137][ T2688]  ? __pfx___alloc_skb+0x10/0x10
[ 2555.098108][ T2688]  ? netlink_ack_tlv_len+0x6e/0x200
[ 2555.103422][ T2688]  netlink_ack+0x13f/0xa30
[ 2555.107884][ T2688]  ? __pfx_lock_acquire+0x10/0x10
[ 2555.112921][ T2688]  ? __pfx_devlink_nl_param_set_doit+0x10/0x10
[ 2555.119098][ T2688]  ? __pfx_devlink_nl_post_doit+0x10/0x10
[ 2555.124836][ T2688]  netlink_rcv_skb+0x262/0x430
[ 2555.129596][ T2688]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2555.134617][ T2688]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2555.139929][ T2688]  ? __netlink_deliver_tap+0x77e/0x7c0
[ 2555.145399][ T2688]  genl_rcv+0x28/0x40
[ 2555.149383][ T2688]  netlink_unicast+0x7f6/0x990
[ 2555.154147][ T2688]  ? __pfx_netlink_unicast+0x10/0x10
[ 2555.159427][ T2688]  ? __virt_addr_valid+0x183/0x530
[ 2555.164547][ T2688]  ? __check_object_size+0x48e/0x900
[ 2555.169872][ T2688]  netlink_sendmsg+0x8e4/0xcb0
[ 2555.174661][ T2688]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2555.180050][ T2688]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2555.185339][ T2688]  __sock_sendmsg+0x221/0x270
[ 2555.190022][ T2688]  ____sys_sendmsg+0x52a/0x7e0
[ 2555.194791][ T2688]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2555.200087][ T2688]  __sys_sendmsg+0x292/0x380
[ 2555.204697][ T2688]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2555.209826][ T2688]  ? __pfx_vfs_write+0x10/0x10
[ 2555.214603][ T2688]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2555.220936][ T2688]  ? do_syscall_64+0x100/0x230
[ 2555.225702][ T2688]  ? do_syscall_64+0xb6/0x230
[ 2555.230403][ T2688]  do_syscall_64+0xf3/0x230
[ 2555.234910][ T2688]  ? clear_bhb_loop+0x35/0x90
[ 2555.239582][ T2688]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2555.245478][ T2688] RIP: 0033:0x7fa09717e719
[ 2555.249894][ T2688] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2555.269512][ T2688] RSP: 002b:00007fa097f67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2555.277956][ T2688] RAX: ffffffffffffffda RBX: 00007fa097335f80 RCX: 00007fa09717e719
[ 2555.285928][ T2688] RDX: 0000000000000000 RSI: 0000000020000640 RDI: 0000000000000003
[ 2555.293903][ T2688] RBP: 00007fa097f67090 R08: 0000000000000000 R09: 0000000000000000
[ 2555.301873][ T2688] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2555.309888][ T2688] R13: 0000000000000000 R14: 00007fa097335f80 R15: 00007ffee8058168
[ 2555.317886][ T2688]  </TASK>
[ 2555.707815][ T2701] netlink: 'syz.6.7685': attribute type 21 has an invalid length.
[ 2555.737045][ T2701] netlink: 'syz.6.7685': attribute type 6 has an invalid length.
[ 2555.796852][ T2701] netlink: 132 bytes leftover after parsing attributes in process `syz.6.7685'.
[ 2556.430225][ T2715] netlink: 268 bytes leftover after parsing attributes in process `syz.4.7688'.
[ 2556.439450][ T2715] openvswitch: netlink: Flow set message rejected, Key attribute missing.
[ 2557.926941][ T2728] netlink: 'syz.4.7691': attribute type 10 has an invalid length.
[ 2558.115633][ T2736] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2558.124711][ T2736] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 2558.489315][ T2741] netlink: 244 bytes leftover after parsing attributes in process `syz.6.7693'.
[ 2562.110076][ T2779] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2562.133761][ T2779] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 2562.814834][ T2793] netlink: 244 bytes leftover after parsing attributes in process `syz.7.7706'.
[ 2562.932681][ T2790] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7708'.
[ 2565.023506][ T2829] netlink: 244 bytes leftover after parsing attributes in process `syz.4.7717'.
[ 2565.284129][ T2839] netlink: 'syz.6.7715': attribute type 10 has an invalid length.
[ 2565.906834][ T2851] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7720'.
[ 2570.125034][ T2887] netlink: 244 bytes leftover after parsing attributes in process `syz.4.7731'.
[ 2571.074292][ T2898] UBIFS error (pid: 2898): cannot open "/dev/sg0", error -22
[ 2571.139604][ T2903] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7732'.
[ 2572.352420][ T2915] netlink: 40 bytes leftover after parsing attributes in process `syz.8.7735'.
[ 2572.369495][ T2917] netlink: 'syz.4.7734': attribute type 21 has an invalid length.
[ 2572.538474][ T2917] netlink: 'syz.4.7734': attribute type 6 has an invalid length.
[ 2572.546600][ T2917] netlink: 132 bytes leftover after parsing attributes in process `syz.4.7734'.
[ 2573.647767][ T2930] netlink: 'syz.7.7739': attribute type 10 has an invalid length.
[ 2573.680084][ T2930] team0: Device veth0_macvtap failed to register rx_handler
[ 2573.705473][ T2933] FAULT_INJECTION: forcing a failure.
[ 2573.705473][ T2933] name failslab, interval 1, probability 0, space 0, times 0
[ 2573.719688][ T2933] CPU: 0 UID: 0 PID: 2933 Comm: syz.7.7739 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[ 2573.730407][ T2933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 2573.740487][ T2933] Call Trace:
[ 2573.743782][ T2933]  <TASK>
[ 2573.746728][ T2933]  dump_stack_lvl+0x241/0x360
[ 2573.751439][ T2933]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2573.756657][ T2933]  ? __pfx__printk+0x10/0x10
[ 2573.761292][ T2933]  should_fail_ex+0x3b0/0x4e0
[ 2573.766005][ T2933]  ? radix_tree_node_alloc+0x8b/0x3c0
[ 2573.771395][ T2933]  should_failslab+0xac/0x100
[ 2573.776087][ T2933]  ? radix_tree_node_alloc+0x8b/0x3c0
[ 2573.781473][ T2933]  kmem_cache_alloc_noprof+0x6c/0x2a0
[ 2573.786864][ T2933]  radix_tree_node_alloc+0x8b/0x3c0
[ 2573.792087][ T2933]  idr_get_free+0x296/0xab0
[ 2573.796618][ T2933]  idr_alloc_u32+0x195/0x330
[ 2573.801235][ T2933]  ? __pfx_idr_alloc_u32+0x10/0x10
[ 2573.806378][ T2933]  ? l2tp_session_register+0x109/0xf30
[ 2573.811859][ T2933]  l2tp_session_register+0x2d2/0xf30
[ 2573.817161][ T2933]  ? lockdep_init_map_type+0xa1/0x910
[ 2573.822559][ T2933]  ? pppol2tp_connect+0xe75/0x1940
[ 2573.827691][ T2933]  ? __pfx___mutex_lock+0x10/0x10
[ 2573.832748][ T2933]  ? __pfx_l2tp_session_register+0x10/0x10
[ 2573.838570][ T2933]  ? __raw_spin_lock_init+0x45/0x100
[ 2573.843890][ T2933]  pppol2tp_connect+0xe82/0x1940
[ 2573.848862][ T2933]  ? __pfx_pppol2tp_connect+0x10/0x10
[ 2573.854254][ T2933]  ? tomoyo_socket_connect_permission+0x1d0/0x370
[ 2573.860724][ T2933]  ? __pfx_pppol2tp_connect+0x10/0x10
[ 2573.866121][ T2933]  __sys_connect+0x2d1/0x300
[ 2573.870735][ T2933]  ? __pfx___sys_connect+0x10/0x10
[ 2573.875874][ T2933]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2573.882230][ T2933]  ? do_syscall_64+0x100/0x230
[ 2573.887021][ T2933]  __x64_sys_connect+0x7a/0x90
[ 2573.891803][ T2933]  do_syscall_64+0xf3/0x230
[ 2573.896323][ T2933]  ? clear_bhb_loop+0x35/0x90
[ 2573.901022][ T2933]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2573.906943][ T2933] RIP: 0033:0x7fa09717e719
[ 2573.911375][ T2933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2573.931008][ T2933] RSP: 002b:00007fa097f46038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 2573.939460][ T2933] RAX: ffffffffffffffda RBX: 00007fa097336058 RCX: 00007fa09717e719
[ 2573.947443][ T2933] RDX: 0000000000000032 RSI: 0000000020000240 RDI: 0000000000000008
[ 2573.955426][ T2933] RBP: 00007fa097f46090 R08: 0000000000000000 R09: 0000000000000000
[ 2573.963414][ T2933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2573.971404][ T2933] R13: 0000000000000001 R14: 00007fa097336058 R15: 00007ffee8058168
[ 2573.979411][ T2933]  </TASK>
[ 2575.404532][ T2945] UBIFS error (pid: 2945): cannot open "/dev/sg0", error -22
[ 2575.500855][ T2949] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7744'.
[ 2576.847767][ T2956] netlink: 'syz.0.7745': attribute type 3 has an invalid length.
[ 2577.154739][ T2963] x_tables: ip_tables: osf match: only valid for protocol 6
[ 2578.876244][ T5881] hid (null): unknown global tag 0x5a
[ 2578.883597][ T5881] hid (null): unknown global tag 0x93
[ 2578.900272][ T5881] hid (null): invalid report_size 1680064834
[ 2579.059110][ T5881] hid (null): unknown global tag 0xe
[ 2579.920899][ T5881] hid (null): invalid report_count 1626521296
[ 2579.927066][ T5881] hid (null): unknown global tag 0xc
[ 2579.937989][ T5881] hid (null): unknown global tag 0xc
[ 2579.943517][ T5881] hid (null): bogus close delimiter
[ 2579.948744][ T5881] hid (null): unknown global tag 0xd
[ 2579.954165][ T5881] hid (null): invalid report_size 40569
[ 2579.959868][ T5881] hid (null): unknown global tag 0x19
[ 2579.965473][ T5881] hid (null): invalid report_count 45063
[ 2579.970789][ T2975] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(11)
[ 2579.972148][ T5881] hid (null): report_id 0 is invalid
[ 2579.977782][ T2975] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 2579.983141][ T5881] hid (null): invalid report_count -343679912
[ 2579.996898][ T5881] hid (null): unknown global tag 0xd
[ 2580.002370][ T5881] hid (null): unknown global tag 0xc
[ 2580.007723][ T5881] hid (null): unknown global tag 0xe
[ 2580.013120][ T5881] hid (null): unknown global tag 0x58
[ 2580.018856][ T5881] hid (null): unknown global tag 0xe
[ 2580.028338][ T5881] hid (null): unknown global tag 0xd
[ 2580.033940][ T5881] hid (null): unknown global tag 0xe
[ 2580.045975][ T5881] hid (null): unknown global tag 0x21
[ 2580.054178][ T5881] hid (null): unknown global tag 0xc
[ 2580.060881][ T5881] hid (null): global environment stack underflow
[ 2580.068378][ T5881] hid (null): unknown global tag 0xd
[ 2580.074006][ T2975] vhci_hcd vhci_hcd.0: Device attached
[ 2580.074037][ T2982] vhci_hcd: connection closed
[ 2580.089239][ T5881] hid (null): bogus close delimiter
[ 2580.114589][ T6210] vhci_hcd: stop threads
[ 2580.129211][ T5881] hid (null): report_id 46709 is invalid
[ 2580.134907][ T5881] hid (null): report_id 438453108 is invalid
[ 2580.160569][ T5881] hid (null): unknown global tag 0xc
[ 2580.165937][ T5881] hid (null): unknown global tag 0xc
[ 2580.189235][ T5881] hid (null): global environment stack underflow
[ 2580.195643][ T5881] hid (null): invalid report_size 51265
[ 2580.220583][ T5881] hid (null): unknown global tag 0xd
[ 2580.233731][ T6210] vhci_hcd: release socket
[ 2580.238504][ T5881] hid (null): report_id 0 is invalid
[ 2580.264756][ T6210] vhci_hcd: disconnect device
[ 2580.273074][ T5881] hid (null): unknown global tag 0x13
[ 2580.313106][ T5881] hid (null): unknown global tag 0x79
[ 2580.340005][ T2996] UBIFS error (pid: 2996): cannot open "/dev/sg0", error -22
[ 2580.343526][ T5881] hid (null): unknown global tag 0xe
[ 2580.621168][ T3002] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7756'.
[ 2581.059782][ T5881] hid-generic 0001:0005:000E.001D: unexpected long global item
[ 2581.068209][ T5881] hid-generic 0001:0005:000E.001D: probe with driver hid-generic failed with error -22
[ 2581.403497][ T3010] hpfs: Bad magic ... probably not HPFS
[ 2583.661229][ T3028] bond0: (slave syz_tun): Releasing backup interface
[ 2584.718482][ T3038] Process accounting resumed
[ 2585.338340][ T3056] FAULT_INJECTION: forcing a failure.
[ 2585.338340][ T3056] name failslab, interval 1, probability 0, space 0, times 0
[ 2585.375085][ T3056] CPU: 1 UID: 0 PID: 3056 Comm: syz.7.7774 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[ 2585.385822][ T3056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 2585.395988][ T3056] Call Trace:
[ 2585.399276][ T3056]  <TASK>
[ 2585.402297][ T3056]  dump_stack_lvl+0x241/0x360
[ 2585.406989][ T3056]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2585.412282][ T3056]  ? __pfx__printk+0x10/0x10
[ 2585.416884][ T3056]  ? __kmalloc_noprof+0xb0/0x400
[ 2585.421833][ T3056]  ? __pfx___might_resched+0x10/0x10
[ 2585.427130][ T3056]  should_fail_ex+0x3b0/0x4e0
[ 2585.431811][ T3056]  ? kobject_get_path+0xb8/0x230
[ 2585.436755][ T3056]  should_failslab+0xac/0x100
[ 2585.441432][ T3056]  ? kobject_get_path+0xb8/0x230
[ 2585.446393][ T3056]  __kmalloc_noprof+0xd8/0x400
[ 2585.451163][ T3056]  kobject_get_path+0xb8/0x230
[ 2585.455959][ T3056]  kobject_uevent_env+0x2a5/0x8e0
[ 2585.460996][ T3056]  rfkill_set_block+0x3b3/0x440
[ 2585.465853][ T3056]  rfkill_fop_write+0x5b8/0x790
[ 2585.470728][ T3056]  ? __pfx_rfkill_fop_write+0x10/0x10
[ 2585.476105][ T3056]  ? bpf_lsm_file_permission+0x9/0x10
[ 2585.481476][ T3056]  ? security_file_permission+0x74/0x280
[ 2585.487111][ T3056]  ? rw_verify_area+0x1c3/0x6f0
[ 2585.491963][ T3056]  ? __pfx_rfkill_fop_write+0x10/0x10
[ 2585.497603][ T3056]  vfs_write+0x2a3/0xd30
[ 2585.501856][ T3056]  ? __pfx_vfs_write+0x10/0x10
[ 2585.506623][ T3056]  ? __fget_files+0x29/0x470
[ 2585.511220][ T3056]  ? __fget_files+0x3f3/0x470
[ 2585.515901][ T3056]  ? __fget_files+0x29/0x470
[ 2585.520509][ T3056]  ? fdget_pos+0x19a/0x320
[ 2585.524934][ T3056]  ksys_write+0x183/0x2b0
[ 2585.529281][ T3056]  ? __pfx_ksys_write+0x10/0x10
[ 2585.534135][ T3056]  ? do_syscall_64+0x100/0x230
[ 2585.538901][ T3056]  ? do_syscall_64+0xb6/0x230
[ 2585.543585][ T3056]  do_syscall_64+0xf3/0x230
[ 2585.548093][ T3056]  ? clear_bhb_loop+0x35/0x90
[ 2585.552771][ T3056]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2585.558678][ T3056] RIP: 0033:0x7fa09717e719
[ 2585.563092][ T3056] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2585.582699][ T3056] RSP: 002b:00007fa097f67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 2585.591207][ T3056] RAX: ffffffffffffffda RBX: 00007fa097335f80 RCX: 00007fa09717e719
[ 2585.599185][ T3056] RDX: 0000000000000008 RSI: 0000000020000080 RDI: 0000000000000005
[ 2585.607156][ T3056] RBP: 00007fa097f67090 R08: 0000000000000000 R09: 0000000000000000
[ 2585.615124][ T3056] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2585.623093][ T3056] R13: 0000000000000000 R14: 00007fa097335f80 R15: 00007ffee8058168
[ 2585.631080][ T3056]  </TASK>
[ 2589.097041][ T3097] netlink: 244 bytes leftover after parsing attributes in process `syz.7.7783'.
[ 2589.743883][ T3109] netlink: 'syz.8.7788': attribute type 21 has an invalid length.
[ 2589.770459][ T3109] netlink: 'syz.8.7788': attribute type 6 has an invalid length.
[ 2589.793909][ T3109] netlink: 132 bytes leftover after parsing attributes in process `syz.8.7788'.
[ 2592.407652][ T3136] netlink: 244 bytes leftover after parsing attributes in process `syz.4.7794'.
[ 2593.337545][ T3154] FAULT_INJECTION: forcing a failure.
[ 2593.337545][ T3154] name failslab, interval 1, probability 0, space 0, times 0
[ 2593.496840][ T3154] CPU: 1 UID: 0 PID: 3154 Comm: syz.8.7801 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[ 2593.507583][ T3154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 2593.517656][ T3154] Call Trace:
[ 2593.520958][ T3154]  <TASK>
[ 2593.523902][ T3154]  dump_stack_lvl+0x241/0x360
[ 2593.528610][ T3154]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2593.533829][ T3154]  ? __pfx__printk+0x10/0x10
[ 2593.538442][ T3154]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[ 2593.544444][ T3154]  ? __pfx___might_resched+0x10/0x10
[ 2593.549759][ T3154]  should_fail_ex+0x3b0/0x4e0
[ 2593.554455][ T3154]  should_failslab+0xac/0x100
[ 2593.559147][ T3154]  ? __alloc_skb+0x1c3/0x440
[ 2593.563755][ T3154]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 2593.569588][ T3154]  __alloc_skb+0x1c3/0x440
[ 2593.574043][ T3154]  ? __pfx___alloc_skb+0x10/0x10
[ 2593.578996][ T3154]  ? __rcu_read_unlock+0xa1/0x110
[ 2593.584044][ T3154]  ? netlink_autobind+0xd6/0x2f0
[ 2593.589015][ T3154]  ? netlink_autobind+0x2b0/0x2f0
[ 2593.594099][ T3154]  netlink_sendmsg+0x638/0xcb0
[ 2593.598914][ T3154]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2593.604241][ T3154]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2593.609546][ T3154]  __sock_sendmsg+0x221/0x270
[ 2593.614248][ T3154]  ____sys_sendmsg+0x52a/0x7e0
[ 2593.619046][ T3154]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2593.624371][ T3154]  __sys_sendmsg+0x292/0x380
[ 2593.628991][ T3154]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2593.634141][ T3154]  ? __pfx_vfs_write+0x10/0x10
[ 2593.638949][ T3154]  ? __pfx___schedule+0x10/0x10
[ 2593.643829][ T3154]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2593.650185][ T3154]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2593.656538][ T3154]  ? do_syscall_64+0xb6/0x230
[ 2593.661243][ T3154]  do_syscall_64+0xf3/0x230
[ 2593.665767][ T3154]  ? clear_bhb_loop+0x35/0x90
[ 2593.670464][ T3154]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2593.676376][ T3154] RIP: 0033:0x7f652117e719
[ 2593.680808][ T3154] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2593.700449][ T3154] RSP: 002b:00007f6521f96038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2593.708896][ T3154] RAX: ffffffffffffffda RBX: 00007f6521336058 RCX: 00007f652117e719
[ 2593.716904][ T3154] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[ 2593.724906][ T3154] RBP: 00007f6521f96090 R08: 0000000000000000 R09: 0000000000000000
[ 2593.732905][ T3154] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2593.740901][ T3154] R13: 0000000000000000 R14: 00007f6521336058 R15: 00007ffca3060b88
[ 2593.748919][ T3154]  </TASK>
[ 2593.810560][T26725] Bluetooth: hci1: ACL packet for unknown connection handle 200
[ 2593.822317][ T3160] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7798'.
[ 2594.889691][ T3169] netlink: 'syz.8.7802': attribute type 21 has an invalid length.
[ 2594.897701][ T3169] netlink: 'syz.8.7802': attribute type 6 has an invalid length.
[ 2594.985712][ T3169] netlink: 132 bytes leftover after parsing attributes in process `syz.8.7802'.
[ 2595.567209][ T3183] netlink: 4 bytes leftover after parsing attributes in process `syz.6.7807'.
[ 2595.985501][T26725] Bluetooth: hci3: command 0x0c1a tx timeout
[ 2596.071384][ T3183] bridge_slave_1: left allmulticast mode
[ 2596.087458][ T3183] bridge_slave_1: left promiscuous mode
[ 2596.110226][ T3183] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2596.314842][ T3183] bridge_slave_0: left allmulticast mode
[ 2596.348808][ T3183] bridge_slave_0: left promiscuous mode
[ 2596.394154][ T3183] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2598.476409][T26743] usb 1-1: new high-speed USB device number 108 using dummy_hcd
[ 2598.678221][ T2510] usb 7-1: new high-speed USB device number 52 using dummy_hcd
[ 2598.692750][T26743] usb 1-1: Using ep0 maxpacket: 32
[ 2598.704190][T26743] usb 1-1: too many configurations: 18, using maximum allowed: 8
[ 2598.733969][T26743] usb 1-1: unable to read config index 0 descriptor/start: -61
[ 2598.754051][T26743] usb 1-1: can't read configurations, error -61
[ 2598.869274][ T2510] usb 7-1: Using ep0 maxpacket: 32
[ 2598.881987][ T2510] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2598.903532][ T2510] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2598.927348][T26743] usb 1-1: new high-speed USB device number 109 using dummy_hcd
[ 2598.944532][ T2510] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 2598.956305][ T2510] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2598.968889][ T2510] usb 7-1: config 0 descriptor??
[ 2598.985469][ T2510] hub 7-1:0.0: USB hub found
[ 2599.095043][T26743] usb 1-1: Using ep0 maxpacket: 32
[ 2599.125871][T26743] usb 1-1: too many configurations: 18, using maximum allowed: 8
[ 2599.278600][T26743] usb 1-1: unable to read config index 0 descriptor/start: -61
[ 2599.289472][ T2510] hub 7-1:0.0: 1 port detected
[ 2599.297912][T26743] usb 1-1: can't read configurations, error -61
[ 2599.314020][T26743] usb usb1-port1: attempt power cycle
[ 2599.740697][T26743] usb 1-1: new high-speed USB device number 110 using dummy_hcd
[ 2599.893316][T26743] usb 1-1: Using ep0 maxpacket: 32
[ 2599.940056][T26743] usb 1-1: too many configurations: 18, using maximum allowed: 8
[ 2599.960623][T26743] usb 1-1: unable to read config index 0 descriptor/start: -61
[ 2599.978720][T26743] usb 1-1: can't read configurations, error -61
[ 2600.119354][T26743] usb 1-1: new high-speed USB device number 111 using dummy_hcd
[ 2600.173111][T26743] usb 1-1: Using ep0 maxpacket: 32
[ 2600.192761][T26743] usb 1-1: too many configurations: 18, using maximum allowed: 8
[ 2600.269643][T26743] usb 1-1: unable to read config index 0 descriptor/start: -61
[ 2600.340829][T26743] usb 1-1: can't read configurations, error -61
[ 2600.402886][ T2510] hub 7-1:0.0: activate --> -90
[ 2600.412011][T26743] usb usb1-port1: unable to enumerate USB device
[ 2600.586803][ T3229] program syz.4.7822 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2600.636150][ T3234] UBIFS error (pid: 3234): cannot open "/dev/sg0", error -22
[ 2600.701461][ T3239] netlink: 4 bytes leftover after parsing attributes in process `syz.7.7825'.
[ 2600.859528][ T3130] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[ 2600.859648][T26743] usb 9-1: new high-speed USB device number 102 using dummy_hcd
[ 2601.061315][ T3130] usb 5-1: Using ep0 maxpacket: 16
[ 2601.111205][ T3130] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2601.159787][ T3130] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 64, changing to 7
[ 2601.174105][ T3130] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[ 2601.207357][T26743] usb 9-1: Using ep0 maxpacket: 8
[ 2601.387699][T26743] usb 9-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 2601.401967][T26743] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2601.420724][ T3130] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 2601.442947][T26743] usb 9-1: Product: syz
[ 2601.454234][T26743] usb 9-1: Manufacturer: syz
[ 2601.456036][ T3130] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 2601.500793][T26743] usb 9-1: SerialNumber: syz
[ 2601.509258][ T3130] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2601.536296][T26743] usb 9-1: config 0 descriptor??
[ 2601.542234][ T3130] usb 5-1: Product: syz
[ 2601.546447][ T3130] usb 5-1: Manufacturer: syz
[ 2601.550898][ T3201] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2601.579408][ T3201] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2601.579577][ T3130] usb 5-1: SerialNumber: syz
[ 2601.981451][T26743] usb 9-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 2601.990643][ T3229] loop2: detected capacity change from 0 to 7
[ 2602.012897][ T3229] Dev loop2: unable to read RDB block 7
[ 2602.043926][ T3229]  loop2: AHDI p1 p2
[ 2602.063226][ T3229] loop2: partition table partially beyond EOD, truncated
[ 2602.166003][ T3229] loop2: p1 start 2214592512 is beyond EOD, truncated
[ 2602.679423][ T3130] usb 5-1: 2:1 : UAC_AS_GENERAL descriptor not found
[ 2602.758003][ T3130] usb 5-1: USB disconnect, device number 14
[ 2602.918254][ T2510] hub 7-1:0.0: hub_ext_port_status failed (err = -32)
[ 2602.939756][ T2510] usb 7-1-port1: config error
[ 2602.947248][T20386] usb 7-1: USB disconnect, device number 52
[ 2603.600091][ T3270] netlink: 8 bytes leftover after parsing attributes in process `syz.6.7834'.
[ 2603.867378][ T3279] batman_adv: batadv0: Adding interface: ip6gretap1
[ 2603.879400][ T3279] batman_adv: batadv0: The MTU of interface ip6gretap1 is too small (1434) to handle the transport of batman-adv packets. If you experience problems getting traffic through try increasing the MTU to 1500.
[ 2603.929624][T26743] dvb_usb_rtl28xxu 9-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[ 2603.958635][T26743] usb 9-1: USB disconnect, device number 102
[ 2603.988683][ T3279] batman_adv: batadv0: Interface activated: ip6gretap1
[ 2604.121011][ T3283] batadv_slave_1: entered promiscuous mode
[ 2604.154146][ T3278] batadv_slave_1: left promiscuous mode
[ 2604.951999][ T3297] ALSA: seq fatal error: cannot create timer (-22)
[ 2607.059442][ T3324] lo speed is unknown, defaulting to 1000
[ 2607.070814][ T3325] UBIFS error (pid: 3325): cannot open "/dev/sg0", error -22
[ 2607.147815][ T3328] netlink: 4 bytes leftover after parsing attributes in process `syz.8.7850'.
[ 2607.439738][ T3333] RDS: rds_bind could not find a transport for ::ffff:10.1.1.1, load rds_tcp or rds_rdma?
[ 2611.983747][ T3387] FAULT_INJECTION: forcing a failure.
[ 2611.983747][ T3387] name failslab, interval 1, probability 0, space 0, times 0
[ 2612.199159][ T3387] CPU: 0 UID: 0 PID: 3387 Comm: syz.0.7864 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[ 2612.209894][ T3387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 2612.219977][ T3387] Call Trace:
[ 2612.223280][ T3387]  <TASK>
[ 2612.226232][ T3387]  dump_stack_lvl+0x241/0x360
[ 2612.232248][ T3387]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2612.237485][ T3387]  ? __pfx__printk+0x10/0x10
[ 2612.242126][ T3387]  should_fail_ex+0x3b0/0x4e0
[ 2612.246844][ T3387]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[ 2612.252600][ T3387]  should_failslab+0xac/0x100
[ 2612.257308][ T3387]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[ 2612.263062][ T3387]  __kmalloc_noprof+0xd8/0x400
[ 2612.267866][ T3387]  tomoyo_realpath_from_path+0xcf/0x5e0
[ 2612.273451][ T3387]  tomoyo_path_number_perm+0x23a/0x880
[ 2612.278924][ T3387]  ? tomoyo_path_number_perm+0x208/0x880
[ 2612.284568][ T3387]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 2612.290559][ T3387]  ? __pfx_ovl_lookup+0x10/0x10
[ 2612.295430][ T3387]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2612.301788][ T3387]  ? lookup_one_qstr_excl+0x12f/0x260
[ 2612.307164][ T3387]  tomoyo_path_mkdir+0xe7/0x130
[ 2612.312014][ T3387]  ? __pfx_hook_path_mkdir+0x10/0x10
[ 2612.317306][ T3387]  ? __pfx_tomoyo_path_mkdir+0x10/0x10
[ 2612.322760][ T3387]  ? __pfx_filename_create+0x10/0x10
[ 2612.328057][ T3387]  ? __might_fault+0xaa/0x120
[ 2612.332762][ T3387]  security_path_mkdir+0x171/0x370
[ 2612.337881][ T3387]  do_mkdirat+0x1c4/0x3a0
[ 2612.342220][ T3387]  ? __pfx_do_mkdirat+0x10/0x10
[ 2612.347078][ T3387]  ? getname_flags+0x1e3/0x540
[ 2612.351846][ T3387]  __x64_sys_mkdirat+0x87/0xa0
[ 2612.356614][ T3387]  do_syscall_64+0xf3/0x230
[ 2612.361123][ T3387]  ? clear_bhb_loop+0x35/0x90
[ 2612.365805][ T3387]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2612.371694][ T3387] RIP: 0033:0x7f192497e719
[ 2612.376115][ T3387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2612.395805][ T3387] RSP: 002b:00007f19256d9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[ 2612.404234][ T3387] RAX: ffffffffffffffda RBX: 00007f1924b35f80 RCX: 00007f192497e719
[ 2612.412208][ T3387] RDX: 0000000000000004 RSI: 0000000020002000 RDI: ffffffffffffff9c
[ 2612.420179][ T3387] RBP: 00007f19256d9090 R08: 0000000000000000 R09: 0000000000000000
[ 2612.428147][ T3387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2612.436119][ T3387] R13: 0000000000000000 R14: 00007f1924b35f80 R15: 00007ffd1345f418
[ 2612.444105][ T3387]  </TASK>
[ 2612.571399][ T3387] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 2612.836029][ T3400] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 2615.387541][ T3416] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 2615.514721][ T3418] ALSA: seq fatal error: cannot create timer (-22)
[ 2615.759861][  T973] usb 9-1: new high-speed USB device number 103 using dummy_hcd
[ 2616.739983][  T973] usb 9-1: Using ep0 maxpacket: 16
[ 2616.792573][  T973] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2616.931929][  T973] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2616.948987][  T973] usb 9-1: New USB device found, idVendor=1e71, idProduct=170e, bcdDevice= 0.00
[ 2616.961782][  T973] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2617.019240][  T973] usb 9-1: config 0 descriptor??
[ 2617.187798][ T3130] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[ 2617.438858][ T3418] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2617.447630][ T3418] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2617.456769][ T3418] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2617.465391][ T3418] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2617.672208][ T3432] Process accounting paused
[ 2618.256723][ T3130] hid-generic 0000:0000:0000.001E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 2618.566795][  T973] usbhid 9-1:0.0: can't add hid device: -71
[ 2618.574489][  T973] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 2618.610926][  T973] usb 9-1: USB disconnect, device number 103
[ 2619.770659][ T3454] fuse: Bad value for 'fd'
[ 2621.698957][ T3441] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7879'.
[ 2622.016995][T26743] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[ 2622.244859][ T3495] fuse: Bad value for 'fd'
[ 2622.286686][T26743] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 2622.396577][T26743] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2622.655251][T26743] usb 5-1: config 0 descriptor??
[ 2623.848157][ T3507] netlink: 'syz.6.7897': attribute type 1 has an invalid length.
[ 2623.916006][ T3507] openvswitch: netlink: Actions may not be safe on all matching packets
[ 2625.371284][ T3534] smk_cipso_doi:695 remove rc = -2
[ 2625.376477][ T3534] smk_cipso_doi:708 cipso add rc = -22
[ 2625.440439][T26743] usb 5-1: Cannot set autoneg
[ 2625.445682][T26743] MOSCHIP usb-ethernet driver 5-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[ 2625.508215][T26743] usb 5-1: USB disconnect, device number 15
[ 2628.432514][ T3551] fuse: Bad value for 'fd'
[ 2629.179115][ T3572] FAULT_INJECTION: forcing a failure.
[ 2629.179115][ T3572] name fail_futex, interval 1, probability 0, space 0, times 1
[ 2629.192051][ T3572] CPU: 1 UID: 0 PID: 3572 Comm: syz.0.7918 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[ 2629.202743][ T3572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 2629.212812][ T3572] Call Trace:
[ 2629.216108][ T3572]  <TASK>
[ 2629.219065][ T3572]  dump_stack_lvl+0x241/0x360
[ 2629.223784][ T3572]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2629.229013][ T3572]  ? __pfx__printk+0x10/0x10
[ 2629.233617][ T3572]  ? register_lock_class+0x102/0x980
[ 2629.238929][ T3572]  ? __pfx_register_lock_class+0x10/0x10
[ 2629.244645][ T3572]  should_fail_ex+0x3b0/0x4e0
[ 2629.249351][ T3572]  get_futex_key+0x19a/0x1080
[ 2629.254072][ T3572]  ? __pfx_get_futex_key+0x10/0x10
[ 2629.259213][ T3572]  ? __lock_acquire+0x1384/0x2050
[ 2629.264286][ T3572]  futex_wake+0x12a/0x5c0
[ 2629.268651][ T3572]  ? __pfx_futex_wake+0x10/0x10
[ 2629.273541][ T3572]  do_futex+0x392/0x560
[ 2629.277740][ T3572]  ? __pfx_do_futex+0x10/0x10
[ 2629.282449][ T3572]  ? __might_fault+0xaa/0x120
[ 2629.287169][ T3572]  mm_release+0x193/0x430
[ 2629.291533][ T3572]  ? exit_robust_list+0x2cf/0x2f0
[ 2629.296590][ T3572]  ? __pfx_mm_release+0x10/0x10
[ 2629.301465][ T3572]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2629.306684][ T3572]  ? lockdep_hardirqs_on+0x99/0x150
[ 2629.311918][ T3572]  exit_mm+0xb0/0x310
[ 2629.315927][ T3572]  ? __pfx_exit_mm+0x10/0x10
[ 2629.320530][ T3572]  ? taskstats_exit+0x326/0xa60
[ 2629.325409][ T3572]  do_exit+0x9b2/0x28e0
[ 2629.329595][ T3572]  ? __pfx_do_exit+0x10/0x10
[ 2629.334194][ T3572]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 2629.339593][ T3572]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2629.345614][ T3572]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2629.351959][ T3572]  ? _raw_spin_lock_irq+0xdf/0x120
[ 2629.357091][ T3572]  do_group_exit+0x207/0x2c0
[ 2629.361693][ T3572]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2629.366904][ T3572]  ? lockdep_hardirqs_on+0x99/0x150
[ 2629.372119][ T3572]  get_signal+0x16a3/0x1740
[ 2629.376651][ T3572]  ? __pfx_poll_select_finish+0x10/0x10
[ 2629.382212][ T3572]  ? __pfx_get_signal+0x10/0x10
[ 2629.387080][ T3572]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2629.393082][ T3572]  arch_do_signal_or_restart+0x96/0x860
[ 2629.398650][ T3572]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2629.404839][ T3572]  syscall_exit_to_user_mode+0xc9/0x370
[ 2629.410408][ T3572]  do_syscall_64+0x100/0x230
[ 2629.415023][ T3572]  ? clear_bhb_loop+0x35/0x90
[ 2629.419721][ T3572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2629.425631][ T3572] RIP: 0033:0x7f192497e719
[ 2629.430060][ T3572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2629.449694][ T3572] RSP: 002b:00007f1925697038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[ 2629.458151][ T3572] RAX: fffffffffffffdfe RBX: 00007f1924b36130 RCX: 00007f192497e719
[ 2629.466219][ T3572] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 00000000200010c0
[ 2629.474254][ T3572] RBP: 00007f1925697090 R08: 0000000000000000 R09: 0000000000000000
[ 2629.482247][ T3572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2629.490247][ T3572] R13: 0000000000000000 R14: 00007f1924b36130 R15: 00007ffd1345f418
[ 2629.498256][ T3572]  </TASK>
[ 2629.966092][ T3583] ubi: mtd0 is already attached to ubi0
[ 2636.231679][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.255075][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.272562][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.289239][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.309419][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.327542][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.366454][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.400542][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.419704][ T3645] netlink: 'syz.4.7939': attribute type 11 has an invalid length.
[ 2636.432906][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.449335][ T3645] FAULT_INJECTION: forcing a failure.
[ 2636.449335][ T3645] name failslab, interval 1, probability 0, space 0, times 0
[ 2636.462276][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.475190][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.499361][T30599] usb 1-1: new high-speed USB device number 112 using dummy_hcd
[ 2636.519934][ T3645] CPU: 1 UID: 0 PID: 3645 Comm: syz.4.7939 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[ 2636.530650][ T3645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 2636.540699][ T3645] Call Trace:
[ 2636.543975][ T3645]  <TASK>
[ 2636.546897][ T3645]  dump_stack_lvl+0x241/0x360
[ 2636.551592][ T3645]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2636.556783][ T3645]  ? __pfx__printk+0x10/0x10
[ 2636.561368][ T3645]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[ 2636.567342][ T3645]  ? __pfx___might_resched+0x10/0x10
[ 2636.572624][ T3645]  should_fail_ex+0x3b0/0x4e0
[ 2636.577302][ T3645]  should_failslab+0xac/0x100
[ 2636.581972][ T3645]  ? __alloc_skb+0x1c3/0x440
[ 2636.586553][ T3645]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 2636.592358][ T3645]  __alloc_skb+0x1c3/0x440
[ 2636.596789][ T3645]  ? __pfx___alloc_skb+0x10/0x10
[ 2636.601726][ T3645]  ? netlink_ack_tlv_len+0x6e/0x200
[ 2636.606926][ T3645]  netlink_ack+0x13f/0xa30
[ 2636.611347][ T3645]  ? __pfx_lock_acquire+0x10/0x10
[ 2636.616380][ T3645]  ? __pfx_nl80211_probe_mesh_link+0x10/0x10
[ 2636.622349][ T3645]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 2636.627817][ T3645]  netlink_rcv_skb+0x262/0x430
[ 2636.632569][ T3645]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2636.637585][ T3645]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2636.642868][ T3645]  ? __netlink_deliver_tap+0x77e/0x7c0
[ 2636.648322][ T3645]  genl_rcv+0x28/0x40
[ 2636.652293][ T3645]  netlink_unicast+0x7f6/0x990
[ 2636.657046][ T3645]  ? __pfx_netlink_unicast+0x10/0x10
[ 2636.662338][ T3645]  ? __virt_addr_valid+0x183/0x530
[ 2636.667439][ T3645]  ? __check_object_size+0x48e/0x900
[ 2636.672738][ T3645]  netlink_sendmsg+0x8e4/0xcb0
[ 2636.677496][ T3645]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2636.682798][ T3645]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2636.688158][ T3645]  __sock_sendmsg+0x221/0x270
[ 2636.692825][ T3645]  ____sys_sendmsg+0x52a/0x7e0
[ 2636.697590][ T3645]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2636.702877][ T3645]  __sys_sendmsg+0x292/0x380
[ 2636.707472][ T3645]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2636.712582][ T3645]  ? __pfx_vfs_write+0x10/0x10
[ 2636.717350][ T3645]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2636.723679][ T3645]  ? do_syscall_64+0x100/0x230
[ 2636.728444][ T3645]  ? do_syscall_64+0xb6/0x230
[ 2636.733111][ T3645]  do_syscall_64+0xf3/0x230
[ 2636.737602][ T3645]  ? clear_bhb_loop+0x35/0x90
[ 2636.742269][ T3645]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2636.748151][ T3645] RIP: 0033:0x7f8ab897e719
[ 2636.752552][ T3645] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2636.772168][ T3645] RSP: 002b:00007f8ab97b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2636.780579][ T3645] RAX: ffffffffffffffda RBX: 00007f8ab8b35f80 RCX: 00007f8ab897e719
[ 2636.788540][ T3645] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[ 2636.796502][ T3645] RBP: 00007f8ab97b4090 R08: 0000000000000000 R09: 0000000000000000
[ 2636.804462][ T3645] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2636.812433][ T3645] R13: 0000000000000000 R14: 00007f8ab8b35f80 R15: 00007ffe12096c38
[ 2636.820413][ T3645]  </TASK>
[ 2636.848207][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.875520][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.890067][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.897773][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.909195][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.916870][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.924549][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.932237][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.939921][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.948701][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.958117][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2636.967352][ T3647] qrtr: Invalid version 0
[ 2636.973765][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2637.108392][T30599] usb 1-1: config 0 has no interfaces?
[ 2637.116097][T30599] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 2637.415066][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2637.434137][T30599] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2637.469908][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2637.478460][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2637.486906][T30599] usb 1-1: config 0 descriptor??
[ 2637.494109][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2637.503717][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2637.511759][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2637.520414][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2637.539129][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2637.556779][T20387] hid-generic 0000:0000:0000.001F: unknown main item tag 0x0
[ 2637.575399][ T3655] fuse: Bad value for 'fd'
[ 2637.582256][T20387] hid-generic 0000:0000:0000.001F: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[ 2638.603675][T30599] usb 1-1: USB disconnect, device number 112
[ 2639.434035][ T3680] netlink: 16 bytes leftover after parsing attributes in process `syz.7.7948'.
[ 2639.455127][ T3680] netlink: 228 bytes leftover after parsing attributes in process `syz.7.7948'.
[ 2639.468006][ T3680] FAULT_INJECTION: forcing a failure.
[ 2639.468006][ T3680] name failslab, interval 1, probability 0, space 0, times 0
[ 2639.492346][ T3680] CPU: 1 UID: 0 PID: 3680 Comm: syz.7.7948 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[ 2639.503188][ T3680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 2639.513358][ T3680] Call Trace:
[ 2639.516667][ T3680]  <TASK>
[ 2639.519619][ T3680]  dump_stack_lvl+0x241/0x360
[ 2639.524337][ T3680]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2639.529586][ T3680]  ? __pfx__printk+0x10/0x10
[ 2639.534209][ T3680]  ? __kmalloc_cache_noprof+0x44/0x2c0
[ 2639.539784][ T3680]  ? __pfx___might_resched+0x10/0x10
[ 2639.545109][ T3680]  should_fail_ex+0x3b0/0x4e0
[ 2639.549819][ T3680]  should_failslab+0xac/0x100
[ 2639.554530][ T3680]  ? netlbl_cipsov4_add+0x5f2/0x25d0
[ 2639.559841][ T3680]  __kmalloc_cache_noprof+0x6c/0x2c0
[ 2639.565160][ T3680]  netlbl_cipsov4_add+0x5f2/0x25d0
[ 2639.570308][ T3680]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[ 2639.576583][ T3680]  ? __nla_parse+0x40/0x60
[ 2639.581012][ T3680]  ? __pfx_netlbl_cipsov4_add+0x10/0x10
[ 2639.586648][ T3680]  ? genl_family_rcv_msg_attrs_parse+0x1d1/0x290
[ 2639.593331][ T3680]  genl_rcv_msg+0xb14/0xec0
[ 2639.597836][ T3680]  ? mark_lock+0x9a/0x360
[ 2639.602167][ T3680]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2639.607213][ T3680]  ? __pfx_lock_acquire+0x10/0x10
[ 2639.612238][ T3680]  ? __pfx_netlbl_cipsov4_add+0x10/0x10
[ 2639.617780][ T3680]  ? __pfx___might_resched+0x10/0x10
[ 2639.623070][ T3680]  netlink_rcv_skb+0x1e3/0x430
[ 2639.627837][ T3680]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2639.632862][ T3680]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2639.638172][ T3680]  genl_rcv+0x28/0x40
[ 2639.642158][ T3680]  netlink_unicast+0x7f6/0x990
[ 2639.646922][ T3680]  ? __pfx_netlink_unicast+0x10/0x10
[ 2639.652203][ T3680]  ? __virt_addr_valid+0x183/0x530
[ 2639.657314][ T3680]  ? __check_object_size+0x48e/0x900
[ 2639.662595][ T3680]  netlink_sendmsg+0x8e4/0xcb0
[ 2639.667371][ T3680]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2639.672663][ T3680]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2639.677941][ T3680]  __sock_sendmsg+0x221/0x270
[ 2639.682962][ T3680]  ____sys_sendmsg+0x52a/0x7e0
[ 2639.687735][ T3680]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2639.693028][ T3680]  __sys_sendmsg+0x292/0x380
[ 2639.697620][ T3680]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2639.702737][ T3680]  ? __pfx_vfs_write+0x10/0x10
[ 2639.707521][ T3680]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2639.713850][ T3680]  ? do_syscall_64+0x100/0x230
[ 2639.718614][ T3680]  ? do_syscall_64+0xb6/0x230
[ 2639.723291][ T3680]  do_syscall_64+0xf3/0x230
[ 2639.727987][ T3680]  ? clear_bhb_loop+0x35/0x90
[ 2639.732694][ T3680]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2639.738607][ T3680] RIP: 0033:0x7fa09717e719
[ 2639.743036][ T3680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2639.762665][ T3680] RSP: 002b:00007fa097f67038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2639.771092][ T3680] RAX: ffffffffffffffda RBX: 00007fa097335f80 RCX: 00007fa09717e719
[ 2639.779072][ T3680] RDX: 0000000000000000 RSI: 0000000020000580 RDI: 0000000000000004
[ 2639.787136][ T3680] RBP: 00007fa097f67090 R08: 0000000000000000 R09: 0000000000000000
[ 2639.795105][ T3680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2639.803072][ T3680] R13: 0000000000000000 R14: 00007fa097335f80 R15: 00007ffee8058168
[ 2639.811057][ T3680]  </TASK>
[ 2640.158930][ T3695] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[ 2640.178146][ T3695] netlink: 'syz.6.7950': attribute type 10 has an invalid length.
[ 2641.877767][ T3707] fuse: Bad value for 'fd'
[ 2643.928931][ T6203] netdevsim netdevsim8 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 2643.979771][ T6203] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2644.411185][ T6203] netdevsim netdevsim8 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 2644.434132][ T6203] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2644.574144][ T3749] FAULT_INJECTION: forcing a failure.
[ 2644.574144][ T3749] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2644.629665][ T3749] CPU: 1 UID: 0 PID: 3749 Comm: syz.0.7973 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[ 2644.640406][ T3749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 2644.650481][ T3749] Call Trace:
[ 2644.653771][ T3749]  <TASK>
[ 2644.656716][ T3749]  dump_stack_lvl+0x241/0x360
[ 2644.661424][ T3749]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2644.666648][ T3749]  ? __pfx__printk+0x10/0x10
[ 2644.671346][ T3749]  ? __pfx_lock_release+0x10/0x10
[ 2644.676409][ T3749]  should_fail_ex+0x3b0/0x4e0
[ 2644.681112][ T3749]  fpu__restore_sig+0x1c0/0x1270
[ 2644.686096][ T3749]  ? __pfx_fpu__restore_sig+0x10/0x10
[ 2644.691517][ T3749]  ? __might_fault+0xc6/0x120
[ 2644.696224][ T3749]  restore_sigcontext+0x675/0x7d0
[ 2644.701276][ T3749]  ? __pfx___might_resched+0x10/0x10
[ 2644.706575][ T3749]  ? __pfx_restore_sigcontext+0x10/0x10
[ 2644.712158][ T3749]  ? __task_pid_nr_ns+0x28/0x450
[ 2644.717104][ T3749]  __do_sys_rt_sigreturn+0x1b9/0x280
[ 2644.722839][ T3749]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[ 2644.728659][ T3749]  ? do_syscall_64+0x100/0x230
[ 2644.733449][ T3749]  ? do_syscall_64+0xb6/0x230
[ 2644.738130][ T3749]  do_syscall_64+0xf3/0x230
[ 2644.742639][ T3749]  ? clear_bhb_loop+0x35/0x90
[ 2644.747324][ T3749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2644.753216][ T3749] RIP: 0033:0x7f192497e719
[ 2644.757628][ T3749] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2644.777236][ T3749] RSP: 002b:00007f19256d9038 EFLAGS: 00000246
[ 2644.783308][ T3749] RAX: 0000000000000001 RBX: 00007f1924b35f80 RCX: 00007f192497e719
[ 2644.791277][ T3749] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000003
[ 2644.799280][ T3749] RBP: 00007f19256d9090 R08: 0000000000000000 R09: 0000000000000000
[ 2644.807268][ T3749] R10: 0000000000000122 R11: 0000000000000246 R12: 0000000000000001
[ 2644.815233][ T3749] R13: 0000000000000000 R14: 00007f1924b35f80 R15: 00007ffd1345f418
[ 2644.823214][ T3749]  </TASK>
[ 2644.950379][T24597] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 2644.962391][T24597] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 2644.986740][T24597] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 2645.004264][T24597] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 2645.006023][ T6203] netdevsim netdevsim8 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 2645.048933][T24597] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[ 2645.059402][T24597] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 2645.084998][ T6203] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2645.181670][ T3751] lo speed is unknown, defaulting to 1000
[ 2645.281252][ T6203] netdevsim netdevsim8 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 2645.317800][ T6203] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2645.853475][ T3759] 9pnet: Could not find request transport: fd0x0000000000000005
[ 2645.861415][ T3631] usb 1-1: new high-speed USB device number 113 using dummy_hcd
[ 2646.027377][ T6203] bridge_slave_1: left allmulticast mode
[ 2646.039427][ T3631] usb 1-1: Using ep0 maxpacket: 8
[ 2646.044899][ T6203] bridge_slave_1: left promiscuous mode
[ 2646.061638][ T3631] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[ 2646.063022][ T6203] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2646.078962][ T3631] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 0
[ 2646.106274][ T3631] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[ 2646.131632][ T3631] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 2646.144291][ T6203] bridge_slave_0: left allmulticast mode
[ 2646.163852][ T3631] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[ 2646.168015][ T6203] bridge_slave_0: left promiscuous mode
[ 2646.187037][ T6203] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2646.590492][ T3631] usb 1-1: New USB device found, idVendor=0499, idProduct=1055, bcdDevice= 1.a4
[ 2646.628867][ T3631] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2646.637352][ T3631] usb 1-1: Product: syz
[ 2646.642169][ T3631] usb 1-1: Manufacturer: syz
[ 2646.646792][ T3631] usb 1-1: SerialNumber: syz
[ 2646.654464][ T3631] usb 1-1: config 0 descriptor??
[ 2646.716745][T26743] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[ 2646.882557][ T3759] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2646.894615][ T3759] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2646.913265][T26743] usb 5-1: Using ep0 maxpacket: 8
[ 2646.949925][T26743] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2647.013887][T26743] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 2647.056629][T26743] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 2647.073118][T26743] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2647.086481][T26743] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 2647.095765][T26743] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2647.117700][ T3631] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 2647.132032][T26725] Bluetooth: hci0: command tx timeout
[ 2647.464652][T26743] usb 5-1: GET_CAPABILITIES returned 0
[ 2647.484742][T26743] usbtmc 5-1:16.0: can't read capabilities
[ 2647.500283][ T3631] snd-usb-audio 1-1:0.0: probe with driver snd-usb-audio failed with error -12
[ 2647.512117][ T3631] usb 1-1: USB disconnect, device number 113
[ 2648.263198][ T2510] usb 5-1: USB disconnect, device number 16
[ 2648.795086][ T6203] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2648.826018][ T6203] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2648.865776][ T6203] bond0 (unregistering): Released all slaves
[ 2648.908966][ T3804] netlink: 32 bytes leftover after parsing attributes in process `syz.0.7988'.
[ 2648.943412][ T3751] chnl_net:caif_netlink_parms(): no params data found
[ 2649.039461][ T3631] usb 1-1: new high-speed USB device number 114 using dummy_hcd
[ 2649.199383][T26725] Bluetooth: hci0: command tx timeout
[ 2649.350549][ T3631] usb 1-1: Using ep0 maxpacket: 8
[ 2649.357546][ T3631] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2649.369230][ T3631] usb 1-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d
[ 2649.378436][ T3631] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105
[ 2649.386675][ T3631] usb 1-1: SerialNumber: syz
[ 2649.395471][ T3815] netlink: 244 bytes leftover after parsing attributes in process `syz.4.7991'.
[ 2649.408839][ T3631] usb 1-1: config 0 descriptor??
[ 2649.431177][ T3631] usb 1-1: Found UVC 0.00 device <unnamed> (05ac:8501)
[ 2649.438314][ T3631] usb 1-1: No valid video chain found.
[ 2649.451296][ T3751] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2649.458654][ T3751] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2649.467075][ T3751] bridge_slave_0: entered allmulticast mode
[ 2649.474477][ T3751] bridge_slave_0: entered promiscuous mode
[ 2649.508966][ T3751] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2649.516455][ T3751] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2649.523829][ T3751] bridge_slave_1: entered allmulticast mode
[ 2649.532933][ T3751] bridge_slave_1: entered promiscuous mode
[ 2649.634835][ T3631] usb 1-1: USB disconnect, device number 114
[ 2649.782361][ T3751] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2649.860469][ T3751] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2649.933939][ T6203] hsr_slave_0: left promiscuous mode
[ 2649.964380][ T6203] hsr_slave_1: left promiscuous mode
[ 2649.974896][ T6203] batman_adv: batadv0: Removing interface: team0
[ 2649.988630][ T6203] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2650.004057][ T6203] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2650.041608][ T6203] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2650.124014][ T6203] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2650.247120][ T6203] veth1_macvtap: left promiscuous mode
[ 2650.260406][ T6203] veth0_macvtap: left promiscuous mode
[ 2650.390007][ T6203] pim6reg (unregistering): left allmulticast mode
[ 2650.449487][T26743] usb 7-1: new high-speed USB device number 53 using dummy_hcd
[ 2650.609466][T26743] usb 7-1: Using ep0 maxpacket: 8
[ 2650.623885][T26743] usb 7-1: config 135 has an invalid interface number: 230 but max is 0
[ 2650.640556][T26743] usb 7-1: config 135 has an invalid descriptor of length 0, skipping remainder of the config
[ 2650.663531][T26743] usb 7-1: config 135 has no interface number 0
[ 2650.677101][T26743] usb 7-1: too many endpoints for config 135 interface 230 altsetting 126: 53, using maximum allowed: 30
[ 2650.698551][T26743] usb 7-1: config 135 interface 230 altsetting 126 has 0 endpoint descriptors, different from the interface descriptor's value: 53
[ 2650.730494][T26743] usb 7-1: config 135 interface 230 has no altsetting 0
[ 2650.746583][T26743] usb 7-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=3f.3a
[ 2650.758431][T26743] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2650.775870][T26743] usb 7-1: Product: syz
[ 2650.786093][T26743] usb 7-1: Manufacturer: syz
[ 2650.791373][T26743] usb 7-1: SerialNumber: syz
[ 2651.625440][T26725] Bluetooth: hci0: command tx timeout
[ 2651.648952][T26743] usb 7-1: Found UVC 0.00 device syz (18ec:3288)
[ 2651.655809][T26743] usb 7-1: No valid video chain found.
[ 2651.663034][T26743] usb 7-1: USB disconnect, device number 53
[ 2651.966860][ T6203] team0 (unregistering): Port device team_slave_1 removed
[ 2652.034534][ T6203] team0 (unregistering): Port device team_slave_0 removed
[ 2653.622740][ T3751] team0: Port device team_slave_0 added
[ 2653.641135][ T3831] FAULT_INJECTION: forcing a failure.
[ 2653.641135][ T3831] name failslab, interval 1, probability 0, space 0, times 0
[ 2653.669307][ T3831] CPU: 1 UID: 0 PID: 3831 Comm: syz.4.7995 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[ 2653.680051][ T3831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 2653.690135][ T3831] Call Trace:
[ 2653.693431][ T3831]  <TASK>
[ 2653.696379][ T3831]  dump_stack_lvl+0x241/0x360
[ 2653.701097][ T3831]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2653.706317][ T3831]  ? __pfx__printk+0x10/0x10
[ 2653.710920][ T3831]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[ 2653.716908][ T3831]  ? __pfx___might_resched+0x10/0x10
[ 2653.722204][ T3831]  should_fail_ex+0x3b0/0x4e0
[ 2653.726880][ T3831]  should_failslab+0xac/0x100
[ 2653.731553][ T3831]  ? __alloc_skb+0x1c3/0x440
[ 2653.736143][ T3831]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 2653.741952][ T3831]  __alloc_skb+0x1c3/0x440
[ 2653.746370][ T3831]  ? __pfx___alloc_skb+0x10/0x10
[ 2653.751306][ T3831]  ? lockdep_hardirqs_on+0x99/0x150
[ 2653.756506][ T3831]  rtmsg_ifa+0x1f0/0x3b0
[ 2653.760746][ T3831]  ? __pfx_rtmsg_ifa+0x10/0x10
[ 2653.765515][ T3831]  __inet_insert_ifa+0x9c0/0xc30
[ 2653.770455][ T3831]  ? __pfx___inet_insert_ifa+0x10/0x10
[ 2653.775918][ T3831]  inet_rtm_newaddr+0xc15/0x1b20
[ 2653.780869][ T3831]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[ 2653.786253][ T3831]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[ 2653.791630][ T3831]  rtnetlink_rcv_msg+0x73f/0xcf0
[ 2653.796574][ T3831]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[ 2653.801685][ T3831]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 2653.807147][ T3831]  ? ref_tracker_free+0x643/0x7e0
[ 2653.812175][ T3831]  netlink_rcv_skb+0x1e3/0x430
[ 2653.816941][ T3831]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 2653.822398][ T3831]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2653.827700][ T3831]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2653.832900][ T3831]  netlink_unicast+0x7f6/0x990
[ 2653.837677][ T3831]  ? __pfx_netlink_unicast+0x10/0x10
[ 2653.842960][ T3831]  ? __virt_addr_valid+0x183/0x530
[ 2653.848074][ T3831]  ? __check_object_size+0x48e/0x900
[ 2653.853358][ T3831]  netlink_sendmsg+0x8e4/0xcb0
[ 2653.858131][ T3831]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2653.863426][ T3831]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2653.868711][ T3831]  __sock_sendmsg+0x221/0x270
[ 2653.873385][ T3831]  ____sys_sendmsg+0x52a/0x7e0
[ 2653.878152][ T3831]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2653.883448][ T3831]  __sys_sendmsg+0x292/0x380
[ 2653.888041][ T3831]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2653.893162][ T3831]  ? __pfx_vfs_write+0x10/0x10
[ 2653.897948][ T3831]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2653.904291][ T3831]  ? do_syscall_64+0x100/0x230
[ 2653.909060][ T3831]  ? do_syscall_64+0xb6/0x230
[ 2653.913745][ T3831]  do_syscall_64+0xf3/0x230
[ 2653.918248][ T3831]  ? clear_bhb_loop+0x35/0x90
[ 2653.922942][ T3831]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2653.928833][ T3831] RIP: 0033:0x7f8ab897e719
[ 2653.933252][ T3831] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2653.952943][ T3831] RSP: 002b:00007f8ab97b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2653.961444][ T3831] RAX: ffffffffffffffda RBX: 00007f8ab8b35f80 RCX: 00007f8ab897e719
[ 2653.969412][ T3831] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[ 2653.977464][ T3831] RBP: 00007f8ab97b4090 R08: 0000000000000000 R09: 0000000000000000
[ 2653.985434][ T3831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2653.993401][ T3831] R13: 0000000000000000 R14: 00007f8ab8b35f80 R15: 00007ffe12096c38
[ 2654.001384][ T3831]  </TASK>
[ 2654.004420][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2654.014745][T26725] Bluetooth: hci0: command tx timeout
[ 2654.072939][ T3751] team0: Port device team_slave_1 added
[ 2654.149469][T30599] usb 7-1: new high-speed USB device number 54 using dummy_hcd
[ 2654.329513][T30599] usb 7-1: Using ep0 maxpacket: 16
[ 2654.507650][T30599] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2654.565205][T30599] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2654.592058][T30599] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 2654.677886][T30599] usb 7-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 2654.694306][ T3751] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2654.710954][ T3751] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2654.721800][T30599] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2654.780206][T30599] usb 7-1: config 0 descriptor??
[ 2654.787297][ T3751] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2654.827997][ T3751] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2654.835670][ T3751] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2654.861602][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2654.876537][ T3751] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2655.220198][ T3751] hsr_slave_0: entered promiscuous mode
[ 2655.250580][ T3856] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2655.411486][ T3751] hsr_slave_1: entered promiscuous mode
[ 2655.421690][ T3856] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2655.459745][ T3751] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 2655.659220][ T3751] Cannot create hsr debugfs directory
[ 2655.688641][T30599] usbhid 7-1:0.0: can't add hid device: -71
[ 2655.704477][T30599] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 2655.761354][T30599] usb 7-1: USB disconnect, device number 54
[ 2656.051208][ T3892] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[ 2656.129681][ T2539] Bluetooth: hci4: Frame reassembly failed (-84)
[ 2656.427803][ T3900] tipc: Started in network mode
[ 2656.570372][ T3900] tipc: Node identity 2dffff, cluster identity 4711
[ 2656.605002][ T3900] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 2658.081852][T24597] Bluetooth: hci4: command 0x1003 tx timeout
[ 2658.121214][T26725] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 2659.548752][ T3934] fuse: Bad value for 'fd'
[ 2660.148026][ T3751] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 2660.499150][ T3751] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 2660.812401][ T3751] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 2660.839166][T26725] Bluetooth: Unexpected continuation frame (len 24)
[ 2660.936815][ T3751] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 2661.152415][ T3944] syz.0.8032 (3944): drop_caches: 2
[ 2661.169965][ T3952] vlan0: entered promiscuous mode
[ 2661.175184][ T3952] bond0: entered promiscuous mode
[ 2661.180730][ T3952] bond_slave_0: entered promiscuous mode
[ 2661.186593][ T3952] bond_slave_1: entered promiscuous mode
[ 2661.308407][ T3952] vlan0: entered allmulticast mode
[ 2661.988207][ T3952] bond0: entered allmulticast mode
[ 2662.019242][ T3952] bond_slave_0: entered allmulticast mode
[ 2662.025023][ T3952] bond_slave_1: entered allmulticast mode
[ 2662.067529][ T3952] bond0: left allmulticast mode
[ 2662.077282][ T3952] bond_slave_0: left allmulticast mode
[ 2662.097520][ T3952] bond_slave_1: left allmulticast mode
[ 2662.110410][ T3952] bond0: left promiscuous mode
[ 2662.115231][ T3952] bond_slave_0: left promiscuous mode
[ 2662.148484][ T3952] bond_slave_1: left promiscuous mode
[ 2662.685388][ T3751] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2662.750705][ T3751] 8021q: adding VLAN 0 to HW filter on device team0
[ 2662.796074][T26921] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2662.803240][T26921] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2662.965598][ T3974] trusted_key: encrypted_key: insufficient parameters specified
[ 2662.975961][T26921] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2662.983140][T26921] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2663.035553][ T3975] fuse: Bad value for 'fd'
[ 2667.622274][ T3751] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2667.707421][ T3751] veth0_vlan: entered promiscuous mode
[ 2667.728517][ T3751] veth1_vlan: entered promiscuous mode
[ 2667.734213][ T3631] usb 7-1: new high-speed USB device number 55 using dummy_hcd
[ 2667.806430][ T3751] veth0_macvtap: entered promiscuous mode
[ 2667.883700][ T3751] veth1_macvtap: entered promiscuous mode
[ 2667.909396][ T3631] usb 7-1: Using ep0 maxpacket: 16
[ 2668.002669][ T3631] usb 7-1: New USB device found, idVendor=0c72, idProduct=0013, bcdDevice=ba.be
[ 2668.012440][ T3751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2668.030320][ T3631] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2668.039551][ T3631] usb 7-1: Product: syz
[ 2668.042543][ T3751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2668.043876][ T3631] usb 7-1: Manufacturer: syz
[ 2668.076665][ T3751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2668.079834][ T3631] usb 7-1: SerialNumber: syz
[ 2668.150065][ T3751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2668.261829][ T3751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2668.370660][ T3631] usb 7-1: config 0 descriptor??
[ 2668.393694][ T3751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2668.399219][T26743] usb 1-1: new high-speed USB device number 115 using dummy_hcd
[ 2668.451548][ T3751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2668.469794][ T3631] usb 7-1: can't set config #0, error -71
[ 2668.478936][ T3631] usb 7-1: USB disconnect, device number 55
[ 2668.479240][ T3751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2668.508938][ T3751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 2668.527270][ T3751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2668.548758][ T3751] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2668.655395][T26743] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2668.748642][T26743] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 2668.795532][ T3751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2668.806840][T26743] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2668.841293][ T3751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2668.891020][ T3751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2668.891781][T26743] usb 1-1: config 0 descriptor??
[ 2668.905205][ T3751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2668.917594][ T3751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2668.938729][ T3751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2669.240435][ T3751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2669.247960][ T4020] fuse: Bad value for 'fd'
[ 2669.264423][ T3751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2669.322307][ T3751] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 2669.522180][T26743] usbhid 1-1:0.0: can't add hid device: -71
[ 2669.528415][T26743] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 2669.539352][ T3751] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 2669.559901][T26743] usb 1-1: USB disconnect, device number 115
[ 2669.562721][ T3751] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2670.363048][ T3751] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2670.396818][ T3751] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2670.429434][ T3751] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2670.500501][ T3751] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2670.649365][T26743] usb 1-1: new high-speed USB device number 116 using dummy_hcd
[ 2670.658797][ T4033] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[ 2670.668062][ T4033] netlink: 'syz.7.8060': attribute type 10 has an invalid length.
[ 2670.776430][ T6203] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2670.799801][ T6203] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2670.858220][ T6209] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2670.878758][ T6209] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2670.949375][T26743] usb 1-1: Using ep0 maxpacket: 16
[ 2670.962682][T26743] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2671.017500][T26743] usb 1-1: config 0 interface 0 has no altsetting 0
[ 2671.112384][T26743] usb 1-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[ 2671.247262][T26743] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2671.657503][T26743] usb 1-1: config 0 descriptor??
[ 2671.829303][T26743] usb 1-1: can't set config #0, error -71
[ 2671.860974][T26743] usb 1-1: USB disconnect, device number 116
[ 2675.219171][ T4104] 9pnet_fd: Insufficient options for proto=fd
[ 2676.039606][ T4116] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[ 2676.048403][ T4116] netlink: 'syz.3.8083': attribute type 10 has an invalid length.
[ 2676.167745][ T4116] batman_adv: batadv0: Adding interface: team0
[ 2676.174015][ T4116] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 2676.199204][ T4116] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[ 2678.207435][ T4136] netlink: 32 bytes leftover after parsing attributes in process `syz.0.8090'.
[ 2678.428281][ T4140] netlink: 'syz.4.8092': attribute type 10 has an invalid length.
[ 2678.463693][ T4143] 9pnet_fd: Insufficient options for proto=fd
[ 2679.646849][ T4152] openvswitch: netlink: Unexpected mask (mask=20040, allowed=10048)
[ 2679.656530][ T4152] netlink: 'syz.7.8096': attribute type 10 has an invalid length.
[ 2680.773174][ T4162] tipc: Started in network mode
[ 2680.778600][ T4162] tipc: Node identity ac14142a, cluster identity 4711
[ 2680.795779][ T4162] tipc: Enabled bearer <udp:syz2>, priority 10
[ 2681.524043][ T4171] RDS: rds_bind could not find a transport for ::ffff:10.1.1.1, load rds_tcp or rds_rdma?
[ 2681.909463][ T2510] tipc: Node number set to 2886997034
[ 2683.236217][ T2510] usb 1-1: new high-speed USB device number 117 using dummy_hcd
[ 2683.401923][ T2510] usb 1-1: Using ep0 maxpacket: 16
[ 2683.413737][ T2510] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2683.451836][ T2510] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2683.494197][ T2510] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 2683.769100][ T2510] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 2684.076288][ T2510] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2684.117193][ T2510] usb 1-1: config 0 descriptor??
[ 2684.506772][ T4196] Bluetooth: MGMT ver 1.23
[ 2686.528589][ T4213] siw: device registration error -23
[ 2686.608719][ T2510] usbhid 1-1:0.0: can't add hid device: -71
[ 2686.617659][ T2510] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 2686.634183][ T2510] usb 1-1: USB disconnect, device number 117
[ 2689.543973][ T4243] FAULT_INJECTION: forcing a failure.
[ 2689.543973][ T4243] name failslab, interval 1, probability 0, space 0, times 0
[ 2689.621883][ T4243] CPU: 1 UID: 0 PID: 4243 Comm: syz.7.8122 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[ 2689.632645][ T4243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 2689.642727][ T4243] Call Trace:
[ 2689.646024][ T4243]  <TASK>
[ 2689.648980][ T4243]  dump_stack_lvl+0x241/0x360
[ 2689.653691][ T4243]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2689.658913][ T4243]  ? __pfx__printk+0x10/0x10
[ 2689.663530][ T4243]  ? __kmalloc_node_noprof+0xb7/0x440
[ 2689.668921][ T4243]  ? __pfx___might_resched+0x10/0x10
[ 2689.674234][ T4243]  should_fail_ex+0x3b0/0x4e0
[ 2689.678937][ T4243]  should_failslab+0xac/0x100
[ 2689.683636][ T4243]  __kmalloc_node_noprof+0xdf/0x440
[ 2689.688852][ T4243]  ? __kvmalloc_node_noprof+0x72/0x190
[ 2689.694339][ T4243]  __kvmalloc_node_noprof+0x72/0x190
[ 2689.699651][ T4243]  page_pool_create_percpu+0x2ca/0xa00
[ 2689.705138][ T4243]  bpf_test_run_xdp_live+0x2e6/0x21b0
[ 2689.710536][ T4243]  ? arch_stack_walk+0xfd/0x150
[ 2689.715443][ T4243]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[ 2689.721277][ T4243]  ? mark_lock+0x9a/0x360
[ 2689.725669][ T4243]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[ 2689.731590][ T4243]  ? __might_fault+0xaa/0x120
[ 2689.736290][ T4243]  ? __might_fault+0xc6/0x120
[ 2689.740998][ T4243]  ? _copy_from_user+0x99/0xc0
[ 2689.745779][ T4243]  ? bpf_test_init+0x15a/0x180
[ 2689.750559][ T4243]  ? xdp_convert_md_to_buff+0x5b/0x330
[ 2689.756047][ T4243]  bpf_prog_test_run_xdp+0x805/0x11e0
[ 2689.761447][ T4243]  ? __pfx_lock_release+0x10/0x10
[ 2689.766530][ T4243]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 2689.772358][ T4243]  ? __fget_files+0x29/0x470
[ 2689.776989][ T4243]  ? fput+0x1a8/0x230
[ 2689.781004][ T4243]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 2689.786851][ T4243]  bpf_prog_test_run+0x2e4/0x360
[ 2689.791827][ T4243]  __sys_bpf+0x48d/0x810
[ 2689.796099][ T4243]  ? __pfx___sys_bpf+0x10/0x10
[ 2689.800901][ T4243]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 2689.806919][ T4243]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 2689.813279][ T4243]  ? do_syscall_64+0x100/0x230
[ 2689.818076][ T4243]  __x64_sys_bpf+0x7c/0x90
[ 2689.822548][ T4243]  do_syscall_64+0xf3/0x230
[ 2689.827088][ T4243]  ? clear_bhb_loop+0x35/0x90
[ 2689.831887][ T4243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2689.837805][ T4243] RIP: 0033:0x7fa09717e719
[ 2689.842245][ T4243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2689.861886][ T4243] RSP: 002b:00007fa097f67038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 2689.870339][ T4243] RAX: ffffffffffffffda RBX: 00007fa097335f80 RCX: 00007fa09717e719
[ 2689.878367][ T4243] RDX: 0000000000000050 RSI: 0000000020000340 RDI: 000000000000000a
[ 2689.886368][ T4243] RBP: 00007fa097f67090 R08: 0000000000000000 R09: 0000000000000000
[ 2689.894385][ T4243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2689.902390][ T4243] R13: 0000000000000000 R14: 00007fa097335f80 R15: 00007ffee8058168
[ 2689.910412][ T4243]  </TASK>
[ 2690.292271][ T4243] page_pool_create_percpu() gave up with errno -12
[ 2693.841427][ T4278] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode active-backup(1)
[ 2694.005290][T26725] Bluetooth: hci5: unexpected event for opcode 0x203d
[ 2694.477527][ T4291] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(6)
[ 2694.484083][ T4291] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 2694.568745][ T4291] vhci_hcd vhci_hcd.0: Device attached
[ 2694.709254][T14058] usb 1-1: new high-speed USB device number 118 using dummy_hcd
[ 2694.749656][T30599] vhci_hcd: vhci_device speed not set
[ 2694.824827][T30599] usb 45-1: new full-speed USB device number 2 using vhci_hcd
[ 2694.834590][T20387] usb 7-1: new low-speed USB device number 56 using dummy_hcd
[ 2694.919326][T14058] usb 1-1: Using ep0 maxpacket: 8
[ 2695.452148][T14058] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2695.463040][T14058] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 8
[ 2695.557371][T14058] usb 1-1: New USB device found, idVendor=056e, idProduct=00fe, bcdDevice= 0.00
[ 2695.567119][T14058] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2695.596040][T14058] usb 1-1: config 0 descriptor??
[ 2695.641699][T20387] usb 7-1: config 0 has no interfaces?
[ 2695.647733][T20387] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 2695.657312][T20387] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2695.705205][T20387] usb 7-1: config 0 descriptor??
[ 2695.926941][ T4292] vhci_hcd: unknown pdu 1
[ 2695.932145][ T4291] [U] VÔ3¸ÂFÙ¾"SÇÁ/ÉÊ4:ÃXTZ“W¡T‘’LWµ«=
[ 2695.940272][ T6209] vhci_hcd: stop threads
[ 2695.956961][ T6209] vhci_hcd: release socket
[ 2695.970730][ T4291] [U] J"—E:ÀÆ"


[ 2695.978734][ T6209] vhci_hcd: disconnect device
[ 2695.995188][ T4291] [U] ª‡Ó
[ 2696.002976][T20387] usb 7-1: USB disconnect, device number 56
[ 2696.010458][T30599] vhci_hcd: vhci_device speed not set
[ 2696.017866][T14058] elecom 0003:056E:00FE.0020: item fetching failed at offset 6/70
[ 2696.042075][T14058] elecom 0003:056E:00FE.0020: probe with driver elecom failed with error -22
[ 2696.680175][  T973] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[ 2697.219384][  T973] usb 4-1: Using ep0 maxpacket: 16
[ 2697.240459][  T973] usb 4-1: config 0 has an invalid descriptor of length 29, skipping remainder of the config
[ 2697.252322][T20387] usb 1-1: USB disconnect, device number 118
[ 2697.261043][  T973] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2697.308135][ T4323] UBIFS error (pid: 4323): cannot open "/dev/sg0", error -22
[ 2697.308237][  T973] usb 4-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 2697.356838][  T973] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2697.371187][ T4328] netlink: 4 bytes leftover after parsing attributes in process `syz.7.8143'.
[ 2697.396613][  T973] usb 4-1: config 0 descriptor??
[ 2698.083935][T26725] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[ 2698.093236][T26725] Bluetooth: hci5: Injecting HCI hardware error event
[ 2698.106268][T26725] Bluetooth: hci5: hardware error 0x00
[ 2699.635678][ T4346] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[ 2699.674410][  T973] usb 4-1: USB disconnect, device number 49
[ 2699.909280][T30599] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[ 2700.248410][T26725] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[ 2700.500675][T30599] usb 5-1: config 36 has an invalid descriptor of length 0, skipping remainder of the config
[ 2701.464473][T30599] usb 5-1: config 36 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2701.480565][T30599] usb 5-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=3d.29
[ 2701.497575][T30599] usb 5-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16
[ 2701.515165][T30599] usb 5-1: Manufacturer: syz
[ 2701.578979][ T4369] netlink: 'syz.7.8156': attribute type 4 has an invalid length.
[ 2701.597574][T30599] usb 5-1: SerialNumber: syz
[ 2701.611472][T30599] usb 5-1: can't set config #36, error -71
[ 2701.619659][T30599] usb 5-1: USB disconnect, device number 17
[ 2701.729299][  T973] usb 1-1: new high-speed USB device number 119 using dummy_hcd
[ 2702.311074][ T4377] UBIFS error (pid: 4377): cannot open "/dev/sg0", error -22
[ 2702.374202][ T4379] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8158'.
[ 2702.469395][  T973] usb 1-1: Using ep0 maxpacket: 8
[ 2703.394927][  T973] usb 1-1: config 0 has an invalid interface number: 151 but max is 0
[ 2703.418184][  T973] usb 1-1: config 0 has no interface number 0
[ 2703.449236][  T973] usb 1-1: config 0 interface 151 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 2703.484794][  T973] usb 1-1: config 0 interface 151 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83
[ 2703.525724][  T973] usb 1-1: config 0 interface 151 altsetting 0 endpoint 0x83 has invalid maxpacket 64466, setting to 1024
[ 2703.549794][  T973] usb 1-1: config 0 interface 151 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[ 2703.579135][  T973] usb 1-1: config 0 interface 151 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 2703.680949][  T973] usb 1-1: string descriptor 0 read error: -71
[ 2703.744964][  T973] usb 1-1: New USB device found, idVendor=0499, idProduct=500a, bcdDevice=e7.b7
[ 2704.675674][  T973] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2704.907015][  T973] usb 1-1: config 0 descriptor??
[ 2704.915798][  T973] usb 1-1: can't set config #0, error -71
[ 2704.978307][  T973] usb 1-1: USB disconnect, device number 119
[ 2705.936327][ T4418] FAULT_INJECTION: forcing a failure.
[ 2705.936327][ T4418] name failslab, interval 1, probability 0, space 0, times 0
[ 2706.023915][ T4418] CPU: 0 UID: 0 PID: 4418 Comm: syz.0.8168 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[ 2706.034647][ T4418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 2706.044701][ T4418] Call Trace:
[ 2706.047971][ T4418]  <TASK>
[ 2706.050896][ T4418]  dump_stack_lvl+0x241/0x360
[ 2706.055585][ T4418]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2706.060776][ T4418]  ? __pfx__printk+0x10/0x10
[ 2706.065357][ T4418]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[ 2706.071345][ T4418]  ? __pfx___might_resched+0x10/0x10
[ 2706.076629][ T4418]  should_fail_ex+0x3b0/0x4e0
[ 2706.081321][ T4418]  should_failslab+0xac/0x100
[ 2706.086108][ T4418]  ? __alloc_skb+0x1c3/0x440
[ 2706.090725][ T4418]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 2706.096553][ T4418]  ? genl_rcv_msg+0x88c/0xec0
[ 2706.101261][ T4418]  __alloc_skb+0x1c3/0x440
[ 2706.105698][ T4418]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2706.111786][ T4418]  ? __pfx___alloc_skb+0x10/0x10
[ 2706.116724][ T4418]  netlink_dump+0x2cd/0xd80
[ 2706.121230][ T4418]  ? __pfx_netlink_dump+0x10/0x10
[ 2706.126256][ T4418]  ? __asan_memset+0x23/0x50
[ 2706.130943][ T4418]  ? genl_start+0x4a8/0x6d0
[ 2706.135490][ T4418]  __netlink_dump_start+0x5a2/0x790
[ 2706.136550][T14058] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[ 2706.140799][ T4418]  genl_rcv_msg+0x88c/0xec0
[ 2706.140833][ T4418]  ? mark_lock+0x9a/0x360
[ 2706.157201][ T4418]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2706.162265][ T4418]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[ 2706.168168][ T4418]  ? __pfx_genl_start+0x10/0x10
[ 2706.173015][ T4418]  ? __pfx_genl_dumpit+0x10/0x10
[ 2706.177945][ T4418]  ? __pfx_genl_done+0x10/0x10
[ 2706.182738][ T4418]  ? __pfx_lock_acquire+0x10/0x10
[ 2706.187789][ T4418]  ? __pfx_batadv_bla_backbone_dump+0x10/0x10
[ 2706.193875][ T4418]  ? __pfx___might_resched+0x10/0x10
[ 2706.199199][ T4418]  netlink_rcv_skb+0x1e3/0x430
[ 2706.203997][ T4418]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 2706.209056][ T4418]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 2706.214361][ T4418]  ? __netlink_deliver_tap+0x77e/0x7c0
[ 2706.219843][ T4418]  genl_rcv+0x28/0x40
[ 2706.223853][ T4418]  netlink_unicast+0x7f6/0x990
[ 2706.228737][ T4418]  ? __pfx_netlink_unicast+0x10/0x10
[ 2706.234049][ T4418]  ? __virt_addr_valid+0x183/0x530
[ 2706.239193][ T4418]  ? __check_object_size+0x48e/0x900
[ 2706.244511][ T4418]  netlink_sendmsg+0x8e4/0xcb0
[ 2706.249312][ T4418]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2706.254633][ T4418]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2706.259934][ T4418]  __sock_sendmsg+0x221/0x270
[ 2706.264632][ T4418]  ____sys_sendmsg+0x52a/0x7e0
[ 2706.269456][ T4418]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2706.274792][ T4418]  __sys_sendmsg+0x292/0x380
[ 2706.279417][ T4418]  ? __pfx___sys_sendmsg+0x10/0x10
[ 2706.284577][ T4418]  ? __pfx_vfs_write+0x10/0x10
[ 2706.289415][ T4418]  do_syscall_64+0xf3/0x230
[ 2706.293962][ T4418]  ? clear_bhb_loop+0x35/0x90
[ 2706.298677][ T4418]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2706.304599][ T4418] RIP: 0033:0x7f192497e719
[ 2706.309037][ T4418] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2706.328848][ T4418] RSP: 002b:00007f1925697038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2706.337303][ T4418] RAX: ffffffffffffffda RBX: 00007f1924b36130 RCX: 00007f192497e719
[ 2706.345296][ T4418] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000004
[ 2706.353284][ T4418] RBP: 00007f1925697090 R08: 0000000000000000 R09: 0000000000000000
[ 2706.361279][ T4418] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2706.369271][ T4418] R13: 0000000000000001 R14: 00007f1924b36130 R15: 00007ffd1345f418
[ 2706.377282][ T4418]  </TASK>
[ 2707.040043][ T4426] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2707.719242][T14058] usb 5-1: Using ep0 maxpacket: 16
[ 2707.726181][T14058] usb 5-1: config 0 has an invalid descriptor of length 29, skipping remainder of the config
[ 2707.736092][ T4431] UBIFS error (pid: 4431): cannot open "/dev/sg0", error -22
[ 2707.737579][T14058] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2707.759684][T14058] usb 5-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 2707.779842][T14058] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2707.793526][ T4435] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8172'.
[ 2707.804038][T14058] usb 5-1: config 0 descriptor??
[ 2708.305130][ T2510] usb 5-1: USB disconnect, device number 18
[ 2708.417002][ T4441] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8174'.
[ 2713.589293][T14058] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[ 2714.622410][T14058] usb 5-1: Using ep0 maxpacket: 16
[ 2714.637348][T14058] usb 5-1: config 0 has an invalid descriptor of length 29, skipping remainder of the config
[ 2714.685056][ T4513] RDS: rds_bind could not find a transport for ::ffff:10.1.1.1, load rds_tcp or rds_rdma?
[ 2715.424440][T14058] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2715.508219][T14058] usb 5-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 2715.527938][T14058] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2715.538115][T14058] usb 5-1: config 0 descriptor??
[ 2715.569013][T14058] usb 5-1: can't set config #0, error -71
[ 2715.578815][T14058] usb 5-1: USB disconnect, device number 19
[ 2715.675117][ T4528] bond0: option resend_igmp: invalid value (7540)
[ 2715.756198][ T4528] bond0: option resend_igmp: allowed values 0 - 255
[ 2718.089476][ T2510] usb 1-1: new high-speed USB device number 120 using dummy_hcd
[ 2718.933938][ T2510] usb 1-1: Using ep0 maxpacket: 16
[ 2719.044293][ T2510] usb 1-1: config 0 has an invalid interface number: 8 but max is 0
[ 2719.067702][ T2510] usb 1-1: config 0 has no interface number 0
[ 2719.137795][ T2510] usb 1-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x2C, changing to 0xC
[ 2719.323591][ T2510] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[ 2719.559190][ T2510] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 2719.568284][ T2510] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 2719.612494][ T2510] usb 1-1: Product: syz
[ 2719.616740][ T2510] usb 1-1: SerialNumber: syz
[ 2719.661151][ T2510] usb 1-1: config 0 descriptor??
[ 2719.691685][ T2510] usbhid 1-1:0.8: couldn't find an input interrupt endpoint
[ 2719.961469][ T4581] UBIFS error (pid: 4581): cannot open "/dev/sg0", error -22
[ 2719.969587][  T973] usb 1-1: USB disconnect, device number 120
[ 2720.168837][ T4586] netlink: 4 bytes leftover after parsing attributes in process `syz.4.8212'.
[ 2721.269200][ T4574] RDS: rds_bind could not find a transport for ::ffff:10.1.1.1, load rds_tcp or rds_rdma?
[ 2721.402919][ T3631] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[ 2722.139813][ T3631] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2722.159252][ T3631] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 2722.168532][ T3631] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2722.211193][ T3631] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2722.229647][ T3631] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2722.247978][ T3631] usb 5-1: Product: syz
[ 2722.279139][ T3631] usb 5-1: Manufacturer: syz
[ 2722.309201][ T3631] usb 5-1: SerialNumber: syz
[ 2722.353020][ T3631] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[ 2722.374838][ T3631] cdc_ncm 5-1:1.0: bind() failure
[ 2723.023267][ T4617] siw: device registration error -23
[ 2723.608768][T20387] usb 5-1: USB disconnect, device number 20
[ 2723.786486][T30443] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2724.196049][T30443] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2724.208670][T24597] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2724.222714][T24597] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2724.239324][T24597] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2724.253200][T24597] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2724.485307][T30443] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2724.519796][T24597] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 2724.527186][T24597] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2724.866824][ T4631] fuse: Bad value for 'fd'
[ 2725.356949][ T4626] lo speed is unknown, defaulting to 1000
[ 2725.729360][T30443] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2726.592272][T30443] bridge_slave_1: left allmulticast mode
[ 2726.631445][T30443] bridge_slave_1: left promiscuous mode
[ 2726.689633][T30443] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2727.031052][T30443] bridge_slave_0: left allmulticast mode
[ 2727.039354][T24597] Bluetooth: hci3: command tx timeout
[ 2727.078760][T30443] bridge_slave_0: left promiscuous mode
[ 2727.248224][T30443] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2729.129413][T24597] Bluetooth: hci3: command tx timeout
[ 2731.199500][T24597] Bluetooth: hci3: command tx timeout
[ 2733.279185][T24597] Bluetooth: hci3: command tx timeout
[ 2733.351459][T30443] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2733.385577][T30443] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2733.429470][T30443] bond0 (unregistering): Released all slaves
[ 2734.005405][T30443] bond1 (unregistering): (slave batadv1): Releasing active interface
[ 2734.017708][T30443] bond1 (unregistering): Released all slaves
[ 2734.033109][ T4626] chnl_net:caif_netlink_parms(): no params data found
[ 2734.229923][T30443] ------------[ cut here ]------------
[ 2734.235543][T30443] WARNING: CPU: 1 PID: 30443 at net/l2tp/l2tp_core.c:1877 l2tp_exit_net+0x13b/0x170
[ 2734.245957][T30443] Modules linked in:
[ 2734.250030][T30443] CPU: 1 UID: 0 PID: 30443 Comm: kworker/u8:2 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[ 2734.261156][T30443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 2734.271339][T30443] Workqueue: netns cleanup_net
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 2734.276151][T30443] RIP: 0010:l2tp_exit_net+0x13b/0x170
[ 2734.281608][T30443] Code: e8 1a db ad f6 85 db 74 45 e8 d1 d6 ad f6 4c 89 ff 5b 41 5c 41 5e 41 5f e9 c2 68 d0 00 e8 bd d6 ad f6 eb 05 e8 b6 d6 ad f6 90 <0f> 0b 90 e9 3b ff ff ff e8 a8 d6 ad f6 eb 05 e8 a1 d6 ad f6 90 0f
[ 2734.301580][T30443] RSP: 0018:ffffc90004747a98 EFLAGS: 00010293
[ 2734.307963][T30443] RAX: ffffffff8ae712f3 RBX: ffff888065137920 RCX: ffff88802607bc00
[ 2734.316263][T30443] RDX: 0000000000000000 RSI: ffffffff8c0adc40 RDI: ffffffff8c603720
[ 2734.324426][T30443] RBP: ffffc90004747bb0 R08: ffffffff901bde6f R09: 1ffffffff2037bcd
[ 2734.333163][T30443] R10: dffffc0000000000 R11: fffffbfff2037bce R12: dffffc0000000000
[ 2734.341238][T30443] R13: 1ffffffff1fd8f8c R14: ffff8880651378d8 R15: ffff888065137800
[ 2734.349282][T30443] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[ 2734.358445][T30443] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2734.365133][T30443] CR2: 0000555561a8c808 CR3: 000000000e734000 CR4: 00000000003526f0
[ 2734.373292][T30443] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2734.381708][T30443] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2734.389988][T30443] Call Trace:
[ 2734.393292][T30443]  <TASK>
[ 2734.396873][T30443]  ? __warn+0x168/0x4e0
[ 2734.401128][T30443]  ? l2tp_exit_net+0x13b/0x170
[ 2734.405926][T30443]  ? report_bug+0x2b3/0x500
[ 2734.410504][T30443]  ? l2tp_exit_net+0x13b/0x170
[ 2734.415300][T30443]  ? handle_bug+0x60/0x90
[ 2734.419713][T30443]  ? exc_invalid_op+0x1a/0x50
[ 2734.424423][T30443]  ? asm_exc_invalid_op+0x1a/0x20
[ 2734.429576][T30443]  ? l2tp_exit_net+0x133/0x170
[ 2734.434368][T30443]  ? l2tp_exit_net+0x13b/0x170
[ 2734.439207][T30443]  ? l2tp_exit_net+0x133/0x170
[ 2734.444004][T30443]  cleanup_net+0x802/0xcc0
[ 2734.448452][T30443]  ? __pfx_cleanup_net+0x10/0x10
[ 2734.453461][T30443]  ? preempt_schedule_thunk+0x1a/0x30
[ 2734.458877][T30443]  ? process_scheduled_works+0x976/0x1850
[ 2734.464710][T30443]  process_scheduled_works+0xa63/0x1850
[ 2734.470359][T30443]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2734.476386][T30443]  ? assign_work+0x364/0x3d0
[ 2734.481124][T30443]  worker_thread+0x870/0xd30
[ 2734.485753][T30443]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 2734.491932][T30443]  ? __kthread_parkme+0x169/0x1d0
[ 2734.497002][T30443]  ? __pfx_worker_thread+0x10/0x10
[ 2734.502440][T30443]  kthread+0x2f0/0x390
[ 2734.506543][T30443]  ? __pfx_worker_thread+0x10/0x10
[ 2734.511724][T30443]  ? __pfx_kthread+0x10/0x10
[ 2734.516342][T30443]  ret_from_fork+0x4b/0x80
[ 2734.521204][T30443]  ? __pfx_kthread+0x10/0x10
[ 2734.525825][T30443]  ret_from_fork_asm+0x1a/0x30
[ 2734.530667][T30443]  </TASK>
[ 2734.533716][T30443] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 2734.541008][T30443] CPU: 1 UID: 0 PID: 30443 Comm: kworker/u8:2 Not tainted 6.12.0-rc7-syzkaller-00070-g0a9b9d17f3a7 #0
[ 2734.551962][T30443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[ 2734.562038][T30443] Workqueue: netns cleanup_net
[ 2734.566846][T30443] Call Trace:
[ 2734.570133][T30443]  <TASK>
[ 2734.573065][T30443]  dump_stack_lvl+0x241/0x360
[ 2734.577782][T30443]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2734.583080][T30443]  ? __pfx__printk+0x10/0x10
[ 2734.587667][T30443]  ? _printk+0xd5/0x120
[ 2734.591825][T30443]  ? __init_begin+0x41000/0x41000
[ 2734.596881][T30443]  ? vscnprintf+0x5d/0x90
[ 2734.601216][T30443]  panic+0x349/0x880
[ 2734.605111][T30443]  ? __warn+0x177/0x4e0
[ 2734.609263][T30443]  ? __pfx_panic+0x10/0x10
[ 2734.613678][T30443]  ? show_trace_log_lvl+0x3b2/0x410
[ 2734.618879][T30443]  ? ret_from_fork_asm+0x1a/0x30
[ 2734.623824][T30443]  __warn+0x34b/0x4e0
[ 2734.627804][T30443]  ? l2tp_exit_net+0x13b/0x170
[ 2734.632575][T30443]  report_bug+0x2b3/0x500
[ 2734.636921][T30443]  ? l2tp_exit_net+0x13b/0x170
[ 2734.641689][T30443]  handle_bug+0x60/0x90
[ 2734.645844][T30443]  exc_invalid_op+0x1a/0x50
[ 2734.650348][T30443]  asm_exc_invalid_op+0x1a/0x20
[ 2734.655198][T30443] RIP: 0010:l2tp_exit_net+0x13b/0x170
[ 2734.660574][T30443] Code: e8 1a db ad f6 85 db 74 45 e8 d1 d6 ad f6 4c 89 ff 5b 41 5c 41 5e 41 5f e9 c2 68 d0 00 e8 bd d6 ad f6 eb 05 e8 b6 d6 ad f6 90 <0f> 0b 90 e9 3b ff ff ff e8 a8 d6 ad f6 eb 05 e8 a1 d6 ad f6 90 0f
[ 2734.680263][T30443] RSP: 0018:ffffc90004747a98 EFLAGS: 00010293
[ 2734.686327][T30443] RAX: ffffffff8ae712f3 RBX: ffff888065137920 RCX: ffff88802607bc00
[ 2734.694296][T30443] RDX: 0000000000000000 RSI: ffffffff8c0adc40 RDI: ffffffff8c603720
[ 2734.702274][T30443] RBP: ffffc90004747bb0 R08: ffffffff901bde6f R09: 1ffffffff2037bcd
[ 2734.710241][T30443] R10: dffffc0000000000 R11: fffffbfff2037bce R12: dffffc0000000000
[ 2734.718309][T30443] R13: 1ffffffff1fd8f8c R14: ffff8880651378d8 R15: ffff888065137800
[ 2734.726287][T30443]  ? l2tp_exit_net+0x133/0x170
[ 2734.731071][T30443]  ? l2tp_exit_net+0x133/0x170
[ 2734.735836][T30443]  cleanup_net+0x802/0xcc0
[ 2734.740254][T30443]  ? __pfx_cleanup_net+0x10/0x10
[ 2734.745197][T30443]  ? preempt_schedule_thunk+0x1a/0x30
[ 2734.750570][T30443]  ? process_scheduled_works+0x976/0x1850
[ 2734.756289][T30443]  process_scheduled_works+0xa63/0x1850
[ 2734.761859][T30443]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2734.767845][T30443]  ? assign_work+0x364/0x3d0
[ 2734.772438][T30443]  worker_thread+0x870/0xd30
[ 2734.777060][T30443]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 2734.782953][T30443]  ? __kthread_parkme+0x169/0x1d0
[ 2734.787977][T30443]  ? __pfx_worker_thread+0x10/0x10
[ 2734.793087][T30443]  kthread+0x2f0/0x390
[ 2734.797150][T30443]  ? __pfx_worker_thread+0x10/0x10
[ 2734.802263][T30443]  ? __pfx_kthread+0x10/0x10
[ 2734.806847][T30443]  ret_from_fork+0x4b/0x80
[ 2734.811264][T30443]  ? __pfx_kthread+0x10/0x10
[ 2734.815851][T30443]  ret_from_fork_asm+0x1a/0x30
[ 2734.820624][T30443]  </TASK>
[ 2734.823918][T30443] Kernel Offset: disabled
[ 2734.828310][T30443] Rebooting in 86400 seconds..