last executing test programs:

10m56.109158936s ago: executing program 1 (id=1387):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000002000000b7030000faffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f0000000080)='kmem_cache_free\x00', r0, 0x0, 0xfffffffffffffffb}, 0x18)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = eventfd2(0x0, 0x0)
io_submit(0x0, 0x2, &(0x7f00000000c0)=[&(0x7f0000000000)={0x1802, 0x0, 0x0, 0x5, 0xfffd, r1, 0x0, 0x0, 0x0, 0x0, 0x3, r2}, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, r2}])
shutdown(r1, 0x0)

10m55.976264615s ago: executing program 1 (id=1389):
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$inet6(0xa, 0x3, 0xfe)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket(0xa, 0x3, 0x3a)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x100)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_rdma(0x10, 0x3, 0x14)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, 0x0, &(0x7f0000000040))
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

10m54.761152977s ago: executing program 1 (id=1392):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
sendmsg$key(r0, &(0x7f00000007c0)={0x300, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=ANY=[@ANYBLOB="020a06000300000028bd7008fcd1df250100", @ANYRES8=r1], 0x18}}, 0x40)

10m54.653077394s ago: executing program 1 (id=1394):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000990000000d"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r2, 0x0, 0x415}, 0x18)
unshare(0x64000600)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$unix(0x1, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000600)=@raw={'raw\x00', 0x8, 0x3, 0x4c0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f0, 0xffffffff, 0xffffffff, 0x3f0, 0xffffffff, 0xb, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x1c8, 0x230, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@set2={{0x28}, {{0x0, 0x40}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)

10m45.258334132s ago: executing program 1 (id=1425):
r0 = socket$inet6(0x10, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0xe, 0x4, 0x4, 0x9, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000380)='neigh_update\x00', r2}, 0x10)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

10m43.147598881s ago: executing program 1 (id=1432):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000540)={@cgroup, 0xffffffffffffffff, 0x16, 0x0, 0x0, @void, @value}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000280)=@tcp6, 0x1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000000080)={'wg2\x00'})
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
r3 = socket(0xc78c5279aa06df02, 0x3, 0xea2e)
sendmsg$nl_route(r3, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@ipv6_newnexthop={0x2c, 0x68, 0x1, 0x0, 0x25dfdbfe, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@loopback}]}, 0x2c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xf, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3122}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xe3d08660d3cd4684})
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c000000020681010000000000000000000000000500050002000000050001000700000005000400030000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x50, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)

10m27.715498374s ago: executing program 32 (id=1432):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000540)={@cgroup, 0xffffffffffffffff, 0x16, 0x0, 0x0, @void, @value}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000280)=@tcp6, 0x1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000002c7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r2, 0x8933, &(0x7f0000000080)={'wg2\x00'})
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
r3 = socket(0xc78c5279aa06df02, 0x3, 0xea2e)
sendmsg$nl_route(r3, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@ipv6_newnexthop={0x2c, 0x68, 0x1, 0x0, 0x25dfdbfe, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@loopback}]}, 0x2c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xf, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3122}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xe3d08660d3cd4684})
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c000000020681010000000000000000000000000500050002000000050001000700000005000400030000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x50, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)

10m3.983177161s ago: executing program 4 (id=1519):
r0 = fsopen(&(0x7f0000000200)='mqueue\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000002010000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x80, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='rss_stat\x00', r3}, 0x10)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
mknodat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYRES8], 0x50)
syz_clone(0x8000, 0x0, 0x0, 0x0, 0x0, 0x0)

10m3.622359892s ago: executing program 4 (id=1522):
unshare(0x2c020400)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000008c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000fc850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xfffffffffffffffc}, 0x18)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_LEAVE(r1, 0x10f, 0x88)

10m2.398247046s ago: executing program 4 (id=1525):
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x3b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
syz_open_dev$usbfs(0x0, 0x77, 0x41341)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
pipe2$9p(&(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
write$P9_RLERRORu(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="1000005301cfd6020003002c5c3a0200"], 0x10)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x48}, 0x1, 0x0, 0x0, 0x8000}, 0x20050800)

9m59.774736017s ago: executing program 4 (id=1528):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0xa, 0x9, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYRES32, @ANYBLOB="05"], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f0000000340), &(0x7f0000000040)=@tcp=r0}, 0x20)
sendto$inet(r0, &(0x7f00000004c0)="aafa209bdea1098f3ef4b9e2dbf1f2279dff64b6da8a409f3cf9c9d22ec202057525a1e0f99749b6bc18a5f01461c5f2c6574162deb31a4f962b8aad", 0x3c, 0x44080, 0x0, 0x0)

9m59.543384286s ago: executing program 4 (id=1530):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="06000000040000009900"], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000014c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000040)='sched_switch\x00', r2, 0x0, 0x415}, 0x18)
unshare(0x64000600)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$unix(0x1, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000600)=@raw={'raw\x00', 0x8, 0x3, 0x4c0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f0, 0xffffffff, 0xffffffff, 0x3f0, 0xffffffff, 0xb, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0x1c8, 0x230, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@set2={{0x28}, {{0x0, 0x40}}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)

9m57.075081741s ago: executing program 4 (id=1534):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000540)={@cgroup, 0xffffffffffffffff, 0x16, 0x0, 0x0, @void, @value}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000280)=@tcp6, 0x1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000080)={'wg2\x00'})
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
r2 = socket(0xc78c5279aa06df02, 0x3, 0xea2e)
sendmsg$nl_route(r2, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@ipv6_newnexthop={0x2c, 0x68, 0x1, 0x0, 0x25dfdbfe, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@loopback}]}, 0x2c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xf, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3122}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xe3d08660d3cd4684})
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c000000020681010000000000000000000000000500050002000000050001000700000005000400030000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x50, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)
rmdir(0x0)

9m41.557226751s ago: executing program 33 (id=1534):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000540)={@cgroup, 0xffffffffffffffff, 0x16, 0x0, 0x0, @void, @value}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f0000000280)=@tcp6, 0x1}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r1, 0x8933, &(0x7f0000000080)={'wg2\x00'})
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
r2 = socket(0xc78c5279aa06df02, 0x3, 0xea2e)
sendmsg$nl_route(r2, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@ipv6_newnexthop={0x2c, 0x68, 0x1, 0x0, 0x25dfdbfe, {}, [@NHA_GATEWAY={0x14, 0x6, @in6_addr=@loopback}]}, 0x2c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x18, 0xf, &(0x7f00000002c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3122}, {}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, @void, @value}, 0x94)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000380)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x0, 0xe3d08660d3cd4684})
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x80000)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="4c000000020681010000000000000000000000000500050002000000050001000700000005000400030000000900020073797a310000000011000300686173683a6e65742c6e6574"], 0x4c}, 0x1, 0x0, 0x0, 0x4040000}, 0x800)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)={0x50, 0x9, 0x6, 0x201, 0x0, 0x0, {0x3}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @remote}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010101}}]}]}, 0x50}, 0x1, 0x0, 0x0, 0xd24f4d5778621d46}, 0x4)
rmdir(0x0)

8.288550269s ago: executing program 3 (id=3388):
r0 = inotify_init1(0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x103a42, 0x0)
inotify_add_watch(r0, &(0x7f0000000340)='./file0\x00', 0x203)
ftruncate(r1, 0x6000000)
pread64(r1, &(0x7f0000000200)=""/122, 0x7a, 0x8)

8.181684776s ago: executing program 3 (id=3389):
r0 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f00000004c0)={'ip6_vti0\x00', &(0x7f0000000740)={'syztnl2\x00', 0x0, 0x2f, 0x0, 0x3, 0x0, 0x4e, @local, @mcast1, 0x10, 0x7, 0x2, 0x8}})
r1 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x559200, 0x0)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, &(0x7f0000000040)=[{{0x2, 0x0, 0x1}, {0x3, 0x1, 0x1}}], 0x8)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r0, 0x89f2, &(0x7f0000000600)={'syztnl1\x00', 0x0})

7.941039411s ago: executing program 3 (id=3391):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x4c881, &(0x7f0000000540)={0xa, 0x4e24, 0x0, @mcast2}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003300)=[{{&(0x7f0000001a40)={0xa, 0x4e21, 0x0, @remote}, 0x1c, 0x0}}], 0x1, 0x400c404) (fail_nth: 1)

7.66092453s ago: executing program 3 (id=3393):
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x8031, 0xffffffffffffffff, 0x209f0000)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00'})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2041, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000000000/0x3000)=nil, r7, 0x1, 0x4000812, r8, 0x100000)
syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
syz_emit_ethernet(0x0, 0x0, 0x0)
r9 = socket(0x15, 0x5, 0x0)
getsockopt(r9, 0x200000000114, 0x271f, &(0x7f0000c35fff)=""/1, 0x0)
symlinkat(&(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0100000004000000060000000b000000000000", @ANYRESDEC=r0, @ANYBLOB, @ANYRES32=0x0, @ANYRES64=r1, @ANYBLOB="000000000000000000000000c3edcb58f1ec35f1000000000000000022c89e356cd6142d5add1c25cbe81ed46a760df0c7f8eb920a8ab4f0b82e334596ffcd14b5c193748714f603fc313e321470d68e609574a6644e05d7dafd5ceb2948bb839bc57b033eafe76195ecde062b8cc902b6ce7c8061cb54653180cec5a6e45d338b96f8c21647ea11fcaf9b63ccc8ccefc7611085272ecbdf767e36d82c7fda05a04b29ed9d2074c7ee5c19e7cdc093bb6aac9c6ee9f248c568a99fa40d"], 0x50)
sendmsg$nl_xfrm(r9, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000002c0)={&(0x7f00000000c0)=@newspdinfo={0x14, 0x24, 0x100, 0x70bd2b, 0x25dfdbff, 0x8}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x4)

6.368704369s ago: executing program 2 (id=3399):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
r3 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = syz_kvm_setup_syzos_vm$x86(r4, &(0x7f0000c00000/0x400000)=nil)
syz_kvm_add_vcpu$x86(r5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000280)=ANY=[@ANYBLOB="7912b8000000000061138c0000000000bf2000000000000015000000080063033d030100000000009500003a000000006916000000000000bf6700000000000066060500fcff03006706000002000000760300000ee60060bf050000000000003c650000000000006507f9ff01000000070700004cdfffff1e75040000000000bf54000000000000070400000400f9ffad43010000000000d5000000000000000500000000000000950000000000000032410000000000000054bb12dc8c27df8ecfc7bdd2d17f2f1754558f22dd399703d6c4f6f3be0b369289aa6812b8e007e733a9a4f16d0a3e1282ee45a010fb94fe9de56c9d8a814261bdb94a05000000c6c60bf7a13ba1fcf1111ce4fc0d742a81762bab8395fa64810b5b40d893ea8fe0ffffff7f1b546cad3f1d5af65706fd4f68795cce6cf16ab689b555202da2e0ec2871a51445dc8da39e5b0ab71ca9b901627b562ed84b026002d4519af619e3cca4d69e0dee080006774a8f3e691700ec88158f02001b0000c81c8b297dff0445a13d0045fb3cda32a673a6bb55d8c80800dce431e56723888fb126a1403d2b63f16fb2ad9bc117aba7cbebe174aba210d739a018f9bbec63222d20cedbc4d03723f1c932b3a6aa57f1ad2e99e0e67a993716d20000009f0f53acbb40b401e3738270b3156268784f2af9e4bcf8b07a10d6735154be1602f9dd1d7d4301e00000000000460bcc5989ec85e3cbcb6bcfaf0000000000000000bc00f674629709e7e78f4ddc211bc3ebf0bd9d42ca019dd5d0861cd64722cf74686ebfbe2562671cd47840f81d2a8f8f9be3bcd19dc6840aa7afaab43176e65ec1118d50d1e827f3472f4445d253887a5ad103649afa17690884f800031e03a651bb96589a7eab049b1bd47287cd31cc43ea0ffb567b40407d000000000000000000000000005f37d83f84e98a523d80bd0d0d703f37ca363f601ae899a56715a0a62a26a0f6a5480a55c22fe394ae0000000000000000000000000000437d57defb79ea000500000000000000000000f014a4a318ba48d35ae9f438000000000000db894b62a614cb1fdd46619c5d2200000000000700000000000000000000006dcd2f421400f69947e4f26e099c9e8369080663c909b7e7c87e3b5e8e5a6df77c8f7338cd5a85f211a41b5d529d4243e47d7ab0d5991756b59d363ba30b18fc2ff189a4e8db38ab97c6a125e2785619e84c6a2b50f0e3ff83ef5149aff43dc899fdebdc2c496e6bdd4dd4d21f06fe133f4444272c5f0839ad663100452a6c6b6421f7e89a33b339401eee2cd466ab2a93a1ee7fb8a9e455ba1c6e17b02a1cd7bf35d36cf5b2a0f063469ae0d0b9fc042b48e98626eb0f9754d8cbbefa3079fe63063047baff09e9aaf7600000fba9a88db9ebef86f7cb522a784bb6d37e5f802757a15c6735138b493db9df53440a63fc565a0b190a710ae1e6807cbeb415ac841e94b706974160a60a14e571274f333d23186143b95514c79b50994cb39cda343bda8f01cf8ec7cdfdace0289e83ce50a57d68bfecfaf69fe7ff5b0375a47d3eb57b41d8a0589b82a1cf1149ba3f21ea2b65433321eb1a6f04ecc713c2b26d27baa49e54c2babec86335b9f418b5a5eb997bc9dd65197124b9aa80fc4aa8defb986bf05c41b919886bb81ecd3d24cf9ecc7004000000000000002c70d32f5d55ef2a2cf7560cb2884f46a92b3c25550f73e407fc5d514b2b7a6b690e290e676266addb7d96e723dec9c418eec8c48dffb6f432b4d5fef16e4f0051ba7efc690022c3f62b37cb5682d8bfdfc637ad3bf089ef0117bcd395322fcfb8e8e0a6e2babceb5f289b1d991770681192bcd0b584c3497e455f30ab918a690514a87a7d8e1d5f169a4e680e9c390071d26f2e0e26fc062f2785f14c0404fe01fb4000000000000000577dcb1698a9021a36d73ed03651c1937b2c84046023a1a0a87b208e33ad2d7c2892b176877264e1d699b7401eb917b289f6f67060fda0fa44b54bd87517a2bf09dba7209e41db4288b61bda5960952c45e5c55f2cd68bf9c6ff33e46109584bf42e8696ef1876564fef6f24cbbed0db8ab7fda1ffcc8c9fd4ab2cbe8f8df8e5535b12a942a948eacdaf308d48932064cfc3329da74f6f3e4409d6764a29680e312bf1a0143180e6493c9201ea916e6c9b2566c558ad88d9f7c0aebf82f5807eecefa97ada9bbd9e478e5d7748ee188bc719ca7a73dce5b6758a767c4c6b7572ab25eb2d73986379d5685cb438fe7091d097cc8f33fc0f83dee76603d6580f1c8fc4c37efd305ccc5a25678180425718bb9344e60dda8dae2677bb602d29aa0810616a2fdbca7020d72291b592b84223e2522ee01f5bdaa0fc4eb8d71d948a2baccf3ea2aa79d4d9069d8c0000000000000000000000321cd67859b4567badee56f158406f08683bdc5ffe2dedc916000c71f922fa2dfead7535999436a4aeb908781893479319b8b55e00d90ae6f09f06be2a0fc0bc17bef53331208112a0132350c0c5dd4607547079acc9471300dea6ae01742dccdae69f932cef80bca1bfcb57b9c852cf8358a580044772a80f20de36f707385380155be8907029d039a1d1447fc06b7020221e0d439f3f47edcf12f913dc8b6389a540340ae37804728ea65352e630c2e90424d58d72fdc1b28403e1dc7aad238b81df3b2d4166d656c6a9c73554bdf4f7312a4c0271e0eb45b4a596b7fa928ac3683f09fdaca46226c1df2c6c866cb4412d17d3d52c38cf0f7bd3b0eea2d4e06d061bb1b7c8c52f37f4036932d00028abd4527ffd639d7b16860033754ab13419429e5e39f290751ab6bd9392aef5519cd8c16e1f1cb1f225cc84a1a62497c1e436142fe28048a2b4d133905814a1808bc5b3e45eaa9eaebd946bee806968aeeb5a9eed87eba3d25d0b412a1b4cf2d419a58b09fc275c4395a0bd332eb538321465043e5967dd22459d0f52190a37f93ab823431a81fa6f54de61637fd473e19a6f567fead100e7d8cac149b66ebe9973af846146c62065a64854ed21e8b6f6fbe78474b753915a42efcb7da8ad18bacff8d69e0af1ca1f8174530a21820738412b100b54ee9b4a0dc22d5fe1cadecaea73fbfad087b19ce53177488d230539c5174f572a539d9d7c42698aa82bccf030ad393f25c10baa17e919f647d0e31877b7a6c1d8d86583f884a0c1da07b9b6dced06cdeb0094aa635a82f233b5993926b8970a0840ba116a7d20a40efb3bd03c4bdf380a2510a0a1ea69811ded68943c71218b42783b38959753978f222e1396b9b36dee2ce205122a000577cab29f48bff4f88c417e6bf5fb430d925596f29aca8677ca5a113aeaa5e0252ca17244d6c76e78ff1bbd81a71c4dfc72431d7f1126f8bdbf4056ee0f58a1bf83d53b1de07489541182dc4ee0f573c25b6c15dad930bc7a770b5a4f407d7a879db7185f15f80100000000000000739cc97db66ec6b925955d9a591808947fdd8d484ad27353230a449fdf87fc46c73b852fec931cfb6718acf3315bf5e577d00beb77c5514bc05d576a81345a03ad7aae74c5d2b77d45718348aed4fcbcd1441ff31b8f038824a989a9446a4a69367b228b3d174230b7320fc4d3c03368db573816dd0c04e65d6f8ce48283e76abdddbb965e0b2568e93c9cc5494a55421793f562c50c53f876cbde93c5cc7a3099c99d9775af010ba093f8a13b771782a3cfb24fbde6ef763e20c613164ab014d1906c4e098f1431b6b2886a155c4bac2911d7ee6a646f5913205ebd175e68975b93c330e4f9131788026b3b7cd5b6452c9e17452ac70000000000000000000000c71185f72436640fd4294fc3da230f9065095be47d7a848df12316c3c8b184fe110b061987fd79cf7d83443e69d08e2e839ae4fbe26ef7764f4870ef3bd0ec12eb45f60ca10dbfe329271f0bc93b28798e982e0dd32fc14bd4313c63b2dbb568f33fb45acad2dc7f438ea162c0709c0bbe1ea13e1e47399286e8143f400d7adf5f891f547c7e69e455706626814ee49274667f47769293451fd49885a152b8d2cf18febc7993f4a93893c6c7b7e46a230359ef2443e6bb9f50bb0faa5eaafd3ed6d551600c46b58a29fd7ccbbb0616f0be27302b683eccd742791d97f4a1daa0447f004426fd09b67d926f51525da63987bc73af35b28277879089b89fff6edab2fa1caf660a46a1a9f09e2d255b1c4be95c7c33dc81857f580e36c0a78d94dd879ee18de4a6475858d2ded2e3427ae007cc6f8e5e99aa146667f71ad83f3ddcf5db2dc396d7da499b65cd98125f20c284fc84d6a70be1de44b49c82022225292199c75cc26beab98dce4c331ed722f01d0d6314a72416814a565f4d90a5f8a255810f23541082f4b06f451e4724cd882f4d589600000000005854ca490d7df9cc293547c9a51aecc7a92f417f6a4d327737f1b198252358832dbe43507844a0cc112af4ce457c173fa64174ffd5ab9501eeb85508ebb60e169c0736c5960f2fe0879c77fff7b241439686cb4db435d6a7aa7c1f4a6433e77d3e547bbe6cf5b5d93a491ab4bba1ea7a1e6f37618b1d74cff3630d85a210092211be1ec12a30891eef590b19cdde055d626818c64e1c56b8918f33441a64b54946571b7bc70fb065d3bb1647f6f989ab8159e6d1cfa6c0ec7329d7d2263ca22144bf17d8692f03b592bd0f610096094da096233984e95b9a8216a6e60a104ae0bb5f77ac70b4390ea2cb6f6c40c928fae489f447240a25fd0a5bd9d5b6cd2a98f8804862922c11229c4e45c765e4d3348af3d3aadd5cc24b3943"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
syz_kvm_add_vcpu$x86(r5, &(0x7f0000000000)={0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="00000000000000001800000000000000000000000000000001000000000000005200000000000000700a470f2131650fa265363e410f01c8"], 0x6a})
ioctl$KVM_CAP_DISABLE_QUIRKS2(r1, 0x4068aea3, &(0x7f0000000080)={0xd5, 0x0, 0x46})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xa, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1, 0x8f}], {0x95, 0x0, 0x700}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

6.116291596s ago: executing program 0 (id=3402):
r0 = socket(0x2a, 0x2, 0x0)
ioctl$SIOCSIFMTU(r0, 0x8932, &(0x7f00000000c0)={'pimreg\x00'})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x44, 0x0, &(0x7f0000000900)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
r2 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
fcntl$getownex(r4, 0x10, &(0x7f0000000340))
sendmmsg$unix(r5, &(0x7f0000000880), 0x0, 0x20000040)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key(&(0x7f0000000040)='ceph\x00', 0x0, &(0x7f00000000c0)="010001000000000000001000015b097ead85847817353d2dbad05dd5", 0x1c, 0xfffffffffffffffd)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x29, &(0x7f0000000300)=0x20, 0xfffffffffffffef6)
write$binfmt_misc(r6, &(0x7f0000000300), 0x6)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x58, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x1a3, 0x655c, 0x4, 0x40, 0x7fffffff, 0x7fffffff, 0x80, 0xffffffff, 0x1}}}}]}, 0x58}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4000)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0xb, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x47, '\x00', 0x0, @fallback=0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

5.172964566s ago: executing program 6 (id=3404):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x10022, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='attr/current\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}})
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004200)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c0000005e0001000000000000000000050002"], 0x1c}}, 0x0)

4.873456945s ago: executing program 3 (id=3406):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
personality(0x5000004)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x40f0e4ee2f432281})
io_uring_enter(0xffffffffffffffff, 0x24ea, 0x200000, 0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x87}, @printk={@i, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x1}}]}, &(0x7f0000000080)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94)

4.857257488s ago: executing program 6 (id=3407):
syz_usb_connect(0x5, 0x1a2, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b6a57e4086805b0bc5e10102030109029001020000000009040000020e0100000a2401002200020102092100000001220000090500000000000000a7008d566539461c701919d99a91c3af134dfaf61ea66b8f08810855d90c55c91f11c4a6d847caf7b449c6c760e60f6b890d99ed23074bf2538ca7bba727dfe7c00b90d0bc7f2da56768ed5ce8df38c07183564831596fd52da49a92adafa6277df5a120c898fc51ca04089f110dfbe1b258e9b9a83bf95fb0a4a24ca6acae78e1c291f671fcdca77c7128d319f7a4b51bbc2ed4bab8aac95498fb6033f760602c1a8b1eac2150072501000000000905000000000000000725010000000007250100000000090400000eb03748000a2401000000020102052405"], 0x0)
r0 = syz_open_dev$midi(&(0x7f0000000040), 0xb6, 0x48041)
r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000080), 0x2000, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f, 0xe0000000, 0x5e490420, 0x2, 0xffff, 0x0, 0x0, 0xf4, 0x0, 0xc00, 0x8}}, 0x50)
inotify_rm_watch(r1, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000600)={<r4=>0xffffffffffffffff})
bind$tipc(r4, &(0x7f0000000640)=@nameseq={0x1e, 0x1, 0x0, {0x43, 0x3, 0x1}}, 0x10)
ioctl$VIDIOC_G_INPUT(r1, 0x80045626, &(0x7f00000001c0))
r5 = socket(0x11, 0x3, 0x0)
r6 = socket(0x2b, 0x80801, 0x1)
setsockopt$ARPT_SO_SET_REPLACE(r6, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3f0, 0x1f8, 0x1f8, 0x110, 0x308, 0x308, 0x308, 0x7fffffe, 0x0, {[{{@arp={@local, @local, 0xff, 0xffffff00, 0xa, 0x9, {@empty, {[0xff, 0xff, 0xff, 0xff, 0xff]}}, {@empty, {[0xff, 0x0, 0x0, 0x0, 0x0, 0xff]}}, 0x1, 0x2, 0xf, 0x7, 0x7, 0xfff, 'gretap0\x00', 'vlan0\x00', {}, {}, 0x0, 0x28e}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@local, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x2, 0x1}}}, {{@uncond, 0xc0, 0xe8, 0x0, {0x0, 0x1e03}}, @unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x8de, 0x400}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @multicast1, @broadcast, 0x2, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r8=>0x0})
bind$packet(r5, &(0x7f0000000180)={0x11, 0x0, r8, 0x1, 0x0, 0x6, @dev}, 0x14)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000240)=0xe9, 0x4)
sendmsg$netlink(r5, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="02011400012918000e3580009f0001140000002f0600ac141430e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0aba61f6304a80500ffffca88faca"], 0xdd12}], 0x1}, 0x10)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
r10 = dup2(r9, r9)
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r10, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x58, [{}, {0x0, 0x100000000000000}]}, 0x68)
setsockopt$inet6_opts(r10, 0x29, 0x36, &(0x7f0000000440)=@routing={0x0, 0x6, 0x2, 0x6, 0x0, [@empty, @private2, @private1]}, 0x38)
writev(r0, &(0x7f0000003480)=[{&(0x7f0000000140)="03", 0x1}, {&(0x7f00000034c0)="50bdc2efb8d0fecba7b9f07a11d112390f893112a87c4a10d97d6bd1cab082d5766613a937e7a6767af05b68c4338a3c306fec8bb9b83d8f28a04683cbd386d1d8e427b02d3ff427a0569c1682e4dcc4aa4757a01f0ec405b764df476ddc99387f04b96c82a87b3945b849965bf6320d38c85cbe36014658c0df25ec9415a444d6be387de48cac69f15b6b1d45c0f8e62b54f0ca13368cae0645969feb781db89a70463e42d3197672063faab45c46b5c3e621282991cdde50f9af1a12760812b23b29dd4fffe2a0cb4474e9fafdaf2083280a3be1f0a57329a984d2ef5e62186ac555a55e8a273c0834f2da14f0b8b6242a12cc1af203bc142cef6c0048d3e56fcb85e0deef0fa9f3c18f9a7c04caae4d57d3d4b139660a533aa9e25045e93e1be2261e166c6b7ac7855446fb863c0e6ef7c8137202ee7c52450c78c89d8a7aa278b5511e9b769209ac0747084b9c553150d8a6f060153252b4c5fe69a0ab271f85b7400358206e9d220b0065b3f94657afb4bf982e641cbe07c8f3e92b17e7e2c49174fd3bd89719d465f6de1708e1e25ad6185203cd51b939d485865504efc571ecc5915767c3b0dbd097e80c38532d7a322e48fab7a6811816d6247a644864248d635bd61b46ab09bfcebf86e06c08fb112d072365afa6bf1292f540586e16bc640f031c740a04bf61df1aa00b99ff99a49c73d5dffd1523c6d5c2d028ce3577110f15447cd87914a5534f45d9e69a8e51bfdf343f70c7c4a5ccbc62b4ad632d48f93a38361907ed686b76cda7ed98df7f04d881712280db912133fbbcef41e918e6cda8a1b25da503721e13bad3dee199f9357260c4aa7ebe23ec5c13ed13f33f9176ef2cbdec432fd6d07cdabbb051985fbd4d69f9eb09f3d6b1e78870ac6a59eba73fa5df0d1a708d2673684856cf504a2d3bcb0038605831c965e8e0c6090a0457462a6ea7564f57696219af371c120cd4565d1e278f233d738245b758e6e6b4d7c434fc5ecaaf72cc57889d10c1e2c465a12fdb25d0f653e464cab62a4179f5bab38c560a12dd5852ed2684c30787774690cb7b4f9b5f4c573759a60946d7e6708d4c520354cd7b310986ecb5569f3ba1e322ccd2282fb8ca57588b21c46ca0bfc1d50bb43cada0ca6c8337d66e6829eadfab60c38bbf58cad9e611b3ed84dd8f00be795673b5a611ebb1e11a54b533d9d064b5df4d1203bbf1f82a9f63c178e9441b538539193b28b70a6045e6c8f1cbddf97ff79525801bb9bbf59ed76fafcc29c8317f3f50ef5cedf5f767747ecbee95bbf7251a92382ab1ee0ac10c206ee6a4cdd4ac3fa8607c66ba19309fb0fb646c787d226d55b9f8158a3835ee5d1565f5c4fb41339088f06cc89c670da67fe33ce1f20327bd989de43e6a62a135e0ff3d3949b08bc6d46aec46ad100059cbf987054690de9764ad56dcecf5afcd19cfad537b571f324858908b86213b7420e12733cd6a192bf1f69651ea1043b9fb12bc29ced691f7ee3eaac4618732f173c424707bcac7cea3e023da9af43a7e6c465feab01f246adaf8d573e5aa578af8b36ffdd39c1d48787739bae6582b63cb7755a9ddca85a0614994d793b8f023a0ad28b5e2172a06d59ddd646e8e8de0022902f6016d60019c4ec2a753d41ddc47303d4b490c116083eb19dc36e0805b4b748f47189d288db04be485cceb5a0656e0466877526b6395bc9053cd0d703127eb912964c052442535d2d03b89cd4e1a63ceefaf043509416f79dc7507c0f84dbe881bee0d73b4e40c062d953ab2eb631bca3d71aa08bc903953cc0cb71b04b11123f5ac9ce03501c7c706130808bba16f2ccc7b0b7a5da5ca9e48e46d08f04be516249298198cf8487e3361abf2071f9d41974e9ecde5db520960eea20028ab27517b7a8ea820209107a79da17bb2c4fd11da3a4b7f71c211517c7c2c823efa85ffc100286a987a81fd266f3df86704af9a227b06f93d6ab9a220f9572591e2628233691ec5cbd04220143bdcf6b7cae2d562b98c2db8cb7534d4774159fb6b47efb7a2bcc2b8726f9dfbf68b96b3341cd9452765af2c48a2430f242facd2ef9bfb99edb16ba68c4cc7f098b4d561fc04e51121fae6d25fdff1c86e13f97c1b432c006eef5424662f657143ea858ce7e3797f40089facdf96fa10eea15a20d107e89eeab1526939f6f46cfdac6717691d8aa01819f1992d1652ff3b02661e209633270dae9b024e11933ab0f11487d488c60927ba56b12add87e89503e1d2075cd68b48da65a150c798b671effccb21332c980b59250cce776df49d4d6e958172508d325a7dc7ca539dd89db8a0a22022b9cd2b1a545c8e10d3e836b2f7f379c1d868f90dfde77c157d03a72c49985607d2fdfe31ec68acf31dba08755a63fe2acc8682ddf707b1a1e81a7fb1cc51aedb44c354bf053a2fac29845322ef612b89c5b70fac061075dd7ad7c715534d801850deb118b7414369b0357e2694d88bfffae67e82fc82202286459c8cef40ad588f750c7f50d8107f0c9c51c345d101772b921d69954ff8c41bc6fc49a8b101176f60f15515e726c94ac27a6ddd8f03fb47ef616b5d17cf00e78d8909518082ef86e32c42b8dd72c8ee084171ea61465ca3b4169b6e3abd300a1c2247ee45eed29948355096f6dba394a56d8df4addd4529d834ec8f27d4957d81fca5091004ad3ecc98acb72392689b8145a5a9ec8736464c6544a64ca40c44359429b91690bb592707c6f3d93a85766ca6a754f5bfa8824d8ca6510df9b39abb5c84281f61100507d2014eba19031e654601f0c7d7ae9c45ebbe587fbc2dd299c14c8af310c5ac41be08ea71ca18fe732eeca736af024bbafc77e38883647dec1275de5fba6161b473ac3bc8f855f7e086f6875b889d0f3132ce37c247ad7a0227e77779eddabc52f8cc95def23cd340f6a91c984cfdb15d115dfba134edb9e3764fcfda94e80c69ea473dbdf6c0c856a182856cc4aeeff4d380671e0dd73931f2c7fdd145c0dce4bdb5484ed1b840f9be7d68c04dd67184fa88bad0edd0109251d5a55ecb67e641f22685bc3e2694b98463c329a738d54c7a34af063425a24b73592d7d744d3f6e06bbf6d0292cf5d93876fcc1726746a1016c6743a0d33ce85ba2737628eb408ea6b2b31f8467a83808cb19aa91b19d37614fc9180db6dcbb1ee7a410e9907bc85f401ae68f9016084bb83f03b5e92ea54fbbf06687471ca59f7785fe3d82004aebe9df8f7ba11f86616dd8dc8987e7e3916bb3ec6ae16f769252473636cd6064f03709676e7131ce251649a203b392cbfeffdd0bbc6c139b564af69cb09ddb6375c99f3f0ae52237090b285bd98ece8bebe6ca5ee07d0665e290c333c55324fc742359779e19748af53798ff487053fa4d53054012ec7e3d42662f6ad7bd3662d90f70e09937928aff2f64a859125747ad503d55bd25b41ec2d5e346182d1c018e331222ce222de4bd5dbb73da1802550a75f6b4003448182126bbea930cb07bf2986243e73578aa754f4f50bc51c4757a35d988b402e9a4dd11db1e58d07d36e418725b80a9382261c8d32b4630dce00d068cbff3d3c5aa3205cfcfbe0e11356b42942becfdb3c24df46d45a6c0cf8cf13df6d943165c7b0b8a8c3aed8f8eb9e5e025ccf08847b67883191fe4d3134c2248b6c694410af31aaf0a5a68aff450d4e871a723badf4187fd80a69efc57d8da595123a388d135ace86be3bc3b43413726afc2b3d75e8c5b6aeb4cd0d58456cbace5a125181b9b726db185d904c24bc6e232f77ce52d75e65fff7b67891a48c0d5b1a4cd531a09dacf09f990657b418fea0d3416857c55a14842a8f40822ef82f6521ffa075420abbb2e0034b7fcc00b52c3c76c412d06968ae608c10490aa03ac684f13f8c7ca7f1aae1ab8a293b79bfff217ae49bb6d08a13b83572d1df86a941ea78123f4ab7c8e454879869ee29b03d6b6ebe9adfd202ec6413705b012a1d38635fe29e50f64c06b9531e64e763ea45c7b41eb4e644625341eeb8ac6ef09aff93283cc43659d1c9303b05f9b728c3d2f4656aa4956ac59b3bf449654440bc54ff8ee3f607fb90dfbbe289e4643c1bae9cdc4c20f33a285c5f56aa31ed4aceb1319a4234ef1dfa3a022193039758ed414541256e641b1bc0fb5396bd0c14ba3eeee638f8083bfdcfbaf1842ed90115f14bb89f08b2415022ae3885ff167285949eeb21ceb5fe5657b07fc19049712db6df0386e924a5843ba777187b149141093d5b3eb7e706dc5f4bec6f86769ba748c0287a682c7fae4c3072d0fe94007d855b03d62687d43ebe754b0732fac2c7cb7edcaaf07b108380220607cdca95892b8d7ea3401cf24dc185a4de780a2ab04166e6b77d35a5fb41127e7f55bc8ac172c117d2a902c7622448cef69c0aa087c0b7adbbceea42d7148da338c40a97818fd231a1c557b5b7b2972ce55cbc086a0f03bf5a202ad742652a27ef82b3780b7942ce3203d1bbd2ebfb284f95d04b5d2b703a1ebdac774f9c285f62c7d5cbe459ba8951d4901f1bc1778642ebca5a9bc4a12a943d1088140839aac701ac8e96382b7445a25380c80e5e61ecba1288dd71cfdc610a946c9d1b14cdc8170cf43f87c9308540a04b809c9947b33d3782c46080fbae16065cf6c415b48e040273f6b185a56a1af5d9603dd546da85089b39d43ac1a3b792b150d6c36b9b709c68594dc5cd362b1a27e9cb1f41fcfb26c373936d85d3de8fb1b592519183a98590be5d95ede92844e14532a66324253750dcfc9c97bacf7c89f2fdb5b399898cdb1a59bba0c622b3f27248c9dd0686a3373bac161d26fdcad4fcfe80cc81976aa22bd61777e686d930dd6ef65dab2666ee0bc8389cd6f69dcdd33d51832858440f24dab3d4be966b4ae053bd0e55077e307fc72e4929f0999ed8cf153df74f65ba57b5b0eb972c76bf9b4395209c38b157cfeab38f3b3dc82d330467a538dc7bed276508a3c9f4d14a0f0c021150188e96af4cb7c16f6fea4574d8fe9ef95bcc1c8be02004cf41e1b1b356c9f3b641f41ca1c5a9e357052865327a14be1c6c560c1e666b35e0f79d27403bf8821199d6e418d90f5616a758d106ed420866a28f527aeaabe8aa751f88ef00d109788a85d4dc9abd2c5484cf8db17dad0e9fa3c383914fcd9b3bcb4cf1d4f6c3dc3b6db84b506560fe9b88ea8f614ee3ca48271a236941a3e3d7bc76e6527ba1d0e973e52c37c0a48f8211371aa7b41673835111b8007a479e5951b8109efb000a95efca7847e3c15fef6f2e2bf28e1f8be8a7ee92be22fff243b18229611a60da95bd07185174ab0d97af9685c35a9dc54b738b2681f7da3632a349417001467b76e4bf67e84fb4ae8415520cca492abfbdc7581abf0eaf8fa72b4433f00e3ad33f18778d8402330bcf29eda662ddeb07043e55fc565c9cab9fd5ab5090a6bfc7019d34646a8043154879d50ee72c9cf3267e36e1f8d6a126530ae6e0aa377282b8b2231bfbb2add9102d497019eabee71fd57159ea9128c12ed87b811366d7c8046913f168d82a52a2ce8c9dd8a8526f5cd7d6119916229729b5b0c44a8090e0c57efa8db6d6c787b2576e3c78a40d257a6f049389cdbe9da7d7028c5d5e273a98cab1eea4ad12026dc5dbab0e44ae998412cae4d2038497729351a064cc6b16029bdf2a3ed43016f01e868f17f1d6e271f06f22ee68fc818470d063e4b9a848ebb25186feba84a13cd0711c7ed1846ec3caf3d4329c146344ef50325077477fc72bf7d7e1ed47c97030ba2cf", 0x1000}], 0x2)
syz_usb_connect(0x1, 0x0, 0x0, 0x0)

4.580991154s ago: executing program 0 (id=3408):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffc4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r5 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x4e22, 0x0, @private2}}}, 0x108)
r6 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
preadv(r6, &(0x7f00000000c0)=[{&(0x7f0000000580)=""/128, 0x80}], 0x1, 0x5b, 0x0)
ioctl$MON_IOCX_GETX(0xffffffffffffffff, 0x4018920a, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x7f, 0x638502)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x6, 0xe, &(0x7f0000000300)=ANY=[@ANYBLOB="b700000018000000bca30000000000002403000040feffff720af0ff0000000071a4f0ff000000001f030000000000002e0a0200000000002604fdffffff000061140400000000001d430000000000007a0a00fe0000001f6114000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767912d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce0900000000000000499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc682928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348de20f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97b4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b4f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb1bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb36e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b78825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e8a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b60000000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffff8, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

4.295721807s ago: executing program 2 (id=3410):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000180)=@base={0x2, 0x81, 0x8, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x0, 0xfffffb07, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000140), 0x4)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={r0, &(0x7f00000004c0), &(0x7f0000000400)=@tcp6=r1, 0x1}, 0x20)
r2 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000b80), 0x0, 0x0)
ioctl$PTP_SYS_OFFSET_PRECISE(r2, 0xc0403d08, 0x0)

3.486342438s ago: executing program 3 (id=3411):
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
openat$kvm(0xffffffffffffff9c, 0x0, 0x531100, 0x0)
munlockall() (fail_nth: 1)

3.397271748s ago: executing program 2 (id=3412):
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x40000042}, 0x10)
bind$tipc(r1, 0x0, 0x0)
sendmsg$tipc(r1, &(0x7f0000001c40)={&(0x7f00000003c0)=@nameseq={0x1e, 0x1, 0x1bdbb0078484aec3, {0x2, 0x1, 0x1}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x41}, 0x40000)
r3 = fanotify_init(0x4, 0x101000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff})
r5 = dup(r4)
r6 = fanotify_init(0x4, 0x101000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r7=>0xffffffffffffffff})
r8 = dup(r7)
fanotify_mark(r6, 0x1, 0x1, r8, 0x0)
fanotify_mark(r3, 0x1, 0x1, r5, 0x0)
r9 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r9, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e24, @broadcast}], 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

3.323161591s ago: executing program 6 (id=3413):
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
openat$kvm(0xffffffffffffff9c, 0x0, 0x531100, 0x0)
munlockall()

3.301621877s ago: executing program 0 (id=3414):
bind$unix(0xffffffffffffffff, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8) (async)
r0 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, &(0x7f0000000100)={{0x1, 0x1, 0x18, <r1=>r0, {0x10000}}, '\xe9\x1fq\x89Y\x1e\x923aK\x00'})
write$cgroup_subtree(r1, &(0x7f0000000140)={[{0x2d, 'hugetlb'}, {0x2d, 'blkio'}, {0x2b, 'io'}, {0x2d, 'cpuset'}]}, 0x1c)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r4 = syz_genetlink_get_family_id$l2tp(&(0x7f00000002c0), r1)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x24, r4, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x3}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x4048811) (async)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r1, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x24, r4, 0x200, 0x70bd26, 0x25dfdbfc, {}, [@L2TP_ATTR_DATA_SEQ={0x5, 0x4, 0x3}, @L2TP_ATTR_SEND_SEQ={0x5, 0x13, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x4048811)
sendto$inet6(r3, &(0x7f00000001c0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0xfffffffd, @loopback}, 0x1c) (async)
sendto$inet6(r3, &(0x7f00000001c0)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0xfffffffd, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r3, 0x84, 0x20, &(0x7f0000000980)=0x9, 0x4)
recvmmsg(r3, &(0x7f0000000400)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=""/6, 0x6}, 0x175}], 0x1, 0x10123, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mm_migrate_pages\x00', r2, 0x0, 0x4}, 0x18) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mm_migrate_pages\x00', r2, 0x0, 0x4}, 0x18)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x2, 0x0, 0x0, 0x2)

3.177045095s ago: executing program 2 (id=3416):
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x8031, 0xffffffffffffffff, 0x209f0000)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00'})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x2041, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_GET_VCPU_MMAP_SIZE(r6, 0xae04)
r8 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
mmap$KVM_VCPU(&(0x7f0000000000/0x3000)=nil, r7, 0x1, 0x4000812, r8, 0x100000)
syz_open_dev$video(&(0x7f0000000440), 0x8, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
syz_emit_ethernet(0x0, 0x0, 0x0)
r9 = socket(0x15, 0x5, 0x0)
getsockopt(r9, 0x200000000114, 0x271f, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0xf002)
symlinkat(0x0, 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00')
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0100000004000000060000000b000000000000", @ANYRESDEC=r0, @ANYBLOB, @ANYRES32=0x0, @ANYRES64=r1, @ANYBLOB="000000000000000000000000c3edcb58f1ec35f1000000000000000022c89e356cd6142d5add1c25cbe81ed46a760df0c7f8eb920a8ab4f0b82e334596ffcd14b5c193748714f603fc313e321470d68e609574a6644e05d7dafd5ceb2948bb839bc57b033eafe76195ecde062b8cc902b6ce7c8061cb54653180cec5a6e45d338b96f8c21647ea11fcaf9b63ccc8ccefc7611085272ecbdf767e36d82c7fda05a04b29ed9d2074c7ee5c19e7cdc093bb6aac9c6ee9f248c568a99fa40d"], 0x50)
sendmsg$nl_xfrm(r9, &(0x7f0000000300)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000002c0)={&(0x7f00000000c0)=@newspdinfo={0x14, 0x24, 0x100, 0x70bd2b, 0x25dfdbff, 0x8}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x4)

2.962956623s ago: executing program 0 (id=3417):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x10022, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000280)='attr/current\x00')
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}})
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004200)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c0000005e0001000000000000000000050002"], 0x1c}}, 0x0)

2.956192282s ago: executing program 5 (id=3418):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace(0x4208, r0)
syz_io_uring_setup(0x7fff, 0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$igmp(0x2, 0x3, 0x2)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x3e, &(0x7f0000000140)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x20, 0xfc, 0x2, 0x0, @rand_addr=0x1c, @multicast1=0xe0000300}, @dest_unreach={0x3, 0x6, 0x0, 0x0, 0xfa, 0x9, {0x5, 0x4, 0x0, 0x3d, 0xfff6, 0x65, 0x5, 0x5, 0x4, 0x3, @rand_addr=0x64010102, @local}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000440)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x6, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x20, 0xfc, 0x2, 0x0, @rand_addr=0x1c, @multicast1=0xe0000300, {[@timestamp={0x44, 0x4, 0x7f, 0x0, 0x9}]}}, @echo_reply={0x0, 0x0, 0x0, 0x67, 0x5, "5c1bda64d9bbb795506667f359c477398e7a5ec5cb38489b4507e009"}}}}}, 0x0) (fail_nth: 1)

2.512162479s ago: executing program 0 (id=3419):
r0 = openat$nvram(0xffffffffffffff9c, 0x0, 0x1a8000, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000200)=ANY=[@ANYRES8=<r2=>0xffffffffffffffff, @ANYRESDEC, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000900850000008200000095"], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kfree\x00', r1}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYRES16=r2, @ANYRES16=r0, @ANYRES8, @ANYRES16], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=0x0, @ANYRESDEC=r3, @ANYRES64=r2, @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, @void, @value}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0900005de1ffffffffffff2e6affdd0939ae0000", @ANYRES32=r4, @ANYBLOB="0300"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="02000000030000000200"/28], 0x50)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x11, 0xc, &(0x7f00000002c0)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r5}, 0x10)
r6 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000100)='mm_lru_insertion\x00', r6}, 0x10)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r7, &(0x7f0000000180), 0x40010)
r8 = creat(&(0x7f00000000c0)='./file0\x00', 0x1f4)
dup2(r8, r8)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r9)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r10 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
prlimit64(0x0, 0x7, &(0x7f00000003c0), 0x0)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r10, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)

2.511995276s ago: executing program 5 (id=3420):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan1\x00', <r3=>0x0})
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002100)='/proc/bus/input/devices\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000040)={0x2020}, 0x2020)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010024bd7000e8dbdf252100000008000300", @ANYRES32=r3, @ANYBLOB="08009e00"], 0x24}, 0x1, 0x0, 0x0, 0x4014001}, 0x0)

2.445632836s ago: executing program 5 (id=3421):
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x104, &(0x7f0000000180)=0x8, 0x0, 0x4)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
getpid()
setsockopt$inet_tcp_int(r1, 0x6, 0xa, &(0x7f0000000240)=0x1, 0x4)
ioctl$SNDRV_PCM_IOCTL_WRITEN_FRAMES(0xffffffffffffffff, 0x40184152, 0x0)
recvfrom$ax25(0xffffffffffffffff, 0x0, 0x0, 0x105, &(0x7f0000001c00)={{0x3, @default}, [@default, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @default]}, 0x48)
ioctl$CEC_S_MODE(0xffffffffffffffff, 0x40046109, &(0x7f0000000080)=0xd0)
r2 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x82002)
ioctl$CEC_S_MODE(r2, 0x40046109, &(0x7f0000000080)=0xd0)
close(0x3)
r3 = socket(0x2b, 0x1, 0x1)
setsockopt$inet6_IPV6_RTHDR(r3, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x18)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote}, 0x1c)
syz_usb_connect(0x3, 0x2d, &(0x7f00000002c0)=ANY=[], 0x0)

2.224488884s ago: executing program 6 (id=3422):
r0 = socket$pppoe(0x18, 0x1, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/reserved_size', 0x80802, 0x0)
sendfile(r1, r1, 0x0, 0x6)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r3, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="380000001a00010000000000000000000a80", @ANYRES64=r3], 0x38}, 0x1, 0x0, 0x0, 0x4000}, 0xc0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
r4 = openat$mice(0xffffffffffffff9c, &(0x7f0000000200), 0x24080)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000280), r0)
sendmsg$DEVLINK_CMD_RATE_DEL(r4, &(0x7f0000000480)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000580)={0x1050, r5, 0x8, 0x70bd29, 0x25dfdbfe, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xf, 0xa8, @name2}, @DEVLINK_ATTR_RATE_NODE_NAME={0xe}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x1}, @DEVLINK_ATTR_RATE_NODE_NAME={0xe}, @DEVLINK_ATTR_RATE_NODE_NAME={0x1004, 0xa8, @random="b2f06bc21b8938413c71199633132b4e4a2b97570cc23fc857cc6da9b364c2bc7955b627c4d221a31a38e4ba0391b93d19e8139db2684a417e086cfd8c22574c0fc407bafe54b1256caaa05ac55c13d1aa40dbef49a7a572dd6d130e63171ed042e7fc5aa0ef953552e33e60f260d3dd4b95c157a2453000cb05b188aad9d4de57b1f7b6313c55038e03c8597362584df15762e3cbaef572d5cf91c88f3b7a797520f44d1e5e2cea4eb9cf7e2dccbf00d9c7375b99361dcc8062fb132228d34557c5c637d76f62827d84e473f1de26e752c353a32edf53b214c2d9015af4e7ee08b46bdf3566cc5ff9b08104fdaa9ced6bedde2261ec32048f00d53373be440bc9e1779118892dac339d345bd1c671c4731cf48310b4ed76849a5444cefe39f682002ef8ad6a2e8ab792fd185a784a59957a27e49487836c86ae06c7e2cc8346fd2c4714699b519f355f82a952ca3c25c1ec34eea888d7082655f0a60b75ee9bed1a67449f8e64baafaede23038ca1cf2d6f427375048116849559655751a194c12a828eabcb97664eedd96ecd2e1bce3db82347fae9fe87c8913ce7640bd475998b3de072fc1008e83ef8a04ab63358d1cd07bb3845f6fa3c93b9a65114d9013667b781dfe1cb15d39b1db590a46fb61d3cce51db2959fce6f282f46792c789c6a94a1e2f1141e8abe5ff96d17d13e6e3f5a289e15302ca3c465e69ab8358de514cf5ba761512f1606329901206ba6b640d3ad4f5bf02bcbf4e825b14df4645876806e427885ba87a239f50413e510a49f8d2284244b6f8ffdf779706b1c070ed7ce2c861532841b5bfe2232807f279b7bbe095d7cb1d6672fa484b6e47c1ef152caf4f77e1ca14793feb23b937c439c785717407de57bb871d579187c6491a24e496074597a79c4f68505df6118fbb7dd4c835f6f50c166fbaeb6590247b2a934473219bac0e6a3169eb014478dd7fb5747a8687186fee76fb4c5bb769877540ce27a8abcd7b48dd7af4ab0724f22497f8bf59c610e1971b8424c88f6483c76814f2008e302de700ae4cf656bfe0b9e0288d16cd248417b83dae8ed24cf68807d743c1e70d3e50840cc48c366b8432a588a78ff194e292545c774bb8e64b12312a44124458417f41a3c2733a3bc69808db0b34c47a3a706a5325f944292d59beb4d7088e0ea3afa981e47542a39f2b5ecc9e44b49358b7418bf356e16d13bc5a2f4cf91f04785103a6561912df0c340b09afbf0364574eaecd84ba22f22d4639f67d1fde36690e4e8435b109d220de954cc82b8ec8042d4b553033297a578de7c4e831d048954275f1633e30cc493c17c7321baa73b434bf220ff7773214ca991cb81a14ecd21f9c541e50e75838b4e582419dac2de4ffdd36df4cfda9b9b34f1a866a245e762f85f4f3f1f7aa33c07f8b5bede98cb7f5793d95b0022b357a441d09ff13de2d6c55b0ddf84505a5c8550e937b07dd087ae43db315a10f6cba995d0a8770bcaab52e711108f0289d694eff7c1f3b9d552772c398290502c48c4253fa3b460563e6566aeaf7765710114f613eb95c90d9e0f608eb8ff89a81f0785486155ac785b91b6a1b065d9cd877c9950342b921c137a085026bf85825949d12eed6485f0cd1724d1ec6f973fd773e0c1ebf64952e69eec51c3c63ca430e5b77152a7fb60ab9ed2d78583a1cf30f48c85ac0fdeeae073dbd3dd285f1bc5f69c617a9fd74872d74ab46c92e3c6bdb500b91bff86ca8593cf3e5a61630735d987c89863453c934682e94d65e8d643687174f7d603174e6ea705a831672d5c704f3acf799f7f7e95e643fd929dfabeaeebfa3911783cca368a20b9462cc7be6967db63e498226e6f5d9e9ba3a933303b259b6d0975154c53a523aa06c74ef057d41000a4f698555d5beb9efe9e6bba4b5cf69c85fca1c1c2305f9bc436de017e8932225c69ae15dedba9421fa7ccd277920e377a93c59d91592b6d4eca9ae09a20ea7479afaa103db62f83da6bff02d6fa847b35182d07725974763f026cdbb2c1615adce0744d8ead23a5edf02f6a1daf9bccabed86e4b44e0845ac54ed84e3f95c279c57540b2ae93d74fb29126c76919861b0e54c336fbf86568bc5c82a5d2cd2b6ff5627af6dd72a5ef79370f08aa61a7184f398115899861bd51b61a4cfa704820c5f574ead74dae8a505fafed8e370f576a4d2cb60b6e5cb60c3daa4407a7d9b87ee9a368f787f2f2ed9a816168d81b636b2e82031dd426e764f347831d39c4db2f0d81d9b92d44314ba0346f90d92eea97075fff926b6fbb1b1e6000c2bfce7da68d3771cc00fe3ec2e93636267c0e2903cf15c59aa0d036316737668483a7543454f1884b279aa6fc8a12fc091e2de3e5ef2213c6738cfe3f6a4b32806ae38db8b56826e20f8ebdba00381c1d6acf713da7e83be0d66233f961f36ef6610f1691439189b660e6e1f69ec5a2e342d87b9b86ace037b1fed0a7d725c3da57efce7a1b2635831abf5edcb9d3c1b2f08d8f0524cc68bcfaae08b9bc456a80bf8b26cf59f36f4302f19cd944c663145530450f74fdb1a81520347c0cbf18b3a6e00cccf27ba06151388af27819fa509867d2252643e05cdd2d092360f819ddf25e50b63562eb32b1ab8474c82ace9a6db6240da4f36b4914b15aa4216739623dd1c8e18ef0be63d145989bc6094fbf6650e60073319f14d895600b3ecfcdb4dcba58ac29b50a9f845b0bc9656be9c03b543ea688192cda85c7071aec90903e0a297d4d6b45f8d2806275e5fb0f0102ea324358d5d18c2bdbcbd22a9b1821af3f8f960c1f04d5f575f75db0c6886d8edad9b953eb1da71c6c35d38aa4a868b08b8a72763c89884230efa48f9804956c220a41504a934bcdca7daf85a975ffd7c79d5c964afdb73bf7588e0aaf5e20643c8a4aff3da5384fc75db6eab29205f8d6cef5bb4f26ab447f64d2c6a3d428313ac1ef608f287799c6baf4e7751eebc87b085c359f1d215201cca6403368a27b840bae89384aec84936efc3a8f14243fe28d7c19818ecbb9f89f02ba530ef67071953c150e44fc2cc08852d6450a10f6991fcecfa4dc282606cb82fa8c9f38a5cf3f26872f2dd2dfc56bbfff10e889228417834c2762d3591fb713a74f5b20696cf4c084ac6ad763413c7e9446fbd1c0d067d9d08f479e8c291a8ebc61d23e9dbe68936521e49f75c6ab28c4e72d0df0352e0d0d447369cfb713315e9da1b286de6f7062985050fbce2f2f0fdacb84004fafc3f6b971755a5b8837afbdc69269a639db037e85dd8d9d2a52effe1e548174531b8e91c75b9836a85355b0557648d052697c682f5e5d434f0ca9ec66af8021083b0a87c5ac91582596aeba36d0dc550a0d810108d91b01098663869ee96207abda087ca78def752f484100f229796f289cf0163336e0d92d1b0e796cc29c517e612e91aea64d644a7bcaf03f5ba85d6b44f5138438065310eee3f3a67c2b041ff65ce91a5f838a49e08829df82f6d9a825274092abe70a795b340f88bd5e3a34d54e746acea9a9dad7449d95ba3810b7684c012e5b76218925cc8c2e861b581715bd1b2b8423d0d1758d2fd1ed484574d59626704eef97be2e1dee2ddfbcb05bbcdba79022d05e44142a1edccd6f32920898c8459c51262eb3d3c7de76d1f93d45fa08537b5285fadb18786bac2f5a2da607ab38e3c7cd0a33f8fd180602d343c8a605f0728f4ce8dfa5ae82d2d18b6359869ed292770e07aa4023ba0d987ab1a1577fb843d0748f1436c1a60325ec51aa17adb4f7554c2c1afbd406eb004864e3eb17c278b645abf4bee3a19efd5d40dff15609476d075931f1e9db08d6b1baa0e31234d63ad3fa51224b95210036b2a92fa6d69ff3f287846f9c4d1e648355c1a7b60b4ba4860c34af4305f92ff3774ae39270978e32fbb01d4fad8b5357df870c282a546242a484b26bc4d3565a7f9e44ebee0a498f90d08576b8f4715fc8c0fdf8f9ca6da6aa667d780f974cb070e069467ff4640ddcd85a25f09c9ed60c6397df67d2c66bb4ea14a5057b353a8da267dfa8c941feaebec246855ce25e683aea7a14089adbff68d09aaf9fe57143a560f656eb41be7bf7b970338222814e5a13f7132deeff46b66806b623b4d156b51fdc5c45e1fbc67f13541628777808df3bdf084d2dfe9f82ca514a4ebc52b1e14b1b761fbc065155e0259322c005994b66b6029aa0929e07ec27b9b85de0be3ca2ecec4fd743595dd7c034f828ac10ba26d734c515233bc88561c6c78e8d2046d8daedec24d2a21bad1c05a14aae55a5dc9238befcd9adc6a05caa56e9bf9bd59a906131a87230877759e7f0d77651db875f4a7295936f18f965f8aecd1a85f0008fa4e0d5e702df7506366dd28186be54d315299e3ee42176f0e028ad553e5965c63bdef44f918077422b20d44c4f4abe9363cb9a13733cee9333cea15633ff615bc9039f59091d56fe7a6b4f412d1f4df118274a85d2a616963da2b5b589e722599464531db31a7e467d881df11750bd7357afcadbd6dff77f004582a41e0f8b74c2d01a3731987fe2574c22ff1b58e63b8d056ca4e5f60363f864ad235f20e938497aa9a73dde2ba63552320f8116bb5a2fbcc36658901f7ec35ae47a572868dace8911423d369d8b4dc60ff3700b5e9a53a331d0c660ff4fba03ff8b8d46fce5daa5c6550b9eaf7c648008a3607fe8ce669b04a2c352d30d7ae8268a1f81825dfe3e641d17deb547845d3223db2ca60cdb4967e11bb1227a00666149cb6a51c56ba35b99ef0170247b34808ddc4b82901a9d2098d444eb3b16827b53ea9435ac9dad5a2ae3f8b2a688a52e6a1630f85a2636aa4abf87956595c61cc0219766cce67c34275e2dcb0632db78c11821c78a2b5ad00808c7bf84c2b2c3aa947e30653c99ad799a98257ddbe3a3ebdf098a9f7d5dab1aa002322f823dbe65a57c4e3d27cec3e89b9e6736e51ae6fb7d7317fd663879f05ea5e4e1c9e92389c5a1f2189f10b88ae66be435a63ad3ed5992077028fc87b1c40888e8da0919c1d4bc27d4ba0fa98325a78692717b0999d7f3fdff807a38645df7c66935c261c7e0026bd41d3edf5e009b130806a39437454558b6231362a0e69d407b0e12ea5269b40694f8001b09fdc8cd281c4a14b6eea8fc8a84677d095f905e1a7b65f31c6276dbe3c1c21051204c9dd32beef8cd2e72f3801e3340ca42dd5eaa5556bfb35a17c09d3bfb1eac29358eccd36747a27e766a7bf684bb1948d51dac2fdf31b71a7ee702681faa62897f0aeba596ff12f452119431d6ac20b5892c594b7d39d7eb406553a31cb7b537f600ac9bd17eec85f36d67647254968eb235a4d89acf6fe3a0ccac62ba552c0bddec6269e7db3ad983154ac76aec8e69ddeae57a29dff2fde407ca414334b94943eadf35fc093419bbf8b4da26b38e7a280a7ef71e9e68b9c02c46792a227542889dfbbb68d2e3dd9b5c9b91e1a537ee1f19d662eb1deb5fad20264034559fd683288e421e055b5ec74e593729d1e16afd18882b1cd6a2fceb8dd7304abd88a80e0dc39b8309549b4a44417fc565d3a4f35a18bb5278174eb0d0f1bf835057a8f824e20787799bdf01239ce6a2dd395d4bb08e3334b0130cd03bd61f511eaa1ab8f999e0b06d0d029c0e01a089b87fa675bb206d20e9e9a72affaf418c019019672fb5ff79e75007e39b8c8a4d66773dcd5c9672b7919f83ebc054e49899b3c35ab86780505ce891aa2af70632c25df4ca61af142c9170b90ae952e475e387278f5bc6c81e"}]}, 0x1050}, 0x1, 0x0, 0x0, 0x40000}, 0x4000000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r6 = dup(0xffffffffffffffff)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x1c57, &(0x7f0000000300)={0x0, 0x40ac, 0x10000, 0x2, 0x3f, 0x0, r6}, &(0x7f0000000180)=<r7=>0x0, &(0x7f00000001c0)=<r8=>0x0)
syz_io_uring_submit(r7, r8, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

2.092549957s ago: executing program 0 (id=3423):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r1, 0x40000000af01, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010400ca9bd410991100b098a80102030109021b000100001000090430020117b51b00090502020002020000"], 0x0)
socket$kcm(0x29, 0x0, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x1, 0x0, 0x0, &(0x7f0000000280)=""/167, &(0x7f0000000100)=""/47})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000340))
r2 = dup(r0)
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000000)={0x1, r2})

1.87982678s ago: executing program 6 (id=3424):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xffffffffffffffc4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r5 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x4e22, 0x0, @private2}}}, 0x108)
r6 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
preadv(r6, &(0x7f00000000c0)=[{&(0x7f0000000580)=""/128, 0x80}], 0x1, 0x5b, 0x0)
ioctl$MON_IOCX_GETX(0xffffffffffffffff, 0x4018920a, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x7f, 0x638502)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x6, 0xe, &(0x7f0000000300)=ANY=[@ANYBLOB="b700000018000000bca30000000000002403000040feffff720af0ff0000000071a4f0ff000000001f030000000000002e0a0200000000002604fdffffff000061140400000000001d430000000000007a0a00fe0000001f6114000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767912d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce0900000000000000499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc682928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348de20f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97b4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b4f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb1bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb36e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b78825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e8a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b60000000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffff8, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

1.582730836s ago: executing program 5 (id=3425):
socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x2040600)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x20004800)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="b80000001500"], 0xb8}}, 0x0)

757.302907ms ago: executing program 5 (id=3426):
syz_open_dev$midi(&(0x7f0000000000), 0x2, 0x0) (async)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0xfffb}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) (async)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) (async)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) (async)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0) (async)
execve(&(0x7f0000000740)='./file0\x00', 0x0, 0x0) (async)
link(&(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') (async)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0xbf, r4, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4, 0x0, @loopback={0xff00000000000000}}}, {0x12, 0x2, @in6={0xa, 0x0, 0x0, @remote}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}]}]}, 0x6c}}, 0x0) (async)
r5 = socket$unix(0x1, 0x5, 0x0) (async)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r6, 0x25, &(0x7f00000000c0))
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r7, 0x26, &(0x7f0000000000)={0x1, 0x1, 0xa124, 0x7ffffffd}) (async)
dup2(r5, r2) (async)
r8 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0)
unshare(0x6020400) (async)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x6) (async)
ioctl$DRM_IOCTL_DROP_MASTER(r8, 0x641f) (async)
ioctl$DRM_IOCTL_SET_MASTER(r8, 0x641e)

736.106372ms ago: executing program 6 (id=3427):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
write$proc_mixer(r3, &(0x7f0000000180)=ANY=[], 0xb8)
dup3(r1, r0, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020100000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x60, 0x16, 0xa, 0x101, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wlan0\x00'}]}]}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x1}]}], {0x14}}, 0x88}}, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r5 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$x25(r5, 0x0, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x4e24, @local}, 0x10)

521.272075ms ago: executing program 5 (id=3428):
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
faccessat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x2)
syz_usb_connect(0x2, 0x3f, &(0x7f0000000000)=ANY=[@ANYBLOB="05010000d0918108ac051582588f4000000109022d00010000000009040020030b08000009058d67c8002a0000098d880b144b64928e09058b16"], 0x0)

229.8502ms ago: executing program 2 (id=3429):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x10022, 0x0)
r0 = syz_open_procfs(0x0, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}})
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004200)={&(0x7f0000000200)=ANY=[@ANYBLOB="1c0000005e0001000000000000000000050002"], 0x1c}}, 0x0)

0s ago: executing program 2 (id=3430):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$kcm(0x29, 0x2, 0x0)
r3 = memfd_create(&(0x7f0000000000)='e\xf4E\x88-\x00', 0x0)
pwritev(r3, &(0x7f0000000040)=[{&(0x7f0000000480)="db", 0x1}], 0x1, 0x4000001, 0x0)
sendfile(r2, r3, 0x0, 0x8000fb00) (fail_nth: 1)

kernel console output (not intermixed with test programs):

890:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11814 comm="syz.3.1768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f45c7b8e929 code=0x7ffc0000
[  774.335847][   T30] audit: type=1326 audit(1749136550.890:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11814 comm="syz.3.1768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f45c7b8e929 code=0x7ffc0000
[  774.337826][   T30] audit: type=1326 audit(1749136550.890:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11814 comm="syz.3.1768" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f45c7b8e929 code=0x7ffc0000
[  775.345961][   T51] Bluetooth: hci5: command 0x0406 tx timeout
[  775.751432][    C1] vkms_vblank_simulate: vblank timer overrun
[  775.783723][    C1] vkms_vblank_simulate: vblank timer overrun
[  784.234659][T11882] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[  784.279910][T11882] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[  784.288785][T11882] netdevsim netdevsim5: Falling back to sysfs fallback for: .
[  787.229512][   T30] audit: type=1326 audit(1749136563.780:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11898 comm="syz.6.1789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff9878e929 code=0x7ffc0000
[  787.524238][   T30] audit: type=1326 audit(1749136563.780:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11898 comm="syz.6.1789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff9878e929 code=0x7ffc0000
[  787.546543][   T30] audit: type=1326 audit(1749136563.820:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11898 comm="syz.6.1789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7eff9878e929 code=0x7ffc0000
[  787.615508][   T30] audit: type=1326 audit(1749136563.820:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11898 comm="syz.6.1789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff9878e929 code=0x7ffc0000
[  787.696542][   T30] audit: type=1326 audit(1749136563.820:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11898 comm="syz.6.1789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff9878e929 code=0x7ffc0000
[  787.775594][   T30] audit: type=1326 audit(1749136563.820:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11898 comm="syz.6.1789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7eff9878e929 code=0x7ffc0000
[  787.925242][   T30] audit: type=1326 audit(1749136564.480:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11898 comm="syz.6.1789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff9878e929 code=0x7ffc0000
[  787.995173][   T30] audit: type=1326 audit(1749136564.480:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11898 comm="syz.6.1789" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7eff9878e929 code=0x7ffc0000
[  788.014401][T11910] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[  788.025246][T11910] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[  788.033963][T11910] netdevsim netdevsim5: Falling back to sysfs fallback for: .
[  789.435395][T11919] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  789.446079][T11919] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  789.455855][T11919] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  792.552098][ T5843] Bluetooth: hci0: unexpected event for opcode 0x2041
[  801.060781][T11999] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  801.070102][T11999] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  801.078745][T11999] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  806.367695][T12104] netdevsim netdevsim6: loading /lib/firmware/. failed with error -22
[  806.376299][T12104] netdevsim netdevsim6: Direct firmware load for . failed with error -22
[  806.384935][T12104] netdevsim netdevsim6: Falling back to sysfs fallback for: .
[  809.010532][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  809.305875][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  809.730340][T12142] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1860'.
[  809.758110][T12142] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1860'.
[  809.964473][ T5843] Bluetooth: hci3: unexpected event for opcode 0x2041
[  810.525266][T12153] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1864'.
[  813.667828][T12178] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  814.687451][ T5843] Bluetooth: hci5: unexpected event for opcode 0x2041
[  814.823177][T12190] Process accounting resumed
[  814.869654][   T30] audit: type=1326 audit(1749136591.420:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12196 comm="syz.3.1883" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f45c7b8e929 code=0x0
[  816.629720][ T5843] Bluetooth: hci1: command 0x0406 tx timeout
[  816.899160][T12220] overlay: Unknown parameter 'fowner>00000000000000016384'
[  816.912072][T12223] xt_connbytes: Forcing CT accounting to be enabled
[  816.950451][T12223] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'nat'
[  816.969605][   T30] audit: type=1326 audit(1749136593.520:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12217 comm="syz.2.1888" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fccdc98e929 code=0x0
[  817.847429][   T51] Bluetooth: hci5: unexpected event for opcode 0x2041
[  819.421568][   T51] Bluetooth: hci3: unexpected event for opcode 0x2041
[  819.668915][T12258] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1901'.
[  820.676819][   T30] audit: type=1326 audit(1749136597.230:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12276 comm="syz.5.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae8b8e929 code=0x7ffc0000
[  820.749288][   T30] audit: type=1326 audit(1749136597.230:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12276 comm="syz.5.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae8b8e929 code=0x7ffc0000
[  820.858379][   T30] audit: type=1326 audit(1749136597.410:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12276 comm="syz.5.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f5ae8b8e929 code=0x7ffc0000
[  821.687853][T12287] netlink: 71 bytes leftover after parsing attributes in process `syz.3.1908'.
[  821.712271][   T30] audit: type=1326 audit(1749136597.410:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12276 comm="syz.5.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae8b8e929 code=0x7ffc0000
[  821.734582][   T30] audit: type=1326 audit(1749136597.410:387): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12276 comm="syz.5.1907" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae8b8e929 code=0x7ffc0000
[  821.947267][   T51] Bluetooth: hci3: unexpected event for opcode 0x2041
[  822.524357][T12312] capability: warning: `syz.5.1915' uses 32-bit capabilities (legacy support in use)
[  823.590344][   T30] audit: type=1326 audit(1749136600.140:388): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12329 comm="syz.0.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febce78e929 code=0x7ffc0000
[  823.693581][   T30] audit: type=1326 audit(1749136600.140:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12329 comm="syz.0.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febce78e929 code=0x7ffc0000
[  823.747571][   T30] audit: type=1326 audit(1749136600.140:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12329 comm="syz.0.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7febce78e929 code=0x7ffc0000
[  823.807235][   T30] audit: type=1326 audit(1749136600.140:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12329 comm="syz.0.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febce78e929 code=0x7ffc0000
[  823.873565][   T30] audit: type=1326 audit(1749136600.140:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12329 comm="syz.0.1922" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febce78e929 code=0x7ffc0000
[  824.089277][T12345] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1927'.
[  824.253235][   T51] Bluetooth: hci3: unexpected event for opcode 0x2041
[  825.646895][T12372] netlink: 'syz.2.1937': attribute type 12 has an invalid length.
[  826.023060][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  826.023082][   T30] audit: type=1326 audit(1749136602.570:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12377 comm="syz.3.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f45c7b8e929 code=0x7ffc0000
[  826.145121][   T30] audit: type=1326 audit(1749136602.570:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12377 comm="syz.3.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f45c7b8e929 code=0x7ffc0000
[  826.323466][   T30] audit: type=1326 audit(1749136602.630:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12377 comm="syz.3.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f45c7b8e929 code=0x7ffc0000
[  826.478855][   T30] audit: type=1326 audit(1749136602.630:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12377 comm="syz.3.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f45c7b8e929 code=0x7ffc0000
[  826.599621][   T30] audit: type=1326 audit(1749136602.630:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12377 comm="syz.3.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f45c7b8e929 code=0x7ffc0000
[  826.658974][T12384] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1940'.
[  826.708033][   T30] audit: type=1326 audit(1749136602.830:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12377 comm="syz.3.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f45c7b8e929 code=0x7ffc0000
[  826.799497][   T30] audit: type=1326 audit(1749136602.830:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12377 comm="syz.3.1939" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f45c7b8e929 code=0x7ffc0000
[  828.071801][   T51] Bluetooth: hci3: unexpected event for opcode 0x2041
[  830.428558][T12425] mmap: syz.3.1946 (12425) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  831.401032][   T51] Bluetooth: hci2: unexpected event for opcode 0x2041
[  833.879043][T12482] mmap: syz.2.1970 (12482): VmData 37597184 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[  839.193410][T12576] pimreg3: entered allmulticast mode
[  839.617424][T12580] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2002'.
[  843.002382][T12629] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2019'.
[  843.011583][T12629] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2019'.
[  843.046385][T12629] netlink: 'syz.0.2019': attribute type 14 has an invalid length.
[  843.054808][T12629] netlink: 'syz.0.2019': attribute type 13 has an invalid length.
[  843.313305][T12638] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2023'.
[  843.412954][T12640] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2024'.
[  843.525220][T12642] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  843.809297][   T51] Bluetooth: hci5: unexpected event for opcode 0x2041
[  846.508400][T12673] IPVS: set_ctl: invalid protocol: 43 224.0.0.2:0
[  846.905721][T12690] overlayfs: failed to clone upperpath
[  846.952716][T12694] xt_CT: You must specify a L4 protocol and not use inversions on it
[  847.536293][T12706] tipc: Started in network mode
[  847.565812][T12706] tipc: Node identity ac14140f, cluster identity 4711
[  847.615196][T12706] tipc: Enabled bearer <udp:syz2>, priority 10
[  848.730988][    T9] tipc: Node number set to 2886997007
[  851.691364][T12783] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[  851.699950][T12783] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[  851.708469][T12783] netdevsim netdevsim5: Falling back to sysfs fallback for: .
[  853.145091][T12788] process 'syz.5.2079' launched '/dev/fd/8' with NULL argv: empty string added
[  858.510844][T12867] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  858.549614][ T9808] IPVS: starting estimator thread 0...
[  858.691208][T12869] IPVS: using max 26 ests per chain, 62400 per kthread
[  859.026771][T12875] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2110'.
[  859.057897][T12872] netlink: 60 bytes leftover after parsing attributes in process `syz.2.2110'.
[  859.302105][T12885] veth8: entered allmulticast mode
[  859.332809][T12885] veth9: entered promiscuous mode
[  859.372529][   T30] audit: type=1326 audit(1749136635.930:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12886 comm="syz.5.2117" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5ae8b8e929 code=0x0
[  861.145307][T12922] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2129'.
[  862.570128][T12929] netlink: 136 bytes leftover after parsing attributes in process `syz.2.2131'.
[  862.608335][T12929] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  864.504806][T12967] overlayfs: failed to resolve './file1': -2
[  864.536941][T12965] netlink: 136 bytes leftover after parsing attributes in process `syz.2.2146'.
[  864.547451][T12965] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  866.298446][T13008] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2159'.
[  866.327675][T13008] netlink: 'syz.6.2159': attribute type 10 has an invalid length.
[  866.360766][T13008] bridge0: port 2(bridge_slave_1) entered disabled state
[  866.368859][T13008] bridge0: port 1(bridge_slave_0) entered disabled state
[  866.378001][T13011] netlink: 1004 bytes leftover after parsing attributes in process `syz.0.2161'.
[  866.405833][T13008] bridge0: port 2(bridge_slave_1) entered blocking state
[  866.409111][T13012] fuse: Bad value for 'fd'
[  866.413795][T13008] bridge0: port 2(bridge_slave_1) entered forwarding state
[  866.426138][T13008] bridge0: port 1(bridge_slave_0) entered blocking state
[  866.433482][T13008] bridge0: port 1(bridge_slave_0) entered forwarding state
[  866.458750][T13008] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  866.854914][T13022] netlink: 68 bytes leftover after parsing attributes in process `syz.6.2165'.
[  867.309428][T13034] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  867.381449][T13043] netlink: 1004 bytes leftover after parsing attributes in process `syz.5.2172'.
[  869.612489][T13078] bridge: RTM_NEWNEIGH with invalid ether address
[  869.628051][T13078] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2187'.
[  869.640295][T13078] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2187'.
[  869.799302][T13088] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  870.375570][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  870.382252][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  872.320257][T13123] trusted_key: encrypted_key: master key parameter 'useU' is invalid
[  874.981799][T13164] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2220'.
[  874.995606][T13164] 8021q: VLANs not supported on ip6gre0
[  877.067298][T13197] openvswitch: netlink: Message has 20 unknown bytes.
[  877.077081][T13196] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2234'.
[  877.100954][T13197] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  877.234433][T13200] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  883.472690][T13303] netlink: 180 bytes leftover after parsing attributes in process `syz.2.2269'.
[  885.700604][T13335] netlink: 148 bytes leftover after parsing attributes in process `syz.0.2276'.
[  885.780661][T13335] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  889.950491][T13366] netlink: 'syz.5.2288': attribute type 21 has an invalid length.
[  889.988732][T13366] netlink: 'syz.5.2288': attribute type 6 has an invalid length.
[  890.000581][T13366] netlink: 132 bytes leftover after parsing attributes in process `syz.5.2288'.
[  890.236947][T13377] netlink: 148 bytes leftover after parsing attributes in process `syz.5.2292'.
[  890.279838][T13377] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  891.472406][T13393] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2284'.
[  893.354743][T13413] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2302'.
[  893.364056][T13413] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2302'.
[  893.381441][T13413] gretap0: entered promiscuous mode
[  893.408495][T13414] xt_hashlimit: size too large, truncated to 1048576
[  893.622102][T13413] gretap0: left promiscuous mode
[  895.237840][T13443] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2308'.
[  899.596067][T13507] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2332'.
[  900.132048][   T43] libceph: connect (1)[c::]:6789 error -101
[  900.138364][   T43] libceph: mon0 (1)[c::]:6789 connect error
[  900.197438][T13516] ceph: No mds server is up or the cluster is laggy
[  900.205045][   T43] libceph: connect (1)[c::]:6789 error -101
[  900.229244][   T43] libceph: mon0 (1)[c::]:6789 connect error
[  901.751105][T13532] trusted_key: encrypted_key: master key parameter 'useU' is invalid
[  904.418025][T13558] 9pnet_fd: Insufficient options for proto=fd
[  904.791591][T13562] wireguard0: entered promiscuous mode
[  905.247081][T13573] trusted_key: encrypted_key: insufficient parameters specified
[  907.382691][T13589] ./file0: Can't lookup blockdev
[  914.303528][T13686] overlayfs: missing 'lowerdir'
[  916.110990][T13712] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2396'.
[  916.281750][T13716] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2397'.
[  916.615066][T13716] hsr_slave_1 (unregistering): left promiscuous mode
[  919.955361][T13769] 9pnet_fd: Insufficient options for proto=fd
[  931.813038][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  931.820149][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  983.375307][T13839] 9pnet_fd: Insufficient options for proto=fd
[  983.871400][T13848] Cannot find del_set index 1 as target
[  987.274220][T13879] netlink: 'syz.5.2440': attribute type 10 has an invalid length.
[  989.355640][T13892] delete_channel: no stack
[  990.414895][   T30] audit: type=1326 audit(1749136766.948:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13927 comm="syz.0.2459" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7febce78e929 code=0x0
[  993.465918][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[  993.475892][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[  993.962512][   T51] Bluetooth: hci2: unexpected event for opcode 0x2041
[  999.153091][T14023] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  999.153091][T14023] The task syz.2.2486 (14023) triggered the difference, watch for misbehavior.
[ 1000.419659][T14037] 9pnet_fd: Insufficient options for proto=fd
[ 1000.549847][T14041] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2495'.
[ 1001.327010][   T51] Bluetooth: hci5: unexpected event for opcode 0x2041
[ 1003.503716][T14106] (unnamed net_device) (uninitialized): option packets_per_slave: mode dependency failed, not supported in mode balance-xor(2)
[ 1003.838322][T14113] netlink: 'syz.6.2522': attribute type 2 has an invalid length.
[ 1003.849304][T14113] netlink: 'syz.6.2522': attribute type 2 has an invalid length.
[ 1004.413932][   T30] audit: type=1326 audit(1749136780.053:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14129 comm="syz.0.2527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febce78e929 code=0x7ffc0000
[ 1004.447184][   T30] audit: type=1326 audit(1749136780.072:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14129 comm="syz.0.2527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7febce78e929 code=0x7ffc0000
[ 1004.476954][   T30] audit: type=1326 audit(1749136780.072:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14129 comm="syz.0.2527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febce78e929 code=0x7ffc0000
[ 1004.509742][   T30] audit: type=1326 audit(1749136780.072:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14129 comm="syz.0.2527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febce78e929 code=0x7ffc0000
[ 1004.534651][   T30] audit: type=1326 audit(1749136780.081:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14129 comm="syz.0.2527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=227 compat=0 ip=0x7febce78e929 code=0x7ffc0000
[ 1004.557581][   T30] audit: type=1326 audit(1749136780.000:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14129 comm="syz.0.2527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febce78e929 code=0x7ffc0000
[ 1004.580761][   T30] audit: type=1326 audit(1749136780.000:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14129 comm="syz.0.2527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febce78e929 code=0x7ffc0000
[ 1004.602859][   T30] audit: type=1326 audit(1749136780.000:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14129 comm="syz.0.2527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7febce78d290 code=0x7ffc0000
[ 1004.627496][   T30] audit: type=1326 audit(1749136780.000:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14129 comm="syz.0.2527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febce78e929 code=0x7ffc0000
[ 1004.656177][   T30] audit: type=1326 audit(1749136780.000:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14129 comm="syz.0.2527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7febce78e929 code=0x7ffc0000
[ 1004.783506][T14142] 9pnet_fd: Insufficient options for proto=fd
[ 1005.023983][T14151] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2533'.
[ 1007.323461][T14187] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2546'.
[ 1007.954224][T14202] sctp: [Deprecated]: syz.3.2553 (pid 14202) Use of int in maxseg socket option.
[ 1007.954224][T14202] Use struct sctp_assoc_value instead
[ 1013.909518][T14264] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2571'.
[ 1013.938449][T14264] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2571'.
[ 1013.970063][T14264] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2571'.
[ 1014.000341][T14264] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2571'.
[ 1014.017303][T14270] 9pnet_fd: Insufficient options for proto=fd
[ 1014.026879][T14264] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2571'.
[ 1014.061441][T14264] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2571'.
[ 1014.093638][T14264] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2571'.
[ 1014.114256][T14264] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2571'.
[ 1014.155761][T14264] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2571'.
[ 1014.176040][T14264] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2571'.
[ 1016.397901][T14293] xt_ecn: cannot match TCP bits for non-tcp packets
[ 1020.797178][   T51] Bluetooth: hci3: unexpected event for opcode 0x0402
[ 1020.808819][T14321] bond0: entered promiscuous mode
[ 1022.310121][T14351] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1022.317787][T14351] IPv6: NLM_F_CREATE should be set when creating new route
[ 1022.325108][T14351] IPv6: NLM_F_CREATE should be set when creating new route
[ 1027.579865][T14421] netlink: 'syz.5.2616': attribute type 15 has an invalid length.
[ 1029.402148][   T30] kauditd_printk_skb: 63 callbacks suppressed
[ 1029.402166][   T30] audit: type=1326 audit(1749136803.338:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14447 comm="syz.2.2624" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fccdc98e929 code=0x0
[ 1029.741135][T14456] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[ 1030.341289][T14466] __nla_validate_parse: 55 callbacks suppressed
[ 1030.341470][T14466] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2628'.
[ 1032.019803][T14473] lo speed is unknown, defaulting to 1000
[ 1032.055838][T14473] lo speed is unknown, defaulting to 1000
[ 1032.093618][T14473] lo speed is unknown, defaulting to 1000
[ 1032.100616][T14474] netlink: 'syz.2.2632': attribute type 1 has an invalid length.
[ 1032.138437][T14474] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2632'.
[ 1032.620869][  T977] lo speed is unknown, defaulting to 1000
[ 1032.644247][T14473] infiniband syz2: set down
[ 1032.649254][T14473] infiniband syz2: added lo
[ 1032.834833][T14473] RDS/IB: syz2: added
[ 1032.849182][T14473] smc: adding ib device syz2 with port count 1
[ 1032.876300][T14473] smc:    ib device syz2 port 1 has pnetid 
[ 1033.737105][T14473] lo speed is unknown, defaulting to 1000
[ 1033.775285][  T977] lo speed is unknown, defaulting to 1000
[ 1034.328753][T14473] lo speed is unknown, defaulting to 1000
[ 1034.889952][T14473] lo speed is unknown, defaulting to 1000
[ 1036.610846][T14516] netlink: 72 bytes leftover after parsing attributes in process `syz.6.2644'.
[ 1038.541002][T14473] lo speed is unknown, defaulting to 1000
[ 1040.061401][T14473] lo speed is unknown, defaulting to 1000
[ 1040.868565][   T30] audit: type=1326 audit(1749136814.067:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14558 comm="syz.6.2655" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7eff9878e929 code=0x7f7f0000
[ 1042.121125][   T51] Bluetooth: hci2: unexpected event for opcode 0x2041
[ 1043.640593][T14593] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2664'.
[ 1045.408665][T14610] xt_NFQUEUE: number of queues (65532) out of range (got 66665)
[ 1047.055522][   T51] Bluetooth: hci1: unexpected event for opcode 0x2041
[ 1051.767966][   T51] Bluetooth: hci1: unexpected event for opcode 0x2041
[ 1058.913636][T14727] netlink: 'syz.3.2705': attribute type 1 has an invalid length.
[ 1059.151335][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1059.164362][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1062.018606][T14754] netlink: 'syz.3.2713': attribute type 3 has an invalid length.
[ 1065.306110][T14811] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1065.595327][T14814] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2734'.
[ 1065.843887][T14802] cgroup: fork rejected by pids controller in /syz0
[ 1065.904936][   T51] Bluetooth: hci3: unexpected event for opcode 0x2041
[ 1070.959905][   T51] Bluetooth: hci3: unexpected event for opcode 0x2041
[ 1074.382642][T14948] netlink: 4696 bytes leftover after parsing attributes in process `syz.0.2761'.
[ 1074.393178][T14948] netlink: 4696 bytes leftover after parsing attributes in process `syz.0.2761'.
[ 1075.378127][T14963] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2773'.
[ 1075.530682][   T51] Bluetooth: hci2: unexpected event for opcode 0x2041
[ 1083.061671][   T51] Bluetooth: hci0: unexpected event for opcode 0x2041
[ 1083.162293][T15033] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2796'.
[ 1090.390539][T15093] bridge0: port 3(team0) entered blocking state
[ 1090.398928][T15093] bridge0: port 3(team0) entered disabled state
[ 1090.408576][T15093] team0: entered allmulticast mode
[ 1090.413950][T15093] team_slave_0: entered allmulticast mode
[ 1090.419802][T15093] team_slave_1: entered allmulticast mode
[ 1090.466398][T15093] team0: entered promiscuous mode
[ 1090.471631][T15093] team_slave_0: entered promiscuous mode
[ 1090.482197][T15093] team_slave_1: entered promiscuous mode
[ 1090.498322][T15093] bridge0: port 3(team0) entered blocking state
[ 1090.504726][T15093] bridge0: port 3(team0) entered forwarding state
[ 1090.730755][   T51] Bluetooth: hci1: unexpected event for opcode 0x2041
[ 1092.171301][T15105] pimreg: entered allmulticast mode
[ 1094.199304][    C1] hrtimer: interrupt took 51683 ns
[ 1096.499734][   T51] Bluetooth: hci5: unexpected event for opcode 0x2041
[ 1105.280051][T15251] overlayfs: failed to clone lowerpath
[ 1109.575733][T15309] netlink: 48 bytes leftover after parsing attributes in process `syz.6.2865'.
[ 1111.557710][T15335] netlink: 'syz.0.2873': attribute type 3 has an invalid length.
[ 1118.180746][   T51] Bluetooth: hci0: unexpected event for opcode 0x0c7b
[ 1120.785122][   T30] audit: type=1800 audit(1749136888.188:480): pid=15427 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.2897" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 1121.500718][T15440] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2903'.
[ 1121.572432][T15442] fuse: Unknown parameter '�S�0x0000000000000005'
[ 1121.677776][T15440] lo speed is unknown, defaulting to 1000
[ 1122.583387][T15460] gtp0: entered promiscuous mode
[ 1123.249967][   T30] audit: type=1800 audit(1749136891.088:481): pid=15476 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.5.2913" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 1123.969070][T15483] overlay: Unknown parameter 'obj_role'
[ 1124.828073][T10748] Bluetooth: hci0: command 0x0406 tx timeout
[ 1124.837755][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1124.846810][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1125.974814][   T30] audit: type=1800 audit(1749136893.623:482): pid=15524 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.6.2930" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 1126.804032][T15528] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2934'.
[ 1127.733389][T15543] 9pnet_fd: Insufficient options for proto=fd
[ 1127.928976][T15548] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2941'.
[ 1128.932484][T10748] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1128.947609][T10748] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1128.956976][T10748] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1128.967183][T10748] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1128.975376][T10748] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1129.109147][T15551] lo speed is unknown, defaulting to 1000
[ 1131.172856][T10748] Bluetooth: hci3: command tx timeout
[ 1131.321509][ T3511] bond0 (unregistering): Released all slaves
[ 1133.378340][T10748] Bluetooth: hci3: command tx timeout
[ 1133.463352][T15617] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[ 1133.474845][T15617] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[ 1133.485225][T15617] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1133.912378][ T3511] hsr_slave_0: left promiscuous mode
[ 1133.940099][ T3511] hsr_slave_1: left promiscuous mode
[ 1135.602931][T10748] Bluetooth: hci3: command tx timeout
[ 1136.763086][  T993] smc: removing ib device syz2
[ 1136.797004][T15628] (unnamed net_device) (uninitialized): option xmit_hash_policy: invalid value (254)
[ 1136.808971][T15551] chnl_net:caif_netlink_parms(): no params data found
[ 1137.084505][T10748] Bluetooth: hci1: unexpected event for opcode 0x2041
[ 1137.921850][T10748] Bluetooth: hci3: command tx timeout
[ 1139.031908][T15551] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1139.055108][T15551] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1139.085105][T15551] bridge_slave_0: entered allmulticast mode
[ 1139.123154][T15551] bridge_slave_0: entered promiscuous mode
[ 1139.397244][T15551] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1139.404466][T15551] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1139.429387][T15551] bridge_slave_1: entered allmulticast mode
[ 1139.482604][T15551] bridge_slave_1: entered promiscuous mode
[ 1139.960825][T15551] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1140.018621][T15551] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1140.221059][T15551] team0: Port device team_slave_0 added
[ 1140.251795][T15551] team0: Port device team_slave_1 added
[ 1140.428951][T15551] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1140.451542][T15551] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1140.535874][T15551] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1140.672389][T15551] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1140.707264][T15551] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1140.781732][T15551] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1140.977772][T15551] hsr_slave_0: entered promiscuous mode
[ 1140.992720][T15551] hsr_slave_1: entered promiscuous mode
[ 1140.999637][T15551] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1141.010243][T15551] Cannot create hsr debugfs directory
[ 1144.176325][T15723] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[ 1148.749096][T15551] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1149.051897][T15551] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1149.122322][T15551] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1149.200878][T15551] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1149.480156][T15551] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1149.687056][T15551] 8021q: adding VLAN 0 to HW filter on device team0
[ 1149.720285][ T1168] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1149.727638][ T1168] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1150.481696][T15774] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[ 1150.491312][T15774] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[ 1150.501036][T15774] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1150.608118][ T1147] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1150.615314][ T1147] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1151.007652][T15778] tmpfs: Bad value for 'mpol'
[ 1152.511722][T15551] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1152.644732][T15551] veth0_vlan: entered promiscuous mode
[ 1152.700848][T15551] veth1_vlan: entered promiscuous mode
[ 1152.890946][T15806] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3016'.
[ 1152.920995][T15806] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3016'.
[ 1152.925917][T15551] veth0_macvtap: entered promiscuous mode
[ 1152.965384][T15806] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3016'.
[ 1152.996611][T15551] veth1_macvtap: entered promiscuous mode
[ 1153.036138][T15551] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1153.270632][T15551] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1153.286911][T15551] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1153.297070][T15551] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1153.424937][T15551] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1154.076186][T15551] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1154.154612][T15816] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[ 1154.164767][T15816] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[ 1154.174625][T15816] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1154.324995][T15821] netlink: 40 bytes leftover after parsing attributes in process `syz.3.3022'.
[ 1154.403208][ T3511] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1154.417377][ T3511] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1154.665150][T15822] team0: Device gtp1 is up. Set it down before adding it as a team port
[ 1155.523844][ T3511] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1155.572697][ T3511] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1155.741078][T15837] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3026'.
[ 1159.194159][T15875] FAULT_INJECTION: forcing a failure.
[ 1159.194159][T15875] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 1159.233080][T15875] CPU: 0 UID: 0 PID: 15875 Comm: syz.2.3038 Not tainted 6.15.0-syzkaller-12058-g64980441d269 #0 PREEMPT(full) 
[ 1159.233111][T15875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1159.233122][T15875] Call Trace:
[ 1159.233131][T15875]  <TASK>
[ 1159.233140][T15875]  dump_stack_lvl+0x189/0x250
[ 1159.233173][T15875]  ? __pfx____ratelimit+0x10/0x10
[ 1159.233198][T15875]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1159.233225][T15875]  ? __pfx__printk+0x10/0x10
[ 1159.233245][T15875]  ? __might_fault+0xb0/0x130
[ 1159.233283][T15875]  should_fail_ex+0x414/0x560
[ 1159.233313][T15875]  _copy_from_user+0x2d/0xb0
[ 1159.233334][T15875]  ___sys_sendmsg+0x158/0x2a0
[ 1159.233359][T15875]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1159.233424][T15875]  ? __fget_files+0x2a/0x420
[ 1159.233449][T15875]  ? __fget_files+0x3a0/0x420
[ 1159.233487][T15875]  __sys_sendmmsg+0x227/0x430
[ 1159.233514][T15875]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1159.233532][T15875]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1159.233589][T15875]  ? ksys_write+0x22a/0x250
[ 1159.233613][T15875]  ? __pfx_ksys_write+0x10/0x10
[ 1159.233632][T15875]  ? rcu_is_watching+0x15/0xb0
[ 1159.233668][T15875]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1159.233690][T15875]  do_syscall_64+0xfa/0x3b0
[ 1159.233714][T15875]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1159.233737][T15875]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1159.233755][T15875]  ? clear_bhb_loop+0x60/0xb0
[ 1159.233779][T15875]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1159.233798][T15875] RIP: 0033:0x7fd485f8e929
[ 1159.233816][T15875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1159.233833][T15875] RSP: 002b:00007fd483df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1159.233863][T15875] RAX: ffffffffffffffda RBX: 00007fd4861b5fa0 RCX: 00007fd485f8e929
[ 1159.233877][T15875] RDX: 04000000000001f2 RSI: 0000200000000000 RDI: 0000000000000003
[ 1159.233890][T15875] RBP: 00007fd483df6090 R08: 0000000000000000 R09: 0000000000000000
[ 1159.233902][T15875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1159.233913][T15875] R13: 0000000000000000 R14: 00007fd4861b5fa0 R15: 00007fffbcbd9228
[ 1159.233946][T15875]  </TASK>
[ 1159.594127][T15876] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3039'.
[ 1159.626835][T15876] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3039'.
[ 1159.737880][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1159.749047][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1159.758672][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1159.767405][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1159.777386][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1159.918443][T15883] devpts: Unknown parameter 'max��n� ���f��f�'
[ 1160.184987][T15891] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3041'.
[ 1160.196423][T15891] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3041'.
[ 1161.607259][T15902] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[ 1161.617819][T15902] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[ 1161.628546][T15902] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1161.946020][   T51] Bluetooth: hci0: command tx timeout
[ 1163.595838][T15928] FAULT_INJECTION: forcing a failure.
[ 1163.595838][T15928] name failslab, interval 1, probability 0, space 0, times 1
[ 1163.609683][T15928] CPU: 0 UID: 0 PID: 15928 Comm: syz.2.3051 Not tainted 6.15.0-syzkaller-12058-g64980441d269 #0 PREEMPT(full) 
[ 1163.609713][T15928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1163.609724][T15928] Call Trace:
[ 1163.609732][T15928]  <TASK>
[ 1163.609740][T15928]  dump_stack_lvl+0x189/0x250
[ 1163.609772][T15928]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1163.609798][T15928]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1163.609833][T15928]  ? dump_stack+0x9/0x20
[ 1163.609866][T15928]  should_fail_ex+0x414/0x560
[ 1163.609897][T15928]  ? seq_read_iter+0x1fd/0xe10
[ 1163.609917][T15928]  should_failslab+0xa8/0x100
[ 1163.609942][T15928]  __kvmalloc_node_noprof+0x161/0x5f0
[ 1163.609968][T15928]  ? seq_read_iter+0x1fd/0xe10
[ 1163.609994][T15928]  seq_read_iter+0x1fd/0xe10
[ 1163.610012][T15928]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1163.610036][T15928]  ? look_up_lock_class+0x74/0x170
[ 1163.610067][T15928]  ? __asan_memset+0x22/0x50
[ 1163.610095][T15928]  seq_read+0x2e2/0x3d0
[ 1163.610125][T15928]  ? __pfx_seq_read+0x10/0x10
[ 1163.610162][T15928]  ? rw_verify_area+0x258/0x650
[ 1163.610182][T15928]  ? __pfx_seq_read+0x10/0x10
[ 1163.610204][T15928]  vfs_read+0x1fd/0x980
[ 1163.610231][T15928]  ? __pfx___mutex_lock+0x10/0x10
[ 1163.610256][T15928]  ? __pfx_vfs_read+0x10/0x10
[ 1163.610278][T15928]  ? __fget_files+0x2a/0x420
[ 1163.610309][T15928]  ? __fget_files+0x3a0/0x420
[ 1163.610330][T15928]  ? __fget_files+0x2a/0x420
[ 1163.610365][T15928]  ksys_read+0x145/0x250
[ 1163.610387][T15928]  ? __pfx_ksys_read+0x10/0x10
[ 1163.610416][T15928]  ? do_syscall_64+0xbe/0x3b0
[ 1163.610446][T15928]  do_syscall_64+0xfa/0x3b0
[ 1163.610469][T15928]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1163.610485][T15928]  ? asm_sysvec_call_function_single+0x1a/0x20
[ 1163.610502][T15928]  ? clear_bhb_loop+0x60/0xb0
[ 1163.610525][T15928]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1163.610542][T15928] RIP: 0033:0x7fd485f8e929
[ 1163.610558][T15928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1163.610574][T15928] RSP: 002b:00007fd483dd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1163.610604][T15928] RAX: ffffffffffffffda RBX: 00007fd4861b6080 RCX: 00007fd485f8e929
[ 1163.610617][T15928] RDX: 0000000000002020 RSI: 0000200000000200 RDI: 0000000000000004
[ 1163.610629][T15928] RBP: 00007fd483dd5090 R08: 0000000000000000 R09: 0000000000000000
[ 1163.610640][T15928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1163.610651][T15928] R13: 0000000000000000 R14: 00007fd4861b6080 R15: 00007fffbcbd9228
[ 1163.610685][T15928]  </TASK>
[ 1164.167306][   T51] Bluetooth: hci0: command tx timeout
[ 1164.544585][T15877] chnl_net:caif_netlink_parms(): no params data found
[ 1165.685507][T15949] Cannot find add_set index 0 as target
[ 1166.401825][   T51] Bluetooth: hci0: command tx timeout
[ 1168.622781][   T51] Bluetooth: hci0: command tx timeout
[ 1168.676903][  T993] bond0 (unregistering): Released all slaves
[ 1169.990008][T15877] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1170.010186][T15877] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1170.150935][T15877] bridge_slave_0: entered allmulticast mode
[ 1170.161509][T15877] bridge_slave_0: entered promiscuous mode
[ 1170.190690][T15877] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1170.198263][T15877] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1170.208781][T15877] bridge_slave_1: entered allmulticast mode
[ 1170.220288][T15877] bridge_slave_1: entered promiscuous mode
[ 1171.102494][  T993] hsr_slave_0: left promiscuous mode
[ 1173.797124][T15877] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1173.813408][T15877] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1174.326915][T15877] team0: Port device team_slave_0 added
[ 1174.514461][T15877] team0: Port device team_slave_1 added
[ 1175.004788][T16034] netlink: 4344 bytes leftover after parsing attributes in process `syz.6.3085'.
[ 1175.109919][T15877] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1175.130915][T15877] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1175.175448][T15877] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1175.208925][T15877] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1175.220054][T15877] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1175.264070][T15877] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1175.655271][T15877] hsr_slave_0: entered promiscuous mode
[ 1175.672107][T15877] hsr_slave_1: entered promiscuous mode
[ 1175.681957][T15877] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1175.691243][T15877] Cannot create hsr debugfs directory
[ 1176.716549][T16062] wlan0 speed is unknown, defaulting to 1000
[ 1176.723416][T16062] wlan0 speed is unknown, defaulting to 1000
[ 1176.731193][T16062] wlan0 speed is unknown, defaulting to 1000
[ 1176.741469][T16062] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[ 1176.756492][T16062] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[ 1176.782309][T16062] wlan0 speed is unknown, defaulting to 1000
[ 1176.789848][T16062] wlan0 speed is unknown, defaulting to 1000
[ 1176.797189][T16062] wlan0 speed is unknown, defaulting to 1000
[ 1176.804598][T16062] wlan0 speed is unknown, defaulting to 1000
[ 1176.812496][T16062] wlan0 speed is unknown, defaulting to 1000
[ 1177.246370][T16081] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3099'.
[ 1177.258301][T16081] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3099'.
[ 1177.422777][T16081] gretap0: entered promiscuous mode
[ 1177.445323][T16081] gretap0: left promiscuous mode
[ 1177.502891][T16087] netlink: 'syz.2.3100': attribute type 3 has an invalid length.
[ 1178.213886][T15877] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1178.262294][T15877] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1178.318803][T15877] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1178.389590][T15877] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1178.966026][T15877] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1179.591797][T15877] 8021q: adding VLAN 0 to HW filter on device team0
[ 1179.643913][ T3554] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1179.651186][ T3554] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1179.695264][ T3554] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1179.703048][ T3554] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1179.789650][T15877] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1179.981169][   T30] audit: type=1326 audit(1749136944.162:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16115 comm="syz.2.3110" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd485f8e929 code=0x0
[ 1180.062457][T16120] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000)
[ 1181.003874][T16124] netlink: 256 bytes leftover after parsing attributes in process `syz.2.3110'.
[ 1181.120012][T16124] netlink: 'syz.2.3110': attribute type 4 has an invalid length.
[ 1181.746715][T16128] netlink: 'syz.2.3112': attribute type 1 has an invalid length.
[ 1181.775739][T16128] netlink: 'syz.2.3112': attribute type 4 has an invalid length.
[ 1181.801617][T16129] netlink: 'syz.2.3112': attribute type 1 has an invalid length.
[ 1181.827029][T16128] netlink: 9462 bytes leftover after parsing attributes in process `syz.2.3112'.
[ 1181.847367][T16129] netlink: 'syz.2.3112': attribute type 4 has an invalid length.
[ 1181.874805][T15877] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1181.887033][T16129] netlink: 9462 bytes leftover after parsing attributes in process `syz.2.3112'.
[ 1181.949001][T15877] veth0_vlan: entered promiscuous mode
[ 1182.381113][T15877] veth1_vlan: entered promiscuous mode
[ 1182.467790][T16133] binder: 16132:16133 ioctl c0306201 0 returned -14
[ 1182.473148][T15877] veth0_macvtap: entered promiscuous mode
[ 1182.508061][T15877] veth1_macvtap: entered promiscuous mode
[ 1182.545959][T15877] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1182.580645][T15877] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1182.581663][T16142] netlink: 'syz.5.3115': attribute type 3 has an invalid length.
[ 1182.610172][T15877] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1182.630116][T15877] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1182.639573][T15877] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1182.661940][T16143] netlink: 'syz.0.3114': attribute type 3 has an invalid length.
[ 1182.671451][T15877] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1182.861758][T16148] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3117'.
[ 1182.906176][ T3511] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1182.915805][T16149] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3117'.
[ 1182.924066][ T3511] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1183.107856][ T3495] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1183.130889][ T3495] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1183.305700][T16155] syz.2.3119: attempt to access beyond end of device
[ 1183.305700][T16155] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1186.183207][T16178] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1186.365840][T16179] fuse: Unknown parameter 'f�v-
�N�6�؅Y�'
[ 1186.379581][   T30] audit: type=1326 audit(1749136950.008:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16164 comm="syz.3.3037" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff2c798e929 code=0x0
[ 1187.064724][T16159] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3121'.
[ 1187.336986][T16159] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1188.715122][T16159] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1188.882829][T16206] FAULT_INJECTION: forcing a failure.
[ 1188.882829][T16206] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1188.906601][T16206] CPU: 0 UID: 0 PID: 16206 Comm: syz.3.3132 Not tainted 6.15.0-syzkaller-12058-g64980441d269 #0 PREEMPT(full) 
[ 1188.906634][T16206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1188.906647][T16206] Call Trace:
[ 1188.906656][T16206]  <TASK>
[ 1188.906666][T16206]  dump_stack_lvl+0x189/0x250
[ 1188.906702][T16206]  ? __pfx____ratelimit+0x10/0x10
[ 1188.906728][T16206]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1188.906756][T16206]  ? __pfx__printk+0x10/0x10
[ 1188.906775][T16206]  ? __might_fault+0xb0/0x130
[ 1188.906812][T16206]  should_fail_ex+0x414/0x560
[ 1188.906845][T16206]  copy_fpstate_to_sigframe+0xa8d/0xce0
[ 1188.906874][T16206]  ? copy_fpstate_to_sigframe+0x181/0xce0
[ 1188.906904][T16206]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[ 1188.906945][T16206]  ? __lock_acquire+0xab9/0xd20
[ 1188.906978][T16206]  ? fpu__alloc_mathframe+0xad/0x130
[ 1188.907005][T16206]  get_sigframe+0x58d/0x7d0
[ 1188.907036][T16206]  ? __pfx_get_sigframe+0x10/0x10
[ 1188.907074][T16206]  x64_setup_rt_frame+0x15c/0xd40
[ 1188.907104][T16206]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1188.907131][T16206]  ? _raw_spin_unlock_irq+0x2e/0x50
[ 1188.907151][T16206]  ? get_signal+0x1122/0x1310
[ 1188.907186][T16206]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[ 1188.907227][T16206]  arch_do_signal_or_restart+0x3dc/0x750
[ 1188.907258][T16206]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1188.907301][T16206]  ? exit_to_user_mode_loop+0x40/0x110
[ 1188.907332][T16206]  exit_to_user_mode_loop+0x75/0x110
[ 1188.907358][T16206]  do_syscall_64+0x2bd/0x3b0
[ 1188.907384][T16206]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1188.907401][T16206]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1188.907420][T16206]  ? clear_bhb_loop+0x60/0xb0
[ 1188.907444][T16206]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1188.907463][T16206] RIP: 0033:0x7ff2c798e927
[ 1188.907482][T16206] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[ 1188.907498][T16206] RSP: 002b:00007ff2c87a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000116
[ 1188.907521][T16206] RAX: 0000000000000116 RBX: 00007ff2c7bb5fa0 RCX: 00007ff2c798e929
[ 1188.907535][T16206] RDX: 0000000000000001 RSI: 00002000000014c0 RDI: 0000000000000003
[ 1188.907545][T16206] RBP: 00007ff2c87a5090 R08: 0000000000000000 R09: 0000000000000000
[ 1188.907565][T16206] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1188.907576][T16206] R13: 0000000000000000 R14: 00007ff2c7bb5fa0 R15: 00007ffc59d9a0f8
[ 1188.907607][T16206]  </TASK>
[ 1190.517487][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1190.525409][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1191.991417][T10748] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1192.006267][T10748] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1192.015297][T10748] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1192.191310][T10748] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1192.205101][T10748] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1192.812608][T16237] wlan0 speed is unknown, defaulting to 1000
[ 1193.765488][T16261] random: crng reseeded on system resumption
[ 1194.871083][T10748] Bluetooth: hci4: command tx timeout
[ 1197.190835][T10748] Bluetooth: hci4: command tx timeout
[ 1197.656122][T16294] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1197.778623][T16295] netlink: 'syz.3.3157': attribute type 4 has an invalid length.
[ 1198.098052][T16237] chnl_net:caif_netlink_parms(): no params data found
[ 1198.845137][ T1147] bridge_slave_1: left allmulticast mode
[ 1198.870703][ T1147] bridge_slave_1: left promiscuous mode
[ 1198.904430][ T1147] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1198.930207][ T1147] bridge_slave_0: left allmulticast mode
[ 1198.943844][ T1147] bridge_slave_0: left promiscuous mode
[ 1198.952829][ T1147] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1199.424956][T10748] Bluetooth: hci4: command tx timeout
[ 1200.238843][T16316] netlink: 'syz.3.3162': attribute type 1 has an invalid length.
[ 1200.395628][T13581] IPVS: starting estimator thread 0...
[ 1200.415640][T16324] IPVS: ip_vs_add_dest(): lower threshold is higher than upper threshold
[ 1200.501057][T16327] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1200.504645][T16325] IPVS: using max 28 ests per chain, 67200 per kthread
[ 1200.508472][T16327] IPv6: NLM_F_CREATE should be set when creating new route
[ 1200.522871][T16327] IPv6: NLM_F_CREATE should be set when creating new route
[ 1200.530373][T16327] IPv6: NLM_F_CREATE should be set when creating new route
[ 1200.881451][ T1147] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1200.894696][ T1147] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1200.906133][ T1147] bond0 (unregistering): Released all slaves
[ 1201.638164][T10748] Bluetooth: hci4: command tx timeout
[ 1202.778169][T16237] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1203.015531][T16237] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1203.024111][T16237] bridge_slave_0: entered allmulticast mode
[ 1203.032361][T16237] bridge_slave_0: entered promiscuous mode
[ 1203.197870][T16237] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1203.210360][T16237] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1203.217868][T16237] bridge_slave_1: entered allmulticast mode
[ 1203.232496][T16237] bridge_slave_1: entered promiscuous mode
[ 1203.296820][T16360] netlink: 'syz.5.3172': attribute type 46 has an invalid length.
[ 1203.304881][T16360] netlink: 212868 bytes leftover after parsing attributes in process `syz.5.3172'.
[ 1203.610898][T16237] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1203.675496][ T1147] hsr_slave_0: left promiscuous mode
[ 1203.703287][ T1147] hsr_slave_1: left promiscuous mode
[ 1203.721159][ T1147] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1203.741453][ T1147] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1203.802961][ T1147] veth1_macvtap: left promiscuous mode
[ 1203.818052][ T1147] veth0_macvtap: left promiscuous mode
[ 1203.825918][ T1147] veth1_vlan: left promiscuous mode
[ 1203.835082][ T1147] veth0_vlan: left promiscuous mode
[ 1205.920690][T16383] netlink: 'syz.2.3180': attribute type 3 has an invalid length.
[ 1206.379287][ T1147] team0 (unregistering): Port device team_slave_1 removed
[ 1206.558252][ T1147] team0 (unregistering): Port device team_slave_0 removed
[ 1206.611152][   T30] audit: type=1800 audit(1749136969.025:485): pid=16389 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.3181" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[ 1207.510371][T16394] netlink: 4344 bytes leftover after parsing attributes in process `syz.2.3183'.
[ 1207.814797][T16396] kvm: requested 5028 ns i8254 timer period limited to 200000 ns
[ 1207.962192][T16400] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3184'.
[ 1208.262086][T16237] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1208.401988][T16237] team0: Port device team_slave_0 added
[ 1208.445587][T16237] team0: Port device team_slave_1 added
[ 1208.457119][T16387] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[ 1208.481628][T16387] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[ 1208.492616][T16387] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1209.141999][T16410] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3187'.
[ 1209.819915][T16237] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1210.094537][  T977] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[ 1210.340322][T16237] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1210.417328][T16237] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1210.435636][T16237] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1210.442907][T16237] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1210.484983][T16237] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1210.594013][  T977] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1210.632828][  T977] usb 4-1: config 1 interface 0 has no altsetting 1
[ 1210.666389][  T977] usb 4-1: New USB device found, idVendor=0536, idProduct=a4a8, bcdDevice= 0.40
[ 1210.681988][  T977] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1210.704658][  T977] usb 4-1: Product: syz
[ 1210.709165][  T977] usb 4-1: Manufacturer: syz
[ 1210.714612][T16237] hsr_slave_0: entered promiscuous mode
[ 1210.721764][T16237] hsr_slave_1: entered promiscuous mode
[ 1210.729707][  T977] usb 4-1: SerialNumber: syz
[ 1210.745717][T16237] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1210.745809][T16237] Cannot create hsr debugfs directory
[ 1210.987228][  T977] usb 4-1: USB disconnect, device number 23
[ 1212.461569][T16425] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[ 1212.640613][T16442] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1213.520397][T16447] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3195'.
[ 1214.452373][T16456] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[ 1214.463380][T16456] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[ 1214.474666][T16456] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1216.124608][T16473] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3204'.
[ 1216.179857][T16237] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1216.244019][T16237] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1216.325638][T16237] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1216.342945][T16237] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1216.454989][  T977] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1216.548793][T16237] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1216.572070][T16237] 8021q: adding VLAN 0 to HW filter on device team0
[ 1216.609293][ T3511] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1216.616748][ T3511] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1216.626864][ T3511] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1216.634051][ T3511] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1216.739586][T10748] Bluetooth: Frame is too long (len 16, expected len 4)
[ 1216.790693][  T977] usb 3-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1216.861965][  T977] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1216.999068][  T977] usb 3-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1217.111643][  T977] usb 3-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1217.431658][  T977] usb 3-1: Manufacturer: syz
[ 1217.445042][  T977] usb 3-1: config 0 descriptor??
[ 1217.583985][T16496] FAULT_INJECTION: forcing a failure.
[ 1217.583985][T16496] name failslab, interval 1, probability 0, space 0, times 0
[ 1217.616511][T16496] CPU: 0 UID: 0 PID: 16496 Comm: syz.3.3212 Not tainted 6.15.0-syzkaller-12058-g64980441d269 #0 PREEMPT(full) 
[ 1217.616541][T16496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1217.616552][T16496] Call Trace:
[ 1217.616560][T16496]  <TASK>
[ 1217.616568][T16496]  dump_stack_lvl+0x189/0x250
[ 1217.616599][T16496]  ? __pfx____ratelimit+0x10/0x10
[ 1217.616621][T16496]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1217.616647][T16496]  ? __pfx__printk+0x10/0x10
[ 1217.616674][T16496]  ? __pfx___might_resched+0x10/0x10
[ 1217.616702][T16496]  ? fs_reclaim_acquire+0x7d/0x100
[ 1217.616734][T16496]  should_fail_ex+0x414/0x560
[ 1217.616766][T16496]  should_failslab+0xa8/0x100
[ 1217.616794][T16496]  __kmalloc_noprof+0xcb/0x4f0
[ 1217.616814][T16496]  ? kfree+0x4d/0x440
[ 1217.616831][T16496]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1217.616865][T16496]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1217.616896][T16496]  ? tomoyo_domain+0xda/0x130
[ 1217.616921][T16496]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1217.616945][T16496]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1217.616973][T16496]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1217.617017][T16496]  ? __lock_acquire+0xab9/0xd20
[ 1217.617068][T16496]  ? __fget_files+0x2a/0x420
[ 1217.617097][T16496]  ? __fget_files+0x2a/0x420
[ 1217.617120][T16496]  ? __fget_files+0x3a0/0x420
[ 1217.617144][T16496]  ? __fget_files+0x2a/0x420
[ 1217.617174][T16496]  security_file_ioctl+0xcb/0x2d0
[ 1217.617201][T16496]  __se_sys_ioctl+0x47/0x170
[ 1217.617225][T16496]  do_syscall_64+0xfa/0x3b0
[ 1217.617248][T16496]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1217.617273][T16496]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1217.617291][T16496]  ? clear_bhb_loop+0x60/0xb0
[ 1217.617315][T16496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1217.617333][T16496] RIP: 0033:0x7ff2c798e929
[ 1217.617351][T16496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1217.617366][T16496] RSP: 002b:00007ff2c87a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1217.617398][T16496] RAX: ffffffffffffffda RBX: 00007ff2c7bb5fa0 RCX: 00007ff2c798e929
[ 1217.617412][T16496] RDX: 0000200000000000 RSI: 00000000c0405602 RDI: 0000000000000003
[ 1217.617424][T16496] RBP: 00007ff2c87a5090 R08: 0000000000000000 R09: 0000000000000000
[ 1217.617435][T16496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1217.617446][T16496] R13: 0000000000000000 R14: 00007ff2c7bb5fa0 R15: 00007ffc59d9a0f8
[ 1217.617478][T16496]  </TASK>
[ 1217.617487][T16496] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1217.746194][T16502] overlayfs: failed to clone upperpath
[ 1217.751446][  T977] rc_core: IR keymap rc-hauppauge not found
[ 1217.913222][  T977] Registered IR keymap rc-empty
[ 1217.934142][  T977] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[ 1217.957471][  T977] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input11
[ 1218.002098][    C0] igorplugusb 3-1:0.0: Error: urb status = -32
[ 1218.010019][T16478] FAULT_INJECTION: forcing a failure.
[ 1218.010019][T16478] name failslab, interval 1, probability 0, space 0, times 0
[ 1218.061075][T16478] CPU: 1 UID: 0 PID: 16478 Comm: syz.2.3205 Not tainted 6.15.0-syzkaller-12058-g64980441d269 #0 PREEMPT(full) 
[ 1218.061105][T16478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1218.061115][T16478] Call Trace:
[ 1218.061124][T16478]  <TASK>
[ 1218.061132][T16478]  dump_stack_lvl+0x189/0x250
[ 1218.061166][T16478]  ? __pfx____ratelimit+0x10/0x10
[ 1218.061190][T16478]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1218.061218][T16478]  ? __pfx__printk+0x10/0x10
[ 1218.061245][T16478]  ? __pfx___might_resched+0x10/0x10
[ 1218.061270][T16478]  ? fs_reclaim_acquire+0x7d/0x100
[ 1218.061302][T16478]  should_fail_ex+0x414/0x560
[ 1218.061333][T16478]  should_failslab+0xa8/0x100
[ 1218.061360][T16478]  __kmalloc_noprof+0xcb/0x4f0
[ 1218.061381][T16478]  ? kfree+0x4d/0x440
[ 1218.061398][T16478]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1218.061429][T16478]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1218.061459][T16478]  ? tomoyo_domain+0xda/0x130
[ 1218.061484][T16478]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1218.061509][T16478]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1218.061536][T16478]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1218.061578][T16478]  ? __lock_acquire+0xab9/0xd20
[ 1218.061628][T16478]  ? __fget_files+0x2a/0x420
[ 1218.061657][T16478]  ? __fget_files+0x2a/0x420
[ 1218.061681][T16478]  ? __fget_files+0x3a0/0x420
[ 1218.061712][T16478]  ? __fget_files+0x2a/0x420
[ 1218.061741][T16478]  security_file_ioctl+0xcb/0x2d0
[ 1218.061769][T16478]  __se_sys_ioctl+0x47/0x170
[ 1218.061795][T16478]  do_syscall_64+0xfa/0x3b0
[ 1218.061821][T16478]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1218.061839][T16478]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1218.061855][T16478]  ? clear_bhb_loop+0x60/0xb0
[ 1218.061878][T16478]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1218.061895][T16478] RIP: 0033:0x7fd485f8e929
[ 1218.061914][T16478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1218.061930][T16478] RSP: 002b:00007fd483df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1218.061952][T16478] RAX: ffffffffffffffda RBX: 00007fd4861b5fa0 RCX: 00007fd485f8e929
[ 1218.061966][T16478] RDX: 0000200000000040 RSI: 0000000080284504 RDI: 0000000000000004
[ 1218.061978][T16478] RBP: 00007fd483df6090 R08: 0000000000000000 R09: 0000000000000000
[ 1218.061990][T16478] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1218.062001][T16478] R13: 0000000000000000 R14: 00007fd4861b5fa0 R15: 00007fffbcbd9228
[ 1218.062032][T16478]  </TASK>
[ 1218.062041][T16478] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1218.302157][T16237] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1218.341327][ T9371] usb 3-1: USB disconnect, device number 16
[ 1218.859164][T16237] veth0_vlan: entered promiscuous mode
[ 1218.888544][T16237] veth1_vlan: entered promiscuous mode
[ 1220.349649][T16237] veth0_macvtap: entered promiscuous mode
[ 1220.370151][T16237] veth1_macvtap: entered promiscuous mode
[ 1220.464206][T16237] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1220.495874][T16237] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1220.514941][T16237] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1220.526032][T16237] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1220.555656][T16237] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1220.569679][T16237] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1220.591617][T16539] 9pnet_fd: Insufficient options for proto=fd
[ 1220.969526][ T1168] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1220.979128][ T1147] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1220.996374][ T1147] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1221.028643][ T1168] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1221.770833][T16554] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[ 1221.780508][T16554] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[ 1221.790652][T16554] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1221.884252][T16556] sock: sock_timestamping_bind_phc: sock not bind to device
[ 1222.424212][T16563] FAULT_INJECTION: forcing a failure.
[ 1222.424212][T16563] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1222.463101][T13581] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[ 1222.466403][T16563] CPU: 0 UID: 0 PID: 16563 Comm: syz.3.3231 Not tainted 6.15.0-syzkaller-12058-g64980441d269 #0 PREEMPT(full) 
[ 1222.466430][T16563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1222.466440][T16563] Call Trace:
[ 1222.466447][T16563]  <TASK>
[ 1222.466456][T16563]  dump_stack_lvl+0x189/0x250
[ 1222.466485][T16563]  ? __pfx____ratelimit+0x10/0x10
[ 1222.466507][T16563]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1222.466530][T16563]  ? __pfx__printk+0x10/0x10
[ 1222.466548][T16563]  ? __might_fault+0xb0/0x130
[ 1222.466579][T16563]  should_fail_ex+0x414/0x560
[ 1222.466606][T16563]  _copy_from_iter+0x1db/0x16f0
[ 1222.466638][T16563]  ? __lock_acquire+0xab9/0xd20
[ 1222.466661][T16563]  ? __pfx__copy_from_iter+0x10/0x10
[ 1222.466702][T16563]  ? page_copy_sane+0x4e/0x280
[ 1222.466728][T16563]  copy_page_from_iter+0xdd/0x170
[ 1222.466756][T16563]  tun_get_user+0x1c4d/0x3ce0
[ 1222.466784][T16563]  ? tun_get_user+0x693/0x3ce0
[ 1222.466824][T16563]  ? __pfx_tun_get_user+0x10/0x10
[ 1222.466856][T16563]  ? __lock_acquire+0xab9/0xd20
[ 1222.466883][T16563]  ? ref_tracker_alloc+0x318/0x460
[ 1222.466903][T16563]  ? __lock_acquire+0xab9/0xd20
[ 1222.466925][T16563]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1222.466960][T16563]  ? tun_get+0x1c/0x2f0
[ 1222.466989][T16563]  ? tun_get+0x1c/0x2f0
[ 1222.467012][T16563]  ? tun_get+0x1c/0x2f0
[ 1222.467040][T16563]  tun_chr_write_iter+0x113/0x200
[ 1222.467066][T16563]  vfs_write+0x54b/0xa90
[ 1222.467092][T16563]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1222.467116][T16563]  ? __pfx_vfs_write+0x10/0x10
[ 1222.467146][T16563]  ? __fget_files+0x2a/0x420
[ 1222.467183][T16563]  ksys_write+0x145/0x250
[ 1222.467206][T16563]  ? __pfx_ksys_write+0x10/0x10
[ 1222.467223][T16563]  ? rcu_is_watching+0x15/0xb0
[ 1222.467253][T16563]  ? do_syscall_64+0xbe/0x3b0
[ 1222.467277][T16563]  do_syscall_64+0xfa/0x3b0
[ 1222.467305][T16563]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1222.467325][T16563]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1222.467342][T16563]  ? clear_bhb_loop+0x60/0xb0
[ 1222.467363][T16563]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1222.467379][T16563] RIP: 0033:0x7ff2c798d3df
[ 1222.467395][T16563] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1222.467409][T16563] RSP: 002b:00007ff2c87a5000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1222.467429][T16563] RAX: ffffffffffffffda RBX: 00007ff2c7bb5fa0 RCX: 00007ff2c798d3df
[ 1222.467441][T16563] RDX: 000000000000004e RSI: 0000200000000100 RDI: 00000000000000c8
[ 1222.467452][T16563] RBP: 00007ff2c87a5090 R08: 0000000000000000 R09: 0000000000000000
[ 1222.467462][T16563] R10: 000000000000004e R11: 0000000000000293 R12: 0000000000000001
[ 1222.467472][T16563] R13: 0000000000000000 R14: 00007ff2c7bb5fa0 R15: 00007ffc59d9a0f8
[ 1222.467501][T16563]  </TASK>
[ 1222.934063][T16561] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3230'.
[ 1223.705780][   T30] audit: type=1326 audit(1749136985.095:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16573 comm="syz.5.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae8b8e929 code=0x7ffc0000
[ 1223.731949][T13581] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1223.754228][T13581] usb 1-1: New USB device found, idVendor=046d, idProduct=c532, bcdDevice= 0.00
[ 1223.773953][T13581] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1223.792114][   T30] audit: type=1326 audit(1749136985.095:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16573 comm="syz.5.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae8b8e929 code=0x7ffc0000
[ 1223.907457][T13581] usb 1-1: config 0 descriptor??
[ 1223.930151][   T30] audit: type=1326 audit(1749136985.114:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16573 comm="syz.5.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=279 compat=0 ip=0x7f5ae8b8e929 code=0x7ffc0000
[ 1223.985200][   T30] audit: type=1326 audit(1749136985.114:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16573 comm="syz.5.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae8b8e929 code=0x7ffc0000
[ 1224.007586][   T30] audit: type=1326 audit(1749136985.114:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16573 comm="syz.5.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae8b8e929 code=0x7ffc0000
[ 1224.007646][   T30] audit: type=1326 audit(1749136985.114:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16573 comm="syz.5.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5ae8b8e929 code=0x7ffc0000
[ 1224.007673][   T30] audit: type=1326 audit(1749136985.114:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16573 comm="syz.5.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae8b8e929 code=0x7ffc0000
[ 1224.007700][   T30] audit: type=1326 audit(1749136985.114:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16573 comm="syz.5.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae8b8e929 code=0x7ffc0000
[ 1224.007729][   T30] audit: type=1326 audit(1749136985.170:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16573 comm="syz.5.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5ae8b8e929 code=0x7ffc0000
[ 1224.007756][   T30] audit: type=1326 audit(1749136985.170:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16573 comm="syz.5.3234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ae8b8e929 code=0x7ffc0000
[ 1224.316692][T16582] netlink: 7 bytes leftover after parsing attributes in process `syz.5.3236'.
[ 1224.429815][T16560] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1224.447330][T16560] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1224.478429][T16560] netlink: 'syz.0.3135': attribute type 1 has an invalid length.
[ 1224.494204][T16560] netlink: 228 bytes leftover after parsing attributes in process `syz.0.3135'.
[ 1224.515784][T16560] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3135'.
[ 1224.655659][T13581] usbhid 1-1:0.0: can't add hid device: -71
[ 1224.661923][T13581] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1224.733533][T13581] usb 1-1: USB disconnect, device number 10
[ 1224.788198][T16588] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3239'.
[ 1225.720442][T16600] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1226.243919][T16608] x_tables: ip_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[ 1227.851472][   T43] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[ 1227.983890][T16639] binder: 16637:16639 ioctl c0306201 0 returned -14
[ 1228.062416][   T43] usb 3-1: config 3 has an invalid interface number: 248 but max is 0
[ 1228.129560][   T43] usb 3-1: config 3 has no interface number 0
[ 1228.226278][   T43] usb 3-1: New USB device found, idVendor=1686, idProduct=00dd, bcdDevice=c4.ff
[ 1228.242000][   T43] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1228.254063][   T43] usb 3-1: Product: syz
[ 1228.258400][   T43] usb 3-1: Manufacturer: syz
[ 1228.263221][   T43] usb 3-1: SerialNumber: syz
[ 1228.296042][   T43] hub 3-1:3.248: bad descriptor, ignoring hub
[ 1228.304944][   T43] hub 3-1:3.248: probe with driver hub failed with error -5
[ 1228.582495][T16654] netlink: 14 bytes leftover after parsing attributes in process `syz.6.3258'.
[ 1228.636698][   T43] usb 3-1: USB disconnect, device number 17
[ 1230.078266][T16654] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1230.121762][T16654] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1230.178500][T16654] bond0 (unregistering): (slave bridge0): Releasing backup interface
[ 1230.218108][T16654] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1230.225524][T16654] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1230.292621][T16654] bond0 (unregistering): Released all slaves
[ 1230.688490][T16678] sock: sock_timestamping_bind_phc: sock not bind to device
[ 1231.751651][T16687] binder: 16685:16687 ioctl c0306201 0 returned -14
[ 1232.138264][  T977] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[ 1233.235306][T16709] batadv1: entered promiscuous mode
[ 1233.251969][T16709] 8021q: adding VLAN 0 to HW filter on device batadv1
[ 1233.317993][  T977] usb 3-1: Using ep0 maxpacket: 8
[ 1233.327577][  T977] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1233.346065][  T977] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1233.356384][  T977] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1233.388831][  T977] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1234.119140][  T977] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1234.157347][  T977] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1234.442789][  T977] usb 3-1: GET_CAPABILITIES returned 0
[ 1234.452761][  T977] usbtmc 3-1:16.0: can't read capabilities
[ 1234.664295][   T43] usb 3-1: USB disconnect, device number 18
[ 1234.864678][T16732] FAULT_INJECTION: forcing a failure.
[ 1234.864678][T16732] name failslab, interval 1, probability 0, space 0, times 0
[ 1235.556592][T16732] CPU: 1 UID: 0 PID: 16732 Comm: syz.0.3283 Not tainted 6.15.0-syzkaller-12058-g64980441d269 #0 PREEMPT(full) 
[ 1235.556632][T16732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1235.556644][T16732] Call Trace:
[ 1235.556651][T16732]  <TASK>
[ 1235.556659][T16732]  dump_stack_lvl+0x189/0x250
[ 1235.556692][T16732]  ? __pfx____ratelimit+0x10/0x10
[ 1235.556715][T16732]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1235.556741][T16732]  ? __pfx__printk+0x10/0x10
[ 1235.556766][T16732]  ? __pfx___might_resched+0x10/0x10
[ 1235.556791][T16732]  ? fs_reclaim_acquire+0x7d/0x100
[ 1235.556822][T16732]  should_fail_ex+0x414/0x560
[ 1235.556851][T16732]  should_failslab+0xa8/0x100
[ 1235.556878][T16732]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1235.556899][T16732]  ? getname_flags+0xb8/0x540
[ 1235.556929][T16732]  getname_flags+0xb8/0x540
[ 1235.556960][T16732]  do_sys_openat2+0xbc/0x1c0
[ 1235.556981][T16732]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1235.556999][T16732]  ? ksys_write+0x22a/0x250
[ 1235.557023][T16732]  ? __pfx_ksys_write+0x10/0x10
[ 1235.557042][T16732]  ? rcu_is_watching+0x15/0xb0
[ 1235.557074][T16732]  __x64_sys_openat+0x138/0x170
[ 1235.557097][T16732]  do_syscall_64+0xfa/0x3b0
[ 1235.557120][T16732]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1235.557142][T16732]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1235.557159][T16732]  ? clear_bhb_loop+0x60/0xb0
[ 1235.557189][T16732]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1235.557206][T16732] RIP: 0033:0x7f9f4798d290
[ 1235.557224][T16732] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[ 1235.557240][T16732] RSP: 002b:00007f9f48774b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1235.557261][T16732] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f9f4798d290
[ 1235.557274][T16732] RDX: 0000000000000000 RSI: 00007f9f48774c10 RDI: 00000000ffffff9c
[ 1235.557285][T16732] RBP: 00007f9f48774c10 R08: 0000000000000000 R09: 0000000000000000
[ 1235.557296][T16732] R10: 0000000000000000 R11: 0000000000000293 R12: cccccccccccccccd
[ 1235.557308][T16732] R13: 0000000000000000 R14: 00007f9f47bb6080 R15: 00007ffdb806c3f8
[ 1235.557339][T16732]  </TASK>
[ 1236.127305][T16745] 9pnet_fd: Insufficient options for proto=fd
[ 1237.045964][T16748] fuse: Invalid rootmode
[ 1238.316999][T16770] lo speed is unknown, defaulting to 1000
[ 1238.323464][T16770] lo speed is unknown, defaulting to 1000
[ 1238.335570][T16770] lo speed is unknown, defaulting to 1000
[ 1238.445205][T16770] infiniband s�z0: RDMA CMA: cma_listen_on_dev, error -98
[ 1238.906208][T16770] lo speed is unknown, defaulting to 1000
[ 1238.914875][T16770] lo speed is unknown, defaulting to 1000
[ 1238.922839][T16770] lo speed is unknown, defaulting to 1000
[ 1238.937928][T16770] lo speed is unknown, defaulting to 1000
[ 1238.946891][T16770] lo speed is unknown, defaulting to 1000
[ 1240.009494][T16786] 9pnet_fd: Insufficient options for proto=fd
[ 1240.027821][   T43] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[ 1240.281196][T16790] SET target dimension over the limit!
[ 1240.499150][   T43] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1240.752891][   T30] kauditd_printk_skb: 19 callbacks suppressed
[ 1240.753024][   T30] audit: type=1800 audit(1749137001.035:515): pid=16788 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.6.3298" name="nullb0" dev="tmpfs" ino=1810 res=0 errno=0
[ 1240.810731][   T43] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1240.868479][   T43] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1240.889365][   T43] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1240.904382][   T43] usb 1-1: SerialNumber: syz
[ 1241.187433][   T43] usb 1-1: 0:2 : does not exist
[ 1241.212961][   T43] usb 1-1: USB disconnect, device number 11
[ 1241.444338][T16799] netlink: 'syz.2.3304': attribute type 2 has an invalid length.
[ 1242.210241][T16816] vcan0: tx drop: invalid sa for name 0x0000000000000001
[ 1242.290382][T16818] FAULT_INJECTION: forcing a failure.
[ 1242.290382][T16818] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1242.438608][T16818] CPU: 0 UID: 0 PID: 16818 Comm: syz.0.3310 Not tainted 6.15.0-syzkaller-12058-g64980441d269 #0 PREEMPT(full) 
[ 1242.438640][T16818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1242.438651][T16818] Call Trace:
[ 1242.438660][T16818]  <TASK>
[ 1242.438668][T16818]  dump_stack_lvl+0x189/0x250
[ 1242.438702][T16818]  ? __pfx____ratelimit+0x10/0x10
[ 1242.438726][T16818]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1242.438753][T16818]  ? __pfx__printk+0x10/0x10
[ 1242.438788][T16818]  should_fail_ex+0x414/0x560
[ 1242.438818][T16818]  _copy_to_user+0x31/0xb0
[ 1242.438842][T16818]  simple_read_from_buffer+0xe1/0x170
[ 1242.438872][T16818]  proc_fail_nth_read+0x1df/0x250
[ 1242.438904][T16818]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1242.438935][T16818]  ? rw_verify_area+0x258/0x650
[ 1242.438956][T16818]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1242.438990][T16818]  vfs_read+0x1fd/0x980
[ 1242.439020][T16818]  ? __pfx___mutex_lock+0x10/0x10
[ 1242.439045][T16818]  ? __pfx_vfs_read+0x10/0x10
[ 1242.439070][T16818]  ? __fget_files+0x2a/0x420
[ 1242.439101][T16818]  ? __fget_files+0x3a0/0x420
[ 1242.439125][T16818]  ? __fget_files+0x2a/0x420
[ 1242.439161][T16818]  ksys_read+0x145/0x250
[ 1242.439187][T16818]  ? __pfx_ksys_read+0x10/0x10
[ 1242.439216][T16818]  ? do_syscall_64+0xbe/0x3b0
[ 1242.439245][T16818]  do_syscall_64+0xfa/0x3b0
[ 1242.439271][T16818]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1242.439288][T16818]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1242.439317][T16818]  ? clear_bhb_loop+0x60/0xb0
[ 1242.439341][T16818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1242.439358][T16818] RIP: 0033:0x7f9f4798d33c
[ 1242.439377][T16818] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1242.439392][T16818] RSP: 002b:00007f9f48775030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1242.439414][T16818] RAX: ffffffffffffffda RBX: 00007f9f47bb6080 RCX: 00007f9f4798d33c
[ 1242.439428][T16818] RDX: 000000000000000f RSI: 00007f9f487750a0 RDI: 0000000000000005
[ 1242.439440][T16818] RBP: 00007f9f48775090 R08: 0000000000000000 R09: 0000000000000000
[ 1242.439451][T16818] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1242.439463][T16818] R13: 0000000000000000 R14: 00007f9f47bb6080 R15: 00007ffdb806c3f8
[ 1242.439495][T16818]  </TASK>
[ 1242.968555][ T5916] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[ 1244.175697][ T5916] usb 4-1: Using ep0 maxpacket: 16
[ 1244.188587][ T5916] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 11
[ 1244.197850][ T5916] usb 4-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[ 1244.475037][ T5916] usb 4-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[ 1244.484870][ T5916] usb 4-1: config 1 interface 0 altsetting 3 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1244.517948][ T5916] usb 4-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 0
[ 1244.542728][ T5916] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1244.562607][ T5916] usb 4-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[ 1244.580014][ T5916] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1244.630605][ T5916] ums-sddr09 4-1:1.0: USB Mass Storage device detected
[ 1245.524581][ T5916] ums-sddr09 4-1:1.0: probe with driver ums-sddr09 failed with error -22
[ 1245.543770][ T5916] usb 4-1: USB disconnect, device number 24
[ 1247.351094][T13581] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[ 1247.466714][T16878] SET target dimension over the limit!
[ 1247.521868][ T5916] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[ 1247.543302][T13581] usb 1-1: Using ep0 maxpacket: 16
[ 1247.561415][T13581] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1247.590553][T13581] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1247.617461][T13581] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1247.637925][T13581] usb 1-1: Product: syz
[ 1247.643234][T13581] usb 1-1: Manufacturer: syz
[ 1247.648089][T13581] usb 1-1: SerialNumber: syz
[ 1247.657361][T13581] usb 1-1: config 0 descriptor??
[ 1247.670432][T13581] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1247.680818][T13581] em28xx 1-1:0.0: DVB interface 0 found: bulk
[ 1247.705993][ T5916] usb 4-1: Using ep0 maxpacket: 16
[ 1247.728828][ T5916] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[ 1247.745536][ T5916] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1247.768932][ T5916] usb 4-1: Product: syz
[ 1247.776461][ T5916] usb 4-1: Manufacturer: syz
[ 1247.782476][ T5916] usb 4-1: SerialNumber: syz
[ 1247.791410][ T5916] usb 4-1: config 0 descriptor??
[ 1247.802305][ T5916] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[ 1247.821219][ T5916] usb 4-1: Detected FT232H
[ 1248.017000][ T5916] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[ 1248.328120][T13581] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[ 1249.261400][T16906] netlink: 96 bytes leftover after parsing attributes in process `syz.6.3336'.
[ 1249.272415][T16906] 8021q: VLANs not supported on ip6tnl0
[ 1249.626956][ T5916] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71
[ 1249.702588][T13581] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[ 1249.721198][T13581] em28xx 1-1:0.0: board has no eeprom
[ 1250.134284][ T5916] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1250.159871][T16899] FAULT_INJECTION: forcing a failure.
[ 1250.159871][T16899] name failslab, interval 1, probability 0, space 0, times 0
[ 1250.206901][ T5916] usb 4-1: USB disconnect, device number 25
[ 1250.219435][T16899] CPU: 0 UID: 0 PID: 16899 Comm: syz.2.3335 Not tainted 6.15.0-syzkaller-12058-g64980441d269 #0 PREEMPT(full) 
[ 1250.219466][T16899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1250.219477][T16899] Call Trace:
[ 1250.219485][T16899]  <TASK>
[ 1250.219494][T16899]  dump_stack_lvl+0x189/0x250
[ 1250.219528][T16899]  ? __pfx____ratelimit+0x10/0x10
[ 1250.219553][T16899]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1250.219589][T16899]  ? __pfx__printk+0x10/0x10
[ 1250.219616][T16899]  ? __pfx___might_resched+0x10/0x10
[ 1250.219643][T16899]  ? fs_reclaim_acquire+0x7d/0x100
[ 1250.219676][T16899]  should_fail_ex+0x414/0x560
[ 1250.219707][T16899]  should_failslab+0xa8/0x100
[ 1250.219734][T16899]  __kmalloc_noprof+0xcb/0x4f0
[ 1250.219756][T16899]  ? kfree+0x4d/0x440
[ 1250.219773][T16899]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1250.219809][T16899]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1250.219841][T16899]  ? tomoyo_domain+0xda/0x130
[ 1250.219872][T16899]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1250.219897][T16899]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1250.219926][T16899]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1250.219972][T16899]  ? __lock_acquire+0xab9/0xd20
[ 1250.220032][T16899]  ? __fget_files+0x2a/0x420
[ 1250.220062][T16899]  ? __fget_files+0x2a/0x420
[ 1250.220085][T16899]  ? __fget_files+0x3a0/0x420
[ 1250.220108][T16899]  ? __fget_files+0x2a/0x420
[ 1250.220146][T16899]  security_file_ioctl+0xcb/0x2d0
[ 1250.220175][T16899]  __se_sys_ioctl+0x47/0x170
[ 1250.220200][T16899]  do_syscall_64+0xfa/0x3b0
[ 1250.220227][T16899]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1250.220245][T16899]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1250.220263][T16899]  ? clear_bhb_loop+0x60/0xb0
[ 1250.220288][T16899]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1250.220305][T16899] RIP: 0033:0x7fd485f8e929
[ 1250.220323][T16899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1250.220339][T16899] RSP: 002b:00007fd483df6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1250.220361][T16899] RAX: ffffffffffffffda RBX: 00007fd4861b5fa0 RCX: 00007fd485f8e929
[ 1250.220374][T16899] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 1250.220386][T16899] RBP: 00007fd483df6090 R08: 0000000000000000 R09: 0000000000000000
[ 1250.220397][T16899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1250.220408][T16899] R13: 0000000000000000 R14: 00007fd4861b5fa0 R15: 00007fffbcbd9228
[ 1250.220442][T16899]  </TASK>
[ 1250.220549][T16899] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1250.449784][T16909] netlink: 'syz.3.3337': attribute type 12 has an invalid length.
[ 1250.507014][T13581] em28xx 1-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[ 1250.509794][ T5916] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1250.524159][T13581] em28xx 1-1:0.0: dvb set to bulk mode.
[ 1250.555589][T16587] em28xx 1-1:0.0: Binding DVB extension
[ 1250.556241][ T5916] ftdi_sio 4-1:0.0: device disconnected
[ 1250.579033][T13581] usb 1-1: USB disconnect, device number 12
[ 1250.597465][T13581] em28xx 1-1:0.0: Disconnecting em28xx
[ 1250.694690][T16919] netlink: 'syz.2.3341': attribute type 10 has an invalid length.
[ 1250.704383][T16919] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1250.712332][T16919] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1250.763337][T16919] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1250.770670][T16919] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1250.778486][T16919] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1250.786086][T16919] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1250.934907][T16587] em28xx 1-1:0.0: Registering input extension
[ 1250.941450][T13581] em28xx 1-1:0.0: Closing input extension
[ 1251.254686][T13581] em28xx 1-1:0.0: Freeing device
[ 1251.744954][T16919] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1251.982566][T16923] loop8: detected capacity change from 0 to 1
[ 1252.525142][T13581] usb 3-1: new full-speed USB device number 19 using dummy_hcd
[ 1252.773317][T16923] Dev loop8: unable to read RDB block 1
[ 1252.779375][T16923]  loop8: unable to read partition table
[ 1252.807353][T16923] loop8: partition table beyond EOD, truncated
[ 1252.833425][T16923] loop_reread_partitions: partition scan of loop8 (�被x�^>��� ) failed (rc=-5)
[ 1253.471715][T13581] usb 3-1: not running at top speed; connect to a high speed hub
[ 1253.491359][T13581] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1253.512526][T13581] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1254.391296][T16954] FAULT_INJECTION: forcing a failure.
[ 1254.391296][T16954] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1254.405647][T16954] CPU: 1 UID: 0 PID: 16954 Comm: syz.3.3351 Not tainted 6.15.0-syzkaller-12058-g64980441d269 #0 PREEMPT(full) 
[ 1254.405676][T16954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1254.405687][T16954] Call Trace:
[ 1254.405695][T16954]  <TASK>
[ 1254.405704][T16954]  dump_stack_lvl+0x189/0x250
[ 1254.405737][T16954]  ? __pfx____ratelimit+0x10/0x10
[ 1254.405762][T16954]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1254.405789][T16954]  ? __pfx__printk+0x10/0x10
[ 1254.405814][T16954]  ? __might_fault+0xb0/0x130
[ 1254.405845][T16954]  should_fail_ex+0x414/0x560
[ 1254.405875][T16954]  _copy_from_user+0x2d/0xb0
[ 1254.405895][T16954]  __sys_bpf+0x1ed/0x860
[ 1254.405923][T16954]  ? __pfx___sys_bpf+0x10/0x10
[ 1254.405982][T16954]  __x64_sys_bpf+0x7c/0x90
[ 1254.406004][T16954]  do_syscall_64+0xfa/0x3b0
[ 1254.406030][T16954]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1254.406047][T16954]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1254.406065][T16954]  ? clear_bhb_loop+0x60/0xb0
[ 1254.406088][T16954]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1254.406107][T16954] RIP: 0033:0x7ff2c798e929
[ 1254.406125][T16954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1254.406142][T16954] RSP: 002b:00007ff2c8763038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1254.406163][T16954] RAX: ffffffffffffffda RBX: 00007ff2c7bb6160 RCX: 00007ff2c798e929
[ 1254.406176][T16954] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[ 1254.406189][T16954] RBP: 00007ff2c8763090 R08: 0000000000000000 R09: 0000000000000000
[ 1254.406201][T16954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1254.406212][T16954] R13: 0000000000000000 R14: 00007ff2c7bb6160 R15: 00007ffc59d9a0f8
[ 1254.406253][T16954]  </TASK>
[ 1254.593725][T13581] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1254.603080][T13581] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1254.611631][T13581] usb 3-1: Product: 浳　뒀䨪℄ࠝ蟘竕ⵦ䮛䟾茳ﳵ૟ᴖ꧗䒑逍ꇼ콸랂蘭渥ᆟ鎘䱾朘쬷荙䗑⎭摧ヲ鮏굎㺅圯蚋
[ 1254.627880][T13581] usb 3-1: Manufacturer: 
[ 1254.632643][T13581] usb 3-1: SerialNumber: 츈幗疌履庫몁を滖䑾⷇ᡭ柹愤㘣谱ୗ殽넄齝殿൮﹌魍鹶ၮ蟆벖＿ᖴ띸㻮ﻄ鷢矋泯䁩⼵^슂߲⓼ݢ뒫㤄Ｓ㐿읃嚳和顁⚈춦뗈㯃趇ㅼ糊댽璭꼍ൃ갣嗍쬂⮅躟ঈ΍ൖ礉癆뇍䘛ᇨ孵啾罠蛾잧䆋汋Ո槐谝荄⌒㔻Ⴥ쿄⧋黊ଔ줓᳂ᩮ䬅꒓岘⤧Ꙫ
[ 1254.888896][T16931] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1254.898545][T16931] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1254.909103][T16931] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1254.918243][T16931] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1255.653399][T16959] mkiss: ax0: crc mode is auto.
[ 1255.763622][T16962] netlink: 'syz.3.3352': attribute type 4 has an invalid length.
[ 1255.829764][T16962] netlink: 'syz.3.3352': attribute type 6 has an invalid length.
[ 1255.829796][T16962] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1255.861424][T16969] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3357'.
[ 1255.862389][T16969] 9pnet: Unknown protocol version 9p2�/�:�^
[ 1255.945139][T16975] xt_TCPMSS: Only works on TCP SYN packets
[ 1256.198860][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 1256.207802][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 1256.305205][T16991] FAULT_INJECTION: forcing a failure.
[ 1256.305205][T16991] name failslab, interval 1, probability 0, space 0, times 0
[ 1256.327310][T16991] CPU: 1 UID: 0 PID: 16991 Comm: syz.0.3364 Not tainted 6.15.0-syzkaller-12058-g64980441d269 #0 PREEMPT(full) 
[ 1256.327351][T16991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1256.327369][T16991] Call Trace:
[ 1256.327378][T16991]  <TASK>
[ 1256.327388][T16991]  dump_stack_lvl+0x189/0x250
[ 1256.327423][T16991]  ? __pfx____ratelimit+0x10/0x10
[ 1256.327449][T16991]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1256.327476][T16991]  ? __pfx__printk+0x10/0x10
[ 1256.327505][T16991]  ? __pfx___might_resched+0x10/0x10
[ 1256.327532][T16991]  ? fs_reclaim_acquire+0x7d/0x100
[ 1256.327566][T16991]  should_fail_ex+0x414/0x560
[ 1256.327596][T16991]  should_failslab+0xa8/0x100
[ 1256.327623][T16991]  __kmalloc_noprof+0xcb/0x4f0
[ 1256.327645][T16991]  ? kfree+0x4d/0x440
[ 1256.327663][T16991]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1256.327699][T16991]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1256.327731][T16991]  ? tomoyo_domain+0xda/0x130
[ 1256.327756][T16991]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1256.327781][T16991]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1256.327810][T16991]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1256.327856][T16991]  ? __lock_acquire+0xab9/0xd20
[ 1256.327906][T16991]  ? __fget_files+0x2a/0x420
[ 1256.327936][T16991]  ? __fget_files+0x2a/0x420
[ 1256.327959][T16991]  ? __fget_files+0x3a0/0x420
[ 1256.327984][T16991]  ? __fget_files+0x2a/0x420
[ 1256.328015][T16991]  security_file_ioctl+0xcb/0x2d0
[ 1256.328044][T16991]  __se_sys_ioctl+0x47/0x170
[ 1256.328070][T16991]  do_syscall_64+0xfa/0x3b0
[ 1256.328093][T16991]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1256.328117][T16991]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1256.328136][T16991]  ? clear_bhb_loop+0x60/0xb0
[ 1256.328160][T16991]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1256.328179][T16991] RIP: 0033:0x7f9f4798e929
[ 1256.328197][T16991] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1256.328214][T16991] RSP: 002b:00007f9f48796038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1256.328236][T16991] RAX: ffffffffffffffda RBX: 00007f9f47bb5fa0 RCX: 00007f9f4798e929
[ 1256.328251][T16991] RDX: 0000200000000000 RSI: 00000000c0405602 RDI: 0000000000000003
[ 1256.328264][T16991] RBP: 00007f9f48796090 R08: 0000000000000000 R09: 0000000000000000
[ 1256.328275][T16991] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1256.328287][T16991] R13: 0000000000000000 R14: 00007f9f47bb5fa0 R15: 00007ffdb806c3f8
[ 1256.328321][T16991]  </TASK>
[ 1256.590212][T16991] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1256.616071][T16993] fuse: Unknown parameter '�>d'
[ 1258.913577][T13581] usb 3-1: 0:2 : does not exist
[ 1259.286633][T17017] FAULT_INJECTION: forcing a failure.
[ 1259.286633][T17017] name failslab, interval 1, probability 0, space 0, times 0
[ 1259.305976][T17017] CPU: 0 UID: 0 PID: 17017 Comm: syz.3.3370 Not tainted 6.15.0-syzkaller-12058-g64980441d269 #0 PREEMPT(full) 
[ 1259.306007][T17017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1259.306019][T17017] Call Trace:
[ 1259.306027][T17017]  <TASK>
[ 1259.306036][T17017]  dump_stack_lvl+0x189/0x250
[ 1259.306070][T17017]  ? __pfx____ratelimit+0x10/0x10
[ 1259.306094][T17017]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1259.306121][T17017]  ? __pfx__printk+0x10/0x10
[ 1259.306147][T17017]  ? __pfx___might_resched+0x10/0x10
[ 1259.306173][T17017]  ? fs_reclaim_acquire+0x7d/0x100
[ 1259.306205][T17017]  should_fail_ex+0x414/0x560
[ 1259.306235][T17017]  should_failslab+0xa8/0x100
[ 1259.306260][T17017]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1259.306282][T17017]  ? fcntl_setlease+0xe2/0x4c0
[ 1259.306306][T17017]  fcntl_setlease+0xe2/0x4c0
[ 1259.306327][T17017]  ? __pfx_fcntl_setlease+0x10/0x10
[ 1259.306350][T17017]  ? ksys_write+0x1cb/0x250
[ 1259.306384][T17017]  do_fcntl+0x6a9/0x1910
[ 1259.306404][T17017]  ? smack_file_fcntl+0x137/0x2f0
[ 1259.306431][T17017]  ? __pfx_do_fcntl+0x10/0x10
[ 1259.306462][T17017]  ? __fget_files+0x2a/0x420
[ 1259.306496][T17017]  ? bpf_lsm_file_fcntl+0x9/0x20
[ 1259.306535][T17017]  __se_sys_fcntl+0xc8/0x150
[ 1259.306557][T17017]  do_syscall_64+0xfa/0x3b0
[ 1259.306580][T17017]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1259.306604][T17017]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1259.306623][T17017]  ? clear_bhb_loop+0x60/0xb0
[ 1259.306647][T17017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1259.306666][T17017] RIP: 0033:0x7ff2c798e929
[ 1259.306684][T17017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1259.306700][T17017] RSP: 002b:00007ff2c8763038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[ 1259.306722][T17017] RAX: ffffffffffffffda RBX: 00007ff2c7bb6160 RCX: 00007ff2c798e929
[ 1259.306736][T17017] RDX: 79f5bb8e96012007 RSI: 0000000000000400 RDI: 0000000000000003
[ 1259.306749][T17017] RBP: 00007ff2c8763090 R08: 0000000000000000 R09: 0000000000000000
[ 1259.306761][T17017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1259.306772][T17017] R13: 0000000000000000 R14: 00007ff2c7bb6160 R15: 00007ffc59d9a0f8
[ 1259.306804][T17017]  </TASK>
[ 1259.318599][T13581] usb 3-1: USB disconnect, device number 19
[ 1260.770531][T17026] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1260.777033][T17026] Bluetooth: hci5: Opcode 0x0406 failed: -4
[ 1260.840715][T17026] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1260.872038][T17026] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1260.918755][T17026] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1260.937042][T17026] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1260.967202][T17026] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1260.991461][T17026] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1261.010589][T17026] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1261.037160][T17026] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1261.059350][T17026] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1261.096171][T17026] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1261.123148][T17026] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1262.048495][T17049] FAULT_INJECTION: forcing a failure.
[ 1262.048495][T17049] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1262.061804][T17049] CPU: 1 UID: 0 PID: 17049 Comm: syz.0.3376 Not tainted 6.15.0-syzkaller-12058-g64980441d269 #0 PREEMPT(full) 
[ 1262.061832][T17049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1262.061843][T17049] Call Trace:
[ 1262.061852][T17049]  <TASK>
[ 1262.061860][T17049]  dump_stack_lvl+0x189/0x250
[ 1262.061894][T17049]  ? __pfx____ratelimit+0x10/0x10
[ 1262.061920][T17049]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1262.061948][T17049]  ? __pfx__printk+0x10/0x10
[ 1262.061968][T17049]  ? __might_fault+0xb0/0x130
[ 1262.062006][T17049]  should_fail_ex+0x414/0x560
[ 1262.062037][T17049]  _copy_from_user+0x2d/0xb0
[ 1262.062059][T17049]  keyctl_pkey_params_get_2+0x107/0x480
[ 1262.062086][T17049]  ? __pfx_keyctl_pkey_params_get_2+0x10/0x10
[ 1262.062112][T17049]  ? get_pid_task+0x20/0x1f0
[ 1262.062151][T17049]  keyctl_pkey_verify+0xaf/0x260
[ 1262.062176][T17049]  ? __pfx_keyctl_pkey_verify+0x10/0x10
[ 1262.062219][T17049]  __se_sys_keyctl+0x488/0x910
[ 1262.062249][T17049]  ? __pfx___se_sys_keyctl+0x10/0x10
[ 1262.062289][T17049]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1262.062320][T17049]  ? __fget_files+0x3a0/0x420
[ 1262.062355][T17049]  ? fput+0xa0/0xd0
[ 1262.062374][T17049]  ? ksys_write+0x22a/0x250
[ 1262.062400][T17049]  ? __pfx_ksys_write+0x10/0x10
[ 1262.062419][T17049]  ? rcu_is_watching+0x15/0xb0
[ 1262.062453][T17049]  ? do_syscall_64+0xbe/0x3b0
[ 1262.062477][T17049]  ? __x64_sys_keyctl+0x20/0xc0
[ 1262.062506][T17049]  do_syscall_64+0xfa/0x3b0
[ 1262.062529][T17049]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1262.062551][T17049]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1262.062570][T17049]  ? clear_bhb_loop+0x60/0xb0
[ 1262.062594][T17049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1262.062612][T17049] RIP: 0033:0x7f9f4798e929
[ 1262.062631][T17049] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1262.062647][T17049] RSP: 002b:00007f9f48754038 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[ 1262.062670][T17049] RAX: ffffffffffffffda RBX: 00007f9f47bb6160 RCX: 00007f9f4798e929
[ 1262.062684][T17049] RDX: 0000200000000200 RSI: 0000000000000000 RDI: 000000000000001c
[ 1262.062696][T17049] RBP: 00007f9f48754090 R08: 0000000000000000 R09: 0000000000000000
[ 1262.062708][T17049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1262.062720][T17049] R13: 0000000000000000 R14: 00007f9f47bb6160 R15: 00007ffdb806c3f8
[ 1262.062753][T17049]  </TASK>
[ 1262.788421][T10748] Bluetooth: hci5: command 0x0406 tx timeout
[ 1263.326001][T10748] Bluetooth: hci1: command 0x0406 tx timeout
[ 1263.332371][T10748] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1263.338982][T10748] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1263.345154][T10748] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1264.163036][T17055] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3380'.
[ 1264.186688][T17057] netlink: 28 bytes leftover after parsing attributes in process `syz.6.3380'.
[ 1264.509393][ T9371] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[ 1264.681137][ T9371] usb 3-1: device descriptor read/64, error -71
[ 1264.791207][T17070] SET target dimension over the limit!
[ 1264.937250][ T9371] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[ 1265.054584][   T51] Bluetooth: hci5: command 0x0406 tx timeout
[ 1265.172386][ T9371] usb 3-1: device descriptor read/64, error -71
[ 1265.365435][ T9371] usb usb3-port1: attempt power cycle
[ 1265.478564][ T5893] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[ 1265.519250][   T51] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1265.520589][T10748] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1265.525559][   T51] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1265.531622][T10748] Bluetooth: hci1: command 0x0406 tx timeout
[ 1265.631763][ T5893] usb 1-1: device descriptor read/64, error -71
[ 1265.824420][ T9371] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[ 1265.867898][ T9371] usb 3-1: device descriptor read/8, error -71
[ 1265.888806][ T5893] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[ 1266.070426][ T5893] usb 1-1: device descriptor read/64, error -71
[ 1266.140422][T17093] FAULT_INJECTION: forcing a failure.
[ 1266.140422][T17093] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1266.154204][ T9371] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[ 1266.154837][T17093] CPU: 0 UID: 0 PID: 17093 Comm: syz.3.3391 Not tainted 6.15.0-syzkaller-12058-g64980441d269 #0 PREEMPT(full) 
[ 1266.154861][T17093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1266.154872][T17093] Call Trace:
[ 1266.154882][T17093]  <TASK>
[ 1266.154892][T17093]  dump_stack_lvl+0x189/0x250
[ 1266.154922][T17093]  ? __pfx____ratelimit+0x10/0x10
[ 1266.154943][T17093]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1266.154966][T17093]  ? __pfx__printk+0x10/0x10
[ 1266.154984][T17093]  ? __might_fault+0xb0/0x130
[ 1266.155016][T17093]  should_fail_ex+0x414/0x560
[ 1266.155044][T17093]  _copy_from_user+0x2d/0xb0
[ 1266.155062][T17093]  ___sys_sendmsg+0x158/0x2a0
[ 1266.155084][T17093]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1266.155141][T17093]  ? __fget_files+0x2a/0x420
[ 1266.155162][T17093]  ? __fget_files+0x3a0/0x420
[ 1266.155195][T17093]  __sys_sendmmsg+0x227/0x430
[ 1266.155219][T17093]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1266.155275][T17093]  ? rcu_is_watching+0x15/0xb0
[ 1266.155303][T17093]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1266.155323][T17093]  do_syscall_64+0xfa/0x3b0
[ 1266.155343][T17093]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1266.155363][T17093]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1266.155380][T17093]  ? clear_bhb_loop+0x60/0xb0
[ 1266.155407][T17093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1266.155424][T17093] RIP: 0033:0x7ff2c798e929
[ 1266.155440][T17093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1266.155454][T17093] RSP: 002b:00007ff2c87a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1266.155481][T17093] RAX: ffffffffffffffda RBX: 00007ff2c7bb5fa0 RCX: 00007ff2c798e929
[ 1266.155494][T17093] RDX: 0000000000000001 RSI: 0000200000003300 RDI: 0000000000000003
[ 1266.155505][T17093] RBP: 00007ff2c87a5090 R08: 0000000000000000 R09: 0000000000000000
[ 1266.155515][T17093] R10: 000000000400c404 R11: 0000000000000246 R12: 0000000000000001
[ 1266.155525][T17093] R13: 0000000000000000 R14: 00007ff2c7bb5fa0 R15: 00007ffc59d9a0f8
[ 1266.155554][T17093]  </TASK>
[ 1266.209522][ T5893] usb usb1-port1: attempt power cycle
[ 1266.231292][ T9371] usb 3-1: device descriptor read/8, error -71
[ 1266.509343][ T9371] usb usb3-port1: unable to enumerate USB device
[ 1266.711519][ T5893] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[ 1266.745143][ T5893] usb 1-1: device descriptor read/8, error -71
[ 1267.021777][ T5893] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[ 1267.068113][ T5893] usb 1-1: device descriptor read/8, error -71
[ 1267.193017][ T5893] usb usb1-port1: unable to enumerate USB device
[ 1267.742484][T17072] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1267.742554][T15880] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1267.748982][T10748] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1267.793558][T17115] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3398'.
[ 1268.931836][T17129] Bluetooth: MGMT ver 1.23
[ 1269.078207][T17139] 9pnet_fd: Insufficient options for proto=fd
[ 1271.189512][T17176] FAULT_INJECTION: forcing a failure.
[ 1271.189512][T17176] name failslab, interval 1, probability 0, space 0, times 0
[ 1271.229689][T17179] 9pnet_fd: Insufficient options for proto=fd
[ 1271.232292][T17176] CPU: 0 UID: 0 PID: 17176 Comm: syz.3.3411 Not tainted 6.15.0-syzkaller-12058-g64980441d269 #0 PREEMPT(full) 
[ 1271.232318][T17176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1271.232329][T17176] Call Trace:
[ 1271.232336][T17176]  <TASK>
[ 1271.232343][T17176]  dump_stack_lvl+0x189/0x250
[ 1271.232373][T17176]  ? __pfx____ratelimit+0x10/0x10
[ 1271.232394][T17176]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1271.232418][T17176]  ? __pfx__printk+0x10/0x10
[ 1271.232443][T17176]  ? __pfx___might_resched+0x10/0x10
[ 1271.232472][T17176]  should_fail_ex+0x414/0x560
[ 1271.232499][T17176]  should_failslab+0xa8/0x100
[ 1271.232525][T17176]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1271.232545][T17176]  ? mas_alloc_nodes+0x2e9/0x8e0
[ 1271.232571][T17176]  mas_alloc_nodes+0x2e9/0x8e0
[ 1271.232600][T17176]  mas_preallocate+0x39e/0x6b0
[ 1271.232626][T17176]  ? __pfx_mas_preallocate+0x10/0x10
[ 1271.232654][T17176]  ? __asan_memset+0x22/0x50
[ 1271.232680][T17176]  commit_merge+0x1f1/0x6e0
[ 1271.232696][T17176]  ? __vma_enter_locked+0x1f4/0x380
[ 1271.232725][T17176]  ? __pfx_commit_merge+0x10/0x10
[ 1271.232751][T17176]  ? vma_modify+0xe99/0x1970
[ 1271.232773][T17176]  vma_modify+0x1366/0x1970
[ 1271.232808][T17176]  vma_modify_flags+0x1e8/0x230
[ 1271.232829][T17176]  ? __pfx_vma_modify_flags+0x10/0x10
[ 1271.232870][T17176]  mlock_fixup+0x22a/0x360
[ 1271.232896][T17176]  apply_mlockall_flags+0x2f0/0x3c0
[ 1271.232917][T17176]  ? __pfx_apply_mlockall_flags+0x10/0x10
[ 1271.232942][T17176]  ? __pfx_down_write_killable+0x10/0x10
[ 1271.232967][T17176]  ? __pfx_ksys_write+0x10/0x10
[ 1271.232984][T17176]  ? rcu_is_watching+0x15/0xb0
[ 1271.233014][T17176]  __ia32_sys_munlockall+0x10a/0x220
[ 1271.233035][T17176]  do_syscall_64+0xfa/0x3b0
[ 1271.233055][T17176]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1271.233075][T17176]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1271.233092][T17176]  ? clear_bhb_loop+0x60/0xb0
[ 1271.233112][T17176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1271.233128][T17176] RIP: 0033:0x7ff2c798e929
[ 1271.233145][T17176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1271.233159][T17176] RSP: 002b:00007ff2c8784038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098
[ 1271.233187][T17176] RAX: ffffffffffffffda RBX: 00007ff2c7bb6080 RCX: 00007ff2c798e929
[ 1271.233200][T17176] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1271.233210][T17176] RBP: 00007ff2c8784090 R08: 0000000000000000 R09: 0000000000000000
[ 1271.233221][T17176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1271.233231][T17176] R13: 0000000000000000 R14: 00007ff2c7bb6080 R15: 00007ffc59d9a0f8
[ 1271.233260][T17176]  </TASK>
[ 1271.233274][T17176] vmg ffffc9000ef17c40 dumped because: VM_WARN_ON_VMG(prev && start <= prev->vm_start)
[ 1271.635910][T17176] vmg ffffc9000ef17c40 state: mm ffff88801a472a00 pgoff 200000000
[ 1271.635910][T17176] vmi ffffc9000ef17de0 [200000000000,200000800000)
[ 1271.635910][T17176] prev ffff88807edf9500 middle ffff88807edf9500 next 0000000000000000 target 0000000000000000
[ 1271.635910][T17176] start 200000000000 end 200000800000 flags 8100077
[ 1271.635910][T17176] file 0000000000000000 anon_vma ffff888029afbee0 policy 0000000000000000
[ 1271.635910][T17176] uffd_ctx 0000000000000000
[ 1271.635910][T17176] anon_name 0000000000000000
[ 1271.635910][T17176] state 0
[ 1271.635910][T17176] just_expand 0
[ 1271.635910][T17176] __adjust_middle_start 0 __adjust_next_start 0
[ 1271.635910][T17176] __remove_middle 0 __remove_next 0
[ 1271.764396][T17176] vmg ffffc9000ef17c40 mm:
[ 1271.790713][T17176] mm ffff88801a472a00 task_size 140737488351232
[ 1271.790713][T17176] mmap_base 140680722309120 mmap_legacy_base 46952072859648
[ 1271.790713][T17176] pgd ffff888030bd6000 mm_users 3 mm_count 1 pgtables_bytes 126976 map_count 34
[ 1271.790713][T17176] hiwater_rss 14ed hiwater_vm 5f8d total_vm 5fcf locked_vm 800
[ 1271.790713][T17176] pinned_vm 0 data_vm 23db exec_vm 1a4 stack_vm 21
[ 1271.790713][T17176] start_code 7ff2c7849000 end_code 7ff2c79eadb9 start_data 7ff2c7b90000 end_data 7ff2c7b90000
[ 1271.790713][T17176] start_brk 55558fb67000 brk 55558fb9b000 start_stack 7ffc59d9a960
[ 1271.790713][T17176] arg_start 7ffc59d9bf6d arg_end 7ffc59d9bf81 env_start 7ffc59d9bf81 env_end 7ffc59d9bfe9
[ 1271.790713][T17176] binfmt ffffffff8e2b4bc0 flags 800007fd
[ 1271.790713][T17176] ioctx_table 0000000000000000
[ 1271.790713][T17176] owner ffff888026a78000 exe_file ffff888064920540
[ 1271.790713][T17176] notifier_subscriptions 0000000000000000
[ 1271.790713][T17176] numa_next_scan 4295062458 numa_scan_offset 0 numa_scan_seq 0
[ 1271.790713][T17176] tlb_flush_pending 0
[ 1271.790713][T17176] def_flags: 0x0()
[ 1271.987724][T17176] vmg ffffc9000ef17c40 prev:
[ 1271.994443][T17176] vma ffff88807edf9500 start 0000200000000000 end 0000200000800000 mm ffff88801a472a00
[ 1271.994443][T17176] prot 25 anon_vma ffff888029afbee0 vm_ops 0000000000000000
[ 1271.994443][T17176] pgoff 200000000 file 0000000000000000 private_data 0000000000000000
[ 1271.994443][T17176] refcnt 1
[ 1271.994443][T17176] flags: 0x8102077(read|write|exec|mayread|maywrite|mayexec|locked|account|softdirty)
[ 1272.037407][T17176] vmg ffffc9000ef17c40 middle:
[ 1272.042414][T17176] vma ffff88807edf9500 start 0000200000000000 end 0000200000800000 mm ffff88801a472a00
[ 1272.042414][T17176] prot 25 anon_vma ffff888029afbee0 vm_ops 0000000000000000
[ 1272.042414][T17176] pgoff 200000000 file 0000000000000000 private_data 0000000000000000
[ 1272.042414][T17176] refcnt 1
[ 1272.042414][T17176] flags: 0x8102077(read|write|exec|mayread|maywrite|mayexec|locked|account|softdirty)
[ 1272.091298][T17176] vmg ffffc9000ef17c40 next: (NULL)
[ 1272.112315][T17176] vmg ffffc9000ef17c40 vmi:
[ 1272.117444][T17176] MAS: tree=ffff88801a472a40 enode=ffff88803421c00c 
[ 1272.117460][T17176] (ma_active)
[ 1272.131756][T17176] Store Type: 
[ 1272.135339][T17176] node_store
[ 1272.141961][T17176] [6/10] index=200000000000 last=2000007fffff
[ 1272.171301][T17176]      min=0 max=55558fb88fff alloc=0000000000000000, depth=0, flags=0
[ 1272.180325][T17176] maple_tree(ffff88801a472a40) flags 30B, height 2 root ffff888033288c1e
[ 1272.191169][T17176] 0-ffffffffffffffff: node ffff888033288c00 depth 0 type 3 parent ffff88801a472a41 contents: 35558eb66000 2a9d35c5c000 76000 ffff8003a6264000 0 0 0 0 0 0 | 03 03| ffff88803421c00c 55558FB88FFF ffff8880348a2c0c 7FF2C77FFFFF ffff88803328960c 7FF2C8764FFF ffff88803328860c FFFFFFFFFFFFFFFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000
[ 1272.239558][ T1221] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[ 1272.244420][T17176]   0-55558fb88fff: node ffff88803421c000 depth 1 type 1 parent ffff888033288c06 contents: 0000000000000000 110C22FFFF ffff888079d6c640 110E22FFFF 0000000000000000 1B3311FFFF ffff88807edf9000 1B3315FFFF 0000000000000000 1FFFFFFFEFFF ffff88807edf9140 1FFFFFFFFFFF ffff88807edf9500 2000007FFFFF ffff8880602efdc0 200000FFFFFF ffff88807edf9a00 200001000FFF 0000000000000000 55558FB66FFF ffff888079f218c0 55558FB88FFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 000000000000000a
[ 1272.295324][T17176]     0-110c22ffff: 0000000000000000
[ 1272.302453][T17176]     110c230000-110e22ffff: ffff888079d6c640
[ 1272.309464][T17176]     110e230000-1b3311ffff: 0000000000000000
[ 1272.315629][T17176]     1b33120000-1b3315ffff: ffff88807edf9000
[ 1272.321988][T17176]     1b33160000-1fffffffefff: 0000000000000000
[ 1272.483317][T17176]     1ffffffff000-1fffffffffff: ffff88807edf9140
[ 1272.685259][T17176]     200000000000-2000007fffff: ffff88807edf9500
[ 1272.698287][ T1221] usb 1-1: Using ep0 maxpacket: 16
[ 1272.722018][ T1221] usb 1-1: config 0 has an invalid interface number: 48 but max is 0
[ 1272.746927][T17176]     200000800000-200000ffffff: ffff8880602efdc0
[ 1272.759574][ T1221] usb 1-1: config 0 has no interface number 0
[ 1272.788757][T17176]     200001000000-200001000fff: ffff88807edf9a00
[ 1272.797697][ T1221] usb 1-1: config 0 interface 48 has no altsetting 0
[ 1272.827702][T17176]     200001001000-55558fb66fff: 0000000000000000
[ 1272.856965][ T1221] usb 1-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=a8.98
[ 1272.883487][T17176]     55558fb67000-55558fb88fff: ffff888079f218c0
[ 1272.910430][ T1221] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1272.928096][T17176]   55558fb89000-7ff2c77fffff: node ffff8880348a2c00 depth 1 type 1 parent ffff888033288c0e contents: ffff888079f21b40 55558FB9AFFF 0000000000000000 7FF2C57F6FFF ffff888079f21780 7FF2C57F7FFF ffff888079f21a00 7FF2C5FF7FFF ffff888079f21c80 7FF2C5FF8FFF ffff888079f21dc0 7FF2C67F8FFF ffff888079f21640 7FF2C67FAFFF ffff88806e039140 7FF2C6BFAFFF ffff88806e0393c0 7FF2C6BFCFFF ffff88806e039a00 7FF2C6FFCFFF ffff88806e039780 7FF2C6FFEFFF ffff88806e039b40 7FF2C73FEFFF ffff88806e039280 7FF2C73FFFFF ffff88806e039000 7FF2C77FFFFF 0000000000000000 0 000000000000000d
[ 1273.002136][ T1221] usb 1-1: Product: syz
[ 1273.022914][ T1221] usb 1-1: Manufacturer: syz
[ 1273.049141][ T1221] usb 1-1: SerialNumber: syz
[ 1273.118999][ T1221] usb 1-1: config 0 descriptor??
[ 1273.309972][T17176]     55558fb89000-55558fb9afff: ffff888079f21b40
[ 1273.316515][T17176]     55558fb9b000-7ff2c57f6fff: 0000000000000000
[ 1273.328365][T17176]     7ff2c57f7000-7ff2c57f7fff: ffff888079f21780
[ 1273.335089][T17176]     7ff2c57f8000-7ff2c5ff7fff: ffff888079f21a00
[ 1273.349666][T17176]     7ff2c5ff8000-7ff2c5ff8fff: ffff888079f21c80
[ 1273.356396][T17176]     7ff2c5ff9000-7ff2c67f8fff: ffff888079f21dc0
[ 1273.363265][T17176]     7ff2c67f9000-7ff2c67fafff: ffff888079f21640
[ 1273.369853][T17176]     7ff2c67fb000-7ff2c6bfafff: ffff88806e039140
[ 1273.385495][T17176]     7ff2c6bfb000-7ff2c6bfcfff: ffff88806e0393c0
[ 1273.392554][T17176]     7ff2c6bfd000-7ff2c6ffcfff: ffff88806e039a00
[ 1273.423247][T17176]     7ff2c6ffd000-7ff2c6ffefff: ffff88806e039780
[ 1273.475119][T17176]     7ff2c6fff000-7ff2c73fefff: ffff88806e039b40
[ 1273.489613][T17176]     7ff2c73ff000-7ff2c73fffff: ffff88806e039280
[ 1273.515983][T17176]     7ff2c7400000-7ff2c77fffff: ffff88806e039000
[ 1273.538247][T17176]   7ff2c7800000-7ff2c8764fff: node ffff888033289600 depth 1 type 1 parent ffff888033288c16 contents: ffff88801de9a000 7FF2C7848FFF ffff8880584c8280 7FF2C79EAFFF ffff888034d7c280 7FF2C7A98FFF ffff888034d7cdc0 7FF2C7B7DFFF ffff888034d7cc80 7FF2C7B86FFF 0000000000000000 7FF2C7B8FFFF ffff888034d7c780 7FF2C86EDFFF 0000000000000000 7FF2C8763FFF ffff888028dd8280 7FF2C8764FFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000008
[ 1273.612320][ T1221] usb 1-1: USB disconnect, device number 17
[ 1273.692599][T17176]     7ff2c7800000-7ff2c7848fff: ffff88801de9a000
[ 1273.713846][T17176]     7ff2c7849000-7ff2c79eafff: ffff8880584c8280
[ 1273.728407][T17176]     7ff2c79eb000-7ff2c7a98fff: ffff888034d7c280
[ 1273.749291][T17176]     7ff2c7a99000-7ff2c7b7dfff: ffff888034d7cdc0
[ 1273.775543][T17176]     7ff2c7b7e000-7ff2c7b86fff: ffff888034d7cc80
[ 1273.788906][T17176]     7ff2c7b87000-7ff2c7b8ffff: 0000000000000000
[ 1273.806307][T17176]     7ff2c7b90000-7ff2c86edfff: ffff888034d7c780
[ 1273.821483][T17176]     7ff2c86ee000-7ff2c8763fff: 0000000000000000
[ 1273.839010][T17176]     7ff2c8764000-7ff2c8764fff: ffff888028dd8280
[ 1273.858099][T17176]   7ff2c8765000-ffffffffffffffff: node ffff888033288600 depth 1 type 1 parent ffff888033288c1e contents: ffff888079ab8dc0 7FF2C8784FFF ffff888079ab8140 7FF2C8785FFF ffff888034d7ca00 7FF2C87A5FFF ffff888034d7cb40 7FF2C87A9FFF ffff888034d7c000 7FF2C87ABFFF ffff888034d7c140 7FF2C87ADFFF 0000000000000000 7FFC59D7AFFF ffff888034d7c3c0 7FFC59D9BFFF 0000000000000000 FFFFFFFFFFFFFFFF 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000000 0 0000000000000008
[ 1273.883051][T17210] 9pnet_fd: Insufficient options for proto=fd
[ 1273.954913][T17176]     7ff2c8765000-7ff2c8784fff: ffff888079ab8dc0
[ 1273.968836][T17176]     7ff2c8785000-7ff2c8785fff: ffff888079ab8140
[ 1273.999030][T17176]     7ff2c8786000-7ff2c87a5fff: ffff888034d7ca00
[ 1274.009925][T17176]     7ff2c87a6000-7ff2c87a9fff: ffff888034d7cb40
[ 1274.018231][T17176]     7ff2c87aa000-7ff2c87abfff: ffff888034d7c000
[ 1274.028355][T17176]     7ff2c87ac000-7ff2c87adfff: ffff888034d7c140
[ 1274.037713][T17176]     7ff2c87ae000-7ffc59d7afff: 0000000000000000
[ 1274.044811][T17176]     7ffc59d7b000-7ffc59d9bfff: ffff888034d7c3c0
[ 1274.060473][T17176]     7ffc59d9c000-ffffffffffffffff: 0000000000000000
[ 1274.071222][T17176] ------------[ cut here ]------------
[ 1274.076770][T17176] WARNING: CPU: 1 PID: 17176 at mm/vma.c:808 vma_modify+0x1540/0x1970
[ 1274.085347][T17176] Modules linked in:
[ 1274.090018][T17176] CPU: 1 UID: 0 PID: 17176 Comm: syz.3.3411 Not tainted 6.15.0-syzkaller-12058-g64980441d269 #0 PREEMPT(full) 
[ 1274.102340][T17176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1274.112781][T17176] RIP: 0010:vma_modify+0x1540/0x1970
[ 1274.118288][T17176] Code: 0b 90 e9 9a ed ff ff e8 ee 8b ad ff 90 0f 0b 90 e9 a3 ec ff ff e8 e0 8b ad ff 4c 89 f7 48 c7 c6 80 7e 96 8b e8 b1 27 f3 ff 90 <0f> 0b 90 e9 4c ed ff ff e8 c3 8b ad ff e9 4f ee ff ff e8 b9 8b ad
[ 1274.138519][T17176] RSP: 0018:ffffc9000ef17b38 EFLAGS: 00010286
[ 1274.144858][T17176] RAX: ffffffff8b5728cd RBX: ffff88807edf9500 RCX: ffff888047e55a00
[ 1274.153161][T17176] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: ffffffffffffffff
[ 1274.161398][T17176] RBP: 0000200000000000 R08: 0000000000000003 R09: 0000000000000004
[ 1274.169754][T17176] R10: dffffc0000000000 R11: fffffbfff1bfaa44 R12: 0000200000000000
[ 1274.178178][T17176] R13: ffffc9000ef17c60 R14: ffffc9000ef17c40 R15: 1ffff92001de2f8c
[ 1274.186616][T17176] FS:  00007ff2c87846c0(0000) GS:ffff888125d89000(0000) knlGS:0000000000000000
[ 1274.195759][T17176] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1274.202486][T17176] CR2: 00007eff99590f98 CR3: 0000000030bd6000 CR4: 00000000003526f0
[ 1274.210763][T17176] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1274.218844][T17176] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1274.226922][T17176] Call Trace:
[ 1274.230283][T17176]  <TASK>
[ 1274.233275][T17176]  vma_modify_flags+0x1e8/0x230
[ 1274.238516][T17176]  ? __pfx_vma_modify_flags+0x10/0x10
[ 1274.243975][T17176]  mlock_fixup+0x22a/0x360
[ 1274.248779][T17176]  apply_mlockall_flags+0x2f0/0x3c0
[ 1274.254200][T17176]  ? __pfx_apply_mlockall_flags+0x10/0x10
[ 1274.260092][T17176]  ? __pfx_down_write_killable+0x10/0x10
[ 1274.265816][T17176]  ? __pfx_ksys_write+0x10/0x10
[ 1274.271069][T17176]  ? rcu_is_watching+0x15/0xb0
[ 1274.275939][T17176]  __ia32_sys_munlockall+0x10a/0x220
[ 1274.281737][T17176]  do_syscall_64+0xfa/0x3b0
[ 1274.286492][T17176]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1274.291841][T17176]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1274.298043][T17176]  ? clear_bhb_loop+0x60/0xb0
[ 1274.302919][T17176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1274.308859][T17176] RIP: 0033:0x7ff2c798e929
[ 1274.313387][T17176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1274.333293][T17176] RSP: 002b:00007ff2c8784038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098
[ 1274.342026][T17176] RAX: ffffffffffffffda RBX: 00007ff2c7bb6080 RCX: 00007ff2c798e929
[ 1274.350272][T17176] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1274.358560][T17176] RBP: 00007ff2c8784090 R08: 0000000000000000 R09: 0000000000000000
[ 1274.366769][T17176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1274.375103][T17176] R13: 0000000000000000 R14: 00007ff2c7bb6080 R15: 00007ffc59d9a0f8
[ 1274.383594][T17176]  </TASK>
[ 1274.386741][T17176] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1274.394329][T17176] CPU: 1 UID: 0 PID: 17176 Comm: syz.3.3411 Not tainted 6.15.0-syzkaller-12058-g64980441d269 #0 PREEMPT(full) 
[ 1274.406448][T17176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1274.416553][T17176] Call Trace:
[ 1274.419952][T17176]  <TASK>
[ 1274.422930][T17176]  dump_stack_lvl+0x99/0x250
[ 1274.427562][T17176]  ? __asan_memcpy+0x40/0x70
[ 1274.432196][T17176]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1274.437609][T17176]  ? __pfx__printk+0x10/0x10
[ 1274.442252][T17176]  panic+0x2db/0x790
[ 1274.446203][T17176]  ? __pfx_panic+0x10/0x10
[ 1274.450688][T17176]  __warn+0x31b/0x4b0
[ 1274.454860][T17176]  ? vma_modify+0x1540/0x1970
[ 1274.459662][T17176]  ? vma_modify+0x1540/0x1970
[ 1274.464372][T17176]  report_bug+0x2be/0x4f0
[ 1274.468738][T17176]  ? vma_modify+0x1540/0x1970
[ 1274.473629][T17176]  ? vma_modify+0x1540/0x1970
[ 1274.478422][T17176]  ? vma_modify+0x1542/0x1970
[ 1274.483135][T17176]  handle_bug+0x84/0x160
[ 1274.487671][T17176]  exc_invalid_op+0x1a/0x50
[ 1274.492243][T17176]  asm_exc_invalid_op+0x1a/0x20
[ 1274.497143][T17176] RIP: 0010:vma_modify+0x1540/0x1970
[ 1274.502473][T17176] Code: 0b 90 e9 9a ed ff ff e8 ee 8b ad ff 90 0f 0b 90 e9 a3 ec ff ff e8 e0 8b ad ff 4c 89 f7 48 c7 c6 80 7e 96 8b e8 b1 27 f3 ff 90 <0f> 0b 90 e9 4c ed ff ff e8 c3 8b ad ff e9 4f ee ff ff e8 b9 8b ad
[ 1274.522432][T17176] RSP: 0018:ffffc9000ef17b38 EFLAGS: 00010286
[ 1274.528718][T17176] RAX: ffffffff8b5728cd RBX: ffff88807edf9500 RCX: ffff888047e55a00
[ 1274.536728][T17176] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: ffffffffffffffff
[ 1274.544836][T17176] RBP: 0000200000000000 R08: 0000000000000003 R09: 0000000000000004
[ 1274.553460][T17176] R10: dffffc0000000000 R11: fffffbfff1bfaa44 R12: 0000200000000000
[ 1274.561457][T17176] R13: ffffc9000ef17c60 R14: ffffc9000ef17c40 R15: 1ffff92001de2f8c
[ 1274.569537][T17176]  ? mt_dump_node+0x18cd/0x26b0
[ 1274.574418][T17176]  ? vma_modify+0x153f/0x1970
[ 1274.579147][T17176]  vma_modify_flags+0x1e8/0x230
[ 1274.584129][T17176]  ? __pfx_vma_modify_flags+0x10/0x10
[ 1274.589538][T17176]  mlock_fixup+0x22a/0x360
[ 1274.593980][T17176]  apply_mlockall_flags+0x2f0/0x3c0
[ 1274.599280][T17176]  ? __pfx_apply_mlockall_flags+0x10/0x10
[ 1274.605235][T17176]  ? __pfx_down_write_killable+0x10/0x10
[ 1274.610888][T17176]  ? __pfx_ksys_write+0x10/0x10
[ 1274.615879][T17176]  ? rcu_is_watching+0x15/0xb0
[ 1274.620789][T17176]  __ia32_sys_munlockall+0x10a/0x220
[ 1274.626200][T17176]  do_syscall_64+0xfa/0x3b0
[ 1274.630995][T17176]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1274.636222][T17176]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1274.642479][T17176]  ? clear_bhb_loop+0x60/0xb0
[ 1274.647173][T17176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1274.653086][T17176] RIP: 0033:0x7ff2c798e929
[ 1274.657706][T17176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1274.677961][T17176] RSP: 002b:00007ff2c8784038 EFLAGS: 00000246 ORIG_RAX: 0000000000000098
[ 1274.686420][T17176] RAX: ffffffffffffffda RBX: 00007ff2c7bb6080 RCX: 00007ff2c798e929
[ 1274.694409][T17176] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1274.702686][T17176] RBP: 00007ff2c8784090 R08: 0000000000000000 R09: 0000000000000000
[ 1274.710944][T17176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1274.719111][T17176] R13: 0000000000000000 R14: 00007ff2c7bb6080 R15: 00007ffc59d9a0f8
[ 1274.727541][T17176]  </TASK>
[ 1274.732462][T17176] Kernel Offset: disabled
[ 1274.736797][T17176] Rebooting in 86400 seconds..