last executing test programs:

20m44.822518351s ago: executing program 32 (id=45):
mprotect(&(0x7f00003fd000/0xc00000)=nil, 0xc00000, 0x1)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r0 = openat$kvm(0xffffff9c, &(0x7f0000000240), 0x40, 0x0)
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r1, 0xc040563d, &(0x7f00000000c0)={0x1, 0x0, 0x2, 0x2, {0x1, 0x9, 0xf}})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000300)={0x18, 0x5e, 0x1, 0x70bd27, 0x0, "", [@typed={0x4, 0x1, 0x0, 0x0, @ipv6=@loopback}, @nested={0x2c, 0x42, 0x0, 0x1, [@generic, @generic="65f97dff0ca39b7fdef6a5c2c066e237"]}]}, 0x18}], 0x1}, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x13, r4, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000180)=[@text32={0x20, &(0x7f0000000100)="0f20c035010000000f22c0b8010000000f01d966ba400066ed3e0f019f00700000360f019e3669f5a6c4e3254a6803c5b9b7020000b8fcffffffbaffffffff0f308fc93898550d3e663e0f01df66baf80cb88c1a8e85ef66bafc0cec", 0x5c}], 0x1, 0x8, &(0x7f0000000200)=[@dstype0={0x6, 0x9}, @flags={0x3, 0x110001}], 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000001640)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r9}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r8}, &(0x7f0000000280), 0x0}, 0x20)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="74010000", @ANYRES16=r11, @ANYBLOB="11060000000000000000010000000800050001000000200108803c0000801400040002000000ac1e00010000000000000000240001000000000000000000000000000000000000000000000000000000000000000000e0000080a400098028000080060001000a0000001400020020010000000000000000000000000001050003000100000028000080060001000a00000014000200ff010000000000000000000000000001050003002aea091428000080060001000a00000014000200ff010000000000000000000000000001050003000300000028020080060001000a00000014000200ff0100000000000000000000000000010500030000000000240001000000000000000000000000000000000000000000000000000000000000000000140004000200000000000000000000000000000024000300000000000000000000000000000000000000000000000000000000000000000014000200776731"], 0x174}}, 0x0)
userfaultfd(0x1)

17m21.519365944s ago: executing program 1 (id=697):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x2400, 0x0)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r1, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000300)={&(0x7f0000000140)={0x16c, r2, 0x800, 0x70bd27, 0x25dfdbfc, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x7}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xffffff81}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0xfffffffe}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x1582}}, {@pci={{0x8}, {0x11}}, {0x8}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}]}, 0x16c}, 0x1, 0x0, 0x0, 0x40880}, 0xc001)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r3=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x83, &(0x7f0000000080)={r3}, 0x8)

17m20.423287648s ago: executing program 1 (id=698):
r0 = socket$xdp(0x2c, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008d}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000480)={0x0, r0}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(0xffffffffffffffff, 0xc018937e, &(0x7f00000001c0)={{0x1, 0x1, 0x18, <r4=>r0, {0x2}}, './file0\x00'})
io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000016c0)=[{&(0x7f00000005c0)=""/4096, 0x1000}, {0x0}, {0x0}, {&(0x7f0000000300)=""/119, 0x77}, {&(0x7f0000000440)}, {0x0}], 0x6)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000180)={'batadv_slave_0\x00', <r6=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r6, 0x600}, 0x10)

17m19.374935012s ago: executing program 1 (id=702):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0xffffffff, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000980)={'wg2\x00', <r2=>0x0})
setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f00000004c0)={r2, 0x1, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x10)

17m18.574441645s ago: executing program 1 (id=707):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(r0, &(0x7f00000041c0)="7ed2c42ad1b04ce3792cda19c56ce9c81ae16fb01de77f95f775f064b2d612b46878f0f4a0a6f2849f980da1b22329cba96651402f92b1a1e6a59690f7d3c2b83f46342ce56b30111f6dfd123712c00727f907272fce27d40232206a8a7e8fcc150d5a765bac8a3782c384442eaf7db71af25f723953337cf47202b7f3024c9806c0e34f946fbe2bfc8704eebd86cb87c064db095bc2992179479f918597c51ec08d10ddc4297e5b2393283743ae791551e1b69baec8ff6eb755ac3651f92ab58fcd167b7572856cda043426b0fc8900e72cbe576d3888cc8e8c60b97c72fb16860da7fd00bd9fdf528cf0feaf4b51d8234c9a6d629c66b9ea5cf119c2b84f819d3d1a8cf75b9983e5e8fcc9dfe0d68ad096b651d07eaa7ab1a7aae8fc5731c0b24949a8387809114b4001656bf23ee28e639c5adcc443cf2b596030964214c56ffd72725893cfa5ddf147110bd0d5faccf7458dc39569439a2a0cdb82854883999424c5b100acf18d8b473efdc9601165ef1de86b3aa4803e9c9b9a5b7626b3cffe385fbfd19980423e93ebb380ae39aecc96cd32082fd30aeda93f84e216708c76af3a75818ea3d0ef0df84a9ec975e71bdc891f73e71fad39230a72f9f9ab536e935b7e512ecc2d8a3856758eb14133334a1cc9b2656e352855ecdf29ce6598e5365c22beb2000004a740354ce862ccf59e33a2d0f2a3b8ee3679610bc0546ac9f7e9d1a73bfbc27907165f4cbdce5e89ac865c5d249b68a1747c992eb2aecc3abdec090b8803f647788987a1e049b458bff0931e4d438de03a775407096b7a4a8c9f4bd2101beab30240ee86f8e67d210bc3bb1b5cd82892c7853bf1b453cc9021163e0f79e26f7544d2476b4d6264094441ad3195a4667ef0fa150f7dc88956e4bd8f5ebe44194c3e4dbe8442d01a213e68f171737f25d9cf8abe7539ed80e3f87c3863194f4107ffe05244e93d69949edf089d5691d5f15a9777d96bdf8241923736aaaa69e3317e51b9f0b1149eb2e1ccaeb2cd233e30422b58c227b8021782de8c88dd62f53a171372abb08ec973ef911ebbe02b48a0952cd8fb6ba9efddd3625c202b1636e1257927da2111352164a6b1d115f2516faf580f89024c9c740421f9e2caffa09dc82478232e9adb8b922b2491d7168f5600f5fc83b766565c56bfad32fe9fd07edfeac3a6df2db815b7ef3bb18bfb78dbccc5f83e08952397ad031e549f41c1255ca666117c85ea82e2f294e88a2b8a1a5d4029792b00acaeb17cbab642e1e467e45bec53f20c2c26b0c082d32de99e797cd490d24ab2ce8c9397fcc01750716deada5b937005e5c570bc12a1a6b37a4ee281669ac783d18d5950dfb58ee31c1c305761d7ead0cea02afd72db2ae9067eccdac7e0a48112d612a19d47321062d11bf5ab06fcd68499e5b5e6bc5ce84f9e799bf5881b3d0479ae6513ad5eb11a5598dfcba17053c4cb67f3d54340d9505aeb987321857480c87ce3f7e09d437c89c525e7c1cb367fe791ced45e500028f589a74d4688c78011e7b4ead692d81a37973642e5e6845bf48ff98f9fd5b78e06f740f583fa49f6affe889776ad4e7480f12b12b60c661fcf1e0a6143ef08e335a1f5d519c048c0a86eebfe1dec807203a3e5e10ac2e0586b9e459b08f9d0c21fde3962f6bf6d56b8c5fc9292ee189da1ba6b5a88b8c7d3d94f4fb3589940e238f226cb0fe73c9606dcafcb8c841529be202aedb4fd2c8c16cf06817559f5620c174567de9f7427b25eba5c301f433644cc8a5e0ab0bea2513f031310c757e9315bd96be4f47db97d151d18000b9df04e7fcbe0dfc684d1a259b702693e34a274ed0fb93781f39456039d9d80ad240acfaba4892535242761942b95c503db73beb41de80f79ce4d02c51d57b2c0463a3f09fc53fed5523b70a30670ca02da78b0647031ae8ed5612f56eb1abbb50c98b4801f1b17942f6b5a56af59ad68febd24d901b51403a9db23f017ec2b428fa5ab591a1904b49bd452d3937dd6347cd773f9a0699970193daf2b4c7899a8c94ea109a1df422477820da801ae1d8e67f36966b3a9631edc5f81dd6ea3529a5a653edf59374895d1be79f9719856b70f2f86fe4aa419b4a9db3e928abcc4573e5c4668049959ebcb9bd773e08d8a1abdbcb2195c5da9bc7e4a36e83bc42a6139c4d40bb66ddbead9432a3927bfbeb485ecd3d0e666a86398122bf2386c914d5b51d2cc4ee6a3085094bf547678c76ab4a3d7a973852da647fb39023272c7d665ad8eb46024e5e5fe6732b7acd9b39a0fe5b4dbff846e3bd9cbe9d5b6b3ce7b1d3011902f12a20153a1c8222c2f5a940667834cf440a08b14f8e73e4e8ff7f0e588824ac0c2804a83906cf2c5763d2c6a852f53a761a1cb34acbb07bd6a0fae4fb36fa93b854f1dcc0ecca8bbeb4e5036d045e2ff24d98c1a2780963f775c6c02e7e5947869b5c93dab7e8b3eb2935b7d8f0734b472f89155792d65f78e84d72912d36ce05466fa0d1579832e92b6941a5e3b7fcbfa58c6418461d406737ca2b75e771d73e516718f589a859c935d6b4372b7fad7c6541781e01fd905b343d4dd430cfdbd9a63d4f0aee13174aec686af676818332d86182f02f279b1a6980ba0f86f62087d35eb48983a3d16433a1fc09609681f4418629f7b7c50d0ade5518a5d657fbbdf4bf30c7c24a1d81ff2031d921d214966939595aaa566bfaddd7f9fd51228d51976c5b3758d12d31393d263a43ca033cf3b4e9885568a4977368467aa8f2ba6a536f307a550c277886cea27ff17dfdbe914257ffb65b8c276a15be8ea5165fd16b909f7757e30f0ece05a2927c0e7498d6d5ea5619c96786af5230029e9214db8269365a84dc0e2cec200ae9c0b74d579c48037bc40c5fcc73b80e3bc67dd5e0d1ed0484f2c62822401e39621c52ac6d603f2d111350928ee2eb8d0825110321f5c26d6fada90725c6b5204644256a1d74f0daf2e416bee390605e3f6d06cb18c1852b30776d2073bc156c85311ccbfb139b4367f81750140a474e494a1c0d5fa2ff2a6c9b5a40f8f616b3d5e2e4be56442e305376f5d0e6a6c4d54f05e6c08ed6ee32955ff1bdf87189122767e85ad03bfbec0ec78bf859beaf880f2589cc418b53ab5cb3d0264fc11456a1b868fb014e010bff07a07754603891a399047f17dea68c6481d91e71d0aa8c26b3745a69ea2cd02deb3ccc0e7ddc6e3ac7180a9cad8f0ef1253610cb6965fa9307c9082ee845b4021af0a2af27d12b41e4647f92497918e0365fbb14a177150299e6702389939f8c9e66cdade9004ca7bb53e947ca0409d4f9d74bcbc49ac48d7b706832ab0b19f045fd21ff6339565d8d022ab08d15c2229b26ffea5ce20631e759c66095359d614db7c4683de79b53f7185b1d523c90cd1041d095face8e69c8f79862a12b0d2c5a3bb5853643faf495bece649383391e769e40cd4f11cb5bc0891998e059ee61cceb0c27792b88a92d88603e3ee0857fa2a8e03c0bbaa8f895a78e1dc7b54b5321b0db04a4e9ca3cf9a426efb08ed8de49253276849211b385ad9ae841380136caedd3fc49daa7dd4930d5e1c6355438ff086e054ba406a1f4ca450e5197076459c9dd9433bfe0a385b2236b9e28b0091e3269297dca512cbfd21300e49178cf3bc287153a5005ca28e9c7dbb4291ae76fad759ba39ba2b8a63ffcc01db45a13ae616deb1df4ad532f905beaabe165aedc442a0e2f7e232714ca59b7089081963efaf363925b1ddcbfcd4aa85da9ba903765ea04766749a7a69375cb5c7f4da42db2d0c38187c6b37adc198e350e8abac561517c3a668a3f1a0fdc33557e862d252581d13dad4128628b91eb1e1b9a55ceed5ec83ce5b0c9c5f98383c972587d9702bcfa7349f3f3049307210cf211e6bd62b9d11b58bfad21b80a6b1de0d25fc42a0bd94b69d127aa563c61d673dd512878e655756bf20fb5a41101edb2342bc4f7522ca4c3a33c3bc10bd061fce3bb4480199ea88a51990c70b3716c9a17c7b98596d9621f7dea213ef9f1b77105faa85a4467cfb676c94e7343a2089446f6243bbbf36811c669d0b0ccaa4f2ca57f59cf2cc7511887a51c37bf44306ff3709f7ef341df4ab0078b846ca3301170c7f5ea1f94eab76da7b32fe0d44bed365906f513d314b30f050b9fdb4fdf6654378b697e956e46054223d30ec4994f0ec0a7e750c4a580c4174134c0695927a12144151fdeb343df388228fc3710bb7cd80d93458cafd839a7d21116e5b06a4f68bf67a8b7b8f1a3ccea9d05a85c1a2e6c1272f7f015164d556be02cadee46ff48ee04e75aeb06b5a1a0c3ef1ccbb4d59a4c34a05f810e052f9825d24ff27321e6c4b5235dd74dbc48d3c9eed385ad50157c2f84be8872c75b4d236063f0356860ecebfc1b6b83d30397bc174b29b8a7c0d88c468e326783c00a146509e75ccd460e9230f7977ec3cb2425bf2e314680ff492753607731bc1d674f935d6ce06901a308a8711c20677fe9ae855144a8e0bc9a7d0f49f4f08186817b0b94fd56d496067c80b76eb77bb534f85ff8f4397a02a8e9448c9a1b9924d27fcdbab5feeddb14d1f57032d8a7d8e1aafbc8f9eacdd01c4788a239c1108ef5ccc159e0db4ba44de7a7cbf3f97fe03b57ec6364fe0e7d2b903b2a3f8fb52e99042b3ab6d6c4e3dd73ef2256af4567554823821c7464247e6fe624f83c2f282d42aefd38560aa4879afcdd4531c7cb192bb9abc24af0b8f981af96a7db30c0ebdaeaebc5a7841d7825f0a017382fe903478e7e54d2953c8ae8c537754cab7d59c42dedcef719c049bed1cbea347749741b2652cc1b88923d50bee5cb4aaaff9c2ff6111b2501c58f62c60bead8cac89e1ab10ff784b8228739d20a808a1a88aed3904cc25a938906ded4cf007bb9c009c52d0439444d08d1b26ff8c935115c6601a29f15a9b8d3c1c5b0959521c0a55c91b40e1aa96f8d5a1813c4baf2d0335d5e5e2bea7aa2b3ba2bdc7369a768c3bed6a11d47173442a961babc8f02fe7b701697cbc9c93599d69a25a96044c1d901a7c8b489b5a77cdb2e3894b31ab6969c25b17ca9bd95b8399e4e9968c764a1512989cfb8a53e1837cd27acb58ed999ec20016a0601b3a020924968984b982b6de1734705e413a680702605b6648d9bc93ff57cc5541b73317233b04e3aee4c3138e0f9a2a49155f4ea1e62d9ff541f7f566b18c5ee024d4750be962377937ec97b038bce7b3a7de504214e7eb22407fc0e8eb1455fe5951e83553d8e538db244b62ec9f56a1b7c155d5d1736944bb3e46edf0461068a4b9b02ba07679d003572252fd3d596a9020b153637c7513f27f4efef20ee83ab0285f2892ff52262b9d1e2bf92c4cb273d20b975d163eb2dfa4eba7b9e642bbd3acf3a192963fab83373d00f9bf543cbde732b16bfb4f9699458df528ea37790cc4ec09e7b6d6ae3a83187eebb57678da1ffc230786a79566a7e22836aab04598c0fdf991b96256f14e1d8936668147edf405bbc88e84d7a312f892c3a1dcad7e11a7fa27ca50bcbe2e3fcb201f1297899e327972bec7d631b9ee036194fad4918f0f1c7639491ba7d3b29022d53b6a6fbdef6f7566164487f59b466c9235288a2a3d5a44886ae9b375f8a7cd383da9c607dd3bada8a29d0d77672a3edc11f3a653ae729474bbdedbfcf0ab19b2fe998b7ac59e87552028c9c6578464af8e76c2864c11121009219dd32a5efd6a596b6324c680d19ba0fbb019d722f71fd68443e0c0588764d1dab37cf7bceb4e2b1248efd3f22e26e75472e35166f1545ae178da423c0bbd175aec6360cdd7d2812f4fae46295596e4d9e40f68fb3c9360a2b47dddc35aa2fd34d05411f3fca71df5702edba8c182e94a0ef2b89945d2f9dae556965f52ccdba267bd8f84db5ffc537b30f431455976b92680895695bcf86e1b22821b0fff3511eb44518afeece8dc580e6189e7ce26e3ba6ad4c93083f0766c79e185f8fa2099fa660dcfb6cbd36f91922c9eb6aad143a646744f73237af4dddd2b184091568760210676c468252653f4f5949f346afcd5d062a1387892236d0186ae01bfcf5814617790414b62355513c961f9fd324aa05dbc16725368b3bc4b591a58b7d47c1ffb7bc4c24ec18e4598b692cbf0a88c18f969e702fbb7d0ccf81a7468a7f7ebac94364fa44bbeeb022a2da5b980d109d93b6252dcc00c3158aed7d928a8bc1077023a62288845d474c0143ada9854dcd9bcfbcbd93e62f1a163d06e3f012d6c814cf3b2589a0fb7c21708025ba26375e7f5b3b76e12d90918683adbe81c08b03c3fff740c0c35d38d17468aa1b7959bb9cd6c8735ae32819c5607f34249251832d7f30b30b2cbde6a7235a9137dd1c3abf3f8d07192795280388c546806678f71e511956e86ba03930f579ed7076787404f24680bbf3cb6b562106bcee85012d08861857673e202e05c70fb151803564dafa7e4237674ed5f936e0dea63e7e5bf98058a4eaffc2eba998707c2fb54e1f38626b9a0d34267e1f40a4b0787ce848909a583990194434a9197a1c989d0c0b204199bfe32c281714e3c3fb6c2a26fdd049a5fbd352b6f561e2fa874c9a36c294f253281ff0d89b535189b9fab730858d078e71a0451abe07455ff9527569f50d3b2e406b37b8891045413c072fc4fd848c28b89ef4228b85e919072ccf6ecc0a53a3b086caeea506bdba02c9eeb66efcbc0682e52a3a2b078ffc9752b93330bea7039de2a8db03401d28775ef1f39803b77d42f6de6f482756ad1addebf8d10fa3ca75267f4d526162a669d0d1952cb91da2354f39b95c417ebf83af5cb0a7ca452910867ea4f7cc2e268f635b1febc5b7f5daff7e5057f8b3124b8bba68e2b34e879adc8a4da0ce6b2c7981883b403fafdea21c6f9955bd789a9807183a455ecaaddfc2c250244d040996098e1e5222a945ae7616817953bb0353ce90c42cc991a0db325e8e7bbb039885f4845c368a513e781428d53226cc7e48b48388c02c2b77be2d1d51da3fbe8bda78c12023487225730c59e7db2bfaa0d94917cd68b3a9b9e4b96219bd68f37ba382edc6eeffb0763c44e4023aa64a5b539817bc522eb969aa79143450580e73ecaa398157ffe9dc9d3ede14fc83d032d29d964072e34f2e6e60877fe5dbd5152edb58ffccc0f6f48b4873a82ed6ca0cc1e32a8d21f38180fd2877538ebcc0a2e415f0dfde170b08244d34554c1b26bf6e6c8f85df2b52bf0f02949663e0bdf9a2b1f4b18743dca57ff68cc37e963848ace00a0c304276208aa5e7caff86c435792d084542cb6712151de2f065fb4cc55b164ef2f95c90eb7d05b4ec7ab03489a9924ceccdbd12469bcb054a38142b7fb83b42a394a8e5eb4bbc3a96f482db8cf6b5acdc295a746517d77141faf3b9cb247774dc5064e22218af24610cceefe61cf360059db259a58d4760678ba0638ac84dc9a06bd142e8862d2d7f659c2004561ad89d4959bd2b09ff93c24ba5b807c652043e8e832e3a37c4f7573541c50c3a026283c4ff1bf7cd629302f5def4dc31ee4a24fa1074b77b563728bedc90dcd6b0a99989de0a04761762925b1ea95805ad59218e852aa8eacd1847a559339e1e5050279986a8a5b5dd71ecbdba8dd8d79eaac5b13b0e41cbef43ef24d14ca2197e7526c55de4bb7fc45f341c6e4647d4c5eda01f97e4879883b2dacc8411dc38a6362ac8a1426beafb561ce53dd28005540b2fa00c34bd132618a61893409501407692d344779807ab5590546d1d73840effe22ae3f85427ea37958f0efd4fd4b295d6fef9aa80982f30adb4b7d243b4adc78cdf2f6324d7ebc5ec128f38e98f4ca9f03abd1fcafcbef25f96221a78c8e9a3a8c974d17b5827416e01fa3192708782278700b8a13681bcd2832ff2ae5551cfdb477ea8f0b13f8c507be94aa86f1fb52924ba96b10c5f5861cf0937e474fe7cfbb84347a48d9a5bb2fa698286023f2ea1216851b7d7b8e204db759c163ba490c31ae8b517163d5d57b882dfacb4308e7796b83f998a4f8762b5eeee0e85440b972a46eed1e3e717ede0dd112a6dc5a5cbc71a9018c4dce90ef5e3437038b83c05562b60417e7f81ca0d93377531fa0582638ca1a4a39fe9973c40ebeee50b5cb6d55974f23dff764517289296908c5432bd92060d721ada9d90dbd4485613a58f338fd527965d1bab5df9317bd6019a8549f175feffed260df04e0ee114c1f04e9920a85b872745e6d261af012e65b5ccf34dd9f942c9693c51bbc56609f563e29c6922c1505af2b9a173160fa1b5575d8d91143638219707f0df7402e638c010fa77932cde29dece0dff0d8e0f4d9bb645757e4194115ca768b26148e8066dbd345f92997cdf1017469081c618ae3855c226e07289a9404326ad6f019afe5588981b7fbaefb168363f46cbc4cf3edd8575245b64f9468972fc9a3516d7b6f72450e1c37ae5dd248e58398151c098efd59bfec1162ee05c4f748b7c0f13eccfc6bd71ce7d93f77f0e6878f2f55bea321204ba04e4b69d2382b35d60676c8e3c63ca92199e9134f59721a2a80cee9c4e7e3075fbc012fc69f0e9307946dfd1214a918eae892508833ea130d300319b54c38310b8a006dcc79a53ffd523101e57e0b0fb9201d37a6ef84b4f0b9a189fdc52dc46f9cae08108b76173c6daad6942268cf0b5fc120e0db99729b8f35f9038fade1a328fdbd08964e01867c667a2e6553b26e0c678d58f6e919a44e1d06a3df4bdecf0c92b29a1a347394ed717d8797fc47b2791a205f9cc3c7145de2150177a432ecc7c1a4823274f773b30b33c2a95d8bcc8e8ff550983dc7f103745f668189ca299ab33c7e1f003f44fbcf6616bfabe4105d7537c4814d24438203fa254668efd0b58bd2b5a34fd5687884967815c68f39be8dbde7b146fc487de3d0249f38e5abaee7b8a33eb8a6522e0c52a91a49990c77a3fa4b6679410b5bb40e56394c7433352290e9fcf8f8d2e581b8e422a1d0802e69f7d21deb2e68675bf64410572b709141cbe17ffc41f9761bdce2f0fe2b17e90280c3c56b0a2ff9cdc47fe8c17f2ffb5d9481c0df7961addc54feec21b7675c9b711c75bd69f29863c2d7fe9930510338fd211e12a56f05ed7444cca5de0be51241de353166d38e08c7f260700e8a16fb3491dfaaba0843c06f17111e1d64baaa5e90631164cf53a7e5ee2701b470e5d0a5bfc62364dc8083db3b39c683f4c167a53ef289085ba686b2ec72e119ec38f8093cf7eb23155d31e852aec81fea7eb1a1551998bb91b46b726fcf670c458853f655167be94db5f9524369ad541d590cb90089c150bb6f379a4f03d935ab6e65a9be43af3001fc99800bc210695b0c749a80d084882827a324da046e421fcc973c2ffe53c235de2f3ebc81ba79c55aa49125539927c2c85fe0c3c6f85ee71818c81fd159739e9df7dfd82900ac67c14ce6c86bd3edaa64c691a0371d2d4167ca68ebc1b4bbbc23994840e20e53516e3bdeeda5d3025f118fea3a7291157bb9ed22cd544c6dd37e649de95b307c6d4c37dc102b51464a3d3cc3ffc4f3c2466278b2f5de6597e136ced64a41d96fc1d773289ba9e0c8b2fa8627ba87189690867402bf73661df6cd230e4ae9b99392075957a5ffbeff81f8723360f6e1b5e7ab2234d4ca100b6f9ce72d1ccc5b349bd47ea38f92de6decc2155fd4cc34d7eed0968ad901c8064c8bd54e59fae7ea9320a6292a0b68f2b204f6bfc773b1e01fe7de2a3dd0a5ec00adbe1c39a193a701ac897fee76fa9c3f18ae53def4676527ac1247cfddfaec56ce1a09fa0d6004d58b13642f981264ce52ac4e19259d34e18a5136e2c064a5d22b1cabb442079e5bab5f391c5ee9e7cc787bed72da399ea8fe7d39b0e8385f7c67a043e485abda5f77cbe0b89cf0a5b3f326913ab0217b5a1fe2d39427b348573044f8a5d5e4722a73f9d49447ae4f50cea06ecbf46065237ca2c75237f0d93aabff94166ebbf744aa8e3ceb3750bac643416789457f14466f910ab297e62ee05f1782d6541d81cb196b7a3d6ab3f7bbed709e50999b4f28995576d47c620a24acd23ec1c03b14d4238b29e220152f7e4fe4ed496e8f939c5ed0893443d58c37a16b1f2deca1add92f54a3de96695f4852386bf1bd8b4984bf336613d1912db65b8d69690cd4420b733b34d1a7dfc8136068d3b710298ff9405524d20666488ccd7650f6b02285266af3e88f9ad99a26fb5256d7601310d2da89245e70f811a994d85bb138d29786c11746598141abfd195f801c0d86584221c4b1a82470dd4f17bab73271ce4ebdc2e94abf56dc6e047bca8d3988e337c499aed8c1391ab1af615d8ba93e8575e1dd69c595a7835eacb8109c7e719e376590e16a4c16889604047f04674e38425ba8e743ff91fc7e0f172eedcc182e8d42a28c9416e74b7caab5749859d7b231dfae0d573547e27f00f1d0e088aa7acfa6db7de3cfe2df15b076c2174e3f50447a4881045dfe54e1fbd489993bf947d549adadf8337174d64c0a67983fbef163375555bd3f159998794231dbc264f4bfd52b1a655fdd0fd27b1857279a2bc209aee01e8062a2ac5349398c92899744c986d3f472d6059575da3fa9a634ccc778387fecd1f43c6be46777afe156be99d76d11d47b76f194a67a50c5ad9941aaba39cc72fa93698916af7b34656c75796caa682185d09747f9911c95a8e6d095631c58d3cb37ab20e6292a4fd065e2dc2d745e171aaecd0600c54dfcf4212a4bfeaf307099063cbb3b892b96bab588c992613d7c7c6bb3d953ae5410d4c3b18b59003c7721dbc4379b4a4a243f8cb93dd5ad8276608f26201c2bff86e64f43a2bf793517681a1f9ca659f1de4b5ccd5496b40c52349c442c354112565fee597b12efb427eb63e6692fc3bda9b831da0e1afc8dcb2a3aa21fbd444c80f39cfd78c8e26155fd86740c8e225f06a0962abe5f687e6953c3382ee3f4b559b97f2a451df9db76d3084065ddc713aa9b63c0154b386be600a285692140f5e019ed2b01a44ba946a52355baa806e2247dbec3d0a4fb8ff14500fab216e425cb2a158efa9fd79e50b020a9316ef4e3726d08fae1683da67c323c2fbdc97b01860109387a62ef8ba4709cf079041925ce1801a8828d1f73e119be76190b5344e3c82c83d787544a883cd34721dece78e2495ca7e850f2af14395af675e6fda7d5cd7e122f1eb317480c071284cdd53b9c0457ed7b074f5a9f647fa3b5a1aad9f6459a9510af3f9c4f52c698c23c4c6f0022781ce7bdb57c493ed3ae6213e437560290e30cedc90ae400711c2220ae142c099d17cd1fa45f4424df658abc04e47754e0e66f38a7ea83c751181a2ab77d4e95b3c6008ecba7d4aa457d16b2e82fabea5a55244da18d2926153b1ee36471d1a37de2ead7d0650ea582332735c05d0abfa881cd7e841a0f53e8ad4dfb4f70b855c259588172cb1027b5b51f0cad9e89a739d07319e82977716ea71325412ae3ddc0a210e774c3061a623096f354dfd36759ac63bb5a926e7582478cc98700", 0x2000, &(0x7f0000000a00)={&(0x7f0000000180)={0x50, 0x0, 0x0, {0x7, 0x29, 0x3, 0x800100}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000002140)="f1451394a86d56b46c594b8edde95827d106f3b44634180f367dfd567851f1eac1ab2adcc78550c79f2e8c7e200818802cd8e948542a24721449ef80d6fbf935dbd8410af1ff462d56d480f02e85d96062388a90e345ac86040caf4febd7f05beb6db33030e614a1a9aa2738d643d9e9da8cc5f2ded7b01be366970ea3aecc374dee18c094bba66b9728dcc2d384d6e5d9c6511cca40c0e82b9bd3528f1be8ef408c9e32cdc176fd5905e4448a3bee3612356b30dba039a99caafde1ab687a563aceb827ef902e4361bd18754895d8bb4f834c6fb0961448b916fda2d511757988406875a128af807e3b500ad26b57730ea4e73ab3033a185c8b3afe35872cd9ddf92d81272e800e75ae86db4d913e227ef7f140ce2c98006a30ef2e7482f6af3a82824adbe8a1325aeb3a757330afe94f484e788ed70411c00e0846b48d2fc611c21c1240e5d3dbf6e332d1c03329939ab041d0376de8fed2a7783dfff3821949495dc92e15eaca5df4b13960732f16b008ef3698f10585b2bd2d290b108f27e71d4aa5004e8de88518b8124a68585419d9275c83f5f0e969501cf4784af52355cfb4bd067ff73d2fa966db9ba5204541d31f12e418c2b723361fe16e51d1b2a1cb9785121c0caf1bef2d1c746f4adf3e217b4141c82d7d8fbabf1e1d3e967b5643ba6b22acb365991f7e9577c1f889959cadd38ed92bfd7aad31a1a1b13d71ebf78d2af48f9e7717ed49d66ff866465c739905d44ea2997299969cb84b906da266c774d04ba17060f09b0bedb38feb8ae6850428dd59ea1eb0c20697a762e085917a85ac1e15376ce05a504022807a4e6b6fd9c45f0c77276e64f5b492101bd8ad44e93e8e2154581d365627571a531f3cfda4fe472421485a4b298b525ef0c2dae4b6bbe8b8a5b33e3b4e322391bbffd0669fcf25c0a23175988f0e449d342d5be3195bc92246bdea414b7a52aa585bdf5f9803b306fb49def852b38c010bb2f50450f8f9b96b614b6ff525483bab3f66bd755cc337f015b3fdd1cb40a698cd57e20ffce734c5a56b7d92a3f4247042a75f85abe395df016c710db15fb1391634cf7b9505d685025ef2bbdc8fe84fa6562769ca2e383a2115cef43fea4fa114159b8896039203568b0fde329106e0f0eed6770be4935b875d92701d632d182cf25b262cd85dd8266ebb9471ef1a71846dcb2d88e73672c3a6de8fd86dfb5e747ced9707456d8126ae4ab187f3b48f13caee1215d78f8c84474babd91d0755d6a287d98c9f797f0c82cfbe5a3a3bad381152728ec0f979b4bb84f0db61eaa27e1be3a785a301b685644759c338d738e46e2c1b8643c8f4ee3627403efc6bf4a1b9a98eadee7d63f0fb1858c5e2a2b113a22b9c41fe7e6c298f747a06b47022c8890cbec3eaacbd09cec548392495c071f5b36505edd09e15c260f5dd98177a3ff6656604a320c48868470cb2d1a4f20c3646b39358bcf9bb2140600dae42891b3ddb3a86d7dd542a4f324364890f9449df3df8b3628121be15aa2c1dc90d5c23ab5af924bf4a2d7b05f30a3216edc3b4d9c6ea0058d5d885570f5d46ae6006681298c0bc275f4d600c7d4e883eb358d20d82c1e5a9dedf1bbc4b02fd176157f6da3fbf5eb747ef7d2053395f6809913b5ca6b0b6e68a972fce886765bc1ac13fb396ff90a4f865590e0cc5125cdc390eedf4a706911b2825ea5afcecd453afe529576aaaa8972012258d4f9859508b319f5ea8d5d20fc5bd3b25a3aa24d3658bf859e684faa331ab65dda79e977070f32f29dce4838ddd32a25dd48cd759c21c550e0e2f27348e88570eda4887f073599e8f69190a9e6aa380bafa98b4dd57e710863fad4dc41e442a1765a9495981f0d8b338fdbec8f3072721fd840b2198e5a5a053c58589278d3ba84d2042394f04833006ddb99e4b99ec13a46ae34f03f783555befd6ddd7367713ecec2efe075c8f7b62eef56180632e01bc38d7dfc86d6e9518c477ad346b2a9b7d9403f85246cd514aa4f113ce4d1090719c8d8135839783d38814bfb105eb63fa56802e9e2e0ae01fe6c716bc0c379ee4320ebb50b5fb84fced731341d76f9ce1efa063667ad43c6d413a351c675ed0666ca0ae272eb879ea474e511c488dfa7fdde6d20b76de6ae7a77e7357ed3055b908883aef8bd6d6ae80e53a13427afc200c630f3e3048719551f71c22c5b0984cd7b37b922d032d3c57976e8e66bcd880dd3b65f1fa13acc73d2cbaedadb9a51d1a196b220bfd977623a97bd1c1cd705b2219cc928d980ba64096239fe9ed3185e638bc784669e935a9fd7e26b4e1f8c5760fd55c393e37e9b4abd098f977d8219a2fb8194438ca013acc498bd0957266450365a259c44be6dc46996b4a1557b946a1601cfda0c67509ee1e8ed4401bc2878a50360f4981832b5dec44091548a9a9b78796b0c7cb9d46451477c889852623e6668e5d37bd6aa6cb532ffd227299f951f75a40b9939a24892ab23cbb9730cf7631ea84d46830d0d2e581ebd1f4603cf8a711bf0ddefb8b9fe4cd66faf56816e4c148dc807edc3f9b0e5ffd9c76e8f46013f56788b31b3de9172e4752ff30a5283fad328bab020f675c2bca8c5f83a4b0a0f1e953f931c2e15e65538b6043b58b895f5134d97bfab087ae741fa2fd327bdbe8e89ca63acd7424acf6f7c7790cd6ab1617d5d30240476821a66edc91795467bd6cc07ee53678c914c310dd826af4b1a9f2f771c7c002bf50b3f193f671669b4a48fa18106b656d26a6f26378fb7ff0649f2ea6a42ea73ab87ae7e585a5d78d47ba64a5715a083523bc1c0235d8a7bee3262c29b993a8c678a6ca46befd03afd4fcf25082e25300bf59999f069df1a33e279104378c375777c3cd2c34bd50abb48107a7f0448f83eb6d4ecb4be16a96d61ba02cc4c3a25bf00404df2876d1347744617d6b5053dce5cf9a7e668858c68ecaa3f5f45673067f8d18b96cd1544f6d65ab75f3506183a5b9c40c3d6976bc17d0543ba1b035384b95a84469cbef7a153527e2596034c4c928703fae6142ba0c305931f832e997e95d8e449e2c8869d91a44122a99aed6cedd7feebaccdf4561d01988bb11f16677ce682ef79bd516bca6896e94713bd4811e244cb50f3df929e354a058a68f045613d77749b0b8f836ce88634fa1accdee9a73ad5c947b33c786f14d5a1c2aa12f9b953d9d6490c1021cf02e6486dc33960d18308bc162a6089848d92cc87bbf4bd4b152e6a7fd0ea0deee070d26aac62cb7de8fb3be0d87bafe038bd34e31d48c01b6f874026801479de73e730ad719247a8a2a020edd5f92af01cb2337a482da08413377b780b307475d3d197e8026433a254888e2023ed341cedb46c636e36e76ad25493511877b24ae50c74194029e468b115a4e8d385696b40422f56f94c2669f58340f74372194e4756fe14918de3c5cbfe9c66c359c64c5462191f6daa15a3d03926a6dd02eb5ca4b4a9c6f56b9022eabe482253568f180056845f8ea48a0c0217f31eb26e2c5898f6dcdcb3cfa4eda5184205ccf0f0ba18ba4970ace745c760527b0fb39a08804d784d2e63f65407817a7921639b3fa8db8ee66462de788a10ea2f25dadee02b158459135a1663d37294e659862adcf849235b5606340139d63358a4c55411fa474e5dc835591a904ebd01cc04b2774c7a0d11bd150bfefc0492706beb15c85ff83ae773863dc74a847d0695abeda994c95c951d6f7e910675a05d98eb7c0dbe9be20d6492251bd42f906b3cce7a31c5173136a9c8507a325b3872c82047db814205576d154635ce405e18dd50201c589d8cbe2e8c9a6f7f5c9903d16d99b48dab99783159c9365677a6d097fd5bbec62479877d3fc3b6a90d3da669c09c213b9e06f82c1ebf7563bf782c15765b5998992797e0d8935e9531dcc25526dd8abf44b30d206f55d09b910c0e875395e0dcd6e6fb37da9d2df3c6821292a3bc74b0bd5561ddfec869042a30affd5968cb53eb581da075dcf313633d434e2834ffdb4c0f9f8b1be14dc336cfe910f7db3f027e7a15061ddc36818a22b27ad4f675ed71f4c0a8aacc64aa45e2b4c293683388dc68eefce77fb9dc9a059bc741702afc7a01b18136048b5c366bd0d52aad62407b6b6fb6eb514858a5ac47deb83c10092cd28c2658c15b47e843757f9f8ac5ca4905cbc6240dd4a5f03a3574b082b03cb3f7eab927cea1a6924207fce678312418ab0b07e90a3a94fd3b8ac908274017773a2e6050c53d11e94f6cfd530cc29b211157ef7f80d8b3bb066640b7044f2f6487c40ea432699ae9a3f5d1c2d0e33e9f7de9b3fd72413d4055a5c57cbf3603c7952f2d9b211c36042d166221483680c2d54880805ce4b1ad211d7cb1191da908f3aa137d66ddbd3c2d76b3eb0f8ac74b9e7aaf4ea5e9ce00af1d1784fe2f3693e8f33669a90bef5d090926dda37f0ffe6c13f68389bc9fcfda3bd81cb9cc170b715f4873025ca225bd50f1dd858154c2bd6a66569a26859384b9991a73c8028f286d3bcbadd884c2b2be04e3b43b0c0dcf52e8017e99ab30232af905cd42005ec61c617211b7696f5cdf42d43f23b6b25455839493cc6042844f6c9f0b841553a90647c6634bffac2e62249158a17262afbcf6909890ce53fea6ca12994280db7f3a254fafad215147c494cd4163be7bfd8ba57c3de6e746832c372b8c0749a6364e7c3c477a7044001da3213b755a8d4f126ef141da1973aa86e70e5273c487bb01573005c0a439c93683d80aa1a6d090d472b6cbfc1f89fe72ad9175cecf7a58bed9f51f418aca0f3660ad65cb062d9f20cdc397acd2716fabacd352643c55603a12ceec8de6d06fd78530d81da77f1921c5257615bfdf68fb8926cd60dd5462487647945d5d558ca5b1744986367ca43e8b07f22f52a7852d82fb6991bd00de67fda47628df8df4e5ce6149462e793db2f3e12bee416f0b1420c2ff2badc863e58b882ff002cc13597a1a014bff70b35ff1990ecbf19be40d2a60b161de54fec605b7ebe08901d96e3654d8638b96a7455e331455ad5b86bc75178d8e27a666a6b3641de489294e7002af6cb01ff4a13e378666dc77bbded915da6142fc94abbf63343e63c368e097d9f3c0eda4e5dfaa80e808b97bba9019ed98172a062e94af78a51066e5b38fd0457e84a45e3d641cbc4c465c81d07fd4a32fd37992ab5cbcbbfeefdda0ff87d1ccf509d32701ade0ca7fb39e3b07edec88ae5e8116ab192c9f3bf32351dd562ce698a194bc6bcf01871c21625e0c62942aafa3701a1f6fda983413e17c6bb0ac0b366a79901924d4fb876115e8b9c9dd02882d5051afc88636063dde03fec00ce1a65443fe5b22ca3c15bea5938785bc73fdd203db27edff1b9f61938ea449e8f0deabcd7f9da7d6d774418710ac2cc27403a6d8c241a308b76fea8dc4fa3ad980b44b34307bfbea4b57307e370d78bb0f1e238203b90af904aad25678962e036a7e8be3b59c5192400bc4fcc7b20fbaaa733651b9241ff4ea20953a1ab37f34d72f0bc5a5f3ba3a1bb69c07ad68dfb70bd185de5a948be048f3c6c6a081fe22f5dea53df6e1bdbbbdfdd909415b766ee01f78de5ae2130510c03057d8043e61b4934ff551b77f8bd36b2802bd405ff3be5c67711f152aa906a66dbc2c6d32d331807ab99db9403dae2fd0f652ec076d7f5d9aa6def0534793d80547e648815f1dea95d4df6ac19dabac2bfdbd7cfa4933bf1721a860a39901d0630c0b102d3720bd7418807f5669071dbec43b13d1dce46a7058de4e05a58b5d9d21151591fb23bd59c551f00496f9e35e2becc01e5bac7fdfe90c946187727b47334a5a66f2d5006a22f2c718fc821366c3e26ca348642bd05a38a462575a2bec4dfe9120460f82e6b1e860697e380e863295917ff45c64ad237c1caa7dae399b1520fbe8e256788195c30bd2c366afc03e827f5b03fd672191d2a29110ffec619c7231e35062b0fd1dc42a8c93ed2989bc02681e2c09cbcd5623f666f830f3c21dc63d2095723300c5ae7321d6f55cf2ef9cac31d60314fa0d54ea65fc2c9dfd81e5dacdd4528920c1b87cd12db74776304fc42519fd6c7bbc8fe88750c9aedf7ddb0399e0e1d543c39d67622ab53332c1086da457e6d43d9e37e059ee9d1aff2b3ffbbfed035ed40071f312f12cec6385eaeee2a473511dab651a763a9d27c1522aacdd0ff1f0c3de442f5e9dad2110eacac006dae0b704354ae0c6349bf3a6f5683c4594270fe94ff7e07b49dbabb2fcfa2b639449a66ba9039b6920ee128c4b3cc07af0a89798ddaf7806f5c4eeb7c222a9a6e7f089fa955eddf4d76e490648d4a072c582794ad73e2444d11cb4d9295e81ec9dc39902b631e42f66c47253947f819cf55b05917359ee3072beccfb6f86a5e42c66f8115b5a3a536adabc13a3718acf37b4a852f0ef02a613fa05974edd6c49adf3db678ba3cb71f1fdf79f4e448e35d9bd4d51cd640f646abbe1a18cbe2b07483d495652d8b81078d122ef6f3e3b40e5d8518ddb47782df81e7e01421747593f3aadf5b2f0c53ab6c9323459ce6c3df08f1935ed0636a821e6b9257edf24f600cf09226c3ee7c8507e103d2bfaf807379854cf84a49149cd424ac7e2094a0939fe9768b79dfd86069778dcd8129c269741a36bbda9082263143c3e791b5b1c17708870a57200ff79611c12021c999c7bf86aaced6c77da86fac50cf8a577f8e6f162d3738b908baf0cf902d7ca7ec7ec10ba5afb16ab6257754ab4e935ef75f959f8290d8ff45bdebc49e22c6b6f884a94f89dd4672cfdca1aaafa9612dc9ebc9ee64a3593802395f05b920970c0ccac5ef0e92bb6306f6f1b77a3a1a652ba3fa57a9385c3caf7a55e8e0f77b9dec0798b3e0ef4d5fa9f05c5d4027c0b6011440ad26ed2c5bd645a961c0ff72cd51bbbb86b7fae2fd1f2f1fe3f72841de3863b5d0ac5c5c59d8761c0b626f0826905e7e602dcbfd3a1128d93b0d14589af4fee0bd5f2f774fe8fe6d84175f7ddb9271c88d2a7dabab0feb2f2fafeb7b6f530a9f86f4ed0c82f42cf8ad59e6925e85b0e183456b4d4c0aeacaa81f6ecc223747d330caff7ce22ac667a91ca7524fb1c1ff6daa2cb53f6ea674abff60d032e1311827c535e868fcc4079f195f1a9a0d02e80f2d5c88586ea10bd741c14c6025788c48f9decb25c046c0310e3df4695a21135d9bd8869d851305ad974e08b6d5e804561a72b1fe5a723e17f1c23234358054536fded63f44da67249fd861dae0b37719c99693f296569c1e9778406caa7d5fc6dc34de56bd16e502d6aed6376731f872ff72379a1c3e0e99d7db71253cd3378bed839c53a0843537232e51b89b133213c65b577e419e3a073100f80da85284f99a14a7f92f6ae64e9938d4f26f861ba7e95a8aff567b7f52754cd23f4f5cfb33e4c550770413978a0446d8e2be91a173aa085ac9d211cbce7ade1d4c96b0cd1f291548917effea13283c3bf3e251ab75f9240c8ea0d71e01788189929c554b4fe29fc66b8e2d08cb87ab14cc5b850a7019857c985005b2cdf7638ae628e4fe3717cfa548ce30f21100999473f8c9374195d3918e5775e396da13f6f53496f4a906ccdd6724d1c7ea6685202a94cb20d6e448de1bfd309f0546658f595e890200f7100962cf38004cc8f8a50958736bc369366ce0901d1b9e236ebae2022d200705bad53d910df689d3f2419cc9362be1c449c04ccdf56c162e9fcc3dc034c7120313ba016f9efb7b2ff1b7f921e900aae7c6707e3ed9cba74d0c0526ae2a0dd2a2cc57a92e765f767ab72a0aa2052ca88f411f29ee211ffafa0c6d68403cf2cf3fa7426bf2ab4cd8e2d379124b776e2d4fa1643190ec840173a518ce64abded5f3a5cf1b7acf07cdedf4f0dd9c3cdc403cef22ba9787db62b119099a7d3d084fdb67d187821badd23cc386c12efb15c93694b2d00e35da0eb853e94634f737e26e4b130035cc21e3f6ab46d7264dbdb9dfef35da2b2b71e149811f2e2c7cda4e336ca14dbd0907e1c693c6b4d2ebd2fcdec236c9a890690f89bc62ff2b6bd1079befd3f2f496cab2ed2c2490cb07843a7ab6b82fb0cf25e74b0627761c1e899abf9a890526341a0cee8f79acf1374e91a9960651570bbd92f3705e627780afdcdfc51d2d9424dca25524436c57a69d0c44d96673e83d0f3752ebdc66deda901a2b2b94bfad245843284bc5087c7250b82a972684092db37ed9dae02265cf700842f69a949b763a1d39479887547f53c7307ea42597f9217c1abf33403a986fc0068d6726ce2f12dfa88afbc82c1fb0b2583630a4984de927b159101c72fc1b3ede7f2630d0f949024bf346cc97e06d31077ad9b4d753ce9a64803de32d729ca059a55bc30834f6f88c5d4d7bb337ecf4d3b004f25270d7fe45507aee99d123eacc840b04fa9ba16aa81e305ac963ac66db2d7e2b68d72ca5c6e3215826bfb08a07571ddd0078ba8b6c6b30bb413cf56ee39eb68635c63a61717ee9d836f33746a1b2f9d5895857858b9979b6d5e34419134ca5ae4aafc2ff101007469a77ada2c61a17f881dec6e32a9388a69d09bb5563ec7762b51a3a86e2f489853c448553cce598952205a8e36f91d4010b657957cfb274d96e671e88293e6d46b26152f5938727d39bf76f9c3344cad5456740ff0225b65547ed290cec15f33b051eeef05a9ba1234fe526ccfb2a6c5c93e02a6adf43b0b61c54fabca863c1aa7775b661d6d6965483de21bb8e555eda1f09b3d9907b60f24be396a81296f8cab8bb87c85ba437860d004213c1cb12a9eaae9a597f7e551939d4aa59bd9264655100461ab1ef2db3f88aba22500dba48a6e479907a3c3249087259030c8c995d381c8a28da84eb738f3ca801f53732bcc409f01608d87ca265f367e042ed99a522a7eadf09e73e99441462b02c34a0d24d1eb228587f49c8c8a6c611e9520aa4c426a47befecf19e97d02629165ca17abc8bd62ee9d236efa1df979c53cef44b82bb42581deddf09fd4a0973ac6dabc4ed4f6d97cffafa0f10ab2ec18810aba8b0d6816c2b97e4647aa0305258b11e6fae55d71887811fab50036300a7db4cd12b03e86c617ad84c2d5771340440eb162aca3de6df7afc2d4da55b3b7bc29598728fcab967f7a22f225dc23f320d5f24e9696edffe8c48d0d3f728f36cd2e784a505ed78d8a5af251283d7f64d045efb45bf314d958ba30507c6241ea38ef0e7ba4285d236d5003a7eff6ae6615a074c9524115ed9df763ee4663aed527026cc8de7f3bc9b14dc763d075d0fff72476208cf0dc60d8812a77170ba29934d8dc792fda9b97f765c4a408232337d1a0d4ce1b9958719a6722765d23297a70035d76ef4d178e0e3a7c047f9652335cd84ca2ec6d455a4c29c29b9c04a1984b3b3463c9bf134b2e6f27ceed78e595510b748b26b2be458a3f99a7fb4271347e1365bb433a9a3fe1f1742b1f8e6d3927bdd5836a55bb81ed55446b44bdf9b7371879d777dc0d16d074e9824bd418f804597daffb28eccde1e4de91c4c6aaf5425496542d759c97aa0af98b6f9c4231ed92e7b64cf70ccbb895bcb790d3f7f590faed571fb2008232bdf27e42882b374016910f16d1c154e97c84b1d14a87c7d5924c0081ced6c031166833e2779fcb86419107a2841723af02e164ae8601ba163d799634eeabfb63b3c0b312b930b364e9533ac0c8e24f5b1c065bc9a853ebf177846696ce2700b051a02630dd327cfdabcfae05e0ada505c850db3afdaa810cf72a67119a6dd3ce35ce03e1b70764e24860065eec34ab4fbafbb22b4e978ab5fb57b6f57e71bd14a41916aa5de3d70e85cf3e68a629275350fb82249953aa186c7601379fe78a6fddf5290bebe8b081f3674ece5158fcc68165f43537fc99f2bee48b1801fba63c382c78a4d9ec2607395f7ba19f0e04a9a4c009b19fa6bff6aaa5a7f4d3bd14793d68822eb4144c04425d9a0afe1ff8320592dcc3f63fe750999db9fbb26840df0c6eaa9e053da8adc7e0e2977fcebf94be1397b661ae6cfa0e8be1567a01a17e916409922deae1f005e1d58959b7f4b594043d2564a37992735507631dec4faf6ec3f652781e799c7640e6a7acabb4f8243fe699efa2598f5a64ae1d31ba5ee2cd3c31511bed91a58327a767fe0b4654f8acd51f94504c3dbec19fe0fa843c11045ef3d54e76693b9ac963505df01c14471a7639c3d863ea5bfcae7b70243751df557b1876ccb072650f626e8cea23b42279812dad7433fbb65730fde1ac776bfe40536d2acd4da5674a0b3dc65775d5d5d017cb160e6a496ce492b63bceeff61dcfdf882ec8ce6dcc2e1ffda0659a79bda8bd40286b5b547e29d5760804f06d1b87eea0ecee3430de4998e2e8805a25adae237138fa800d341c0e68241778ca9e497333f8938bffe1c4c8e85345ca473b58f4ed9a138bdced6cf18799dbfab2b81246b540abe38033727be93472c5bc24109530da4fe41bd876c2a57e7cdcdb5068125e39bb389b1052172234655961c421eab762d603cf2f295c9603e96efa15abbf9e5047b52590f98258c339ef48276028ac393a67e0cff15021875eb06db46d5b437c40d61fb9fa029f29153a0fa2ba9068b307d9a79cdc10fcdc60a86982265b483512667c6bbcb61d329cec2257a07b91f4b57348fd2e4f79bf836c29fefc7a75befd1ce008ab4d48df631230f1afe468ebc8e12ad3cd65afd53ac5786ee6a49938d8fd4ecbcce826cef4db81d30fcd16ad86e0f3155951aade8ebc824226430d6d6f01b95cbfcdad7628b11d8a980b12daa88a36a589b9aca577cf07afcd87b901d617de3a8767ffa7820e004584d64cf5280c8d2ded6e2e517541d21adeaeaa7e72edbbfccb1e42743e019afef81e840ca6a5471701b89133d5e3fac5ddb408a244c619b104b2b65df8af030e52c12441c9ea388a985ca04502d94e1c1db290baa2c6ee21a6a8fcdd3c46d4ad9b073af5c5c020845817444987f7f73be40bbc5654bd6cdf34241f0812c5a1065745ff988140154dfb9da0a16eade0814b75ca086df10e12508e9d69cb97a33465364e5e12d768ecb716bd7d06c4f1966cb86b259c3b462a463be29a08fee7e1e004520d6cd4a3a5fccad9c33660c9d2267cf7e3eb2c584d209727f25454925269f1591bc7a87e9dff66097c562edeed6a2029eb99165664c5876a023fe17ca05d0da0245d3a95f80ffd6ff4a7ff29883435c33b2968eac6c6d046aeab9aff704e4fe7a4fe7021c7fb233259ed089fe4623c172798a6870befea1be6fe1d1f53cabb4e1c3e21b376b28c4c8258bb5715550811c0355a1daaf68181131acf0d5eb15e8cd09ebeaf64f45c2779aa17a73ccff930f63e50d0729b7a5ba9a2e9cc1916ab6e826a13dc863bda3808671ceb5cc5f596375da6e10ec05450ea80b6d550a9f7af04704eb10f628205ec1a294c109fa8a29f24228162ef464fc2a70677ac36c57b630f43c8224b4308534272711e4d28497473e930505c19fd66bf68b86a5db871ad573419869caa46ab6e7e539edcdfb04628b7b119e00", 0x2000, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x4000, 0xfffffffd}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
utimensat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)

17m17.468895323s ago: executing program 1 (id=710):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @empty}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000100)=0xfffffffd, 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x4e21, @empty}, 0x10)
syz_open_dev$swradio(&(0x7f0000000180), 0x0, 0x2)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
fstat(0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f00000007c0)=[{0x0}], 0x1, 0x8, 0x55c)
sendto(r0, &(0x7f00000002c0)='%', 0x300000, 0x0, 0x0, 0x0)
pipe2(&(0x7f0000000040), 0x800)

17m15.811007836s ago: executing program 1 (id=714):
unshare(0x20000400)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = socket$kcm(0x2, 0x3, 0x2)
r3 = socket(0x40000000002, 0x3, 0x2)
setsockopt$inet_int(r3, 0x0, 0x14, &(0x7f00000007c0)=0x8, 0x31)
recvmmsg(r3, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
sendmsg$inet(r2, &(0x7f0000003a80)={&(0x7f00000004c0)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000003a00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xb}, @multicast1}}}], 0x20}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000890000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getpid()
r4 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000100)='asymmetric\x00', 0x0, &(0x7f0000000180)="3082", 0x71, r4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_ifreq(r5, 0x8992, &(0x7f0000000180)={'hsr0\x00', @ifru_ivalue=0x1})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="9c00000010000104000000000000000000480000", @ANYRES32, @ANYBLOB="00000000000000000400140078001680740001800c0003000000000000000000280001"], 0x9c}}, 0x0)

17m0.139174735s ago: executing program 33 (id=714):
unshare(0x20000400)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r2 = socket$kcm(0x2, 0x3, 0x2)
r3 = socket(0x40000000002, 0x3, 0x2)
setsockopt$inet_int(r3, 0x0, 0x14, &(0x7f00000007c0)=0x8, 0x31)
recvmmsg(r3, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
sendmsg$inet(r2, &(0x7f0000003a80)={&(0x7f00000004c0)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000003a00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0xb}, @multicast1}}}], 0x20}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000890000000000000000001811", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000fdffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7020000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getpid()
r4 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000100)='asymmetric\x00', 0x0, &(0x7f0000000180)="3082", 0x71, r4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_ifreq(r5, 0x8992, &(0x7f0000000180)={'hsr0\x00', @ifru_ivalue=0x1})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="9c00000010000104000000000000000000480000", @ANYRES32, @ANYBLOB="00000000000000000400140078001680740001800c0003000000000000000000280001"], 0x9c}}, 0x0)

14m44.75707069s ago: executing program 2 (id=1175):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000180)={@local, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000210", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x1}}}}}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$lock(r1, 0x24, &(0x7f0000000000))
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(&(0x7f0000000100)=@sg0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='nilfs2\x00', 0x0, 0x0)
write$dsp(r0, &(0x7f00000001c0)='\\', 0x1)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r3, &(0x7f0000000200)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000480)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @remote, @multicast1}, {0x4, 0x4e20, 0x8}}}}}, 0x0)
syz_emit_ethernet(0x1012, &(0x7f0000000480)=ANY=[], 0x0)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)

14m42.58557232s ago: executing program 2 (id=1182):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000180)={@local, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "000210", 0x10, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x1}}}}}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$lock(r1, 0x7, &(0x7f0000002000))
fcntl$lock(r1, 0x24, &(0x7f0000000000))
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mount(&(0x7f0000000100)=@sg0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='nilfs2\x00', 0x0, 0x0)
write$dsp(r0, &(0x7f00000001c0)='\\', 0x1)
bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e20, @multicast1}, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000480)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @remote, @multicast1}, {0x4, 0x4e20, 0x8}}}}}, 0x0)
ioctl$SNDCTL_DSP_SYNC(r0, 0x5001, 0x0)

14m40.22797296s ago: executing program 2 (id=1186):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000500)={'sit0\x00', &(0x7f00000006c0)={'erspan0\x00', 0x0, 0x1, 0x20, 0x3, 0x8, {{0x6, 0x4, 0x1, 0x2, 0x18, 0x66, 0x0, 0xf7, 0x29, 0x0, @broadcast, @loopback, {[@ssrr={0x89, 0x3, 0x60}]}}}}})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_genetlink_get_family_id$nbd(&(0x7f0000000300), 0xffffffffffffffff)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10)
r5 = syz_open_dev$usbfs(&(0x7f0000000000), 0x6b5, 0x41)
ioctl$USBDEVFS_CONTROL(r5, 0xc0185500, &(0x7f0000000140)={0x80, 0x6, 0x101, 0x0, 0x7, 0x0, 0x0})
read$snapshot(0xffffffffffffffff, &(0x7f0000000340)=""/202, 0xca)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r6, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000540)=ANY=[@ANYBLOB="020400080c00000000000000000000000300060000000000"], 0x60}, 0x1, 0x7}, 0x0)
mmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x50, r6, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r6, 0x6, 0x23, 0x0, &(0x7f0000000000))

14m38.335158904s ago: executing program 2 (id=1189):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000003c0)={0x0, &(0x7f0000000300)=[<r5=>0x0], &(0x7f0000000340)=[<r6=>0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r4, 0xc01864c6, &(0x7f0000000040)={&(0x7f0000000640)=[r6, r5], 0x2})
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(r4, 0xc01064c7, &(0x7f00000002c0)={0x1, 0x0, &(0x7f0000003340)=[0x0]})
ioctl$VIDIOC_SUBDEV_S_FMT(0xffffffffffffffff, 0xc0585605, &(0x7f0000000140)={0x1, 0x0, {0x0, 0x5, 0x1014, 0x7, 0x6, 0x2, 0x2}})

14m37.000503892s ago: executing program 2 (id=1193):
syz_open_dev$video4linux(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)=@udp6, 0x4}, 0x20)
r0 = syz_open_dev$radio(&(0x7f0000000000), 0x0, 0x2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="340000001a000100000000000000000002100000000000080020000008001e000500000008000200ac1414aa08000300"], 0x34}, 0x1, 0x0, 0x0, 0x810}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f00000003c0), 0xffffffffffffffff)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205648, &(0x7f0000000100)={0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f905, 0x1, '\x00', @p_u8=&(0x7f0000000080)}})
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
mount(0x0, &(0x7f0000027000)='./file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000000200)='./file0/bus\x00', &(0x7f00000001c0)='sysfs\x00', 0x0, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
close(0xffffffffffffffff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x100)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000380)={0x2, 0x4e22, @loopback}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, &(0x7f0000000240)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(r2, 0x8983, &(0x7f0000000040)={0x6, 'batadv_slave_1\x00', {}, 0x1})
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[], 0x44}}, 0x0)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r2, 0x8982, &(0x7f00000008c0)={0x0, 'bond0\x00', {0x10000003}, 0x2})
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='proc\x00', 0x0, 0x0)
r7 = open(&(0x7f0000000100)='./file0\x00', 0x8100, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r7}, 0x8)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000340)={&(0x7f0000000240)=ANY=[@ANYRESHEX=r2], 0x94}, 0x1, 0x0, 0x0, 0x44801}, 0x8800)

14m33.891188282s ago: executing program 2 (id=1200):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020)
writev(r0, &(0x7f000001fc40)=[{&(0x7f0000002080)='T01\n', 0x4}], 0x1)
write$nci(r0, 0x0, 0x83)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
r1 = getpid()
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_VERSION(r2, 0xc0406400, &(0x7f00000000c0)={0x9, 0x9, 0x10001, 0xf2, &(0x7f0000000240)=""/242, 0xad, &(0x7f0000000500)=""/173, 0xc5, &(0x7f00000005c0)=""/197})
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_io_uring_setup(0x8204, &(0x7f0000000480)={0x0, 0xf67c, 0x8}, 0x0, &(0x7f0000000080)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r7 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$sock_int(r7, 0x1, 0xa, &(0x7f0000000080)=0x4, 0x4)
ioctl$sock_SIOCINQ(r7, 0x541b, &(0x7f0000000100))
syz_io_uring_submit(0x0, r6, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, 0xa})
io_uring_enter(r5, 0x47ba, 0x0, 0x0, 0x0, 0x0)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
accept4(r8, 0x0, 0x0, 0x80800)
r9 = socket$inet_sctp(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x9c)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f0000001c00), &(0x7f0000001cc0)=0x9c)

14m18.227828251s ago: executing program 34 (id=1200):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
read$FUSE(r0, &(0x7f00000020c0)={0x2020}, 0x2020)
writev(r0, &(0x7f000001fc40)=[{&(0x7f0000002080)='T01\n', 0x4}], 0x1)
write$nci(r0, 0x0, 0x83)
io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
r1 = getpid()
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000040)={0x0, 0x0, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_VERSION(r2, 0xc0406400, &(0x7f00000000c0)={0x9, 0x9, 0x10001, 0xf2, &(0x7f0000000240)=""/242, 0xad, &(0x7f0000000500)=""/173, 0xc5, &(0x7f00000005c0)=""/197})
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_io_uring_setup(0x8204, &(0x7f0000000480)={0x0, 0xf67c, 0x8}, 0x0, &(0x7f0000000080)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
r7 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$sock_int(r7, 0x1, 0xa, &(0x7f0000000080)=0x4, 0x4)
ioctl$sock_SIOCINQ(r7, 0x541b, &(0x7f0000000100))
syz_io_uring_submit(0x0, r6, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, 0xa})
io_uring_enter(r5, 0x47ba, 0x0, 0x0, 0x0, 0x0)
r8 = socket$pppl2tp(0x18, 0x1, 0x1)
accept4(r8, 0x0, 0x0, 0x80800)
r9 = socket$inet_sctp(0x2, 0x1, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x9c)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f0000001c00), &(0x7f0000001cc0)=0x9c)

13m2.953344041s ago: executing program 3 (id=1492):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/wakeup_count', 0x242, 0x2e0)
r1 = socket$kcm(0x10, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
move_mount(0xffffffffffffffff, 0x0, r5, &(0x7f0000000300)='./file0\x00', 0x40)
socket$caif_seqpacket(0x25, 0x5, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r6, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r7})
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, 0x0)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000003180)='/sys/power/sync_on_suspend', 0x242, 0x0)
write$binfmt_script(r8, &(0x7f0000000240)={'#! ', './file0'}, 0xb)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bind$packet(r8, &(0x7f0000000680)={0x11, 0x15, 0x0, 0x1, 0x5, 0x6, @broadcast}, 0x14)
close(r6)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="d8000000140081044e81f782db44b904021d080211000000040000a118000200e000000e00000e1208000f0100810401a80016ea1f000840032e5f54c92011148ed08734843c8802033d0803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef", 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
sendfile(r0, r0, 0x0, 0xa)

13m1.651658602s ago: executing program 3 (id=1494):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x0, 0x0, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x7, 0x1ff, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d80)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)='%+9llu \x00'}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000009c0)={{r4, <r5=>0xffffffffffffffff}, &(0x7f00000008c0), &(0x7f0000000980)='%pB    \x00'}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000a40)={r5, 0x0, &(0x7f0000000a00)=""/9}, 0x20)

13m1.455355336s ago: executing program 3 (id=1495):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x40000000000000, 0x0}}, 0x1f)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r2, 0xc0884113, &(0x7f0000000240)={0x0, 0x4, 0x3, 0x9e0, 0x8, 0x75, 0x1000000000001, 0x1, 0xfffffffffffffffc, 0x5ce8, 0x1, 0x2})
mkdir(&(0x7f0000000180)='./file1\x00', 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r3, 0x29, 0xc9, 0x0, 0x0)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x0)
r4 = socket(0x10, 0x3, 0x0)
lsetxattr$security_capability(&(0x7f0000000340)='./file1\x00', &(0x7f0000000380), &(0x7f0000000400)=@v2={0x2000000, [{0xff, 0x7}, {0x7, 0x562}]}, 0x14, 0x0)
sendto$inet6(r4, &(0x7f0000000880)="7800000018002507b9409b14ffff00000204be04020b06050e020909430009003f00064c0a0000000d0085a168d0bf46d32345653600648d270012000200000049935ade4a460c89b6ec2069e91b4123b243da377aaae6ac0cff3959547f509058ba86c902000000004a32000400160012000a0000000000", 0x78, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r5 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0)
mknodat(r5, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000540), 0x3, 0x729983)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000070000030c00044000000000000007041c000000050a030000000000000000000a00000a08000b40000000042c000000060a0104000000000000000001000000040004800900010073797a300000000008000b40000000001400000011000100000000000000edff0700000a"], 0x90}}, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
linkat(r5, &(0x7f0000000100)='./file1\x00', r5, &(0x7f0000000240)='./file0\x00', 0x0)
open$dir(&(0x7f00000001c0)='./file1\x00', 0x8000, 0x100)
unlink(&(0x7f0000000180)='./file1\x00')
r7 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
openat(r7, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mknodat$loop(r7, &(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r8 = open(&(0x7f0000000300)='.\x00', 0x10000, 0x0)
utimes(&(0x7f0000000440)='./file1\x00', &(0x7f0000000480)={{0x0, 0xea60}, {0x77359400}})
renameat2(r8, &(0x7f00000004c0)='./bus\x00', r7, &(0x7f0000000500)='./file0\x00', 0x0)

12m59.546890076s ago: executing program 3 (id=1501):
preadv(0xffffffffffffffff, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0) (async)
preadv(0xffffffffffffffff, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2) (async)
r0 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000400)={0xf0f01f})
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
syz_clone(0x4000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x6, 0x4, 0x40, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x15, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x80}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x100d}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0xcd764cc43805ecc8}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8001}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0xa6}}]}, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) (async)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x15, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x80}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x100d}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0xcd764cc43805ecc8}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x8001}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0xa6}}]}, &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5f, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0), &(0x7f0000000380), 0xfff, r2, 0x0, 0xa0028000}, 0x38) (async)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0), &(0x7f0000000380), 0xfff, r2, 0x0, 0xa0028000}, 0x38)

12m58.253914344s ago: executing program 3 (id=1505):
r0 = fsopen(&(0x7f0000000080)='sockfs\x00', 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$rds(0xffffffffffffffff, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
fsconfig$FSCONFIG_SET_STRING(r0, 0x3, &(0x7f0000000000)='source', &(0x7f0000000100)='[\x8b\xa4[\x13\x9b\x00w#\x9b\x94\xb6@\x874L\xf5U\xd7\xcb+3,\x999\xa9\":|\x98\xc5\x93\xba\x8d\xff\x14\x8ag+\xcd\xb1\x96d&\x8dn\x00\xdb\xd2\r!A\x1dZ\x16\xa3\x84\xa1\f\\%$\xd3\x9f\xf4a\xdb\x10\xd1&\x83\xba\x9d\x91\xf7\x92\xfb}\x91\x8d\xbav5{\xe4M;\xa2:\xe0\xfc\xa2G\xd3bBM\xe3i\xfc\x01\xc2\xa1|\x90\xd5\x8d;U\xe2', 0x30000)

12m57.159182422s ago: executing program 3 (id=1509):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="05000000050000000100000004"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x2, 0x4, 0x4, 0x1, 0x1100, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000140)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000000400000018110000", @ANYRES32=<r2=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r1, 0x0, 0x8}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0200000000000000040000004400000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYRES8=r2, @ANYRES32=r0, @ANYRES32=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r6 = socket$netlink(0x10, 0x3, 0xb)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
close(r6)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
close(0xffffffffffffffff)
ioctl$BTRFS_IOC_RM_DEV(r5, 0x5000940b, &(0x7f0000001400)={{}, "d8327e70cca16a2f9accffb3bd9af762633c9d9088c17c9aafd0e4e3399964fff0f4327902fb30d735111bd39ce5d658d3d18a690bcb800f9d5d1d97e997415a3277fea48748c0d90ad0d206d342b5309ebc538700bce2ac1608c57f27114ab387bd8af68b9c5228177edd425f8f2f200052e3741cf715e2569013a91bdde0d30ca1aaf65a47d7d08dd8ae746746a882113a0c1af89f7500fbdc33da7de6573d5c4e1ac83cae54240973c5e172a0403c73c503509322110d173c9a0b7ccc096732fd52b70c98ac59088682446ed73e4364aeb2f1a9bd9cec8a47d99ab67285a8e28ba8754c593b1705b2c696cded78496c02902a04f7e3d2346c8c3cc19dae854e8b1d93eab536ceea830c0c161be8d4b837f6e99f0dc7d27bec9511cca4020af62bcae8af004c0dcd4613682b59b95cc7e6792084adab439412b678ac9a72f2e05c3e4d8f6b133ccdd04dd8544a1f949112c4e7de1fce63dc4e6c4420a61cb6ba4f24ac462a435526edfffecb3caed0bd158dc156636255ba655448ea4d1643edffe19e531e1265a89d2d30ee4f692e1f4a6bc4e64618dd6e76b32b82380b170f126fe3499f9f198d652d5a3e0de3cc564bbaaa3d9e4714e8f049244c08a1ca544f9346fba4e9e1ab5602d007e2c27e797144909460d7658019e80541d718a787dd136dd3d8444b06d9638569f1813f56901e2d544954f71f340577910c202f62df39e6b259181e205abcaa27bcb494d9dfbf6e9f241cb0d50d04bcade2b65121b97aca4c86c8ba119770bd0077f3741a25d67dbd0682b90a2370db1ceb2906e7c6b60106b75794bd935feeac32102c31b10241a940bb5d57f674676008e6f8c610839188484f6830db012adf180880f357e0ac6dc2c5f3260bd138982f3c9fc4ef8f90bc863a9766d639f02ec1a5ea147868ed69d32db0c3c53516c830a99ba61eeef30da72023ae407d876d3768aad3629a70a02c4bb62153e4556b88c16b8ae142454690c75e92c632a9b37c29a21c37c3af3d10874071be001dade7b5cf2023679fd76c31653e2f8e504bea592ae193f80b0d49d83f273ab3e16cc02ede8e71585bdca96d5e6be5157817d24994f5652fcd08c4662f5bbb6639773124e6912c96cb074c7e253757527293ec251bffd3aa2488e9735302eb322630851fd6ffc29a23d6f91d886cd0ba3dc89434950977f0bbf9e9898b014acf218c5ab75fb84f44ecf7e00fa6e164028a8349dd9f2fbcf9229e4f1bca54c5eccecfe123feacbe3f8facb9d0923a3a73fd92528b03853e10133d68cacfaa1c4ee58aa0b3864752c5f8587c10fb81109e8960e7c43bae6b05cd12dc0bfc711a859d2d8aee23faf70ee09be38272a32152af921a597e8017a398a8a8e582c4e60e1cf7c9bf17a1fdd516ce507630de9fefee6d1716d5198be84ee6f0499fdbf15a10885701693d517742aaad6366a45594f2ee508c8529481b96f923bd564eb4096181b99c9de488ac2b71f2a512865d8b6d1c3ab09d58d6bc2b2cdeb1ff3f205c9349ab93adf812417dfccc347a2c65719c17b2c576661ef0ef6c2af13dbc71474b4ae9c49775435ea2141107aae6bef4f7de40ee903e77bee4111491e4b4e520af6d399aff58aa8746a8660a2c62c583ed45c2563d23823bfd962e73dab6aa158fe8bb5973c93c3f16cb94fc87630a0bfb189bcce53749946f3914da67f2f578ff9247df8b4b31fc8d1562443bd8734464b6350be27adaa47ba360d7a87d7559eadfceba1e6e0fa7601fe3404c58fed63dde9db4d38f0aeb3eeafc0139f613b5b71f17b2bcf3087ef6f50713f7e05979c847f101d5cbd7c2176ef66385ba89aa007ab0bb16666c8e6226c082501c805ebcddab5bb8d4a838ea3cf93216d1867b3954d109d0c0c07694975d43ef2ecd70a77da3d67441f01e4ec7d50c5cb4e046de5c469054e8bf7acc99da885c22d1ea5f1d937eb9fca51067667b4162654cf86c29022780bcd442c5308f3ac93b0757b39b92549ad202ce0f301bba0c1895ebb37265985500bea512f6b4b7dfab70e8de241d5162ebb9f739005520fed1332b9755cffa84347c368b5048bbbbccf480fb4970e60e4745549bdd302c9901c4411446d934b7a0ba6a503574f311e3f172eb3d6bd2405c7f23e5c8e9b3ea69a6e461dd9123fb26550244bbfaf7824a949d169ee3526028f9d591d20003851265f7a6523614fcccdab85dfbf16906a60c393d1bd32f3c2e0a04360b0c4246362b9d55869cc2fdb6aabf063bb22911b6c075e8506ba7225ba80e5c84e0fc1fe188ddf9fe7f0c13c6b832c9fb2a3bb1b148d2352ee9cbba9c035573ef5631d7112b326b18ba316241a9d082590c8dc7c0f1b914a6d99f7f5779006ea4e18e79e9989aa15f2e3f4cad1380cbdc6596e6728a31036538dcff74f0ad123de7f17351f2bc32c7e8b4c6a5495c0b4b07ff07bdc62a09d8445f38fcf26147a0e12d70a0eca4ed35e46f3eb9cf8bfc02e75d8f5e84b286d69c16573adcb8017fa84ea9bbf8805aa696df9b7c9c95ef7ac57116f474a1fcfcaa765b45bac43b589562e978c294305e7e6e9d922486ebf3163bdcf857c9addc5e188fd771565bbdd29ae67cfff7180bd5f19e4bd66a241a4b589b450d687bf23a705107a2e9a9023ceb1f246b77940003289b2ada9f036498d8dc785a5025ea0054d8ea88d0a1bf5eaff53a5c494de6eaff32262b667c3471a64d576fe710167372060a7a930d7b8c235e4e3b2b0ee6afa9603fce0d97cce8d1bd465a3f184535a3803dcb6247a0e9c14ac7b9688e4af58cc4beeebd46ecc64413443b52dac646a2b16cb5b0c3868c6a6453b533530bffc51c0d3eb891d7daaa6877f8a040808a7e424187dfbb18bcf476244a3725eb6ff11716dfeeaeb53788f91aa3d7a577f7f8ca5574d595449ac34349200cf7cbf72fabd87b46158413502edef8bedda0458db6e2e6bf631b20b03ca13a6b0f861016b94942c18bcfb1e47dd7eeeb3484dd164e1d6fbb320ece36c241296f460c163596a60ae6a4a3fabe35b4c282167852645094006c7104681dea417000a35cfffd21b3a2e6cb92286555027399642116262e3c2b62718877b8dd79f4c56dacd97129b0c980cebfa59dd91fc3247c798ed205094d2b9278c808b34624533e9752496a3970955d71dc9a73929aee977715b029c81461ac9d1d9d553f77a76a94f8a8e45a3c380ad014542a550dcad92dab7f1d950dad5c7365539401119a006fbfd72c56c153bb21aea36700564e9c5dc86e6508c3f22c96a7aad9ecd6d69f8e2cbe9e13b27f209d43a181097429e43c2b2f2b9d39c2e6f7b184f11b83e6f4c1108446856ee3c14b79b00fc153c041ab9d685096014341341e5aa076584991ca637992eab35e35f780e42b36e3256bf083717a516b463e3906e437f849f2e195e7f0f6751beb5f88404416410b1ddd01758ed49209fea39e2d0fe154f98ca53913b47204a7507cbce112fdeae270b8a71d2a78cb9973830babc5c2459757247fa129fddfa8518f2b50a4800d974a3e3fec2b33f3091154bc20d2d5cfdbe7d5817748d7542e91961e446bf5c52687bdde07feb35eee49b396f373a266801bb089d60bbfeba3a5794544239aee402adf36134014f8b808f3a5e2f96a2069e49892ea8c2d53c50adef2dabbef153eb09de530dd2a54c47506ac08a7f5373dc835e401483d6a56ca9ac0a21afbeabbc3667e4052c5ce642afc7e40f0d55af878acb19db57e3084b0f978bd1875444dfdc189c32dce06bf49a2d0bbc32e4b43daf162202e49f69780cb528a34c22fb7279326229dd2dd347f0780387de550ad1ba4ed172ed8165495ce5483aae6d0402d11825061d2e1c0d95f4af3a3542759287cceddb4d183b13e177ecae17a85c7aecf76e3f1befd4b1955f7493be6f10e3aa73e3c0dded6d9d5a47d2276d449694009eba8a58503b69f1a0ed621e5e98a9434974f30ae7ddfbd095934cc92658bfc953e5cdb140c16361e414df769bf417fc1317f7e7a848d1679d03f568c040f005bae43135442b571a8fc9030fa66bca945968d1437678cce451a0032fd020117f5e0631fde4b17b33d0014361b0d84bc3326556ca98621204bab21a7f02ba895d5742003bd4222b147a02396054c1bec8bed4862418186e0e7e6723ccda27428161d924bcb82b97e777cd67c504616ace8a3aa692341c0f6ca8030473e3811eec6415568c4da5a96caecaf23203f19d1f874fce24b8640f5d1df2f1eda374dc519ff3f58053dcaf0771d6201d9c378a843b667da66dae9aba2953b5f7df10eeb3c1ccc119fe7d57d73d18c04cbced60e7a1ca01aa92c53335cfb21d40cc859433b51c2c8fc48f062c8b41ef7112abdaf7c366859bbbc5ea5616ee6ce05000a80beae5db3718396e2d39aa3152568ece482d2f61a6882d34c90ec6885f520ee7a874c94417326b14065398da3997e1eb2a0ccec220a81f190f88223ae245c3763f247676a65618f15c52ea48bc75a104127c0014e56824d01a3225b12ab44fcb8d1bcca72b605f68c8cef8e68740a6aaa0c1865d0b5224d533e1996d1670c0a7c2a29f67037886bbc740a7006a136b0bea064f6d498498b530e870425676e3cda5bbca2cbe90bcfe3c68ca35d6a1e113e283a2d894e9dbe95420252253191ea0bcf66543ab79b59f02cda1221b02a0cb2d9544aa528f37da3d2f67b73d40bfce791ca7d72fc6a05b37e4f9f75fc66f1d6111905944bae8607e09295987cd9d88c266028275707d6b49daaaacdbf143bb1befbbb3b8a4b583a5ff510775f8fa8f5d02b787c1d1f21ed5a670d4e6e80b42211d77d43be52e3ba999a052008247bb3f1fda8002f21b70fd2457a8c6e66dbf99572c5e1eff27809e605843090d75b6cef6bd355900cf4f5fe3352557968ed424f5fd102da42d43ca78d228b6a7621608a7037431ccdd58b535250b2deebc83da280969ff759a8b76895b161324acb8632c167b416bafad2f4321d0971825ac8c7a31ee44c70ebb6c939c97000df46285cbb85f90b071b3511197fa26b473dd3af79cf777b789223715d225159c119d3f42ebd0f7f8289478f82199cb2eddcf45c8dacc9f83c5fd792ad6e7aad492b0bd651710bd1159efe2543936f5cf4821b438d3a8e0140b3784ad80a27bfceff78cd8b0c5a235fc8cc0becf9db46359d2212704522a871527ee97c3b1a16c8c3f074d39f7a8baeb4ab6fb892174ac5d4f7ea5a5763bd8ec7197eb913808d78e79aa7f225366585d44ba4891baa987cbbde3fe6853cd7645884e167b8487667e2758fe3a044288c8339753431bb0a8928c22c769242c50d5ecd0d7601740e164fbb850aebfb01866e6ee50c2179bc428cf347330fbe3663bc9ef44f44c94e6e3b2b849216d4e943fc78a657a13e7b6b895240c18b3b1c595b594fa8ebe7ae75c468fda6e90700e735062ee263c4870a7fb938eb0255590ad698ce94a7810aefc838b0ff5896d4c81f2663360bd898bf88544504dac0a88fabe1017768c5014600518298c7f22a5a31df535dfaba51cc81d8cd1830354ea0029ac2875fcde6421d2eec8fe3428cae24d1ce89f23880079fd50a7a67eb2811b6953d05510ef12252fa571282af6b944264c42886d294c929a596622eaf81bebf3440b4017a3940728c09b763a35bf951b3ebefb527c92a8af44c0c265e960b471cd37b5539df853d1ac0d477c2637d1c311288036fdbea0fe52d4aebdaed799054746a3db25017ae7b5e1b89a0cb2b58bad147a5bd32"})
prlimit64(0x0, 0x4, &(0x7f0000000140)={0x4, 0xa}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NFC_CMD_DEP_LINK_UP(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44000}, 0x40)
write$sndseq(0xffffffffffffffff, &(0x7f00000001c0), 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'netdevsim0\x00'})
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r8, 0x84, 0x1f, &(0x7f0000001300)={0x0, @in={{0x2, 0x4e23, @broadcast}}, 0x2, 0x3ff}, &(0x7f00000013c0)=0x90)
syz_clone(0x40400, 0x0, 0x0, 0x0, 0x0, 0x0)

12m42.159640381s ago: executing program 35 (id=1509):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="05000000050000000100000004"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x2, 0x4, 0x4, 0x1, 0x1100, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000140)=ANY=[@ANYBLOB="1802000000000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b703000000000000850000000400000018110000", @ANYRES32=<r2=>r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000300)='tlb_flush\x00', r1, 0x0, 0x8}, 0x18)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="0200000000000000040000004400000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000006c0)=ANY=[@ANYRES8=r2, @ANYRES32=r0, @ANYRES32=r0], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r4}, 0x10)
r6 = socket$netlink(0x10, 0x3, 0xb)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
close(r6)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
close(0xffffffffffffffff)
ioctl$BTRFS_IOC_RM_DEV(r5, 0x5000940b, &(0x7f0000001400)={{}, "d8327e70cca16a2f9accffb3bd9af762633c9d9088c17c9aafd0e4e3399964fff0f4327902fb30d735111bd39ce5d658d3d18a690bcb800f9d5d1d97e997415a3277fea48748c0d90ad0d206d342b5309ebc538700bce2ac1608c57f27114ab387bd8af68b9c5228177edd425f8f2f200052e3741cf715e2569013a91bdde0d30ca1aaf65a47d7d08dd8ae746746a882113a0c1af89f7500fbdc33da7de6573d5c4e1ac83cae54240973c5e172a0403c73c503509322110d173c9a0b7ccc096732fd52b70c98ac59088682446ed73e4364aeb2f1a9bd9cec8a47d99ab67285a8e28ba8754c593b1705b2c696cded78496c02902a04f7e3d2346c8c3cc19dae854e8b1d93eab536ceea830c0c161be8d4b837f6e99f0dc7d27bec9511cca4020af62bcae8af004c0dcd4613682b59b95cc7e6792084adab439412b678ac9a72f2e05c3e4d8f6b133ccdd04dd8544a1f949112c4e7de1fce63dc4e6c4420a61cb6ba4f24ac462a435526edfffecb3caed0bd158dc156636255ba655448ea4d1643edffe19e531e1265a89d2d30ee4f692e1f4a6bc4e64618dd6e76b32b82380b170f126fe3499f9f198d652d5a3e0de3cc564bbaaa3d9e4714e8f049244c08a1ca544f9346fba4e9e1ab5602d007e2c27e797144909460d7658019e80541d718a787dd136dd3d8444b06d9638569f1813f56901e2d544954f71f340577910c202f62df39e6b259181e205abcaa27bcb494d9dfbf6e9f241cb0d50d04bcade2b65121b97aca4c86c8ba119770bd0077f3741a25d67dbd0682b90a2370db1ceb2906e7c6b60106b75794bd935feeac32102c31b10241a940bb5d57f674676008e6f8c610839188484f6830db012adf180880f357e0ac6dc2c5f3260bd138982f3c9fc4ef8f90bc863a9766d639f02ec1a5ea147868ed69d32db0c3c53516c830a99ba61eeef30da72023ae407d876d3768aad3629a70a02c4bb62153e4556b88c16b8ae142454690c75e92c632a9b37c29a21c37c3af3d10874071be001dade7b5cf2023679fd76c31653e2f8e504bea592ae193f80b0d49d83f273ab3e16cc02ede8e71585bdca96d5e6be5157817d24994f5652fcd08c4662f5bbb6639773124e6912c96cb074c7e253757527293ec251bffd3aa2488e9735302eb322630851fd6ffc29a23d6f91d886cd0ba3dc89434950977f0bbf9e9898b014acf218c5ab75fb84f44ecf7e00fa6e164028a8349dd9f2fbcf9229e4f1bca54c5eccecfe123feacbe3f8facb9d0923a3a73fd92528b03853e10133d68cacfaa1c4ee58aa0b3864752c5f8587c10fb81109e8960e7c43bae6b05cd12dc0bfc711a859d2d8aee23faf70ee09be38272a32152af921a597e8017a398a8a8e582c4e60e1cf7c9bf17a1fdd516ce507630de9fefee6d1716d5198be84ee6f0499fdbf15a10885701693d517742aaad6366a45594f2ee508c8529481b96f923bd564eb4096181b99c9de488ac2b71f2a512865d8b6d1c3ab09d58d6bc2b2cdeb1ff3f205c9349ab93adf812417dfccc347a2c65719c17b2c576661ef0ef6c2af13dbc71474b4ae9c49775435ea2141107aae6bef4f7de40ee903e77bee4111491e4b4e520af6d399aff58aa8746a8660a2c62c583ed45c2563d23823bfd962e73dab6aa158fe8bb5973c93c3f16cb94fc87630a0bfb189bcce53749946f3914da67f2f578ff9247df8b4b31fc8d1562443bd8734464b6350be27adaa47ba360d7a87d7559eadfceba1e6e0fa7601fe3404c58fed63dde9db4d38f0aeb3eeafc0139f613b5b71f17b2bcf3087ef6f50713f7e05979c847f101d5cbd7c2176ef66385ba89aa007ab0bb16666c8e6226c082501c805ebcddab5bb8d4a838ea3cf93216d1867b3954d109d0c0c07694975d43ef2ecd70a77da3d67441f01e4ec7d50c5cb4e046de5c469054e8bf7acc99da885c22d1ea5f1d937eb9fca51067667b4162654cf86c29022780bcd442c5308f3ac93b0757b39b92549ad202ce0f301bba0c1895ebb37265985500bea512f6b4b7dfab70e8de241d5162ebb9f739005520fed1332b9755cffa84347c368b5048bbbbccf480fb4970e60e4745549bdd302c9901c4411446d934b7a0ba6a503574f311e3f172eb3d6bd2405c7f23e5c8e9b3ea69a6e461dd9123fb26550244bbfaf7824a949d169ee3526028f9d591d20003851265f7a6523614fcccdab85dfbf16906a60c393d1bd32f3c2e0a04360b0c4246362b9d55869cc2fdb6aabf063bb22911b6c075e8506ba7225ba80e5c84e0fc1fe188ddf9fe7f0c13c6b832c9fb2a3bb1b148d2352ee9cbba9c035573ef5631d7112b326b18ba316241a9d082590c8dc7c0f1b914a6d99f7f5779006ea4e18e79e9989aa15f2e3f4cad1380cbdc6596e6728a31036538dcff74f0ad123de7f17351f2bc32c7e8b4c6a5495c0b4b07ff07bdc62a09d8445f38fcf26147a0e12d70a0eca4ed35e46f3eb9cf8bfc02e75d8f5e84b286d69c16573adcb8017fa84ea9bbf8805aa696df9b7c9c95ef7ac57116f474a1fcfcaa765b45bac43b589562e978c294305e7e6e9d922486ebf3163bdcf857c9addc5e188fd771565bbdd29ae67cfff7180bd5f19e4bd66a241a4b589b450d687bf23a705107a2e9a9023ceb1f246b77940003289b2ada9f036498d8dc785a5025ea0054d8ea88d0a1bf5eaff53a5c494de6eaff32262b667c3471a64d576fe710167372060a7a930d7b8c235e4e3b2b0ee6afa9603fce0d97cce8d1bd465a3f184535a3803dcb6247a0e9c14ac7b9688e4af58cc4beeebd46ecc64413443b52dac646a2b16cb5b0c3868c6a6453b533530bffc51c0d3eb891d7daaa6877f8a040808a7e424187dfbb18bcf476244a3725eb6ff11716dfeeaeb53788f91aa3d7a577f7f8ca5574d595449ac34349200cf7cbf72fabd87b46158413502edef8bedda0458db6e2e6bf631b20b03ca13a6b0f861016b94942c18bcfb1e47dd7eeeb3484dd164e1d6fbb320ece36c241296f460c163596a60ae6a4a3fabe35b4c282167852645094006c7104681dea417000a35cfffd21b3a2e6cb92286555027399642116262e3c2b62718877b8dd79f4c56dacd97129b0c980cebfa59dd91fc3247c798ed205094d2b9278c808b34624533e9752496a3970955d71dc9a73929aee977715b029c81461ac9d1d9d553f77a76a94f8a8e45a3c380ad014542a550dcad92dab7f1d950dad5c7365539401119a006fbfd72c56c153bb21aea36700564e9c5dc86e6508c3f22c96a7aad9ecd6d69f8e2cbe9e13b27f209d43a181097429e43c2b2f2b9d39c2e6f7b184f11b83e6f4c1108446856ee3c14b79b00fc153c041ab9d685096014341341e5aa076584991ca637992eab35e35f780e42b36e3256bf083717a516b463e3906e437f849f2e195e7f0f6751beb5f88404416410b1ddd01758ed49209fea39e2d0fe154f98ca53913b47204a7507cbce112fdeae270b8a71d2a78cb9973830babc5c2459757247fa129fddfa8518f2b50a4800d974a3e3fec2b33f3091154bc20d2d5cfdbe7d5817748d7542e91961e446bf5c52687bdde07feb35eee49b396f373a266801bb089d60bbfeba3a5794544239aee402adf36134014f8b808f3a5e2f96a2069e49892ea8c2d53c50adef2dabbef153eb09de530dd2a54c47506ac08a7f5373dc835e401483d6a56ca9ac0a21afbeabbc3667e4052c5ce642afc7e40f0d55af878acb19db57e3084b0f978bd1875444dfdc189c32dce06bf49a2d0bbc32e4b43daf162202e49f69780cb528a34c22fb7279326229dd2dd347f0780387de550ad1ba4ed172ed8165495ce5483aae6d0402d11825061d2e1c0d95f4af3a3542759287cceddb4d183b13e177ecae17a85c7aecf76e3f1befd4b1955f7493be6f10e3aa73e3c0dded6d9d5a47d2276d449694009eba8a58503b69f1a0ed621e5e98a9434974f30ae7ddfbd095934cc92658bfc953e5cdb140c16361e414df769bf417fc1317f7e7a848d1679d03f568c040f005bae43135442b571a8fc9030fa66bca945968d1437678cce451a0032fd020117f5e0631fde4b17b33d0014361b0d84bc3326556ca98621204bab21a7f02ba895d5742003bd4222b147a02396054c1bec8bed4862418186e0e7e6723ccda27428161d924bcb82b97e777cd67c504616ace8a3aa692341c0f6ca8030473e3811eec6415568c4da5a96caecaf23203f19d1f874fce24b8640f5d1df2f1eda374dc519ff3f58053dcaf0771d6201d9c378a843b667da66dae9aba2953b5f7df10eeb3c1ccc119fe7d57d73d18c04cbced60e7a1ca01aa92c53335cfb21d40cc859433b51c2c8fc48f062c8b41ef7112abdaf7c366859bbbc5ea5616ee6ce05000a80beae5db3718396e2d39aa3152568ece482d2f61a6882d34c90ec6885f520ee7a874c94417326b14065398da3997e1eb2a0ccec220a81f190f88223ae245c3763f247676a65618f15c52ea48bc75a104127c0014e56824d01a3225b12ab44fcb8d1bcca72b605f68c8cef8e68740a6aaa0c1865d0b5224d533e1996d1670c0a7c2a29f67037886bbc740a7006a136b0bea064f6d498498b530e870425676e3cda5bbca2cbe90bcfe3c68ca35d6a1e113e283a2d894e9dbe95420252253191ea0bcf66543ab79b59f02cda1221b02a0cb2d9544aa528f37da3d2f67b73d40bfce791ca7d72fc6a05b37e4f9f75fc66f1d6111905944bae8607e09295987cd9d88c266028275707d6b49daaaacdbf143bb1befbbb3b8a4b583a5ff510775f8fa8f5d02b787c1d1f21ed5a670d4e6e80b42211d77d43be52e3ba999a052008247bb3f1fda8002f21b70fd2457a8c6e66dbf99572c5e1eff27809e605843090d75b6cef6bd355900cf4f5fe3352557968ed424f5fd102da42d43ca78d228b6a7621608a7037431ccdd58b535250b2deebc83da280969ff759a8b76895b161324acb8632c167b416bafad2f4321d0971825ac8c7a31ee44c70ebb6c939c97000df46285cbb85f90b071b3511197fa26b473dd3af79cf777b789223715d225159c119d3f42ebd0f7f8289478f82199cb2eddcf45c8dacc9f83c5fd792ad6e7aad492b0bd651710bd1159efe2543936f5cf4821b438d3a8e0140b3784ad80a27bfceff78cd8b0c5a235fc8cc0becf9db46359d2212704522a871527ee97c3b1a16c8c3f074d39f7a8baeb4ab6fb892174ac5d4f7ea5a5763bd8ec7197eb913808d78e79aa7f225366585d44ba4891baa987cbbde3fe6853cd7645884e167b8487667e2758fe3a044288c8339753431bb0a8928c22c769242c50d5ecd0d7601740e164fbb850aebfb01866e6ee50c2179bc428cf347330fbe3663bc9ef44f44c94e6e3b2b849216d4e943fc78a657a13e7b6b895240c18b3b1c595b594fa8ebe7ae75c468fda6e90700e735062ee263c4870a7fb938eb0255590ad698ce94a7810aefc838b0ff5896d4c81f2663360bd898bf88544504dac0a88fabe1017768c5014600518298c7f22a5a31df535dfaba51cc81d8cd1830354ea0029ac2875fcde6421d2eec8fe3428cae24d1ce89f23880079fd50a7a67eb2811b6953d05510ef12252fa571282af6b944264c42886d294c929a596622eaf81bebf3440b4017a3940728c09b763a35bf951b3ebefb527c92a8af44c0c265e960b471cd37b5539df853d1ac0d477c2637d1c311288036fdbea0fe52d4aebdaed799054746a3db25017ae7b5e1b89a0cb2b58bad147a5bd32"})
prlimit64(0x0, 0x4, &(0x7f0000000140)={0x4, 0xa}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NFC_CMD_DEP_LINK_UP(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x44000}, 0x40)
write$sndseq(0xffffffffffffffff, &(0x7f00000001c0), 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'netdevsim0\x00'})
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r8, 0x84, 0x1f, &(0x7f0000001300)={0x0, @in={{0x2, 0x4e23, @broadcast}}, 0x2, 0x3ff}, &(0x7f00000013c0)=0x90)
syz_clone(0x40400, 0x0, 0x0, 0x0, 0x0, 0x0)

12m38.861790298s ago: executing program 7 (id=1565):
r0 = socket$caif_seqpacket(0x25, 0x5, 0x2)
sendmsg(r0, &(0x7f0000000840)={&(0x7f0000000500)=@phonet={0x23, 0x4, 0x6, 0xf}, 0x80, 0x0}, 0x20048000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))

12m38.587971296s ago: executing program 7 (id=1566):
keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, 0x0, 0x0)
write$6lowpan_enable(0xffffffffffffffff, 0x0, 0x0)
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000840)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
add_key(&(0x7f00000003c0)='dns_resolver\x00', &(0x7f0000000400)={'syz', 0x3}, &(0x7f0000000080)="00000102", 0xfffff, r0)
syz_io_uring_setup(0x23c, 0x0, 0x0, 0x0)
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, 0x0)
ioctl$EVIOCGNAME(0xffffffffffffffff, 0x40044590, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r1, 0x400448ca, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000005580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2f, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000140)={@fallback, r2, 0x2f, 0x4, 0x4, @void, @value=r2}, 0x20)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
epoll_create(0x3)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r5 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
r6 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendto$inet6(r4, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0xfff, @loopback}, 0x1c)
r7 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r8=>0x0})
connect$can_bcm(r7, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r7, &(0x7f0000000500)={&(0x7f00000003c0)={0x1d, r8}, 0x10, &(0x7f00000004c0)={&(0x7f0000000580)={0x1, 0x0, 0x0, {}, {0x77359400}, {}, 0x1, @can={{}, 0x0, 0x0, 0x0, 0x0, "cbfc0b9af540340c"}}, 0x48}}, 0x0)
close(0x3)
read$dsp(0xffffffffffffffff, 0x0, 0x0)

12m36.691213356s ago: executing program 7 (id=1572):
syz_open_dev$sg(&(0x7f00000060c0), 0x3, 0x2000) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) (async)
mlock2(&(0x7f0000018000/0x2000)=nil, 0x2000, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x6, &(0x7f0000000200)=0x398)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
ioctl$AUTOFS_DEV_IOCTL_VERSION(0xffffffffffffffff, 0xc0189371, &(0x7f0000000340)={{0x1, 0x1, 0x18, r2}, './file0\x00'})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000c80)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newqdisc={0x9c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x6c, 0x2, {{}, [@TCA_NETEM_LOSS={0x30, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0x18}, @NETEM_LOSS_GI={0x18, 0x1, {0x10}}]}, @TCA_NETEM_RATE={0x14, 0xd}, @TCA_NETEM_CORRUPT={0xc, 0x2}]}}}]}, 0x9c}}, 0x0) (async)
syz_open_dev$tty20(0xc, 0x4, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000200)) (async)
r6 = syz_open_dev$loop(0x0, 0x40000000001, 0x0) (async)
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file2\x00', &(0x7f0000000080)='sysfs\x00', 0x810444, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) (async)
mkdir(&(0x7f0000000200)='./bus\x00', 0x0) (async)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@verity_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) (async)
chroot(&(0x7f0000000000)='./bus\x00') (async)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) (async)
ioctl$LOOP_CONFIGURE(r6, 0x4c0a, 0x0)

12m33.540427369s ago: executing program 7 (id=1574):
getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000080), &(0x7f00000000c0)=0x4)
lsm_get_self_attr(0x64, &(0x7f0000000000), &(0x7f0000001280)=0xdb, 0x0)
lsm_get_self_attr(0x64, &(0x7f0000000000)={0x0, 0x0, 0x7f, 0x5f, ""/95}, &(0x7f00000000c0)=0x10, 0x1)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x89101a, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
move_mount(r1, &(0x7f0000000080)='./file0/file0\x00', r1, &(0x7f0000000040)='./file0/../file0\x00', 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0\x00', 0x0, 0x12f451, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="b02e84c88cc1aa21caa86a63e84aba3030db16ad3fef5f721fc950f774d117c07c36701235e41c2aa487fd090883f923d0dcacda3bc443c39e88b9ad48587c76fddc18b27ad2acc0d29c00a7c394687ce4a8780f545a7fea69a6440fca", @ANYRES64=r0, @ANYBLOB="0cf01918704a0b3476b8b9b521ff7c0df6e0787e888b2c38508478f0bd9c7390fee8fd790c177831380f76982bea73e22a8c6f5433eb0156e0491c45993e5cf3978985af50d08b6835c823fbf87b9b5661402ae66ab6e2edd250730dd8ff762cd3ee20a9ff9018aef2fcfdb8317f715febd97541b0de4ca64a137b7ce297a7f1ec1eea0c14a5acf17238fe6ecdbbfafc45afb112309d66", @ANYRES16=r0, @ANYRESDEC=r0])
r2 = socket(0x11, 0xa, 0x0)
write$vga_arbiter(0xffffffffffffffff, &(0x7f0000000000)=@unlock_all, 0x7)
sendmsg$MPTCP_PM_CMD_FLUSH_ADDRS(r2, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4008041}, 0x4000084)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$can_bcm(r2, &(0x7f0000000140)={&(0x7f0000000000), 0x10, &(0x7f0000000080)={0x0}, 0x8}, 0x0)
futex(&(0x7f0000000080), 0x88, 0x0, 0x0, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
futex(&(0x7f0000000080), 0x88, 0x0, 0x0, 0x0, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r4=>0x0})
setsockopt$packet_int(r3, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r3, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r4, 0x1, 0x0, 0x6, @multicast}, 0x14)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)

12m32.367337795s ago: executing program 7 (id=1578):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
ioctl$SIOCAX25ADDUID(r4, 0x891e, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000001c0)={'lo\x00', <r6=>0x0})
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x4, &(0x7f0000000240), 0x4)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv4_newaddr={0x20, 0x14, 0x503, 0x0, 0x3, {0x2, 0x8, 0x0, 0xfd, r6}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendto$inet(r5, &(0x7f0000000040)="e48a4bd62e284336ec625ad42156700469df88", 0x13, 0x200000c4, 0x0, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', <r10=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x38, 0x10, 0x49920d862a92153b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xff7f}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_LINK={0x8, 0x1, r10}]}}}]}, 0x38}}, 0x0)

12m31.429667114s ago: executing program 7 (id=1582):
prlimit64(0x0, 0xe, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x16, &(0x7f0000000880)=ANY=[@ANYBLOB="180000000000000000000000000000181180003a56dc21127e", @ANYRES32, @ANYRESDEC=r2, @ANYRESOCT=r0, @ANYBLOB="09d52ae2ba2b264b20c8cc1a90f133a5a0faf802cad90a51b120083cfc7d3d0fef7fdba73604f52f7ecc4549b48dd2ac5bbbc48a2c700ee8089aa4e782162b938bb804ed944f1b994663a2b6378db1e1157ba5901ac6b0c66e39c0d414f3a473ab81954c7fd8814b5dbdc5a9fd82a0ee7fd4b8232e9ddcbee72b3383ac0a2dbe2793583670f12b47f2f9c770923dd3e11f493283e6bb7a8bb8c53e63", @ANYRES32, @ANYBLOB="000000e8ff000000b703000000000000850000020c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x800000, @void, @value}, 0x94)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000050000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r4], 0x4c}}, 0x0)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, 0x0, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, 0x0, 0x0)
epoll_create1(0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000680)=@nat={'nat\x00', 0x19, 0x1, 0x216, [0x20000440, 0x0, 0x0, 0x20000470, 0x200004a0], 0x0, &(0x7f0000000400), &(0x7f0000000440)=[{0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0x2, 0x1, [{0x36c00214065d9f08, 0x0, 0x2, 'bridge0\x00', 'bridge_slave_0\x00', 'veth0_vlan\x00', 'wg2\x00', @multicast, [0xff, 0xff, 0x0, 0xff, 0xff], @local, [0xff, 0x0, 0xff, 0xff, 0x0, 0xff], 0x11e, 0x156, 0x186, [@rateest={{'rateest\x00', 0x0, 0x48}, {{'nr0\x00', 'veth0_to_batadv\x00', 0x2, 0x2, 0x9, 0x5, 0x21, 0x8, {0x6}, {0x7ff}}}}, @mark_m={{'mark_m\x00', 0x0, 0x18}, {{0x0, 0x7, 0x2, 0x3}}}], [@snat={'snat\x00', 0x10, {{@broadcast, 0xfffffffffffffffe}}}], @common=@NFQUEUE0={'NFQUEUE\x00', 0x8, {{0x3}}}}]}]}, 0x28e)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, 0x0, 0x1f0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x2e0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0xfe, 0x60000000, 0xe, 0x28, &(0x7f0000000040)="ded6e0966ec1cf6ba4b897a54e4e", &(0x7f0000000380)="af5fa441b438b5156d8a9fcc090f586e979858f64170cde36889dcc8539ffcca62621a4c3ea3f7ac", 0x0, 0x3}, 0x50)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
io_setup(0x3, &(0x7f0000000180))
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, 0x0)
socket$phonet(0x23, 0x2, 0x1)

12m30.937481899s ago: executing program 36 (id=1582):
prlimit64(0x0, 0xe, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
r2 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x0, 0x16, &(0x7f0000000880)=ANY=[@ANYBLOB="180000000000000000000000000000181180003a56dc21127e", @ANYRES32, @ANYRESDEC=r2, @ANYRESOCT=r0, @ANYBLOB="09d52ae2ba2b264b20c8cc1a90f133a5a0faf802cad90a51b120083cfc7d3d0fef7fdba73604f52f7ecc4549b48dd2ac5bbbc48a2c700ee8089aa4e782162b938bb804ed944f1b994663a2b6378db1e1157ba5901ac6b0c66e39c0d414f3a473ab81954c7fd8814b5dbdc5a9fd82a0ee7fd4b8232e9ddcbee72b3383ac0a2dbe2793583670f12b47f2f9c770923dd3e11f493283e6bb7a8bb8c53e63", @ANYRES32, @ANYBLOB="000000e8ff000000b703000000000000850000020c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x800000, @void, @value}, 0x94)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000050000000500000014000500200100000000000000000100000000001c00090008000000", @ANYRES32=r4], 0x4c}}, 0x0)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, 0x0, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout_data(r5, 0x107, 0x16, 0x0, 0x0)
epoll_create1(0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000680)=@nat={'nat\x00', 0x19, 0x1, 0x216, [0x20000440, 0x0, 0x0, 0x20000470, 0x200004a0], 0x0, &(0x7f0000000400), &(0x7f0000000440)=[{0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0x2, 0x1, [{0x36c00214065d9f08, 0x0, 0x2, 'bridge0\x00', 'bridge_slave_0\x00', 'veth0_vlan\x00', 'wg2\x00', @multicast, [0xff, 0xff, 0x0, 0xff, 0xff], @local, [0xff, 0x0, 0xff, 0xff, 0x0, 0xff], 0x11e, 0x156, 0x186, [@rateest={{'rateest\x00', 0x0, 0x48}, {{'nr0\x00', 'veth0_to_batadv\x00', 0x2, 0x2, 0x9, 0x5, 0x21, 0x8, {0x6}, {0x7ff}}}}, @mark_m={{'mark_m\x00', 0x0, 0x18}, {{0x0, 0x7, 0x2, 0x3}}}], [@snat={'snat\x00', 0x10, {{@broadcast, 0xfffffffffffffffe}}}], @common=@NFQUEUE0={'NFQUEUE\x00', 0x8, {{0x3}}}}]}]}, 0x28e)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, 0x0, 0x1f0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000780)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r7, 0x2e0, 0x0, 0x0, &(0x7f0000000100), 0x0, 0xfe, 0x60000000, 0xe, 0x28, &(0x7f0000000040)="ded6e0966ec1cf6ba4b897a54e4e", &(0x7f0000000380)="af5fa441b438b5156d8a9fcc090f586e979858f64170cde36889dcc8539ffcca62621a4c3ea3f7ac", 0x0, 0x3}, 0x50)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
io_setup(0x3, &(0x7f0000000180))
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, 0x0)
socket$phonet(0x23, 0x2, 0x1)

1m35.570713639s ago: executing program 9 (id=3529):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x2000000}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000004400000008000300", @ANYRES32=r5, @ANYBLOB="08002600851600000a00180000000000000000001c005a8018000180140003"], 0x4c}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_setup(0x200, 0x0)
r6 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)
gettid()
sendmsg$ETHTOOL_MSG_LINKMODES_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)={0x2c, 0x0, 0x1, 0x0, 0x0, {0x1e}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}]}, 0x2c}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$TCSETSF(r6, 0x5404, &(0x7f00000000c0)={0x0, 0x5, 0x0, 0x1, 0xc, "f9672d0e76eb0373c75fee7646b592a76e0325"})
fcntl$setlease(r6, 0x400, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000004c0)='kmem_cache_free\x00'}, 0x10)

1m34.288052586s ago: executing program 9 (id=3531):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2041, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000280)=0x30)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0xae, &(0x7f0000000100)={@local, @local, @val, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f81fcb", 0x70, 0x3a, 0x0, @private0, @mcast2, {[], @param_prob={0x4, 0x0, 0x0, 0x0, {0x0, 0x6, "4a98d3", 0x0, 0x0, 0x0, @private1, @ipv4={'\x00', '\xff\xff', @loopback}, [@routing={0x2b}, @srh={0x0, 0x2, 0x4, 0x1, 0x0, 0x0, 0x0, [@ipv4={'\x00', '\xff\xff', @remote}]}, @srh={0x0, 0x2, 0x4, 0x1, 0x0, 0x0, 0x0, [@private0={0xfc, 0x0, '\x00', 0x1}]}, @dstopts]}}}}}}}, 0x0)
sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000009c0)={0x14, 0xd, 0xa, 0xe01, 0x0, 0x0, {0x1}}, 0x14}}, 0x0)

1m31.722957159s ago: executing program 9 (id=3537):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r2=>0x0})
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x7, 0x1ff, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d80)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)='%+9llu \x00'}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000009c0)={{r4}, &(0x7f00000008c0), &(0x7f0000000980)='%pB    \x00'}, 0x20)
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x440, 0x0)
ioctl$PTP_PIN_GETFUNC2(r5, 0xc0603d0f, &(0x7f0000000080)={'\x00', 0x2, 0x0, 0x10000})
bpf$MAP_GET_NEXT_KEY(0x4, 0x0, 0x0)

1m30.922851911s ago: executing program 9 (id=3538):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@newlink={0x50, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0x0, 0x110d1}, [@IFLA_VFINFO_LIST={0x30, 0x16, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@IFLA_VF_MAC={0x28, 0x1, {0x1227}}]}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x20048000}, 0x40000880)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000080)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x40, 0x24, 0xf0b, 0x0, 0x1000000, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0x14, 0x2, [@TCA_HHF_HH_FLOWS_LIMIT={0x8}, @TCA_HHF_BACKLOG_LIMIT={0x8, 0x1, 0x40}]}}]}, 0x40}}, 0x8000)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000080)=@mpls_newroute={0x108, 0x18, 0x100, 0x70bd27, 0x25dfdbfd, {0x1c, 0x0, 0x14, 0x2, 0xfe, 0x1, 0xfd, 0x5, 0x2000}, [@RTA_MULTIPATH={0xc, 0x9, {0x3, 0x30, 0x9, r4}}, @RTA_VIA={0x14, 0x12, {0x23, "5722c07c7030fe5b948ad131fdfb"}}, @RTA_DST={0x8, 0x1, {0x7}}, @RTA_OIF={0x8}, @RTA_VIA={0x14, 0x12, {0x9, "72cabf2076e3d07928640cab9a40"}}, @RTA_NEWDST={0x84, 0x13, [{0xff}, {0x3, 0x0, 0x1}, {0x5, 0x0, 0x1}, {0x2, 0x0, 0x1}, {0x5, 0x0, 0x1}, {0x7fff, 0x0, 0x1}, {0x2}, {0x4}, {}, {0xff000, 0x0, 0x1}, {0x101, 0x0, 0x1}, {0x400, 0x0, 0x1}, {0xe}, {0x1, 0x0, 0x1}, {0xffffc}, {0x200}, {0x8, 0x0, 0x1}, {0x2, 0x0, 0x1}, {0x183}, {0xffff7, 0x0, 0x1}, {0x3, 0x0, 0x1}, {0x1cd6, 0x0, 0x1}, {0x8, 0x0, 0x1}, {0x8b7}, {0x0, 0x0, 0x1}, {0x800, 0x0, 0x1}, {0x2f}, {0xc, 0x0, 0x1}, {0x0, 0x0, 0x1}, {0x52d}, {0xff, 0x0, 0x1}, {0x6}]}, @RTA_DST={0x8, 0x1, {0x5, 0x0, 0x1}}, @RTA_VIA={0x14, 0x12, {0x6, "c31978a9e5c66e3b899b33a5fd80"}}, @RTA_OIF={0x8, 0x4, r1}]}, 0x108}, 0x1, 0x0, 0x0, 0x40090}, 0x48044)

1m29.592443294s ago: executing program 9 (id=3546):
r0 = socket$pptp(0x18, 0x1, 0x2)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x44)
r6 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000), 0x80400, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000001c0)=0x14)
r8 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r9, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xc}, @NFTA_CT_DREG={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
ioctl$FS_IOC_SETFLAGS(r8, 0x40086602, &(0x7f00000002c0)=0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x13, &(0x7f0000000240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [@map_idx={0x18, 0x8, 0x5, 0x0, 0xd}, @cb_func={0x18, 0x9, 0x4, 0x0, 0xfffffffffffffffa}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='GPL\x00', 0x70183f46, 0xfc, &(0x7f0000000300)=""/252, 0x41000, 0x1, '\x00', r7, 0x0, r8, 0x8, &(0x7f0000000400)={0x0, 0x2}, 0x8, 0x10, &(0x7f0000000440)={0x0, 0x4, 0x2, 0x80}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000480)=[r1], 0x0, 0x10, 0x3, @void, @value}, 0x94)
bind$pptp(r0, 0x0, 0x0)
connect$pptp(r0, &(0x7f0000000040)={0x18, 0x2, {0x0, @multicast1}}, 0x1e)

1m25.75148947s ago: executing program 9 (id=3551):
r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x13, 0x7c5, 0x1, 0x2, 0xd59f80, 0x4, 0x800005, 0xb, 0x8, 0x5, 0x722, 0xfffffbff, 0x7, 0x8, 0x2b, 0x27, {0x6, 0x1}, 0x3, 0xf1}})

1m9.306840654s ago: executing program 37 (id=3551):
r0 = syz_open_dev$vbi(&(0x7f0000000080), 0x1, 0x2)
ioctl$VIDIOC_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x13, 0x7c5, 0x1, 0x2, 0xd59f80, 0x4, 0x800005, 0xb, 0x8, 0x5, 0x722, 0xfffffbff, 0x7, 0x8, 0x2b, 0x27, {0x6, 0x1}, 0x3, 0xf1}})

19.514251036s ago: executing program 4 (id=3746):
mknod$loop(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r5, 0xc01864c6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r6=>0xffffffffffffffff})
dup3(r5, r6, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r7=>0x0, <r8=>0x0})
ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000001c0)=@userptr={0x50b2, 0x8, 0x4, 0x10, 0x3, {r7, r8/1000+60000}, {0x2, 0x8, 0x7, 0xf, 0x2, 0x9, "362aedd4"}, 0x10001, 0x2, {&(0x7f0000000040)}, 0x209})
mount$fuseblk(&(0x7f0000002440), &(0x7f0000002480)='./file0\x00', &(0x7f00000024c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000020000,user_id=', @ANYRESDEC=0x0, @ANYBLOB])

15.023244005s ago: executing program 6 (id=3758):
prlimit64(0x0, 0xe, &(0x7f0000000400)={0x8, 0x3}, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5) (async)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) (async)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$netlink(0x10, 0x3, 0x12) (async)
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0xfffffffffffffe39) (async)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f00000002c0)=0x81) (async)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
ppoll(&(0x7f0000000480)=[{r2}, {r4}, {r4, 0x1000}, {r2, 0x1}, {0xffffffffffffffff, 0x4400}, {r3, 0x100}, {r1, 0x4004}], 0x7, 0x0, &(0x7f00000001c0)={[0x2d]}, 0x8) (async)
r5 = accept4$unix(r2, &(0x7f0000000300)=@abs, &(0x7f0000000540)=0x6e, 0x181000) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x10) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0) (async)
r6 = openat$loop_ctrl(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
r7 = socket$inet6(0xa, 0x80000, 0xfffffffe)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'sit0\x00', <r8=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(r7, 0x8918, &(0x7f0000000080)={@dev={0xfe, 0x80, '\x00', 0x1a}, 0x49, r8}) (async)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000000100)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000580)=ANY=[], 0x274}}, 0x48800) (async)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0) (async)
mount$fuse(0x0, &(0x7f0000002880)='.\x00', &(0x7f00000028c0), 0x0, 0x0) (async)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x10, 0x3, &(0x7f0000000180)=ANY=[@ANYRES16=r8], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r9}, 0x10) (async)
mount$fuse(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000440), 0x20000, &(0x7f0000000580)=ANY=[])
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r6, 0x89f2, 0x0)

10.32835241s ago: executing program 4 (id=3765):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x7ff, @loopback={0xfe80000000000000}, 0x400}], 0x1c)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5}, 0x38)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r3}, 0x10)
timer_create(0x1, &(0x7f0000000580)={0x0, 0x1d, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000680))
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f0000000000)={<r5=>0x0, 0x29}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r4, 0x84, 0x75, &(0x7f0000000100)={r5, 0x2d}, &(0x7f0000000140)=0x8)
syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x2000, 0x13580}, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6}]})
timer_create(0x5, 0x0, 0x0)
r6 = syz_io_uring_setup(0x5169, &(0x7f0000000600)={0x0, 0x4000, 0x10100, 0x7fffffe}, &(0x7f0000000100), &(0x7f0000000040)=<r7=>0x0)
syz_io_uring_setup(0x360b, &(0x7f0000001040), &(0x7f0000000340)=<r8=>0x0, &(0x7f00000005c0))
syz_io_uring_submit(r8, r7, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{}, &(0x7f0000000200), &(0x7f0000000280)=r1}, 0x20)
r9 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000400), 0x40000, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x13, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000800000000000000000000730149000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$SIOCGETLINKNAME(r9, 0x89e0, &(0x7f0000000440)={0x3})
io_uring_enter(r6, 0xb15, 0x0, 0x0, 0x0, 0x0)
r11 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x30d4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r11, 0x0, 0x0)
syz_usb_control_io$hid(r11, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0x7, {[@main=@item_4, @main, @local]}}, 0x0}, 0x0)
syz_usb_control_io(r11, 0x0, &(0x7f0000000740)={0x84, &(0x7f0000000280)={0x0, 0x0, 0x2, 'u,'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000006c0)=ANY=[@ANYBLOB="480000001000030500"/20, @ANYRES8, @ANYRES64=r10], 0x48}}, 0x40000)

10.264841194s ago: executing program 8 (id=3766):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x312080, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="120100000000004043554d000000000000010902240001000000000904aa44010300010009210000000122050009058103"], 0x0)
r2 = io_uring_setup(0x4724, &(0x7f0000000140))
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc}, 0x10)
recvmmsg(r3, &(0x7f0000002840)=[{{0x0, 0x0, &(0x7f0000001600)=[{&(0x7f0000000480)=""/4085, 0xff5}], 0x1}}], 0x1, 0x12000, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
sendmmsg(r4, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000000b80)={0x2c, &(0x7f0000000080)=ANY=[@ANYBLOB="03a505", @ANYRESOCT=r0, @ANYRESDEC=r0], 0x0, 0x0, 0x0, 0x0}, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000180)={'sit0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x16}})
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000440)={@map, 0xffffffffffffffff, 0xc, 0x2008, 0x0, @value}, 0x20)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000060a0b040000000000000000020000052c000480281feaff4f8e000180080001006f73838c34152cc7919d014000000009080003400000000105000200020000000900010073797a30000000000900020073797a3000000000140000001100010000000020000000"], 0x80}}, 0x0)
write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r5], 0xffe)

10.107283269s ago: executing program 0 (id=3767):
mknod$loop(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_open_dev$video(&(0x7f0000000000), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000000000000000000000008500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000000000096000040"])
r3 = syz_open_dev$vim2m(&(0x7f0000000140), 0x8, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000100)={0xe, 0x2, 0x0, "4b9c39f88e56d5d98deee9080b0de7611ebfeef3cef83f51fdb40f0aeab9e862", 0x33424752})

9.570683558s ago: executing program 6 (id=3769):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000790c00000200000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0x10, 0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r1 = shmget$private(0x0, 0x2000, 0xb23f191a73c3f3af, &(0x7f0000ffe000/0x2000)=nil)
shmctl$SHM_LOCK(r1, 0xb)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x80002, 0x0)
r5 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
sendfile(r5, r4, 0x0, 0x80009)

7.746541633s ago: executing program 6 (id=3771):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x80882, 0x0)
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r1, 0x10d, 0xaf, &(0x7f0000000000), &(0x7f0000000080)=0x4)
write$vga_arbiter(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r5}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x54, r7, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @loopback}}, {0x14, 0x2, @in={0x2, 0x0, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)={0x54, r7, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_NODE={0x40, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x3c, 0x4, {'gcm(aes)\x00', 0x14, "e3de3d7b4cd07ec3ee777de774fc7987cca41989"}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000280)={0x34, r3, 0x1, 0x0, 0x0, {{}, {}, {0x18, 0x17, {0x0, 0x0, @l2={'eth', 0x3a, 'team0\x00'}}}}}, 0x34}}, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000140))
r8 = socket(0x10, 0x3, 0x0)
r9 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'lo\x00', <r10=>0x0})
r11 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r11, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x40, 0x1405, 0x100, 0x70bd28, 0x25dfdbfc, "", [{{0x8, 0x1, 0x2}, {0x8, 0x3, 0x4}}, {{0x8, 0x1, 0x2}, {0x8, 0x3, 0x3}}, {{0x8, 0x1, 0x1}, {0x8, 0x3, 0x4}}]}, 0x40}, 0x1, 0x0, 0x0, 0x4}, 0x40040)
sendmsg$nl_route_sched(r8, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0x1a0, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x170, 0x2, [@TCA_GRED_LIMIT={0x8}, @TCA_GRED_DPS={0x10}, @TCA_GRED_STAB={0x104, 0x2, "9ffe2b337685d6c62f148c806e5059b783f6f41b531d60250867ae03fd97e13d4cf520900107e5d7c0213877eb58f8279c529e67715fb04803db949412a38c6d9d02fd8b04ab2d8e666b94f36ec2af9912030e517e6b73aed0316b43df04e72844a49cea10b019fa406a1e6892e25a7549230fdd218023523aebe5cdd186008f46a0f071fb5b934ec50ede5ee2ea5a75895e2d45ac82bd20af920bce940ac6d53a80acccbf6b5a96ce439b317e645b263247372ca78dcb0e753d5b19769601a8976bfc4001a33aa241749564dd9bb04b33f84e0bc38517f6922294b8113662c67564baa978278fecb027c372dfc9dffaca502c57efc2726b2855587876a0e646"}, @TCA_GRED_DPS={0x10}, @TCA_GRED_PARMS={0x38, 0x1, {0xee4}}, @TCA_GRED_LIMIT={0x8}]}}]}, 0x1a0}}, 0x0)
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f00000001c0)=0x1)

7.704385963s ago: executing program 0 (id=3772):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b18, &(0x7f0000004dc0)={'wlan1\x00'})

7.624852026s ago: executing program 5 (id=3773):
ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00000004c0)=""/4096)
socket$alg(0x26, 0x5, 0x0)
socket$alg(0x26, 0x5, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x1, 0x0)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, 0x0, 0x0)
socket(0x2, 0x3, 0x6)
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x1, 0x0)
r3 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r3)

7.532295505s ago: executing program 0 (id=3774):
syz_usb_connect(0x0, 0x46, &(0x7f0000000380)=ANY=[], 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@bridge_delneigh={0x1c, 0x1c, 0x1, 0x70bd2d, 0x0, {0x7, 0x0, 0x0, r1, 0x40, 0xf2}}, 0x1c}}, 0x0)
syz_usb_connect$printer(0x7, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x239, 0x0, 0x0, 0x0, 0x40, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x40, 0x8, [{{0x9, 0x4, 0x0, 0x43, 0x2, 0x7, 0x1, 0x1, 0x1, "", {{{0x9, 0x5, 0x1, 0x2, 0x40, 0x8, 0x6, 0x6}}, [{{0x9, 0x5, 0x82, 0x2, 0x40, 0x8, 0x6, 0x7f}}]}}}]}}]}}, &(0x7f0000000200)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x150, 0x0, 0x14, 0x4, 0x40, 0x5}, 0x39, &(0x7f0000000080)={0x5, 0xf, 0x39, 0x2, [@generic={0x2a, 0x10, 0x4, "4b2a03bd1099b19586739ad58f437d302cae0798fb5d4c2c9baeabfcf3ea2c44c0a67880b60489"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x0, 0x6, 0x9, 0xaf}]}, 0x2, [{0x35, &(0x7f00000000c0)=@string={0x35, 0x3, "e2834bfe4efe369dbbb8d9c4e3dc832d6dcc30e9ce6f05a136b03f8ebef7a9511717eafecf65caa515cad72aefde2856a533c2"}}, {0xe0, &(0x7f0000000100)=@string={0xe0, 0x3, "07c99e78abb7e4abf48dbff4e583a63325fa748515066d016dc48ad5a4ef7786699120fc8a9fa9d2c7ee8d98eea7d2e4b12798181e8d22c4075457b263f154644f131b25ef9830cbeb058e7370c92a41cd6c250290260b35f30af8b698dafd4c487e61863d5336ca021c56dab38e911c8cc434cd9d8173d5b476f766faee3e0a6389836147b090a724dad002a3ed6c29948213b17f763738ecbdbb283b85f16d11a47857f47053b2f9142530520180a384bed3c0eb6da35731c23156892f75d3dd8cd8921ce849e3f490f1b6e1e479dea313713ecaa6c8e7ff3a2ff4b4a0"}}]}) (async)
syz_usb_connect$printer(0x7, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x239, 0x0, 0x0, 0x0, 0x40, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x40, 0x8, [{{0x9, 0x4, 0x0, 0x43, 0x2, 0x7, 0x1, 0x1, 0x1, "", {{{0x9, 0x5, 0x1, 0x2, 0x40, 0x8, 0x6, 0x6}}, [{{0x9, 0x5, 0x82, 0x2, 0x40, 0x8, 0x6, 0x7f}}]}}}]}}]}}, &(0x7f0000000200)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x150, 0x0, 0x14, 0x4, 0x40, 0x5}, 0x39, &(0x7f0000000080)={0x5, 0xf, 0x39, 0x2, [@generic={0x2a, 0x10, 0x4, "4b2a03bd1099b19586739ad58f437d302cae0798fb5d4c2c9baeabfcf3ea2c44c0a67880b60489"}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0x0, 0x6, 0x9, 0xaf}]}, 0x2, [{0x35, &(0x7f00000000c0)=@string={0x35, 0x3, "e2834bfe4efe369dbbb8d9c4e3dc832d6dcc30e9ce6f05a136b03f8ebef7a9511717eafecf65caa515cad72aefde2856a533c2"}}, {0xe0, &(0x7f0000000100)=@string={0xe0, 0x3, "07c99e78abb7e4abf48dbff4e583a63325fa748515066d016dc48ad5a4ef7786699120fc8a9fa9d2c7ee8d98eea7d2e4b12798181e8d22c4075457b263f154644f131b25ef9830cbeb058e7370c92a41cd6c250290260b35f30af8b698dafd4c487e61863d5336ca021c56dab38e911c8cc434cd9d8173d5b476f766faee3e0a6389836147b090a724dad002a3ed6c29948213b17f763738ecbdbb283b85f16d11a47857f47053b2f9142530520180a384bed3c0eb6da35731c23156892f75d3dd8cd8921ce849e3f490f1b6e1e479dea313713ecaa6c8e7ff3a2ff4b4a0"}}]})
pipe2$watch_queue(&(0x7f0000000280)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
ioctl$I2C_SMBUS(r2, 0x720, &(0x7f0000000340)={0x0, 0x0, 0x5, &(0x7f00000002c0)={0x10, "2a4bbf91d8e3f21cac14e4ded5614280bbc8ac2f74822eb82faa32049d89008876"}}) (async)
ioctl$I2C_SMBUS(r2, 0x720, &(0x7f0000000340)={0x0, 0x0, 0x5, &(0x7f00000002c0)={0x10, "2a4bbf91d8e3f21cac14e4ded5614280bbc8ac2f74822eb82faa32049d89008876"}})

6.751208952s ago: executing program 6 (id=3775):
mknod$loop(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r5, 0xc01864c6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r6=>0xffffffffffffffff})
dup3(r5, r6, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r7=>0x0, <r8=>0x0})
ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000001c0)=@userptr={0x50b2, 0x8, 0x4, 0x10, 0x3, {r7, r8/1000+60000}, {0x2, 0x8, 0x7, 0xf, 0x2, 0x9, "362aedd4"}, 0x10001, 0x2, {&(0x7f0000000040)}, 0x209})
mount$fuseblk(&(0x7f0000002440), &(0x7f0000002480)='./file0\x00', &(0x7f00000024c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000020000,user_id=', @ANYRESDEC=0x0, @ANYBLOB])

6.75051339s ago: executing program 8 (id=3776):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/wakeup_count', 0x242, 0x2e0)
r1 = socket$kcm(0x10, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
move_mount(0xffffffffffffffff, 0x0, r5, &(0x7f0000000300)='./file0\x00', 0x40)
r6 = socket$caif_seqpacket(0x25, 0x5, 0x0)
setsockopt$CAIFSO_REQ_PARAM(r6, 0x116, 0x80, 0x0, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r7, 0x3ba0, &(0x7f0000000100)={0x48})
ioctl$IOMMU_IOAS_MAP$PAGES(r7, 0x3b85, 0x0)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000003180)='/sys/power/sync_on_suspend', 0x242, 0x0)
write$binfmt_script(r8, &(0x7f0000000240)={'#! ', './file0'}, 0xb)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bind$packet(r8, &(0x7f0000000680)={0x11, 0x15, 0x0, 0x1, 0x5, 0x6, @broadcast}, 0x14)
close(r7)
sendmsg$kcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000000c0)="d8000000140081044e81f782db44b904021d080211000000040000a118000200e000000e00000e1208000f0100810401a80016ea1f000840032e5f54c92011148ed08734843c8802033d0803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adb", 0xd7}], 0x1, 0x0, 0x0, 0x7400}, 0x0)
sendfile(r0, r0, 0x0, 0xa)

6.659477303s ago: executing program 5 (id=3777):
r0 = socket(0x15, 0x5, 0x0)
prlimit64(0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x8, 0x4000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
accept$unix(r0, &(0x7f00000000c0), &(0x7f0000000000)=0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
syz_open_dev$loop(&(0x7f0000000240), 0x4, 0x445c01)
keyctl$chown(0x4, 0x0, 0x0, 0x0)
setgroups(0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
ioctl$TIOCGPKT(0xffffffffffffffff, 0x80045438, &(0x7f0000000140))
r4 = openat$audio1(0xffffffffffffff9c, 0x0, 0xaa481, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r4, 0x800c5012, &(0x7f0000000040))
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f0000000080)=0x10000000)
ioctl$SNDCTL_DSP_GETOSPACE(r4, 0x8010500c, 0x0)
r5 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = dup(r5)
ioctl$PTP_EXTTS_REQUEST2(r6, 0x40043d0d, &(0x7f0000000300))

5.745007585s ago: executing program 8 (id=3778):
read$char_usb(0xffffffffffffffff, &(0x7f0000000140)=""/98, 0x62)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0xd, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="18000000ffffffff0000000000010000057263030800000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000000000000850000008600000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000ffffffff7b8af8ff00000000bfa2004cd16ba7fb579043495ba96d70af4b11000000000007020000f8ffffffb703000008000000b70400000200000085000000820000001865000009000000000000000300da08b49288eb6835e187b41b000085100000f8ffffff9500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sock_ops=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
mkdir(&(0x7f0000000400)='./file1\x00', 0xa2)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(0x0, 0x0, 0x0)
mkdir(&(0x7f0000000200)='./file0\x00', 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./file0\x00')
unlinkat(r1, &(0x7f0000000280)='./file0\x00', 0x200)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_GETFSLABEL(r2, 0x81009431, &(0x7f0000000480))
getdents64(r2, &(0x7f0000000040)=""/54, 0x36)
getdents64(r2, 0xfffffffffffffffe, 0x29)
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8946, &(0x7f0000000900)={'geneve1\x00', @random='\x00\x00\x00 \x00'})
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$UI_SET_MSCBIT(r4, 0x40045568, 0x37)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r6 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a00)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f00000002c0)={r7, 0x0, {0x2a00, 0x80010000, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x6]}})
syz_kvm_setup_cpu$x86(r5, r7, &(0x7f0000fe6000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, &(0x7f00000000c0)="66b9800000c00f326635000400000f3065650f09413e0f0095709d650f205fba200066ed0f01d166b80500000066b9179900000f01c136660fc7339a621b5e00", 0x40}], 0x1, 0x4, &(0x7f0000000200), 0x0)

5.655249124s ago: executing program 4 (id=3779):
mknod$loop(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = syz_open_dev$video(&(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$VIDIOC_DQBUF(r1, 0xc0585611, &(0x7f00000001c0)=@userptr={0x50b2, 0x8, 0x4, 0x10, 0x3, {}, {0x2, 0x8, 0x7, 0xf, 0x2, 0x9, "362aedd4"}, 0x10001, 0x2, {&(0x7f0000000040)}, 0x209})
syz_open_dev$vim2m(&(0x7f0000000140), 0x8, 0x2)
mount$fuseblk(&(0x7f0000002440), &(0x7f0000002480)='./file0\x00', &(0x7f00000024c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000020000,user_id=', @ANYRESDEC=0x0, @ANYBLOB])

5.601829915s ago: executing program 8 (id=3780):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@broute={'broute\x00', 0x20, 0x1, 0x1a8, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000480], 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff000000000000000000000000001b000012000000004b28c962170b7020000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff01000000110000000000000086dd6361696630000000000000000000000076657468315f746f5f7465616d00000073797a6b616c6c65723100000000000076657468315f746f5f7465616d000000aaaaaaaaaabb0000000000000180c20000000000000000000000e8000000e80000001801000069703600000100000000000009000000000000000000000000000000000000005000000000000000fe80000000000000000000000000000000000000000000000000ffffac1e0000000000000000000000004000000000000000000080000000000000000000000000063e0049040010005f000000000000000000000000000000000800000000000400"/424]}, 0x220)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
capset(0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', <r4=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4}, [@IFLA_LINKINFO={0x14, 0x37, 0x0, 0x1, @vxcan={{0xa}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @mcast1}]}]}]}, 0x50}}, 0x0)
syz_emit_vhci(&(0x7f0000000640)=ANY=[@ANYBLOB="04040a00e0ffffff0f77042482"], 0xd)
getsockopt$bt_BT_VOICE(0xffffffffffffffff, 0x112, 0xb, 0x0, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)
creat(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='ubifs\x00', 0x8000, 0x0)
r5 = openat$uinput(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$uinput_user_dev(r5, &(0x7f0000000500)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9, 0x0, 0x0, 0x0, 0xfffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x55f8], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000]}, 0x45c)
ioctl$UI_DEV_SETUP(r5, 0x5501, 0x0)
ioctl$UI_GET_SYSNAME(r5, 0x8040552c, &(0x7f0000006480))

4.417368347s ago: executing program 8 (id=3781):
socket(0x1, 0x80802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0xffffffffffffffff, 0x1, &(0x7f0000000300)=0x5)
getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$vcsn(&(0x7f0000000000), 0x1, 0x1)
write$UHID_INPUT(r0, &(0x7f0000000d00)={0x8, {"7894e6e62ce0f10fcdce74f21ad5b47c923d4dec90cefd599912070f341d59a8802e33af9869738f25b2f72093dd0ffa688e8e417c6e0e09b99649818d7caca39e142ef69d9101397854c3f51bde013686a626b2120c03d98c0ad981069188fbbddb88bf41a6b29ed43d1244e6025e1e4a2f40577619ccee39385bfc86461023a7906e5c07d16415140f4ab26db004362c885ef2c9ee82d3dd7e2ac42ca05d81ccea87dc0ec4a8f222013d6d4d0b0c828f3d2e3151dce87bfb335c1ad67bb3323564022ab23a6ba54ca117ca592c8d4227922347ea6f7c9d3dbdbc8d235f2d03e688d5ca7718d60e911534f964bf20359a0057847e7d7fd2cc463784aab2b06ba95512cfc427da44aa73634b0797b9baab391aa176d259c047ee9d346e63903860ab3c571d064509a715c5c4c6edffce9e1701e8291c2d937e3ff18691fe9a665b1a3b717a40205f8efa239b37e6b33f5c8ac28e616f788d0294c8d39ff4a63aaca7d4c578a935dd84850432201081bc1b00c5797847eaff8cecf8af8a60f075b5ff1c3dc9e62f9a3cfc4333a7501dd8badfdc691a9d35d3fc2c0e8f1b21a2c619201004a0d82bace1738ba9ca93e6fbf8ebaa78b5423efb19d3337ad050a7a1a634737a0169921911b277ab235f8b186efd60c3eff58e974a856ba460c5fbd91c1b5c999a7f6b4474560e0c5698085e1ff96381999bf7338dddab4499c6ae315245ecc98d3ca2ebc11214a4115e9205e7d1705591be4029a5e92ae06c02ba39ac70cf1ba082ccee070bf2feafa55ac6e863adb6f89a7475c2dc073058b0f8a52151d8c3ced025463656942bfd257ace6c54bd57985a44cef1c20777db47d12bd34371ef6f537e455b7787e3a853713877fa9465937602ceef8b9439507ab802ea4eaf5ee2ecd710b1840d8b8c995b5904434198abd8f0e830857ed1af53f3bcede9d57afb1cd7ad27bf222a6d1c58286c40d22211a3b2b7b7bbf5923a528fa4d781aaec1f67e013392b17197d2f6ff2d0e68bea94ce57cc516daffdf2348333a8dc596894540aa2a79437d95465fc27627b0e26871d5248c39e1a3badb319d449a7d67145418e1a35cb4bf950a5483d6e80763ea676b89d1f1e2cea20c590c76ae9fb228ffd638ccabdb3830cf944e1cccfb7ba8b1d1f0aabc498155ddda8404ebe2e25cfcfa9058af7d66bef79e592a579d556404ea3f28d6ddb3fdead9123247e23827f729eee41540d0f0e94027d65eee4e7c1c913c634f9abf546388cd2e4b351b16bd97faae3b54f5b2750495619ec36d97a1080564fa30a9f8a2700b77340b5bbd9cc377ee35420b5b762935047af7837e973a9da42ef93c11f145704d041054bcc4680363cbbee16a2bc0eaaa49cfa23330a666dff32daa17a6ea425f1ed2354d0c36893c895a0564e100d3e1385467405ca2706cfb62453faf72b1648727faeffb3c934bc4e48e4ce93af11bff3208cb3843da7ed68451b4af747ef72e2fb78a73990c95097c9504aacddffc5caadeb171e95ad113561144907d361fd28695239f6619360b9d0eead653cc83ab13fc7c0c60237e3363b6f319daa38d792426393e2396404a112ed9e70b378f494d4b540bf9b44d76b347a12c8cdaeed350a85698eb71bd126f75b9aa0ff7435926a4a4ce04e4187eae5a80b1ff56aa7f1b005a9a057b6ace4cf08c404f66c0b31974d151e9a2840ebcbfbfd898e6694b89fe78a68b90551c9d33c14914dceff64a699c1cf1570c2d1f53e905abef9f954fbdd100b1b18f10dbd673bd6c7a9693286cf2dc0ab9919466750aa42ccfa27e9ff4190dd784ec6f2e19270521f98561a959152b16a80f0b1e183375d3886936ae03ff4949777d30481c24bbae918d5fdcc8f46ff05e2370095bc85cde086dc1e32423f21c13c42490fb679462f35dd0c4ef06f8c3f24327af47ea2c73a856f112385094fe138022e308c157adb19b94ed0e8d94b805883318b33b22f371d62f0b764b2a44b65018bef417357aa997ea4ef95a2899963e06a3c553943e14d3364b73919f5e6d8395d56d522f1b19ae37d48f1534d92e4248824adb555281aea2fb317bfb30cdc7d4efada900006f45578a061b19e2eeefffdbf1974a1633182501611724079f926122c1c8fd9b1d8e6302d76ed90616abcfcac478e3b8d3be91eee5f9c653f8fed3afc1eb33d9314aaa021e8b53ab7ba3e59b301a6c757efd95c6661d7d3e8a73cdec7833f4608dc238d8e144a5b0196a9aea6fb30efdfdb05f9529c52af93cd78d857e3cc920bf30b2292380c662890f3679c09aea55c77a75dbb4da338c0fb737a5fc31252d9fa798f9dd70947f6cfa0474a7a835c694dfbb5c678216915d1f04c81d5df8f2efde80fdbce8248525d9b639f394847b9a8c2e7f7288b031df91db059eabb750c1bfe732b78001c2cca0f74cd8873cc2a892d26e1dbd48db297853775c21d68ce1daebee4f4d65bf8e448b1c80da35eaff3295ffe0aef68baff15f7585aba741699c3ed9a62f2c18200e40cbb383b844459ca9636d61645470d4f8b04704b84a7986d816c037d368d807ab936faa842a427cc4987ab506f3f08841195c893f39656547ff62730ec43aa78311d57defe4002301f6b9e1f6573f3a46715e2d1f899480e8bc97f5dfe48ad14df280126998d32dc0a63231584b5ee82d5f90d5ccd3eb3923cee0dfe0eb9b1ac54fd97214ad86c6459cf916ba0bfc9d4210a95346d753f4bc7440d78274c4cd1850907a2bf150a1c1b511bf0438494a6aa1a197f787c96b410d866b4cb284f74122ffbb2f5fa7c2c22f935c7e1542ff83f01e3024ee6e3d7fd0fba2754e635c8116a27f15586300d6522979822c1f97038f33c644ef82e9818f4a09388cb9a69514c929e9bc149fd7a26b458d89abb5e3ae1de29ed1f28d613878a24a9296c967339b9c6749f92c720982cb78a120bcf7593c6fbae36f9a06caa384a7e5d3f05442b0a69f72518a76a916968aae56abda54dac318fd726335e95592f80d030ef51aea41d5e348267fcea65e49d8e36e711fedb3fb9ad37d3fdf2185dcc3ff44736d6a0d4b4bd1810f89ec6e0e6b6f58f74d73ddd2a27fcfaf36d1aec6c3769787a1d3b8514487a399e6497bd0bf4c4242868d599aeb2202cae535e8118d478fc43b4c8bfdcf024f36f5d7c9f75c69bc9d4d5414e8bef740bcaf9027dbdb0f47643b984406c9ce1999d7631243c26d6824ae74ab71f536e40e934a5dfea7f5c5d10713c831df6ba168f4080a4b082e94bc23c0807aab7c0bc29f327d185a2a9302cc255aa54764c4eb8ef5b17d640afa30b36572294914d51ac146f87af6f5abd97823724aba25f589e769aa1047e72365e9ee67e7f90e80542cc842aebabc97679dd893075e8a1bd6934ac9e768e20bcf4c2fa29c5f7a103d3ff689c721e08ef1d0ca61ee3e07a815aa943879dd5c406dcff6a946b0a12980620cfb224912e27accbb63b1e2d571c65918c806060dcd08d5cef341e5c5705021ec19605b809a44d2a8f6f27e18f2b8fd268e23706564df5501096fd8f8261e27d5c8b582673f0c76bf78b27f754cddb5b64a33c87841681d8eef2b5abe8a8deabee587189f75b8b518909cd2a6f89910425e8647f25077829f1b400b3abcaeff6f54ccc00f6fb7abeeefe0226e4e2b55fba0925b49be8310fc5a490384e4a5e7216b0fd0c09c00e3327ada8c59eb37443ac9148a9df92b0d4e6851cd93b784d3e0a236d9fe7c483f03d813fc98e632cf6255dc4a70a0458570776509ebfb545f35956c7e32493f6ad886ec858bfc29bffb7f2ae7eed7d83e3075554dd81e72c93f4c2e4dcdb0832e76861b983b17c2a6f887a988e4fd47459fd45134560b5b1bec10c50914f2d7f327a4e68a0c453f067035f243ca01aa22969481d5fb48d1da82f35222c4e8d249625c454159f7b00a85d43414eb5e7c8044922b323f2473af648d1dba5ffff34bd5e023a2fe4860d7568fa4d35ad20c461eb38bced561edcef853dbcdd7b69bb40e9cda525a71a286c956a1268cacad0bc0c79ed7632aedbb8dc78ba1a2adea2b650314072d1ebc08f9753d6d38e53a758ea4700160588e819239711a506f004ec57037cd6efcbb9cee3bba556eaaa008bf8e8390085b85653c7aa006dd836c7ad025bed9dec77a4a00b309776862fca4dd01dff16aa6bd70a876662093b85ffbb07b2f8b4361f5dc635f940571239a71865e8f1a289f449ae9a74266205c8b1fe8a732db502c9ea5e5c379b704d43ef795b40450aa498535803767d2c2cbd2749474d2997e00f37612fcc0ae7322b8c8e2a90cf66ada69bd05b82d5707562b37e40674f0a3f58d9c776a931b8768d5c23f17c5f9135e7a4ce0c6eb356d9fb4a53d112194c19e6f045d2bd44132a70b9ccd7e65d2787899785f7ee9185589136c847347142440e0a405c18ff3f31acb791a805dd281aaf97aee708dcce2f1aa53161b7716fa0978c0d02871637ad7e1af5a158b727a1dfc2ae1aafbb9c516469ee89fa0f1de23a17115ded5e9c560a468c5192943be74aeaba51083ca0379563f1fa78e29eca1eaf849cd00f419ceb59e640248c332c845e68e9a398281b962ae59aa5b18006b6ea6e0c5f1b30665e1fb975da11ed6a47bd44b4241bbf0443f178e8249805cc3f980a4bb2f46baab0a12e9e9b2aaa7e0ca22b2314a9e5ef6412f4efe31381e3d716244af3112444eabbb0c353acafc0f1179ad4c63b81e5f5bfd771591d24e5254fa72e30aa53717c24b49cee71cdd9368e207af5e992a04f06de912cfcfca38732f5c8393d466d209680ebfa5764897f04531138beff3f65691593e334c2ae2825ffa9353e8aeef37b90691ea5c78d7c86124abf6491a068bf03c3467e5e42ca4b58192d17856722207568777141ccbef3f3891708897af9c196be92056527a8da820d28dccaf4dfed4d38fb8fe826b238d31bad751631a0d8b1eabdfa7bffe65241238ff982d21b2222cdd3a536385d0ab2180ccdf4672d0b21156377fe640ee8c8744b9ba1efce91c295e83a4271a34a1f70adbc2ff0aa6ba9e1965061cadcd3d824636bbc1f977c78dde1859d752c86b099705616edf6e94523f108af79ab5073d26f3788c4d56f1b17b764c1bc387e531dab5dd71198c56b02c68552dc1098beec85dc1bbe2dde316e6093a9a33f578d789da9b2a9209ed6e73a0597bc62467afc42f0348c9b885b92f37569a953f6316d5c8b188539474da3836abeae7ec259cf8fd28f02593597e9206e05e8da4f4346aab36f179deb68a9dab9b550d6fe4f0c88563935328a699b9cbb2015be57c28beaf60be499114f04a96a2f7fb3bf3b5b31e422954c96790aa1e49c5bc1946df0df2b4be63c0aac1ddcf187714f6e67a076a823feaeba5db4a99e5f494ec939d1b0ecd23752c08c3b788704612127e7f080ef581b4990accd6dca7ce52844bc7bbc8c8752497c171d8e628c53609a920fb5a1bc740cb05e2035de72f636ef0498ed2f3cccb64d5740afbc30015442ca0511160787b2c763072c70035f7f3bbbd3966bcc80d021ce1482e27681b963a28189c2ee9d64d0622a94eac689d3fc1a4137c4d62a4c73fab4b0175a8ff8fa256118affd94aaeee33b155043f53d9e3d4eb82173df0938c6c3e51c118c1acf187c84f12090ad1dd663013e433455290f87ca88959f9f481e4dd05e6a483abe00f7c974e5ff602a7a6eaa71f8ac06c50afac0c2858b554f59bf88002766a619ae9b0864926d07b273238e1ebd456543f77ea800231dbf4479f0b90fc607", 0x1000}}, 0x1006)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000040)={0x3, 0x2, 0x6, 0x1, 0x8})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newlink={0x68, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x215, 0xffe}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r4}, @IFLA_IFALIAS={0x14, 0x14, 'veth1_virt_wifi\x00'}, @IFLA_MTU={0x8, 0x4, 0x8}]}, 0x68}, 0x1, 0xba01, 0x0, 0x4010}, 0x4000000)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)
fanotify_init(0x0, 0x0)
open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
syz_open_procfs(0x0, 0x0)

3.630407045s ago: executing program 6 (id=3782):
mknod$loop(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_open_dev$video(&(0x7f0000000000), 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000000000000000000000000008500"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000000000096000040"])
r3 = syz_open_dev$vim2m(&(0x7f0000000140), 0x8, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000100)={0xe, 0x2, 0x0, "4b9c39f88e56d5d98deee9080b0de7611ebfeef3cef83f51fdb40f0aeab9e862", 0x33424752})

3.454957565s ago: executing program 0 (id=3783):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x16, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
socket$kcm(0x2, 0xa, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0f00001f04000000040000001200000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000380)=ANY=[@ANYRES32=r4, @ANYRES32=r3, @ANYBLOB='&\x00'/12, @ANYRES32], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000080)=r1}, 0x20)
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000600)={0xffffffffffffffff, 0x20, &(0x7f00000005c0)={&(0x7f00000003c0)=""/76, 0x4c, <r6=>0x0, &(0x7f0000000440)=""/87, 0x57}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000001900)={0x11, 0x16, &(0x7f00000019c0)=ANY=[@ANYBLOB="1800000002000000000000000300000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018600000090000000000000009000012000097a95de2ff08d6836de9ff4f5564d58b91cfa97a8619ec83b1a2ab2399fc88d0a74de463a754acdad74401542d88fb7402b93059ae9eb88d511f4faf9844589232426227de4cfaefd903fddfefedd6f7129dc39611dd1c03edd5ca6f8e6fe99d6def37ecd440bdec096d0ce446c8e298dd04d3aab1d1c46a10fcaaf6ed2ee7fa623909474d99d7cb2078cacb8e8f4e9733eeb14845fda173a399c15a", @ANYRES32, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000bf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x20, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000001640)={0x1c, 0xc, &(0x7f00000014c0)=ANY=[@ANYBLOB="1800000000000005130000000000000000002d00", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000cd0600007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000100000085000000820000009500000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x5, 0xa5, &(0x7f0000001540)=""/165, 0x41100, 0x20, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0)={0x3, 0xe, 0xfffffc01, 0xfffffffb}, 0x10, r6, r0, 0x0, &(0x7f0000001600)=[r5], 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$inet(r2, &(0x7f0000000500)={0x0, 0x4000000, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0)
r7 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000680)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869be191587e037fa4457f064b8dfa1b39c451ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0a5ee10b3f4bf647c67f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd9507f16aede7d0e7e6c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2ffa6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a56e37397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e804d15ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed97049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3596], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r8}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r9 = syz_io_uring_complete(r7)
r10 = socket(0x10, 0x3, 0x0)
r11 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r11, 0x8933, 0x0)
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000300)={'gretap0\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r12, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001780)=ANY=[@ANYBLOB="0300000004000000040000000a00009d3d000000fe999c1e34be0741a36804d0cf58a2ae72fe7cfe4634c75a584ee24f8e70b2ea477f9fe4f1241317856679a79416983f56a9a0bd000b0e4c4087f18912107f672e4612340e2a", @ANYRES32=r9, @ANYBLOB="0500"/20, @ANYRES32=r12, @ANYRES32=r9, @ANYBLOB="00000000000000000200"/28], 0x50)
getsockopt$inet6_mptcp_buf(r9, 0x11c, 0x3, &(0x7f00000002c0)=""/119, &(0x7f00000001c0)=0x77)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

2.898975917s ago: executing program 4 (id=3784):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b18, &(0x7f0000004dc0)={'wlan1\x00'})

2.771916494s ago: executing program 5 (id=3785):
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0)=0xf9)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
sendmsg$RDMA_NLDEV_CMD_SET(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB="480000000214010028bd7000fddbdf250900020073797a310000000008000100000000"], 0x48}, 0x1, 0x0, 0x0, 0x4000801}, 0x0)
r5 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x80201, 0x0)
write$rfkill(r5, &(0x7f0000000000)={0x0, 0x8, 0x2, 0x1}, 0x8)
add_key(&(0x7f0000000140)='ceph\x00', 0x0, &(0x7f0000000040), 0x0, 0x0)
unshare(0x2000680)
connect$tipc(0xffffffffffffffff, &(0x7f0000000100)=@id={0x1e, 0x3, 0x3, {0x4e23, 0x3}}, 0x10)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x4e24, @local}, 0x10)

2.771122159s ago: executing program 6 (id=3786):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x458, 0x153, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x4, [{{0x9, 0x4, 0x0, 0x70, 0x1, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x0, 0xc0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x8}}}}}]}}]}}, 0x0)
r1 = fsopen(&(0x7f0000000280)='binfmt_misc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x9c, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x44, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x1}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x9c}, 0x1, 0x0, 0x0, 0x4041}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x98, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x98}}, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0x8001)
getsockopt$SO_J1939_PROMISC(r4, 0x6b, 0x2, &(0x7f00000007c0), &(0x7f0000000800)=0x4)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f00000000c0)={0x0, 0x0, 0x7, {0x7, 0x0, "a7ea31d2a5"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r6, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000400)={0x34, r5, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random='<'}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x148c}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x6}]]}, 0x34}}, 0x0)
syz_usb_control_io(r0, &(0x7f0000000200)={0x2c, &(0x7f0000000840)={0x40, 0x10, 0xc3, {0xc3, 0x23, "b084e4239bac2ec2d72ca339d5894277c9184d4fc99408996fa5e839f7d8bab59dda27121938e672f6cb58ed97ec86f8a107e98a8d9781111f7c6d55e240ff09071f2ddf911343aa38b8ede6c48310ad13d3f0b1e0ce5e438ba4a2a82ba4619b71cb357df160ab2c0d2f1acd8ac717944d66da93581014617036fe060aec57c58b240e762e330e7069578a9bc3d0b155f0b3ca41eceb4b1fb37a211c08961408f5d192498b61bf7cb31ac39e008734846bd356c806e8df5d0766b8c12e988ee119"}}, &(0x7f0000000100)={0x0, 0x3, 0x5e, @string={0x5e, 0x3, "2bad71852b819dcf05b8d36b853909cfefc666db48c30d0400fecbdef78a647acfe05b82b2915d47f925802e85bf9fa0919717fb582b4cbb140422fc7e8d50aeae12f36aea768940766a4f586f06dc85a0a2597f291667a64b8c65d6"}}, &(0x7f0000000040)={0x0, 0xf, 0xf, {0x5, 0xf, 0xf, 0x2, [@ext_cap={0x7, 0x10, 0x2, 0x8, 0x5, 0x1}, @ptm_cap={0x3}]}}, &(0x7f0000000180)={0x20, 0x29, 0xf, {0xf, 0x29, 0x9, 0x60, 0xb, 0xe, "602e39bb", "30b044f2"}}, &(0x7f00000001c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x3, 0x8, 0x4, 0x1, 0x5, 0xfffb, 0x400}}}, &(0x7f00000006c0)={0x84, &(0x7f0000000240)={0x0, 0x6, 0x4f, "b3d1121d2dc5d1c3c210b12b440ee6500fa9518fd272047b8399cf5ae0028ad3521db899750462556b2cf4081ac86007d893e321a497181d220e472aefda50b4e2fb2aa1b224abae8ef0afc1c45e11"}, &(0x7f00000002c0)={0x0, 0xa, 0x1, 0xfc}, &(0x7f0000000300)={0x0, 0x8, 0x1, 0x5}, &(0x7f0000000340)={0x20, 0x0, 0x4, {0x1, 0x1}}, &(0x7f0000000380)={0x20, 0x0, 0x8, {0xa9, 0x40, [0xf]}}, &(0x7f0000000400)={0x40, 0x7, 0x2, 0x4}, &(0x7f0000000440)={0x40, 0x9, 0x1, 0x94}, &(0x7f0000000480)={0x40, 0xb, 0x2, "8819"}, &(0x7f00000004c0)={0x40, 0xf, 0x2, 0x1}, &(0x7f0000000500)={0x40, 0x13, 0x6, @multicast}, &(0x7f0000000540)={0x40, 0x17, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}}, &(0x7f0000000580)={0x40, 0x19, 0x2, "a405"}, &(0x7f00000005c0)={0x40, 0x1a, 0x2, 0x4}, &(0x7f0000000600)={0x40, 0x1c, 0x1, 0x3}, &(0x7f0000000640)={0x40, 0x1e, 0x1, 0xc}, &(0x7f0000000680)={0x40, 0x21, 0x1, 0x3}})

2.697402743s ago: executing program 4 (id=3787):
ioctl$KVM_GET_SUPPORTED_CPUID(0xffffffffffffffff, 0xc008ae05, &(0x7f00000004c0)=""/4096)
socket$alg(0x26, 0x5, 0x0)
socket$alg(0x26, 0x5, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x1, 0x0)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, 0x0, 0x0)
socket(0x2, 0x3, 0x6)
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x1, 0x0)
r3 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r3)

1.290207296s ago: executing program 5 (id=3788):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008"], 0x7c}}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x2100, &(0x7f0000000580)={&(0x7f0000000380)=ANY=[@ANYBLOB="8000000010000304000000000004000000000300", @ANYRES32=0x0, @ANYBLOB="032e000000000000500012800e0001006970366772657461700000003c000280060011004e22000014000700feffffff0000000000000000000000010400120008000c0003000000060018000000000008001500ece203", @ANYRES8, @ANYBLOB='\b\x00\n'], 0x80}}, 0x0)

1.167115584s ago: executing program 0 (id=3789):
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(0x0, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000040)={'wlan1\x00', {0x2, 0x4e23, @broadcast}})
ioctl$sock_inet_SIOCSIFADDR(r1, 0x891c, &(0x7f0000000080)={'wlan1\x00', {0x2, 0x4000, @empty=0xfe000000}})
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x64, 0x3, 0x300, 0x6e, 0xffffffad, 0x190, 0x190, 0x190, 0x268, 0x268, 0x268, 0x268, 0x268, 0x3, 0x0, {[{{@ip={@remote, @local={0xac, 0x14, 0xd}, 0x0, 0x0, 'caif0\x00', 'ip6tnl0\x00'}, 0x0, 0x130, 0x190, 0xffffffc5, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "bdc74c01369df17d17ac76fa5f9b3bfa0c34430d864040bc25b2b73a59aa6ecab6b1d2cc05e3182f64694d7d05fb8b8c8f56627a54f905d564eeeb8334f650ca0f3c44f7fda4d20a55050342ea85ecc8838e7088de33582f36a0a375bb7008adc297a5ece1bb2df53d17bef26bb6f800", 0x7f, 0x2}}]}, @common=@SET={0x60}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, 0x0, 0x0, 'team0\x00', 'team0\x00'}, 0x0, 0x98, 0xd8, 0x0, {}, [@common=@inet=@set1={{0x28}}]}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x360)
r3 = socket$packet(0x11, 0x3, 0x300)
bind(r3, &(0x7f0000000180)=@un=@abs={0x0, 0x0, 0x4e21}, 0x80)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, 0x0, 0x0)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f000000bdc0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_DEL_KEY(0xffffffffffffffff, &(0x7f000000bf00)={0x0, 0x0, &(0x7f000000bec0)={&(0x7f0000000780)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="01002dbd7000000000000c00000008000300", @ANYRES32=r7, @ANYBLOB="0a00060008c224014d8f8e0000e7e4fa9015357092ea29d0056a49fb9256584d66e36bd05c6186e39682b795df"], 0x28}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_START_AP(r6, &(0x7f0000000700)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x1c, 0x0, 0x400, 0x70bd26, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20004000}, 0x8840)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f0000000740)=@raw=[@call={0x85, 0x0, 0x0, 0x78}, @cb_func={0x18, 0x4, 0x4, 0x0, 0xfffffffffffffffa}], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000880)={r9, r6}, 0x7)
setsockopt$inet_sctp_SCTP_CONTEXT(r5, 0x84, 0x83, &(0x7f0000000140), 0x8)
mbind(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8000, 0x0, 0x4737, 0x3)
futex(&(0x7f00000002c0), 0x2, 0x2, &(0x7f0000000800)={0x77359400}, &(0x7f0000000840)=0x1, 0x2)

1.100373165s ago: executing program 4 (id=3790):
r0 = socket(0x10, 0x80002, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000080)=0x40, 0x4)
socket$packet(0x11, 0x3, 0x300)
creat(&(0x7f0000000040)='./file0\x00', 0xb2)
sendmmsg$inet(r1, 0x0, 0x0, 0x4000004)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[], 0x17}, 0x9, 0x0, 0x0, 0x95}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
read$msr(r2, &(0x7f0000019240)=""/102385, 0xfffffffffffffe52)
close(0xffffffffffffffff)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000240), 0x80a00, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x200400, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='blkio.bfq.io_serviced\x00', 0x26e1, 0x0)
close(r3)
ioctl$SIOCSIFHWADDR(r3, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random='\\\x00\x00 \x00'})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
recvmsg(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xf8}], 0x1}, 0x1f00)
sendmmsg$sock(r5, &(0x7f0000003bc0)=[{{0x0, 0xfe3d, 0x0}}, {{0x0, 0x0, 0x0}}], 0x4000000000002ca, 0x4040014)
ioctl$TIOCL_BLANKSCREEN(0xffffffffffffffff, 0x5609, &(0x7f0000000000))

1.083404119s ago: executing program 8 (id=3791):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x2c, r2, 0x1, 0x70bd2c, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x4}]}, 0x2c}}, 0x0)

943.195732ms ago: executing program 0 (id=3792):
mknod$loop(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r5, 0xc01864c6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r6=>0xffffffffffffffff})
dup3(r5, r6, 0x0)
clock_gettime(0x0, &(0x7f0000000080)={<r7=>0x0, <r8=>0x0})
ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f00000001c0)=@userptr={0x50b2, 0x8, 0x4, 0x10, 0x3, {r7, r8/1000+60000}, {0x2, 0x8, 0x7, 0xf, 0x2, 0x9, "362aedd4"}, 0x10001, 0x2, {&(0x7f0000000040)}, 0x209})
mount$fuseblk(&(0x7f0000002440), &(0x7f0000002480)='./file0\x00', &(0x7f00000024c0), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000020000,user_id=', @ANYRESDEC=0x0, @ANYBLOB])

771.251236ms ago: executing program 5 (id=3793):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000790c00000200000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
shmctl$SHM_LOCK(0x0, 0xb)
shmctl$SHM_LOCK(0x0, 0xb)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x80002, 0x0)
r3 = openat$null(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
sendfile(r3, r2, 0x0, 0x80009)

0s ago: executing program 5 (id=3794):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f00000001c0), 0xa200, 0x0)
ioctl$FBIOPUT_CON2FBMAP(r1, 0x4610, &(0x7f0000000240)={0x10, 0x1})
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x5000005, 0x13, r0, 0x80a4b000)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f00000000c0)={'\x00', 0x6, 0x7, 0x7fff, 0x5, 0xf1a})
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0x6}, @hci_ev_le_phy_update_complete={{}, {0x8, 0xc8, 0x7, 0x3}}}}, 0x9)
r2 = getpid()
prctl$PR_SCHED_CORE(0x3e, 0x0, r2, 0x0, &(0x7f0000000000))

kernel console output (not intermixed with test programs):

[T16980]  ? do_syscall_64+0xb6/0x230
[ 1049.840459][T16980]  do_syscall_64+0xf3/0x230
[ 1049.844952][T16980]  ? clear_bhb_loop+0x35/0x90
[ 1049.849633][T16980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1049.855540][T16980] RIP: 0033:0x7f67f2f85d19
[ 1049.859946][T16980] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1049.879546][T16980] RSP: 002b:00007f67f3e80038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1049.887956][T16980] RAX: ffffffffffffffda RBX: 00007f67f3175fa0 RCX: 00007f67f2f85d19
[ 1049.895918][T16980] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000004
[ 1049.903882][T16980] RBP: 00007f67f3e80090 R08: 0000000000000000 R09: 0000000000000000
[ 1049.911844][T16980] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1049.919801][T16980] R13: 0000000000000000 R14: 00007f67f3175fa0 R15: 00007ffc0babe7a8
[ 1049.927772][T16980]  </TASK>
[ 1050.130253][T16987] smb3: Unknown parameter 'rdma'
[ 1051.014207][T16990] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1051.046530][T16990] team0: Port device bond1 added
[ 1052.939506][T17024] netlink: ct family unspecified
[ 1052.944674][T17024] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1054.298521][T17042] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2986'.
[ 1054.327074][T17034] fuse: Bad value for 'fd'
[ 1054.395806][T17042] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2986'.
[ 1057.123443][T17050] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1057.563490][T17072] netlink: ct family unspecified
[ 1057.568721][T17072] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1060.039826][   T29] audit: type=1326 audit(2000004819.317:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17078 comm="syz.8.2995" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f61ecf85d19 code=0x0
[ 1060.120164][T17104] netlink: 48 bytes leftover after parsing attributes in process `syz.9.3002'.
[ 1061.698184][T17127] netlink: ct family unspecified
[ 1061.703313][T17127] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1061.907092][ T7738] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1063.047419][T17141] netlink: 'syz.8.3011': attribute type 8 has an invalid length.
[ 1063.055941][T17141] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3011'.
[ 1063.137655][T17148] netlink: 20 bytes leftover after parsing attributes in process `syz.9.3012'.
[ 1063.225971][T17150] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1063.245007][T17150] netlink: 'syz.5.3010': attribute type 2 has an invalid length.
[ 1063.252981][T17150] netlink: 'syz.5.3010': attribute type 8 has an invalid length.
[ 1063.260860][T17150] netlink: 132 bytes leftover after parsing attributes in process `syz.5.3010'.
[ 1063.321591][T17148] FAULT_INJECTION: forcing a failure.
[ 1063.321591][T17148] name failslab, interval 1, probability 0, space 0, times 0
[ 1063.650342][T17148] CPU: 0 UID: 0 PID: 17148 Comm: syz.9.3012 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0
[ 1063.661168][T17148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1063.671243][T17148] Call Trace:
[ 1063.674546][T17148]  <TASK>
[ 1063.677498][T17148]  dump_stack_lvl+0x241/0x360
[ 1063.682208][T17148]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1063.687426][T17148]  ? __pfx__printk+0x10/0x10
[ 1063.692040][T17148]  ? skb_clone+0xf7/0x390
[ 1063.696397][T17148]  should_fail_ex+0x3b0/0x4e0
[ 1063.701092][T17148]  should_failslab+0xac/0x100
[ 1063.705792][T17148]  ? skb_clone+0x20c/0x390
[ 1063.710223][T17148]  kmem_cache_alloc_noprof+0x70/0x380
[ 1063.715615][T17148]  skb_clone+0x20c/0x390
[ 1063.719887][T17148]  __netlink_deliver_tap+0x3cc/0x7f0
[ 1063.725206][T17148]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1063.730422][T17148]  netlink_deliver_tap+0x19d/0x1b0
[ 1063.735561][T17148]  netlink_sendskb+0x68/0x140
[ 1063.740265][T17148]  netlink_unicast+0x39d/0x990
[ 1063.745056][T17148]  ? __pfx_netlink_unicast+0x10/0x10
[ 1063.750369][T17148]  netlink_rcv_skb+0x262/0x430
[ 1063.755147][T17148]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1063.760631][T17148]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1063.765959][T17148]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1063.771176][T17148]  netlink_unicast+0x7f6/0x990
[ 1063.776063][T17148]  ? __pfx_netlink_unicast+0x10/0x10
[ 1063.781370][T17148]  ? __virt_addr_valid+0x45f/0x530
[ 1063.786506][T17148]  ? __phys_addr_symbol+0x2f/0x70
[ 1063.791564][T17148]  ? __check_object_size+0x47a/0x730
[ 1063.796877][T17148]  netlink_sendmsg+0x8e4/0xcb0
[ 1063.801673][T17148]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1063.806986][T17148]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1063.812284][T17148]  __sock_sendmsg+0x221/0x270
[ 1063.816990][T17148]  ____sys_sendmsg+0x52a/0x7e0
[ 1063.821794][T17148]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1063.827094][T17148]  ? __fget_files+0x2a/0x410
[ 1063.831702][T17148]  ? __fget_files+0x2a/0x410
[ 1063.836320][T17148]  __sys_sendmsg+0x269/0x350
[ 1063.840927][T17148]  ? __pfx_lock_release+0x10/0x10
[ 1063.845970][T17148]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1063.851114][T17148]  ? __pfx_vfs_write+0x10/0x10
[ 1063.855921][T17148]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1063.862268][T17148]  ? do_syscall_64+0x100/0x230
[ 1063.867055][T17148]  ? do_syscall_64+0xb6/0x230
[ 1063.871759][T17148]  do_syscall_64+0xf3/0x230
[ 1063.876289][T17148]  ? clear_bhb_loop+0x35/0x90
[ 1063.880988][T17148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1063.886910][T17148] RIP: 0033:0x7eff32785d19
[ 1063.891334][T17148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1063.910948][T17148] RSP: 002b:00007eff305f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1063.919366][T17148] RAX: ffffffffffffffda RBX: 00007eff32975fa0 RCX: 00007eff32785d19
[ 1063.927335][T17148] RDX: 0000000000000000 RSI: 00000000200006c0 RDI: 0000000000000003
[ 1063.935301][T17148] RBP: 00007eff305f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1063.943268][T17148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1063.951235][T17148] R13: 0000000000000000 R14: 00007eff32975fa0 R15: 00007ffde427c138
[ 1063.959214][T17148]  </TASK>
[ 1066.117881][T17181] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3019'.
[ 1066.128030][T17181] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3019'.
[ 1066.144420][T17181] netlink: 'syz.5.3019': attribute type 20 has an invalid length.
[ 1066.326322][ T5901] usb 10-1: new high-speed USB device number 28 using dummy_hcd
[ 1066.634537][ T5901] usb 10-1: Using ep0 maxpacket: 8
[ 1066.693881][ T5901] usb 10-1: unable to read config index 0 descriptor/start: -61
[ 1066.788480][ T5901] usb 10-1: can't read configurations, error -61
[ 1066.985765][ T5901] usb 10-1: new high-speed USB device number 29 using dummy_hcd
[ 1067.906746][ T5901] usb 10-1: Using ep0 maxpacket: 8
[ 1068.099075][ T5901] usb 10-1: device descriptor read/all, error -71
[ 1068.109895][ T5901] usb usb10-port1: attempt power cycle
[ 1068.589996][T17211] tipc: Started in network mode
[ 1068.602542][T17211] tipc: Node identity aaaaaaaaaa41, cluster identity 4711
[ 1068.799102][T17211] tipc: Enabled bearer <eth:geneve1>, priority 10
[ 1070.020033][  T974] tipc: Node number set to 15444650
[ 1070.239123][T17235] netlink: 'syz.5.3032': attribute type 5 has an invalid length.
[ 1071.512845][T17243] sctp: [Deprecated]: syz.5.3035 (pid 17243) Use of int in max_burst socket option.
[ 1071.512845][T17243] Use struct sctp_assoc_value instead
[ 1072.192994][T17252] FAULT_INJECTION: forcing a failure.
[ 1072.192994][T17252] name failslab, interval 1, probability 0, space 0, times 0
[ 1072.212362][T17252] CPU: 1 UID: 0 PID: 17252 Comm: syz.8.3037 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0
[ 1072.223178][T17252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1072.235586][T17252] Call Trace:
[ 1072.235602][T17252]  <TASK>
[ 1072.235612][T17252]  dump_stack_lvl+0x241/0x360
[ 1072.235644][T17252]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1072.235668][T17252]  ? __pfx__printk+0x10/0x10
[ 1072.235693][T17252]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[ 1072.235715][T17252]  ? __pfx___might_resched+0x10/0x10
[ 1072.235747][T17252]  should_fail_ex+0x3b0/0x4e0
[ 1072.235772][T17252]  should_failslab+0xac/0x100
[ 1072.235800][T17252]  kmem_cache_alloc_node_noprof+0x77/0x380
[ 1072.235820][T17252]  ? __alloc_skb+0x1c3/0x440
[ 1072.235845][T17252]  __alloc_skb+0x1c3/0x440
[ 1072.235870][T17252]  ? __pfx___alloc_skb+0x10/0x10
[ 1072.235894][T17252]  ? netlink_ack_tlv_len+0x6e/0x200
[ 1072.235918][T17252]  netlink_ack+0x145/0xa50
[ 1072.235952][T17252]  netlink_rcv_skb+0x262/0x430
[ 1072.235974][T17252]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1072.236000][T17252]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1072.236042][T17252]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1072.236065][T17252]  netlink_unicast+0x7f6/0x990
[ 1072.236100][T17252]  ? __pfx_netlink_unicast+0x10/0x10
[ 1072.236124][T17252]  ? __virt_addr_valid+0x45f/0x530
[ 1072.236147][T17252]  ? __phys_addr_symbol+0x2f/0x70
[ 1072.236168][T17252]  ? __check_object_size+0x47a/0x730
[ 1072.236199][T17252]  netlink_sendmsg+0x8e4/0xcb0
[ 1072.236230][T17252]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1072.236263][T17252]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1072.236283][T17252]  __sock_sendmsg+0x221/0x270
[ 1072.236311][T17252]  ____sys_sendmsg+0x52a/0x7e0
[ 1072.236342][T17252]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1072.236369][T17252]  ? __fget_files+0x2a/0x410
[ 1072.236392][T17252]  ? __fget_files+0x2a/0x410
[ 1072.236420][T17252]  __sys_sendmsg+0x269/0x350
[ 1072.236442][T17252]  ? __pfx_lock_release+0x10/0x10
[ 1072.236466][T17252]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1072.236500][T17252]  ? __pfx_vfs_write+0x10/0x10
[ 1072.236548][T17252]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1072.236571][T17252]  ? do_syscall_64+0x100/0x230
[ 1072.236600][T17252]  ? do_syscall_64+0xb6/0x230
[ 1072.236626][T17252]  do_syscall_64+0xf3/0x230
[ 1072.236651][T17252]  ? clear_bhb_loop+0x35/0x90
[ 1072.236672][T17252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1072.236697][T17252] RIP: 0033:0x7f61ecf85d19
[ 1072.236717][T17252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1072.236733][T17252] RSP: 002b:00007f61eddf2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1072.236757][T17252] RAX: ffffffffffffffda RBX: 00007f61ed175fa0 RCX: 00007f61ecf85d19
[ 1072.236772][T17252] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000003
[ 1072.236786][T17252] RBP: 00007f61eddf2090 R08: 0000000000000000 R09: 0000000000000000
[ 1072.236799][T17252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1072.236812][T17252] R13: 0000000000000000 R14: 00007f61ed175fa0 R15: 00007ffcee160c78
[ 1072.515874][T17252]  </TASK>
[ 1072.518997][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1072.570652][  T974] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[ 1072.832790][  T974] usb 5-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.00
[ 1072.858424][  T974] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1072.879664][  T974] usb 5-1: config 0 descriptor??
[ 1072.890289][  T974] go7007 5-1:0.0: probe with driver go7007 failed with error -12
[ 1072.910579][T17269] dlm: no local IP address has been set
[ 1072.918470][T17269] dlm: cannot start dlm midcomms -107
[ 1073.118563][  T974] usb 5-1: USB disconnect, device number 59
[ 1073.302035][T17274] netlink: ct family unspecified
[ 1073.307333][T17274] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1077.244592][T17298] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1079.098151][T17325] netlink: ct family unspecified
[ 1079.103347][T17325] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1080.654508][T17335] netlink: 243 bytes leftover after parsing attributes in process `syz.6.3062'.
[ 1080.663646][T17335] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1083.383855][T17363] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1083.946687][ T7228] usb 9-1: new high-speed USB device number 26 using dummy_hcd
[ 1084.121216][ T7228] usb 9-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1084.130103][ T7228] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1084.154528][ T7228] usb 9-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1084.163671][ T7228] usb 9-1: config 1 has no interface number 1
[ 1084.173129][ T7228] usb 9-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1084.186902][ T7228] usb 9-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1084.200245][ T5901] usb 10-1: new full-speed USB device number 31 using dummy_hcd
[ 1084.248218][ T7228] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1084.260076][ T7228] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1084.270290][ T7228] usb 9-1: Product: syz
[ 1084.279170][ T7228] usb 9-1: Manufacturer: syz
[ 1084.299676][ T7228] usb 9-1: SerialNumber: syz
[ 1084.391500][ T5901] usb 10-1: device descriptor read/64, error -71
[ 1084.684171][ T5901] usb 10-1: new full-speed USB device number 32 using dummy_hcd
[ 1084.812925][ T7228] usb 9-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[ 1084.834628][ T7228] usb 9-1: MIDIStreaming interface descriptor not found
[ 1084.922665][ T5901] usb 10-1: device descriptor read/64, error -71
[ 1085.065322][ T5901] usb usb10-port1: attempt power cycle
[ 1085.129339][T17356] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1085.475000][ T5901] usb 10-1: new full-speed USB device number 33 using dummy_hcd
[ 1085.494837][ T7228] usb 9-1: USB disconnect, device number 26
[ 1085.503019][ T5901] usb 10-1: device descriptor read/8, error -71
[ 1085.656536][T17388] netlink: 243 bytes leftover after parsing attributes in process `syz.4.3078'.
[ 1085.666078][T17388] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1085.852818][T17382] udevd[17382]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1085.869333][ T5901] usb 10-1: new full-speed USB device number 34 using dummy_hcd
[ 1086.092803][ T5901] usb 10-1: device descriptor read/8, error -71
[ 1086.230107][ T5901] usb usb10-port1: unable to enumerate USB device
[ 1087.102153][T17397] netlink: 44 bytes leftover after parsing attributes in process `syz.5.3079'.
[ 1087.189892][T17400] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3080'.
[ 1087.718264][ T5901] usb 10-1: new high-speed USB device number 35 using dummy_hcd
[ 1087.892908][T15160] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[ 1087.952197][ T5901] usb 10-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=a2.bf
[ 1087.962828][ T5901] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1087.983700][ T5901] usb 10-1: Product: syz
[ 1087.994628][ T5901] usb 10-1: Manufacturer: syz
[ 1088.005567][ T5901] usb 10-1: SerialNumber: syz
[ 1088.018996][ T5901] usb 10-1: config 0 descriptor??
[ 1088.040821][ T5901] ssu100 10-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[ 1088.108316][T15160] usb 5-1: Using ep0 maxpacket: 32
[ 1088.143745][T15160] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1088.162844][T15160] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1088.172666][T15160] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1088.216613][T15160] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1088.230214][T15160] usb 5-1: config 0 descriptor??
[ 1088.464061][ T5901] ssu100 10-1:0.0: probe with driver ssu100 failed with error -110
[ 1088.994753][  T974] usb 10-1: USB disconnect, device number 35
[ 1089.638174][T15160] savu 0003:1E7D:2D5A.000F: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0
[ 1089.919548][T17427] xt_cgroup: xt_cgroup: no path or classid specified
[ 1089.944140][T15160] usb 5-1: USB disconnect, device number 60
[ 1091.611963][T17435] netlink: 243 bytes leftover after parsing attributes in process `syz.9.3091'.
[ 1091.621187][T17435] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1092.511142][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1092.528386][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1096.897748][T14511] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1097.775790][T17500] Invalid ELF header magic: != ELF
[ 1097.796426][T17500] ntfs3(nullb0): Primary boot signature is not NTFS.
[ 1097.804951][T17500] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[ 1098.424072][T17502] No source specified
[ 1098.473280][T17501] input: syz0 as /devices/virtual/input/input42
[ 1099.314553][  T974] usb 9-1: new high-speed USB device number 27 using dummy_hcd
[ 1099.643675][  T974] usb 9-1: device descriptor read/64, error -71
[ 1099.965015][  T974] usb 9-1: new high-speed USB device number 28 using dummy_hcd
[ 1100.149730][  T974] usb 9-1: device descriptor read/64, error -71
[ 1100.273655][  T974] usb usb9-port1: attempt power cycle
[ 1101.382469][  T974] usb 9-1: new high-speed USB device number 29 using dummy_hcd
[ 1101.428551][  T974] usb 9-1: device descriptor read/8, error -71
[ 1101.878631][  T974] usb 9-1: new high-speed USB device number 30 using dummy_hcd
[ 1102.103725][  T974] usb 9-1: device descriptor read/8, error -71
[ 1102.322178][  T974] usb usb9-port1: unable to enumerate USB device
[ 1102.968907][T17550] FAULT_INJECTION: forcing a failure.
[ 1102.968907][T17550] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1102.984063][T17550] CPU: 0 UID: 0 PID: 17550 Comm: syz.6.3123 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0
[ 1102.994879][T17550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1103.004961][T17550] Call Trace:
[ 1103.008261][T17550]  <TASK>
[ 1103.011214][T17550]  dump_stack_lvl+0x241/0x360
[ 1103.015925][T17550]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1103.021154][T17550]  ? __pfx__printk+0x10/0x10
[ 1103.025769][T17550]  ? __pfx_lock_release+0x10/0x10
[ 1103.030839][T17550]  should_fail_ex+0x3b0/0x4e0
[ 1103.035540][T17550]  _copy_from_user+0x2f/0xc0
[ 1103.040159][T17550]  copy_msghdr_from_user+0xae/0x680
[ 1103.045391][T17550]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1103.051228][T17550]  ? __fget_files+0x2a/0x410
[ 1103.055837][T17550]  ? __fget_files+0x2a/0x410
[ 1103.060453][T17550]  __sys_sendmsg+0x209/0x350
[ 1103.065068][T17550]  ? __pfx_lock_release+0x10/0x10
[ 1103.070113][T17550]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1103.075255][T17550]  ? __pfx_vfs_write+0x10/0x10
[ 1103.080062][T17550]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1103.086418][T17550]  ? do_syscall_64+0x100/0x230
[ 1103.091204][T17550]  ? do_syscall_64+0xb6/0x230
[ 1103.095903][T17550]  do_syscall_64+0xf3/0x230
[ 1103.100431][T17550]  ? clear_bhb_loop+0x35/0x90
[ 1103.105127][T17550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1103.111042][T17550] RIP: 0033:0x7f89d6d85d19
[ 1103.115479][T17550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1103.135113][T17550] RSP: 002b:00007f89d7c7e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1103.143558][T17550] RAX: ffffffffffffffda RBX: 00007f89d6f75fa0 RCX: 00007f89d6d85d19
[ 1103.151546][T17550] RDX: 0000000004000084 RSI: 0000000020000000 RDI: 0000000000000004
[ 1103.159536][T17550] RBP: 00007f89d7c7e090 R08: 0000000000000000 R09: 0000000000000000
[ 1103.167530][T17550] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1103.175517][T17550] R13: 0000000000000000 R14: 00007f89d6f75fa0 R15: 00007fff460a9da8
[ 1103.183508][T17550]  </TASK>
[ 1103.186616][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1103.216147][ T5901] usb 9-1: new high-speed USB device number 31 using dummy_hcd
[ 1103.340741][T17552] No source specified
[ 1103.354027][T17552] input: syz0 as /devices/virtual/input/input43
[ 1103.378830][ T5901] usb 9-1: Using ep0 maxpacket: 16
[ 1103.878680][ T5901] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1103.897645][ T5901] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1103.911287][ T5901] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1103.950941][ T5901] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1103.974748][ T5901] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1103.989546][ T5901] usb 9-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1104.039776][ T5901] usb 9-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1104.051146][ T5901] usb 9-1: Manufacturer: syz
[ 1104.163026][ T5901] usb 9-1: config 0 descriptor??
[ 1104.881171][T17564] netlink: ct family unspecified
[ 1104.886250][T17564] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1104.961717][ T5901] rc_core: IR keymap rc-hauppauge not found
[ 1104.967895][ T5901] Registered IR keymap rc-empty
[ 1105.082986][ T5901] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1105.175726][   T29] audit: type=1326 audit(2000004860.949:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17572 comm="syz.4.3129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67f2f85d19 code=0x7ffc0000
[ 1105.197732][   T29] audit: type=1326 audit(2000004860.949:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17572 comm="syz.4.3129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67f2f85d19 code=0x7ffc0000
[ 1105.208988][T17574] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3129'.
[ 1105.219567][   T29] audit: type=1326 audit(2000004860.949:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17572 comm="syz.4.3129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67f2f85d19 code=0x7ffc0000
[ 1105.219610][   T29] audit: type=1326 audit(2000004860.995:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17572 comm="syz.4.3129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7f67f2f85d19 code=0x7ffc0000
[ 1105.273484][   T29] audit: type=1326 audit(2000004860.995:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17572 comm="syz.4.3129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67f2f85d19 code=0x7ffc0000
[ 1105.296316][   T29] audit: type=1326 audit(2000004860.995:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17572 comm="syz.4.3129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67f2f85d19 code=0x7ffc0000
[ 1105.318274][   T29] audit: type=1326 audit(2000004860.995:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17572 comm="syz.4.3129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f67f2f85d19 code=0x7ffc0000
[ 1105.341159][   T29] audit: type=1326 audit(2000004860.995:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17572 comm="syz.4.3129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f67f2f85d19 code=0x7ffc0000
[ 1105.375310][   T29] audit: type=1326 audit(2000004860.995:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17572 comm="syz.4.3129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f67f2f85d19 code=0x7ffc0000
[ 1105.928875][   T29] audit: type=1326 audit(2000004861.641:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17572 comm="syz.4.3129" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f67f2f85d19 code=0x7ffc0000
[ 1106.010313][T17573] netlink: 72 bytes leftover after parsing attributes in process `syz.4.3129'.
[ 1106.132595][ T5901] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1106.197443][ T5901] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/rc/rc0
[ 1106.220376][ T5901] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/rc/rc0/input44
[ 1106.440567][ T5901] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1106.516576][ T5901] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1106.569538][T17599] netlink: 'syz.6.3135': attribute type 21 has an invalid length.
[ 1106.583485][T17599] netlink: 'syz.6.3135': attribute type 6 has an invalid length.
[ 1106.585007][ T5901] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1106.599435][T17599] netlink: 132 bytes leftover after parsing attributes in process `syz.6.3135'.
[ 1106.641940][ T5901] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1106.663596][ T5901] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1106.934546][ T5901] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1106.955827][ T5901] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1106.976918][ T5901] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1106.999081][ T5901] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1107.033157][ T5901] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1107.167880][T17612] No source specified
[ 1107.188106][T17612] input: syz0 as /devices/virtual/input/input45
[ 1107.243432][ T5901] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1107.646143][ T5901] mceusb 9-1:0.0: Registered  with mce emulator interface version 1
[ 1107.685946][ T5901] mceusb 9-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1108.116134][T17625] netlink: ct family unspecified
[ 1108.121659][T17625] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1109.019429][ T5901] usb 9-1: USB disconnect, device number 31
[ 1109.470385][T13394] Bluetooth: hci0: command tx timeout
[ 1110.087057][T17633] fuseblk: Bad value for 'fd'
[ 1110.619367][T17637] delete_channel: no stack
[ 1110.628234][T17637] binder: BINDER_SET_CONTEXT_MGR already set
[ 1110.628271][T17637] binder: 17635:17637 ioctl 4018620d 20000040 returned -16
[ 1110.739501][T17641] FAULT_INJECTION: forcing a failure.
[ 1110.739501][T17641] name failslab, interval 1, probability 0, space 0, times 0
[ 1110.739537][T17641] CPU: 0 UID: 0 PID: 17641 Comm: syz.6.3148 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0
[ 1110.739593][T17641] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1110.739610][T17641] Call Trace:
[ 1110.739618][T17641]  <TASK>
[ 1110.739628][T17641]  dump_stack_lvl+0x241/0x360
[ 1110.739660][T17641]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1110.739685][T17641]  ? __pfx__printk+0x10/0x10
[ 1110.739710][T17641]  ? kmem_cache_alloc_noprof+0x48/0x380
[ 1110.739731][T17641]  ? __pfx___might_resched+0x10/0x10
[ 1110.739761][T17641]  should_fail_ex+0x3b0/0x4e0
[ 1110.739787][T17641]  should_failslab+0xac/0x100
[ 1110.739815][T17641]  ? getname_flags+0xb7/0x540
[ 1110.739833][T17641]  kmem_cache_alloc_noprof+0x70/0x380
[ 1110.739857][T17641]  getname_flags+0xb7/0x540
[ 1110.739881][T17641]  __x64_sys_rename+0x6a/0x90
[ 1110.739908][T17641]  do_syscall_64+0xf3/0x230
[ 1110.739934][T17641]  ? clear_bhb_loop+0x35/0x90
[ 1110.739956][T17641]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1110.739993][T17641] RIP: 0033:0x7f89d6d85d19
[ 1110.740011][T17641] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1110.740028][T17641] RSP: 002b:00007f89d7c7e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[ 1110.740052][T17641] RAX: ffffffffffffffda RBX: 00007f89d6f75fa0 RCX: 00007f89d6d85d19
[ 1110.740068][T17641] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000020000100
[ 1110.740081][T17641] RBP: 00007f89d7c7e090 R08: 0000000000000000 R09: 0000000000000000
[ 1110.740095][T17641] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1110.740108][T17641] R13: 0000000000000001 R14: 00007f89d6f75fa0 R15: 00007fff460a9da8
[ 1110.740138][T17641]  </TASK>
[ 1111.366072][T17653] No source specified
[ 1111.374967][T17653] input: syz0 as /devices/virtual/input/input46
[ 1111.957783][T17650] netlink: 'syz.9.3151': attribute type 3 has an invalid length.
[ 1111.957817][T17650] netlink: 666 bytes leftover after parsing attributes in process `syz.9.3151'.
[ 1112.103090][T17635] delete_channel: no stack
[ 1112.577913][T17667] netlink: ct family unspecified
[ 1112.583069][T17667] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1114.097556][T13394] Bluetooth: hci4: command 0x0405 tx timeout
[ 1114.142927][T17680] fuseblk: Bad value for 'fd'
[ 1115.177432][T17686] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3161'.
[ 1116.785036][T17709] No source specified
[ 1116.803615][T17709] input: syz0 as /devices/virtual/input/input47
[ 1117.348765][ T5870] usb 10-1: new high-speed USB device number 36 using dummy_hcd
[ 1117.728217][ T5870] usb 10-1: Using ep0 maxpacket: 16
[ 1117.735182][ T5870] usb 10-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1117.744891][ T5870] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1117.756235][ T5870] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1117.766505][T17723] netlink: 'syz.6.3173': attribute type 2 has an invalid length.
[ 1117.776497][T17723] netlink: 212912 bytes leftover after parsing attributes in process `syz.6.3173'.
[ 1117.788747][ T5870] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1117.805398][ T5870] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1117.825688][ T5870] usb 10-1: Product: syz
[ 1117.829996][ T5870] usb 10-1: Manufacturer: syz
[ 1117.834705][ T5870] usb 10-1: SerialNumber: syz
[ 1118.580344][T17702] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1118.604478][T17702] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1118.653106][T17702] netlink: 16 bytes leftover after parsing attributes in process `syz.9.3167'.
[ 1118.675890][T17702] netlink: 92 bytes leftover after parsing attributes in process `syz.9.3167'.
[ 1118.924519][ T5870] usb 10-1: 0:2 : does not exist
[ 1118.937432][ T5870] usb 10-1: 1:0: cannot get min/max values for control 4 (id 1)
[ 1118.962154][ T5870] usb 10-1: USB disconnect, device number 36
[ 1119.468475][T16820] udevd[16820]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1119.473070][T13394] Bluetooth: hci1: command 0x0406 tx timeout
[ 1120.425552][T17760] No source specified
[ 1120.434987][T17760] input: syz0 as /devices/virtual/input/input48
[ 1120.984052][T17756] vlan2: entered allmulticast mode
[ 1121.210978][T17756] bridge0: port 3(vlan2) entered blocking state
[ 1121.218635][T17756] bridge0: port 3(vlan2) entered disabled state
[ 1121.227884][T17756] vlan2: entered promiscuous mode
[ 1121.241816][T17756] bridge0: mtu less than device minimum
[ 1121.732073][   T29] audit: type=1326 audit(2000004876.247:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17776 comm="syz.5.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19b6185d19 code=0x7ffc0000
[ 1121.758622][T17783] netlink: 32 bytes leftover after parsing attributes in process `syz.9.3187'.
[ 1121.781156][T13394] Bluetooth: hci5: Malformed MSFT vendor event: 0x02
[ 1121.796850][T17781] IPv6: addrconf: prefix option has invalid lifetime
[ 1121.804329][   T29] audit: type=1326 audit(2000004876.247:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17776 comm="syz.5.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=126 compat=0 ip=0x7f19b6185d19 code=0x7ffc0000
[ 1121.814216][T17783] netlink: 12 bytes leftover after parsing attributes in process `syz.9.3187'.
[ 1121.827563][   T29] audit: type=1326 audit(2000004876.247:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17776 comm="syz.5.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19b6185d19 code=0x7ffc0000
[ 1121.857189][   T29] audit: type=1326 audit(2000004876.247:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17776 comm="syz.5.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19b6185d19 code=0x7ffc0000
[ 1121.955098][   T29] audit: type=1326 audit(2000004876.247:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17776 comm="syz.5.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f19b6185d19 code=0x7ffc0000
[ 1122.441219][   T29] audit: type=1326 audit(2000004876.247:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17776 comm="syz.5.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19b6185d19 code=0x7ffc0000
[ 1122.465675][   T29] audit: type=1326 audit(2000004876.247:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17776 comm="syz.5.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19b6185d19 code=0x7ffc0000
[ 1122.487490][   T29] audit: type=1326 audit(2000004876.247:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17776 comm="syz.5.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f19b6185d19 code=0x7ffc0000
[ 1122.509120][   T29] audit: type=1326 audit(2000004876.247:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17776 comm="syz.5.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19b6185d19 code=0x7ffc0000
[ 1122.530739][   T29] audit: type=1326 audit(2000004876.247:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17776 comm="syz.5.3186" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19b6185d19 code=0x7ffc0000
[ 1123.827294][T17808] No source specified
[ 1123.841744][T17808] input: syz0 as /devices/virtual/input/input49
[ 1126.669488][T13394] Bluetooth: hci1: command 0x0406 tx timeout
[ 1128.997305][T17869] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1129.048347][T17869] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1129.199919][T17869] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1129.239285][T17869] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1129.248693][T17869] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1129.256333][T17869] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1129.537344][ T5870] usb 5-1: new full-speed USB device number 61 using dummy_hcd
[ 1129.629080][T17867] chnl_net:caif_netlink_parms(): no params data found
[ 1129.702685][T17883] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1129.731113][   T29] kauditd_printk_skb: 37 callbacks suppressed
[ 1129.747133][   T29] audit: type=1326 audit(2000004883.629:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17873 comm="syz.6.3214" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f89d6d85d19 code=0xffff0000
[ 1130.359326][T17867] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1130.359443][T17867] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1130.359601][T17867] bridge_slave_0: entered allmulticast mode
[ 1130.361642][T17867] bridge_slave_0: entered promiscuous mode
[ 1130.712826][ T5870] usb 5-1: config 0 has an invalid interface number: 2 but max is 0
[ 1130.720847][ T5870] usb 5-1: config 0 has no interface number 0
[ 1130.727145][ T5870] usb 5-1: config 0 interface 2 altsetting 16 endpoint 0x6 has invalid maxpacket 512, setting to 64
[ 1130.896823][ T5870] usb 5-1: config 0 interface 2 has no altsetting 0
[ 1130.907844][T17867] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1130.915022][T17867] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1130.922974][ T5870] usb 5-1: New USB device found, idVendor=086a, idProduct=0003, bcdDevice=a5.66
[ 1130.932269][ T5870] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1130.940341][ T5870] usb 5-1: Product: syz
[ 1130.944523][ T5870] usb 5-1: Manufacturer: syz
[ 1130.949141][ T5870] usb 5-1: SerialNumber: syz
[ 1130.954036][T17867] bridge_slave_1: entered allmulticast mode
[ 1130.961184][T17867] bridge_slave_1: entered promiscuous mode
[ 1130.969663][ T5870] usb 5-1: config 0 descriptor??
[ 1131.139188][T17871] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1131.330420][ T6090] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1131.360448][T17867] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1131.421156][T17867] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1131.524810][T13394] Bluetooth: hci3: command tx timeout
[ 1131.691834][T17867] team0: Port device team_slave_0 added
[ 1131.819148][T17867] team0: Port device team_slave_1 added
[ 1131.918338][T17867] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1131.979655][T17867] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1132.049494][T17867] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1132.095501][T17867] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1132.105000][T17867] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1132.151334][T17867] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1132.180658][T17910] netlink: 'syz.6.3220': attribute type 5 has an invalid length.
[ 1132.610999][T17867] hsr_slave_0: entered promiscuous mode
[ 1132.661332][T17867] hsr_slave_1: entered promiscuous mode
[ 1132.695200][T17867] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1132.724902][T17867] Cannot create hsr debugfs directory
[ 1133.778719][T13394] Bluetooth: hci3: command tx timeout
[ 1134.044764][   T29] audit: type=1107 audit(2000004887.550:465): pid=17927 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='P'
[ 1134.428672][T17867] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1134.647515][ T5870] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 1134.656182][ T5870] usb 5-1: invalid MIDI in EP 0
[ 1134.695429][ T5870] snd-usb-audio 5-1:0.2: probe with driver snd-usb-audio failed with error -22
[ 1134.707440][ T5870] usb 5-1: USB disconnect, device number 61
[ 1134.736396][T16859] udevd[16859]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.2/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1135.275416][T17867] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1135.506839][T17867] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1135.938971][T17867] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1136.047102][T13394] Bluetooth: hci3: command tx timeout
[ 1136.519080][T17867] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1136.539457][T17867] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1136.561295][T17867] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1136.581129][T17867] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1136.774780][T17867] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1136.804990][T17867] 8021q: adding VLAN 0 to HW filter on device team0
[ 1136.837419][ T7738] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1136.844606][ T7738] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1136.938871][ T7738] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1136.946119][ T7738] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1137.730312][T17977] netlink: 243 bytes leftover after parsing attributes in process `syz.9.3238'.
[ 1137.739486][T17977] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1138.287401][T13394] Bluetooth: hci3: command tx timeout
[ 1138.584985][T17867] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1139.698802][   T29] audit: type=1107 audit(2000004891.915:466): pid=17982 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='P'
[ 1144.640921][T17869] Bluetooth: hci0: command 0x0406 tx timeout
[ 1144.777982][T17867] veth0_vlan: entered promiscuous mode
[ 1144.817528][T17867] veth1_vlan: entered promiscuous mode
[ 1144.872685][T17867] veth0_macvtap: entered promiscuous mode
[ 1144.934462][T17867] veth1_macvtap: entered promiscuous mode
[ 1144.971840][T17867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1144.989016][T17867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1144.999714][T17867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1145.010619][T17867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1145.021160][T17867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1145.223369][   T29] audit: type=1107 audit(2000004897.811:467): pid=18047 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='P'
[ 1145.393388][T17867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1145.765183][T17867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1145.775662][T17867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1145.785541][T17867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1145.796852][T17867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1145.832636][T17867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1145.850470][T17867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1146.022113][T17867] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1146.388477][T17867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1147.364402][T17867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1147.381983][T17867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1147.392868][T17867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1147.403094][T17867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1147.420272][T17867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1147.430537][T17867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1147.441354][T17867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1147.452578][T17867] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1147.463237][T17867] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1147.474220][T17867] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1147.484469][T17867] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1147.493308][T17867] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1147.502070][T17867] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1147.511064][T17867] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1147.848034][T18022] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1147.849292][ T1107] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1147.855901][T18022] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1147.871590][ T1107] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1148.450620][T18081] netlink: 243 bytes leftover after parsing attributes in process `syz.9.3262'.
[ 1148.459971][T18081] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1150.280101][T18098] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[ 1150.297706][T18098] netlink: 61211 bytes leftover after parsing attributes in process `syz.5.3267'.
[ 1152.016412][   T29] audit: type=1400 audit(2000004902.987:468): lsm=SMACK fn=smack_task_setpgid action=denied subject="N" object="_" requested=w pid=18095 comm="syz.8.3266" opid=18095 ocomm="syz.8.3266"
[ 1154.517661][T15160] usb 9-1: new high-speed USB device number 32 using dummy_hcd
[ 1154.563084][T18141] NILFS (nullb0): couldn't find nilfs on the device
[ 1154.573850][T18144] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1154.632681][T18144] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1154.651639][T18144] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1154.660962][T18144] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1154.733279][T18144] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1154.747780][T18144] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1154.757537][T18144] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1154.826127][T15160] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 10662, setting to 1024
[ 1154.847299][T15160] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1154.857426][T15160] usb 9-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1154.866780][T15160] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1155.280969][T15160] usb 9-1: config 0 descriptor??
[ 1156.083188][T18137] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1156.140441][T15160] usbhid 9-1:0.0: couldn't find an input interrupt endpoint
[ 1156.765977][T13394] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1156.856330][T18179] netlink: ct family unspecified
[ 1156.861455][T18179] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1156.931397][T17869] Bluetooth: hci1: command 0x0406 tx timeout
[ 1156.939082][T17869] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1156.948008][T13394] Bluetooth: hci0: command 0x0406 tx timeout
[ 1157.048677][ T5870] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[ 1157.286662][ T5870] usb 5-1: config 0 has no interfaces?
[ 1157.317597][ T5870] usb 5-1: string descriptor 0 read error: -22
[ 1157.368292][ T5870] usb 5-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.40
[ 1157.378223][ T5870] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1157.392917][ T5870] usb 5-1: config 0 descriptor??
[ 1157.542710][ T5900] usb 9-1: USB disconnect, device number 32
[ 1158.670426][T18177] program syz.4.3289 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1158.924229][  T974] usb 5-1: USB disconnect, device number 62
[ 1159.011899][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1159.018486][ T1295] ieee802154 phy1 wpan1: encryption failed: -22
[ 1159.110230][T18199] vhci_hcd vhci_hcd.0: pdev(9) rhport(0) sockfd(6)
[ 1159.117473][T18199] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1159.169509][T18199] vhci_hcd vhci_hcd.0: Device attached
[ 1159.235649][T13394] Bluetooth: hci0: command 0x0406 tx timeout
[ 1159.241838][T13394] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1159.375374][   T29] audit: type=1400 audit(2000004910.978:469): lsm=SMACK fn=smack_task_setpgid action=denied subject="N" object="_" requested=w pid=18183 comm="syz.8.3292" opid=18183 ocomm="syz.8.3292"
[ 1159.432095][  T974] usb 51-1: new low-speed USB device number 2 using vhci_hcd
[ 1160.114604][T18200] vhci_hcd: connection reset by peer
[ 1160.231844][T18022] vhci_hcd: stop threads
[ 1160.240587][T18022] vhci_hcd: release socket
[ 1160.247584][T18022] vhci_hcd: disconnect device
[ 1160.727356][T18217] netlink: 'syz.6.3297': attribute type 5 has an invalid length.
[ 1161.281236][T18216] sock: sock_timestamping_bind_phc: sock not bind to device
[ 1161.465337][T17869] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1161.488757][T18219] netlink: 84 bytes leftover after parsing attributes in process `syz.4.3299'.
[ 1161.780330][T18232] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1161.910173][T18229] mac80211_hwsim hwsim26 wlan1: entered allmulticast mode
[ 1161.957220][T15160] usb 10-1: new high-speed USB device number 37 using dummy_hcd
[ 1162.007334][T18229] netlink: 'syz.4.3301': attribute type 10 has an invalid length.
[ 1162.020828][T18229] mac80211_hwsim hwsim26 wlan1: left allmulticast mode
[ 1162.056432][T18229] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1162.122748][T15160] usb 10-1: Using ep0 maxpacket: 8
[ 1162.139147][T15160] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[ 1162.249590][   T29] audit: type=1107 audit(2000004913.598:470): pid=18236 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='P'
[ 1162.938652][T15160] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB3, changing to 0x83
[ 1162.950581][T15160] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1162.978169][T15160] usb 10-1: New USB device found, idVendor=077d, idProduct=627a, bcdDevice= 0.01
[ 1162.992068][T15160] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1163.000307][T15160] usb 10-1: Product: syz
[ 1163.004588][T15160] usb 10-1: Manufacturer: syz
[ 1163.009349][T15160] usb 10-1: SerialNumber: syz
[ 1163.016202][T15160] usb 10-1: config 0 descriptor??
[ 1163.032817][T15160] radioshark 10-1:0.0: Invalid radioSHARK device
[ 1163.039224][T15160] radioshark 10-1:0.0: probe with driver radioshark failed with error -22
[ 1163.048430][T15160] usbhid 10-1:0.0: couldn't find an input interrupt endpoint
[ 1163.716836][T13394] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1163.772368][T18247] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3306'.
[ 1165.629405][T18267] netlink: 'syz.5.3310': attribute type 5 has an invalid length.
[ 1166.035381][  T974] vhci_hcd: vhci_device speed not set
[ 1166.068118][ T5900] usb 10-1: USB disconnect, device number 37
[ 1166.109925][ T8927] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1166.551156][   T29] audit: type=1107 audit(2000004917.593:471): pid=18277 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='P'
[ 1169.429325][T18314] netlink: 'syz.5.3324': attribute type 5 has an invalid length.
[ 1170.321645][T18305] vlan2: entered allmulticast mode
[ 1170.578058][T18328] netlink: 60 bytes leftover after parsing attributes in process `syz.6.3328'.
[ 1170.863359][   T29] audit: type=1107 audit(2000004921.570:472): pid=18329 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='P'
[ 1172.177545][T18339] netlink: 243 bytes leftover after parsing attributes in process `syz.9.3333'.
[ 1172.186660][T18339] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1172.770224][T18347] FAULT_INJECTION: forcing a failure.
[ 1172.770224][T18347] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1172.957426][T18347] CPU: 0 UID: 0 PID: 18347 Comm: syz.5.3335 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0
[ 1172.968261][T18347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1172.978336][T18347] Call Trace:
[ 1172.981627][T18347]  <TASK>
[ 1172.984561][T18347]  dump_stack_lvl+0x241/0x360
[ 1172.989247][T18347]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1172.994442][T18347]  ? __pfx__printk+0x10/0x10
[ 1172.999039][T18347]  ? __pfx_lock_release+0x10/0x10
[ 1173.004067][T18347]  should_fail_ex+0x3b0/0x4e0
[ 1173.008740][T18347]  _copy_from_user+0x2f/0xc0
[ 1173.013340][T18347]  copy_msghdr_from_user+0xae/0x680
[ 1173.018544][T18347]  ? __pfx___might_resched+0x10/0x10
[ 1173.023836][T18347]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1173.029639][T18347]  ? __fget_files+0x2a/0x410
[ 1173.034227][T18347]  ? __sys_sendmmsg+0x392/0x720
[ 1173.039079][T18347]  ? __might_fault+0xaa/0x120
[ 1173.043766][T18347]  __sys_sendmmsg+0x32b/0x720
[ 1173.048471][T18347]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1173.053676][T18347]  ? __pfx_lock_release+0x10/0x10
[ 1173.058695][T18347]  ? kstrtouint_from_user+0x128/0x190
[ 1173.064076][T18347]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1173.069966][T18347]  ? ksys_write+0x22a/0x2b0
[ 1173.074467][T18347]  ? __pfx_lock_release+0x10/0x10
[ 1173.079491][T18347]  ? vfs_write+0x730/0xd30
[ 1173.083909][T18347]  ? __mutex_unlock_slowpath+0x21e/0x790
[ 1173.089560][T18347]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1173.095542][T18347]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1173.101867][T18347]  ? do_syscall_64+0x100/0x230
[ 1173.106635][T18347]  __x64_sys_sendmmsg+0xa0/0xb0
[ 1173.111486][T18347]  do_syscall_64+0xf3/0x230
[ 1173.115989][T18347]  ? clear_bhb_loop+0x35/0x90
[ 1173.120663][T18347]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1173.126552][T18347] RIP: 0033:0x7f9fcb985d19
[ 1173.130965][T18347] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1173.150570][T18347] RSP: 002b:00007f9fcc77d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1173.158992][T18347] RAX: ffffffffffffffda RBX: 00007f9fcbb75fa0 RCX: 00007f9fcb985d19
[ 1173.166961][T18347] RDX: 0000000004000095 RSI: 0000000020005240 RDI: 0000000000000003
[ 1173.174930][T18347] RBP: 00007f9fcc77d090 R08: 0000000000000000 R09: 0000000000000000
[ 1173.183004][T18347] R10: 000000000401eb94 R11: 0000000000000246 R12: 0000000000000002
[ 1173.190972][T18347] R13: 0000000000000000 R14: 00007f9fcbb75fa0 R15: 00007ffdb0c261f8
[ 1173.198950][T18347]  </TASK>
[ 1173.759164][T18336] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 1173.850523][T18352] netlink: 'syz.8.3336': attribute type 5 has an invalid length.
[ 1174.482450][T18356] netlink: 'syz.9.3340': attribute type 2 has an invalid length.
[ 1174.492295][T18356] netlink: 'syz.9.3340': attribute type 1 has an invalid length.
[ 1174.500921][T18356] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3340'.
[ 1174.571440][T18363] fuse: Unknown parameter '000000000000000000000030x0000000000000003<rootmo���7du'
[ 1174.775920][   T29] audit: type=1326 audit(2000004925.187:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18358 comm="syz.5.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fcb985d19 code=0x7fc00000
[ 1174.852409][   T29] audit: type=1326 audit(2000004925.206:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18358 comm="syz.5.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f9fcb985d19 code=0x7fc00000
[ 1174.882594][   T29] audit: type=1326 audit(2000004925.206:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18358 comm="syz.5.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fcb985d19 code=0x7fc00000
[ 1174.905309][   T29] audit: type=1326 audit(2000004925.206:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18358 comm="syz.5.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fcb985d19 code=0x7fc00000
[ 1174.982868][   T29] audit: type=1326 audit(2000004925.206:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18358 comm="syz.5.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fcb985d19 code=0x7fc00000
[ 1175.047708][   T29] audit: type=1326 audit(2000004925.206:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18358 comm="syz.5.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fcb985d19 code=0x7fc00000
[ 1175.091827][   T29] audit: type=1326 audit(2000004925.206:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18358 comm="syz.5.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fcb985d19 code=0x7fc00000
[ 1175.121147][   T29] audit: type=1326 audit(2000004925.206:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18358 comm="syz.5.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fcb985d19 code=0x7fc00000
[ 1175.153240][   T29] audit: type=1326 audit(2000004925.206:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18358 comm="syz.5.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fcb985d19 code=0x7fc00000
[ 1175.183971][   T29] audit: type=1326 audit(2000004925.206:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18358 comm="syz.5.3338" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fcb985d19 code=0x7fc00000
[ 1176.295970][T18386] netlink: 'syz.9.3345': attribute type 3 has an invalid length.
[ 1176.304150][T18386] netlink: 666 bytes leftover after parsing attributes in process `syz.9.3345'.
[ 1176.937094][T18385] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3344'.
[ 1178.881294][T18399] netlink: 'syz.8.3349': attribute type 5 has an invalid length.
[ 1180.009343][T18416] netlink: 'syz.9.3355': attribute type 1 has an invalid length.
[ 1180.019753][T18416] netlink: 224 bytes leftover after parsing attributes in process `syz.9.3355'.
[ 1180.464631][T18424] netlink: 'syz.9.3357': attribute type 3 has an invalid length.
[ 1180.473193][T18424] netlink: 666 bytes leftover after parsing attributes in process `syz.9.3357'.
[ 1181.545134][T18436] No source specified
[ 1181.564687][T18436] input: syz0 as /devices/virtual/input/input50
[ 1182.753324][T18449] netlink: 'syz.4.3363': attribute type 5 has an invalid length.
[ 1184.575409][ T7228] usb 10-1: new high-speed USB device number 38 using dummy_hcd
[ 1184.680968][T18468] netlink: 'syz.6.3371': attribute type 3 has an invalid length.
[ 1184.690135][T18468] netlink: 666 bytes leftover after parsing attributes in process `syz.6.3371'.
[ 1186.034858][ T5900] usb 9-1: new high-speed USB device number 33 using dummy_hcd
[ 1186.044846][ T7228] usb 10-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1186.155983][ T7228] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1186.295133][ T7228] usb 10-1: config 0 descriptor??
[ 1186.671239][ T5900] usb 9-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1186.741164][ T5900] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1186.803569][ T5900] usb 9-1: Product: syz
[ 1187.498727][ T7228] [drm:udl_init] *ERROR* Selecting channel failed
[ 1187.536413][ T5900] usb 9-1: Manufacturer: syz
[ 1187.548175][ T5900] usb 9-1: SerialNumber: syz
[ 1187.667256][T18487] netlink: 'syz.5.3377': attribute type 5 has an invalid length.
[ 1187.757048][ T7228] [drm] Initialized udl 0.0.1 for 10-1:0.0 on minor 2
[ 1187.764501][ T7228] [drm] Initialized udl on minor 2
[ 1187.803589][ T7228] udl 10-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1187.805805][ T5900] usb 9-1: config 0 descriptor??
[ 1187.975764][ T7228] udl 10-1:0.0: [drm] Cannot find any crtc or sizes
[ 1188.059310][T15160] udl 10-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1188.097793][ T7228] usb 10-1: USB disconnect, device number 38
[ 1188.132780][T15160] udl 10-1:0.0: [drm] Cannot find any crtc or sizes
[ 1188.425162][ T5900] usb 9-1: Firmware: major: 175, minor: 0, hardware type: ATUSB (0)
[ 1188.444320][T18500] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3380'.
[ 1188.506013][T18500] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3380'.
[ 1188.631066][T18503] netlink: 20 bytes leftover after parsing attributes in process `syz.9.3380'.
[ 1189.493415][T18506] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3381'.
[ 1189.636860][T18510] FAULT_INJECTION: forcing a failure.
[ 1189.636860][T18510] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1189.650780][T18510] CPU: 0 UID: 0 PID: 18510 Comm: syz.4.3385 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0
[ 1189.661574][T18510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1189.671673][T18510] Call Trace:
[ 1189.674970][T18510]  <TASK>
[ 1189.677906][T18510]  dump_stack_lvl+0x241/0x360
[ 1189.682604][T18510]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1189.687820][T18510]  ? __pfx__printk+0x10/0x10
[ 1189.692402][T18510]  ? __pfx_lock_release+0x10/0x10
[ 1189.697418][T18510]  should_fail_ex+0x3b0/0x4e0
[ 1189.702086][T18510]  _copy_from_iter+0x1e9/0x1c20
[ 1189.706930][T18510]  ? __virt_addr_valid+0x183/0x530
[ 1189.712059][T18510]  ? __kmalloc_node_track_caller_noprof+0x2a8/0x4c0
[ 1189.718649][T18510]  ? pskb_expand_head+0x1f0/0x1380
[ 1189.723762][T18510]  ? __pfx__copy_from_iter+0x10/0x10
[ 1189.729038][T18510]  ? __virt_addr_valid+0x183/0x530
[ 1189.734139][T18510]  ? __virt_addr_valid+0x183/0x530
[ 1189.739237][T18510]  ? __virt_addr_valid+0x45f/0x530
[ 1189.744340][T18510]  ? __phys_addr_symbol+0x2f/0x70
[ 1189.749367][T18510]  ? __check_object_size+0x47a/0x730
[ 1189.754692][T18510]  skb_copy_datagram_from_iter+0xf2/0x6a0
[ 1189.760445][T18510]  ? iov_iter_single_seg_count+0xd7/0x300
[ 1189.766158][T18510]  tun_get_user+0xebd/0x4890
[ 1189.770750][T18510]  ? __lock_acquire+0x1397/0x2100
[ 1189.775765][T18510]  ? __pfx_tun_get_user+0x10/0x10
[ 1189.780793][T18510]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1189.786263][T18510]  ? tun_get+0x1e/0x2f0
[ 1189.790430][T18510]  ? __pfx_lock_release+0x10/0x10
[ 1189.795455][T18510]  ? tun_get+0x1e/0x2f0
[ 1189.799606][T18510]  ? tun_get+0x27d/0x2f0
[ 1189.803847][T18510]  tun_chr_write_iter+0x10d/0x1f0
[ 1189.808880][T18510]  vfs_write+0xaeb/0xd30
[ 1189.813116][T18510]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1189.818664][T18510]  ? __pfx_vfs_write+0x10/0x10
[ 1189.823424][T18510]  ? __fget_files+0x2a/0x410
[ 1189.828005][T18510]  ? __fget_files+0x2a/0x410
[ 1189.832590][T18510]  ksys_write+0x18f/0x2b0
[ 1189.836923][T18510]  ? __pfx_ksys_write+0x10/0x10
[ 1189.841794][T18510]  ? do_syscall_64+0x100/0x230
[ 1189.846577][T18510]  ? do_syscall_64+0xb6/0x230
[ 1189.851274][T18510]  do_syscall_64+0xf3/0x230
[ 1189.855786][T18510]  ? clear_bhb_loop+0x35/0x90
[ 1189.860458][T18510]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1189.866350][T18510] RIP: 0033:0x7f67f2f85d19
[ 1189.870762][T18510] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1189.890369][T18510] RSP: 002b:00007f67f3e80038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1189.898785][T18510] RAX: ffffffffffffffda RBX: 00007f67f3175fa0 RCX: 00007f67f2f85d19
[ 1189.906752][T18510] RDX: 000000000000fdef RSI: 00000000200001c0 RDI: 0000000000000004
[ 1189.914733][T18510] RBP: 00007f67f3e80090 R08: 0000000000000000 R09: 0000000000000000
[ 1189.922703][T18510] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1189.930673][T18510] R13: 0000000000000000 R14: 00007f67f3175fa0 R15: 00007ffc0babe7a8
[ 1189.938658][T18510]  </TASK>
[ 1189.947049][ T5900] usb 9-1: failed to fetch extended address, random address set
[ 1190.187189][T18517] netlink: ct family unspecified
[ 1190.192427][T18517] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1191.344272][T18519] netlink: 'syz.6.3384': attribute type 3 has an invalid length.
[ 1191.527766][T18519] netlink: 666 bytes leftover after parsing attributes in process `syz.6.3384'.
[ 1191.553866][ T5900] usb 9-1: USB disconnect, device number 33
[ 1191.755961][ T5871] usb 10-1: new high-speed USB device number 39 using dummy_hcd
[ 1191.953420][ T5871] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1191.975005][ T5871] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1192.028885][T18532] netlink: 356 bytes leftover after parsing attributes in process `syz.6.3390'.
[ 1192.113395][ T5871] usb 10-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[ 1192.783260][ T5871] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1192.801770][ T5871] usb 10-1: config 0 descriptor??
[ 1192.935901][T18539] netlink: 40 bytes leftover after parsing attributes in process `syz.8.3392'.
[ 1193.553299][ T5871] hid-thrustmaster 0003:044F:B65D.0010: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.9-1/input0
[ 1193.568182][ T5871] hid-thrustmaster 0003:044F:B65D.0010: Wrong number of endpoints?
[ 1193.804343][    C0] hid-thrustmaster 0003:044F:B65D.0010: Unknown packet type 0x0, unable to proceed further with wheel init
[ 1194.103204][T18552] ipvlan0: entered promiscuous mode
[ 1194.108539][T18552] ipvlan0: entered allmulticast mode
[ 1194.114133][T18552] veth0_vlan: entered allmulticast mode
[ 1194.780229][ T5900] usb 10-1: USB disconnect, device number 39
[ 1195.535257][T18561] netlink: ct family unspecified
[ 1195.540271][T18561] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1197.158098][   T29] kauditd_printk_skb: 66 callbacks suppressed
[ 1197.158121][   T29] audit: type=1107 audit(2000004945.662:549): pid=18563 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='P'
[ 1197.350825][T18575] ipt_rpfilter: only valid in 'raw' or 'mangle' table, not '
'
[ 1198.146338][T18572] netlink: 'syz.8.3400': attribute type 3 has an invalid length.
[ 1198.155462][T18572] netlink: 666 bytes leftover after parsing attributes in process `syz.8.3400'.
[ 1199.748987][   T29] audit: type=1800 audit(2000004948.218:550): pid=18590 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.5.3406" name="bus" dev="overlay" ino=199 res=0 errno=0
[ 1200.244812][T18600] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3408'.
[ 1200.254917][T18600] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3408'.
[ 1200.500165][T18590] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3406'.
[ 1200.606387][T18608] netlink: 36 bytes leftover after parsing attributes in process `syz.4.3410'.
[ 1200.925297][T18610] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[ 1200.925297][T18610] The task syz.6.3411 (18610) triggered the difference, watch for misbehavior.
[ 1201.321158][   T35] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1201.359146][T18613] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3412'.
[ 1201.504472][T18622] netlink: 'syz.4.3414': attribute type 3 has an invalid length.
[ 1201.512581][T18622] netlink: 666 bytes leftover after parsing attributes in process `syz.4.3414'.
[ 1202.201236][T18629] netlink: 60 bytes leftover after parsing attributes in process `syz.8.3416'.
[ 1202.680310][T18629] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[ 1203.563742][T18640] netlink: ct family unspecified
[ 1203.569011][T18640] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1204.668838][   T29] audit: type=1107 audit(2000004952.767:551): pid=18646 uid=0 auid=4294967295 ses=4294967295 subj=_ msg='P'
[ 1204.912053][T18663] netlink: 'syz.6.3427': attribute type 3 has an invalid length.
[ 1204.914170][T18663] netlink: 666 bytes leftover after parsing attributes in process `syz.6.3427'.
[ 1208.453579][   T29] audit: type=1400 audit(2000004956.273:552): lsm=SMACK fn=smack_task_setpgid action=denied subject="N" object="_" requested=w pid=18695 comm="syz.5.3436" opid=18695 ocomm="syz.5.3436"
[ 1208.816284][T18707] netlink: 'syz.6.3439': attribute type 3 has an invalid length.
[ 1208.824605][T18707] netlink: 666 bytes leftover after parsing attributes in process `syz.6.3439'.
[ 1210.087368][T18718] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3441'.
[ 1212.086874][T18751] netlink: 40 bytes leftover after parsing attributes in process `syz.9.3453'.
[ 1212.127627][T18753] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3454'.
[ 1212.301858][T18758] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3455'.
[ 1212.321440][T18758] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3455'.
[ 1212.340976][T18758] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3455'.
[ 1212.647607][T18764] 9pnet_fd: Insufficient options for proto=fd
[ 1212.694206][T18765] vcan0: tx drop: invalid da for name 0x0000000000000001
[ 1213.560864][T18779] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1214.408912][   T29] audit: type=1107 audit(2000004961.763:553): pid=18767 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=''
[ 1214.734547][   T29] audit: type=1400 audit(2000004962.058:554): lsm=SMACK fn=smack_task_setpgid action=denied subject="N" object="_" requested=w pid=18772 comm="syz.4.3461" opid=18772 ocomm="syz.4.3461"
[ 1214.735262][T18787] FAULT_INJECTION: forcing a failure.
[ 1214.735262][T18787] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1214.767351][T18787] CPU: 0 UID: 0 PID: 18787 Comm: syz.6.3465 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0
[ 1214.778175][T18787] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1214.788358][T18787] Call Trace:
[ 1214.791682][T18787]  <TASK>
[ 1214.794637][T18787]  dump_stack_lvl+0x241/0x360
[ 1214.799435][T18787]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1214.804664][T18787]  ? __pfx__printk+0x10/0x10
[ 1214.809284][T18787]  ? __pfx_lock_release+0x10/0x10
[ 1214.814346][T18787]  should_fail_ex+0x3b0/0x4e0
[ 1214.819063][T18787]  _copy_from_user+0x2f/0xc0
[ 1214.823689][T18787]  copy_msghdr_from_user+0xae/0x680
[ 1214.828919][T18787]  ? __pfx___might_resched+0x10/0x10
[ 1214.834237][T18787]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1214.840082][T18787]  ? do_recvmmsg+0x44e/0xab0
[ 1214.844696][T18787]  ? __might_fault+0xaa/0x120
[ 1214.849414][T18787]  do_recvmmsg+0x3bd/0xab0
[ 1214.853869][T18787]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1214.858850][T18787]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1214.864772][T18787]  ? ksys_write+0x22a/0x2b0
[ 1214.869306][T18787]  ? __pfx_lock_release+0x10/0x10
[ 1214.874373][T18787]  ? vfs_write+0x730/0xd30
[ 1214.878837][T18787]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1214.884851][T18787]  ? __fget_files+0x2a/0x410
[ 1214.889486][T18787]  __x64_sys_recvmmsg+0x199/0x250
[ 1214.894638][T18787]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1214.900219][T18787]  ? do_syscall_64+0x100/0x230
[ 1214.905108][T18787]  ? do_syscall_64+0xb6/0x230
[ 1214.909809][T18787]  do_syscall_64+0xf3/0x230
[ 1214.914336][T18787]  ? clear_bhb_loop+0x35/0x90
[ 1214.919040][T18787]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1214.924962][T18787] RIP: 0033:0x7f89d6d85d19
[ 1214.929400][T18787] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1214.949010][T18787] RSP: 002b:00007f89d7c5d038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1214.949044][T18787] RAX: ffffffffffffffda RBX: 00007f89d6f76080 RCX: 00007f89d6d85d19
[ 1214.949059][T18787] RDX: 000000000291962b RSI: 0000000020000040 RDI: 0000000000000004
[ 1214.949072][T18787] RBP: 00007f89d7c5d090 R08: 0000000000000000 R09: 0000000000000000
[ 1214.949085][T18787] R10: 45833af92e4b39ff R11: 0000000000000246 R12: 0000000000000001
[ 1214.949098][T18787] R13: 0000000000000000 R14: 00007f89d6f76080 R15: 00007fff460a9da8
[ 1214.949127][T18787]  </TASK>
[ 1215.151729][T18492] usb 10-1: new high-speed USB device number 40 using dummy_hcd
[ 1215.387191][T18492] usb 10-1: Using ep0 maxpacket: 16
[ 1215.402016][T18492] usb 10-1: config 0 has an invalid interface number: 222 but max is 0
[ 1215.411358][T18492] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1215.437265][T18492] usb 10-1: config 0 has no interface number 0
[ 1215.498821][T18492] usb 10-1: New USB device found, idVendor=0763, idProduct=1031, bcdDevice= 1.05
[ 1216.000523][T18492] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1216.008869][T18492] usb 10-1: Product: syz
[ 1216.013232][T18492] usb 10-1: Manufacturer: syz
[ 1216.018139][T18492] usb 10-1: SerialNumber: syz
[ 1216.050657][T18492] usb 10-1: config 0 descriptor??
[ 1216.096402][T18793] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3468'.
[ 1216.554768][T18801] No source specified
[ 1216.576077][T18801] input: syz0 as /devices/virtual/input/input51
[ 1217.929541][T18492] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[ 1218.177033][T18492] snd-usb-audio 10-1:0.222: probe with driver snd-usb-audio failed with error -2
[ 1218.218325][T18492] usb 10-1: USB disconnect, device number 40
[ 1218.600998][T17869] Bluetooth: hci3: unexpected event for opcode 0x203d
[ 1218.937822][T18823] netlink: ct family unspecified
[ 1218.943201][T18823] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1219.874277][T18492] usb 10-1: new high-speed USB device number 41 using dummy_hcd
[ 1220.244249][T18492] usb 10-1: config index 0 descriptor too short (expected 7727, got 18)
[ 1220.252881][T18492] usb 10-1: config 0 has an invalid interface number: 172 but max is 0
[ 1220.261578][T18492] usb 10-1: config 0 has no interface number 0
[ 1220.268123][T18492] usb 10-1: config 0 interface 172 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 8
[ 1220.401130][T18833] FAULT_INJECTION: forcing a failure.
[ 1220.401130][T18833] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1220.452625][T18833] CPU: 0 UID: 0 PID: 18833 Comm: syz.6.3477 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0
[ 1220.463467][T18833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1220.473548][T18833] Call Trace:
[ 1220.476842][T18833]  <TASK>
[ 1220.479804][T18833]  dump_stack_lvl+0x241/0x360
[ 1220.484522][T18833]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1220.489755][T18833]  ? __pfx__printk+0x10/0x10
[ 1220.494372][T18833]  ? __pfx_lock_release+0x10/0x10
[ 1220.499426][T18833]  should_fail_ex+0x3b0/0x4e0
[ 1220.504124][T18833]  _copy_from_user+0x2f/0xc0
[ 1220.508752][T18833]  copy_msghdr_from_user+0xae/0x680
[ 1220.513982][T18833]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1220.520327][T18833]  ? __fget_files+0x2a/0x410
[ 1220.524935][T18833]  ? __fget_files+0x2a/0x410
[ 1220.529549][T18833]  __sys_sendmmsg+0x32b/0x720
[ 1220.534256][T18833]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1220.539499][T18833]  ? __pfx_lock_release+0x10/0x10
[ 1220.544543][T18833]  ? kstrtouint_from_user+0x128/0x190
[ 1220.549958][T18833]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1220.555874][T18833]  ? ksys_write+0x22a/0x2b0
[ 1220.560398][T18833]  ? __pfx_lock_release+0x10/0x10
[ 1220.565444][T18833]  ? vfs_write+0x730/0xd30
[ 1220.569889][T18833]  ? __mutex_unlock_slowpath+0x21e/0x790
[ 1220.575567][T18833]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1220.581570][T18833]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1220.587919][T18833]  ? do_syscall_64+0x100/0x230
[ 1220.592713][T18833]  __x64_sys_sendmmsg+0xa0/0xb0
[ 1220.597584][T18833]  do_syscall_64+0xf3/0x230
[ 1220.602112][T18833]  ? clear_bhb_loop+0x35/0x90
[ 1220.606805][T18833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1220.612721][T18833] RIP: 0033:0x7f89d6d85d19
[ 1220.617149][T18833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1220.636862][T18833] RSP: 002b:00007f89d7c5d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1220.645312][T18833] RAX: ffffffffffffffda RBX: 00007f89d6f76080 RCX: 00007f89d6d85d19
[ 1220.653311][T18833] RDX: 17fd147c801ae9ab RSI: 0000000020000ac0 RDI: 0000000000000009
[ 1220.661306][T18833] RBP: 00007f89d7c5d090 R08: 0000000000000000 R09: 0000000000000000
[ 1220.669309][T18833] R10: 000000000000ff00 R11: 0000000000000246 R12: 0000000000000001
[ 1220.672752][T18492] usb 10-1: New USB device found, idVendor=2304, idProduct=020f, bcdDevice=3b.de
[ 1220.677378][T18833] R13: 0000000000000000 R14: 00007f89d6f76080 R15: 00007fff460a9da8
[ 1220.677414][T18833]  </TASK>
[ 1220.701725][T18492] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1220.710015][T18492] usb 10-1: Product: syz
[ 1220.714386][T18492] usb 10-1: Manufacturer: syz
[ 1220.719289][T18492] usb 10-1: SerialNumber: syz
[ 1220.847452][T18492] usb 10-1: config 0 descriptor??
[ 1222.537293][T18850] No source specified
[ 1222.557533][T18850] input: syz0 as /devices/virtual/input/input52
[ 1222.999018][T18492] dvb-usb: found a 'Pinnacle 400e DVB-S USB2.0' in warm state.
[ 1223.011658][T18492] dvb-usb: bulk message failed: -22 (4/0)
[ 1223.021404][T17869] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[ 1223.031246][T17869] Bluetooth: hci3: Injecting HCI hardware error event
[ 1223.041157][T17869] Bluetooth: hci3: hardware error 0x00
[ 1223.051638][T18492] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1223.061887][T18492] dvb-usb: bulk message failed: -22 (5/0)
[ 1223.067643][T18492] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1223.180063][T18492] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1223.196672][T18492] dvbdev: DVB: registering new adapter (Pinnacle 400e DVB-S USB2.0)
[ 1223.205436][T18492] usb 10-1: media controller created
[ 1223.223760][T18492] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1223.317736][T18492] ttusb2: set interface to alts=3 failed
[ 1223.422925][T18492] DVB: Unable to find symbol tda10086_attach()
[ 1223.432200][T18492] dvb-usb: no frontend was attached by 'Pinnacle 400e DVB-S USB2.0'
[ 1223.451680][T18492] dvb-usb: bulk message failed: -22 (4/0)
[ 1223.457467][T18492] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1223.489923][T18856] loop5: detected capacity change from 0 to 7
[ 1223.497751][T18856] buffer_io_error: 550 callbacks suppressed
[ 1223.497769][T18856] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1223.512227][T18856] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1223.526163][T18856] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1223.527978][T18492] dvb-usb: bulk message failed: -22 (5/0)
[ 1223.537602][T18856] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1223.558326][T18856] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1223.567003][T18856] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1223.575221][T18856] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1223.583825][T18856] ldm_validate_partition_table(): Disk read failed.
[ 1223.590998][T18856] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1223.599188][T18856] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1223.613344][T18856] Buffer I/O error on dev loop5, logical block 0, async page read
[ 1223.626325][   T29] audit: type=1400 audit(2000004970.252:555): lsm=SMACK fn=smack_task_setpgid action=denied subject="N" object="_" requested=w pid=18854 comm="syz.9.3484" opid=18854 ocomm="syz.9.3484"
[ 1223.655239][T18856] Dev loop5: unable to read RDB block 0
[ 1223.711930][T18856]  loop5: unable to read partition table
[ 1223.830362][T18492] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[ 1223.841656][T18492] dvb-usb: Pinnacle 400e DVB-S USB2.0 successfully initialized and connected.
[ 1223.853942][T18492] usb 10-1: USB disconnect, device number 41
[ 1223.855693][T18853] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3483'.
[ 1223.883957][T18492] dvb-usb: Pinnacle 400e DVB-S USB2.0 successfully deinitialized and disconnected.
[ 1223.896912][T18856] loop5: partition table beyond EOD, truncated
[ 1223.911146][T18856] loop_reread_partitions: partition scan of loop5 (�被x������ڬ��dƤ����ݡ�����
[ 1223.911146][T18856] 
) failed (rc=-5)
[ 1224.544017][T17384] udevd[17384]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.222/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1225.263233][T17869] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[ 1225.607973][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1226.350205][T18905] No source specified
[ 1226.365161][T18905] input: syz0 as /devices/virtual/input/input53
[ 1228.955782][ T5871] usb 9-1: new high-speed USB device number 34 using dummy_hcd
[ 1229.127998][ T5871] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1229.139876][ T5871] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1229.149900][ T5871] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1229.163649][ T5871] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1229.171758][ T5871] usb 9-1: SerialNumber: syz
[ 1229.406905][ T5871] usb 9-1: 0:2 : does not exist
[ 1229.422799][ T5871] usb 9-1: USB disconnect, device number 34
[ 1229.640815][T16820] udevd[16820]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1230.786482][T18952] No source specified
[ 1230.799937][T18952] input: syz0 as /devices/virtual/input/input54
[ 1236.013203][   T35] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1236.443132][   T29] audit: type=1326 audit(2000004982.090:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18988 comm="syz.8.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61ecf85d19 code=0x7ffc0000
[ 1236.652633][   T29] audit: type=1326 audit(2000004982.118:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18988 comm="syz.8.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=92 compat=0 ip=0x7f61ecf85d19 code=0x7ffc0000
[ 1236.814091][   T29] audit: type=1326 audit(2000004982.118:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18988 comm="syz.8.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61ecf85d19 code=0x7ffc0000
[ 1238.250329][   T29] audit: type=1326 audit(2000004982.118:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18988 comm="syz.8.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f61ecf85d19 code=0x7ffc0000
[ 1238.460320][   T29] audit: type=1326 audit(2000004982.118:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18988 comm="syz.8.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61ecf85d19 code=0x7ffc0000
[ 1238.556037][   T29] audit: type=1326 audit(2000004982.118:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18988 comm="syz.8.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f61ecf85d19 code=0x7ffc0000
[ 1238.601761][   T29] audit: type=1326 audit(2000004982.118:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18988 comm="syz.8.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f61ecf85d19 code=0x7ffc0000
[ 1238.605273][T19002] FAULT_INJECTION: forcing a failure.
[ 1238.605273][T19002] name failslab, interval 1, probability 0, space 0, times 0
[ 1238.623367][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1238.693812][   T29] audit: type=1326 audit(2000004982.118:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18988 comm="syz.8.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f61ecf85d19 code=0x7ffc0000
[ 1238.714438][T19002] CPU: 0 UID: 0 PID: 19002 Comm: syz.9.3526 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0
[ 1238.726288][T19002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1238.736348][T19002] Call Trace:
[ 1238.739624][T19002]  <TASK>
[ 1238.742553][T19002]  dump_stack_lvl+0x241/0x360
[ 1238.747242][T19002]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1238.752440][T19002]  ? __pfx__printk+0x10/0x10
[ 1238.757028][T19002]  ? __kmalloc_cache_noprof+0x48/0x390
[ 1238.762486][T19002]  ? __pfx___might_resched+0x10/0x10
[ 1238.767769][T19002]  should_fail_ex+0x3b0/0x4e0
[ 1238.772459][T19002]  should_failslab+0xac/0x100
[ 1238.777138][T19002]  __kmalloc_cache_noprof+0x70/0x390
[ 1238.782415][T19002]  ? alloc_pipe_info+0xeb/0x4d0
[ 1238.787274][T19002]  alloc_pipe_info+0xeb/0x4d0
[ 1238.791947][T19002]  splice_direct_to_actor+0xa9e/0xc80
[ 1238.797328][T19002]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1238.802976][T19002]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1238.808866][T19002]  ? __fget_files+0x2a/0x410
[ 1238.813445][T19002]  ? __pfx_lock_release+0x10/0x10
[ 1238.818464][T19002]  do_splice_direct+0x289/0x3e0
[ 1238.823311][T19002]  ? __pfx_do_splice_direct+0x10/0x10
[ 1238.828675][T19002]  ? __fget_files+0x2a/0x410
[ 1238.833257][T19002]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1238.839151][T19002]  ? bpf_lsm_file_permission+0x9/0x10
[ 1238.844520][T19002]  ? security_file_permission+0x74/0x280
[ 1238.850154][T19002]  ? rw_verify_area+0x1c3/0x6f0
[ 1238.855034][T19002]  do_sendfile+0x564/0x8a0
[ 1238.859473][T19002]  ? __pfx_do_sendfile+0x10/0x10
[ 1238.864403][T19002]  ? __fget_files+0x2a/0x410
[ 1238.868989][T19002]  __se_sys_sendfile64+0x17c/0x1e0
[ 1238.874104][T19002]  ? __pfx___se_sys_sendfile64+0x10/0x10
[ 1238.879735][T19002]  ? do_syscall_64+0x100/0x230
[ 1238.884497][T19002]  ? do_syscall_64+0xb6/0x230
[ 1238.889192][T19002]  do_syscall_64+0xf3/0x230
[ 1238.893717][T19002]  ? clear_bhb_loop+0x35/0x90
[ 1238.898397][T19002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1238.904295][T19002] RIP: 0033:0x7eff32785d19
[ 1238.908714][T19002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1238.928322][T19002] RSP: 002b:00007eff305f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1238.936729][T19002] RAX: ffffffffffffffda RBX: 00007eff32975fa0 RCX: 00007eff32785d19
[ 1238.944691][T19002] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000003
[ 1238.952673][T19002] RBP: 00007eff305f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1238.960650][T19002] R10: 00008000fffffffe R11: 0000000000000246 R12: 0000000000000001
[ 1238.968613][T19002] R13: 0000000000000000 R14: 00007eff32975fa0 R15: 00007ffde427c138
[ 1238.976590][T19002]  </TASK>
[ 1239.022096][   T29] audit: type=1326 audit(2000004982.118:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18988 comm="syz.8.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f61ecf85d53 code=0x7ffc0000
[ 1239.089066][   T29] audit: type=1326 audit(2000004982.247:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18988 comm="syz.8.3522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f61ecf85d53 code=0x7ffc0000
[ 1239.890095][T19014] netlink: 'syz.4.3530': attribute type 3 has an invalid length.
[ 1239.917715][T19014] netlink: 666 bytes leftover after parsing attributes in process `syz.4.3530'.
[ 1240.508932][T18492] usb 9-1: new high-speed USB device number 35 using dummy_hcd
[ 1240.540933][ T2980] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1240.560583][   T51] Bluetooth: hci4: received HCILL_GO_TO_SLEEP_ACK in state 0
[ 1240.716492][T18492] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1240.727706][T18492] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1240.742641][T18492] usb 9-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[ 1240.757029][T18492] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1240.786173][T18492] usb 9-1: config 0 descriptor??
[ 1241.794611][T18492] pyra 0003:1E7D:2CF6.0011: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.8-1/input0
[ 1242.816711][T17869] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1243.795491][T18492] pyra 0003:1E7D:2CF6.0011: couldn't init struct pyra_device
[ 1243.816884][T18492] pyra 0003:1E7D:2CF6.0011: couldn't install mouse
[ 1243.859357][T18492] pyra 0003:1E7D:2CF6.0011: probe with driver pyra failed with error -71
[ 1243.975248][T18492] usb 9-1: USB disconnect, device number 35
[ 1249.214077][T19086] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3550'.
[ 1251.578461][T19094] FAULT_INJECTION: forcing a failure.
[ 1251.578461][T19094] name failslab, interval 1, probability 0, space 0, times 0
[ 1251.592068][T19094] CPU: 1 UID: 0 PID: 19094 Comm: syz.4.3553 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0
[ 1251.602873][T19094] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1251.612956][T19094] Call Trace:
[ 1251.616264][T19094]  <TASK>
[ 1251.619223][T19094]  dump_stack_lvl+0x241/0x360
[ 1251.623936][T19094]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1251.629167][T19094]  ? __pfx__printk+0x10/0x10
[ 1251.633792][T19094]  ? fs_reclaim_acquire+0x93/0x130
[ 1251.638938][T19094]  ? __pfx___might_resched+0x10/0x10
[ 1251.644259][T19094]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1251.650276][T19094]  should_fail_ex+0x3b0/0x4e0
[ 1251.654989][T19094]  should_failslab+0xac/0x100
[ 1251.659706][T19094]  __kmalloc_noprof+0xdd/0x4c0
[ 1251.664501][T19094]  ? tomoyo_encode+0x26f/0x540
[ 1251.669299][T19094]  tomoyo_encode+0x26f/0x540
[ 1251.673918][T19094]  tomoyo_realpath_from_path+0x59e/0x5e0
[ 1251.679568][T19094]  tomoyo_path_number_perm+0x236/0x860
[ 1251.685027][T19094]  ? tomoyo_path_number_perm+0x206/0x860
[ 1251.690666][T19094]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1251.696644][T19094]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[ 1251.703585][T19094]  ? rcu_read_unlock_special+0x497/0x570
[ 1251.709244][T19094]  ? __rcu_read_unlock+0xa1/0x110
[ 1251.714266][T19094]  ? __fget_files+0x2a/0x410
[ 1251.718851][T19094]  ? __fget_files+0x2a/0x410
[ 1251.723440][T19094]  security_file_ioctl+0xc6/0x2a0
[ 1251.728473][T19094]  __se_sys_ioctl+0x46/0x170
[ 1251.733073][T19094]  do_syscall_64+0xf3/0x230
[ 1251.738193][T19094]  ? clear_bhb_loop+0x35/0x90
[ 1251.742868][T19094]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1251.748765][T19094] RIP: 0033:0x7f67f2f85d19
[ 1251.753181][T19094] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1251.773139][T19094] RSP: 002b:00007f67f3e80038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1251.781563][T19094] RAX: ffffffffffffffda RBX: 00007f67f3175fa0 RCX: 00007f67f2f85d19
[ 1251.789539][T19094] RDX: 0000000020000380 RSI: 00000000c0845657 RDI: 0000000000000003
[ 1251.797513][T19094] RBP: 00007f67f3e80090 R08: 0000000000000000 R09: 0000000000000000
[ 1251.805479][T19094] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1251.813881][T19094] R13: 0000000000000000 R14: 00007f67f3175fa0 R15: 00007ffc0babe7a8
[ 1251.821864][T19094]  </TASK>
[ 1251.975271][T19094] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1257.351293][T19134] x_tables: duplicate underflow at hook 3
[ 1259.089058][T19150] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1261.779258][T19167] netlink: 'syz.6.3572': attribute type 5 has an invalid length.
[ 1262.950469][T19183] tls_set_device_offload_rx: netdev not found
[ 1263.734672][ T5871] usb 9-1: new full-speed USB device number 36 using dummy_hcd
[ 1263.945415][ T5871] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 1263.976414][ T5871] usb 9-1: not running at top speed; connect to a high speed hub
[ 1264.016684][ T5871] usb 9-1: config 136 has an invalid descriptor of length 155, skipping remainder of the config
[ 1264.054761][ T5871] usb 9-1: config 136 has 2 interfaces, different from the descriptor's value: 3
[ 1264.100395][ T5871] usb 9-1: config 136 has no interface number 1
[ 1264.135111][ T5871] usb 9-1: too many endpoints for config 136 interface 2 altsetting 12: 89, using maximum allowed: 30
[ 1264.204391][ T5871] usb 9-1: config 136 interface 2 altsetting 12 has 0 endpoint descriptors, different from the interface descriptor's value: 89
[ 1264.239245][ T5871] usb 9-1: config 136 interface 2 has no altsetting 0
[ 1264.264276][ T5871] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1264.289440][ T5871] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1264.504618][ T5871] usb 9-1: Product: syz
[ 1264.509390][ T5871] usb 9-1: Manufacturer: syz
[ 1264.514048][ T5871] usb 9-1: SerialNumber: syz
[ 1265.022875][ T5871] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[ 1265.106082][ T5871] usb 9-1: MIDIStreaming interface descriptor not found
[ 1265.311315][ T5871] usb 9-1: USB disconnect, device number 36
[ 1266.652011][T19200] udevd[19200]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:136.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1267.125826][T19212] netlink: 'syz.4.3586': attribute type 5 has an invalid length.
[ 1267.962228][T13394] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1267.975638][T13394] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1267.986990][T13394] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1267.996067][T13394] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1268.006724][T13394] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1268.015615][T13394] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1268.611257][  T974] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[ 1268.691512][T19213] chnl_net:caif_netlink_parms(): no params data found
[ 1268.752218][ T7228] usb 9-1: new high-speed USB device number 37 using dummy_hcd
[ 1268.795548][  T974] usb 5-1: Using ep0 maxpacket: 16
[ 1268.802430][  T974] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1268.814748][  T974] usb 5-1: config 1 interface 0 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[ 1268.833843][  T974] usb 5-1: config 1 interface 0 has no altsetting 0
[ 1268.847181][  T974] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1268.856818][  T974] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1268.865361][  T974] usb 5-1: SerialNumber: syz
[ 1268.876745][T19213] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1268.892509][T19213] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1268.913668][T19213] bridge_slave_0: entered allmulticast mode
[ 1268.915588][T19213] bridge_slave_0: entered promiscuous mode
[ 1268.918169][T19213] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1268.918371][T19213] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1268.918549][T19213] bridge_slave_1: entered allmulticast mode
[ 1268.919894][T19213] bridge_slave_1: entered promiscuous mode
[ 1268.951670][ T7228] usb 9-1: Using ep0 maxpacket: 16
[ 1268.957479][ T7228] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 1268.958441][ T7228] usb 9-1: unable to read config index 0 descriptor/start: -71
[ 1268.958474][ T7228] usb 9-1: can't read configurations, error -71
[ 1269.025728][T19213] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1269.039965][T19213] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1269.133013][T19232] vlan2: entered allmulticast mode
[ 1269.174152][T19232] bridge0: port 3(vlan2) entered blocking state
[ 1269.200507][T19232] bridge0: port 3(vlan2) entered disabled state
[ 1269.249561][T19232] vlan2: entered promiscuous mode
[ 1269.281860][T19232] bridge0: mtu less than device minimum
[ 1269.307977][T19213] team0: Port device team_slave_0 added
[ 1269.321791][T19213] team0: Port device team_slave_1 added
[ 1269.337007][  T974] cdc_acm 5-1:1.0: skipping garbage
[ 1269.376307][T19213] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1269.385720][T19213] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1269.413226][T19213] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1269.425545][  T974] usb 5-1: USB disconnect, device number 63
[ 1269.480169][T19213] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1269.520993][T19213] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1269.569648][T19213] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1269.645999][T19213] hsr_slave_0: entered promiscuous mode
[ 1269.653184][T19213] hsr_slave_1: entered promiscuous mode
[ 1269.659490][T19213] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1269.672475][T19213] Cannot create hsr debugfs directory
[ 1270.609478][T17869] Bluetooth: hci2: command tx timeout
[ 1272.697118][ T7228] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[ 1272.859998][T17869] Bluetooth: hci2: command tx timeout
[ 1272.870887][ T7228] usb 5-1: Using ep0 maxpacket: 8
[ 1272.888217][ T7228] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1272.904052][T19277] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3604'.
[ 1272.915435][ T7228] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1272.944932][ T7228] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1272.978121][ T7228] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1273.010165][ T7228] usb 5-1: config 1 has no interface number 1
[ 1273.081407][ T7228] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1273.177723][ T7228] usb 5-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1273.841384][ T7228] usb 5-1: config 1 interface 2 has no altsetting 0
[ 1273.852093][ T7228] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1273.861482][ T7228] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1273.869657][ T7228] usb 5-1: Product: syz
[ 1273.873880][ T7228] usb 5-1: Manufacturer: syz
[ 1273.878611][ T7228] usb 5-1: SerialNumber: syz
[ 1274.168462][T19263] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1274.204569][T19292] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1274.237201][T19263] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1274.266888][T19292] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1274.920334][T19213] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1274.949312][T19213] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1275.014191][T19213] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1275.054945][T19213] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1275.105020][T17869] Bluetooth: hci2: command tx timeout
[ 1275.236859][T19213] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1275.275819][T19213] 8021q: adding VLAN 0 to HW filter on device team0
[ 1275.317226][T14511] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1275.324479][T14511] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1275.382830][T14511] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1275.390084][T14511] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1275.471535][  T974] usb 9-1: new high-speed USB device number 39 using dummy_hcd
[ 1275.658119][  T974] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1275.688568][  T974] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1275.725463][  T974] usb 9-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1275.756816][  T974] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1275.796948][  T974] usb 9-1: SerialNumber: syz
[ 1275.804114][ T7228] usb 5-1: USB disconnect, device number 64
[ 1275.909408][T19213] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1276.010395][T19213] veth0_vlan: entered promiscuous mode
[ 1276.054131][T19213] veth1_vlan: entered promiscuous mode
[ 1276.081425][T19195] udevd[19195]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1276.119083][  T974] usb 9-1: 0:2 : does not exist
[ 1276.147444][T19213] veth0_macvtap: entered promiscuous mode
[ 1276.167087][  T974] usb 9-1: USB disconnect, device number 39
[ 1276.200722][T19310] ip6tnl1: entered promiscuous mode
[ 1276.235175][T19213] veth1_macvtap: entered promiscuous mode
[ 1276.284410][T19213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1276.325526][T19213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1276.357594][T19213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1276.380080][T19213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1276.392619][T19213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1276.419081][T19213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1276.440275][T19213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1276.461871][T19213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1276.484285][T19195] udevd[19195]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1276.500408][T19213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1276.518801][T19213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1276.546811][T19213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1276.568289][T19213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1276.600169][T19213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1276.612031][T19213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1276.632804][T19213] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1276.649407][T19213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1276.670594][T19213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1276.686580][T19213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1276.722570][T19213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1276.761837][T19213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1276.798503][T19213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1276.826390][T19213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1276.847917][T19213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1276.898113][T19213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1276.934077][T19213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1276.956314][T19213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1276.977569][T19213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1276.998669][T19213] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1277.031253][T19213] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1277.059293][T19213] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1277.118837][T19213] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1277.127697][T19213] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1277.358723][T17869] Bluetooth: hci2: command tx timeout
[ 1277.400072][ T1107] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1277.436291][ T1107] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1277.476474][T18022] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1277.500596][T18022] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1280.646323][T19349] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3621'.
[ 1281.385310][   T29] kauditd_printk_skb: 11 callbacks suppressed
[ 1281.385331][   T29] audit: type=1326 audit(2000005023.547:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19362 comm="syz.5.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fcb985d19 code=0x7ffc0000
[ 1281.461152][   T29] audit: type=1326 audit(2000005023.547:578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19362 comm="syz.5.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fcb985d19 code=0x7ffc0000
[ 1281.563490][   T29] audit: type=1326 audit(2000005023.547:579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19362 comm="syz.5.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f9fcb985d19 code=0x7ffc0000
[ 1281.585636][   T29] audit: type=1326 audit(2000005023.547:580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19362 comm="syz.5.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fcb985d19 code=0x7ffc0000
[ 1281.607535][   T29] audit: type=1326 audit(2000005023.547:581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19362 comm="syz.5.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fcb985d19 code=0x7ffc0000
[ 1281.629561][   T29] audit: type=1326 audit(2000005023.547:582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19362 comm="syz.5.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7f9fcb985d19 code=0x7ffc0000
[ 1281.651675][   T29] audit: type=1326 audit(2000005023.547:583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19362 comm="syz.5.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fcb985d19 code=0x7ffc0000
[ 1281.673575][   T29] audit: type=1326 audit(2000005023.547:584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19362 comm="syz.5.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fcb985d19 code=0x7ffc0000
[ 1281.695610][   T29] audit: type=1326 audit(2000005023.547:585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19362 comm="syz.5.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9fcb985d19 code=0x7ffc0000
[ 1281.717754][   T29] audit: type=1326 audit(2000005023.556:586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19362 comm="syz.5.3626" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9fcb985d19 code=0x7ffc0000
[ 1281.975305][T19371] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3629'.
[ 1282.040910][T19371] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[ 1282.120336][T19372] netlink: 'syz.8.3628': attribute type 5 has an invalid length.
[ 1283.005437][  T974] IPVS: starting estimator thread 0...
[ 1283.256883][T19378] netlink: 104 bytes leftover after parsing attributes in process `syz.8.3630'.
[ 1283.561147][T19384] IPVS: using max 21 ests per chain, 50400 per kthread
[ 1284.729609][T19396] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[ 1284.736216][T19396] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[ 1284.770924][T19396] vhci_hcd vhci_hcd.0: Device attached
[ 1284.966267][  T119] vhci_hcd: vhci_device speed not set
[ 1285.031474][  T119] usb 33-1: new full-speed USB device number 2 using vhci_hcd
[ 1285.416080][T19397] vhci_hcd: connection reset by peer
[ 1285.426028][ T1107] vhci_hcd: stop threads
[ 1285.439410][ T1107] vhci_hcd: release socket
[ 1285.516202][ T1107] vhci_hcd: disconnect device
[ 1285.997720][T19412] geneve2: entered allmulticast mode
[ 1286.533017][T19418] netlink: 'syz.6.3640': attribute type 5 has an invalid length.
[ 1289.679291][T19463] netlink: 'syz.6.3646': attribute type 10 has an invalid length.
[ 1289.717797][T19463] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1289.725791][T19463] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1289.749575][T19463] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1289.756778][T19463] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1289.764234][T19463] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1289.771467][T19463] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1289.782074][T19463] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1289.791769][T19465] bridge_slave_1: left allmulticast mode
[ 1289.798014][T19465] bridge_slave_1: left promiscuous mode
[ 1289.803905][T19465] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1289.892576][T19465] bridge_slave_0: left allmulticast mode
[ 1289.899140][T19465] bridge_slave_0: left promiscuous mode
[ 1289.905406][T19465] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1290.180325][T19469] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input55
[ 1291.504767][  T119] vhci_hcd: vhci_device speed not set
[ 1291.598577][T19465] bond0: (slave bridge0): Releasing backup interface
[ 1291.998813][T19479] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3655'.
[ 1292.216784][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[ 1292.681807][T19492] pimreg: entered allmulticast mode
[ 1292.744952][T19492] pimreg: left allmulticast mode
[ 1292.835813][T19493] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3657'.
[ 1292.844864][T19493] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3657'.
[ 1294.340352][T19510] input: syz0 as /devices/virtual/input/input56
[ 1295.029921][T19505] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3663'.
[ 1295.095361][T19515] netlink: 292 bytes leftover after parsing attributes in process `syz.6.3665'.
[ 1295.292197][T19517] Bluetooth: MGMT ver 1.23
[ 1295.341737][T19519] input: syz1 as /devices/virtual/input/input57
[ 1295.601766][T19526] FAULT_INJECTION: forcing a failure.
[ 1295.601766][T19526] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1295.814037][T19526] CPU: 1 UID: 0 PID: 19526 Comm: syz.0.3671 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0
[ 1295.824865][T19526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1295.834953][T19526] Call Trace:
[ 1295.838258][T19526]  <TASK>
[ 1295.841211][T19526]  dump_stack_lvl+0x241/0x360
[ 1295.845929][T19526]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1295.851173][T19526]  ? __pfx__printk+0x10/0x10
[ 1295.855802][T19526]  ? snprintf+0xda/0x120
[ 1295.860071][T19526]  should_fail_ex+0x3b0/0x4e0
[ 1295.864778][T19526]  _copy_to_user+0x31/0xb0
[ 1295.869230][T19526]  simple_read_from_buffer+0xca/0x150
[ 1295.874642][T19526]  proc_fail_nth_read+0x1e9/0x250
[ 1295.879706][T19526]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1295.885291][T19526]  ? rw_verify_area+0x55e/0x6f0
[ 1295.890178][T19526]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1295.895766][T19526]  vfs_read+0x1fc/0xb70
[ 1295.899960][T19526]  ? __pfx___mutex_lock+0x10/0x10
[ 1295.905027][T19526]  ? __pfx_vfs_read+0x10/0x10
[ 1295.909735][T19526]  ? __fget_files+0x2a/0x410
[ 1295.914356][T19526]  ? __fget_files+0x395/0x410
[ 1295.919059][T19526]  ? __fget_files+0x2a/0x410
[ 1295.923683][T19526]  ksys_read+0x18f/0x2b0
[ 1295.924417][T19530] netlink: ct family unspecified
[ 1295.927942][T19526]  ? __pfx_ksys_read+0x10/0x10
[ 1295.932980][T19530] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1295.937659][T19526]  ? do_syscall_64+0x100/0x230
[ 1295.937692][T19526]  ? do_syscall_64+0xb6/0x230
[ 1295.937716][T19526]  do_syscall_64+0xf3/0x230
[ 1295.937738][T19526]  ? clear_bhb_loop+0x35/0x90
[ 1295.937758][T19526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1295.937781][T19526] RIP: 0033:0x7f42caf8472c
[ 1295.937800][T19526] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1295.937816][T19526] RSP: 002b:00007f42cbd82030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1295.937839][T19526] RAX: ffffffffffffffda RBX: 00007f42cb175fa0 RCX: 00007f42caf8472c
[ 1295.937855][T19526] RDX: 000000000000000f RSI: 00007f42cbd820a0 RDI: 0000000000000004
[ 1295.937868][T19526] RBP: 00007f42cbd82090 R08: 0000000000000000 R09: 0000000000000000
[ 1295.937882][T19526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1295.937894][T19526] R13: 0000000000000000 R14: 00007f42cb175fa0 R15: 00007ffd4e8d06a8
[ 1295.937924][T19526]  </TASK>
[ 1295.950855][ T7228] usb 5-1: new full-speed USB device number 65 using dummy_hcd
[ 1296.287645][T19535] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3673'.
[ 1296.459515][T19539] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1297.419014][T17869] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1297.450268][ T7228] usb 5-1: config 5 has an invalid interface number: 187 but max is 0
[ 1297.458632][ T7228] usb 5-1: config 5 has no interface number 0
[ 1297.464865][ T7228] usb 5-1: config 5 interface 187 altsetting 8 has an invalid descriptor for endpoint zero, skipping
[ 1297.599336][ T7228] usb 5-1: config 5 interface 187 altsetting 8 has an endpoint descriptor with address 0x93, changing to 0x83
[ 1297.611381][ T7228] usb 5-1: config 5 interface 187 altsetting 8 endpoint 0x83 has an invalid bInterval 153, changing to 4
[ 1297.622794][ T7228] usb 5-1: config 5 interface 187 altsetting 8 endpoint 0x83 has invalid maxpacket 57626, setting to 1023
[ 1297.634448][ T7228] usb 5-1: config 5 interface 187 altsetting 8 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[ 1297.647979][ T7228] usb 5-1: config 5 interface 187 has no altsetting 0
[ 1297.666723][ T7228] usb 5-1: New USB device found, idVendor=eb1a, idProduct=2801, bcdDevice=21.7a
[ 1297.727695][T19542] 
FW{�I�8�wP��;: renamed from bond0 (while UP)
[ 1297.742616][ T7228] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1297.751834][ T7228] usb 5-1: Product: syz
[ 1297.756523][ T7228] usb 5-1: Manufacturer: syz
[ 1297.761157][ T7228] usb 5-1: SerialNumber: syz
[ 1297.884126][T19547] tmpfs: Bad value for 'mpol'
[ 1298.404989][ T7228] em28xx 5-1:5.187: New device syz syz @ 12 Mbps (eb1a:2801, interface 187, class 187)
[ 1298.429782][ T7228] em28xx 5-1:5.187: Device initialization failed.
[ 1298.436283][ T7228] em28xx 5-1:5.187: Device must be connected to a high-speed USB 2.0 port.
[ 1298.556172][ T7228] usb 5-1: USB disconnect, device number 65
[ 1299.249728][T18492] usb 9-1: new high-speed USB device number 40 using dummy_hcd
[ 1299.433837][T18492] usb 9-1: Using ep0 maxpacket: 16
[ 1299.446671][T18492] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1299.491694][T18492] usb 9-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=7b.55
[ 1299.512454][T18492] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1299.531273][T18492] usb 9-1: Product: syz
[ 1299.535505][T18492] usb 9-1: Manufacturer: syz
[ 1299.540144][T18492] usb 9-1: SerialNumber: syz
[ 1299.568289][T18492] usb 9-1: config 0 descriptor??
[ 1299.705859][T18492] usb 9-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 1299.812140][T19572] netlink: 'syz.8.3684': attribute type 1 has an invalid length.
[ 1299.845604][T19572] netlink: 224 bytes leftover after parsing attributes in process `syz.8.3684'.
[ 1299.959204][ T6112] usb 9-1: Failed to submit usb control message: -71
[ 1299.976314][T18492] usb 9-1: USB disconnect, device number 40
[ 1300.008561][ T6112] usb 9-1: unable to send the bmi data to the device: -71
[ 1300.026901][ T6112] usb 9-1: unable to get target info from device
[ 1300.040610][ T6112] usb 9-1: could not get target info (-71)
[ 1300.046906][ T6112] usb 9-1: could not probe fw (-71)
[ 1300.883684][T19591] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1301.876851][T19597] netlink: 4093 bytes leftover after parsing attributes in process `syz.5.3690'.
[ 1301.923616][T19600] netlink: 4093 bytes leftover after parsing attributes in process `syz.5.3690'.
[ 1303.118630][T19619] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3697'.
[ 1303.287792][ T1317] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1303.698738][T19626] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input58
[ 1305.172121][T19632] netlink: 'syz.5.3700': attribute type 5 has an invalid length.
[ 1305.321924][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1307.011588][T19675] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input59
[ 1308.093193][T16001] usb 9-1: new high-speed USB device number 41 using dummy_hcd
[ 1308.280930][  T974] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[ 1308.374828][T16001] usb 9-1: Using ep0 maxpacket: 8
[ 1308.381795][T16001] usb 9-1: config 0 has an invalid interface number: 89 but max is 0
[ 1308.390517][T16001] usb 9-1: config 0 has no interface number 0
[ 1308.431010][  T974] usb 5-1: device descriptor read/64, error -71
[ 1308.448212][T16001] usb 9-1: New USB device found, idVendor=045e, idProduct=0475, bcdDevice=8c.f7
[ 1308.457800][T16001] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1308.540325][T16001] usb 9-1: Product: syz
[ 1308.545068][T16001] usb 9-1: Manufacturer: syz
[ 1308.550078][T16001] usb 9-1: SerialNumber: syz
[ 1308.564091][T16001] usb 9-1: config 0 descriptor??
[ 1308.763501][  T974] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[ 1308.792375][T19681] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3715'.
[ 1308.824960][ T7228] usb 9-1: USB disconnect, device number 41
[ 1309.111849][  T974] usb 5-1: device descriptor read/64, error -71
[ 1309.266761][  T974] usb usb5-port1: attempt power cycle
[ 1310.034834][  T974] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[ 1310.144022][  T974] usb 5-1: device descriptor read/8, error -71
[ 1310.415300][T19725] Cannot find add_set index 0 as target
[ 1310.604072][  T974] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[ 1310.712396][  T974] usb 5-1: device descriptor read/8, error -71
[ 1311.071805][  T974] usb usb5-port1: unable to enumerate USB device
[ 1311.875568][T19751] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3732'.
[ 1311.898090][T19751] FAULT_INJECTION: forcing a failure.
[ 1311.898090][T19751] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1311.934641][T19751] CPU: 1 UID: 0 PID: 19751 Comm: syz.5.3732 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0
[ 1311.945476][T19751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1311.955560][T19751] Call Trace:
[ 1311.958860][T19751]  <TASK>
[ 1311.961810][T19751]  dump_stack_lvl+0x241/0x360
[ 1311.966523][T19751]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1311.971758][T19751]  ? __pfx__printk+0x10/0x10
[ 1311.976393][T19751]  ? snprintf+0xda/0x120
[ 1311.980668][T19751]  should_fail_ex+0x3b0/0x4e0
[ 1311.985385][T19751]  _copy_to_user+0x31/0xb0
[ 1311.989838][T19751]  simple_read_from_buffer+0xca/0x150
[ 1311.995250][T19751]  proc_fail_nth_read+0x1e9/0x250
[ 1312.000311][T19751]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1312.005899][T19751]  ? rw_verify_area+0x55e/0x6f0
[ 1312.010787][T19751]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1312.016369][T19751]  vfs_read+0x1fc/0xb70
[ 1312.020564][T19751]  ? __pfx___mutex_lock+0x10/0x10
[ 1312.025625][T19751]  ? __pfx_vfs_read+0x10/0x10
[ 1312.030339][T19751]  ? __fget_files+0x2a/0x410
[ 1312.034959][T19751]  ? __fget_files+0x395/0x410
[ 1312.039661][T19751]  ? __fget_files+0x2a/0x410
[ 1312.044294][T19751]  ksys_read+0x18f/0x2b0
[ 1312.048574][T19751]  ? __pfx_ksys_read+0x10/0x10
[ 1312.053456][T19751]  ? do_syscall_64+0x100/0x230
[ 1312.058232][T19751]  ? do_syscall_64+0xb6/0x230
[ 1312.062916][T19751]  do_syscall_64+0xf3/0x230
[ 1312.067430][T19751]  ? clear_bhb_loop+0x35/0x90
[ 1312.072115][T19751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1312.078010][T19751] RIP: 0033:0x7f9fcb98472c
[ 1312.082426][T19751] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1312.102048][T19751] RSP: 002b:00007f9fcc77d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1312.110488][T19751] RAX: ffffffffffffffda RBX: 00007f9fcbb75fa0 RCX: 00007f9fcb98472c
[ 1312.118467][T19751] RDX: 000000000000000f RSI: 00007f9fcc77d0a0 RDI: 0000000000000004
[ 1312.126444][T19751] RBP: 00007f9fcc77d090 R08: 0000000000000000 R09: 0000000000000000
[ 1312.134412][T19751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1312.142380][T19751] R13: 0000000000000000 R14: 00007f9fcbb75fa0 R15: 00007ffdb0c261f8
[ 1312.150393][T19751]  </TASK>
[ 1313.309395][T19765] bio_check_eod: 2 callbacks suppressed
[ 1313.309414][T19765] syz.6.3738: attempt to access beyond end of device
[ 1313.309414][T19765] nbd6: rw=0, sector=0, nr_sectors = 1 limit=0
[ 1313.338749][T19765] hpfs: hpfs_map_sector(): read error
[ 1313.384513][T19769] netlink: 188 bytes leftover after parsing attributes in process `syz.8.3739'.
[ 1314.403159][T19787] input: syz0 as /devices/virtual/input/input60
[ 1316.633809][T13394] Bluetooth: hci1: command 0x0406 tx timeout
[ 1316.767908][T19803] netlink: 148 bytes leftover after parsing attributes in process `syz.0.3748'.
[ 1316.783320][T19803] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[ 1317.663769][T19816] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1317.808258][T19821] netlink: 1136 bytes leftover after parsing attributes in process `syz.8.3751'.
[ 1317.824643][T19821] openvswitch: netlink: ufid size 144 bytes exceeds the range (1, 16)
[ 1317.847676][T19821] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1319.015785][T19837] No source specified
[ 1320.913481][T19850] Cannot find add_set index 0 as target
[ 1321.142357][T13394] Bluetooth: hci5: command 0x0c1a tx timeout
[ 1323.297353][T19867] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1323.625869][T19869] input: syz0 as /devices/virtual/input/input61
[ 1324.688926][T19860] Cannot find add_set index 0 as target
[ 1324.705335][   T29] kauditd_printk_skb: 2 callbacks suppressed
[ 1324.705354][   T29] audit: type=1326 audit(2000005063.528:589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19875 comm="syz.4.3765" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f67f2f85d19 code=0x0
[ 1325.022122][  T119] usb 9-1: new high-speed USB device number 42 using dummy_hcd
[ 1325.196013][ T7228] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[ 1325.607050][T19895] No source specified
[ 1326.192388][T13394] Bluetooth: hci2: command tx timeout
[ 1326.367835][ T7228] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1326.380112][ T7228] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1326.392533][ T7228] usb 5-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[ 1326.402655][  T119] usb 9-1: config 0 has an invalid interface number: 170 but max is 0
[ 1326.411620][  T119] usb 9-1: config 0 has no interface number 0
[ 1326.418563][  T119] usb 9-1: config 0 interface 170 altsetting 68 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1326.430253][ T7228] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1326.440310][  T119] usb 9-1: config 0 interface 170 altsetting 68 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1326.482884][ T7228] usb 5-1: config 0 descriptor??
[ 1326.601011][  T119] usb 9-1: config 0 interface 170 has no altsetting 0
[ 1326.694628][  T119] usb 9-1: New USB device found, idVendor=5543, idProduct=004d, bcdDevice= 0.00
[ 1326.746695][  T119] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1326.857268][  T119] usb 9-1: config 0 descriptor??
[ 1327.061919][ T7228] arvo 0003:1E7D:30D4.0012: unknown main item tag 0x0
[ 1327.071081][ T7228] arvo 0003:1E7D:30D4.0012: unknown main item tag 0x0
[ 1327.086203][ T7228] arvo 0003:1E7D:30D4.0012: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.4-1/input0
[ 1327.108286][T19899] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[ 1327.138982][T19899] tipc: Enabled bearer <eth:team0>, priority 0
[ 1327.532316][T19885] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3765'.
[ 1328.021540][  T119] usbhid 9-1:0.170: can't add hid device: -71
[ 1328.037880][  T119] usbhid 9-1:0.170: probe with driver usbhid failed with error -71
[ 1328.049865][  T119] usb 9-1: USB disconnect, device number 42
[ 1328.133952][T19914] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1328.751585][T16001] tipc: Node number set to 757989376
[ 1328.900798][  T974] usb 5-1: USB disconnect, device number 70
[ 1329.678415][T19930] No source specified
[ 1331.057812][T19934] vlan2: entered allmulticast mode
[ 1331.106257][T19934] bridge0: port 3(vlan2) entered blocking state
[ 1331.124862][T19934] bridge0: port 3(vlan2) entered disabled state
[ 1331.184418][T19934] vlan2: entered promiscuous mode
[ 1331.205459][T19934] bridge0: mtu less than device minimum
[ 1331.925463][T17869] Bluetooth: hci1: command 0x0406 tx timeout
[ 1332.298736][T19952] netlink: 36 bytes leftover after parsing attributes in process `syz.5.3785'.
[ 1332.944160][T19952] [U] �
[ 1333.434528][T19956] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3788'.
[ 1333.449349][T19956] ip6gretap1: entered allmulticast mode
[ 1333.590092][T19958] Cannot find add_set index 0 as target
[ 1334.837937][T19975] 
[ 1334.840289][T19975] ======================================================
[ 1334.847300][T19975] WARNING: possible circular locking dependency detected
[ 1334.854324][T19975] 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0 Not tainted
[ 1334.861419][T19975] ------------------------------------------------------
[ 1334.868430][T19975] syz.5.3794/19975 is trying to acquire lock:
[ 1334.874476][T19975] ffff888023453740 (mapping.invalidate_lock#2){++++}-{4:4}, at: page_cache_ra_unbounded+0x142/0x720
[ 1334.885267][T19975] 
[ 1334.885267][T19975] but task is already holding lock:
[ 1334.892622][T19975] ffff8881437fc3c8 (&q->debugfs_mutex){+.+.}-{4:4}, at: blk_trace_ioctl+0xdd/0x9a0
[ 1334.901933][T19975] 
[ 1334.901933][T19975] which lock already depends on the new lock.
[ 1334.901933][T19975] 
[ 1334.912346][T19975] 
[ 1334.912346][T19975] the existing dependency chain (in reverse order) is:
[ 1334.921344][T19975] 
[ 1334.921344][T19975] -> #4 (&q->debugfs_mutex){+.+.}-{4:4}:
[ 1334.929148][T19975]        lock_acquire+0x1ed/0x550
[ 1334.934159][T19975]        __mutex_lock+0x1ac/0xee0
[ 1334.939170][T19975]        blk_mq_init_sched+0x3fa/0x830
[ 1334.944612][T19975]        elevator_init_mq+0x20e/0x320
[ 1334.949972][T19975]        add_disk_fwnode+0x10d/0xf80
[ 1334.955246][T19975]        sd_probe+0xba6/0x1100
[ 1334.959999][T19975]        really_probe+0x2b8/0xad0
[ 1334.965007][T19975]        __driver_probe_device+0x1a2/0x390
[ 1334.970820][T19975]        driver_probe_device+0x50/0x430
[ 1334.976355][T19975]        __device_attach_driver+0x2d6/0x530
[ 1334.982238][T19975]        bus_for_each_drv+0x24e/0x2e0
[ 1334.987601][T19975]        __device_attach_async_helper+0x22d/0x300
[ 1334.994005][T19975]        async_run_entry_fn+0xa8/0x420
[ 1334.999454][T19975]        process_scheduled_works+0xa66/0x1840
[ 1335.005508][T19975]        worker_thread+0x870/0xd30
[ 1335.010604][T19975]        kthread+0x2f0/0x390
[ 1335.015197][T19975]        ret_from_fork+0x4b/0x80
[ 1335.020133][T19975]        ret_from_fork_asm+0x1a/0x30
[ 1335.025416][T19975] 
[ 1335.025416][T19975] -> #3 (&q->q_usage_counter(queue)#50){++++}-{0:0}:
[ 1335.034272][T19975]        lock_acquire+0x1ed/0x550
[ 1335.039298][T19975]        blk_queue_enter+0xe1/0x600
[ 1335.044497][T19975]        blk_mq_alloc_request+0x4fa/0xaa0
[ 1335.050240][T19975]        scsi_execute_cmd+0x177/0x1090
[ 1335.055716][T19975]        read_capacity_16+0x2b4/0x1450
[ 1335.061182][T19975]        sd_revalidate_disk+0x1013/0xbce0
[ 1335.066898][T19975]        sd_probe+0x9fa/0x1100
[ 1335.071655][T19975]        really_probe+0x2b8/0xad0
[ 1335.076690][T19975]        __driver_probe_device+0x1a2/0x390
[ 1335.082491][T19975]        driver_probe_device+0x50/0x430
[ 1335.088027][T19975]        __device_attach_driver+0x2d6/0x530
[ 1335.093914][T19975]        bus_for_each_drv+0x24e/0x2e0
[ 1335.099279][T19975]        __device_attach_async_helper+0x22d/0x300
[ 1335.105681][T19975]        async_run_entry_fn+0xa8/0x420
[ 1335.111127][T19975]        process_scheduled_works+0xa66/0x1840
[ 1335.117182][T19975]        worker_thread+0x870/0xd30
[ 1335.122277][T19975]        kthread+0x2f0/0x390
[ 1335.126854][T19975]        ret_from_fork+0x4b/0x80
[ 1335.131880][T19975]        ret_from_fork_asm+0x1a/0x30
[ 1335.137171][T19975] 
[ 1335.137171][T19975] -> #2 (&q->limits_lock){+.+.}-{4:4}:
[ 1335.144806][T19975]        lock_acquire+0x1ed/0x550
[ 1335.149839][T19975]        __mutex_lock+0x1ac/0xee0
[ 1335.154869][T19975]        nbd_set_size+0x2e0/0x8f0
[ 1335.159910][T19975]        nbd_ioctl+0x5dc/0xf40
[ 1335.164673][T19975]        blkdev_ioctl+0x57d/0x6a0
[ 1335.169686][T19975]        __se_sys_ioctl+0xf5/0x170
[ 1335.174782][T19975]        do_syscall_64+0xf3/0x230
[ 1335.179828][T19975]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1335.186249][T19975] 
[ 1335.186249][T19975] -> #1 (&q->q_usage_counter(io)#54){++++}-{0:0}:
[ 1335.194865][T19975]        lock_acquire+0x1ed/0x550
[ 1335.199882][T19975]        blk_mq_submit_bio+0x1536/0x2390
[ 1335.205513][T19975]        __submit_bio+0x2c6/0x560
[ 1335.210547][T19975]        submit_bio_noacct_nocheck+0x4d3/0xe30
[ 1335.216726][T19975]        block_read_full_folio+0x9b3/0xae0
[ 1335.222521][T19975]        filemap_read_folio+0x148/0x3b0
[ 1335.228051][T19975]        filemap_get_pages+0x18ca/0x2080
[ 1335.233678][T19975]        filemap_read+0x452/0xf50
[ 1335.238711][T19975]        blkdev_read_iter+0x2d8/0x430
[ 1335.244079][T19975]        vfs_read+0x991/0xb70
[ 1335.248760][T19975]        ksys_read+0x18f/0x2b0
[ 1335.253522][T19975]        do_syscall_64+0xf3/0x230
[ 1335.258538][T19975]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1335.264942][T19975] 
[ 1335.264942][T19975] -> #0 (mapping.invalidate_lock#2){++++}-{4:4}:
[ 1335.273444][T19975]        validate_chain+0x18ef/0x5920
[ 1335.278813][T19975]        __lock_acquire+0x1397/0x2100
[ 1335.284175][T19975]        lock_acquire+0x1ed/0x550
[ 1335.289190][T19975]        down_read+0xb1/0xa40
[ 1335.293886][T19975]        page_cache_ra_unbounded+0x142/0x720
[ 1335.299856][T19975]        do_sync_mmap_readahead+0x499/0x970
[ 1335.305733][T19975]        filemap_fault+0x8a9/0x1490
[ 1335.310915][T19975]        __do_fault+0x135/0x390
[ 1335.315762][T19975]        handle_pte_fault+0x39eb/0x5ed0
[ 1335.321301][T19975]        handle_mm_fault+0x1053/0x1ad0
[ 1335.326762][T19975]        exc_page_fault+0x2b9/0x8b0
[ 1335.331959][T19975]        asm_exc_page_fault+0x26/0x30
[ 1335.337325][T19975]        rep_movs_alternative+0x4a/0x70
[ 1335.342862][T19975]        _copy_from_user+0x7f/0xc0
[ 1335.347961][T19975]        blk_trace_ioctl+0x1ad/0x9a0
[ 1335.353229][T19975]        blkdev_ioctl+0x40c/0x6a0
[ 1335.358237][T19975]        __se_sys_ioctl+0xf5/0x170
[ 1335.363337][T19975]        do_syscall_64+0xf3/0x230
[ 1335.368394][T19975]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1335.374821][T19975] 
[ 1335.374821][T19975] other info that might help us debug this:
[ 1335.374821][T19975] 
[ 1335.385047][T19975] Chain exists of:
[ 1335.385047][T19975]   mapping.invalidate_lock#2 --> &q->q_usage_counter(queue)#50 --> &q->debugfs_mutex
[ 1335.385047][T19975] 
[ 1335.400373][T19975]  Possible unsafe locking scenario:
[ 1335.400373][T19975] 
[ 1335.407816][T19975]        CPU0                    CPU1
[ 1335.413169][T19975]        ----                    ----
[ 1335.418520][T19975]   lock(&q->debugfs_mutex);
[ 1335.423098][T19975]                                lock(&q->q_usage_counter(queue)#50);
[ 1335.431237][T19975]                                lock(&q->debugfs_mutex);
[ 1335.438335][T19975]   rlock(mapping.invalidate_lock#2);
[ 1335.443697][T19975] 
[ 1335.443697][T19975]  *** DEADLOCK ***
[ 1335.443697][T19975] 
[ 1335.451825][T19975] 1 lock held by syz.5.3794/19975:
[ 1335.456923][T19975]  #0: ffff8881437fc3c8 (&q->debugfs_mutex){+.+.}-{4:4}, at: blk_trace_ioctl+0xdd/0x9a0
[ 1335.466666][T19975] 
[ 1335.466666][T19975] stack backtrace:
[ 1335.472540][T19975] CPU: 0 UID: 0 PID: 19975 Comm: syz.5.3794 Not tainted 6.13.0-rc2-syzkaller-00362-g2d8308bf5b67 #0
[ 1335.483287][T19975] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[ 1335.493331][T19975] Call Trace:
[ 1335.496620][T19975]  <TASK>
[ 1335.499536][T19975]  dump_stack_lvl+0x241/0x360
[ 1335.504205][T19975]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1335.509396][T19975]  ? __pfx__printk+0x10/0x10
[ 1335.513977][T19975]  print_circular_bug+0x13a/0x1b0
[ 1335.519076][T19975]  check_noncircular+0x36a/0x4a0
[ 1335.524035][T19975]  ? __pfx_check_noncircular+0x10/0x10
[ 1335.529504][T19975]  ? lockdep_lock+0x123/0x2b0
[ 1335.534186][T19975]  validate_chain+0x18ef/0x5920
[ 1335.539050][T19975]  ? __pfx_validate_chain+0x10/0x10
[ 1335.544245][T19975]  ? __pfx_validate_chain+0x10/0x10
[ 1335.549435][T19975]  ? mark_lock+0x9a/0x360
[ 1335.553803][T19975]  ? __lock_acquire+0x1397/0x2100
[ 1335.558833][T19975]  ? mark_lock+0x9a/0x360
[ 1335.563193][T19975]  __lock_acquire+0x1397/0x2100
[ 1335.568042][T19975]  lock_acquire+0x1ed/0x550
[ 1335.572551][T19975]  ? page_cache_ra_unbounded+0x142/0x720
[ 1335.578191][T19975]  ? __pfx_lock_acquire+0x10/0x10
[ 1335.583207][T19975]  ? __pfx___might_resched+0x10/0x10
[ 1335.588513][T19975]  ? mark_lock+0x9a/0x360
[ 1335.592839][T19975]  ? __lock_acquire+0x1397/0x2100
[ 1335.597853][T19975]  down_read+0xb1/0xa40
[ 1335.602007][T19975]  ? page_cache_ra_unbounded+0x142/0x720
[ 1335.607636][T19975]  ? __lock_acquire+0x1397/0x2100
[ 1335.612666][T19975]  ? cgroup_rstat_updated+0x13b/0xc30
[ 1335.618034][T19975]  ? __pfx_down_read+0x10/0x10
[ 1335.622808][T19975]  ? do_sync_mmap_readahead+0x699/0x970
[ 1335.628348][T19975]  page_cache_ra_unbounded+0x142/0x720
[ 1335.633795][T19975]  ? __pfx_lock_release+0x10/0x10
[ 1335.638821][T19975]  do_sync_mmap_readahead+0x499/0x970
[ 1335.644181][T19975]  ? __pfx_do_sync_mmap_readahead+0x10/0x10
[ 1335.650054][T19975]  ? count_memcg_event_mm+0x90/0x420
[ 1335.656365][T19975]  ? __filemap_get_folio+0x848/0x940
[ 1335.661659][T19975]  ? filemap_map_pages+0x231/0x1900
[ 1335.666847][T19975]  filemap_fault+0x8a9/0x1490
[ 1335.671511][T19975]  ? __pfx_filemap_fault+0x10/0x10
[ 1335.676631][T19975]  ? handle_pte_fault+0x295a/0x5ed0
[ 1335.682095][T19975]  ? pte_alloc_one+0x44e/0x510
[ 1335.686846][T19975]  ? __pfx_lock_release+0x10/0x10
[ 1335.691859][T19975]  __do_fault+0x135/0x390
[ 1335.696177][T19975]  ? handle_pte_fault+0x295a/0x5ed0
[ 1335.701365][T19975]  handle_pte_fault+0x39eb/0x5ed0
[ 1335.706394][T19975]  ? mark_lock+0x9a/0x360
[ 1335.710718][T19975]  ? __pfx_handle_pte_fault+0x10/0x10
[ 1335.716088][T19975]  ? __lock_acquire+0x1397/0x2100
[ 1335.721134][T19975]  ? __thp_vma_allowable_orders+0x8ff/0x9c0
[ 1335.727021][T19975]  handle_mm_fault+0x1053/0x1ad0
[ 1335.731957][T19975]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1335.737255][T19975]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1335.743572][T19975]  ? lock_mm_and_find_vma+0x9c/0x2f0
[ 1335.748862][T19975]  exc_page_fault+0x2b9/0x8b0
[ 1335.753545][T19975]  asm_exc_page_fault+0x26/0x30
[ 1335.758387][T19975] RIP: 0010:rep_movs_alternative+0x4a/0x70
[ 1335.764194][T19975] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1
[ 1335.783822][T19975] RSP: 0018:ffffc9000431fb90 EFLAGS: 00050202
[ 1335.789898][T19975] RAX: 0000000000000001 RBX: 00000000200000c0 RCX: 0000000000000048
[ 1335.797901][T19975] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: ffffc9000431fd10
[ 1335.805886][T19975] RBP: ffffc9000431fe10 R08: ffffc9000431fd57 R09: 1ffff92000863faa
[ 1335.813848][T19975] R10: dffffc0000000000 R11: fffff52000863fab R12: 00000000200000c0
[ 1335.821808][T19975] R13: ffffc9000431fd10 R14: ffffc9000431fd10 R15: 0000000000000048
[ 1335.829783][T19975]  _copy_from_user+0x7f/0xc0
[ 1335.834369][T19975]  blk_trace_ioctl+0x1ad/0x9a0
[ 1335.839214][T19975]  ? tomoyo_path_number_perm+0x6f9/0x860
[ 1335.844874][T19975]  ? tomoyo_path_number_perm+0x206/0x860
[ 1335.850495][T19975]  ? __pfx_blk_trace_ioctl+0x10/0x10
[ 1335.855767][T19975]  ? smack_log+0x123/0x540
[ 1335.860181][T19975]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1335.866168][T19975]  ? __pfx_smack_log+0x10/0x10
[ 1335.870964][T19975]  ? smk_access+0x4ab/0x4e0
[ 1335.875493][T19975]  ? smack_file_ioctl+0x2f7/0x3a0
[ 1335.880511][T19975]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 1335.885883][T19975]  ? file_to_blk_mode+0xcc/0x140
[ 1335.890817][T19975]  blkdev_ioctl+0x40c/0x6a0
[ 1335.895310][T19975]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1335.900326][T19975]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1335.905355][T19975]  __se_sys_ioctl+0xf5/0x170
[ 1335.909949][T19975]  do_syscall_64+0xf3/0x230
[ 1335.914461][T19975]  ? clear_bhb_loop+0x35/0x90
[ 1335.919124][T19975]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1335.925006][T19975] RIP: 0033:0x7f9fcb985d19
[ 1335.929409][T19975] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1335.949012][T19975] RSP: 002b:00007f9fcc77d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1335.957428][T19975] RAX: ffffffffffffffda RBX: 00007f9fcbb75fa0 RCX: 00007f9fcb985d19
[ 1335.965409][T19975] RDX: 00000000200000c0 RSI: 00000000c0481273 RDI: 0000000000000003
[ 1335.973370][T19975] RBP: 00007f9fcba01a20 R08: 0000000000000000 R09: 0000000000000000
[ 1335.981349][T19975] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1335.989309][T19975] R13: 0000000000000000 R14: 00007f9fcbb75fa0 R15: 00007ffdb0c261f8
[ 1335.997276][T19975]  </TASK>
[ 1337.271008][T17980] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)