last executing test programs:

8.687856509s ago: executing program 1 (id=3283):
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(0xffffffffffffffff, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000000c0), 0x3)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000240)={{0x3, 0x2, 0x5, 0xb7a4, 0x1, 0xffff}, 0x341, [0xc, 0x40, 0xcd6, 0x4, 0x6, 0x0, 0x80000000, 0x7, 0x9, 0x7a18fde9, 0x9, 0xf12, 0x4, 0x3, 0x378, 0x9, 0x4, 0x0, 0x1, 0xffff06bd, 0x0, 0xf, 0x1a, 0xf2, 0x10, 0x9, 0x8, 0x10001, 0x401, 0x80000000, 0x401, 0x3ca5, 0x1, 0x0, 0xff, 0x4, 0x4, 0x3, 0x0, 0xaa80, 0x40000000, 0x80000000, 0x7fff, 0x7, 0x5, 0xa, 0x1, 0x10000, 0x405, 0x8, 0xffff, 0x91ba, 0x7, 0x9, 0x9, 0xb6, 0x24, 0xcb, 0x5, 0x7f, 0x5, 0x311, 0x66d1, 0xfffffffd, 0xa7d6, 0xb6eb, 0xc74, 0x77, 0x1, 0xc0000000, 0x5cb5, 0xfffffffd, 0x401, 0xedf4, 0x4, 0x1000, 0x6, 0xfffffffe, 0x8001, 0xc1, 0x1, 0x8, 0x1, 0x32, 0x98, 0x7f, 0xffff, 0x401, 0x2, 0x2, 0x4680, 0x9a7f, 0xe665, 0x3c6e, 0x3, 0x7, 0x80, 0x4b, 0x9, 0x2, 0xb, 0x6, 0x4fa4, 0x80000000, 0x1, 0xb, 0x0, 0xfffffffa, 0x3, 0x9, 0xfd, 0x101, 0x4, 0x40, 0xa, 0x1b, 0x202, 0x7ff, 0x2, 0x80000000, 0xffff, 0x9, 0x0, 0x6, 0x2, 0xffffff87, 0xe, 0xa0, 0xf, 0x8, 0x9, 0x7, 0x6, 0x400, 0x8, 0xff2, 0x6, 0x0, 0x6, 0x0, 0x9, 0x1, 0x9, 0x664, 0x4, 0x9, 0x9, 0x2, 0x8, 0xfffffffd, 0x10, 0x0, 0x9, 0x10000, 0x1, 0x9, 0x9, 0xc6, 0x1, 0x4, 0x6, 0xe6, 0x6, 0x10001, 0x8, 0x68, 0x7, 0x201, 0x5, 0x3, 0x9a3f, 0x400000, 0x0, 0x80000067, 0xffffff7e, 0x7, 0x10000000, 0x10001, 0x7, 0x3, 0x10, 0x10a, 0x2, 0x40, 0x1c, 0x80, 0xb5f8, 0x8bc, 0x3, 0x8000103, 0x5, 0x63, 0x4, 0x18000, 0x10, 0x1000, 0x288c, 0x1ffe, 0x73ee, 0x1, 0x4, 0x9, 0x7fffffff, 0x73, 0x5, 0x8, 0x6, 0x400, 0x40, 0x0, 0x0, 0x0, 0x546c, 0x981, 0x5aa, 0x7fff, 0x7, 0x4, 0x7, 0xc4c, 0x45e3, 0x5, 0x7, 0x3, 0x5, 0x3, 0x0, 0x1, 0x2, 0xffffffff, 0x4, 0x200000ce, 0xf, 0x0, 0x1, 0xa, 0x3, 0x0, 0x9, 0x9, 0x37c, 0x10001, 0xc, 0x1, 0x5, 0x2, 0x6, 0x4, 0x6, 0x1, 0x8, 0x6, 0xfffffffa, 0x5, 0x0, 0x9, 0x5, 0x2, 0x7, 0x3, 0xffffff1b, 0x9, 0x2, 0xd, 0x34ea, 0x10000, 0x0, 0x80000001, 0x8, 0x8000, 0x4, 0x10, 0x8, 0x9, 0x5, 0x1, 0x6, 0x10001, 0x0, 0x4, 0x10000, 0x4, 0xffff, 0x2, 0x89, 0x2, 0x6, 0x1, 0x73, 0x3, 0x9, 0x4, 0x1, 0x9, 0x0, 0x8, 0x0, 0x81, 0x80000004, 0x9, 0x9, 0x0, 0x4, 0x4, 0x0, 0x1, 0x4, 0x5, 0x4, 0x10001, 0xf, 0x9, 0x100, 0x4, 0x59b, 0x7, 0x8, 0x9, 0x3, 0x2, 0x4, 0x6, 0x0, 0x8, 0x40, 0xd3, 0x7, 0x1, 0x89aa, 0x8, 0x0, 0xf0ce, 0x4, 0x1, 0x0, 0x2, 0xc6, 0x1000, 0x800001, 0x937, 0xa, 0x6, 0x3, 0xffffffff, 0x5, 0x9, 0x5, 0xffffffff, 0xbe, 0x1, 0x7, 0x0, 0xffffffff, 0x4, 0x3d6, 0x0, 0xae, 0x6, 0x1, 0xfffffeff, 0x4, 0x5, 0x7fff, 0x103, 0x7, 0x6, 0x709, 0x2, 0x49, 0x10, 0xfffffff7, 0xfffff772, 0x8, 0x80000000, 0x3, 0x7, 0xa9c, 0x9, 0x8, 0x1, 0x2, 0x5, 0x1000, 0x69f, 0x1ff, 0x9, 0x10, 0x3, 0x10000, 0xffff0000, 0xf, 0x1, 0x3, 0xffffa9b4, 0x1, 0x4, 0x5, 0xd58, 0x4b5f, 0x6, 0x7fffffff, 0xffffffff, 0x1, 0x80000000, 0xb, 0x0, 0xc8d, 0x1, 0x7, 0x8, 0x1, 0x89, 0x6, 0x818a, 0x10, 0x8, 0x10, 0xfffffffc, 0xfffff001, 0xa, 0x5, 0x8000005, 0x4, 0xffd, 0x9, 0x10, 0xfffffffd, 0x4, 0xc2, 0x400, 0x4, 0x2, 0x80000000, 0xd, 0x2, 0x1, 0x0, 0x20000005, 0xb6, 0x101, 0x401, 0x2, 0x7, 0xc, 0x6623258, 0xf2, 0x741, 0xfffffffc, 0x9, 0xffffa0a6, 0xc, 0x11, 0x2, 0x8, 0x9, 0x1, 0x7f, 0x9a, 0x9, 0xb, 0x800, 0x4, 0x3ff, 0x5, 0x7, 0x7, 0x8, 0xfe, 0x7f, 0x9, 0x4, 0x6, 0x20000000, 0x2, 0x8000, 0x0, 0x0, 0x1000, 0xb, 0x0, 0x7, 0x8000000, 0x0, 0xfff, 0x101, 0x4, 0x0, 0x96c6, 0xc, 0x5, 0xffe, 0x100, 0xffff, 0x1, 0x401, 0xf0, 0x0, 0xfffff53d, 0x9, 0x2, 0x6, 0x0, 0x4, 0x4b15, 0x10000, 0x1, 0x6, 0x1, 0xd, 0x8, 0x4, 0xfffffe01, 0x1, 0x6, 0x0, 0x2, 0x10001, 0x1, 0x7, 0x1, 0x5, 0x9, 0xffffc487, 0x204, 0x10002, 0x1000, 0x7, 0x6, 0x6, 0x8, 0xfffffe00, 0x1, 0x1, 0x0, 0xe, 0x2, 0x2, 0x4, 0x80000000, 0xb46d, 0x3, 0x1000, 0x1eb4bce6, 0x10, 0x8, 0x1, 0x5, 0x1, 0x5, 0x9, 0x1000, 0x7, 0x62f2f805, 0x5, 0x3, 0xffffffff, 0x2, 0x7f, 0x6, 0x9, 0x40, 0x5, 0x2, 0xa, 0x5, 0x6, 0x80000000, 0x25, 0x8, 0x7, 0x7, 0x1, 0x5, 0x9, 0x6709, 0x10001, 0x0, 0x80, 0x8, 0x6, 0x0, 0xa95a, 0xff, 0x5, 0x2, 0x2, 0x4, 0xfffc, 0x80000001, 0x5, 0x1, 0x9, 0x0, 0xb7, 0x3, 0xff, 0x9, 0x0, 0x80, 0xfea5, 0x7fff, 0x7, 0x7, 0x7, 0x7485, 0x193, 0x8, 0x0, 0x5, 0xf, 0x3, 0xe, 0x8, 0x1000, 0x3, 0x7, 0x382d, 0x459, 0xcad, 0xa, 0x0, 0x2, 0x9, 0x6, 0x20000a4, 0xe0, 0xfffffffb, 0x5, 0xffffffff, 0x2, 0x4007, 0xa05a, 0x0, 0x0, 0x0, 0x35, 0x8, 0x1, 0x2, 0x30, 0xb, 0x101, 0x2, 0x9, 0x3, 0x7, 0x8, 0x8, 0x1, 0x2, 0x4, 0x15294b70, 0x3, 0x3, 0x2, 0x1, 0x3, 0x9, 0x1, 0x80000000, 0x9, 0x0, 0x5, 0x800081, 0x1, 0x2, 0x3fd, 0x1df, 0x6, 0x6, 0xfffffffa, 0x1a, 0x9, 0x2, 0x9, 0x1, 0x9, 0x7, 0x2c1, 0x9e95, 0x2, 0xfffffedd, 0x30c8, 0x2, 0x38a0, 0x7b, 0x0, 0x8, 0x4, 0x6, 0x9, 0x9, 0x8, 0x5, 0x8, 0x1ff, 0x7fff, 0x3, 0x9, 0x8, 0x2b, 0x200006, 0x4, 0x7, 0x2, 0x4, 0xbfb, 0x7, 0x405, 0x6, 0x4, 0x8001, 0x9, 0x8, 0x3, 0x6ae574d2, 0x6, 0xfffffe00, 0x1000, 0x5, 0x92, 0xffffffff, 0x7fffffff, 0xd7, 0x8001, 0x905, 0x3, 0x6, 0xfffffb31, 0xb, 0x4, 0x7, 0x8, 0x1, 0x6, 0x1, 0xff, 0x100, 0x4, 0x3, 0x6, 0x80000001, 0x0, 0x100a, 0x7fffffff, 0x7fff, 0x2, 0xfffffff8, 0x2, 0x9af, 0x10001, 0x8, 0x4, 0x8, 0x6, 0x7742348d, 0x5, 0x5, 0x1f, 0x40, 0x0, 0x6, 0xfffffffc, 0x7, 0x7, 0x8, 0x17f, 0x6, 0x2, 0x1, 0x6, 0x14827783, 0xb, 0xe, 0x5, 0x1, 0xfe7, 0xfffffffc, 0x8, 0x7ff, 0x3e9, 0x0, 0x3, 0x2000, 0xa, 0x3, 0x9, 0x3, 0x81, 0x8, 0x14, 0x8, 0x9, 0x80, 0xffff, 0xf28c, 0x7, 0x6, 0x4, 0x7fffffff, 0xffff, 0x7fffffff, 0xc9, 0x2, 0xfffffffe, 0x924, 0x499, 0x100, 0x1, 0x5, 0xffff351b, 0x7, 0xfffffffb, 0x7, 0x9, 0x2, 0x5, 0x4, 0x4, 0x4, 0xff, 0xee, 0x2, 0x4, 0x8, 0x9f, 0x7, 0x3, 0x9, 0xc9, 0x1, 0x1, 0x1, 0xfffffff7, 0x0, 0x6, 0x5, 0x6, 0x400, 0x51, 0x7, 0xefb, 0xb8, 0x1, 0x5, 0xfffffff7, 0x7, 0x7, 0x4, 0x6330, 0x0, 0x6, 0xea, 0xbb2d, 0xfff, 0x7, 0x6, 0x0, 0x6, 0xffff, 0xfffffffa, 0x3, 0x0, 0x1, 0x6, 0xfffffc00, 0x5, 0x7, 0x64c822e3, 0x9, 0x6, 0x80, 0x6, 0xfff, 0x0, 0xa7b, 0x62cc, 0xfffffff7, 0x7, 0x40, 0xa, 0x9b, 0x3, 0xe, 0xf01, 0x1, 0x3, 0x40, 0x3, 0x4, 0x5, 0x5, 0x7ff, 0x5, 0x8, 0x5, 0x3, 0x9, 0x2, 0x80000001, 0x54, 0x400, 0x1, 0x8, 0xa, 0x9, 0xc0, 0x3, 0x72, 0x80, 0x1000, 0x7, 0x800, 0x6, 0xd19, 0x3, 0x93c, 0x6, 0x0, 0x0, 0xe, 0x5, 0x3, 0xfffffffa, 0xa01, 0xf3, 0xffffff00, 0x8, 0xe, 0x3, 0x3ff, 0x5, 0x2, 0x6, 0xa3, 0xffff, 0xfffffff9, 0x9, 0x5, 0x62, 0x2, 0x1, 0xfffffffa, 0x1af88, 0x2, 0x9, 0x7, 0x0, 0x7, 0x8, 0x10000, 0x42, 0x8, 0x7, 0x2b, 0x6, 0x10, 0x5, 0x200, 0x9, 0x6, 0x3, 0x8, 0x10, 0x4, 0x6, 0x633, 0xf05, 0x0, 0x101, 0x200, 0x8, 0x7ff, 0x0, 0x40, 0x1, 0x10000, 0x9, 0x40, 0x9, 0x0, 0x7f, 0x8, 0x6, 0xe, 0x3, 0x80000001, 0x0, 0x8, 0x8, 0x7, 0xdd, 0x6, 0x89, 0x0, 0x100, 0x1, 0x9, 0xe75, 0x400, 0x1, 0x0, 0x200, 0xe9ab, 0x101, 0x8000, 0x13, 0x2, 0x2, 0x43, 0x3ff, 0x0, 0x7, 0x9, 0x401, 0x6, 0x7, 0xa, 0xf, 0xf39d, 0x71, 0xfff, 0x5, 0x8]})
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000001300)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x400}}, './file0\x00'})
ioctl$TCFLSH(r0, 0x540b, 0x0)
pipe(0x0)
r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, 0xffffffffffffffff)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000000)={0x3a, @local, 0x0, 0x7f7fffff, 'lc\x00', 0x10, 0xfffffffc, 0x30}, 0x2c)
getsockopt$IP_VS_SO_GET_SERVICE(r2, 0x0, 0x483, &(0x7f0000000000), &(0x7f0000000180)=0x68)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x2)
fsconfig$FSCONFIG_SET_FLAG(r1, 0x0, &(0x7f0000000100)='mand\x00', 0x0, 0x0)
r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x1, 0x8c2b01)
write$char_usb(r3, &(0x7f0000000040)="e2", 0x12d8)
ioctl$EVIOCGKEY(r3, 0x80404518, &(0x7f0000001540)=""/136)

8.675221549s ago: executing program 1 (id=3284):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000001040)={<r3=>0xffffffffffffffff})
splice(r3, 0x0, r2, 0x0, 0x8, 0x0)
r4 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r5 = memfd_create(&(0x7f0000000640)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\'5\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\x02\x00\x00\x00G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\x05\x00\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\xafON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\x19\xdd(5\xea0\x01,D\xf2\xa3\x85Q\x1f@\xdej\x88\xc8\x17\xc4<Y\xde\xf6v\x8f\x92\xd0XH\x12\x04\xf3\xd0-T\xcat\xf7\x85\xaa\x8fXT\xa1\xeb\xfd\xaf9\xca;\x85\x8b^\x8b\xa4\x89\xc7\x9c\x12\x91\xf9i\x02Q1D\xc2\xf5\x1c\x94\x1a\xcf\x80W\x84\x96,\x8fG\xacy?\xea$\xb2Ia\xce\x94\xf2Cm\x86\xb1qh8\xde\xe4\xe3\x80\xabM\xe9\x14|\xc1\xbb\xc14Dq\x1f\xf4\x88\xe7V\xe0\xa1Hb\xd94v&H\xd5j\x02~-\xed\r\xfc\xb4\r\x00\xe9\xe3\x92U\xe7\x8f\xcc\xe4HJ18R\xee\xc5\x85*\xcf\xcbh}&\xe2\xc5[\xbbY\xca\x17-\x04\x95\xa3\xc5(\x9c\xdaZ\x0f', 0x3)
ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r5)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x18000000000002a0, 0x5d56452fd57c3b4c, 0x0, &(0x7f0000000bc0)="b6fc139f585578f830e90000000012e121ef93ba57d37c084eb79c8498edc025b1030ed2e2b02641be86776c532ab72ba8d242e04cdbdae150a60e645996be5540e8d6ed48ed6d4550915e423d1e8cf06d147580a4cf8ab8fe4c645edf7af823944f563276214c11af608e0b77a812fa616b342969a1e40ec5cee13a07b0cc764bdd8e7b83503b451147ec9fa9cf557e97067d7a3dccf69b53d0d341cbf360540f674c7781ac7f4b8cf3a5afe867c47f8bdc5bde6ec0da2dac70ecbc0340318d6d034661f35a47d1f4e0909cd383b741745facd98cac3c8431959438effd2c25c48a7153582683a432406095a64c498bfe654602bb530ba53094841ef7dbeb695c6591308e9704f29c73025efb57d33a8d0371800f5d829ee853e01be6a40fca93ab6865ae1f82e7a7941e3ad7e74afc3f9f8eb7ddfa1717e497b43d75c312fbaf14aa5bd7f012b66cdbb3996e6e13461d4b04ddab96925b96500986b1008c98a0d3208d4d2cb45b07fa2dd8e754fad08bf9cd7cbd423efbabaeca80316158badc1304e98961186957e6672fc06ebba76c76d441d8fda72c4f53e97c69df416b0ce0c6266dea2432408b2a513e4ae098be043b30c55e988721597e11ba0afca9411d835f", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000005}, 0x4c)
sendfile(r4, r4, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r4, 0x4c02, &(0x7f0000000480)={0x0, {}, 0x0, {}, 0x40000004, 0x0, 0xffffffff, 0x10, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7623c435aff90493ddd7aae07ef35f0700000000000000ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x9]})
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x64, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2, 0x0, 0x10}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x64}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x4c, 0x0, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_SEQ_ADJ_ORIG={0x14, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x2}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7fe}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4004881}, 0x20008820)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f0000000340)={r4, 0xb, {0x0, 0x0, 0x0, 0x9, 0xa0e, 0x0, 0x2, 0x12, 0x10, "dd3f69943eebef80e9574e512a76b415b58af03d88444ad31a3f9ea01c259a99e160f54a91298688cd5460884d46cc0c76c95039b4b23f611de83a86b3f04b8e", "35d42d1c52961cb58491048d190b2ab895d5bdf57430812e4db320c0dab2f4aed97a139b2563926931afecea2b83507e1e3a6dd1d91063f5750b209457b99efe", "b7b0d261e620e7c5ce3dad114bf61645ea5edba56ed7aa2c47ef95aea141ada2", [0xfffffffffffffffe, 0x6f]}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeea, 0x8031, 0xffffffffffffffff, 0x85494000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000940)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x30, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}]}, @NFT_MSG_DELFLOWTABLE={0x38, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xc, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x101}]}]}], {0x14, 0x10}}, 0xb0}, 0x1, 0x0, 0x0, 0x4004020}, 0x0)
r8 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r8, 0x0, 0xcc, &(0x7f0000000140)={@multicast2, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23b510d442ff13482864280a9c0f4eb5"}, 0x3c)
setsockopt$MRT_ADD_MFC_PROXY(r8, 0x0, 0xd2, &(0x7f0000000040)={@multicast2, @multicast1, 0x2, "4f6fb4d1af0f724e6118ecd4ac1100843af297baebb0efcdf5a284da144a011a"}, 0x3c)
setsockopt$MRT_DEL_MFC_PROXY(r8, 0x0, 0xd3, &(0x7f00000000c0)={@multicast2, @multicast1, 0x0, "c6c0e6ec8755b5dc4e305886d95f086707764f8d0e5a0358ea21274f844a69e9", 0x0, 0x200}, 0x3c)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)

8.144395881s ago: executing program 0 (id=3287):
r0 = socket(0x40000000015, 0x5, 0x0)
openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
epoll_create1(0x0)
socket$inet6(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = socket(0x10, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r2 = syz_open_dev$MSR(&(0x7f0000000540), 0x0, 0x0)
read$msr(r2, &(0x7f0000000580)=""/102392, 0x18ff8)
r3 = openat$nmem0(0xffffff9c, &(0x7f0000000000), 0x4b4000, 0x0)
ioctl$TUNSETSNDBUF(r3, 0x400454d4, &(0x7f0000000200)=0x2)
socket$inet6_tcp(0xa, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
read$FUSE(r4, &(0x7f0000019580)={0x2020, 0x0, <r5=>0x0}, 0x2048)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$EBT_SO_SET_COUNTERS(r6, 0x0, 0x81, &(0x7f0000000340)={'filter\x00', 0x0, 0x0, 0x0, [0x3, 0x6, 0x10001, 0x10001, 0x823e, 0x4], 0x4, &(0x7f00000002c0)=[{}, {}, {}, {}, {}], 0x0, [{}, {}, {}, {}]}, 0x90)
syz_fuse_handle_req(r4, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, 0x0)
write$FUSE_INIT(r4, &(0x7f0000000040)={0x50, 0x0, r5, {0x7, 0x2b, 0x0, 0x400182, 0x0, 0xa}}, 0x50)
r7 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x4c002, 0x6)
writev(r7, &(0x7f0000000a40)=[{0x0}, {&(0x7f0000000e00)='t', 0x2fd200}, {0x0, 0x2200}, {&(0x7f0000001000)="d6", 0x20c00}], 0x21)
write(r1, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000080)=0x1, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])

5.917244499s ago: executing program 0 (id=3289):
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, &(0x7f00000000c0)='/dev/input/event#\x00')
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SHOW_STATS(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={0x1c, r1, 0x1, 0x70bd2c, 0x25dfdbfc}, 0x1c}}, 0x0)
syz_emit_ethernet(0x86, &(0x7f0000000300)={@local, @random="1ab900", @val={@void}, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "b70bff", 0x4c, 0x2f, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, @mcast2, {[@fragment={0x3b, 0x0, 0x8, 0x0, 0x0, 0x0, 0xfffffffc}], {{}, {}, {}, {0x8, 0x88be, 0x0, {{}, 0x1, {0x8000}}}, {0x8, 0x22eb, 0x0, {{}, 0x2, {0x0, 0x0, 0x0, 0x0, 0x1}}}}}}}}}, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffd000/0x1000)=nil, 0x1000, &(0x7f0000000340)='cbc(cast6)\x00')
r2 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
flock(r2, 0x2)
r3 = open(&(0x7f0000000180)='.\x00', 0x0, 0x0)
flock(r3, 0x2)
r4 = open(&(0x7f0000000180)='.\x00', 0x10000, 0x0)
flock(r4, 0x1)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000500)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
prctl$PR_SET_MM(0x23, 0x2, &(0x7f0000fa3000/0x2000)=nil)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f0000000640)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x6, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @empty, {[@end]}}}}})
syz_emit_ethernet(0x7a, &(0x7f0000000080)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "6ed6c4", 0x44, 0x2f, 0x0, @private2, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x88a8, 0x0, 0xfffc}, {}, {}, {0xa888, 0x88be, 0x8000000, {{0x0, 0x1, 0x8, 0x0, 0x0, 0x0, 0x0, 0xfe}, 0x1, {0x1}}}, {0x8, 0x22eb, 0x4, {{0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6}}}}}}}}}, 0x0)
mlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)

5.856558581s ago: executing program 1 (id=3291):
ioctl$BLKBSZGET(0xffffffffffffffff, 0x80041270, &(0x7f0000000000))
mkdir(&(0x7f0000000180)='./file0\x00', 0x30)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
unshare(0x400)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = socket$inet(0x2, 0x3, 0x6)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x1, @local}, 0x4a, {0x2, 0x0, @dev}})
ioctl$sock_inet_SIOCSARP(r0, 0x8953, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x0, @local}, 0x4a, {0x2, 0x0, @multicast2}, 'syz_tun\x00'})

5.855215436s ago: executing program 2 (id=3293):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x40, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x3ffa, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f00000003c0)="90984e", 0x3}], 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
gettid()
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$FOU_CMD_ADD(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, 0x0, 0x20, 0xfffffffe, 0x0, {}, [@FOU_ATTR_TYPE={0x59, 0x4, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000000}, 0x0)
sendmsg$FOU_CMD_ADD(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES16], 0x24}}, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x3, 0x0, &(0x7f0000001280)='syzkaller\x00'}, 0x94)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_DEV(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000a80)={0xffffffffffffffb1, r7, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x40084}, 0x20000010)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000200003801c0000800c00018006000100d10300000c000440000000002d"], 0x74}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@delnexthop={0x0, 0x69, 0x10, 0x70bd2b, 0x25dfdbfc, {}, [{0x0, 0x1, 0x1}, {0x0, 0x1, 0x1}]}, 0x1c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

5.790479832s ago: executing program 1 (id=3294):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000000906030006000000000000000500319671040940fffffffd0500010007000008f63cf35c9a0484ef8437c0bff815388a3d391aa6b518"], 0x24}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r2, 0xf502, 0x0)
sendmsg$SMC_PNETID_ADD(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x34, r1, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x34}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x129c00, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeed, 0x8031, 0xffffffffffffffff, 0xf6d0d000)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1, 0x0, 0x0, 0x2)

5.790150972s ago: executing program 3 (id=3295):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', 0xffffffffffffffff, 0x0, 0xd}, 0x18)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000040)={0x0, r0}, 0x8)
r1 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000140), 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000840)=ANY=[@ANYBLOB="14000000100001000000000000b890c1a000000a80000000160a01030000000000000000020000000900020073797a30000000000900010073797a30000000005400038008000240000000000800014000000000400003801400010076657468315f746f5f6272696467650014000100776732000000000000000000000000001400010076657468305f746f5f7465616d00000014000000110001"], 0xa8}}, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x0, 0x0)
ioctl$TCSBRKP(r3, 0x5425, 0x80000000)
sendmsg$NFT_BATCH(r2, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a30000000180a3f6d6f578dbe9c8b000002000000040003800900020073797a30000000000900010073797a300000000014000000020a010100000000000000000000000614000000110001"], 0x6c}}, 0x880)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000080)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x10, '\x00', 0x0, r1, 0x0, 0x1}, 0x50)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000c80)={'lo\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x10, 0x3}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x4, 0x3, 0x0, 0x1}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x51}, 0x0)
removexattr(&(0x7f00000002c0)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000000)=@known='security.apparmor\x00')
sendmsg$nl_route_sched(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001180)=@newqdisc={0x138, 0x24, 0xd0f, 0x200000, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0xffe0}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x108, 0x2, [@TCA_GRED_STAB={0x104, 0x2, "abcc61b4e508c02286f1bafc7a22c407a52b0e13291c865d493f15736245f220cd4e40006df455836aa3bd3aaa2c9b95578719c46f89e01798d28b6d63cf7465ea95bd97b018b7afaccdcb28bb42d677b73c44e790f0875fb4b795ca95b7dd712d2c5d69945535f92f74a71236743acd06103cd77bd07f2df5989ee40e409b077cc85e96554beb53c986a216051bd5979a8cfcfe9f98be58ffcf44f6cfda8579dbaedceee578bfd1fb554b6e185e9315425ef0a3fc69d17ede93fc7c46357990f7acfdb8216ea52f604b9f12033688caa4b04adecfc926b3f6ca25bcb5432905e3f30ccbf10cf0f2d00858ba2bbd2702b8d4a7a7c744fbaa2fa35b1c586020d6"}]}}]}, 0x138}, 0x1, 0x0, 0x0, 0x240400d0}, 0x24008004)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=ANY=[@ANYRES8=r1, @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000009500000000000000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

5.61059436s ago: executing program 3 (id=3296):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000100)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_ENCAP(r1, 0x113, 0x1, &(0x7f0000000040)=0x3, 0x4)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000f80)=@newtaction={0x85c, 0x30, 0xffff, 0xfffffffe, 0x0, {}, [{0x848, 0x1, [@m_police={0x844, 0x1, 0x0, 0x0, {{0xb}, {0x818, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1, 0x6, 0xeb, 0x7fffffff, 0x6, 0x0, 0x0, 0x8000, 0x10001, 0x10b, 0x9, 0x9ec, 0x200, 0x1, 0xffff, 0x6, 0x4, 0x9, 0x9, 0x70000000, 0x5, 0x37, 0x7fff, 0xfc8, 0x4, 0x8000, 0x9, 0x6b4, 0x0, 0xd2c, 0x8, 0x0, 0x1ff, 0x62, 0x0, 0xd, 0x100, 0x0, 0x9d, 0x10001, 0xffffffff, 0x1, 0xaa9, 0xd33c000, 0xffffffff, 0xffffffcf, 0x9, 0x5, 0x7, 0x4, 0x0, 0x4, 0xc9cf, 0x6f, 0x4, 0x5, 0x3, 0x7, 0x7, 0x1, 0x3, 0x4, 0x80000001, 0x4, 0xfffffffc, 0x3, 0x8, 0x401, 0x7, 0x8, 0x8, 0x8001, 0x401, 0xc693, 0x1, 0x2, 0x80000000, 0xe, 0x0, 0x248, 0x7, 0x201, 0x0, 0x8, 0x8e, 0x7, 0x20000000, 0x10001, 0x40, 0x4, 0x0, 0xe68, 0x1, 0x8000001, 0x1, 0x0, 0xffff, 0x8, 0x6, 0xa8, 0x9, 0x633, 0x5, 0x4, 0x2, 0x7, 0x1ff, 0x2, 0x1, 0x8, 0x2, 0xfffff109, 0x7fff, 0x6, 0x5, 0x48d, 0x9, 0x2, 0x1, 0x9, 0xfffffffe, 0x9, 0x3, 0x80000000, 0x2, 0x3, 0x7f, 0x6, 0x0, 0x5, 0x8, 0x4, 0x0, 0x6, 0xfffffffe, 0x3, 0x7fff, 0x2, 0x2, 0x8, 0x200, 0x2, 0xd1e, 0x6, 0x80000000, 0xd, 0xacc1, 0xb, 0x2, 0x6, 0x9, 0x1, 0x0, 0x7, 0x800, 0x80000000, 0x6, 0x3, 0x7fffffff, 0xfffffffd, 0x9, 0x9, 0x200, 0xc, 0xfff, 0x2, 0x8, 0x9, 0x7, 0xb, 0x7, 0x0, 0x5, 0x7ff, 0x5, 0x8, 0x4, 0x5, 0x4, 0x4, 0x5, 0x7, 0x3, 0x6, 0xbc59, 0x3, 0xd53, 0x3ff, 0x1, 0x1, 0x1000, 0x0, 0x15, 0x8001, 0x8, 0x4, 0x4, 0x4, 0x0, 0x401, 0x7f, 0x574, 0x0, 0x1ff, 0x51343c33, 0x1ff, 0x3, 0x6, 0x401, 0x5, 0xffffffc0, 0x1, 0x1, 0x7ff, 0x2c09, 0x8, 0x0, 0x8, 0x1, 0x2, 0x4, 0x4, 0x401, 0x2, 0x4, 0xfffffffa, 0x2, 0x4000ff, 0xfff, 0x0, 0x2, 0x1000, 0x80, 0x5, 0x2, 0xb6c, 0x0, 0x7, 0x5, 0x2, 0x7, 0x6, 0x8, 0x0, 0x160e, 0xfffffffb, 0x4d2e, 0x8001, 0xfff, 0xfffffffd, 0x1, 0x9, 0x5, 0x7, 0x5, 0x2]}, @TCA_POLICE_RATE={0x404, 0x2, [0x5, 0xa71f, 0x3, 0x8, 0x8001, 0x9, 0x9, 0x7, 0x2, 0x7af, 0xfffffff4, 0x5, 0x1ff, 0x8, 0xda, 0x8, 0x7, 0xaeb41200, 0x0, 0x6, 0x0, 0x0, 0x8, 0x9, 0xffffffff, 0x916, 0x8000, 0x6, 0x9, 0x5, 0x0, 0x3, 0x4d74, 0x7, 0x6, 0x7, 0x7fffffff, 0x9, 0x9, 0x9, 0x0, 0x8, 0x3, 0x7, 0xffffff7b, 0x5, 0x81, 0x2, 0xffffffff, 0x9, 0x0, 0x3, 0x1000, 0x4, 0x0, 0x8, 0x8, 0xd, 0x4, 0xa, 0x4, 0x101, 0x1ff, 0xc, 0x0, 0x6, 0x2, 0x4, 0x3ff, 0x80000001, 0x401, 0x8, 0x0, 0x7fff, 0x7, 0xec, 0x3ff, 0x8, 0xf, 0x3, 0xb, 0x4, 0x5, 0x2, 0x7, 0x2, 0x10, 0x9, 0x6, 0x0, 0x27, 0xfff, 0x2, 0xffffffff, 0x0, 0x6, 0x9, 0x9e4a, 0xf, 0x6, 0x68a4, 0x6, 0x401, 0x10001, 0x4, 0x3cd, 0x1000, 0x3, 0x2, 0xe, 0x0, 0x7fda, 0x40000, 0xb299, 0x7, 0x14000000, 0x4c8, 0x5, 0x3, 0xea, 0x1, 0x5, 0x3, 0x3, 0x7, 0xb8, 0x8f, 0x4, 0x3, 0x4, 0x3, 0xc2, 0xfffeffff, 0x2, 0x2, 0x8, 0x5, 0xfad, 0x2, 0x10001, 0x4aa, 0x6, 0x9, 0x2, 0x10000000, 0x7, 0xffffff0a, 0x3, 0x7, 0x8001, 0xce, 0x30, 0x4, 0x0, 0x0, 0x1000, 0x1, 0x10, 0x1, 0x10001, 0x689, 0x0, 0x9, 0x7, 0x8, 0xb, 0x9, 0xe2cf, 0x2, 0xa, 0xff, 0x1, 0x8, 0x4, 0x1ff, 0xffff542b, 0x0, 0x1, 0x9, 0xc394, 0xffffffff, 0x5, 0x8000, 0x5, 0xe, 0x9, 0x9, 0x7fffffff, 0x2, 0x3, 0xdd, 0x4, 0x4, 0x9, 0x1, 0x1, 0x7, 0xd4, 0x7, 0x6, 0x7fffffff, 0x4, 0x4, 0x9, 0xb9, 0x5, 0x2, 0x4, 0xfff, 0x0, 0x1285, 0xbdf, 0x5558, 0xfffffff3, 0x4, 0x5, 0x9, 0xfcca, 0x20004000, 0x80000001, 0x5, 0x1, 0x9, 0x8, 0x9, 0x0, 0xf1b3, 0x4af2, 0x101, 0x4, 0x1, 0x96, 0x8001, 0xc6, 0xa321, 0x6, 0x59115142, 0x400, 0x2, 0x3, 0xfff, 0x1, 0x7, 0x5, 0xff, 0x5, 0x9, 0x7, 0x8, 0x5, 0xa2af, 0x6, 0x1, 0x80000000, 0x6, 0x800]}], [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x8}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x85c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x6)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x88f, 0x0, &(0x7f0000000000), 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2002)
ioctl$EVIOCGRAB(r4, 0x40044590, &(0x7f0000000080)=0x7)
readv(r4, &(0x7f0000000240), 0x0)
write$evdev(r4, &(0x7f0000000040)=[{{}, 0x0, 0x2}], 0x37)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x24c01, 0x0)
lseek(r5, 0x1, 0x1)
writev(r5, &(0x7f0000000240)=[{&(0x7f0000000180)}, {0x0}, {&(0x7f00000003c0)="543dbf774f46eb7c9d4c45610d4ed164ed0bb635311f952cef66d7a4d254107cdc2fbd669f340837d7efcc70d90b1bf34924", 0x32}, {&(0x7f0000000500)}, {&(0x7f0000000580)="1d3015520d3a8a9ea1e4b23a11685917e8db4d2906d195beb905e03b284ad66c5ac3aaf24b6ec8ed4f1d06bd7976e93de58007302f2220454d3907db6523aed966c87c8777a634ba34ace14a68f80c93365e78ee781581ae892531de7ebefa62253a5c6c487f0b15cdc03024fec659cca89a777bf18e39546f88bd934fcb0b439fab98a93534e4e6d6424b10028850f93fb9460ccb5b54f027212de6aa8fcd1a2f299dcf867f56a9043ba1edff", 0xad}, {&(0x7f0000000640)="03f0809f717fd9013cf853e0794a9f10f0b0368edb0559ab7b99fecee861aa845a162dcbe7ae26e857f543a14cffc373091c24ca9bb7d74e5cfa2820377f7e2fb65545288f05d1ff3270159c4d44defeb9ac6db4bceaf918e01415159b002b5b1ac03bd69d65279e64d0ead2d39e2207d1a86567eab23b7ea6d317a99da1007ed70033ed5cefda50e9a04471ba654374c116aea585f20f1719dcffd169367693fc", 0xa1}, {&(0x7f00000001c0)="5e542e6c5be7fe8cc463bc42d67a4884ed9b1f4bed60", 0x16}], 0x7)
mount$9p_virtio(&(0x7f00000002c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000040), 0x208e24b)

5.026602219s ago: executing program 3 (id=3297):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r2, &(0x7f0000000380)={0xc, 0x8, 0x144, {0x0}}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000540)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000280)={<r3=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f00000000c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x1, @loopback, 0xffffffff}, {0xa, 0x4e22, 0xfffffffc, @mcast1}, r3}}, 0x48)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'macsec0\x00', <r5=>0x0})
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef", 0x11)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x1, 0x200000, 0x6000001, {0x0, 0x0, 0x0, r5, {0x5}, {0xd}, {0x1}}}, 0x24}, 0x1, 0x0, 0x0, 0x400c840}, 0x20048054)

5.025797788s ago: executing program 1 (id=3298):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000093c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000006380)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba5234400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b60dd7710000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e8ffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000048636662867d08f50000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x20, 0x0, 0x80000000000000, {0x0, 0x1d}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40)
fsync(r2)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r3, <r4=>0xffffffffffffffff}, 0x4)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000004c0)={r4}, 0x4)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TIOCVHANGUP(r5, 0x5437, 0x0)
write$binfmt_misc(r5, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000d40)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0xc, [@struct={0x4, 0x1, 0x0, 0x4, 0x1, 0x2, [{0xa, 0x3, 0x1000000}]}, @int={0x0, 0x0, 0x0, 0x1, 0x5, 0x20}, @restrict={0x0, 0x0, 0x0, 0xb, 0x2}]}, {0x0, [0x61, 0x0, 0x30, 0x2e, 0x61, 0x61, 0x61, 0x0, 0x61, 0x2e]}}, 0x0, 0x58}, 0x28)
syz_usb_connect(0x0, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a8230800090400bc6435fb4d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
writev(r6, &(0x7f00000002c0)=[{&(0x7f0000000000)="84", 0x1}], 0x1)

5.025561311s ago: executing program 0 (id=3299):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c0000003400010a00e70000fddbdf25280000000800e000036a2c08983e5a59aab6501454062144646d5680c66cb3cf593b706596abf42ed000a09c95c1ceed8feb67e34b0a403034bac8c176a2819166d284bac11dd816004a049c8f80466aaba029ddf496588ba7a675b2fa0ecee0f5b5b5c3f57f951b8849e597455062a31502d3d79b2a26dd10a855c6508a78c50d65cdb92f2e29091c2ab297100a", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44000}, 0x8000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_io_uring_setup(0x4000088f, &(0x7f0000000140)={0x0, 0xaee2, 0x80, 0x1, 0x1f9}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000300)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x5, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r4, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x12345})
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
read$rfkill(r7, &(0x7f0000000040), 0x8) (fail_nth: 1)
io_uring_enter(r4, 0x47f6, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000280)={0x9})
r8 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000680)={[{0x7, 0xc000, 0x4, 0xff, 0x4, 0xc, 0x40, 0xa, 0xb9, 0xa, 0xe, 0x5, 0xcc}, {0x9, 0x2, 0x1, 0x40, 0xb, 0x0, 0x3, 0xff, 0xfd, 0x4, 0x3, 0x7f, 0x9}, {0x40000001, 0x8003, 0x38, 0x3, 0x4, 0x7, 0x3, 0x50, 0x8, 0x1, 0x4, 0xa, 0x1}], 0xffffffff})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f00000003c0)={[0x60000000000, 0xd4, 0x0, 0x61, 0x200002000001, 0x0, 0x2004c8, 0x0, 0xffffffffffffffff, 0x36ae, 0x5, 0x7fff, 0x3, 0x400000000, 0x0, 0x10000], 0xf000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000000080)=0x2, 0x4)
bind$inet6(r0, &(0x7f0000000540)={0xa, 0x4e22, 0x7, @empty, 0x200}, 0x1c)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x180, 0x0)
ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(r7, 0xc0905664, &(0x7f0000000480)={0x0, 0x0, '\x00', @raw_data=[0x1, 0x4, 0xb3, 0xe5, 0x0, 0xb, 0x6, 0x6, 0xd8b8, 0x3ff, 0xff, 0x1, 0x0, 0x0, 0x7, 0x3, 0x4, 0xe, 0x1, 0x1, 0x2eb9, 0x3b, 0xfffffff8, 0x5, 0x4, 0x0, 0x5a, 0x8, 0x7c, 0x5, 0x10000, 0x2]})
ioctl$TIOCGSOFTCAR(r9, 0x5414, &(0x7f0000000000))
listen(r0, 0x0)
r10 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r12, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0x3a}]})
socket$netlink(0x10, 0x3, 0x4)

1.770859398s ago: executing program 2 (id=3300):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = syz_io_uring_setup(0x643d, &(0x7f0000000140)={0x0, 0x0, 0x10100, 0x1, 0x40}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, 0x0, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x40, 0x0, 0x3, 0x3, 0x0, 0xce})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0xd, &(0x7f0000000940)=ANY=[@ANYBLOB="18000000fcffffff0000000009000000850000002a00000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000020000207b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x7ff)
mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3000009, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_MKDIRAT={0x25, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/sysvipc/shm\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f0000002480)={0x2020}, 0x2071)

1.690574035s ago: executing program 2 (id=3301):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1c0000003400010a00e70000fddbdf25280000000800e000036a2c08983e5a59aab6501454062144646d5680c66cb3cf593b706596abf42ed000a09c95c1ceed8feb67e34b0a403034bac8c176a2819166d284bac11dd816004a049c8f80466aaba029ddf496588ba7a675b2fa0ecee0f5b5b5c3f57f951b8849e597455062a31502d3d79b2a26dd10a855c6508a78c50d65cdb92f2e29091c2ab297100a", @ANYRES32=0x0, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x44000}, 0x8000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = syz_io_uring_setup(0x4000088f, &(0x7f0000000700)={0x0, 0xaee2, 0x80, 0x1, 0x1f9}, &(0x7f0000000000)=<r5=>0x0, &(0x7f0000000300)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x5, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, r4, 0x0, &(0x7f0000000040)='./file0\x00', 0x64, 0x183000, 0x12345})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000000)='./file0\x00', 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
read$rfkill(0xffffffffffffffff, &(0x7f00000001c0), 0x2e)
io_uring_enter(r4, 0x47f6, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000280)={0x9})
r8 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000680)={[{0x7, 0xc000, 0x4, 0xff, 0x4, 0xc, 0x40, 0xa, 0xb9, 0xa, 0xe, 0x5, 0xcc}, {0x9, 0x2, 0x1, 0x40, 0xb, 0x0, 0x3, 0xff, 0xfd, 0x4, 0x3, 0x7f, 0x9}, {0x40000001, 0x8003, 0x38, 0x3, 0x4, 0x7, 0x3, 0x50, 0x8, 0x1, 0x4, 0xa, 0x1}], 0xffffffff})
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r8, 0x4090ae82, &(0x7f00000003c0)={[0x60000000000, 0xd4, 0x0, 0x61, 0x200002000001, 0x0, 0x2004c8, 0x0, 0xffffffffffffffff, 0x36ae, 0x5, 0x7fff, 0x3, 0x400000000, 0x0, 0x10000], 0xf000})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1a, &(0x7f0000000080)=0x2, 0x4)
bind$inet6(r0, &(0x7f0000000540)={0xa, 0x4e22, 0x7, @empty, 0x200}, 0x1c)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x180, 0x0)
ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(r7, 0xc0905664, &(0x7f0000000480)={0x0, 0x0, '\x00', @raw_data=[0x1, 0x4, 0xb3, 0xe5, 0x0, 0xb, 0x6, 0x6, 0xd8b8, 0x3ff, 0xff, 0x1, 0x0, 0x0, 0x7, 0x3, 0x4, 0xe, 0x1, 0x1, 0x2eb9, 0x3b, 0xfffffff8, 0x5, 0x4, 0x0, 0x5a, 0x8, 0x7c, 0x5, 0x10000, 0x2]})
ioctl$TIOCGSOFTCAR(r9, 0x5414, &(0x7f0000000000))
listen(r0, 0x0)
r10 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r11, 0x4008ae89, &(0x7f00000000c0)={0x1, 0x0, [{0x3a}]})

1.690197135s ago: executing program 0 (id=3302):
ioctl$BLKBSZGET(0xffffffffffffffff, 0x80041270, &(0x7f0000000000))
mkdir(&(0x7f0000000180)='./file0\x00', 0x30)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
unshare(0x400)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = socket$inet(0x2, 0x3, 0x6)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x1, @local}, 0x4a, {0x2, 0x0, @dev}})
ioctl$sock_inet_SIOCSARP(r0, 0x8953, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x0, @local}, 0x4a, {0x2, 0x0, @multicast2}, 'syz_tun\x00'})

1.630019192s ago: executing program 0 (id=3303):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000001040)={<r3=>0xffffffffffffffff})
splice(r3, 0x0, r2, 0x0, 0x8, 0x0)
r4 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r5 = memfd_create(&(0x7f0000000640)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\'5\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\x02\x00\x00\x00G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\x05\x00\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\xafON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\x19\xdd(5\xea0\x01,D\xf2\xa3\x85Q\x1f@\xdej\x88\xc8\x17\xc4<Y\xde\xf6v\x8f\x92\xd0XH\x12\x04\xf3\xd0-T\xcat\xf7\x85\xaa\x8fXT\xa1\xeb\xfd\xaf9\xca;\x85\x8b^\x8b\xa4\x89\xc7\x9c\x12\x91\xf9i\x02Q1D\xc2\xf5\x1c\x94\x1a\xcf\x80W\x84\x96,\x8fG\xacy?\xea$\xb2Ia\xce\x94\xf2Cm\x86\xb1qh8\xde\xe4\xe3\x80\xabM\xe9\x14|\xc1\xbb\xc14Dq\x1f\xf4\x88\xe7V\xe0\xa1Hb\xd94v&H\xd5j\x02~-\xed\r\xfc\xb4\r\x00\xe9\xe3\x92U\xe7\x8f\xcc\xe4HJ18R\xee\xc5\x85*\xcf\xcbh}&\xe2\xc5[\xbbY\xca\x17-\x04\x95\xa3\xc5(\x9c\xdaZ\x0f', 0x3)
ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r5)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r6}, 0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x18000000000002a0, 0x5d56452fd57c3b4c, 0x0, &(0x7f0000000bc0)="b6fc139f585578f830e90000000012e121ef93ba57d37c084eb79c8498edc025b1030ed2e2b02641be86776c532ab72ba8d242e04cdbdae150a60e645996be5540e8d6ed48ed6d4550915e423d1e8cf06d147580a4cf8ab8fe4c645edf7af823944f563276214c11af608e0b77a812fa616b342969a1e40ec5cee13a07b0cc764bdd8e7b83503b451147ec9fa9cf557e97067d7a3dccf69b53d0d341cbf360540f674c7781ac7f4b8cf3a5afe867c47f8bdc5bde6ec0da2dac70ecbc0340318d6d034661f35a47d1f4e0909cd383b741745facd98cac3c8431959438effd2c25c48a7153582683a432406095a64c498bfe654602bb530ba53094841ef7dbeb695c6591308e9704f29c73025efb57d33a8d0371800f5d829ee853e01be6a40fca93ab6865ae1f82e7a7941e3ad7e74afc3f9f8eb7ddfa1717e497b43d75c312fbaf14aa5bd7f012b66cdbb3996e6e13461d4b04ddab96925b96500986b1008c98a0d3208d4d2cb45b07fa2dd8e754fad08bf9cd7cbd423efbabaeca80316158badc1304e98961186957e6672fc06ebba76c76d441d8fda72c4f53e97c69df416b0ce0c6266dea2432408b2a513e4ae098be043b30c55e988721597e11ba0afca9411d835f", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000005}, 0x4c)
sendfile(r4, r4, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r4, 0x4c02, &(0x7f0000000480)={0x0, {}, 0x0, {}, 0x40000004, 0x0, 0xffffffff, 0x10, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7623c435aff90493ddd7aae07ef35f0700000000000000ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x9]})
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x64, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2, 0x0, 0x10}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x64}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x4c, 0x0, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_SEQ_ADJ_ORIG={0x14, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x2}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7fe}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4004881}, 0x20008820)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f0000000340)={r4, 0xb, {0x0, 0x0, 0x0, 0x9, 0xa0e, 0x0, 0x2, 0x12, 0x10, "dd3f69943eebef80e9574e512a76b415b58af03d88444ad31a3f9ea01c259a99e160f54a91298688cd5460884d46cc0c76c95039b4b23f611de83a86b3f04b8e", "35d42d1c52961cb58491048d190b2ab895d5bdf57430812e4db320c0dab2f4aed97a139b2563926931afecea2b83507e1e3a6dd1d91063f5750b209457b99efe", "b7b0d261e620e7c5ce3dad114bf61645ea5edba56ed7aa2c47ef95aea141ada2", [0xfffffffffffffffe, 0x6f]}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeea, 0x8031, 0xffffffffffffffff, 0x85494000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000940)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x30, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}]}, @NFT_MSG_DELFLOWTABLE={0x38, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xc, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x101}]}]}], {0x14, 0x10}}, 0xb0}, 0x1, 0x0, 0x0, 0x4004020}, 0x0)
r8 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r8, 0x0, 0xcc, &(0x7f0000000140)={@multicast2, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23b510d442ff13482864280a9c0f4eb5"}, 0x3c)
setsockopt$MRT_ADD_MFC_PROXY(r8, 0x0, 0xd2, &(0x7f0000000040)={@multicast2, @multicast1, 0x2, "4f6fb4d1af0f724e6118ecd4ac1100843af297baebb0efcdf5a284da144a011a"}, 0x3c)
setsockopt$MRT_DEL_MFC_PROXY(r8, 0x0, 0xd3, &(0x7f00000000c0)={@multicast2, @multicast1, 0x0, "c6c0e6ec8755b5dc4e305886d95f086707764f8d0e5a0358ea21274f844a69e9", 0x0, 0x200}, 0x3c)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)

1.511884285s ago: executing program 3 (id=3304):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000780), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB="88020000", @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="61023300503001000802110000"], 0x288}, 0x1, 0x0, 0x0, 0x800}, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000540)={{}, &(0x7f0000000400), &(0x7f0000000500)}, 0x20)

1.511348137s ago: executing program 3 (id=3305):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000100)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r1 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_ENCAP(r1, 0x113, 0x1, &(0x7f0000000040)=0x3, 0x4)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
mq_timedsend(0xffffffffffffffff, 0x0, 0x0, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000f80)=@newtaction={0x85c, 0x30, 0xffff, 0xfffffffe, 0x0, {}, [{0x848, 0x1, [@m_police={0x844, 0x1, 0x0, 0x0, {{0xb}, {0x818, 0x2, 0x0, 0x1, [[@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x1, 0x6, 0xeb, 0x7fffffff, 0x6, 0x0, 0x0, 0x8000, 0x10001, 0x10b, 0x9, 0x9ec, 0x200, 0x1, 0xffff, 0x6, 0x4, 0x9, 0x9, 0x70000000, 0x5, 0x37, 0x7fff, 0xfc8, 0x4, 0x8000, 0x9, 0x6b4, 0x0, 0xd2c, 0x8, 0x0, 0x1ff, 0x62, 0x0, 0xd, 0x100, 0x0, 0x9d, 0x10001, 0xffffffff, 0x1, 0xaa9, 0xd33c000, 0xffffffff, 0xffffffcf, 0x9, 0x5, 0x7, 0x4, 0x0, 0x4, 0xc9cf, 0x6f, 0x4, 0x5, 0x3, 0x7, 0x7, 0x1, 0x3, 0x4, 0x80000001, 0x4, 0xfffffffc, 0x3, 0x8, 0x401, 0x7, 0x8, 0x8, 0x8001, 0x401, 0xc693, 0x1, 0x2, 0x80000000, 0xe, 0x0, 0x248, 0x7, 0x201, 0x0, 0x8, 0x8e, 0x7, 0x20000000, 0x10001, 0x40, 0x4, 0x0, 0xe68, 0x1, 0x8000001, 0x1, 0x0, 0xffff, 0x8, 0x6, 0xa8, 0x9, 0x633, 0x5, 0x4, 0x2, 0x7, 0x1ff, 0x2, 0x1, 0x8, 0x2, 0xfffff109, 0x7fff, 0x6, 0x5, 0x48d, 0x9, 0x2, 0x1, 0x9, 0xfffffffe, 0x9, 0x3, 0x80000000, 0x2, 0x3, 0x7f, 0x6, 0x0, 0x5, 0x8, 0x4, 0x0, 0x6, 0xfffffffe, 0x3, 0x7fff, 0x2, 0x2, 0x8, 0x200, 0x2, 0xd1e, 0x6, 0x80000000, 0xd, 0xacc1, 0xb, 0x2, 0x6, 0x9, 0x1, 0x0, 0x7, 0x800, 0x80000000, 0x6, 0x3, 0x7fffffff, 0xfffffffd, 0x9, 0x9, 0x200, 0xc, 0xfff, 0x2, 0x8, 0x9, 0x7, 0xb, 0x7, 0x0, 0x5, 0x7ff, 0x5, 0x8, 0x4, 0x5, 0x4, 0x4, 0x5, 0x7, 0x3, 0x6, 0xbc59, 0x3, 0xd53, 0x3ff, 0x1, 0x1, 0x1000, 0x0, 0x15, 0x8001, 0x8, 0x4, 0x4, 0x4, 0x0, 0x401, 0x7f, 0x574, 0x0, 0x1ff, 0x51343c33, 0x1ff, 0x3, 0x6, 0x401, 0x5, 0xffffffc0, 0x1, 0x1, 0x7ff, 0x2c09, 0x8, 0x0, 0x8, 0x1, 0x2, 0x4, 0x4, 0x401, 0x2, 0x4, 0xfffffffa, 0x2, 0x4000ff, 0xfff, 0x0, 0x2, 0x1000, 0x80, 0x5, 0x2, 0xb6c, 0x0, 0x7, 0x5, 0x2, 0x7, 0x6, 0x8, 0x0, 0x160e, 0xfffffffb, 0x4d2e, 0x8001, 0xfff, 0xfffffffd, 0x1, 0x9, 0x5, 0x7, 0x5, 0x2]}, @TCA_POLICE_RATE={0x404, 0x2, [0x5, 0xa71f, 0x3, 0x8, 0x8001, 0x9, 0x9, 0x7, 0x2, 0x7af, 0xfffffff4, 0x5, 0x1ff, 0x8, 0xda, 0x8, 0x7, 0xaeb41200, 0x0, 0x6, 0x0, 0x0, 0x8, 0x9, 0xffffffff, 0x916, 0x8000, 0x6, 0x9, 0x5, 0x0, 0x3, 0x4d74, 0x7, 0x6, 0x7, 0x7fffffff, 0x9, 0x9, 0x9, 0x0, 0x8, 0x3, 0x7, 0xffffff7b, 0x5, 0x81, 0x2, 0xffffffff, 0x9, 0x0, 0x3, 0x1000, 0x4, 0x0, 0x8, 0x8, 0xd, 0x4, 0xa, 0x4, 0x101, 0x1ff, 0xc, 0x0, 0x6, 0x2, 0x4, 0x3ff, 0x80000001, 0x401, 0x8, 0x0, 0x7fff, 0x7, 0xec, 0x3ff, 0x8, 0xf, 0x3, 0xb, 0x4, 0x5, 0x2, 0x7, 0x2, 0x10, 0x9, 0x6, 0x0, 0x27, 0xfff, 0x2, 0xffffffff, 0x0, 0x6, 0x9, 0x9e4a, 0xf, 0x6, 0x68a4, 0x6, 0x401, 0x10001, 0x4, 0x3cd, 0x1000, 0x3, 0x2, 0xe, 0x0, 0x7fda, 0x40000, 0xb299, 0x7, 0x14000000, 0x4c8, 0x5, 0x3, 0xea, 0x1, 0x5, 0x3, 0x3, 0x7, 0xb8, 0x8f, 0x4, 0x3, 0x4, 0x3, 0xc2, 0xfffeffff, 0x2, 0x2, 0x8, 0x5, 0xfad, 0x2, 0x10001, 0x4aa, 0x6, 0x9, 0x2, 0x10000000, 0x7, 0xffffff0a, 0x3, 0x7, 0x8001, 0xce, 0x30, 0x4, 0x0, 0x0, 0x1000, 0x1, 0x10, 0x1, 0x10001, 0x689, 0x0, 0x9, 0x7, 0x8, 0xb, 0x9, 0xe2cf, 0x2, 0xa, 0xff, 0x1, 0x8, 0x4, 0x1ff, 0xffff542b, 0x0, 0x1, 0x9, 0xc394, 0xffffffff, 0x5, 0x8000, 0x5, 0xe, 0x9, 0x9, 0x7fffffff, 0x2, 0x3, 0xdd, 0x4, 0x4, 0x9, 0x1, 0x1, 0x7, 0xd4, 0x7, 0x6, 0x7fffffff, 0x4, 0x4, 0x9, 0xb9, 0x5, 0x2, 0x4, 0xfff, 0x0, 0x1285, 0xbdf, 0x5558, 0xfffffff3, 0x4, 0x5, 0x9, 0xfcca, 0x20004000, 0x80000001, 0x5, 0x1, 0x9, 0x8, 0x9, 0x0, 0xf1b3, 0x4af2, 0x101, 0x4, 0x1, 0x96, 0x8001, 0xc6, 0xa321, 0x6, 0x59115142, 0x400, 0x2, 0x3, 0xfff, 0x1, 0x7, 0x5, 0xff, 0x5, 0x9, 0x7, 0x8, 0x5, 0xa2af, 0x6, 0x1, 0x80000000, 0x6, 0x800]}], [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x8}]]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x85c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x88f, 0x0, &(0x7f0000000000), 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x2002)
ioctl$EVIOCGRAB(r4, 0x40044590, &(0x7f0000000080)=0x7)
readv(r4, &(0x7f0000000240), 0x0)
write$evdev(r4, &(0x7f0000000040)=[{{}, 0x0, 0x2}], 0x37)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x24c01, 0x0)
lseek(r5, 0x1, 0x1)
writev(r5, &(0x7f0000000240)=[{&(0x7f0000000180)}, {0x0}, {&(0x7f00000003c0)="543dbf774f46eb7c9d4c45610d4ed164ed0bb635311f952cef66d7a4d254107cdc2fbd669f340837d7efcc70d90b1bf34924", 0x32}, {&(0x7f0000000500)}, {&(0x7f0000000580)="1d3015520d3a8a9ea1e4b23a11685917e8db4d2906d195beb905e03b284ad66c5ac3aaf24b6ec8ed4f1d06bd7976e93de58007302f2220454d3907db6523aed966c87c8777a634ba34ace14a68f80c93365e78ee781581ae892531de7ebefa62253a5c6c487f0b15cdc03024fec659cca89a777bf18e39546f88bd934fcb0b439fab98a93534e4e6d6424b10028850f93fb9460ccb5b54f027212de6aa8fcd1a2f299dcf867f56a9043ba1edff", 0xad}, {&(0x7f0000000640)="03f0809f717fd9013cf853e0794a9f10f0b0368edb0559ab7b99fecee861aa845a162dcbe7ae26e857f543a14cffc373091c24ca9bb7d74e5cfa2820377f7e2fb65545288f05d1ff3270159c4d44defeb9ac6db4bceaf918e01415159b002b5b1ac03bd69d65279e64d0ead2d39e2207d1a86567eab23b7ea6d317a99da1007ed70033ed5cefda50e9a04471ba654374c116aea585f20f1719dcffd169367693fc", 0xa1}, {&(0x7f00000001c0)="5e542e6c5be7fe8cc463bc42d67a4884ed9b1f4bed60", 0x16}], 0x7)
mount$9p_virtio(&(0x7f00000002c0), &(0x7f0000000080)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f0000000040), 0x208e24b)

1.451059496s ago: executing program 2 (id=3306):
syz_emit_ethernet(0x540, &(0x7f0000001fc0)={@link_local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x532, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @dev={0xac, 0x14, 0x14, 0x22}}, @echo_reply={0x0, 0x0, 0x0, 0x67, 0x5, "66fc9d7774ae62a87e46812412274bccada8ba85d4a7d13d24060f6fe90b129fa51dd2b7f6842aaa52f4e2820955282630e7a424984cb5c829bc610d7770e0da7dd632bab96d1cc3db56f86b5444738b840c1b83d375df7237139105c0d4ed25222fd3e62eec0f521de1a0832cc246776dfe5bd14712d828cc0c793eb3b8bdcef0aaa186b40b0e674b374c3b844e2081062c8b654bdccbeb2787709db7fef30a3394021addd146dc04607ce4431484f4d38ff34a14b435ba70366194e154a6de1501ba9ccc1f7b539710d02e4eee314431942fb72d819b1dc828f20313ee704b9f7cd5010a42733d522dfd5ff2f6de3a964529bf388625cc483b55465ac17e3abe27436d5c0ef3769fd050398e1a4d1a8bbb16a6d47a760cc507fb18aa4e1c6e47af3fc7db36caa2725a30afa50967b4185221c08fc5bebc97e13a3445e9336ea3ffc9e884649c1551a1d47aaa33e0db19dd81abce020bb51aa7b3a2c40c913d6cc5cb9c2fe80efde868c0de5710e36a5f90ffc89c888e65010bb34811c297b63913034982d9e3edef7a627f8aac3c568ced006bb98fa4873b2001a8fb7c1d87a3882f7ee057eedd1304b0a8c3966e4912d73066a0e61ff59b2d5c8c947b2e140bb25dd39f5b153b5a6288edfad8a6d46e077a2fd70355710eecea1c529137ef32d4c01dc5d6e38447b1cde3445e78488f8d0de31c5caaac837f7582311e66a794b46629cc722856a08c4a454d0477599de1190ca3e6249f72fb65d767255fe63a0c0e8ecb2a1554ecb59ac4917cef7e51ca921a0081ac79696ecd7bb1ef465882f57aaf85044a5c26f948cde9842928acef7fdc285d5ecfe67b366b2f08a646d7b654f55931ab8afb9bcbc5c90fd93fe5274aa04300253204f8d7a9ea6aaf89873148f64cc633e05ae48ebc9e39e8c79dde379c9638a20daa5188daf06b86b92dbfa8b9d9d65280dd338c56ec6f08a193be0c02f3bfca25f0a40a717cb1bc9179e5be5f52b0383cd63cb0884fdbf29b136683a4e57884e148d3a13ca5b8a6967f108d2e3ae66ba1a85a276f6a73123e1bbd390bf991c20b0cb74e84e13768acdd91a8ebb56338af0dff64b996b6133a3787fe7ade022d998c02202b9af3e38d5b577ee52c1f39bcaf422ab3c69869917b69c43c0f6647de7cdeb8aeb301c78ffa26cc9c5d73beffa667cdbf728f2adc9dacb5b335abd193987b3fa28f68bfe84ff05cdbea1cd4fd9f37b4c4867d223101ee5d296fcf3e7191f6b37514e67d21ef25ee26d60ea2988d34a87db2511ec8dba8f2d7bb0a83cac19518d3a5d1a88cc767c7bb00324ef3ae7ecc320dd046a096ae6a76bce48b6d2791d550637eac75665f5b3beb01bdb28eb1826181601b1c2279ad5ae7e0163a488984c14ae6912cae17b0067ec965745cab532be9e20f33847f7b47bddf6da6c2aa0323eb87fab5c64b3b1a62e76ed510bc60111b4f817b830df848d1d458d4dc698cf834c5ca1eed945b9ed6f33d88fb14ef1b0440c85194d68656e9829148a89a5e7c44fd879c653b868913f3eb8e8f49c1fd0c2c49571c080ae8f90720417e1beaffded936be9003d582265e017120e2c18da707c25dc968fd00c20ebb46f9050e1beae6645d3e107c295385242a262cbb45f20464cfec8140efa782870c065ab0596df9aaa1be565777dc0667a9c40a630158cff9547c4643ef195e01356ee4eafb3ab4171e57eba4c4a8686e8709f3569f603dbe929cb0ff9e3c1034c1ab655b6ccc31e9a24d6a6ffa211bc1711ed64522fb33ae2f0be6b3473f20d610c6e48543966f9b3df32c39541d105f4bd94e01ef92f4298d74d24e2fda2c"}}}}}, 0x0)

1.310844112s ago: executing program 2 (id=3307):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000000906030006000000000000000500319671040940fffffffd0500010007000008f63cf35c9a0484ef8437c0bff815388a3d391aa6b518"], 0x24}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$F2FS_IOC_COMMIT_ATOMIC_WRITE(r2, 0xf502, 0x0)
sendmsg$SMC_PNETID_ADD(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x34, r1, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}]}, 0x34}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', 0xffffffffffffffff, 0x0, 0xfffffffffffffffd}, 0x18)
r3 = openat$kvm(0x0, &(0x7f00000000c0), 0x129c00, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeed, 0x8031, 0xffffffffffffffff, 0xf6d0d000)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1, 0x0, 0x0, 0x2)

620.306045ms ago: executing program 0 (id=3308):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=@newtaction={0xc4, 0x30, 0x1, 0x0, 0x0, {}, [{0xb0, 0x1, [@m_skbedit={0x0, 0x9, 0x0, 0x0, {{}, {0x0, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PTYPE={0x0, 0x7, 0x5}, @TCA_SKBEDIT_PARMS={0x0, 0x2, {0x0, 0x4, 0x0, 0x7, 0x8}}]}, {0x0, 0x6, "a47e2d754475041cbe08e414fee3d78a354ac9a8678171b811f37b14945d7a61b187f98cdfca232b7804007ba208f38a8bf275c5a21675353dd05145e5e19ba119cb65fcbc710ee7063d1c"}, {0x0, 0x7, {0x0, 0x1}}, {0x0, 0x8, {0x1, 0x1}}}}, @m_ife={0x48, 0xa, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_SMAC={0x0, 0x4, @link_local}]}, {0xfffffdf5}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}, @m_vlan={0x0, 0xc, 0x0, 0x0, {{}, {0x0, 0x2, 0x0, 0x1, [@TCA_VLAN_PUSH_VLAN_PROTOCOL={0x0, 0x4, 0x8100}, @TCA_VLAN_PARMS={0x0, 0x2, {{0x3, 0xfc, 0x1, 0xc83, 0x9}, 0x1}}, @TCA_VLAN_PUSH_VLAN_PROTOCOL={0x0, 0x4, 0x8100}]}, {0x0, 0x6, "90cfbae3079b3798bc1912d23f9742f8b93942548b568c1132823cdfd57546545976a259cf10a62fd17957aa2bab10f9cbeaa1207321e8d9baa8f0cad251a9aae3045ff9a6ad31cc64644a8ee679cd"}, {0x0, 0x7, {0x1, 0x1}}, {0x0, 0x8, {0x6, 0x3}}}}]}]}, 0xc4}, 0x1, 0x0, 0x0, 0x1}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000040)={0x0, 0x8, 0x0, 0x4})
ptrace$ARCH_SHSTK_STATUS(0x1e, r0, &(0x7f0000000280), 0x5005)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='rpc_buf_alloc\x00', 0xffffffffffffffff, 0x0, 0x1}, 0x18)
r4 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TCSETSW2(r4, 0x402c542c, &(0x7f00000000c0)={0xffffffd1, 0x2, 0x2, 0x80831b, 0xfc, "b679a9420a2326012ee7ff0000000000b700", 0x3, 0x201})
ioctl$TIOCSTI(r4, 0x5412, &(0x7f0000000000)=0xff)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_open_procfs(0x0, &(0x7f00000190c0)='net/ipv6_route\x00')
shmget$private(0x0, 0x2000, 0x800, &(0x7f0000ffd000/0x2000)=nil)
syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_tx_ring(r5, 0x107, 0xd, &(0x7f0000000040)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
sendmmsg$sock(r5, &(0x7f0000000740)=[{{&(0x7f0000000080)=@phonet={0x23, 0x6, 0x0, 0x7}, 0x14, 0x0}}], 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

618.91521ms ago: executing program 2 (id=3309):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x6, 0x12, &(0x7f0000000080)=@framed={{0x18, 0x5}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x1, 0x0, r0}, @generic={0x66}, @initr0, @exit, @printk={@x={0x18, 0x0}, {0x3, 0x3, 0x3, 0xa, 0x0}, {0x5, 0x1, 0xb, 0x1, 0x5}, {0x7, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffe00}, {}, {}, {0x85, 0x0, 0x0, 0x19}}]}, &(0x7f0000000000)='GPL\x00', 0x4}, 0x94)
pipe(&(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)="77690addcfbe1fbb66ec", 0xff3b}], 0x1, 0x1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000a00)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
close(r5)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d10bfe150a7487535f7866907dc6751dfb265a0e3ccae669e173a649c1cfd6587d452d46b7c57d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3ff03fe3e26e7a23129d6606fd28a7f9105f82317874b33d96b39fa4e045469989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f1623ed38ae89d24e14b40234756ddcebfba2f87925bfacba83109753f543ad027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70900000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbf83a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d6209000000c773713a66b223fa8b148871c8d31d24000025449f106b99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed208ada12f7a1525320e71666f472a972d5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff080000ff003853e59de7621e348955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315f8347fb0379659500000000000000000000000000000000000000002fdf0193ec79c90ed210ebc2fbed6d4216770c1b0dec886b388d138c2b69c6aacb714e7264093061c660a5100b7cc165889eb94c8d7c77b6fa06f1a4f8e4a6b6cb37e319c5c22f276b03cae853f42b07ca0b03b1eb32a6b1a81cd511fd0b59d57a11c6a3ebf9731464ad21f07f618efc31023ac60007426162b57e803519954d7c956fda392fa84be38e937d36af1c35138e05a9e8d6dc0272de72c41500000000304402e22af23437126f330f8eb4075daaeae3134ece35cd86d95bd9836bd186c4b6565e967a4e3e86f299b7400994ba136b4eccf3b0f001a266c0d160b3ce1182001d64b52a5ce7f506295d59eea6903b84ffbabf5a5b91c1d6ecce8728a224aec66c610e3becd60a35e848c224f8251947eed20e2b612cb099bfe8924d33ba7f0691fed04a43e9c64b7a1e3165e86cdb9871c678a6bbb14821f441c6c14d1bd78d8ffdfea12c19ea04264335d60b6b7a7da6fb83f33101db32f6ab137d943dd3c1e8db9f3e1263573dc721ae82fe0bc63598751a5092c9f7dbfc39d564834e3703492c2a651643d8ce5c36d97a4812cf73fc8ea0d68d7489cfcb0176"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r8}, 0x10)
sendmsg$TIPC_CMD_ENABLE_BEARER(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000400)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
writev(r4, &(0x7f00000005c0)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec988cafb", 0xf}, {&(0x7f0000000500)="e98314d58ce4b24ee137cea9c243c233bfa2f5fee778bbfc11a66c", 0x1b}, {&(0x7f0000000300)="6677283d830977a1ca8574d5e6673039", 0x10}, {&(0x7f00000001c0)='_', 0x1}], 0x4)
r9 = socket$pppl2tp(0x18, 0x1, 0x1)
r10 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r10, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newlink={0x48, 0x10, 0xffffff1f, 0x70bd29, 0x80, {0x0, 0x0, 0x0, 0x0, 0x0, 0x43f00}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @gretap={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @rand_addr=0x64010101}]}}}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x48}}, 0x0)
splice(r9, 0x0, r1, 0x0, 0x400, 0x0)
r11 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="4800000010001fff0000056800080000faff0000", @ANYRES32=0x0, @ANYBLOB="c30c424700000000280012800a00010076786c616e00000018000280140010", @ANYRES8=0x0, @ANYBLOB="fea8"], 0x48}}, 0x0)
sendmmsg$alg(r11, &(0x7f00000000c0), 0x492492492492627, 0x0)
sendmsg(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000001c0)="73f9c98c", 0x4}, {&(0x7f0000000500)="6cfac4e9341e2c683e900d3c0ab4351aec5a32a15a8275fd9b4fa66d5c9df4c5ac3e768f42b87861f578ed862cd006265c3d5dc76a016f4f1035557c6f771fe707e1e52360bd9de0516a18d5fc81cc73b00dff5c82af1c37267afab20779893d6db4d345fb6a5656db91bacb92ea32418b6b", 0x72}, {&(0x7f0000001b00)="28f87f2a0ebc7c9da70addd8dab71d81f6ab8874f6ad0a1bf7dadd2400cb3dae3d59bfec4f203248bc0ac51a28bb625ec7e19f18b204968502d75965b41f3e68a1699a6509f5ba15d852bc232642c0f0f22ffd0aa6370150a21d18570171e02c780078c7ebf84e87147b275087cd5da3715be8d08e71aa5af0a26b875473ac98520d7022e7bc44f2a60b3fc1cbe42a1ddded5746cda8cddaf2f10be9f80dc8b670a8e6daeed965d797b82d73b9df9f648e0c87c2346d06be6df8dbcdf58af2d10043a2a737f1897ac5bde1679616b9b15327ad0916f7a7ed94a0515dc146ad79cb85300265360dbc1a2febc20890110129f0dbb5a18474fb98bf98f2d03ebca96925e0b00b302bf3035e80cc272b15f5d9ef3fdec7e3ad7fc51c47a087024f2b6b0482957c16c6a5db7acdb65f6b5ad0e18dada267f21394099c82ffc840c3d5bcd90b9c8e6dd670023ea0a16229f9500d54bce3cf50466e129dd1a0929a5bbc0de95634883ac5e7cf342334eac93a1977a89cf22a15afed738d7f160ecf61f1fa8791bcd17f21f7d38b500de6f5cd2ba25885ee006974a81a13b76b8c2452e65be9a851874fc1f4903da02120b0c893740c5a863bfc56e2022bce2cf94ef88b90b8073470d029b8b393928ab0fd25755afaf129be062048add0f4fa6e1ae42c9e4f4198f1910adcb0070d4c22ab7acca533c3c010a241c1f1341c46f5aaea9377278b2a5b0fe011f05e6cd66860807422ca1a599e925cfbfa29bbbe29ef95166529ff74344453259ead232986aa630cc94b56edae511348724e2adbb5bcee09ed19b3289c19fa8d1e460a37d30d3b2e2c13b49d5659ffc1a343c90b64a11f21498c7ecba04ceeed79f075ac58b01c5267955d4de19356bdc2ac5823ff277778723795ec125c5e6cf739a8a8d2702e29d2999f44c0670523ce2df0052d255d6e953cbe8fe4bb7e4dfad637dead4c14441559f34f89889f6412a895a29200dc4193ecd4457e89846b5d2a7c55fa57f269e7788895a51a2b195b1f1ae6fd5c957882ca1cd9e503f9c653ec91c0df9837c21af6960e41bf6bfdcebbf0055aeb61eb748c0eb199757ad97a1ea8d525940e789fffe9bf9861cd4e09cb2b61605a3181b8c472524b280c21b9db9151d4e3a1e83d1332166bdc31e7c5f00be46f34242e91f94ebc24bc0d2d785d11326bc6bd17f9c8ce54ac1015924cb639da758fb7a4530dc4c0ce814c031f230ff1367997f911886b46af4dcbb409c090fcaea8db8757ea2bd964a83931379062b88f5af8590520d9fcde26f168087a3870e89646ea02dd362db197d807616ecf532f27766bc252208ee02a2a91eacb77c9790909212e6c8d7c894f706e9835dd7f6bcd1954e92fdefe5b2d77f8f8dd418b255b48ecf179355a15c711ffa5ab2d01dccb8738d108b91d425aab13d90b581ee4317e93abc3471d5e03b4fc3a6edc10b5227ed5f8ce1249aef0587c05494ba2231e209e31a7335990c11a81e19b55db5e86d08c7ca9ee31596b70baf1aed6ff6cb9103f387fac23a775b9e2efd23c2e90ea00ca6255b95f5e667eff6295a306dc565a343e85f32a648d2206f1b88da13af604d96f6e6662522a7d462ddae139e0cc8ffc2210fd9f8a02736a622de917a711b4a4d3add8da2b78f1ab7f626b18747d63e572b9487616d8b30fae12b20c7e23c472feb77b8c87b0587b4a2a7a33f44e48bff7411dc0dace18a3816078d079955b71b78bba6f10df0c321bf159dda7e2468c8b7e1cf15aba9a6e31a08513fb54851a8691bdf6c21aeae02c96b05a273a391d748f989ed9c1a7a5ea10e9066af87694ed9f12d0a6fd67c6a4cf106f11926312c2cc1491d3325bb6a6829f45f916880716ba3cd874bcdb75a1fc825337f4fe53569883d4345231c4a7836eb698a47b2a35ce8eeee31372879ddfd89719f1d67456710753d4d83ff91d0a6ac99bebcffa3328458b8c32db2bd21c1aedfc6c77bc9ee2c0b18b5e4c3622be2bb61c82b5cd105526697bbcea395a6d12594bcc40469e226afd9638a56a099194d7df32955dae410df5872c6b00c5e7ec279b36c7187fc277490ed3b4779f5a1bb1ac8b4759486287cd0ea5832264125c2678551db25be2651e17491144c27da9e8379f3b4cad657bfa174c22a2e96a116daa413f87f8bcbe6e8d9a214c4efbe9e0819da5fc6f951e78c90353917162da6310741aa4017a1c9b1f166cfffb824f7c3c2ae64d42a1cb70bf4a2a5493e80dc5a1410279804c14529f86bb8121cefe5e1ebf2ccf5c10b6c62ee0660bcf00a253e8173727ed7dececf1970fadf67af08db997c7cf4369bab5442d55444269ac8ee7bc8901a16782d54da7b3bdc727f77974ccf8f3668c131a1dfb193ee4f9be986f2dc1ed4cbd79cede349ed90c979ca2444b96a39b5781c963153708ffad98712e3967d4e2a16c7283a9325cb95389271da0103786e524c9748b1ae1518093fc7d3c886a6a460212d08210e54f4e2904382dfaf06034bd909709f591a62e961e669a85ae05f5dc91d2cb5bd1b49b7690916fb33d3e7349461fe5166c76c92fde2eca5c9d3e8d56f847e1a6d5f1e93354f86be5d130bbea2c7b2c4987f1545ff65e82b771cc5e92262a59b95cf519fb0819265b890a3e42d66c8a66e817d228259858dca15ff4ae8f87d585501bb9070d4b5fab24c6ff4e92ea595db47d07e9011f1da98a9b57fa8ee8a0e3fcc7e1aea6a46fc3a0bbde3ff692291c55b9497a2f6d72204f8ce960486c4ec0c0c253af563ceb57f7bcdaab5ce251bc3cb9e42eb5941bbfec14a2ab56a2a20e55136976335cfd339bfc272df9a45ed50478d3418593955dae194797b027c0c23ca07d37b07e330999bf91af7ecfbabb6a5361a774d079739813cb3154c83d73fe223b057551fbf833ef13eb63bd3ecb21b9a1c312c7588733ffb5bc5819d35cb5c6927adb6a7624a5ffc65a659ecb030ae74e10abaa161e41b496da02758c710c059b3c96959ace64d74758a9724cfba3c60786a54a58ad5345c9accf708ed6b5e301b2aac23d544c377d6d7893db67f7b3f61c17816603ad9fe29b6ea956595837cc83262c056beb2b67c7b9d813f476e4d4a74fe7a7e844eccf30df7d4daa3e23b7a899ef9a427c5f43af8f28d25a8fc064a6986d74134475a8c79df3f2ffb3b6aa71e84d5bea0256ce58f083f7e750bebff85eefe6ffd4027efd7aa0581c9d2c704cb5528b88c33b2c61b4ab41ffa7365e16a7dd40215556385f8eb36d94c702ef03ecc0671c0ef094949569004572abbaad33afb8cfdbd55c856e0df09a847542c8e0b2d78f0e19237f30e433b5ae36598ff818f3e08eeb02d82ae7aeb05258115348d8a4077f757226710b6b1e173a9cbaa2311b48d45ab3d92b74ce1db03e3c971715fd95ecc78f0fccb487fa4d7e12dfe0751edb93d98d76b55939b059e0e64a1583663734688a0f179af2de4aac96c2e2a9e3773749bd8df213916fe98fe0dcc0754330f2832ea69c69e335c2104cdc40f1cc3ca2710ed33765ae237649c771f2f71999d944c33bb1f751a77cbaa0ab9105f6e5865a505d409066f4ae326c669dcdb386bab342758fa3bdadd5e6a7a0ba2873db15ad9c75cd036c01c1fae5b552923437dd30029541e06faa4eac31a59707805330b19ceb3637775558dc21ee0a31e253cb03025529cde3f41358b6c85c750f86a955b0d4a7f1a670552c6d090d2b218c9f1f9a80a7e5a21903b4008524c14c3d1a4aa7c6efae7f69405340110b9e294e38e74517976940f0d752014e5e709c3194a283e728a0113cc0dff8ee4a5699c4da5934f214805d4498a8f091f42ba1a8ecca438c85a30bfee4e6e92c577c78474f7fa266ff3e0f3435f016862718239775bc2ffe172a409819c3c2f69f7e4619741fdf866612cca5d66c66dff358fbc639bce031e40850a9de483dc6d79770e211ed210a355485ddd982d9bc4e44b6f8738ae321f3dd4efbd08d8f4090556bf03b595c2b9ea05dfcc226a17e23c6a579ad86f7a08834df2260f81d19f2f3f182a9ff098c6e2e1fc81418d57fddf030b7564a017df681e9802083a46b1be7fed3c2d5b76580e8f04da6b44214e74e4c76e3d87f2933157a6a1cf3b7ec468bde5a2eafde3c2ff0f4f114fb0174c1c36d0524956cb4248703c565191be2013600aa4ab821b4cc5c55c072196ef0063d3727afdd315fdac331af9da9fc396a9932201d5ef0b597f0c1233980a08c5e72c54ca10259cddbce5cbf7372882e9b24ad0f5e05cbfcb39e258d172ca3a36bbe59d9f2019695e0a0c32685bcb67b6259902f2fc3cbf7cbd7e69b56740b206fbb0fa82cce7a141ec7c46f6db95f9a319174a97ba230808bd613100c1c6acf315c910d62492c94904cc3d3458a9793753d5f7fbe70c2a897d9db5bdd01a4af1fe9d977ddfa5c4a1dd523cdfb817e724d9177eb6a98c09021b32ebf67c7245f938fc214805e4b8468ece9b2488c6a95a71c862aa7e66dc109a3bfc9164d984ff4c6df0e0bcb9a1574a7454cce36e90ba6a317390827ea9582077b171d1be2775811bca900fb8cc9a672ccabede0237c1c28cad7474a5dd9447cdc35639d2f21fbb6d74d6bc524e064175902777992ab2a88c1fe33e71af0371cbe331275c0e79f385642b2e2edf49cc4dae56d0f1bedfa0582343226f4aa163de45bcf764eaba704017cf9734f509bd7d6cb813fa1639ce7035e28ce357a522dfcfa60843f86b25529ea65aba048abcb6f2cd4ce13094e7775052d42d093a65df19a3fab698aec7104983c9ea1a7b1e883b9a41bc77c4790cbea65ff05929ea2b3fc50d43dccb60389eb754ebab36e6faffe4df608b4b4ff7ffd6ddd8ae925c5e8acd8e90a8d5b4d9533b19e87f6f5e8c620c234678a42e649890e15580944936f5a64a3b6c7fcd65a6e8409a4e0166b889c9ac287fe5e57e47f7fb7600cb197c0735f2ff50aca699faeafc77491eebfe7f9281b8a75acd91105fc490254d058086dfe78ed536f988de6939f9c3e783be1234d2d58c21d9fe3a0fad397b950f1854dfedc00222b312d32116385ce6d47ed8204cbafb945da251fdbea28e7405cfb0f4b21cc00d66233a561819c1148afed706ce8b2dbab606488f030a754e6d059865977727fc7a8506807c3d7b1336a847757f627cbe47ca0335c07956d7f9783d92eaf3b37375639f7b9df132359631120b5b06f6f5e2bac048da6ce458a8180bb1bb8c63a10460ce1479a711b35e9982e36707d80cbbbcc54a374471fd0d044a32167e486741c5d26836a5f75df67616adbe316035874c2c506449ac694442bef64be211b8d216b65ddca3cc8f89b4909ffcac59c26509446941d887d35ad89fd46c16b7f3b8ce81dd0975f76fb16a5d7a4e78393f686d1960e7d341e46f452fe3f30a4b1d3da49e39c879d3d2b1d9c722e22581d4af508747d6f3cca4b4a7c512033ecab701c2790e500cb8dfe9a5f7289deccf7889860668c7b72d32d07e3ffe52dd0511302a2166add244318c1b5c69674656c844add838ffc6eeeee18c553eda6a2cfd0e6f99aa7ab58304555630419d012d81f3bb561c5ee5a6550565d71a4f53721c4881612af2eee7911f9ae548a2ec114", 0xf8b}], 0x3}, 0x4)

447.288358ms ago: executing program 1 (id=3310):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000001040)={<r3=>0xffffffffffffffff})
splice(r3, 0x0, r2, 0x0, 0x8, 0x0)
r4 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r5 = memfd_create(&(0x7f0000000640)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\'5\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\x02\x00\x00\x00G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\x05\x00\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\xafON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00%\x19\xdd(5\xea0\x01,D\xf2\xa3\x85Q\x1f@\xdej\x88\xc8\x17\xc4<Y\xde\xf6v\x8f\x92\xd0XH\x12\x04\xf3\xd0-T\xcat\xf7\x85\xaa\x8fXT\xa1\xeb\xfd\xaf9\xca;\x85\x8b^\x8b\xa4\x89\xc7\x9c\x12\x91\xf9i\x02Q1D\xc2\xf5\x1c\x94\x1a\xcf\x80W\x84\x96,\x8fG\xacy?\xea$\xb2Ia\xce\x94\xf2Cm\x86\xb1qh8\xde\xe4\xe3\x80\xabM\xe9\x14|\xc1\xbb\xc14Dq\x1f\xf4\x88\xe7V\xe0\xa1Hb\xd94v&H\xd5j\x02~-\xed\r\xfc\xb4\r\x00\xe9\xe3\x92U\xe7\x8f\xcc\xe4HJ18R\xee\xc5\x85*\xcf\xcbh}&\xe2\xc5[\xbbY\xca\x17-\x04\x95\xa3\xc5(\x9c\xdaZ\x0f', 0x3)
ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r5)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r1, 0x18000000000002a0, 0x5d56452fd57c3b4c, 0x0, &(0x7f0000000bc0)="b6fc139f585578f830e90000000012e121ef93ba57d37c084eb79c8498edc025b1030ed2e2b02641be86776c532ab72ba8d242e04cdbdae150a60e645996be5540e8d6ed48ed6d4550915e423d1e8cf06d147580a4cf8ab8fe4c645edf7af823944f563276214c11af608e0b77a812fa616b342969a1e40ec5cee13a07b0cc764bdd8e7b83503b451147ec9fa9cf557e97067d7a3dccf69b53d0d341cbf360540f674c7781ac7f4b8cf3a5afe867c47f8bdc5bde6ec0da2dac70ecbc0340318d6d034661f35a47d1f4e0909cd383b741745facd98cac3c8431959438effd2c25c48a7153582683a432406095a64c498bfe654602bb530ba53094841ef7dbeb695c6591308e9704f29c73025efb57d33a8d0371800f5d829ee853e01be6a40fca93ab6865ae1f82e7a7941e3ad7e74afc3f9f8eb7ddfa1717e497b43d75c312fbaf14aa5bd7f012b66cdbb3996e6e13461d4b04ddab96925b96500986b1008c98a0d3208d4d2cb45b07fa2dd8e754fad08bf9cd7cbd423efbabaeca80316158badc1304e98961186957e6672fc06ebba76c76d441d8fda72c4f53e97c69df416b0ce0c6266dea2432408b2a513e4ae098be043b30c55e988721597e11ba0afca9411d835f", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000005}, 0x4c)
sendfile(r4, r4, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r4, 0x4c02, &(0x7f0000000480)={0x0, {}, 0x0, {}, 0x40000004, 0x0, 0xffffffff, 0x10, "28f5c9ea1f1ae4be4111ab18d2da69bde58cd7af40fd150b70aac11c2e16bd5bba7623c435aff90493ddd7aae07ef35f0700000000000000ecdd91b59ca8d541", "07a9310978042a8bfe1406584a128d7469166f4f07b84819e7df4af14e1df82d", [0x6, 0x9]})
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x64, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2, 0x0, 0x10}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @local}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x64}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x4c, 0x0, 0x1, 0x101, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_SEQ_ADJ_ORIG={0x14, 0xf, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x2}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7fe}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4004881}, 0x20008820)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f0000000340)={r4, 0xb, {0x0, 0x0, 0x0, 0x9, 0xa0e, 0x0, 0x2, 0x12, 0x10, "dd3f69943eebef80e9574e512a76b415b58af03d88444ad31a3f9ea01c259a99e160f54a91298688cd5460884d46cc0c76c95039b4b23f611de83a86b3f04b8e", "35d42d1c52961cb58491048d190b2ab895d5bdf57430812e4db320c0dab2f4aed97a139b2563926931afecea2b83507e1e3a6dd1d91063f5750b209457b99efe", "b7b0d261e620e7c5ce3dad114bf61645ea5edba56ed7aa2c47ef95aea141ada2", [0xfffffffffffffffe, 0x6f]}})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeea, 0x8031, 0xffffffffffffffff, 0x85494000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000940)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x30, 0x16, 0xa, 0x1, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x4}]}, @NFT_MSG_DELFLOWTABLE={0x38, 0x18, 0xa, 0x101, 0xb00, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xc, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x101}]}]}], {0x14, 0x10}}, 0xb0}, 0x1, 0x0, 0x0, 0x4004020}, 0x0)
r7 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r7, 0x0, 0xcc, &(0x7f0000000140)={@multicast2, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23b510d442ff13482864280a9c0f4eb5"}, 0x3c)
setsockopt$MRT_ADD_MFC_PROXY(r7, 0x0, 0xd2, &(0x7f0000000040)={@multicast2, @multicast1, 0x2, "4f6fb4d1af0f724e6118ecd4ac1100843af297baebb0efcdf5a284da144a011a"}, 0x3c)
setsockopt$MRT_DEL_MFC_PROXY(r7, 0x0, 0xd3, &(0x7f00000000c0)={@multicast2, @multicast1, 0x0, "c6c0e6ec8755b5dc4e305886d95f086707764f8d0e5a0358ea21274f844a69e9", 0x0, 0x200}, 0x3c)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)

0s ago: executing program 3 (id=3311):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, 0x0)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x8080, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4}, &(0x7f0000bbdffc))
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="040000000400000004000000"], 0x48)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
read$eventfd(r3, &(0x7f0000000340), 0x8)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000100), 0x24, 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000002b40)=ANY=[@ANYBLOB="02000000000000000000000004000000006b"], 0x24, 0x0)
rmdir(&(0x7f0000000040)='./bus\x00')
creat(0x0, 0x248)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x28, 0x0, 0x7, 0x201, 0x0, 0x0, {0x3, 0x0, 0x8}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x3}]}, 0x28}}, 0x28000)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRES32=0x1, @ANYBLOB='\x00\x00\x00\x00\x00'], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, 0x0)

kernel console output (not intermixed with test programs):

x+0x512/0x640
[  693.746911][T15879]  ? __kmalloc_cache_noprof+0x5f/0x780
[  693.746923][T15879]  should_failslab+0xc2/0x120
[  693.746938][T15879]  __kmalloc_cache_noprof+0x72/0x780
[  693.746948][T15879]  ? do_raw_spin_lock+0x12c/0x2b0
[  693.746964][T15879]  ? p9_fid_create+0x41/0x260
[  693.746981][T15879]  ? p9_fid_create+0x41/0x260
[  693.746994][T15879]  p9_fid_create+0x41/0x260
[  693.747007][T15879]  p9_client_attach+0x92/0x2b0
[  693.747023][T15879]  ? __pfx_p9_client_attach+0x10/0x10
[  693.747038][T15879]  ? v9fs_fid_lookup+0x4bd/0xeb0
[  693.747054][T15879]  v9fs_fid_lookup+0x97a/0xeb0
[  693.747068][T15879]  ? __pfx_v9fs_mapped_dotl_flags+0x10/0x10
[  693.747079][T15879]  v9fs_vfs_lookup+0x1a1/0x5b0
[  693.747095][T15879]  ? __pfx_v9fs_vfs_lookup+0x10/0x10
[  693.747113][T15879]  ? find_held_lock+0x2b/0x80
[  693.747126][T15879]  v9fs_vfs_atomic_open_dotl+0x89b/0xd30
[  693.747138][T15879]  ? d_alloc_parallel+0x864/0x1510
[  693.747154][T15879]  ? __pfx_v9fs_vfs_atomic_open_dotl+0x10/0x10
[  693.747169][T15879]  ? __pfx_d_alloc_parallel+0x10/0x10
[  693.747186][T15879]  ? __d_lookup+0x266/0x4a0
[  693.747202][T15879]  ? __pfx_v9fs_vfs_atomic_open_dotl+0x10/0x10
[  693.747214][T15879]  lookup_open.isra.0+0x83d/0x1580
[  693.747240][T15879]  ? __pfx_lookup_open.isra.0+0x10/0x10
[  693.747265][T15879]  ? lookup_fast+0x156/0x610
[  693.747276][T15879]  path_openat+0x893/0x2cb0
[  693.747291][T15879]  ? stack_trace_save+0x8e/0xc0
[  693.747304][T15879]  ? __pfx_path_openat+0x10/0x10
[  693.747315][T15879]  ? stack_depot_save_flags+0x29/0x9c0
[  693.747334][T15879]  do_filp_open+0x20b/0x470
[  693.747344][T15879]  ? kmem_cache_alloc_noprof+0x250/0x6e0
[  693.747355][T15879]  ? __pfx_do_filp_open+0x10/0x10
[  693.747365][T15879]  ? do_fast_syscall_32+0x32/0x80
[  693.747378][T15879]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  693.747407][T15879]  do_open_execat+0xf9/0x3a0
[  693.747418][T15879]  ? __pfx_do_open_execat+0x10/0x10
[  693.747433][T15879]  alloc_bprm+0x2d/0x710
[  693.747445][T15879]  do_execveat_common.isra.0+0x1ce/0x610
[  693.747458][T15879]  __ia32_compat_sys_execveat+0xe0/0x120
[  693.747471][T15879]  __do_fast_syscall_32+0x7c/0x300
[  693.747486][T15879]  do_fast_syscall_32+0x32/0x80
[  693.747499][T15879]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  693.747511][T15879] RIP: 0023:0xf70fd579
[  693.747520][T15879] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  693.747530][T15879] RSP: 002b:00000000f54ed55c EFLAGS: 00000296 ORIG_RAX: 0000000000000166
[  693.747541][T15879] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000040
[  693.747547][T15879] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  693.747553][T15879] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  693.747559][T15879] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  693.747565][T15879] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  693.747578][T15879]  </TASK>
[  693.858765][    C0] vkms_vblank_simulate: vblank timer overrun
[  695.519159][T15896] Cache volume key already in use (9p,syz,)
[  697.185188][T15918] ntfs3(nullb0): Primary boot signature is not NTFS.
[  697.187958][T15918] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  697.637642][T15932] FAULT_INJECTION: forcing a failure.
[  697.637642][T15932] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  697.641720][T15932] CPU: 3 UID: 0 PID: 15932 Comm: syz.3.2760 Not tainted syzkaller #0 PREEMPT(full) 
[  697.641737][T15932] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  697.641743][T15932] Call Trace:
[  697.641749][T15932]  <TASK>
[  697.641753][T15932]  dump_stack_lvl+0x16c/0x1f0
[  697.641771][T15932]  should_fail_ex+0x512/0x640
[  697.641790][T15932]  _copy_from_user+0x2e/0xd0
[  697.641809][T15932]  __sys_bpf+0x248/0x4980
[  697.641823][T15932]  ? __pfx___sys_bpf+0x10/0x10
[  697.641833][T15932]  ? find_held_lock+0x2b/0x80
[  697.641847][T15932]  ? find_held_lock+0x2b/0x80
[  697.641861][T15932]  ? __mutex_unlock_slowpath+0x161/0x7b0
[  697.641883][T15932]  ? fput+0x9b/0xd0
[  697.641897][T15932]  ? ksys_write+0x1ac/0x250
[  697.641909][T15932]  ? __pfx_ksys_write+0x10/0x10
[  697.641923][T15932]  __ia32_sys_bpf+0x76/0xe0
[  697.641935][T15932]  __do_fast_syscall_32+0x7c/0x300
[  697.641950][T15932]  do_fast_syscall_32+0x32/0x80
[  697.641963][T15932]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  697.641976][T15932] RIP: 0023:0xf7f02579
[  697.641985][T15932] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  697.641995][T15932] RSP: 002b:00000000f53f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000165
[  697.642005][T15932] RAX: ffffffffffffffda RBX: 0000000000000012 RCX: 0000000080000300
[  697.642012][T15932] RDX: 0000000000000028 RSI: 0000000000000000 RDI: 0000000000000000
[  697.642018][T15932] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  697.642024][T15932] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  697.642030][T15932] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  697.642044][T15932]  </TASK>
[  697.755878][T15934] loop2: detected capacity change from 0 to 7
[  697.763383][T15767] Dev loop2: unable to read RDB block 7
[  697.766824][T15767]  loop2: unable to read partition table
[  697.769256][T15767] loop2: partition table beyond EOD, truncated
[  697.776499][T15934] Dev loop2: unable to read RDB block 7
[  697.778922][T15934]  loop2: unable to read partition table
[  697.781374][T15934] loop2: partition table beyond EOD, truncated
[  697.785318][T15934] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  697.800942][T15934] netlink: 84 bytes leftover after parsing attributes in process `syz.3.2762'.
[  698.729663][T15950] netlink: 'syz.3.2766': attribute type 29 has an invalid length.
[  698.805773][T15955] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2767'.
[  699.484524][ T5944] Bluetooth: hci4: command 0x0c1a tx timeout
[  699.484650][T15926] Bluetooth: hci4: Opcode 0x0c1a failed: -110
[  700.101731][T15959] syz.3.2768: vmalloc error: size 67112960, failed to allocated page array size 131080, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  700.108062][T15959] CPU: 3 UID: 0 PID: 15959 Comm: syz.3.2768 Not tainted syzkaller #0 PREEMPT(full) 
[  700.108077][T15959] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  700.108084][T15959] Call Trace:
[  700.108088][T15959]  <TASK>
[  700.108093][T15959]  dump_stack_lvl+0x16c/0x1f0
[  700.108110][T15959]  warn_alloc+0x248/0x3a0
[  700.108122][T15959]  ? __pfx_warn_alloc+0x10/0x10
[  700.108138][T15959]  ? nf_tables_newset+0x24fa/0x4320
[  700.108155][T15959]  ? __vmalloc_node_noprof+0xad/0xf0
[  700.108178][T15959]  __vmalloc_node_range_noprof+0xfe2/0x1480
[  700.108198][T15959]  ? nf_tables_newset+0x24fa/0x4320
[  700.108217][T15959]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  700.108234][T15959]  ? ___kmalloc_large_node+0xed/0x160
[  700.108252][T15959]  __kvmalloc_node_noprof+0x431/0x9c0
[  700.108265][T15959]  ? nf_tables_newset+0x24fa/0x4320
[  700.108282][T15959]  ? nf_tables_newset+0x24fa/0x4320
[  700.108297][T15959]  ? nft_hash_buckets+0x77/0xa0
[  700.108306][T15959]  ? nft_pipapo_estimate+0x17f/0x3b0
[  700.108322][T15959]  ? nf_tables_newset+0x24fa/0x4320
[  700.108337][T15959]  nf_tables_newset+0x24fa/0x4320
[  700.108358][T15959]  ? __pfx_nf_tables_newset+0x10/0x10
[  700.108376][T15959]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  700.108395][T15959]  ? __nla_validate_parse+0x600/0x2880
[  700.108421][T15959]  ? __nla_parse+0x40/0x60
[  700.108434][T15959]  nfnetlink_rcv_batch+0x190d/0x2350
[  700.108456][T15959]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  700.108473][T15959]  ? __local_bh_enable_ip+0x107/0x120
[  700.108486][T15959]  ? __dev_queue_xmit+0xaf1/0x4490
[  700.108500][T15959]  ? __dev_queue_xmit+0xb12/0x4490
[  700.108520][T15959]  ? __pfx___dev_queue_xmit+0x10/0x10
[  700.108548][T15959]  ? __nla_parse+0x40/0x60
[  700.108561][T15959]  nfnetlink_rcv+0x3c1/0x430
[  700.108575][T15959]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  700.108593][T15959]  netlink_unicast+0x5aa/0x870
[  700.108606][T15959]  ? __pfx_netlink_unicast+0x10/0x10
[  700.108622][T15959]  netlink_sendmsg+0x8c8/0xdd0
[  700.108635][T15959]  ? __pfx_netlink_sendmsg+0x10/0x10
[  700.108648][T15959]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  700.108666][T15959]  ____sys_sendmsg+0xa98/0xc70
[  700.108681][T15959]  ? __pfx_____sys_sendmsg+0x10/0x10
[  700.108694][T15959]  ? get_compat_msghdr+0x11a/0x170
[  700.108706][T15959]  ? __pfx_futex_wake_mark+0x10/0x10
[  700.108725][T15959]  ___sys_sendmsg+0x134/0x1d0
[  700.108737][T15959]  ? __pfx____sys_sendmsg+0x10/0x10
[  700.108754][T15959]  ? find_held_lock+0x2b/0x80
[  700.108775][T15959]  __sys_sendmsg+0x16d/0x220
[  700.108785][T15959]  ? __pfx___sys_sendmsg+0x10/0x10
[  700.108795][T15959]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  700.108816][T15959]  ? rcu_is_watching+0x12/0xc0
[  700.108829][T15959]  __do_fast_syscall_32+0x7c/0x300
[  700.108845][T15959]  do_fast_syscall_32+0x32/0x80
[  700.108858][T15959]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  700.108871][T15959] RIP: 0023:0xf7f02579
[  700.108879][T15959] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  700.108890][T15959] RSP: 002b:00000000f53b455c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  700.108900][T15959] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000800000c0
[  700.108907][T15959] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  700.108913][T15959] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  700.108919][T15959] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  700.108925][T15959] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  700.108938][T15959]  </TASK>
[  700.108942][T15959] Mem-Info:
[  700.226824][T15959] active_anon:26667 inactive_anon:14762 isolated_anon:0
[  700.226824][T15959]  active_file:3184 inactive_file:14389 isolated_file:0
[  700.226824][T15959]  unevictable:1768 dirty:186 writeback:0
[  700.226824][T15959]  slab_reclaimable:6232 slab_unreclaimable:54416
[  700.226824][T15959]  mapped:29384 shmem:40066 pagetables:1495
[  700.226824][T15959]  sec_pagetables:326 bounce:0
[  700.226824][T15959]  kernel_misc_reclaimable:0
[  700.226824][T15959]  free:43288 free_pcp:7353 free_cma:0
[  700.241304][T15959] Node 0 active_anon:5232kB inactive_anon:148kB active_file:64kB inactive_file:0kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:6124kB dirty:4kB writeback:0kB shmem:8356kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8216kB pagetables:1964kB sec_pagetables:1188kB all_unreclaimable? no Balloon:0kB
[  700.254741][T15959] Node 1 active_anon:104580kB inactive_anon:58788kB active_file:12672kB inactive_file:57556kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:112668kB dirty:784kB writeback:0kB shmem:155040kB shmem_thp:4096kB shmem_pmdmapped:2048kB anon_thp:0kB kernel_stack:5456kB pagetables:3940kB sec_pagetables:116kB all_unreclaimable? no Balloon:0kB
[  700.266334][T15959] Node 0 DMA free:2060kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:132kB inactive_anon:0kB active_file:60kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:16kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:360kB local_pcp:12kB free_cma:0kB
[  700.282384][T15959] lowmem_reserve[]: 0 294 294 294 294
[  700.284203][T15959] Node 0 DMA32 free:16936kB boost:0kB min:13448kB low:16808kB high:20168kB reserved_highatomic:2048KB free_highatomic:920KB active_anon:5136kB inactive_anon:148kB active_file:4kB inactive_file:0kB unevictable:3536kB writepending:4kB zspages:424kB present:1032196kB managed:301116kB mlocked:0kB bounce:0kB free_pcp:3016kB local_pcp:664kB free_cma:0kB
[  700.294711][T15959] lowmem_reserve[]: 0 0 0 0 0
[  700.296203][T15959] Node 1 DMA32 free:145824kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB free_highatomic:1632KB active_anon:105288kB inactive_anon:58788kB active_file:12672kB inactive_file:57556kB unevictable:3536kB writepending:812kB zspages:4552kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:30888kB local_pcp:596kB free_cma:0kB
[  700.309772][T15959] lowmem_reserve[]: 0 0 0 0 0
[  700.311757][T15959] Node 0 DMA: 1*4kB (U) 17*8kB (UM) 6*16kB (UM) 7*32kB (UM) 3*64kB (UM) 1*128kB (M) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2060kB
[  700.312977][T15926] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  700.325227][T15926] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  700.325639][T15959] Node 0 
[  700.330717][T15926] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  700.337802][T15959] DMA32: 468*4kB (UMH) 131*8kB (UMEH) 108*16kB (UEH) 14*32kB (MEH) 25*64kB (UMEH) 26*128kB (UMEH) 7*256kB (UM) 6*512kB (UM) 2*1024kB (M) 0*2048kB 0*4096kB = 16936kB
[  700.344997][T15926] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  700.347848][T15959] Node 1 DMA32: 276*4kB (UMEH) 560*8kB (UEH) 183*16kB (UMEH) 466*32kB (UMEH) 176*64kB (UEH) 126*128kB (UMEH) 41*256kB (UME) 38*512kB (UM) 37*1024kB (UM) 9*2048kB (UM) 2*4096kB (U) = 145280kB
[  700.355272][T15959] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  700.359337][T15959] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  700.363007][T15959] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  700.367535][T15926] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  700.367905][T15959] Node 1 hugepages_total=6 hugepages_free=6 hugepages_surp=4 hugepages_size=2048kB
[  700.374068][T15959] 58906 total pagecache pages
[  700.376413][T15959] 332 pages in swap cache
[  700.379431][T15926] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  700.382212][T15959] Free swap  = 107260kB
[  700.384055][T15959] Total swap = 124996kB
[  700.384641][T15926] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  700.386280][T15959] 524155 pages RAM
[  700.389521][T15959] 0 pages HighMem/MovableOnly
[  700.391840][T15959] 207981 pages reserved
[  700.393442][T15926] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  700.395704][T15959] 0 pages cma reserved
[  700.406290][T15926] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  700.414974][T15926] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  700.424224][T15926] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  700.739040][T15978] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2774'.
[  700.778178][   T40] kauditd_printk_skb: 63 callbacks suppressed
[  700.778189][   T40] audit: type=1326 audit(1764402598.255:2759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15979 comm="syz.0.2775" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70fd579 code=0x0
[  701.372691][T15992] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  701.442713][T15989] Cache volume key already in use (9p,syz,)
[  701.606083][T15995] 9pnet_virtio: no channels available for device syz
[  701.804603][ T5944] Bluetooth: hci4: command 0x0c1a tx timeout
[  701.807363][T16014] fuse: Unknown parameter 'fdm0x0000000000000004'
[  701.835919][T16018] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  701.929889][T16028] FAULT_INJECTION: forcing a failure.
[  701.929889][T16028] name failslab, interval 1, probability 0, space 0, times 0
[  701.935296][T16028] CPU: 2 UID: 0 PID: 16028 Comm: syz.3.2790 Not tainted syzkaller #0 PREEMPT(full) 
[  701.935326][T16028] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  701.935337][T16028] Call Trace:
[  701.935344][T16028]  <TASK>
[  701.935351][T16028]  dump_stack_lvl+0x16c/0x1f0
[  701.935377][T16028]  should_fail_ex+0x512/0x640
[  701.935402][T16028]  ? __kmalloc_noprof+0xca/0x880
[  701.935422][T16028]  should_failslab+0xc2/0x120
[  701.935446][T16028]  __kmalloc_noprof+0xdd/0x880
[  701.935462][T16028]  ? __do_sys_futex_waitv+0x221/0x2c0
[  701.935492][T16028]  ? __do_sys_futex_waitv+0x221/0x2c0
[  701.935515][T16028]  __do_sys_futex_waitv+0x221/0x2c0
[  701.935539][T16028]  ? __pfx___do_sys_futex_waitv+0x10/0x10
[  701.935572][T16028]  ? rcu_is_watching+0x12/0xc0
[  701.935594][T16028]  __do_fast_syscall_32+0x7c/0x300
[  701.935619][T16028]  do_fast_syscall_32+0x32/0x80
[  701.935640][T16028]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  701.935660][T16028] RIP: 0023:0xf7f02579
[  701.935675][T16028] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  701.935691][T16028] RSP: 002b:00000000f53d555c EFLAGS: 00000296 ORIG_RAX: 00000000000001c1
[  701.935708][T16028] RAX: ffffffffffffffda RBX: 0000000080001080 RCX: 0000000000000001
[  701.935733][T16028] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[  701.935746][T16028] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  701.935756][T16028] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  701.935766][T16028] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  701.935790][T16028]  </TASK>
[  702.364714][ T5944] Bluetooth: hci2: command 0x0c1a tx timeout
[  702.406216][T16050] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  702.446758][ T5944] Bluetooth: hci3: command 0x0c1a tx timeout
[  702.448914][ T5944] Bluetooth: hci1: command 0x0c1a tx timeout
[  703.885966][ T5951] Bluetooth: hci4: command 0x0c1a tx timeout
[  704.444668][ T5951] Bluetooth: hci2: command 0x0c1a tx timeout
[  704.526989][ T5951] Bluetooth: hci1: command 0x0c1a tx timeout
[  704.527013][ T5944] Bluetooth: hci3: command 0x0c1a tx timeout
[  704.898467][T16070] binder_alloc: 16068: binder_alloc_buf, no vma
[  706.089116][T16081] FAULT_INJECTION: forcing a failure.
[  706.089116][T16081] name failslab, interval 1, probability 0, space 0, times 0
[  706.094209][T16081] CPU: 1 UID: 0 PID: 16081 Comm: syz.2.2808 Not tainted syzkaller #0 PREEMPT(full) 
[  706.094236][T16081] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  706.094242][T16081] Call Trace:
[  706.094247][T16081]  <TASK>
[  706.094252][T16081]  dump_stack_lvl+0x16c/0x1f0
[  706.094269][T16081]  should_fail_ex+0x512/0x640
[  706.094285][T16081]  ? __kmalloc_cache_noprof+0x5f/0x780
[  706.094298][T16081]  should_failslab+0xc2/0x120
[  706.094312][T16081]  __kmalloc_cache_noprof+0x72/0x780
[  706.094323][T16081]  ? io_uring_setup+0x278/0x20e0
[  706.094338][T16081]  ? io_uring_setup+0x278/0x20e0
[  706.094349][T16081]  io_uring_setup+0x278/0x20e0
[  706.094363][T16081]  ? __pfx_io_uring_setup+0x10/0x10
[  706.094379][T16081]  ? __pfx___schedule+0x10/0x10
[  706.094390][T16081]  ? __fget_files+0x20e/0x3c0
[  706.094405][T16081]  ? ksys_write+0x1ac/0x250
[  706.094433][T16081]  __ia32_sys_io_uring_setup+0xc2/0x170
[  706.094447][T16081]  __do_fast_syscall_32+0x7c/0x300
[  706.094462][T16081]  do_fast_syscall_32+0x32/0x80
[  706.094475][T16081]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  706.094488][T16081] RIP: 0023:0xf7f94579
[  706.094497][T16081] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  706.094508][T16081] RSP: 002b:00000000f544450c EFLAGS: 00000246 ORIG_RAX: 00000000000001a9
[  706.094519][T16081] RAX: ffffffffffffffda RBX: 000000000000088f RCX: 0000000080000140
[  706.094525][T16081] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  706.094531][T16081] RBP: 0000000080000000 R08: 0000000000000000 R09: 0000000000000000
[  706.094537][T16081] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  706.094543][T16081] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  706.094557][T16081]  </TASK>
[  706.295527][T16083] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  706.399770][T16087] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2811'.
[  706.548138][ T5944] Bluetooth: hci2: command 0x0c1a tx timeout
[  706.605601][ T5951] Bluetooth: hci1: command 0x0c1a tx timeout
[  706.607589][ T5944] Bluetooth: hci3: command 0x0c1a tx timeout
[  706.973740][T16094] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2813'.
[  709.861492][T16125] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  711.694150][   T40] audit: type=1326 audit(1764402609.165:2760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16141 comm="syz.3.2826" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f02579 code=0x0
[  711.694798][T16144] 9pnet_virtio: no channels available for device syz
[  712.035383][T16154] 9pnet_virtio: no channels available for device syz
[  712.103542][   T40] audit: type=1326 audit(1764402609.575:2761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16152 comm="syz.2.2830" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f94579 code=0x0
[  712.161478][T16156] 9pnet_virtio: no channels available for device syz
[  712.245063][T16150] Cache volume key already in use (9p,syz,)
[  714.278496][T13676] Process accounting resumed
[  714.308885][T16177] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  714.315357][T16176] tipc: Resetting bearer <eth:syzkaller0>
[  714.535937][T13676] usb 6-1: new high-speed USB device number 83 using dummy_hcd
[  714.688683][T13676] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  714.692389][T13676] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  714.695589][T13676] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  714.699021][T13676] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  714.703911][T16173] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  714.712142][T13676] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  715.063080][T13676] usb 6-1: USB disconnect, device number 83
[  715.486631][T16176] tipc: Disabling bearer <eth:syzkaller0>
[  715.514026][T16185] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  715.661596][   T40] audit: type=1326 audit(1764402613.135:2762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16197 comm="syz.0.2839" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70fd579 code=0x0
[  715.665128][T16204] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb
[  715.698990][T16175] Process accounting resumed
[  715.902141][T16212] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  716.203301][T16219] vhci_hcd vhci_hcd.0: port 0 already used
[  716.332087][T16222] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  716.334256][T16222] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  716.337415][T16222] vhci_hcd vhci_hcd.0: Device attached
[  716.614540][T12129] usb 42-1: SetAddress Request (32) to port 0
[  716.616528][T12129] usb 42-1: new SuperSpeed USB device number 32 using vhci_hcd
[  716.768927][T16223] vhci_hcd: connection reset by peer
[  716.771174][T14783] vhci_hcd: stop threads
[  716.772692][T14783] vhci_hcd: release socket
[  716.774257][T14783] vhci_hcd: disconnect device
[  718.418451][   T40] audit: type=1326 audit(1764402615.895:2763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.2.2846" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000
[  718.428403][   T40] audit: type=1326 audit(1764402615.895:2764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.2.2846" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000
[  718.437254][   T40] audit: type=1326 audit(1764402615.895:2765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.2.2846" exe="/syz-executor" sig=0 arch=40000003 syscall=372 compat=1 ip=0xf7f94579 code=0x7ffc0000
[  718.446690][   T40] audit: type=1326 audit(1764402615.895:2766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.2.2846" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000
[  718.458059][   T40] audit: type=1326 audit(1764402615.895:2767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.2.2846" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000
[  718.467890][   T40] audit: type=1326 audit(1764402615.895:2768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.2.2846" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f94579 code=0x7ffc0000
[  718.476885][   T40] audit: type=1326 audit(1764402615.895:2769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.2.2846" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000
[  718.488750][   T40] audit: type=1326 audit(1764402615.895:2770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.2.2846" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000
[  718.497614][   T40] audit: type=1326 audit(1764402615.895:2771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.2.2846" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf7f94579 code=0x7ffc0000
[  718.506508][   T40] audit: type=1326 audit(1764402615.905:2772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16232 comm="syz.2.2846" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f94579 code=0x7ffc0000
[  719.491806][T16257] FAULT_INJECTION: forcing a failure.
[  719.491806][T16257] name failslab, interval 1, probability 0, space 0, times 0
[  719.496188][T16257] CPU: 0 UID: 0 PID: 16257 Comm: syz.1.2851 Not tainted syzkaller #0 PREEMPT(full) 
[  719.496204][T16257] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  719.496211][T16257] Call Trace:
[  719.496215][T16257]  <TASK>
[  719.496220][T16257]  dump_stack_lvl+0x16c/0x1f0
[  719.496239][T16257]  should_fail_ex+0x512/0x640
[  719.496256][T16257]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  719.496270][T16257]  should_failslab+0xc2/0x120
[  719.496286][T16257]  kmem_cache_alloc_node_noprof+0x78/0x770
[  719.496297][T16257]  ? __alloc_skb+0x2b2/0x380
[  719.496317][T16257]  ? __alloc_skb+0x2b2/0x380
[  719.496333][T16257]  ? __pfx_netlink_insert+0x10/0x10
[  719.496343][T16257]  __alloc_skb+0x2b2/0x380
[  719.496360][T16257]  ? __pfx___alloc_skb+0x10/0x10
[  719.496377][T16257]  ? netlink_autobind.isra.0+0x158/0x370
[  719.496391][T16257]  netlink_alloc_large_skb+0x69/0x140
[  719.496404][T16257]  netlink_sendmsg+0x698/0xdd0
[  719.496418][T16257]  ? __pfx_netlink_sendmsg+0x10/0x10
[  719.496432][T16257]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  719.496451][T16257]  ____sys_sendmsg+0xa98/0xc70
[  719.496467][T16257]  ? __pfx_____sys_sendmsg+0x10/0x10
[  719.496480][T16257]  ? get_compat_msghdr+0x11a/0x170
[  719.496496][T16257]  ___sys_sendmsg+0x134/0x1d0
[  719.496508][T16257]  ? __pfx____sys_sendmsg+0x10/0x10
[  719.496525][T16257]  ? find_held_lock+0x2b/0x80
[  719.496546][T16257]  __sys_sendmsg+0x16d/0x220
[  719.496557][T16257]  ? __pfx___sys_sendmsg+0x10/0x10
[  719.496574][T16257]  ? rcu_is_watching+0x12/0xc0
[  719.496588][T16257]  __do_fast_syscall_32+0x7c/0x300
[  719.496603][T16257]  do_fast_syscall_32+0x32/0x80
[  719.496618][T16257]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  719.496631][T16257] RIP: 0023:0xf704d579
[  719.496641][T16257] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  719.496652][T16257] RSP: 002b:00000000f543d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  719.496663][T16257] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000c40
[  719.496670][T16257] RDX: 0000000000000080 RSI: 0000000000000000 RDI: 0000000000000000
[  719.496676][T16257] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  719.496682][T16257] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  719.496689][T16257] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  719.496702][T16257]  </TASK>
[  720.780694][T16265] 9pnet_virtio: no channels available for device syz
[  721.644621][T12129] usb 42-1: device descriptor read/8, error -110
[  721.950285][T13676] Process accounting resumed
[  722.052350][T12129] usb usb42-port1: attempt power cycle
[  722.111991][T16303] netlink: 'syz.1.2864': attribute type 1 has an invalid length.
[  722.115441][T16303] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  722.886367][T16309] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  722.889475][T16309] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  722.904869][T16309] vhci_hcd vhci_hcd.0: Device attached
[  722.936047][T16295] Process accounting resumed
[  723.224546][T13676] usb 44-1: SetAddress Request (44) to port 0
[  723.226643][T13676] usb 44-1: new SuperSpeed USB device number 44 using vhci_hcd
[  723.359825][T16310] vhci_hcd: connection reset by peer
[  723.362713][T14783] vhci_hcd: stop threads
[  723.364732][T14783] vhci_hcd: release socket
[  723.367053][T14783] vhci_hcd: disconnect device
[  723.522153][T16324] netlink: zone id is out of range
[  723.592051][T16329] netlink: 'syz.0.2870': attribute type 2 has an invalid length.
[  723.834987][T12129] usb usb42-port1: unable to enumerate USB device
[  724.035235][T16335] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2872'.
[  724.048088][T16335] veth1_macvtap: left promiscuous mode
[  724.172336][T16340] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2873'.
[  724.178245][T16350] netlink: zone id is out of range
[  724.310193][T16359] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2882'.
[  724.396943][T16363] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  724.403314][T16362] tipc: Resetting bearer <eth:syzkaller0>
[  725.645812][T16362] tipc: Disabling bearer <eth:syzkaller0>
[  725.771521][T16372] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  725.838514][T16374] batadv0: entered promiscuous mode
[  725.844307][T16373] batadv0: left promiscuous mode
[  726.132391][T16381] netlink: zone id is out of range
[  726.210581][T16394] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  726.251212][T16383] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2890'.
[  726.567390][T13488] libceph: connect (1)[c::]:6789 error -101
[  726.571777][T13488] libceph: mon0 (1)[c::]:6789 connect error
[  726.605710][T16407] ceph: No mds server is up or the cluster is laggy
[  727.033901][T16418] FAULT_INJECTION: forcing a failure.
[  727.033901][T16418] name failslab, interval 1, probability 0, space 0, times 0
[  727.038203][T16418] CPU: 2 UID: 0 PID: 16418 Comm: syz.0.2900 Not tainted syzkaller #0 PREEMPT(full) 
[  727.038218][T16418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  727.038224][T16418] Call Trace:
[  727.038229][T16418]  <TASK>
[  727.038233][T16418]  dump_stack_lvl+0x16c/0x1f0
[  727.038252][T16418]  should_fail_ex+0x512/0x640
[  727.038268][T16418]  ? fs_reclaim_acquire+0xae/0x150
[  727.038291][T16418]  should_failslab+0xc2/0x120
[  727.038315][T16418]  __kmalloc_noprof+0xdd/0x880
[  727.038332][T16418]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  727.038359][T16418]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  727.038378][T16418]  tomoyo_realpath_from_path+0xc2/0x6e0
[  727.038395][T16418]  ? tomoyo_profile+0x47/0x60
[  727.038409][T16418]  tomoyo_path_number_perm+0x245/0x580
[  727.038425][T16418]  ? tomoyo_path_number_perm+0x237/0x580
[  727.038443][T16418]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  727.038473][T16418]  ? find_held_lock+0x2b/0x80
[  727.038484][T16418]  ? hook_file_ioctl_common+0x145/0x410
[  727.038498][T16418]  ? __fget_files+0x20e/0x3c0
[  727.038516][T16418]  security_file_ioctl_compat+0x9b/0x240
[  727.038533][T16418]  __ia32_compat_sys_ioctl+0xc3/0x370
[  727.038558][T16418]  __do_fast_syscall_32+0x7c/0x300
[  727.038573][T16418]  do_fast_syscall_32+0x32/0x80
[  727.038587][T16418]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  727.038600][T16418] RIP: 0023:0xf70fd579
[  727.038612][T16418] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  727.038627][T16418] RSP: 002b:00000000f54ab55c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  727.038642][T16418] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 000000008010aa01
[  727.038652][T16418] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  727.038658][T16418] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  727.038664][T16418] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  727.038670][T16418] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  727.038684][T16418]  </TASK>
[  727.038689][T16418] ERROR: Out of memory at tomoyo_realpath_from_path.
[  727.252215][T16427] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  727.484076][T16431] 9pnet_virtio: no channels available for device syz
[  727.491047][T16435] FAULT_INJECTION: forcing a failure.
[  727.491047][T16435] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  727.501855][T16435] CPU: 2 UID: 0 PID: 16435 Comm: syz.3.2906 Not tainted syzkaller #0 PREEMPT(full) 
[  727.501871][T16435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  727.501892][T16435] Call Trace:
[  727.501897][T16435]  <TASK>
[  727.501902][T16435]  dump_stack_lvl+0x16c/0x1f0
[  727.501919][T16435]  should_fail_ex+0x512/0x640
[  727.501937][T16435]  _copy_from_user+0x2e/0xd0
[  727.501954][T16435]  get_compat_msghdr+0xa7/0x170
[  727.501965][T16435]  ? __pfx_get_compat_msghdr+0x10/0x10
[  727.501980][T16435]  ___sys_sendmsg+0x1ae/0x1d0
[  727.501992][T16435]  ? __pfx____sys_sendmsg+0x10/0x10
[  727.502009][T16435]  ? find_held_lock+0x2b/0x80
[  727.502029][T16435]  __sys_sendmsg+0x16d/0x220
[  727.502040][T16435]  ? __pfx___sys_sendmsg+0x10/0x10
[  727.502056][T16435]  ? rcu_is_watching+0x12/0xc0
[  727.502070][T16435]  __do_fast_syscall_32+0x7c/0x300
[  727.502085][T16435]  do_fast_syscall_32+0x32/0x80
[  727.502098][T16435]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  727.502111][T16435] RIP: 0023:0xf7f02579
[  727.502120][T16435] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  727.502129][T16435] RSP: 002b:00000000f53f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  727.502140][T16435] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000540
[  727.502146][T16435] RDX: 0000000000040040 RSI: 0000000000000000 RDI: 0000000000000000
[  727.502152][T16435] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  727.502158][T16435] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  727.502164][T16435] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  727.502178][T16435]  </TASK>
[  728.134810][   T40] kauditd_printk_skb: 6 callbacks suppressed
[  728.134834][   T40] audit: type=1800 audit(1764402625.605:2779): pid=16425 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2903" name="cpuset.memory_pressure_enabled" dev="9p" ino=74973551 res=0 errno=0
[  728.285139][T13676] usb 44-1: device descriptor read/8, error -110
[  728.515361][T16446] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2910'.
[  728.549337][T16448] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  728.644772][T16454] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2914'.
[  728.692709][T16454] team0: Port device team_slave_1 removed
[  728.699940][T16457] netlink: 'syz.2.2915': attribute type 10 has an invalid length.
[  728.703582][T16457] netlink: 'syz.2.2915': attribute type 10 has an invalid length.
[  728.981496][T16462] 9pnet_virtio: no channels available for device syz
[  729.135817][T13676] usb usb44-port1: attempt power cycle
[  730.286193][T16468] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2919'.
[  730.344610][   T10] usb 8-1: new low-speed USB device number 86 using dummy_hcd
[  730.418422][T13676] usb usb44-port1: unable to enumerate USB device
[  731.205034][T13676] Process accounting resumed
[  731.226290][   T10] usb 8-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  731.230489][   T10] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  731.234352][   T10] usb 8-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  731.238612][   T10] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  731.249099][   T10] usb 8-1: config 0 descriptor??
[  731.375458][   T40] audit: type=1800 audit(1764402628.845:2780): pid=16479 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.2920" name="cpuset.memory_pressure_enabled" dev="9p" ino=74973551 res=0 errno=0
[  731.422972][T16486] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  731.481335][ T6005] usb 8-1: USB disconnect, device number 86
[  731.494993][T13676] usb 6-1: new high-speed USB device number 84 using dummy_hcd
[  731.628459][T16489] qnx6: unable to read the first superblock
[  731.686149][T13676] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  731.689627][T13676] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  731.692717][T13676] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  731.695754][T13676] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  731.700325][T16478] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  731.704499][T13676] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  732.033505][T13676] usb 6-1: USB disconnect, device number 84
[  732.688395][T16477] Process accounting resumed
[  732.875475][T16510] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2929'.
[  733.261848][T16531] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  734.644520][T12129] usb 5-1: new low-speed USB device number 79 using dummy_hcd
[  734.811634][T12129] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  734.820608][T12129] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  734.829958][T12129] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  734.833913][T12129] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  734.848269][T12129] usb 5-1: config 0 descriptor??
[  735.129828][ T5948] usb 5-1: USB disconnect, device number 79
[  736.046033][T16581] FAULT_INJECTION: forcing a failure.
[  736.046033][T16581] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  736.072799][T16581] CPU: 3 UID: 0 PID: 16581 Comm: syz.0.2939 Not tainted syzkaller #0 PREEMPT(full) 
[  736.072817][T16581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  736.072824][T16581] Call Trace:
[  736.072828][T16581]  <TASK>
[  736.072833][T16581]  dump_stack_lvl+0x16c/0x1f0
[  736.072852][T16581]  should_fail_ex+0x512/0x640
[  736.072870][T16581]  _copy_from_user+0x2e/0xd0
[  736.072887][T16581]  ucma_write+0x128/0x330
[  736.072904][T16581]  ? __pfx_ucma_write+0x10/0x10
[  736.072919][T16581]  ? bpf_lsm_file_permission+0x9/0x10
[  736.072931][T16581]  ? security_file_permission+0x71/0x210
[  736.072944][T16581]  ? rw_verify_area+0xcf/0x6c0
[  736.072955][T16581]  ? __pfx_ucma_write+0x10/0x10
[  736.072969][T16581]  vfs_write+0x2a0/0x11d0
[  736.072983][T16581]  ? __pfx_vfs_write+0x10/0x10
[  736.072994][T16581]  ? find_held_lock+0x2b/0x80
[  736.073009][T16581]  ? __fget_files+0x204/0x3c0
[  736.073022][T16581]  ? __fget_files+0x20e/0x3c0
[  736.073031][T16581]  ? handle_mm_fault+0x210/0xd10
[  736.073051][T16581]  ksys_write+0x1f8/0x250
[  736.073062][T16581]  ? __pfx_ksys_write+0x10/0x10
[  736.073074][T16581]  ? rcu_is_watching+0x12/0xc0
[  736.073091][T16581]  __do_fast_syscall_32+0x7c/0x300
[  736.073107][T16581]  do_fast_syscall_32+0x32/0x80
[  736.073120][T16581]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  736.073133][T16581] RIP: 0023:0xf70fd579
[  736.073142][T16581] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  736.073152][T16581] RSP: 002b:00000000f54ed55c EFLAGS: 00000296 ORIG_RAX: 0000000000000004
[  736.073162][T16581] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000240
[  736.073169][T16581] RDX: 0000000000000030 RSI: 0000000000000000 RDI: 0000000000000000
[  736.073175][T16581] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  736.073181][T16581] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  736.073187][T16581] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  736.073200][T16581]  </TASK>
[  736.205577][T16588] ucma_write: process 457 (syz.0.2940) changed security contexts after opening file descriptor, this is not allowed.
[  737.526917][T16600] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2943'.
[  737.845286][T16610] vhci_hcd vhci_hcd.0: port 0 already used
[  737.856011][T12129] usb 8-1: new low-speed USB device number 87 using dummy_hcd
[  737.958489][T16611] binder: 16601:16611 ioctl 0 80000040 returned -22
[  737.970685][T16611] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2944'.
[  737.974582][T16611] netlink: 'syz.2.2944': attribute type 6 has an invalid length.
[  737.978213][T16611] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2944'.
[  738.012262][   T12] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  738.015705][   T12] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  738.015877][T12129] usb 8-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  738.019862][   T12] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  738.022407][T12129] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  738.039351][   T12] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  738.039647][T12129] usb 8-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  738.054495][T12129] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  738.074895][T12129] usb 8-1: config 0 descriptor??
[  738.319970][T12129] usb 8-1: USB disconnect, device number 87
[  740.497371][   T40] audit: type=1800 audit(1764402637.975:2781): pid=16619 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.2949" name="cpuset.memory_pressure_enabled" dev="9p" ino=74973551 res=0 errno=0
[  740.704596][ T6990] usb 8-1: new high-speed USB device number 88 using dummy_hcd
[  740.870729][ T6990] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  740.874726][ T6990] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  740.878635][ T6990] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  740.882131][ T6990] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  740.902914][T16632] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  740.922660][ T6990] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  741.248450][  T842] usb 8-1: USB disconnect, device number 88
[  741.760009][T16650] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  741.762161][T16650] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  741.827011][T16650] vhci_hcd vhci_hcd.0: Device attached
[  741.853988][T16655] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2957'.
[  742.015976][T16629] Process accounting resumed
[  742.171519][T13488] Process accounting resumed
[  742.234578][ T6990] usb 39-1: new low-speed USB device number 3 using vhci_hcd
[  742.462208][T13488] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[  742.497222][T16651] vhci_hcd: connection reset by peer
[  742.502863][ T1150] vhci_hcd: stop threads
[  742.504845][ T1150] vhci_hcd: release socket
[  742.507584][ T1150] vhci_hcd: disconnect device
[  742.619777][T13488] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  742.623733][T13488] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  742.627715][T13488] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  742.630856][T13488] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  742.643795][T16657] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  742.654789][T13488] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  743.440138][T13488] usb 5-1: USB disconnect, device number 80
[  743.671927][T16667] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2960'.
[  745.520226][T16657] Process accounting resumed
[  745.836045][T16685] vhci_hcd vhci_hcd.0: port 0 already used
[  745.996570][T16682] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  745.999430][T16682] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  746.010382][T16682] vhci_hcd vhci_hcd.0: Device attached
[  746.033008][T16689] vhci_hcd: connection closed
[  746.033187][T14784] vhci_hcd: stop threads
[  746.036176][T14784] vhci_hcd: release socket
[  746.037608][T14784] vhci_hcd: disconnect device
[  746.303787][T16696] netlink: zone id is out of range
[  746.723228][   T40] audit: type=1326 audit(1764402644.195:2782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16704 comm="syz.0.2970" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70fd579 code=0x0
[  746.767912][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  746.770695][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  747.006792][T16713] netlink: 'syz.1.2971': attribute type 1 has an invalid length.
[  747.009273][T16713] netlink: 'syz.1.2971': attribute type 6 has an invalid length.
[  747.011762][T16713] netlink: 52 bytes leftover after parsing attributes in process `syz.1.2971'.
[  747.070882][T16713] ext2: Unknown parameter 'grpquota
'
[  747.443101][ T6990] vhci_hcd: vhci_device speed not set
[  748.504566][   T29] usb 8-1: new low-speed USB device number 89 using dummy_hcd
[  748.707147][   T29] usb 8-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  748.710392][   T29] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  748.713252][   T29] usb 8-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  749.145508][   T29] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  749.194746][   T29] usb 8-1: config 0 descriptor??
[  749.582729][T16737] 9pnet_virtio: no channels available for device syz
[  749.710111][ T6074] usb 8-1: USB disconnect, device number 89
[  750.863006][T16747] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  750.864986][T16747] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  750.873153][T16747] vhci_hcd vhci_hcd.0: Device attached
[  751.124383][T16748] vhci_hcd: connection closed
[  751.125403][   T13] vhci_hcd: stop threads
[  751.129271][   T13] vhci_hcd: release socket
[  751.138533][   T13] vhci_hcd: disconnect device
[  751.154847][T13676] usb 42-1: enqueue for inactive port 0
[  751.193563][T16753] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  751.196127][T16753] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  751.231097][T16753] vhci_hcd vhci_hcd.0: Device attached
[  751.243005][T16754] vhci_hcd: connection closed
[  751.243592][T14784] vhci_hcd: stop threads
[  751.247571][T14784] vhci_hcd: release socket
[  751.249268][T14784] vhci_hcd: disconnect device
[  752.138809][T13676] usb usb42-port1: attempt power cycle
[  752.715000][   T40] audit: type=1326 audit(1764402650.195:2783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16763 comm="syz.2.2982" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f94579 code=0x0
[  752.805070][T13676] usb usb42-port1: unable to enumerate USB device
[  753.394501][T13676] usb 6-1: new high-speed USB device number 85 using dummy_hcd
[  753.641676][T13676] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  753.784645][ T1326] usb 5-1: new low-speed USB device number 81 using dummy_hcd
[  753.847983][T16794] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2990'.
[  753.936074][ T1326] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  753.940226][ T1326] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  753.943694][ T1326] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  753.948225][ T1326] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  753.953415][ T1326] usb 5-1: config 0 descriptor??
[  754.355137][ T6074] usb 5-1: USB disconnect, device number 81
[  755.448353][T13676] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  755.451930][T13676] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  755.643750][T13676] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  755.683536][T16781] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  755.688576][T13676] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  755.953735][   T40] audit: type=1326 audit(1764402653.415:2784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16803 comm="syz.0.2993" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  755.960679][   T40] audit: type=1326 audit(1764402653.415:2785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16803 comm="syz.0.2993" exe="/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  755.988914][   T40] audit: type=1326 audit(1764402653.415:2786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16803 comm="syz.0.2993" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  756.010968][   T29] usb 6-1: USB disconnect, device number 85
[  756.057715][   T40] audit: type=1326 audit(1764402653.425:2787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16803 comm="syz.0.2993" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  756.064650][   T40] audit: type=1326 audit(1764402653.425:2788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16803 comm="syz.0.2993" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  756.072881][   T40] audit: type=1326 audit(1764402653.425:2789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16803 comm="syz.0.2993" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  756.191109][T16810] netlink: zone id is out of range
[  756.568331][T16821] 9pnet_virtio: no channels available for device syz
[  756.941846][T13488] usb 8-1: new high-speed USB device number 90 using dummy_hcd
[  757.115632][T13488] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  757.123356][T13488] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  757.129608][T13488] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  757.135192][T13488] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  757.163209][T16818] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  757.184678][T13488] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  757.440566][ T6074] usb 8-1: USB disconnect, device number 90
[  757.577827][T16838] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3000'.
[  757.606763][T16835] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3001'.
[  757.611683][T16835] veth1_macvtap: left promiscuous mode
[  757.669056][T16841] netlink: zone id is out of range
[  757.713608][T16846] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  757.715879][T16846] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  757.719012][T16846] vhci_hcd vhci_hcd.0: Device attached
[  757.738782][T16848] vhci_hcd: connection closed
[  757.739335][ T1150] vhci_hcd: stop threads
[  757.743525][ T1150] vhci_hcd: release socket
[  757.745927][ T1150] vhci_hcd: disconnect device
[  757.829078][T16844] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3003'.
[  758.147146][T16859] 9pnet_virtio: no channels available for device syz
[  759.310250][T16862] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  759.521038][T16877] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3013'.
[  759.528898][T16877] veth1_macvtap: left promiscuous mode
[  759.529326][T16876] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3014'.
[  760.004693][ T1326] usb 6-1: new low-speed USB device number 86 using dummy_hcd
[  760.156323][ T1326] usb 6-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  760.159756][ T1326] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  760.162942][ T1326] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  760.166225][ T1326] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  760.172054][ T1326] usb 6-1: config 0 descriptor??
[  760.339850][T16888] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3018'.
[  760.371662][T16892] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3020'.
[  760.373305][T16890] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  760.416121][  T842] usb 6-1: USB disconnect, device number 86
[  761.187029][T16901] netlink: 'syz.3.3023': attribute type 1 has an invalid length.
[  761.466141][T16901] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  761.546576][   T40] audit: type=1800 audit(1764402659.025:2790): pid=16902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3022" name="cpuset.memory_pressure_enabled" dev="9p" ino=74973551 res=0 errno=0
[  761.578820][T16904] gretap2: entered allmulticast mode
[  762.050245][T16922] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3029'.
[  762.273363][T16933] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3030'.
[  762.491079][T16939] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  764.159033][T16942] syz.1.3033: vmalloc error: size 67112960, failed to allocated page array size 131080, mode:0x400dc2(GFP_KERNEL_ACCOUNT|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  764.165905][T16942] CPU: 2 UID: 0 PID: 16942 Comm: syz.1.3033 Not tainted syzkaller #0 PREEMPT(full) 
[  764.165920][T16942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  764.165927][T16942] Call Trace:
[  764.165931][T16942]  <TASK>
[  764.165936][T16942]  dump_stack_lvl+0x16c/0x1f0
[  764.165954][T16942]  warn_alloc+0x248/0x3a0
[  764.165966][T16942]  ? __pfx_warn_alloc+0x10/0x10
[  764.165982][T16942]  ? nf_tables_newset+0x24fa/0x4320
[  764.165999][T16942]  ? __vmalloc_node_noprof+0xad/0xf0
[  764.166016][T16942]  __vmalloc_node_range_noprof+0xfe2/0x1480
[  764.166036][T16942]  ? nf_tables_newset+0x24fa/0x4320
[  764.166056][T16942]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  764.166077][T16942]  __kvmalloc_node_noprof+0x431/0x9c0
[  764.166090][T16942]  ? nf_tables_newset+0x24fa/0x4320
[  764.166107][T16942]  ? nf_tables_newset+0x24fa/0x4320
[  764.166122][T16942]  ? nft_hash_buckets+0x77/0xa0
[  764.166132][T16942]  ? nft_pipapo_estimate+0x17f/0x3b0
[  764.166148][T16942]  ? nf_tables_newset+0x24fa/0x4320
[  764.166163][T16942]  nf_tables_newset+0x24fa/0x4320
[  764.166185][T16942]  ? __pfx_nf_tables_newset+0x10/0x10
[  764.166202][T16942]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  764.166222][T16942]  ? __nla_validate_parse+0x600/0x2880
[  764.166245][T16942]  ? __nla_parse+0x40/0x60
[  764.166258][T16942]  nfnetlink_rcv_batch+0x190d/0x2350
[  764.166281][T16942]  ? __pfx_nfnetlink_rcv_batch+0x10/0x10
[  764.166298][T16942]  ? __local_bh_enable_ip+0x107/0x120
[  764.166310][T16942]  ? __dev_queue_xmit+0xaf1/0x4490
[  764.166325][T16942]  ? __dev_queue_xmit+0xb12/0x4490
[  764.166345][T16942]  ? __pfx___dev_queue_xmit+0x10/0x10
[  764.166372][T16942]  ? __nla_parse+0x40/0x60
[  764.166385][T16942]  nfnetlink_rcv+0x3c1/0x430
[  764.166399][T16942]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  764.166417][T16942]  netlink_unicast+0x5aa/0x870
[  764.166431][T16942]  ? __pfx_netlink_unicast+0x10/0x10
[  764.166447][T16942]  netlink_sendmsg+0x8c8/0xdd0
[  764.166461][T16942]  ? __pfx_netlink_sendmsg+0x10/0x10
[  764.166474][T16942]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  764.166493][T16942]  ____sys_sendmsg+0xa98/0xc70
[  764.166508][T16942]  ? __pfx_____sys_sendmsg+0x10/0x10
[  764.166521][T16942]  ? get_compat_msghdr+0x11a/0x170
[  764.166534][T16942]  ? __pfx_futex_wake_mark+0x10/0x10
[  764.166552][T16942]  ___sys_sendmsg+0x134/0x1d0
[  764.166564][T16942]  ? __pfx____sys_sendmsg+0x10/0x10
[  764.166581][T16942]  ? find_held_lock+0x2b/0x80
[  764.166606][T16942]  __sys_sendmsg+0x16d/0x220
[  764.166616][T16942]  ? __pfx___sys_sendmsg+0x10/0x10
[  764.166627][T16942]  ? __ia32_sys_futex_time32+0x1d9/0x460
[  764.166648][T16942]  ? rcu_is_watching+0x12/0xc0
[  764.166661][T16942]  __do_fast_syscall_32+0x7c/0x300
[  764.166677][T16942]  do_fast_syscall_32+0x32/0x80
[  764.166691][T16942]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  764.166704][T16942] RIP: 0023:0xf704d579
[  764.166713][T16942] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  764.166723][T16942] RSP: 002b:00000000f541c55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  764.166733][T16942] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000800000c0
[  764.166740][T16942] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  764.166746][T16942] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  764.166752][T16942] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  764.166758][T16942] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  764.166772][T16942]  </TASK>
[  764.166775][T16942] Mem-Info:
[  764.287563][T16942] active_anon:26222 inactive_anon:12199 isolated_anon:18
[  764.287563][T16942]  active_file:1876 inactive_file:7385 isolated_file:0
[  764.287563][T16942]  unevictable:1750 dirty:297 writeback:0
[  764.287563][T16942]  slab_reclaimable:6238 slab_unreclaimable:55499
[  764.287563][T16942]  mapped:27403 shmem:36398 pagetables:1927
[  764.287563][T16942]  sec_pagetables:327 bounce:0
[  764.287563][T16942]  kernel_misc_reclaimable:0
[  764.287563][T16942]  free:50974 free_pcp:6912 free_cma:0
[  764.308292][T16942] Node 0 active_anon:268kB inactive_anon:4304kB active_file:20kB inactive_file:48kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:1200kB dirty:4kB writeback:0kB shmem:8516kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8136kB pagetables:1892kB sec_pagetables:1188kB all_unreclaimable? no Balloon:0kB
[  764.308804][T16957] delete_channel: no stack
[  764.322831][T16942] Node 1 active_anon:104620kB inactive_anon:44492kB active_file:7484kB inactive_file:29492kB unevictable:3464kB isolated(anon):72kB isolated(file):0kB mapped:105280kB dirty:1184kB writeback:0kB shmem:137076kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6072kB pagetables:5816kB sec_pagetables:120kB all_unreclaimable? no Balloon:0kB
[  764.336361][T16942] Node 0 DMA free:2140kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB free_highatomic:0KB active_anon:8kB inactive_anon:4kB active_file:12kB inactive_file:48kB unevictable:0kB writepending:0kB zspages:16kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:280kB local_pcp:0kB free_cma:0kB
[  764.348700][T16942] lowmem_reserve[]: 0 294 294 294 294
[  764.350993][T16942] Node 0 DMA32 free:18940kB boost:0kB min:13448kB low:16808kB high:20168kB reserved_highatomic:2048KB free_highatomic:960KB active_anon:184kB inactive_anon:676kB active_file:8kB inactive_file:0kB unevictable:3536kB writepending:4kB zspages:712kB present:1032196kB managed:301116kB mlocked:0kB bounce:0kB free_pcp:6360kB local_pcp:188kB free_cma:0kB
[  764.357990][T16960] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3038'.
[  764.364572][T16942] lowmem_reserve[]: 0 0 0 0 0
[  764.368410][T16942] Node 1 DMA32 free:184380kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:2048KB free_highatomic:1632KB active_anon:97320kB inactive_anon:44492kB active_file:7484kB inactive_file:29492kB unevictable:3464kB writepending:1184kB zspages:4720kB present:1048432kB managed:948220kB mlocked:0kB bounce:0kB free_pcp:30468kB local_pcp:6836kB free_cma:0kB
[  764.395310][T16942] lowmem_reserve[]: 0 0 0 0 0
[  764.396885][T16942] Node 0 DMA: 21*4kB (UM) 15*8kB (UM) 10*16kB (UM) 6*32kB (UM) 3*64kB (UM) 1*128kB (M) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 2156kB
[  764.401853][T16942] Node 0 DMA32: 745*4kB (UMEH) 265*8kB (UMEH) 108*16kB (UMEH) 16*32kB (UMEH) 27*64kB (UMEH) 20*128kB (UMEH) 10*256kB (UM) 5*512kB (UM) 1*1024kB (M) 0*2048kB 0*4096kB = 17772kB
[  764.407448][T16942] Node 1 DMA32: 423*4kB (UEH) 169*8kB (UMEH) 359*16kB (UMEH) 470*32kB (UMEH) 276*64kB (UMEH) 131*128kB (UMEH) 74*256kB (UME) 57*512kB (UM) 50*1024kB (UM) 9*2048kB (UM) 2*4096kB (U) = 184212kB
[  764.413230][T16942] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  764.416571][T16942] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  764.419475][T16942] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  764.422525][T16942] Node 1 hugepages_total=6 hugepages_free=6 hugepages_surp=4 hugepages_size=2048kB
[  764.425750][T16942] 43307 total pagecache pages
[  764.427267][T16942] 490 pages in swap cache
[  764.428644][T16942] Free swap  = 94108kB
[  764.429947][T16942] Total swap = 124996kB
[  764.431270][T16942] 524155 pages RAM
[  764.432491][T16942] 0 pages HighMem/MovableOnly
[  764.433997][T16942] 207981 pages reserved
[  764.435731][T16942] 0 pages cma reserved
[  764.444967][T16963] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  764.447082][T16963] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  764.449852][T16963] vhci_hcd vhci_hcd.0: Device attached
[  764.541320][T16969] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  764.569971][   T40] audit: type=1326 audit(1764402662.045:2791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16961 comm="syz.0.3039" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf70fd579 code=0x0
[  764.667276][T16975] syzkaller0: entered promiscuous mode
[  764.669759][T16975] syzkaller0: entered allmulticast mode
[  764.706200][T16975] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  764.754594][T13488] usb 42-1: SetAddress Request (40) to port 0
[  764.757215][T13488] usb 42-1: new SuperSpeed USB device number 40 using vhci_hcd
[  764.792083][T16977] 9pnet_virtio: no channels available for device syz
[  764.896741][T16983] 9pnet_virtio: no channels available for device syz
[  766.106917][T16964] vhci_hcd: connection reset by peer
[  766.109647][T14784] vhci_hcd: stop threads
[  766.111414][T14784] vhci_hcd: release socket
[  766.113387][T14784] vhci_hcd: disconnect device
[  766.128124][T16989] tipc: Started in network mode
[  766.130387][T16989] tipc: Node identity 4aa51d0abc8d, cluster identity 4711
[  766.133577][T16989] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  766.142258][T16985] tipc: Resetting bearer <eth:syzkaller0>
[  766.215856][T16994] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3047'.
[  766.220064][T16994] nbd: must specify a size in bytes for the device
[  767.250390][T16985] tipc: Disabling bearer <eth:syzkaller0>
[  767.266214][T12129] tipc: Node number set to 4129824010
[  767.315368][T17005] bridge0: port 3(veth0_to_bridge) entered blocking state
[  767.318647][T17005] bridge0: port 3(veth0_to_bridge) entered disabled state
[  767.322006][T17005] veth0_to_bridge: entered allmulticast mode
[  767.337522][T17005] veth0_to_bridge: entered promiscuous mode
[  767.340299][T17005] bridge0: adding interface veth0_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  767.348168][T17005] bridge0: port 3(veth0_to_bridge) entered blocking state
[  767.351166][T17005] bridge0: port 3(veth0_to_bridge) entered forwarding state
[  768.287835][T17022] netlink: zone id is out of range
[  768.326332][   T40] audit: type=1800 audit(1764402665.805:2792): pid=17014 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3053" name="cpuset.memory_pressure_enabled" dev="9p" ino=74973551 res=0 errno=0
[  769.112369][T17039] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3060'.
[  769.160684][T17042] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3062'.
[  769.174091][T17037] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  769.181438][T17036] tipc: Resetting bearer <eth:syzkaller0>
[  769.283871][T17049] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5)
[  769.285975][T17049] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  769.288724][T17049] vhci_hcd vhci_hcd.0: Device attached
[  769.419521][T17057] netlink: zone id is out of range
[  769.580619][   T40] audit: type=1326 audit(1764402667.055:2793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17059 comm="syz.2.3066" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f94579 code=0x0
[  769.582901][T17061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3064'.
[  769.624628][   T29] usb 44-1: SetAddress Request (48) to port 0
[  769.627537][   T29] usb 44-1: new SuperSpeed USB device number 48 using vhci_hcd
[  769.805213][T17050] vhci_hcd: connection reset by peer
[  769.807235][   T12] vhci_hcd: stop threads
[  769.808824][   T12] vhci_hcd: release socket
[  769.810839][   T12] vhci_hcd: disconnect device
[  769.815066][T13488] usb 42-1: device descriptor read/8, error -110
[  770.215833][T13488] usb usb42-port1: attempt power cycle
[  770.537594][T17036] tipc: Disabling bearer <eth:syzkaller0>
[  770.708092][T17078] netdevsim0: mtu less than device minimum
[  770.724358][T17081] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3070'.
[  770.777321][T17085] netlink: 'syz.0.3072': attribute type 21 has an invalid length.
[  770.781389][T17085] ubi: mtd0 is already attached to ubi31
[  770.789115][T17085] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3072'.
[  770.792857][T17085] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3072'.
[  770.798359][T17085] overlayfs: failed to resolve '/΀ËìL.˜¦(Lå§Îô	': -2
[  770.820518][T13488] usb usb42-port1: unable to enumerate USB device
[  770.996711][T17093] 8021q: adding VLAN 0 to HW filter on device bond1
[  771.027344][T17093] bond_slave_0: entered promiscuous mode
[  771.029889][T17093] bond_slave_1: entered promiscuous mode
[  771.032439][T17093] mac80211_hwsim hwsim17 wlan1: entered promiscuous mode
[  771.039698][T17093] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  771.046372][T17093] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[  771.119058][T17096] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3076'.
[  771.221535][T17101] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  771.229549][T17100] tipc: Resetting bearer <eth:syzkaller0>
[  771.346273][T17105] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3078'.
[  772.667776][T17100] tipc: Disabling bearer <eth:syzkaller0>
[  772.716193][T17115] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3081'.
[  772.800772][T17119] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb
[  773.373295][T17133] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(8)
[  773.375481][T17133] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  773.378553][T17133] vhci_hcd vhci_hcd.0: Device attached
[  773.799000][T17133] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3082'.
[  773.830482][   T40] audit: type=1800 audit(1764402671.305:2794): pid=17125 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3085" name="cpuset.memory_pressure_enabled" dev="9p" ino=74973551 res=0 errno=0
[  774.217189][T17134] vhci_hcd: connection closed
[  774.217498][T14783] vhci_hcd: stop threads
[  774.221603][T14783] vhci_hcd: release socket
[  774.223204][T14783] vhci_hcd: disconnect device
[  774.687126][   T29] usb 44-1: device descriptor read/8, error -110
[  775.101183][   T29] usb usb44-port1: attempt power cycle
[  775.221883][T17157] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3095'.
[  775.225589][T17157] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3095'.
[  775.674971][   T29] usb usb44-port1: unable to enumerate USB device
[  776.172690][T17169] loop2: detected capacity change from 0 to 7
[  776.191243][T16004] Dev loop2: unable to read RDB block 7
[  776.193639][T16004]  loop2: AHDI p1 p2 p3
[  776.197001][T16004] loop2: partition table partially beyond EOD, truncated
[  776.200511][T16004] loop2: p1 start 1601398130 is beyond EOD, truncated
[  776.203398][T16004] loop2: p2 start 1702059890 is beyond EOD, truncated
[  776.244588][T17172] netlink: 'syz.0.3099': attribute type 5 has an invalid length.
[  776.398422][T17169] Dev loop2: unable to read RDB block 7
[  776.400856][T17169]  loop2: AHDI p1 p2 p3
[  776.402653][T17169] loop2: partition table partially beyond EOD, truncated
[  776.409683][T17169] loop2: p1 start 1601398130 is beyond EOD, truncated
[  776.412610][T17169] loop2: p2 start 1702059890 is beyond EOD, truncated
[  776.467800][T17174] FAULT_INJECTION: forcing a failure.
[  776.467800][T17174] name failslab, interval 1, probability 0, space 0, times 0
[  776.472040][T17174] CPU: 1 UID: 0 PID: 17174 Comm: syz.3.3100 Not tainted syzkaller #0 PREEMPT(full) 
[  776.472056][T17174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  776.472062][T17174] Call Trace:
[  776.472076][T17174]  <TASK>
[  776.472081][T17174]  dump_stack_lvl+0x16c/0x1f0
[  776.472107][T17174]  should_fail_ex+0x512/0x640
[  776.472126][T17174]  ? __kmalloc_cache_noprof+0x5f/0x780
[  776.472139][T17174]  should_failslab+0xc2/0x120
[  776.472154][T17174]  __kmalloc_cache_noprof+0x72/0x780
[  776.472164][T17174]  ? __pfx___might_resched+0x10/0x10
[  776.472175][T17174]  ? vhost_task_create+0xe5/0x370
[  776.472190][T17174]  ? rcu_is_watching+0x12/0xc0
[  776.472201][T17174]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  776.472217][T17174]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  776.472234][T17174]  ? vhost_task_create+0xe5/0x370
[  776.472254][T17174]  vhost_task_create+0xe5/0x370
[  776.472275][T17174]  ? __pfx_vhost_task_create+0x10/0x10
[  776.472307][T17174]  ? __pfx_vhost_task_fn+0x10/0x10
[  776.472343][T17174]  kvm_mmu_post_init_vm+0x1b7/0x380
[  776.472363][T17174]  kvm_arch_vcpu_ioctl_run+0x66/0x1920
[  776.472382][T17174]  ? kvm_vcpu_ioctl+0x14c5/0x1690
[  776.472430][T17174]  kvm_vcpu_ioctl+0x5eb/0x1690
[  776.472456][T17174]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  776.472480][T17174]  ? tomoyo_path_number_perm+0x18d/0x580
[  776.472509][T17174]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  776.472545][T17174]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  776.472576][T17174]  ? do_vfs_ioctl+0x128/0x14f0
[  776.472601][T17174]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  776.472642][T17174]  kvm_vcpu_compat_ioctl+0x20f/0x3d0
[  776.472667][T17174]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  776.472691][T17174]  ? __fget_files+0x20e/0x3c0
[  776.472714][T17174]  ? __pfx_kvm_vcpu_compat_ioctl+0x10/0x10
[  776.472738][T17174]  __ia32_compat_sys_ioctl+0x242/0x370
[  776.472768][T17174]  __do_fast_syscall_32+0x7c/0x300
[  776.472793][T17174]  do_fast_syscall_32+0x32/0x80
[  776.472815][T17174]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  776.472836][T17174] RIP: 0023:0xf7f02579
[  776.472849][T17174] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  776.472866][T17174] RSP: 002b:00000000f53f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  776.472882][T17174] RAX: ffffffffffffffda RBX: 000000000000000c RCX: 000000000000ae80
[  776.472893][T17174] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  776.472903][T17174] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  776.472912][T17174] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  776.472922][T17174] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  776.472943][T17174]  </TASK>
[  776.583116][    C1] vkms_vblank_simulate: vblank timer overrun
[  776.879607][T17185] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3103'.
[  777.498065][T17178] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  777.500847][T17178] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  777.504378][T17178] vhci_hcd vhci_hcd.0: Device attached
[  777.897352][  T842] usb 38-1: SetAddress Request (38) to port 0
[  777.899857][  T842] usb 38-1: new SuperSpeed USB device number 38 using vhci_hcd
[  777.906129][T17192] vhci_hcd: connection closed
[  777.927849][T17193] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  777.931905][ T1150] vhci_hcd: stop threads
[  777.933675][ T1150] vhci_hcd: release socket
[  777.935535][ T1150] vhci_hcd: disconnect device
[  778.317585][T17206] bridge0: port 4(syz_tun) entered blocking state
[  778.320520][T17206] bridge0: port 4(syz_tun) entered disabled state
[  778.325120][T17206] syz_tun: entered allmulticast mode
[  778.330093][T17206] syz_tun: entered promiscuous mode
[  778.333071][T17206] bridge0: port 4(syz_tun) entered blocking state
[  778.335957][T17206] bridge0: port 4(syz_tun) entered forwarding state
[  778.347306][T17206] ubi: mtd0 is already attached to ubi31
[  778.464048][T17211] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3109'.
[  778.538275][T17214] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  778.819718][T17220] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3112'.
[  779.643374][T17235] netlink: 'syz.3.3116': attribute type 8 has an invalid length.
[  779.867811][   T40] audit: type=1326 audit(1764402677.345:2795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17240 comm="syz.3.3117" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f02579 code=0x0
[  780.036766][T17253] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3118'.
[  780.065740][T17255] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  780.339680][T17263] 9pnet_virtio: no channels available for device syz
[  780.367886][T17260] 9pnet_virtio: no channels available for device syz
[  782.630012][T17274] vhci_hcd vhci_hcd.0: port 0 already used
[  782.759525][T17283] 9pnet_virtio: no channels available for device syz
[  783.005032][  T842] usb 38-1: device descriptor read/8, error -110
[  783.442306][T17288] netlink: 'syz.3.3127': attribute type 1 has an invalid length.
[  783.447662][T17290] FAULT_INJECTION: forcing a failure.
[  783.447662][T17290] name failslab, interval 1, probability 0, space 0, times 0
[  783.452903][T17290] CPU: 2 UID: 0 PID: 17290 Comm: syz.0.3129 Not tainted syzkaller #0 PREEMPT(full) 
[  783.452928][T17290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  783.452939][T17290] Call Trace:
[  783.452947][T17290]  <TASK>
[  783.452954][T17290]  dump_stack_lvl+0x16c/0x1f0
[  783.452980][T17290]  should_fail_ex+0x512/0x640
[  783.453006][T17290]  ? __kmalloc_noprof+0xca/0x880
[  783.453025][T17290]  should_failslab+0xc2/0x120
[  783.453049][T17290]  __kmalloc_noprof+0xdd/0x880
[  783.453064][T17290]  ? find_held_lock+0x2b/0x80
[  783.453082][T17290]  ? rds_message_alloc+0x42/0x230
[  783.453108][T17290]  ? rds_message_alloc+0x42/0x230
[  783.453127][T17290]  rds_message_alloc+0x42/0x230
[  783.453148][T17290]  rds_sendmsg+0xb54/0x31f0
[  783.453184][T17290]  ? __pfx_rds_sendmsg+0x10/0x10
[  783.453206][T17290]  ? aa_sk_perm+0x2f4/0xb10
[  783.453227][T17290]  ? __pfx_aa_sk_perm+0x10/0x10
[  783.453252][T17290]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  783.453281][T17290]  ? ____sys_sendmsg+0xa98/0xc70
[  783.453303][T17290]  ____sys_sendmsg+0xa98/0xc70
[  783.453327][T17290]  ? __pfx_____sys_sendmsg+0x10/0x10
[  783.453348][T17290]  ? get_compat_msghdr+0x11a/0x170
[  783.453376][T17290]  ___sys_sendmsg+0x134/0x1d0
[  783.453396][T17290]  ? __pfx____sys_sendmsg+0x10/0x10
[  783.453426][T17290]  ? find_held_lock+0x2b/0x80
[  783.453460][T17290]  __sys_sendmsg+0x16d/0x220
[  783.453477][T17290]  ? __pfx___sys_sendmsg+0x10/0x10
[  783.453506][T17290]  ? rcu_is_watching+0x12/0xc0
[  783.453528][T17290]  __do_fast_syscall_32+0x7c/0x300
[  783.453554][T17290]  do_fast_syscall_32+0x32/0x80
[  783.453581][T17290]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  783.453603][T17290] RIP: 0023:0xf70fd579
[  783.453617][T17290] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  783.453634][T17290] RSP: 002b:00000000f54ed55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  783.453651][T17290] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000100
[  783.453662][T17290] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  783.453672][T17290] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  783.453683][T17290] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  783.453693][T17290] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  783.453717][T17290]  </TASK>
[  783.575117][T17293] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  783.605511][T17288] bond1: entered promiscuous mode
[  783.607859][T17288] 8021q: adding VLAN 0 to HW filter on device bond1
[  783.623580][T17297] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  783.894694][ T5948] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[  784.062495][ T5948] usb 5-1: config 0 has no interfaces?
[  784.072837][ T5948] usb 5-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[  784.080918][ T5948] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  784.092697][ T5948] usb 5-1: Product: syz
[  784.101552][ T5948] usb 5-1: Manufacturer: syz
[  784.109812][ T5948] usb 5-1: SerialNumber: syz
[  784.172722][ T5948] usb 5-1: config 0 descriptor??
[  784.317618][  T842] usb usb38-port1: attempt power cycle
[  784.987090][T17295] netlink: 'syz.0.3130': attribute type 17 has an invalid length.
[  784.993053][T17295] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  785.020305][ T5948] usb 5-1: USB disconnect, device number 82
[  785.459489][T17312] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  785.474022][T17311] tipc: Resetting bearer <eth:syzkaller0>
[  785.489466][  T842] usb usb38-port1: unable to enumerate USB device
[  786.595020][   T40] audit: type=1800 audit(1764402684.065:2796): pid=17321 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3137" name="cpuset.memory_pressure_enabled" dev="9p" ino=74973551 res=0 errno=0
[  786.623061][T17328] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  786.625181][T17328] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  786.628004][T17328] vhci_hcd vhci_hcd.0: Device attached
[  786.935949][T13676] usb 44-1: SetAddress Request (52) to port 0
[  786.938710][T13676] usb 44-1: new SuperSpeed USB device number 52 using vhci_hcd
[  787.115563][T17311] tipc: Disabling bearer <eth:syzkaller0>
[  787.144035][T17329] vhci_hcd: connection reset by peer
[  787.146759][T14783] vhci_hcd: stop threads
[  787.148273][T14783] vhci_hcd: release socket
[  787.150344][T14783] vhci_hcd: disconnect device
[  787.368666][T17338] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  787.372436][T17340] bridge0: port 3(syz_tun) entered blocking state
[  787.375472][T17340] bridge0: port 3(syz_tun) entered disabled state
[  787.378299][T17340] syz_tun: entered allmulticast mode
[  787.381884][T17340] syz_tun: entered promiscuous mode
[  787.386299][T17340] bridge0: port 3(syz_tun) entered blocking state
[  787.388506][T17340] bridge0: port 3(syz_tun) entered forwarding state
[  787.394653][T17337] tipc: Resetting bearer <eth:syzkaller0>
[  787.472511][T17344] netlink: zone id is out of range
[  787.951788][T17355] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb
[  788.630318][T17337] tipc: Disabling bearer <eth:syzkaller0>
[  788.782063][T17361] [U] 
[  788.783615][T17361] [U] 
[  788.784927][T17361] [U] 
[  788.786175][T17361] [U] 
[  788.800616][T17361] [U] 
[  788.801877][T17361] [U] 
[  788.803108][T17361] [U] 
[  788.804360][T17361] [U] 
[  788.814539][T17361] [U] 
[  788.815798][T17361] [U] 
[  788.817047][T17361] [U] 
[  788.818289][T17361] [U] 
[  788.819801][T17361] [U] 
[  788.821044][T17361] [U] 
[  788.822263][T17361] [U] 
[  788.823464][T17361] [U] 
[  788.984526][   T10] usb 6-1: new low-speed USB device number 87 using dummy_hcd
[  788.994753][T17361] [U] 
[  788.996021][T17361] [U] 
[  788.997232][T17361] [U] 
[  788.998425][T17361] [U] 
[  789.005092][T17361] [U] 
[  789.006322][T17361] [U] 
[  789.007524][T17361] [U] 
[  789.008748][T17361] [U] 
[  789.014519][T17361] [U] 
[  789.015773][T17361] [U] 
[  789.017004][T17361] [U] 
[  789.018177][T17361] [U] 
[  789.019414][T17361] [U] 
[  789.020592][T17361] [U] 
[  789.021819][T17361] [U] 
[  789.023010][T17361] [U] 
[  789.038031][T17361] [U] 
[  789.039270][T17361] [U] 
[  789.040498][T17361] [U] 
[  789.041738][T17361] [U] 
[  789.042902][T17361] [U] 
[  789.044159][T17361] [U] 
[  789.045372][T17361] [U] 
[  789.046552][T17361] [U] 
[  789.064251][T17361] [U] 
[  789.065567][T17361] [U] 
[  789.066780][T17361] [U] 
[  789.067982][T17361] [U] 
[  789.069867][T17361] [U] 
[  789.071091][T17361] [U] 
[  789.072316][T17361] [U] 
[  789.073518][T17361] [U] 
[  789.075353][T17361] [U] 
[  789.076716][T17361] [U] 
[  789.077952][T17361] [U] 
[  789.079169][T17361] [U] 
[  789.081298][T17361] [U] 
[  789.082529][T17361] [U] 
[  789.083759][T17361] [U] 
[  789.085033][T17361] [U] 
[  789.114549][T17361] [U] 
[  789.115854][T17361] [U] 
[  789.117063][T17361] [U] 
[  789.118593][T17361] [U] 
[  789.120169][T17361] [U] 
[  789.121521][T17361] [U] 
[  789.122743][T17361] [U] 
[  789.123947][T17361] [U] 
[  789.126410][T17361] [U] 
[  789.127808][T17361] [U] 
[  789.129152][T17361] [U] 
[  789.130460][T17361] [U] 
[  789.132494][T17361] [U] 
[  789.133860][T17361] [U] 
[  789.135109][T17361] [U] 
[  789.136323][T17361] [U] 
[  789.138819][T17361] [U] 
[  789.140367][T17361] [U] 
[  789.141641][T17361] [U] 
[  789.142956][T17361] [U] 
[  789.205801][   T10] usb 6-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  789.209786][   T10] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  789.223830][   T10] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  789.228931][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  789.263842][   T10] usb 6-1: config 0 descriptor??
[  789.294999][T17361] [U] 
[  789.296234][T17361] [U] 
[  789.297450][T17361] [U] 
[  789.298659][T17361] [U] 
[  789.301757][T17361] [U] 
[  789.302990][T17361] [U] 
[  789.304201][T17361] [U] 
[  789.305421][T17361] [U] 
[  789.306731][T17361] [U] 
[  789.307932][T17361] [U] 
[  789.309149][T17361] [U] 
[  789.310375][T17361] [U] 
[  789.312209][T17361] [U] 
[  789.313441][T17361] [U] 
[  789.314701][T17361] [U] 
[  789.315907][T17361] [U] 
[  789.374538][T17361] [U] 
[  789.375783][T17361] [U] 
[  789.376968][T17361] [U] 
[  789.378150][T17361] [U] 
[  789.379354][T17361] [U] 
[  789.380552][T17361] [U] 
[  789.381724][T17361] [U] 
[  789.382892][T17361] [U] 
[  789.386688][T17361] [U] 
[  789.387875][T17361] [U] 
[  789.389050][T17361] [U] 
[  789.390216][T17361] [U] 
[  789.391410][T17361] [U] 
[  789.392618][T17361] [U] 
[  789.393810][T17361] [U] 
[  789.395008][T17361] [U] 
[  789.415834][T17361] [U] 
[  789.417033][T17361] [U] 
[  789.418172][T17361] [U] 
[  789.419337][T17361] [U] 
[  789.426196][T17361] [U] 
[  789.427428][T17361] [U] 
[  789.428647][T17361] [U] 
[  789.429876][T17361] [U] 
[  789.436350][T17361] [U] 
[  789.437605][T17361] [U] 
[  789.438816][T17361] [U] 
[  789.439953][T17361] [U] 
[  789.441210][T17361] [U] 
[  789.442539][T17361] [U] 
[  789.443768][T17361] [U] 
[  789.445013][T17361] [U] 
[  789.464584][T17361] [U] 
[  789.465818][T17361] [U] 
[  789.467000][T17361] [U] 
[  789.544768][ T5948] usb 6-1: USB disconnect, device number 87
[  789.594404][T17360] [U] 
[  789.809530][T17375] 9pnet_virtio: no channels available for device syz
[  792.044669][T13676] usb 44-1: device descriptor read/8, error -110
[  792.056601][T17392] vhci_hcd vhci_hcd.0: port 0 already used
[  792.224518][  T842] usb 8-1: new low-speed USB device number 91 using dummy_hcd
[  792.398413][  T842] usb 8-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  792.402598][  T842] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  792.406753][  T842] usb 8-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  792.410399][  T842] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  792.428133][  T842] usb 8-1: config 0 descriptor??
[  792.467712][T13676] usb usb44-port1: attempt power cycle
[  792.617082][   T40] audit: type=1800 audit(1764402690.095:2797): pid=17406 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.3162" name="cpuset.memory_pressure_enabled" dev="9p" ino=74973551 res=0 errno=0
[  792.775332][T13488] usb 8-1: USB disconnect, device number 91
[  792.785138][T17414] =======================================================
[  792.785138][T17414] WARNING: The mand mount option has been deprecated and
[  792.785138][T17414]          and is ignored by this kernel. Remove the mand
[  792.785138][T17414]          option from the mount to silence this warning.
[  792.785138][T17414] =======================================================
[  793.026659][T13676] usb usb44-port1: unable to enumerate USB device
[  793.034669][ T6005] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[  793.194564][ T6005] usb 5-1: Using ep0 maxpacket: 32
[  793.198328][ T6005] usb 5-1: config 0 has an invalid interface number: 200 but max is 0
[  793.201484][ T6005] usb 5-1: config 0 has no interface number 0
[  793.203873][ T6005] usb 5-1: config 0 interface 200 has no altsetting 0
[  793.208933][ T6005] usb 5-1: New USB device found, idVendor=1be3, idProduct=07a6, bcdDevice= e.9e
[  793.212378][ T6005] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  793.215545][ T6005] usb 5-1: Product: syz
[  793.217183][ T6005] usb 5-1: Manufacturer: syz
[  793.218972][ T6005] usb 5-1: SerialNumber: syz
[  793.223444][ T6005] usb 5-1: config 0 descriptor??
[  793.461685][ T6005] cp210x 5-1:0.200: cp210x converter detected
[  793.470786][ T6005] cp210x 5-1:0.200: failed to get vendor val 0x370b size 1: -71
[  793.474260][ T6005] cp210x 5-1:0.200: querying part number failed
[  793.480442][ T6005] usb 5-1: cp210x converter now attached to ttyUSB0
[  793.489012][ T6005] usb 5-1: USB disconnect, device number 83
[  793.503316][ T6005] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  793.509773][ T6005] cp210x 5-1:0.200: device disconnected
[  794.245257][ T3242] usb 5-1: new low-speed USB device number 84 using dummy_hcd
[  794.406096][T17439] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  794.800142][T17442] 9pnet_virtio: no channels available for device syz
[  794.891560][ T3242] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  794.895078][ T3242] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  794.898201][ T3242] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  794.901181][ T3242] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  794.916316][ T3242] usb 5-1: config 0 descriptor??
[  795.157493][  T842] usb 5-1: USB disconnect, device number 84
[  795.280594][T17447] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  795.334902][T17446] FAULT_INJECTION: forcing a failure.
[  795.334902][T17446] name failslab, interval 1, probability 0, space 0, times 0
[  795.346555][T17446] CPU: 1 UID: 0 PID: 17446 Comm: syz.3.3174 Not tainted syzkaller #0 PREEMPT(full) 
[  795.346596][T17446] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  795.346607][T17446] Call Trace:
[  795.346615][T17446]  <TASK>
[  795.346623][T17446]  dump_stack_lvl+0x16c/0x1f0
[  795.346649][T17446]  should_fail_ex+0x512/0x640
[  795.346672][T17446]  ? fs_reclaim_acquire+0xae/0x150
[  795.346696][T17446]  should_failslab+0xc2/0x120
[  795.346716][T17446]  __kmalloc_noprof+0xdd/0x880
[  795.346733][T17446]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  795.346757][T17446]  ? tomoyo_realpath_from_path+0xc2/0x6e0
[  795.346775][T17446]  tomoyo_realpath_from_path+0xc2/0x6e0
[  795.346797][T17446]  ? tomoyo_profile+0x47/0x60
[  795.346817][T17446]  tomoyo_path_number_perm+0x245/0x580
[  795.346842][T17446]  ? tomoyo_path_number_perm+0x237/0x580
[  795.346869][T17446]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  795.346919][T17446]  ? find_held_lock+0x2b/0x80
[  795.346935][T17446]  ? hook_file_ioctl_common+0x145/0x410
[  795.346958][T17446]  ? __fget_files+0x20e/0x3c0
[  795.346980][T17446]  security_file_ioctl_compat+0x9b/0x240
[  795.347000][T17446]  __ia32_compat_sys_ioctl+0xc3/0x370
[  795.347027][T17446]  __do_fast_syscall_32+0x7c/0x300
[  795.347051][T17446]  do_fast_syscall_32+0x32/0x80
[  795.347073][T17446]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  795.347094][T17446] RIP: 0023:0xf7f02579
[  795.347107][T17446] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  795.347122][T17446] RSP: 002b:00000000f53f655c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  795.347139][T17446] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000008914
[  795.347149][T17446] RDX: 0000000080000040 RSI: 0000000000000000 RDI: 0000000000000000
[  795.347159][T17446] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  795.347168][T17446] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  795.347177][T17446] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  795.347199][T17446]  </TASK>
[  795.349865][T17446] ERROR: Out of memory at tomoyo_realpath_from_path.
[  796.676599][T17459] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb
[  796.742023][   T40] audit: type=1326 audit(1764402694.215:2798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17462 comm="syz.0.3181" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  796.751863][   T40] audit: type=1326 audit(1764402694.225:2799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17462 comm="syz.0.3181" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  796.761498][   T40] audit: type=1326 audit(1764402694.225:2800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17462 comm="syz.0.3181" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  796.773265][   T40] audit: type=1326 audit(1764402694.225:2801): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17462 comm="syz.0.3181" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  796.782601][   T40] audit: type=1326 audit(1764402694.225:2802): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17462 comm="syz.0.3181" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  796.792179][   T40] audit: type=1326 audit(1764402694.225:2803): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17462 comm="syz.0.3181" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  796.801611][   T40] audit: type=1326 audit(1764402694.225:2804): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17462 comm="syz.0.3181" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  796.810494][   T40] audit: type=1326 audit(1764402694.225:2805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17462 comm="syz.0.3181" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  797.179303][T17470] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3182'.
[  797.183180][T17470] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  797.449758][T17474] 9pnet_virtio: no channels available for device syz
[  797.864279][   T40] audit: type=1800 audit(1764402695.285:2806): pid=17467 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3180" name="cpuset.memory_pressure_enabled" dev="9p" ino=74973551 res=0 errno=0
[  798.188605][T17485] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb
[  798.294948][ T5948] usb 5-1: new low-speed USB device number 85 using dummy_hcd
[  798.377266][T17487] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  798.467269][ T5948] usb 5-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  798.470372][ T5948] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  798.473104][ T5948] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  798.484465][ T5948] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  798.493063][ T5948] usb 5-1: config 0 descriptor??
[  798.504690][T17490] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  798.520493][T17489] tipc: Resetting bearer <eth:syzkaller0>
[  798.926267][   T29] usb 5-1: USB disconnect, device number 85
[  799.552905][T17508] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  799.768807][T17489] tipc: Disabling bearer <eth:syzkaller0>
[  799.776005][T17502] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  799.910757][T17513] FAULT_INJECTION: forcing a failure.
[  799.910757][T17513] name failslab, interval 1, probability 0, space 0, times 0
[  799.915765][T17513] CPU: 0 UID: 0 PID: 17513 Comm: syz.1.3193 Not tainted syzkaller #0 PREEMPT(full) 
[  799.915791][T17513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  799.915802][T17513] Call Trace:
[  799.915821][T17513]  <TASK>
[  799.915828][T17513]  dump_stack_lvl+0x16c/0x1f0
[  799.915865][T17513]  should_fail_ex+0x512/0x640
[  799.915893][T17513]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  799.915912][T17513]  should_failslab+0xc2/0x120
[  799.915931][T17513]  kmem_cache_alloc_node_noprof+0x78/0x770
[  799.915946][T17513]  ? __alloc_skb+0x2b2/0x380
[  799.915973][T17513]  ? __alloc_skb+0x2b2/0x380
[  799.915992][T17513]  ? __pfx_netlink_insert+0x10/0x10
[  799.916007][T17513]  __alloc_skb+0x2b2/0x380
[  799.916048][T17513]  ? __pfx___alloc_skb+0x10/0x10
[  799.916073][T17513]  ? netlink_autobind.isra.0+0x158/0x370
[  799.916095][T17513]  netlink_alloc_large_skb+0x69/0x140
[  799.916114][T17513]  netlink_sendmsg+0x698/0xdd0
[  799.916135][T17513]  ? __pfx_netlink_sendmsg+0x10/0x10
[  799.916155][T17513]  ? aa_sock_msg_perm.constprop.0+0x100/0x1d0
[  799.916214][T17513]  ____sys_sendmsg+0xa98/0xc70
[  799.916239][T17513]  ? __pfx_____sys_sendmsg+0x10/0x10
[  799.916259][T17513]  ? get_compat_msghdr+0x11a/0x170
[  799.916285][T17513]  ___sys_sendmsg+0x134/0x1d0
[  799.916303][T17513]  ? __pfx____sys_sendmsg+0x10/0x10
[  799.916331][T17513]  ? find_held_lock+0x2b/0x80
[  799.916362][T17513]  __sys_sendmsg+0x16d/0x220
[  799.916377][T17513]  ? __pfx___sys_sendmsg+0x10/0x10
[  799.916404][T17513]  ? rcu_is_watching+0x12/0xc0
[  799.916426][T17513]  __do_fast_syscall_32+0x7c/0x300
[  799.916448][T17513]  do_fast_syscall_32+0x32/0x80
[  799.916467][T17513]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  799.916485][T17513] RIP: 0023:0xf704d579
[  799.916498][T17513] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  799.916512][T17513] RSP: 002b:00000000f543d55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  799.916528][T17513] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000800028c0
[  799.916538][T17513] RDX: 0000000024001850 RSI: 0000000000000000 RDI: 0000000000000000
[  799.916547][T17513] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  799.916557][T17513] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  799.916565][T17513] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  799.916587][T17513]  </TASK>
[  800.224883][T17520] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb
[  800.275876][   T40] audit: type=1326 audit(1764402697.755:2807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17517 comm="syz.0.3195" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  800.283198][   T40] audit: type=1326 audit(1764402697.755:2808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17517 comm="syz.0.3195" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  800.291430][   T40] audit: type=1326 audit(1764402697.755:2809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17517 comm="syz.0.3195" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  800.300283][   T40] audit: type=1326 audit(1764402697.755:2810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17517 comm="syz.0.3195" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  800.309152][   T40] audit: type=1326 audit(1764402697.755:2811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17517 comm="syz.0.3195" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  800.317815][   T40] audit: type=1326 audit(1764402697.755:2812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17517 comm="syz.0.3195" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  800.326515][   T40] audit: type=1326 audit(1764402697.755:2813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17517 comm="syz.0.3195" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  800.335130][   T40] audit: type=1326 audit(1764402697.755:2814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17517 comm="syz.0.3195" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  801.043830][T17528] FAULT_INJECTION: forcing a failure.
[  801.043830][T17528] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  801.048101][T17528] CPU: 1 UID: 0 PID: 17528 Comm: syz.0.3197 Not tainted syzkaller #0 PREEMPT(full) 
[  801.048116][T17528] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  801.048123][T17528] Call Trace:
[  801.048128][T17528]  <TASK>
[  801.048133][T17528]  dump_stack_lvl+0x16c/0x1f0
[  801.048149][T17528]  should_fail_ex+0x512/0x640
[  801.048168][T17528]  _copy_from_user+0x2e/0xd0
[  801.048205][T17528]  io_submit_one+0xbb/0x1df0
[  801.048224][T17528]  ? __lock_acquire+0xb8a/0x1c90
[  801.048241][T17528]  ? __pfx_io_submit_one+0x10/0x10
[  801.048257][T17528]  ? __might_fault+0xe3/0x190
[  801.048269][T17528]  ? __might_fault+0x13b/0x190
[  801.048282][T17528]  ? __ia32_compat_sys_io_submit+0x1ad/0x3a0
[  801.048294][T17528]  __ia32_compat_sys_io_submit+0x1ad/0x3a0
[  801.048309][T17528]  ? __pfx___ia32_compat_sys_io_submit+0x10/0x10
[  801.048321][T17528]  ? fput+0x9b/0xd0
[  801.048338][T17528]  ? rcu_is_watching+0x12/0xc0
[  801.048349][T17528]  ? syscall_enter_from_user_mode_prepare+0x68/0xe0
[  801.048365][T17528]  __do_fast_syscall_32+0x7c/0x300
[  801.048380][T17528]  do_fast_syscall_32+0x32/0x80
[  801.048394][T17528]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  801.048407][T17528] RIP: 0023:0xf70fd579
[  801.048415][T17528] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  801.048426][T17528] RSP: 002b:00000000f54ed55c EFLAGS: 00000296 ORIG_RAX: 00000000000000f8
[  801.048436][T17528] RAX: ffffffffffffffda RBX: 00000000f749f000 RCX: 0000000000000001
[  801.048442][T17528] RDX: 0000000080001240 RSI: 0000000000000000 RDI: 0000000000000000
[  801.048448][T17528] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  801.048454][T17528] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  801.048460][T17528] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  801.048474][T17528]  </TASK>
[  801.232107][T17530] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3198'.
[  801.269594][T17534] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3200'.
[  801.273265][T17534] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  801.346991][   T40] audit: type=1326 audit(1764402698.825:2815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17535 comm="syz.1.3201" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf704d579 code=0x0
[  801.506418][T17550] 9pnet_virtio: no channels available for device syz
[  801.670108][T17540] netlink: 'syz.3.3202': attribute type 1 has an invalid length.
[  802.049690][T17558] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb
[  802.221259][T17570] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3211'.
[  802.228676][T17570] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  802.266029][T17571] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  802.770761][T17580] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3212'.
[  802.835051][T17579] vhci_hcd vhci_hcd.0: port 0 already used
[  803.270310][T17586] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  803.531755][T17593] 9pnet_virtio: no channels available for device syz
[  804.603073][T17597] 9pnet_virtio: no channels available for device syz
[  804.920072][T17602] Cache volume key already in use (9p,syz,)
[  805.506826][T17611] 9pnet_virtio: no channels available for device syz
[  805.884652][   T40] kauditd_printk_skb: 1 callbacks suppressed
[  805.884672][   T40] audit: type=1800 audit(1764402703.285:2817): pid=17602 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3219" name="cpuset.memory_pressure_enabled" dev="9p" ino=74973551 res=0 errno=0
[  805.952508][T17615] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb
[  806.077326][T17618] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  806.230216][T17620] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3223'.
[  806.701817][T17631] FAULT_INJECTION: forcing a failure.
[  806.701817][T17631] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  806.707435][T17631] CPU: 3 UID: 0 PID: 17631 Comm: syz.2.3227 Not tainted syzkaller #0 PREEMPT(full) 
[  806.707459][T17631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  806.707470][T17631] Call Trace:
[  806.707476][T17631]  <TASK>
[  806.707499][T17631]  dump_stack_lvl+0x16c/0x1f0
[  806.707526][T17631]  should_fail_ex+0x512/0x640
[  806.707557][T17631]  _copy_from_user+0x2e/0xd0
[  806.707584][T17631]  get_compat_msghdr+0xa7/0x170
[  806.707602][T17631]  ? __pfx_get_compat_msghdr+0x10/0x10
[  806.707629][T17631]  ___sys_sendmsg+0x1ae/0x1d0
[  806.707648][T17631]  ? __pfx____sys_sendmsg+0x10/0x10
[  806.707676][T17631]  ? find_held_lock+0x2b/0x80
[  806.707709][T17631]  __sys_sendmsg+0x16d/0x220
[  806.707724][T17631]  ? __pfx___sys_sendmsg+0x10/0x10
[  806.707751][T17631]  ? rcu_is_watching+0x12/0xc0
[  806.707772][T17631]  __do_fast_syscall_32+0x7c/0x300
[  806.707796][T17631]  do_fast_syscall_32+0x32/0x80
[  806.707818][T17631]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  806.707839][T17631] RIP: 0023:0xf7f94579
[  806.707851][T17631] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  806.707867][T17631] RSP: 002b:00000000f548655c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  806.707884][T17631] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000280
[  806.707895][T17631] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  806.707905][T17631] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  806.707914][T17631] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  806.707924][T17631] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  806.707948][T17631]  </TASK>
[  806.773556][T17626] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3226'.
[  806.826364][ T6005] usb 8-1: new high-speed USB device number 92 using dummy_hcd
[  806.872022][T17638] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  806.986154][ T6005] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  806.989670][ T6005] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  806.992872][ T6005] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  806.995926][ T6005] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  807.003304][T17624] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  807.013018][ T6005] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  807.230889][ T3242] usb 8-1: USB disconnect, device number 92
[  807.539645][T17648] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  807.541753][T17648] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  807.544695][T17648] vhci_hcd vhci_hcd.0: Device attached
[  807.580347][T17643] 9pnet_virtio: no channels available for device syz
[  807.801244][T17649] vhci_hcd: connection closed
[  807.801653][   T75] vhci_hcd: stop threads
[  807.805789][   T75] vhci_hcd: release socket
[  807.807726][   T75] vhci_hcd: disconnect device
[  807.865847][T13676] usb 42-1: enqueue for inactive port 0
[  808.078233][   T40] audit: type=1326 audit(1764402705.555:2818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17651 comm="syz.0.3232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  808.086895][   T40] audit: type=1326 audit(1764402705.555:2819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17651 comm="syz.0.3232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  808.101651][   T40] audit: type=1326 audit(1764402705.555:2820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17651 comm="syz.0.3232" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  808.119154][   T40] audit: type=1326 audit(1764402705.555:2821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17651 comm="syz.0.3232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  808.136266][   T40] audit: type=1326 audit(1764402705.555:2822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17651 comm="syz.0.3232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  808.155339][   T40] audit: type=1326 audit(1764402705.555:2823): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17651 comm="syz.0.3232" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  808.165450][   T40] audit: type=1326 audit(1764402705.555:2824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17651 comm="syz.0.3232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  808.172377][   T40] audit: type=1326 audit(1764402705.555:2825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17651 comm="syz.0.3232" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70fd579 code=0x7ffc0000
[  808.181869][T17656] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  808.189805][T17655] tipc: Resetting bearer <eth:syzkaller0>
[  808.209062][ T1417] ieee802154 phy0 wpan0: encryption failed: -22
[  808.211200][ T1417] ieee802154 phy1 wpan1: encryption failed: -22
[  808.375348][T13676] usb usb42-port1: attempt power cycle
[  809.249602][T17669] 9pnet_virtio: no channels available for device syz
[  809.408364][T13676] usb usb42-port1: unable to enumerate USB device
[  809.741727][T17678] netlink: 'syz.1.3238': attribute type 1 has an invalid length.
[  809.934956][T17680] 9pnet_virtio: no channels available for device syz
[  810.457184][T17655] tipc: Disabling bearer <eth:syzkaller0>
[  810.489366][T17681] gretap2: entered allmulticast mode
[  810.494065][T17681] bond2: (slave gretap2): making interface the new active one
[  810.497493][T17681] bond2: (slave gretap2): Enslaving as an active interface with an up link
[  810.666454][   T40] audit: type=1326 audit(1764402708.145:2826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17684 comm="syz.3.3242" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f02579 code=0x0
[  810.783902][T17691] Cache volume key already in use (9p,syz,)
[  811.018372][T17697] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  811.265900][T17702] 9pnet_virtio: no channels available for device syz
[  812.372272][T17712] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3247'.
[  812.519249][T17718] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb
[  812.742954][T17721] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  812.755722][T17723] netlink: 620 bytes leftover after parsing attributes in process `syz.1.3249'.
[  812.764546][   T40] audit: type=1326 audit(1764402710.235:2827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17711 comm="syz.2.3247" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f94579 code=0x0
[  813.361379][T17735] FAULT_INJECTION: forcing a failure.
[  813.361379][T17735] name failslab, interval 1, probability 0, space 0, times 0
[  813.366959][T17735] CPU: 0 UID: 0 PID: 17735 Comm: syz.0.3252 Not tainted syzkaller #0 PREEMPT(full) 
[  813.366987][T17735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  813.366994][T17735] Call Trace:
[  813.366999][T17735]  <TASK>
[  813.367003][T17735]  dump_stack_lvl+0x16c/0x1f0
[  813.367020][T17735]  should_fail_ex+0x512/0x640
[  813.367037][T17735]  ? kmem_cache_alloc_node_noprof+0x65/0x770
[  813.367050][T17735]  should_failslab+0xc2/0x120
[  813.367064][T17735]  kmem_cache_alloc_node_noprof+0x78/0x770
[  813.367074][T17735]  ? __pfx___page_table_check_zero+0x10/0x10
[  813.367086][T17735]  ? __alloc_skb+0x2b2/0x380
[  813.367105][T17735]  ? __alloc_skb+0x2b2/0x380
[  813.367120][T17735]  __alloc_skb+0x2b2/0x380
[  813.367137][T17735]  ? __pfx___alloc_skb+0x10/0x10
[  813.367154][T17735]  ? get_page_from_freelist+0x10a3/0x3a30
[  813.367168][T17735]  alloc_skb_with_frags+0xe0/0x860
[  813.367184][T17735]  sock_alloc_send_pskb+0x7f9/0x980
[  813.367200][T17735]  ? __alloc_frozen_pages_noprof+0x292/0x2470
[  813.367215][T17735]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  813.367230][T17735]  ? is_bpf_text_address+0x8a/0x1a0
[  813.367247][T17735]  ? __lock_acquire+0x622/0x1c90
[  813.367265][T17735]  unix_dgram_sendmsg+0x3e9/0x17f0
[  813.367284][T17735]  ? tomoyo_socket_sendmsg_permission+0x14c/0x3c0
[  813.367299][T17735]  ? __pfx_unix_dgram_sendmsg+0x10/0x10
[  813.367321][T17735]  unix_seqpacket_sendmsg+0x12a/0x1c0
[  813.367338][T17735]  ____sys_sendmsg+0xa98/0xc70
[  813.367352][T17735]  ? __pfx_____sys_sendmsg+0x10/0x10
[  813.367365][T17735]  ? get_compat_msghdr+0x11a/0x170
[  813.367386][T17735]  ___sys_sendmsg+0x134/0x1d0
[  813.367397][T17735]  ? __pfx____sys_sendmsg+0x10/0x10
[  813.367414][T17735]  ? find_held_lock+0x2b/0x80
[  813.367433][T17735]  __sys_sendmsg+0x16d/0x220
[  813.367444][T17735]  ? __pfx___sys_sendmsg+0x10/0x10
[  813.367460][T17735]  ? rcu_is_watching+0x12/0xc0
[  813.367473][T17735]  __do_fast_syscall_32+0x7c/0x300
[  813.367488][T17735]  do_fast_syscall_32+0x32/0x80
[  813.367502][T17735]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  813.367515][T17735] RIP: 0023:0xf70fd579
[  813.367523][T17735] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  813.367534][T17735] RSP: 002b:00000000f54ed55c EFLAGS: 00000296 ORIG_RAX: 0000000000000172
[  813.367544][T17735] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000140
[  813.367551][T17735] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  813.367557][T17735] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  813.367563][T17735] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  813.367568][T17735] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  813.367582][T17735]  </TASK>
[  813.784729][ T3242] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[  814.219366][ T3242] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  814.226018][ T3242] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  814.230197][ T3242] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  814.236397][ T3242] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  814.262246][T17742] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  814.266957][ T3242] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  814.444031][T17753] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  814.473217][ T3242] usb 5-1: USB disconnect, device number 86
[  814.493085][T17756] netlink: 620 bytes leftover after parsing attributes in process `syz.2.3259'.
[  815.102136][T17765] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb
[  816.368584][T17775] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3265'.
[  816.374650][T17775] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3265'.
[  816.754390][T17782] netlink: 'syz.1.3266': attribute type 1 has an invalid length.
[  817.341586][T17796] netlink: 620 bytes leftover after parsing attributes in process `syz.3.3269'.
[  817.654549][ T6074] usb 6-1: new high-speed USB device number 88 using dummy_hcd
[  817.718576][T17805] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb
[  817.790223][T17808] netlink: 'syz.3.3271': attribute type 1 has an invalid length.
[  818.513384][T17814] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  818.566254][ T6074] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  818.569981][ T6074] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  818.573093][ T6074] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  818.576045][ T6074] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  818.590200][T17798] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  818.595060][ T6074] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  818.819098][ T6074] usb 6-1: USB disconnect, device number 88
[  819.115339][T17807] netlink: 'syz.2.3272': attribute type 1 has an invalid length.
[  819.944662][T17832] CIFS mount error: No usable UNC path provided in device string!
[  819.944662][T17832] 
[  819.948765][T17832] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  819.975386][T17834] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3282'.
[  820.683942][T17849] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  821.233727][T17875] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  821.260189][T17874] tipc: Resetting bearer <eth:syzkaller0>
[  821.454651][ T6005] usb 8-1: new low-speed USB device number 93 using dummy_hcd
[  821.616767][ T6005] usb 8-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[  821.621236][ T6005] usb 8-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  821.625499][ T6005] usb 8-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  821.629392][ T6005] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  821.638235][ T6005] usb 8-1: config 0 descriptor??
[  821.967757][ T6024] usb 8-1: USB disconnect, device number 93
[  823.417739][T17874] tipc: Disabling bearer <eth:syzkaller0>
[  823.481196][T17895] ip6_tunnel: non-ECT from 0000:0000:0000:0000:0000:ffff:7f00:0001 with DS=0xb
[  823.545347][T17901] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0
[  823.591264][T17905] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3294'.
[  823.804826][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  823.807991][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  823.811418][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  824.112577][T13488] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  824.364815][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  824.393518][T17921] FAULT_INJECTION: forcing a failure.
[  824.393518][T17921] name failslab, interval 1, probability 0, space 0, times 0
[  824.398935][T17921] CPU: 2 UID: 0 PID: 17921 Comm: syz.0.3299 Not tainted syzkaller #0 PREEMPT(full) 
[  824.398960][T17921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  824.398970][T17921] Call Trace:
[  824.398976][T17921]  <TASK>
[  824.398983][T17921]  dump_stack_lvl+0x16c/0x1f0
[  824.399007][T17921]  should_fail_ex+0x512/0x640
[  824.399030][T17921]  ? __kvmalloc_node_noprof+0x12e/0x9c0
[  824.399052][T17921]  should_failslab+0xc2/0x120
[  824.399072][T17921]  __kvmalloc_node_noprof+0x141/0x9c0
[  824.399090][T17921]  ? __lock_acquire+0xb8a/0x1c90
[  824.399110][T17921]  ? seq_read_iter+0x830/0x12d0
[  824.399138][T17921]  ? seq_read_iter+0x830/0x12d0
[  824.399160][T17921]  seq_read_iter+0x830/0x12d0
[  824.399193][T17921]  proc_reg_read_iter+0x220/0x310
[  824.399216][T17921]  vfs_read+0x8bf/0xcf0
[  824.399238][T17921]  ? __pfx_vfs_read+0x10/0x10
[  824.399252][T17921]  ? find_held_lock+0x2b/0x80
[  824.399284][T17921]  ksys_read+0x12a/0x250
[  824.399300][T17921]  ? __pfx_ksys_read+0x10/0x10
[  824.399318][T17921]  ? rcu_is_watching+0x12/0xc0
[  824.399339][T17921]  __do_fast_syscall_32+0x7c/0x300
[  824.399361][T17921]  do_fast_syscall_32+0x32/0x80
[  824.399381][T17921]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  824.399401][T17921] RIP: 0023:0xf70fd579
[  824.399413][T17921] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  824.399428][T17921] RSP: 002b:00000000f54ed55c EFLAGS: 00000296 ORIG_RAX: 0000000000000003
[  824.399445][T17921] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000040
[  824.399454][T17921] RDX: 0000000000000008 RSI: 0000000000000000 RDI: 0000000000000000
[  824.399463][T17921] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  824.399472][T17921] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  824.399482][T17921] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  824.399504][T17921]  </TASK>
[  824.524655][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  824.574763][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  824.694987][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  824.734599][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  824.774544][ T3242] usb 6-1: new high-speed USB device number 89 using dummy_hcd
[  824.924586][ T3242] usb 6-1: Using ep0 maxpacket: 8
[  824.928741][ T3242] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  824.931904][ T3242] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  824.936725][ T3242] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  824.941370][ T3242] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  824.946548][ T3242] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  824.951323][ T3242] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  824.956447][ T3242] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  824.962138][ T3242] usb 6-1: config 168 interface 0 has no altsetting 0
[  824.966981][ T3242] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  824.970070][ T3242] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  824.975026][ T3242] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  824.979685][ T3242] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  824.984992][ T3242] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  824.989584][ T3242] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  824.994309][ T3242] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  825.000246][ T3242] usb 6-1: config 168 interface 0 has no altsetting 0
[  825.003416][ T3242] usb 6-1: config 168 descriptor has 1 excess byte, ignoring
[  825.006792][ T3242] usb 6-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[  825.011243][ T3242] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  825.016094][ T3242] usb 6-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  825.020844][ T3242] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  825.024614][ T3242] usb 6-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  825.028171][ T3242] usb 6-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[  825.032375][ T3242] usb 6-1: config 168 interface 0 has no altsetting 0
[  825.036806][ T3242] usb 6-1: string descriptor 0 read error: -22
[  825.038669][ T3242] usb 6-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  825.041641][ T3242] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  825.054880][ T3242] adutux 6-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  827.810038][T17929] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3297'.
[  827.857593][T17944] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3304'.
[  828.101306][T17953] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3307'.
[  828.529036][    C2] net_ratelimit: 34 callbacks suppressed
[  828.529055][    C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  828.551443][ T6005] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  828.685560][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  828.688873][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  828.692199][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  828.695457][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  828.698464][    C3] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  828.701312][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  828.704334][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  828.707184][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  828.793847][T17960] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  828.894867][ T3242] usb 6-1: USB disconnect, device number 89
[  828.959363][T17957] tipc: Resetting bearer <eth:syzkaller0>
[  829.200205][   T40] audit: type=1800 audit(1764402726.675:2828): pid=17950 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3305" name="cpuset.memory_pressure_enabled" dev="9p" ino=74973551 res=0 errno=0
[  829.729727][T17970] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  829.731828][T17970] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  829.798329][T17970] vhci_hcd vhci_hcd.0: Device attached
[  830.067272][T17973] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000e: 0000 [#1] SMP KASAN NOPTI
[  830.071146][T17973] KASAN: null-ptr-deref in range [0x0000000000000070-0x0000000000000077]
[  830.073798][T17973] CPU: 1 UID: 0 PID: 17973 Comm: syz.3.3311 Not tainted syzkaller #0 PREEMPT(full) 
[  830.076649][T17973] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[  830.080153][T17973] RIP: 0010:kernfs_root+0xb5/0x2a0
[  830.081830][T17973] Code: f5 00 00 00 e8 6c 23 59 ff 48 85 db 48 0f 44 dd e8 60 23 59 ff 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 78 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 d6 01 00 00 48 8b 6b 78 e8 e8 92 fa 08 31 ff 89
[  830.087711][T17973] RSP: 0018:ffffc90004107758 EFLAGS: 00010203
[  830.089632][T17973] RAX: dffffc0000000000 RBX: ffffffffffffffff RCX: ffffc900316cc000
[  830.092162][T17973] RDX: 000000000000000e RSI: ffffffff82633430 RDI: 0000000000000077
[  830.094644][T17973] RBP: ffff88804b5a1028 R08: 0000000000000005 R09: 0000000000000000
[  830.097024][T17973] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000001
[  830.099720][T17973] R13: 0000000000000000 R14: 0000000000000002 R15: ffff888027293120
[  830.102913][T17973] FS:  0000000000000000(0000) GS:ffff88809790d000(0063) knlGS:00000000f53d5b40
[  830.105974][T17973] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  830.108038][T17973] CR2: 00000000339f3ffc CR3: 000000005213b000 CR4: 0000000000352ef0
[  830.110662][T17973] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  830.113161][T17973] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000600
[  830.115659][T17973] Call Trace:
[  830.116758][T17973]  <TASK>
[  830.117698][T17973]  kernfs_remove_by_name_ns+0x2e/0x110
[  830.119203][T17973]  driver_remove_file+0x4a/0x60
[  830.120676][T17973]  bus_remove_driver+0x224/0x2c0
[  830.122248][T17973]  driver_unregister+0x76/0xb0
[  830.123771][T17973]  comedi_device_detach_locked+0x12f/0xa50
[  830.125641][T17973]  do_devconfig_ioctl+0x555/0x710
[  830.127215][T17973]  ? __mutex_lock+0x1c5/0x1060
[  830.128688][T17973]  ? __pfx_do_devconfig_ioctl+0x10/0x10
[  830.130447][T17973]  ? kasan_save_stack+0x42/0x60
[  830.132009][T17973]  ? kasan_save_stack+0x33/0x60
[  830.133545][T17973]  ? kasan_save_track+0x14/0x30
[  830.135097][T17973]  ? __kasan_save_free_info+0x3b/0x60
[  830.136959][T17973]  ? __kasan_slab_free+0x5f/0x80
[  830.138605][T17973]  ? kfree+0x2b8/0x6d0
[  830.140049][T17973]  ? tomoyo_path_number_perm+0x470/0x580
[  830.141889][T17973]  ? security_file_ioctl_compat+0x9b/0x240
[  830.143667][T17973]  comedi_unlocked_ioctl+0x165d/0x2f00
[  830.145438][T17973]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  830.147285][T17973]  ? kasan_quarantine_put+0x10a/0x240
[  830.148991][T17973]  ? lockdep_hardirqs_on+0x7c/0x110
[  830.151049][T17973]  ? find_held_lock+0x2b/0x80
[  830.153022][T17973]  ? tomoyo_path_number_perm+0x295/0x580
[  830.155103][T17973]  ? tomoyo_path_number_perm+0x18d/0x580
[  830.157435][T17973]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  830.159835][T17973]  comedi_compat_ioctl+0x1d0/0x990
[  830.161963][T17973]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  830.164362][T17973]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  830.166799][T17973]  ? do_vfs_ioctl+0x128/0x14f0
[  830.168743][T17973]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  830.170798][T17973]  ? find_held_lock+0x2b/0x80
[  830.172827][T17973]  ? hook_file_ioctl_common+0x145/0x410
[  830.174806][T17973]  ? __fget_files+0x20e/0x3c0
[  830.176286][T17973]  ? __pfx_comedi_compat_ioctl+0x10/0x10
[  830.177922][T17973]  __ia32_compat_sys_ioctl+0x242/0x370
[  830.179681][T17973]  __do_fast_syscall_32+0x7c/0x300
[  830.181476][T17973]  do_fast_syscall_32+0x32/0x80
[  830.182976][T17973]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  830.184966][T17973] RIP: 0023:0xf7f02579
[  830.186272][T17973] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00
[  830.192298][T17973] RSP: 002b:00000000f53d555c EFLAGS: 00000296 ORIG_RAX: 0000000000000036
[  830.194878][T17973] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000040946400
[  830.197341][T17973] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  830.199931][T17973] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  830.202650][T17973] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000
[  830.205141][T17973] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  830.207604][T17973]  </TASK>
[  830.208610][T17973] Modules linked in:
[  830.213832][T17973] ---[ end trace 0000000000000000 ]---
[  830.224906][T17973] RIP: 0010:kernfs_root+0xb5/0x2a0
[  830.232491][T17973] Code: f5 00 00 00 e8 6c 23 59 ff 48 85 db 48 0f 44 dd e8 60 23 59 ff 48 b8 00 00 00 00 00 fc ff df 48 8d 7b 78 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 d6 01 00 00 48 8b 6b 78 e8 e8 92 fa 08 31 ff 89
[  830.239426][T17973] RSP: 0018:ffffc90004107758 EFLAGS: 00010203
[  830.242012][T17973] RAX: dffffc0000000000 RBX: ffffffffffffffff RCX: ffffc900316cc000
[  830.244769][T17973] RDX: 000000000000000e RSI: ffffffff82633430 RDI: 0000000000000077
[  830.248171][T17973] RBP: ffff88804b5a1028 R08: 0000000000000005 R09: 0000000000000000
[  830.250851][T17973] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000001
[  830.254025][T17973] R13: 0000000000000000 R14: 0000000000000002 R15: ffff888027293120
[  830.257211][T17973] FS:  0000000000000000(0000) GS:ffff88809780d000(0063) knlGS:00000000f53d5b40
[  830.260748][T17973] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  830.263262][T17973] CR2: 00000000f72c0bb4 CR3: 000000005213b000 CR4: 0000000000352ef0
[  830.266397][T17973] Kernel panic - not syncing: Fatal exception
[  830.269218][T17973] Kernel Offset: disabled
[  830.270977][T17973] Rebooting in 86400 seconds..