last executing test programs:

29m19.040231111s ago: executing program 2 (id=168):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x200}}, &(0x7f0000000100)='GPL\x00'}, 0x94)
prctl$PR_MCE_KILL(0x35, 0x0, 0x10)
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='contention_end\x00', r0}, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_int(r1, 0x29, 0x10, &(0x7f00000000c0)=0x446, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x16, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x79, 0x10, 0x90}, [@ldst={0x3, 0x0, 0xb}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @flow_dissector}, 0x48)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000005d00)={0x114, 0x2e, 0x1, 0x0, 0x25dfdbfc, "", [@nested={0x104, 0xf2, 0x0, 0x1, [@typed={0xc, 0x18, 0x0, 0x0, @u64=0xfac08}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@empty}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82", @typed={0x4, 0xe9}]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

29m15.957074168s ago: executing program 2 (id=172):
socket(0x400000000010, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x14}}, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$unix(r2, &(0x7f00000002c0)=@abs={0x1, 0x0, 0x4e21}, 0x6e)
preadv2(0xffffffffffffffff, 0x0, 0x0, 0x2b, 0x0, 0x0)
r3 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_control(r3, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="05000000010000000400000004"], 0x50)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000001c0), 0xc)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'sit0\x00'})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r4, 0x10e, 0xb, &(0x7f0000000000)=0x40b, 0x4)
r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000002880), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="e7d329bd7000ffdbdf250e"], 0x3c}, 0x1, 0x0, 0x0, 0x20000010}, 0x48010)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r0, 0x10, &(0x7f0000001180)={0x80000000})
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000140)={0x8, {"87412fcf3b7656866352bfc3b2a97409f657f12f35013bff5243e9df7287106d02bcb0d638722ca4b8c03c00d8a7008f57b74d0fb9eda8c8d8a733262574a53c242d4bc2315f2a4330212629510faf60e06a809b44e3e956079f8e15309975eff5624b8e45b4290e4fd8619c8cda5e70e7fb7483bcb2d4dd171510932e4433505aa14c048b20f8bcea3979ac05e8a7f8c69335943f945df35be808e545a8701b5be1992667e07680101ae7c1052ba83cc3bd6351e484cc28c90390cc9a670f8e82994662194133d1416df6adf63f7d4dfa6bd4d6ed755b91231e5ad99cd82cde77441875b7f23566f34ec3ef4c58ca1243a22bdb0f3d0c3c0cf3567d3624b00e0822cc27b0c10cd3ebbfe5cee69113acf809ee9cb63e761d1b8b74c19cd23e3e4701f08d76318d0f11a28ad24f46105b6d53b071cc8e51e0b54609f2757158c24bb01751b963681616d9fe8948f2234a5f53ecb3af48f3896e53c92a4a0035c1a22c08dd13808f8d26772e52c418e2860f4d1c51b77ce73bf7ae4a0023218a4e3af6ac7fb00396b4d5d69996e39638c42c51384bca0d141bc64e27ad1cbccc3d45cec59fd5fc46e312696c47b8d1b029c7cbd0194c675d445e93f7abf8bf2d4765f03e57fde167382ece70993a0cfe964e1a6f75b88af69739f654043da63c32c4101f30de250b052f7eb6da1eecf5dd1d6d29b63620af24d62c31c6566c82763b7ab4293441dd14d369f08cf1189a58047952bf8f973c095ffbdfa9b91bbfa8c3c894d85f08fd311ab1eae103318761b47a93a6cae00204635a8cb57b3204c4b8fbb2dfef3c596f8d4dda918110abd6ebc5bf26311c438898a7f814ae9ff9ab8c8f23282906cf57dc2e167bd3be0a2b19945b3dde4e7fe2d01056a1d9d486e543bf2454c4e4219ffc33ae22a824b0e1058706656c59cc6e5c08fcbe0a88d35cf178136aabf450453dec7878bccc1daca7c6690983be524e83a17f9ce02ec0a58c125916cd7575ac1cc02f8485562f1542da73fa09d2be7f4d3e629fde6e5c58389a1ffb95b146e1d1b2a25aede59f02c5f9a55fc53b1867ee3863fb838e0750beb6939097aca0c03ebded37f2ffa945339fcc99ad006aa71863358bf300a71df24adc6b00c2687e7756a8d5e93668ba13989e824dbb992050748b87b9300ffea6ccf04a990046f5522749d80d45444866e3d7c21dfb786563e3ca11b5311eb3f8b7ed70e73ef02e477d76dea6c14bf1b47a2cda66a024eae350efb34d11fd512d0921d16e6c5e90845be2a5e8ea30f438f331f1e316c5d6e60526249300e6fc921dd8c0c8d470e2485b9145b12ed332b0de2bc3b29f7dbf980617c378f28ebfd8b0a37c89124c79c5b2f344b5c3b5d0f3a8641093b4b06d5a67c152a510a56a0bef5a24fea0869455e7d54535163289a970e6e908aacd0c30f85fbf16b923e5d18a997b5b0b1f2bd15a7f1ccc33b8cf1b8fd0e0f8f4f0ff533669e5f71f460f3672f6ca7a1539997689fd6f97f296f53761bf94f5f75aa274cb5ae67b25682cca33c87da759c0c99e064fa973af0d2d6ccf82266a48241d2284eda04590bc80c31b0c0b04fa104cce536fbb29508a222c4a777c072348502a27272ff9656a0fba49538be263d23e9bce31f3e5d573b1cbc0b0ecb27170c2eb10115dd8ecaee8f0ead3202d3c855223c196a7343fd6d2c152430add0c5d088a406f40e4aad95fc2d30655ca81f65aeeaf81eb82821da75334ed82cb09f41c891c53cd193ca8f99017fd28f5b454ada00989697756f2aaf11254c67dca0ee39d51a6dfcd09732401bdda91de59ef0af9a8711c8b3365caab3a941c3aae59a3cc51f7604b8dd945e174a69d556ea00dbf82baef3c263488eaa96c009c399486d7d828dbddf34acf90575c55463cd92b55162647cb1a282e2670928eb9c0c0af020202d2387bffcbe4006019d20b0963da0fbbdf9fefd6ef1f8fb5ba0c6ea129b004df63bcd06d7d6d09b6783e70a1bfa6d2fc1066621f7ea859cca0467c8322b32655eb23f5d3197ebc0a49ecf867c3e934e91ea31c3415ccc7adf01ca6a2e835eed34cd953f2cf89aec22a48cd3ba586001f15012f9c8edaeead6df6ee6cdaaadd62cffd7fd34bb175065cee2a9a79776cc13bb74930e1edc108e03eba8b3bb2c62d1d695d5284c8cad21d9bedad563e2e96570ea03b23032d818d305c188810116bea0e19f33e7a4eb71e2e86281f55c095ad24005dccee4685395206dbfb7480d55f00e191407844cd6ba022ceea6eac1e5ef1107df340764065ff13480924b4d63c00ee00f9b9bfebee99d9ec920a821fcf06f14a1b5bb4e0590dc30a5c9944f5b2ffe6ff0c62165930cf450718b2ad74775553c6a5de2d9eab709912158b00b87836cf8feab171d774fa0745222902d0c99b312240e900e2759211168947d6d52eaf5f9df731d9d2b1ea2cf2713ca5a9fc9c64761f19012bca4d901e65ccae30197b6c3f57d82d7990d0c82d07a9dcd147a470319f0c6261b8cd5eec858a88ca9a28663220ccc0e2361dc40daffd486e625c403013d70bd4b029f8f63797ae6e7b02e800fdf709824b0e27b6073792fcee6c2cc1477368d0832723a2b13ba98daee9cdf9ede4eb6e7aeea7b37c04fee94db6f28c8252cc0b4b36af066b3b148ceb6765357eb01a071fbeef1d41b296d1627066b9ab344ddb259df37cb9e301e26a5cdf362c8f015236c7aed0cadf533431d9336fe9b5cf17f66964ccdff0db89526b9f2256fc3b82e4e749c5672cb14884935efeb65a44ff9035bbb648242bd508449afd0740491ab5819b75f19802b6741d854fbd87e694df208c55a3751c0865cd09e1e328d079693aef4fc437c9bf977c9aeae7b0a4cebf0c54ebe02efec8f53c7889af5b16ab4eb13422d5ba73a76db75d7cffe779b0ffdcc0ad429dd09448b54f10bac299361d7d649e7d38b7c470ab9f77daeba576783a7b0161e59a61f96d407773bc79c4beadc19c1a1dfde445f819aee6afecccad3579e26542321b53ab0877544c25eaa638e405449ad26c9b8ca38838ab31a8387bd7772e521e80df7c63a534f9eb6c0aacc513d17a78ae076bbaac2472153aa43ca3aa454ab5b334126a74e72e833ab718384e3a8c0e3a7a62e89362cd3da082f83052e91c02ed49739357b77546329969214dc0ca44fbdbf98eb558bb20a328788cf80e358db5b55b1c91b1d3e116642527a40850e9935eb894afc010c67be9034d05dbc5ef41f5660c849c588718c8c6517715e3fec863265fb873b03e8c3d60c7bd69ac8fa156cc5455add9ba2b9b2bcf31eae846cd31ac2b6e29bbed6384ae9bc96a2b68d13fddeaf64f08653547416782ab3eb6e206699fe084d51e32911d994626a3e7970dac2b3a7aa79222ea714228dfaeb1947894db1c4e5f21d5149f2f1b9df2084e6e848da180422e7db75f32deaec04f0cec0c3dab199dca6f932e4f774e7a072798d465a79010e08f284bf01fae43340269269eecc7b43ace70661ea38a4f19faa2df9867437dd55c5e711672057fed655eb02c3e8b05516cd08ce5db30c2adae57bb30bb45590d566bd74956d86269bf8ee9ca064780ead780c8f10795e4d93bfefddaebacfb93ab6333c8b5318c0d73d55364c2dfe057184d837d9a9c41b9070cfe2366f9bdcbf30dd9d5b8566c6204bfdb1c11dd936d9a4b288172a706f0ac9b3b8e0e97fa35579e73fe600134eb004dd9c8d1a7f4d625419c2d48b1a906ac1f7ef34f3c9a816de3c53f6f019a4a554f6a282a21f45891ffaa1e85c5af43f949c8a495dfe7953f53793dac5455b679f90efb678d25b9a7b7326193c34922487a2d83b1689261891d55ca69954c5f4d1fb1824c577cdc8dc4a22d5662e15f87ad729df239ec9ee007556c633d5dbbb4874568d11375250dd836e944c523ffcde1c156613877715c1895a0b755a971b41a1167542d5a94b2930e818fa18d169ed1f95db235cabba2f0b8162c93a31e549ee7903cb8ea9b15a39486b1d1347957e768ab1c372513f0816fd03d64e03c95019bb47b221a60f36c9ad2e4eee321175fdc6dcde5bea9d1bf73cd8ac2919a4f652fea4e1f5e761f5aeb78d925f175e066595e642a2f0c9eeb9313432bb0726ad27e3767007a27bfcdaa83a91b903ca122a3c0d503dc1ff3bdcedb096d0c7c74a67536ce50cc4b1aedef43a8d7bd26f657e3044b6ff25b01e91eb50cd17a2b28b2190e088786c5f3a6b79cf10c7de46cf94aecfdf3e99fc7ff07ca0d051375d81c888eeb525ac2b38036700a5646ab2a3814e7e91441f3dc6c0a149804142fecd91f6d6fff02e6058a670cef325dd009897fb9f7650eeabcfd832e30d2d59080c56fe524666f992c090f5ba17cad9ec034374ed4b98d46fa87b9068b31bf99d80714a736218992e37d674a0100128f93503156f9d53070cbcbb6f1aa4758a2b0012ae3b44ed0952a9ab17a626e9ccd994c401a9749b209d95223a0aa6533654a34cb1b3d4581475a22692daf84e4b87e68f6e53124cb6e3598a363d9157e94fb7d3eb59d6871766a1c3e40820f5eb917b03483cec88524ea8deb4f44dcc2bd73d01fb5ab3f45179c9d176666b6d8264aa7a6694aa208f3a8b9e6269d8b57d233d721750ef14b7b9f711e8c90bd480dbfa0c01d6dd3e899162cbde3c55f0dc0a438347b740fcde9aa0ecd9dd8e1265da91a5dd0d502608c045a54d1a23b91aaf0bb0bcb1174429cae5f2bd99011325d3df263621f110550a181767299fe386125069d08614adf9a1f3070fdcbae318c7b995d75e0ae92e5ab781d1fa0aa71c6a9a5b886835469e204da4c4592375df674a95edc197f097386e2b1de0e068df16c80dd7cd281e5c7ac6ed8d472dfdf8a4cb3dfe753635872c9c9f2a7928fc079b9191c72074b84bfdbcf6a8851bd3796f3d8ea0c9a5b124336dde9c80314aaad1e479a83a32c3ea57fd606c4753551a323cc2e83dfdb4ce40330b05a92172842f9c9df0d69c5cac7c1533c8f422dc7f9f5d697f679ea103f386d4d27fa9d3abdb335d78e6e3a1f0287056f65bb82850317883d80eb676acfd2c9c3da6f530c4f10c32865575bc75432bbf646de1f20fea33ba709befa14099bb52938dea4870a79c6814fb47ad4b8d0d8f180c8dfaa629a39ee861da33dbb0729450802e0dd1e669a07cc74e395986f13850c51fe7b7b4f295fafec913e26df87087c1868c8debbe48f83428819357c953e525abba44d25a3ceb23660c8df4f667463063179b792605a1609dcf63bef3114f4a7a41e54caeb6f164737bb508a91c015cfa960e7971dbb9f5a6bf13cdde7584c37a0e143fa5e6132cd553518f7a277b02aa89a9cd7efe86cc86122a7066c5d60de76cfa6aaf0ae10323534ff6065b715a4c1c2c376338c355fea617b5b77aed0375856516de8b9a556f45f0a907255b4417e3ff9d3363ee9c0317f076cea2f2a90477957f6b72d73085f4f700d18e194d136f253d5c5b1b5fa0a76b37aba42baf527b247aa3ae4ef229d14eae58ebbb7dfd69f4f9bcfb56295ea8ce8cad5c71ee9293d8738c36bdccfd56f99f2c4e42848e3a86b365bf470242e2dec850b61988e4ac505d11e46ae9448d9bab6f208d751921dca54c3ac30fc16fae710bf64401238bef451efd53ac49cc2a1b40d50b59e196ac8fa8272f36ab11abf2ad7d7534c2da0d491f6fad41e63de771f8ec66752c4914dc3d7db34b3b21ce286d077e9900933e650b7d63bd021d3ec71f913efef9ff089c0c762b65bb6f50fcfcaed08d2db57b59b613f269072", 0x1000}}, 0x1006)
r6 = socket$inet6(0xa, 0x1, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x89f0, &(0x7f0000000040)={'syz_tun\x00', &(0x7f0000000100)=@ethtool_ringparam={0x4, 0x1000000, 0x10, 0x8001, 0x2, 0x0, 0x2, 0xb}})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x80000000}, 0x50)

29m13.8283696s ago: executing program 2 (id=175):
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='sched_switch\x00'}, 0x18)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r3 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000008c80)=ANY=[@ANYBLOB="2c000000260005"], 0x2c}}, 0x800)
recvmmsg(r3, &(0x7f0000007700), 0x318, 0xfc0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r4 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
ioctl$I2C_PEC(r4, 0x708, 0x40)
ioctl$I2C_SMBUS(r4, 0x720, &(0x7f00000000c0)={0x1, 0xfb, 0x1, &(0x7f0000000100)={0x8, "6a6ea751434fd7f4a4331cbdbff893a5ba0300"}})
syz_io_uring_setup(0x1108, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x3, 0x21e}, 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r5)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000200)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r5, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="050000000000000000002100000008000300", @ANYRES32=r7, @ANYBLOB="10007d80", @ANYRES32=r5, @ANYRESDEC], 0x2c}, 0x1, 0x0, 0x0, 0x440c0}, 0x0)

29m12.40296504s ago: executing program 2 (id=177):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8008b}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x20, 0x4, &(0x7f0000000500)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x4, 0xc3, &(0x7f0000000400)=""/195, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x4, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = accept$unix(0xffffffffffffffff, &(0x7f00000002c0)=@abs, &(0x7f0000000080)=0x6e)
connect$unix(r0, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r2, 0x0, 0xff2e)
syz_open_pts(r2, 0x191200)
r3 = timerfd_create(0x8, 0x0)
timerfd_settime(r3, 0x3, &(0x7f0000000140), 0x0)
epoll_create1(0x80000)
r4 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000240)={'hsr0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newlink={0x60, 0x10, 0x503, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, 0x0, 0xf115}, [@IFLA_LINKINFO={0x30, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x20, 0x2, 0x0, 0x1, [@IFLA_VLAN_INGRESS_QOS={0x10, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7, 0x8}}]}, @IFLA_VLAN_ID={0x6, 0x1, 0x4}, @IFLA_VLAN_EGRESS_QOS={0x4}]}}}, @IFLA_LINK={0x8, 0x5, r5}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x60}}, 0x0)
clock_adjtime(0x0, &(0x7f0000000000)={0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3b9ac9ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x10000000000100, 0x5})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r7 = gettid()
read(0xffffffffffffffff, &(0x7f0000000200)=""/209, 0xd1)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(0xffffffffffffffff, 0xc0505350, &(0x7f0000000940))
tkill(r7, 0x7)
syz_io_uring_submit(0x0, 0x0, 0x0)

29m8.261230998s ago: executing program 2 (id=185):
r0 = socket$alg(0x26, 0x5, 0x0)
setxattr$security_evm(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100), &(0x7f0000000140)=ANY=[@ANYBLOB="04030000000000000006"], 0xa, 0x2)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='\x00'/16, 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x100)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', 0x0, 0x1208023, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs2/custom1\x00', 0x802, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000300)={0x50, 0x0, &(0x7f00000001c0)=[@clear_death={0x400c630f, 0x3}, @release={0x40046306, 0x3}, @increfs_done, @acquire={0x40046305, 0x3}, @dead_binder_done, @request_death={0x400c630e, 0x3}], 0xbf, 0x0, &(0x7f0000000240)="71448e5c7aa61a8dd9b017996d377db4373d18d014e2b252557cb707f699334cc06336cfdf9c43970c91b11778ed65680669d77a83862c442d5fe4df41f6eba369a21315063472970b7e96a9255e944f5fef7c3a9c077fc8c5146ed524381fd135a40226122d2b19baee31e3716cfb9c93aa62653d23e2773e2c0f55191e4ee2b9a73f6b229b68d4a5cfce96113966d5761017aa82e8441fcbfe1a23109b2be0d018740f148277cf4739bea112803d8a730ad7f9ccdd4c2ec8ec62dc75fb85"})
openat$kvm(0xffffffffffffff9c, &(0x7f00000020c0), 0x1, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000500)=@newsa={0x150, 0x10, 0x413, 0x70bd29, 0x0, {{@in=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x4e24, 0x0, 0x2, 0x0, 0x20, 0x21}, {@in=@multicast1, 0x0, 0x32}, @in6=@loopback={0x100000000000000}, {0x0, 0x0, 0x0, 0x0, 0x8, 0x80000, 0x81}, {0x0, 0x5, 0x4, 0x4000006}, {0x0, 0xfffffff9, 0x80000}, 0x0, 0x0, 0x2, 0x4, 0x81, 0x68}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x80, "25cac5216d3c8af0aa76902918bf448c5d9f5459"}}]}, 0x150}, 0x1, 0x0, 0x0, 0x612fc0b6c779297b}, 0x0)
socket(0x25, 0x5, 0x0)
socketpair(0xb, 0x80000, 0x6, 0x0)
r5 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r6 = fcntl$dupfd(r5, 0x0, r5)
write$sndseq(r6, &(0x7f0000000200)=[{0x0, 0x2a, 0x0, 0x0, @tick, {0x9b}, {}, @raw32}, {0x0, 0x0, 0x1, 0x7, @tick, {}, {0x0, 0x4}, @raw32={[0x3, 0xffffffff, 0x5df]}}], 0x38)
ioctl$SG_GET_PACK_ID(r6, 0x227c, &(0x7f0000000000))
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r7, 0x0, 0xd}, 0x18)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$smackfs_ptrace(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x388}, 0x0, &(0x7f00000002c0)={0x3ff}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)
sendmmsg$inet6(r2, &(0x7f0000003b80)=[{{0x0, 0xd, &(0x7f00000003c0)=[{&(0x7f00000000c0)="e6", 0x1}], 0x1, 0x0, 0x0, 0x7000000}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000440)='&', 0x23fff}], 0x1}, 0xff03}], 0x4000070, 0x8000)

29m4.822036228s ago: executing program 2 (id=190):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32=0x0], 0x48)
sched_setscheduler(r0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_REMOVE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r4, 0xde187bfeedb11a59, 0x70bd27, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x1}]}, 0x1c}}, 0x400c814)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb705}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r5 = syz_open_dev$sndctrl(&(0x7f0000001ac0), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r5, 0xc4c85513, &(0x7f0000000000)={0x2, 0x5, 0x1, 0x0, 'syz1\x00'})

28m48.611131798s ago: executing program 32 (id=190):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32=0x0], 0x48)
sched_setscheduler(r0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_REMOVE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x1c, r4, 0xde187bfeedb11a59, 0x70bd27, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x1}]}, 0x1c}}, 0x400c814)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb705}, 0x94)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r5 = syz_open_dev$sndctrl(&(0x7f0000001ac0), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r5, 0xc4c85513, &(0x7f0000000000)={0x2, 0x5, 0x1, 0x0, 'syz1\x00'})

25m22.144426655s ago: executing program 3 (id=833):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x101862, 0x0)
r2 = dup(r1)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
r4 = openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0)
preadv(r4, &(0x7f0000001b00)=[{&(0x7f0000000000)=""/222, 0xde}], 0x1, 0x8, 0xeffffffc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x8000000000000}, 0x0, &(0x7f0000000100)={0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0)

25m20.026486855s ago: executing program 3 (id=837):
unshare(0x22020600)
syz_open_procfs$namespace(0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x11)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
r0 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
read(0xffffffffffffffff, 0x0, 0x0)
unshare(0x20000400)
poll(0x0, 0x0, 0x9)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61158800000000006113500000000000bfa000000000000007000000ee0016055e0301000000000064050000000000006916300000000000bf07000000000000260507000fff07206706000020000000470600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)

25m17.843795257s ago: executing program 3 (id=842):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000b00)=@newqdisc={0x4c, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r1, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x8, 0x200, 0x8, 0x6, 0x8, 0x8}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4c841}, 0x44080)
syz_open_procfs(0xffffffffffffffff, 0x0)
io_setup(0x4, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000008c0)=@newqdisc={0x70, 0x24, 0xd0f, 0x70bd26, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xfff2, 0xa}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x44, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0x6, 0x0, 0x3ff, 0x6, 0x4, 0x5}, {0xff, 0x1, 0x401, 0xf64a, 0x1, 0x9}, 0xf97, 0x6, 0xb70}}, @TCA_TBF_PRATE64={0xc, 0x5, 0x592f3ca27be3fa98}, @TCA_TBF_RATE64={0xc, 0x4, 0x2e27b565961173ac}]}}]}, 0x70}}, 0x800)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r5, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000004900)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="af", 0x8980}], 0x1}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000b80)="bda033176eb146b36ef41f221a4e7ce4a02598d750606488520915c6806affc0a913781c7211ce1fcd59a12b5d5afdaf9d723f092ce9d1eed16e208f2e79831ca049e8979ad94621175c2c48c10e33b29f2def51498743b057efc21efe4be4d9f02e9d236f27190c29c5da0f3799452f5e3640340502fde4ae8c56b303e1b79b3d1842bf6277771bef544c745e7a80c9e7efdd1c619f69b9d01839aa326776d335689e4db7cb7e32fad8f4c40e943b43eb4ea173d720bf5998149625a731643636c8ddbe61e1d7d4736f8414a84acc40557012c82697d8a59c873424aefb3c7ff0dba302efaaf887a477b1ab7ea6c1def9db3514e444c1ef36c6cf42cde90d4bbb2e923a5d16a1bb191ad91cab867cd55037d507a12803f3df1b81f1857fad085dbc5c46aac14230d7a4f8b36d6bc63b4a16cd309b7697b421a662b83001b5ce5ab3ff80800243107df7aa6cae9a5db6a8f2a53ef7d6c6aeac76b83a15466c74a9cdbcde8505e3d14c0c3a47a36bf464168202dc88e25f4c1da57faf0eaa7ff16bdd751c2ae5778e169c8ffba57c9a20e24ad51e6e8e02b721e8ca94f131cc98e03b34b615a1db4080362de4ef215d5a0541aeb0c742a2636ac5af8538ceb3585ef9dca8037df55baa072096073b005b53eff0b899de59bc2b5d687d109520571eeacb30124c4012fe6cb9e3bf451be3d219206ddc35099101533cff5aee6c4783e00e6dd391f664052a6c66c62f62a49fde8fbe336543bf99b55e53b801e54c1d0a292da83db26a8a870ac1d8751c4bc0d495277295cd3a17f9e9a25d70214a17b981b62d5c75356ed025df3557a8b59648edd9d1dbdf169d91f9d85cfac11a57db0a14f03e8934a2cc98d389912a0d9942a40c3ee98d35da61d3bab1a32c9d788e9f74ee57012ca5bfd0dc090b591c64aae6a205fbd349fc372bbd7429983a69cae26ff8b5b019144d318ba225e46bc6cf8d7d3e5952333042542b2fd4fb4d88a3651dd8e14ecc2845d4e71f7dfd128e9e2ee2ab0062a3e701bb2477bfd73d7396ae522f11fa481078d1c7f7905e0846fb072dcf7c06102b3816ec4a3518514c7166d7385b680469f5184a93953258952554e68d93ea8f789c4f13982b65996d7d9cf19f0b39b72e1dc9079d84413bbc30d24fc481e24ef1beacb8bc15f50c2663d684d16a1c71b2c8a568481f4f1b254ccd66fbef4cacfc3e13f2c943a264e429824bef7297f93076aea55ed9cf12512ce3ac3df331695024bd1e53369a87caf6894fce811a64dad315402678de76", 0x390}, {&(0x7f00000003c0)="439e9c06fc666cabc8569d63a866b31ff3ceda1e28f23f455e96a02001fc3fb089ed9e5234", 0x25}], 0x2, 0x0, 0x700}}], 0x2, 0x0)

25m17.62424692s ago: executing program 3 (id=843):
syz_usb_connect(0x2, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000059770c40c009030243d3000000010902"], 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180200000100000000000000000000008500000087000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, 0x0)
bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
syz_usb_connect$printer(0x3, 0x2d, &(0x7f00000002c0)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x48, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x7, 0xc0, 0xf9, [{{0x9, 0x4, 0x0, 0x7, 0x1, 0x7, 0x1, 0x1, 0x9, "", {{{0x9, 0x5, 0x1, 0x2, 0x418, 0xfd, 0x1, 0x8}}}}}]}}]}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x100002, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000140)=ANY=[@ANYRES16=r1], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r2, 0x0)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r3, 0x541c, &(0x7f0000000000))

25m14.064933754s ago: executing program 3 (id=851):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$FUSE_INIT(r0, 0x0, 0x0)
syz_fuse_handle_req(r0, 0x0, 0x0, 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x101091, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, 0x0)

25m13.874371638s ago: executing program 3 (id=852):
r0 = socket$l2tp(0x2, 0x2, 0x73)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x51e059c008b21aa4)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x0)
sendmsg$NFT_MSG_GETRULE(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
ioctl$sock_inet_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000100))
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010000d040000000000", @ANYRES32=r3, @ANYBLOB="002000000000000024001280110001006272696467655f736c617665000000000c000580080022"], 0x44}}, 0x0)

24m58.208141572s ago: executing program 33 (id=852):
r0 = socket$l2tp(0x2, 0x2, 0x73)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x51e059c008b21aa4)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x0)
sendmsg$NFT_MSG_GETRULE(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
ioctl$sock_inet_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000100))
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010000d040000000000", @ANYRES32=r3, @ANYBLOB="002000000000000024001280110001006272696467655f736c617665000000000c000580080022"], 0x44}}, 0x0)

20m45.424404887s ago: executing program 5 (id=1380):
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000280), 0x22802, 0x0)
r1 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x3415, 0x10100}, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x2def, 0x0, 0x0, 0x0, 0x0)
write$char_usb(0xffffffffffffffff, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd)

20m44.76331847s ago: executing program 5 (id=1383):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
sendto$inet(r0, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
shutdown(r0, 0x1)
recvfrom(r0, &(0x7f0000000480)=""/110, 0x168f6f3d, 0x734, 0x0, 0xfffffffffffffecb)
ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000000))

20m44.46593793s ago: executing program 5 (id=1386):
openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi0\x00', 0x8080, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x4, &(0x7f00000006c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7ffffffc, 0x0, 0x0, 0x0, 0x5}, {}, {}, [@ringbuf_query, @tail_call, @btf_id={0x18, 0x9, 0x3, 0x0, 0x5}, @initr0={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0xd}, @cb_func, @initr0={0x18, 0x0, 0x0, 0x0, 0x915, 0x0, 0x0, 0x0, 0x7}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffffffffffff8}, 0x94)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x23b, &(0x7f0000000380)={0x0, 0xce0a, 0x10100, 0x3, 0x370, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x708, 0x41e3, 0x0, 0x0, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r5, &(0x7f0000004200)={0x2020, 0x0, <r6=>0x0}, 0x2020)
write$FUSE_INIT(r5, &(0x7f0000000040)={0x50, 0x0, r6, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r5, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x20, 0x0, 0x4000000000009, {0x0, 0xe}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$LOOP_SET_DIRECT_IO(0xffffffffffffffff, 0x4c08, 0x591)
acct(&(0x7f00000001c0)='./file0\x00')
umount2(&(0x7f0000000000)='./file0\x00', 0x0)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
acct(0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
io_setup(0x8, &(0x7f0000000680))
syz_open_procfs(0x0, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r8, 0x0, 0x80, &(0x7f0000000d00)=@nat={'nat\x00', 0x19, 0x6000000, 0x90, [0x200000000c40, 0x0, 0x0, 0x200000000c70, 0x200000000ca0], 0x0, 0x0, 0x0}, 0xe0)
r9 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000dc0)={0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000d40), 0x21800, r9}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, 0x0, 0x0)

20m43.392525234s ago: executing program 5 (id=1390):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x84000, 0x0)

20m43.24839574s ago: executing program 5 (id=1391):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
r1 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x1f7ff6, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xe1000, 0x280000b, 0x28011, r1, 0x0)

20m42.981911836s ago: executing program 5 (id=1392):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000040)="f30f01a64addbad004ed260f01c5c6f87e0f01cf631c66b88889118366efbafc0cb80a00ef0f0fb3fed6bfc4e38d449c7a7a0fba4100b000eef30fa7d0", 0x3d}], 0x1, 0x12, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x3, 0x0, 0x4, 0x0, 0x2, 0x0, 0x7fffffff], 0x80a0000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

20m42.737552738s ago: executing program 34 (id=1392):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000040)="f30f01a64addbad004ed260f01c5c6f87e0f01cf631c66b88889118366efbafc0cb80a00ef0f0fb3fed6bfc4e38d449c7a7a0fba4100b000eef30fa7d0", 0x3d}], 0x1, 0x12, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x3, 0x0, 0x4, 0x0, 0x2, 0x0, 0x7fffffff], 0x80a0000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10m5.39177872s ago: executing program 4 (id=2572):
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
close(r0)
r1 = inotify_init1(0x800)
fcntl$setstatus(r0, 0x4, 0x2c00)
r2 = gettid()
fcntl$setown(r0, 0x8, r2)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8)
inotify_add_watch(r1, &(0x7f0000000180)='./control\x00', 0xa4000960)
rmdir(&(0x7f0000000100)='./control\x00')
openat$cgroup_ro(r0, 0x0, 0x0, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = syz_open_dev$usbfs(&(0x7f0000000240), 0xd, 0x101301)
ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r4, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)
bind$inet6(r3, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty, 0xffffffff}, 0x1c)
listen(r3, 0x0)
syz_extract_tcp_res(&(0x7f00000000c0)={0x41424344, <r5=>0x41424344}, 0x5, 0x1)
syz_emit_ethernet(0x4e, &(0x7f0000000300)={@local, @empty, @val={@void, {0x8100, 0x2, 0x0, 0x2}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, {[], {{0x0, 0x4e22, 0x41424344, r5, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000240)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "e5ff04", 0x18, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x1, 0x0, 0x200, {[@window={0x3, 0x3}]}}}}}}}}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x800001d, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newqdisc={0x54, 0x10, 0x1, 0x600, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8c0}, 0x0)

9m58.866259937s ago: executing program 4 (id=2582):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x10031, 0xffffffffffffffff, 0x65be1000)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040), 0x10)
listen(0xffffffffffffffff, 0x0)
socket(0x28, 0x5, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x1}, 0x4000004)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="780000001000010000000000000000000000000a44000000060a030000000000000000000f2d00000900010073797a30000000000900020073797a32000000001800048014000180090001007866726d0000000004000280140000001100010000000000000000000000000a"], 0x6c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
accept$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000240)=0x1c)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001e80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021181500001e0a05010000000000000000070000000900020073797a31000000000900010073797a3000000000ec140380300000802c000180250001007bb0c03ce8ed22d039cce454fd98ae614b08a9f3d4ddf1f742d55995afac076948000000b81400800c00054000000000000000000c00054000000000000000000c00044000000000000000000c00044000000000000000000600064019d20000240201802400028008000340000000000800034000000000080003400000000008000180000000003c00028008000340000000000800018000000000080003400000000008000340000000000900020073797a30000000000900020073797a310000000044000280080003400000000008000340000000010900020073797a32000000000800034000000000080003400000000108000340000000020900020073797a30000000003400028008000180000000000900020073797a310000000008000340000000000900020073797a320000000008000340000000000c0002800800034000000000400002800900020073797a310000000008000340000000000900020073797a32000000000900020073797a3200000000080001800000000008000180fffffffcfc000100789be1642f8430c460e8692a8f8c45aaf3118316539052ba181a60f03707ec8179fd143ed6c4db73977b77f68686d2ec94b25435ecec60f6ac23db96833cbf99779e33db32e62fe3a078933d3c1122022952988b9550db169ecb6e39fd8720a05d3eeb5d40a7ab91f9b5565dc2b48c9ac61eefd9d0aab86e58ea1940d2240a851dbeabcf0b6cefba164663ad87cbcdb6aa1468529d1206b1fa3aa39118b45ab882df7fb2c6e9c25a706f99002cc42ee9b894b4bbfe66ce8fa1038566ae3407d5c80e28dc3911476785933d1ef923697a44a9cd4271d539e2ecc14d37a5e2074116425f0766b49a6febf9f1b8405ee9de1363b262f1be2839a40101804c0002800900020073797a300000000008000340000000000900020073797a300000000008000180000000000900020073797a30000000000900020073797a3200000000080003400000000104000280380002800900020073797a300000000008000180000000000900020073797a320000000008000340000000000900020073797a32000000002400028008000180000000000900020073797a32000000000900020073797a3000000000f3000100a6117a78b9e48d6dd9ad86fc2c54547cbee98c24f4b972c82722771febf3e388f9b3907852ee4adbd95ca25deb487ac3d49d3716931979f6bbf2b8cdcc0bc37f27a54709a59c31c01c5544b11cb9c6ca800d7f23c3cc5237458188f26a04c78ad8dfd3b13e958558dc3b7f0f4cfc16c4fd23e11b25bd23b195b64166e0c3a8ab3ebbd2ead4abf745bcf4d4b0610521d7ec52023ed38c7f9fb1cbab6a9d87c96fd783ff63f9483766557291fcc41f17c423550c1e965a66e30631b271db96cccb68bf8c91656e894ef46a296974170da742b0d13d665f0f2e80d3590b3dc637851b6e7b0adc59ab874ce337a258bc4300080003400000"], 0x159c}}, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r5, 0x84, 0x17, &(0x7f0000000140)=ANY=[], 0xef)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r7, &(0x7f0000000180)=""/62, 0x3e)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x2, 0x0, 0x41000000}], 0x0)

9m55.038681186s ago: executing program 4 (id=2588):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x40000000, 0x3a6}, 0x0, 0x0)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
bind$alg(r0, &(0x7f00000007c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha512\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
recvmsg(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000080)=""/21, 0x15}, {&(0x7f0000000180)=""/135, 0x87}], 0x2}, 0x2020)
lseek(0xffffffffffffffff, 0xe, 0x4)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, &(0x7f0000000040))
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r3, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)={0x18, 0x1e, 0x505, 0x0, 0x0, "", [@typed={0x5, 0x12b, 0x0, 0x0, @binary='F'}]}, 0x18}], 0x1}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000580)='/proc/bus/input/devices\x00', 0x0, 0x0)
r5 = epoll_create(0x113f)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000400)={0x80000000})
write$binfmt_register(0xffffffffffffffff, &(0x7f0000027b40)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0xffffffffffffffff, 0x3a, '\xfc\xec\xd1\xcb\x9a\x964\xf4\xa2\x89v\x12\x11\fG\\x00#\x00f\xe1>8\x94\x02O\x9b\xfc\xe8\xffTioP6\xfa\x9b#\xc4H\xbf\'\x18\x89\xd1^a\xf6\xccrS\x1d\xd7\xc3\xcb9\x02\x00\x00\x00+\xb5\x81\xbe\xc4\v\xe2?\xa8\xc4\x9f\xd84\xdd\x84\xf7\xe4H\xeb1a=1\xf7\x99\x9a042\x15\xeb\xe1\xa7\x05\x8f\xc4\xc3\xd3da\xef>#\xb92\x82\x06\xbb\x19\xf6\x92\x83\\AU\x17\xbaf\xc7\xb7h\xf8\xd2\"\xce\xc8UB\xe5\xf3\xaa\x05Y\xc0\xe1\xe3\\\xc4K\xc2\x97\xb2\x10\x03\x14m=\xd8z,\x8dSo\x99H\x87Y|)\x82`R\xe1\xe5I\xbf}\x06\xb3\aD\xff\x10\x91\xc8\xc0^f\xc7\xb8j<K\x14B\xbcG\xf8\x02Q\xce\xd6\xfdi\x93\xbaT\xe3f\x01\x1c\b8jC5bi\x88h\x18\x92\xad\x16\xe0\xd2M[\x1f\xe3|\xc7\xd7\x06\x97\xba\xf2\x98\xe4G\xf9\xae?\xdaO\x94fn\xc1\x0e\xc4\xcei\xf4\xa8\xd7\xe5\xf9\x9f\x01W\xf5\xd2\xdc\xc4\xfd\xd9\x85\x15\x06\xef\x11\xef\t*\xc6\x88\xadxh\a\xa7\x9b\xd8;\xd6\x85K\xc6\vm\x10\x94\xe4\x94uk\x11\xba\xaaL\b8\xac4\xd3w\x1cP\xf8\x8bG(<\xe6\xd0\xb4\x0e\xbcQ\xc2\xc3\x030\xbc\xab\x8d\xe4\x05\x05E\bK\xd2\xf3\xb0\xbf1\xdc\xc1\x03t\xff\x94\x17', 0x3a, '/debus/usb/00#/00#\x00\x00\x00\'\xcc\xa0Xf\x88TJ|\xc2\xc0\x10\xf1\xbaqCn\xb5]3u\x0f\xf6v\xf6\xde\xe60\xc2\xc4\xd1K\xef\xffZ\a%xie\x1f\x00\x84\x1291\xd6\xac\xe2{\xab\xeb\x94b\xb3*\xe6\x97\xd5\x98\x17~\x91\xb6E`\xf5R\xd7\x1aT\r\x8b#LsK\xa4\xc7_\xc7\xef\xa9\xf7\x8a\x12\xcd\xc2\xac\x89N\xbf>N\x9a8\xab\xc6\x86\xab\xdbWyN', 0x3a, './file0'}, 0x1f5)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)

9m53.679975629s ago: executing program 4 (id=2591):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r1 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
mkdir(&(0x7f0000000140)='./control\x00', 0x5)
close(r1)
r2 = inotify_init1(0x800)
fcntl$setstatus(r1, 0x4, 0x2c00)
r3 = gettid()
fcntl$setown(r1, 0x8, r3)
rt_sigprocmask(0x0, 0x0, 0x0, 0x0)
rt_sigtimedwait(&(0x7f0000000040)={[0xffffffffffff7ff8]}, 0x0, 0x0, 0x8)
inotify_add_watch(r2, &(0x7f0000000180)='./control\x00', 0xa4000960)
rmdir(&(0x7f0000000100)='./control\x00')
openat$cgroup_ro(r1, 0x0, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000240), 0xd, 0x101301)
ioctl$USBDEVFS_IOCTL(r5, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r5, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)
bind$inet6(r4, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty, 0xffffffff}, 0x1c)
listen(r4, 0x0)
syz_extract_tcp_res(&(0x7f00000000c0)={0x41424344, <r6=>0x41424344}, 0x5, 0x1)
syz_emit_ethernet(0x4e, &(0x7f0000000300)={@local, @empty, @val={@void, {0x8100, 0x2, 0x0, 0x2}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @local, {[], {{0x0, 0x4e22, 0x41424344, r6, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000240)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "e5ff04", 0x18, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x1, 0x0, 0x200, {[@window={0x3, 0x3}]}}}}}}}}, 0x0)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000007c0)=@newqdisc={0x54, 0x10, 0x1, 0x600, 0x0, {0x0, 0x0, 0x0, 0x0, {0x9}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x0, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8c0}, 0x0)

9m49.211148399s ago: executing program 4 (id=2599):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000005c0)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61965b7e, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x6, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x7f, 0x0, 0x1], [0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x199, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3d4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000], [0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x100000, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000]}, 0x45c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
r2 = syz_open_dev$sndctrl(&(0x7f00000001c0), 0xffff, 0x84080)
ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r2, 0xc0505510, &(0x7f0000000240)={0x200001, 0x9, 0xd, 0x1, &(0x7f0000000a40)=[{}, {}, {}, {}, {}, {}, {}, {}, {}]})
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in=@loopback, 0x4e22, 0x0, 0x1, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x0, 0x0, 0x6}, 0x2253, 0x6e6bb0}, {{@in6=@local, 0x4d2, 0x6c}, 0x0, @in6=@private2}}, 0xe8)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWRULE={0x78, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_CT_DIRECTION={0x5}]}}}, {0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0xc}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0xa0}, 0x1, 0x0, 0x0, 0x840}, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSBRKP(r6, 0x5425, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TCSETSW2(r7, 0x5408, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "23f555d9adb42d4408020e90d1beaa82dc1ecf"})

9m45.516939263s ago: executing program 4 (id=2605):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/tcp6\x00')
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, 0x0, &(0x7f00000002c0))
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x89f0, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x20000000, '\x00', 0x0, 0x0}, 0x50)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe80"], 0x98}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x8, 0x3}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x7}, {}, {}, {}, {0x18, 0x8, 0x2, 0x0, r3}, {}, {0x46, 0x0, 0x0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x5, 0x0, 0xb, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r6, 0x0, 0x0}, 0x10)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
keyctl$update(0x2, 0x0, &(0x7f0000000000)="11868a0fceae284c00000001", 0xc)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x4004)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)

9m28.72713541s ago: executing program 35 (id=2605):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
syz_open_procfs(0x0, &(0x7f0000000180)='net/tcp6\x00')
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, 0x0, &(0x7f00000002c0))
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r1, 0x89f0, 0x0)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x20000000, '\x00', 0x0, 0x0}, 0x50)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="980000000001010400000000000000000a0000003c0001802c00018014000300fe80"], 0x98}}, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x8, 0x3}, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x7, 0x1, 0xb, 0x7, 0x8}, {0x7, 0x0, 0x0, 0x7}, {}, {}, {}, {0x18, 0x8, 0x2, 0x0, r3}, {}, {0x46, 0x0, 0x0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x5, 0x0, 0xb, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r6, 0x0, 0x0}, 0x10)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
keyctl$update(0x2, 0x0, &(0x7f0000000000)="11868a0fceae284c00000001", 0xc)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x4004)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600000, 0x600000, 0x3, &(0x7f0000a00000/0x600000)=nil)

5m13.039962611s ago: executing program 1 (id=2940):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x10031, 0xffffffffffffffff, 0x65be1000)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040), 0x10)
listen(0xffffffffffffffff, 0x0)
socket(0x28, 0x5, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x1}, 0x4000004)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="780000001000010000000000000000000000000a44000000060a030000000000000000000f2d00000900010073797a30000000000900020073797a32000000001800048014000180090001007866726d0000000004000280140000001100010000000000000000000000000a"], 0x6c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
accept$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000240)=0x1c)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001e80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021181500001e0a05010000000000000000070000000900020073797a31000000000900010073797a3000000000ec140380300000802c000180250001007bb0c03ce8ed22d039cce454fd98ae614b08a9f3d4ddf1f742d55995afac076948000000b81400800c00054000000000000000000c00054000000000000000000c00044000000000000000000c00044000000000000000000600064019d20000240201802400028008000340000000000800034000000000080003400000000008000180000000003c00028008000340000000000800018000000000080003400000000008000340000000000900020073797a30000000000900020073797a310000000044000280080003400000000008000340000000010900020073797a32000000000800034000000000080003400000000108000340000000020900020073797a30000000003400028008000180000000000900020073797a310000000008000340000000000900020073797a320000000008000340000000000c0002800800034000000000400002800900020073797a310000000008000340000000000900020073797a32000000000900020073797a3200000000080001800000000008000180fffffffcfc000100789be1642f8430c460e8692a8f8c45aaf3118316539052ba181a60f03707ec8179fd143ed6c4db73977b77f68686d2ec94b25435ecec60f6ac23db96833cbf99779e33db32e62fe3a078933d3c1122022952988b9550db169ecb6e39fd8720a05d3eeb5d40a7ab91f9b5565dc2b48c9ac61eefd9d0aab86e58ea1940d2240a851dbeabcf0b6cefba164663ad87cbcdb6aa1468529d1206b1fa3aa39118b45ab882df7fb2c6e9c25a706f99002cc42ee9b894b4bbfe66ce8fa1038566ae3407d5c80e28dc3911476785933d1ef923697a44a9cd4271d539e2ecc14d37a5e2074116425f0766b49a6febf9f1b8405ee9de1363b262f1be2839a40101804c0002800900020073797a300000000008000340000000000900020073797a300000000008000180000000000900020073797a30000000000900020073797a3200000000080003400000000104000280380002800900020073797a300000000008000180000000000900020073797a320000000008000340000000000900020073797a32000000002400028008000180000000000900020073797a32000000000900020073797a3000000000f3000100a6117a78b9e48d6dd9ad86fc2c54547cbee98c24f4b972c82722771febf3e388f9b3907852ee4adbd95ca25deb487ac3d49d3716931979f6bbf2b8cdcc0bc37f27a54709a59c31c01c5544b11cb9c6ca800d7f23c3cc5237458188f26a04c78ad8dfd3b13e958558dc3b7f0f4cfc16c4fd23e11b25bd23b195b64166e0c3a8ab3ebbd2ead4abf745bcf4d4b0610521d7ec52023ed38c7f9fb1cbab6a9d87c96fd783ff63f9483766557291fcc41f17c423550c1e965a66e30631b271db96cccb68bf8c91656e894ef46a296974170da742b0d13d665f0f2e80d3590b3dc637851b6e7b0adc59ab874ce337a258bc4300080003400000"], 0x159c}}, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r5, 0x84, 0x17, &(0x7f0000000140)=ANY=[], 0xef)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r7, &(0x7f0000000180)=""/62, 0x3e)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x2, 0x0, 0x41000000}], 0x0)

5m11.711221656s ago: executing program 1 (id=2942):
r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000300)={'syz', 0x1}, 0x0, 0x0, r0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @broadcast}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_submit(0x0, 0x0, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, 0x0, 0x0)
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
listen(r5, 0x0)
accept4$rose(r5, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x19, &(0x7f000001f700)={@broadcast, @remote, @val, {@mpls_uc={0x88a8, {[], @llc={@llc={0x0, 0x0, "0e"}}}}}}, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x6, 0x0)
mremap(&(0x7f00003c9000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f00001de000/0x2000)=nil)
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x2000, 0x1)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000a00)=@newlink={0x3c, 0x10, 0x503, 0x4000000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_PORT={0x6, 0x5, 0x4e20}]}}}]}, 0x3c}}, 0x20008040)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0xc00, 0x0)

5m7.600701604s ago: executing program 1 (id=2947):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f00000005c0)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x61965b7e, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x6, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x7f, 0x0, 0x1], [0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x199, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3d4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000], [0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x100000, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000]}, 0x45c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
r2 = syz_open_dev$sndctrl(&(0x7f00000001c0), 0xffff, 0x84080)
ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r2, 0xc0505510, &(0x7f0000000240)={0x200001, 0x9, 0xd, 0x1, &(0x7f0000000a40)=[{}, {}, {}, {}, {}, {}, {}, {}, {}]})
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in=@loopback, 0x4e22, 0x0, 0x1, 0x0, 0x2}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {0x0, 0x0, 0x0, 0x6}, 0x2253, 0x6e6bb0}, {{@in6=@local, 0x4d2, 0x6c}, 0x0, @in6=@private2}}, 0xe8)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_CT_DIRECTION={0x5}]}}}, {0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0xc}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0x94}, 0x1, 0x0, 0x0, 0x840}, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TCSBRKP(r6, 0x5425, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, 0x0)
ioctl$TCSETSW2(r7, 0x5408, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, "23f555d9adb42d4408020e90d1beaa82dc1ecf"})
ioctl$TIOCGPGRP(r6, 0x5437, 0x0)

5m4.155108842s ago: executing program 1 (id=2951):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x10031, 0xffffffffffffffff, 0x65be1000)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040), 0x10)
listen(0xffffffffffffffff, 0x0)
socket(0x28, 0x5, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x4000004)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="780000001000010000000000000000000000000a44000000060a030000000000000000000f2d00000900010073797a30000000000900020073797a32000000001800048014000180090001007866726d0000000004000280140000001100010000000000000000000000000a"], 0x6c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x1, 0xc, 0x0, &(0x7f0000000100)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x38, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={0x0, r2}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
accept$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000240)=0x1c)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001e80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021181500001e0a05010000000000000000070000000900020073797a31000000000900010073797a3000000000ec140380300000802c000180250001007bb0c03ce8ed22d039cce454fd98ae614b08a9f3d4ddf1f742d55995afac076948000000b81400800c00054000000000000000000c00054000000000000000000c00044000000000000000000c00044000000000000000000600064019d20000240201802400028008000340000000000800034000000000080003400000000008000180000000003c00028008000340000000000800018000000000080003400000000008000340000000000900020073797a30000000000900020073797a310000000044000280080003400000000008000340000000010900020073797a32000000000800034000000000080003400000000108000340000000020900020073797a30000000003400028008000180000000000900020073797a310000000008000340000000000900020073797a320000000008000340000000000c0002800800034000000000400002800900020073797a310000000008000340000000000900020073797a32000000000900020073797a3200000000080001800000000008000180fffffffcfc000100789be1642f8430c460e8692a8f8c45aaf3118316539052ba181a60f03707ec8179fd143ed6c4db73977b77f68686d2ec94b25435ecec60f6ac23db96833cbf99779e33db32e62fe3a078933d3c1122022952988b9550db169ecb6e39fd8720a05d3eeb5d40a7ab91f9b5565dc2b48c9ac61eefd9d0aab86e58ea1940d2240a851dbeabcf0b6cefba164663ad87cbcdb6aa1468529d1206b1fa3aa39118b45ab882df7fb2c6e9c25a706f99002cc42ee9b894b4bbfe66ce8fa1038566ae3407d5c80e28dc3911476785933d1ef923697a44a9cd4271d539e2ecc14d37a5e2074116425f0766b49a6febf9f1b8405ee9de1363b262f1be2839a40101804c0002800900020073797a300000000008000340000000000900020073797a300000000008000180000000000900020073797a30000000000900020073797a3200000000080003400000000104000280380002800900020073797a300000000008000180000000000900020073797a320000000008000340000000000900020073797a32000000002400028008000180000000000900020073797a32000000000900020073797a3000000000f3000100a6117a78b9e48d6dd9ad86fc2c54547cbee98c24f4b972c82722771febf3e388f9b3907852ee4adbd95ca25deb487ac3d49d3716931979f6bbf2b8cdcc0bc37f27a54709a59c31c01c5544b11cb9c6ca800d7f23c3cc5237458188f26a04c78ad8dfd3b13e958558dc3b7f0f4cfc16c4fd23e11b25bd23b195b64166e0c3a8ab3ebbd2ead4abf745bcf4d4b0610521d7ec52023ed38c7f9fb1cbab6a9d87c96fd783ff63f9483766557291fcc41f17c423550c1e965a66e30631b271db96cccb68bf8c91656e894ef46a296974170da742b0d13d665f0f2e80d3590b3dc637851b6e7b0adc59ab874ce337a258bc4300080003400000"], 0x159c}}, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r5, 0x84, 0x17, &(0x7f0000000140)=ANY=[], 0xef)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r7, &(0x7f0000000180)=""/62, 0x3e)
kexec_load(0x0, 0x1, &(0x7f0000000140)=[{0x0, 0x2, 0x0, 0x41000000}], 0x0)

5m0.886440518s ago: executing program 1 (id=2953):
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x181200, 0x0)
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_open_dev$dri(0x0, 0x1ff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0x70}, [@ldst={0x6, 0x0, 0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x48)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB], 0x48}}, 0x0)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000000180)="e4d79b3b828024b59aa49c257addff4e", 0x20)
getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0x21, 0x0, &(0x7f0000000140))
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r4, 0x104, 0x2, &(0x7f0000000040)=0x9, 0x4)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40010161, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000240)={&(0x7f0000000040)=[0x0], &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0], 0x1, 0x5, 0x4, 0x1})
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240), 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000000)={0x6, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000060000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000", @ANYRES32=r5, @ANYBLOB="0000000000000000b70500000800000085000000c500000095"], &(0x7f0000000640)='GPL\x00', 0x2, 0x86, &(0x7f0000000680)=""/134}, 0x94)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r0, 0xc02064a4, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x1, 0x3, 0x34b}, &(0x7f00000000c0), &(0x7f0000000080))

4m59.568119555s ago: executing program 1 (id=2957):
r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000300)={'syz', 0x1}, 0x0, 0x0, r0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @broadcast}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_submit(0x0, 0x0, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
listen(r5, 0x0)
accept4$rose(r5, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x19, &(0x7f000001f700)={@broadcast, @remote, @val, {@mpls_uc={0x88a8, {[], @llc={@llc={0x0, 0x0, "0e"}}}}}}, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x6, 0x0)
mremap(&(0x7f00003c9000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f00001de000/0x2000)=nil)
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x2000, 0x1)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000a00)=@newlink={0x3c, 0x10, 0x503, 0x4000000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_PORT={0x6, 0x5, 0x4e20}]}}}]}, 0x3c}}, 0x20008040)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
openat$drirender128(0xffffffffffffff9c, 0x0, 0xc00, 0x0)

4m44.301385276s ago: executing program 36 (id=2957):
r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
add_key$keyring(&(0x7f00000000c0), &(0x7f0000000300)={'syz', 0x1}, 0x0, 0x0, r0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @broadcast}, 0x10)
r2 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_submit(0x0, 0x0, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
listen(r5, 0x0)
accept4$rose(r5, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x19, &(0x7f000001f700)={@broadcast, @remote, @val, {@mpls_uc={0x88a8, {[], @llc={@llc={0x0, 0x0, "0e"}}}}}}, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0x9, 0x6, 0x0)
mremap(&(0x7f00003c9000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f00001de000/0x2000)=nil)
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x2000, 0x1)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000a00)=@newlink={0x3c, 0x10, 0x503, 0x4000000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14615}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_PORT={0x6, 0x5, 0x4e20}]}}}]}, 0x3c}}, 0x20008040)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
openat$dsp1(0xffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
openat$drirender128(0xffffffffffffff9c, 0x0, 0xc00, 0x0)

25.543941584s ago: executing program 6 (id=3660):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000f00), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_LIST(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1e, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20000000)
socket$kcm(0x10, 0x2, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x2)
socket$inet6_sctp(0xa, 0x801, 0x84)
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r7, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r6, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x334e8b})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r6, 0x3ba0, &(0x7f0000000080)={0x48, 0x7, 0xffffffffffffffff, 0x0, 0x10000, 0x0, 0x20002, 0x80195760, 0x1d3ed2, 0x8000000})

25.432346773s ago: executing program 0 (id=3663):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r0, 0xfffffffc)
socket$netlink(0x10, 0x3, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000031401002dbd7000000000000900020073797a30000000000800410073697700140033006c6f00000000000600000000000000"], 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x58, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
sendmsg$nl_route_sched(r5, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000540)=@delqdisc={0x24, 0x25, 0x300, 0x70bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff2}, {0x480bd72125a0c189, 0xa}, {0xffe0, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x880)
connect$inet(r4, &(0x7f0000001980)={0x2, 0x1, @loopback}, 0x10)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f00000000c0)='veno\x00', 0x5)
syz_open_procfs(0x0, &(0x7f0000000580)='net/tcp6\x00')
ioctl$VIDIOC_SUBDEV_G_EDID(0xffffffffffffffff, 0xc0285628, &(0x7f0000000080)={0x0, 0x1, 0x3, '\x00', &(0x7f0000000040)})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
socketpair(0x22, 0x80803, 0x0, &(0x7f0000000400))

23.866990791s ago: executing program 0 (id=3666):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000f00), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_LIST(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1e, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20000000)
socket$kcm(0x10, 0x2, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x2)
socket$inet6_sctp(0xa, 0x801, 0x84)
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r6, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r7, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r6, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r7, 0x0, <r8=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r6, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r8, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x334e8b})

23.549717815s ago: executing program 6 (id=3668):
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x240)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2, r0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket(0x2, 0x80805, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x15d74000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000380)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lc\x00', 0x4, 0x8, 0x77}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcd, 0x12d5f, 0x3}}, 0x44)
setsockopt$IP_VS_SO_SET_FLUSH(r3, 0x0, 0x485, 0x0, 0x0)
r7 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r7, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900})
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f0000000280)={0x3, 0x980900, 0x2eae0342ca72d7e8})
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc008561c, &(0x7f0000000000)={0x980900, 0x3, @name="51da06bc7338e17dfebb1580e15b95473b09f0d1fb8aa1e9959ef9dc00"})

22.616788449s ago: executing program 0 (id=3669):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000180)=[@in6={0xa, 0x4e20, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4}], 0x1c)
getpeername(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000018010000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11}, 0x94)
getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000100)=0x14)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000400)={r3, 0x5685, 0x1, 0x7})
r4 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r4, &(0x7f0000000040)="e2", 0x2250)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0xe, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xa1}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7b5f76a2}}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x1}]}, &(0x7f0000000080)='GPL\x00', 0x79ae, 0xe6, &(0x7f00000001c0)=""/230, 0x41100, 0x10, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x4, 0x5}, 0x8, 0x10, &(0x7f00000002c0)={0x1, 0x8, 0xffffffff, 0x4ecc}, 0x10, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000300)=[{0x5, 0x5, 0x5, 0x4}, {0x5, 0x3, 0x10, 0x9}], 0x10, 0x2}, 0x94)

21.368680128s ago: executing program 7 (id=3674):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x12, 0x6, 0x0, 0x0, 0x4, 0xeb, &(0x7f0000000080)=""/235, 0x0, 0x0, '\x00', 0x0, 0x13}, 0x94)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@mcast2={0xff, 0x5}, 0x40000200, 0x0, 0x1, 0x3, 0x4}, 0x2e)

21.362858322s ago: executing program 0 (id=3675):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000080)={<r2=>0x0}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x5, &(0x7f0000000200)={r2, @in6={{0xa, 0x4e23, 0x8000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xffffff81}}}, 0x84)
pread64(r0, &(0x7f0000004200)=""/236, 0xec, 0x0)
write$FUSE_INIT(r0, &(0x7f0000004300)={0x50, 0x0, r1}, 0x50)
r3 = add_key$user(&(0x7f0000002100), &(0x7f0000002180)={'syz', 0x1}, &(0x7f00000021c0)='b', 0x1, 0xfffffffffffffffe)
r4 = add_key$user(&(0x7f0000000040), &(0x7f0000002340)={'syz', 0x3}, &(0x7f0000000100)="370c099069effa43de3e1404db09b4ce1ef77bde4b371532dd16447c1b13403656c86711f6e750026f23029a50d44299c7bf5c78dc5efae2d041016160e8bef7b30c05e298aa9572540dd950307987eef2115e1bcf512bea3410ca5a9e9f827e4b13490dbbd4fc5a45e0738b959acafd2c12863045265bcbc2c9426ac3f614746b436fe86a72dc642dd67d970604a69b4f22cd0076beedc18056ab4bea4c825b69a7a77adcd5488684872b1bb9eb84586549e11b080468668e8fd0e52ce0705ae5", 0xc1, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000400)={r3, r4, r3}, &(0x7f0000000440)=""/183, 0xb7, &(0x7f00000003c0)={&(0x7f0000000340)={'sha224-generic\x00'}, &(0x7f0000000380)="708803449262ddb5bda92158536f78c390609a10de442b2c85a693afd7d8e5ffc37e1b3aebbdae8dc970f20781e971fc777714aa", 0x34})
mkdirat(0xffffffffffffff9c, &(0x7f0000004380)='./file0/file0\x00', 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/timer_list\x00', 0x0, 0x0)
lseek(r5, 0xc6c3, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f00000043c0)={0x29, 0x3, 0x0, {0x1, 0x8, 0x0, 'group_id'}}, 0x29)

21.147900185s ago: executing program 7 (id=3678):
r0 = socket$inet6(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000300)={'bond0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r4, 0x0, 0x19ee0}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_ALL_SLAVES_ACTIVE={0x5, 0x11, 0x1}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r7}, 0x10)
openat$ipvs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000000)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x5c, 0x10, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0xfffd, 0x4e20, 0x48, 0x0, @wg=@cookie={0x3, 0x0, "6d4dfdeb8cf7bbfe143803bec2ce783e04cd32308cdd8dde", "c71cb8adfce542a4bc5a026c208fd0c45787e4aa384e3d26b21ea41cc128364c"}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="180000000200000000"], 0x0}, 0x94)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000000000000000000b00000000020000000000"], 0x0, 0x34, 0x0, 0xa}, 0x28)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, r0, &(0x7f0000000c40)={0xf0006000})
setsockopt$inet6_mreq(r8, 0x29, 0x1b, &(0x7f0000000200)={@dev={0xfe, 0x80, '\x00', 0xfc}}, 0x14)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x1b, &(0x7f00000000c0)={@remote={0xfe, 0x80, '\x00', 0xffffffffffffffff}}, 0x20)
close(r8)
syz_usb_connect$uac1(0x0, 0x9b, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x89, 0x3, 0x1, 0x0, 0x0, 0x0, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0xe7, 0xb1}, [@extension_unit={0xa, 0x24, 0x8, 0x4, 0xf, 0x0, '\x00\x00\x00'}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0x9, 0x0, 0x6}, @format_type_i_continuous={0x8, 0x24, 0x2, 0x1, 0xff, 0x4, 0x0, 0xfd}, @format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x3, 0x3, 0x2, 0x7}]}, {{0x9, 0x5, 0x1, 0x9, 0x20, 0x9, 0x8, 0xa, {0x7, 0x25, 0x1, 0x80, 0x9, 0x8}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x0, 0x0, 0x5}]}, {{0x9, 0x5, 0x82, 0x9, 0x3e, 0x0, 0x5, 0x0, {0x7, 0x25, 0x1, 0x2, 0x3, 0x4}}}}}}}]}}, 0x0)

20.392485959s ago: executing program 8 (id=3681):
io_submit(0x0, 0x0, 0x0)
setsockopt$EBT_SO_SET_COUNTERS(0xffffffffffffffff, 0x0, 0x81, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
listen(r0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="18020000004000000000000000000000850000007a00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x4}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000740)=ANY=[@ANYRES32=r5, @ANYRES32=r4, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000500)={r5, &(0x7f00000003c0), &(0x7f00000004c0)=@tcp6=r0}, 0x20)
sendmmsg$inet6(r0, &(0x7f0000000b00)=[{{0x0, 0x700, 0x0}}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000ac0)="01", 0xfffffe9c}], 0x1}}], 0x2, 0x0)

20.283235221s ago: executing program 0 (id=3682):
bpf$MAP_CREATE(0x0, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x8}) (async)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0x0, 0x0, 0x8})
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
lsetxattr$security_smack_transmute(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0, 0x3)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_usb_connect(0x5, 0x3d7, &(0x7f0000000180)=ANY=[@ANYRESHEX=r3], 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x800, &(0x7f0000000300)={0x0, 0x109, 0x0, {r3}}, 0x20) (async)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x800, &(0x7f0000000300)={0x0, 0x109, 0x0, {r3}}, 0x20)
read$FUSE(0xffffffffffffffff, &(0x7f00000041c0)={0x2020, 0x0, 0x0, <r5=>0x0}, 0x2020)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90, 0x0, 0x0, {0x3, 0x0, 0x224, 0x5, 0x0, 0x100, {0x0, 0xfffffffffffffff2, 0x2000000020, 0xfffffffffffffffd, 0x80000000000, 0x0, 0x10, 0x4, 0x0, 0x8000, 0x2, r5}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
rename(0x0, &(0x7f00000000c0)='./file0/../file0/file0\x00')
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
syz_clone(0x400, 0x0, 0x0, 0x0, 0x0, 0x0)

19.290637763s ago: executing program 8 (id=3684):
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000340)={0xe, 0x3, {0x7, @struct={0x1, 0xd}, 0x0, 0x7db, 0x7, 0x4, 0x2, 0x9, 0x50, @struct={0x8761, 0x5}, 0x9, 0x49, [0x4, 0x0, 0x4, 0x2, 0x602, 0x8]}, {0x401, @struct={0x7ff, 0x7f}, 0x0, 0x5e, 0x2, 0x5, 0x8, 0x100000000, 0x6c, @struct={0x2, 0x9}, 0x7, 0x4, [0x4165, 0xd, 0x0, 0x6, 0xffffffffffffff19, 0x8]}, {0x1, @struct={0x2, 0x1}, 0x0, 0x8, 0x101, 0x0, 0x9, 0x6, 0x0, @struct={0x6, 0x9}, 0x0, 0x200, [0xe, 0x5, 0x200000000000000, 0x7, 0xffffffffffffffff, 0x55]}, {0x2, 0x0, 0x57fe}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20181, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x3000005, 0x6031, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0x2d, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYRES64=r1], &(0x7f0000000000)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000400)='netfs_rreq_ref\x00', r4, 0x0, 0x9}, 0x18)
r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r5}, 0x8)
close(r6)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0xff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000640)="0a001c008e9381064e81f7a2db44b9b545c7910006007c09", 0x18}], 0x1}, 0x40008c4)
r8 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r8, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r8, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e20004db0"], 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e3, &(0x7f0000000180)={r3, r7})
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x7fff, 0x0, 0xffffffffffffffff, 0xc}, 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x1a, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000005000000000000000200000218110000aa15d6dd968a2507bf17c2c38e757cfb6814db45fa0e7164d17203e779d7eb43e1e6133fb11225fa2a0d04d51cc848e15560371a720cd1728336e8883e279dc7384763ed2e6bee0a3f4301998b6b2c4d2a5fe9141e6285bd2abc9ec6b2e6c8caebd074b9612c7bb43bd569ee0c5ae4e85492f7ed079221421be3721cb9cf5c007d3f513c2702409a9931fde388d2d235d648", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000f65d0000850000000600000018110000", @ANYRES32=r9, @ANYBLOB="00000000000000008500000075000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xed41d0969ec4053c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r10}, 0x10)
mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x4000, 0x0, &(0x7f00001b4000/0x4000)=nil)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x48, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000640)=0x4)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0xf9, 0x3, 0x3, '\x00', 0x8})
syz_emit_ethernet(0x52, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa81000000ffff86dd604dd318001c0600fc020000000000000000000000000000fe8000000000000000000000000000aa00004001", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="70020000907800006102fe0676c9df40"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

19.086911724s ago: executing program 9 (id=3685):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000f00), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_LIST(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1e, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20000000)
socket$kcm(0x10, 0x2, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x2)
socket$inet6_sctp(0xa, 0x801, 0x84)
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r6, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r7, 0x0, <r8=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r6, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r8, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x334e8b})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r6, 0x3ba0, &(0x7f0000000080)={0x48, 0x7, r8, 0x0, 0x10000, 0x0, 0x20002, 0x80195760, 0x1d3ed2, 0x8000000})

18.358553656s ago: executing program 6 (id=3686):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000180)=[@in6={0xa, 0x4e20, 0x7, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4}], 0x1c)
getpeername(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000000000000850000008600000018010000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11}, 0x94)
getsockname$packet(0xffffffffffffffff, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000100)=0x14)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$HIDIOCGUSAGES(0xffffffffffffffff, 0xd01c4813, &(0x7f0000000240)={{0x3, 0x100, 0x5, 0xb7a4, 0x1, 0xffff}, 0x341, [0xc, 0x40, 0xcd6, 0x4, 0x6, 0x0, 0x3, 0x7, 0x9, 0x7a18fde9, 0x9, 0xf12, 0x4, 0x3, 0x378, 0x350bae1a, 0x4, 0x0, 0x1, 0xffff06bd, 0x0, 0xd4f, 0x7, 0xf2, 0x10, 0x5, 0x8, 0x10001, 0x401, 0x80000000, 0x2401, 0x3ca5, 0x1, 0x0, 0xff, 0x4, 0x4, 0x5, 0x0, 0x0, 0x40000000, 0x80000000, 0x7fff, 0x7, 0x3, 0xa, 0x0, 0x10000, 0x401, 0x8, 0xffff, 0x91ba, 0x7, 0x9, 0x1, 0xb6, 0x24, 0xcb, 0x5, 0x7f, 0x5, 0x311, 0x66d1, 0xfffffffd, 0xa7d6, 0xb6eb, 0xc74, 0x77, 0x1, 0xff, 0x5cb5, 0xfffffffe, 0x401, 0xedf4, 0x4, 0x1000, 0x6, 0xfffffffe, 0x8001, 0xc1, 0x1, 0x8, 0x1, 0x32, 0x98, 0x7f, 0x0, 0x401, 0x2, 0x2, 0x4680, 0x7, 0xe665, 0x3c6e, 0x3, 0x40, 0x80, 0x4b, 0x8000, 0x2, 0xb, 0x6, 0x4fa4, 0x80000002, 0x1, 0xb, 0x0, 0xfffffffa, 0x3, 0x9, 0xfd, 0x101, 0x4, 0x40, 0xa, 0x1b, 0x1ff, 0x7ff, 0x2, 0x80000000, 0xffff, 0x63ce1180, 0x0, 0x6, 0x2, 0x1, 0x3, 0xa0, 0xf, 0x1ff, 0x9, 0x7, 0x6, 0x400, 0x8, 0xff2, 0x6, 0x0, 0x6, 0x0, 0x9, 0x1, 0xf1a, 0x664, 0x4, 0x9, 0x9, 0x2, 0x4, 0xfffffffd, 0x10, 0x0, 0x9, 0x10000, 0x1, 0x9, 0xf7a, 0xc6, 0x1, 0x4, 0x6, 0xffffffff, 0x6, 0x10001, 0x8, 0x68, 0x7, 0x1, 0x5, 0x3, 0x9a3f, 0x400000, 0x0, 0x80000067, 0xffffff7e, 0x7, 0x10000000, 0x10001, 0x7, 0x3, 0x10, 0x10a, 0x2, 0x40, 0x1c, 0x80, 0xb5f8, 0x8bc, 0x3, 0x101, 0x5, 0x63, 0x4, 0x8001, 0x10, 0x1000, 0x288c, 0x1ffe, 0x73ee, 0x1, 0x5, 0x9, 0x7fffffff, 0x73, 0x7, 0x8, 0x6, 0x400, 0x40, 0x0, 0x0, 0x0, 0x546c, 0x981, 0x5aa, 0x7fff, 0x7, 0x1, 0x8, 0x6688, 0x45e3, 0x5, 0x7, 0x1, 0x5, 0x3, 0x0, 0x1, 0x2, 0xffffffff, 0x4, 0xce, 0xf, 0x0, 0x1, 0x667, 0x3, 0x0, 0x9, 0x9, 0x37d, 0x10001, 0xc, 0x1, 0x2, 0x2, 0x6, 0x4, 0x6, 0x1, 0x9, 0x6, 0xfffffffa, 0x2, 0x0, 0x9, 0x5, 0x2, 0x7, 0x3, 0xffffff1b, 0x9, 0x2, 0xd, 0x34ea, 0x10000, 0x0, 0x80000001, 0x8, 0x8000, 0x3a, 0x10, 0x8, 0x9, 0x5, 0x1, 0x6, 0x10001, 0x0, 0x4, 0x10000, 0x4, 0xffff, 0xe, 0x89, 0x2, 0x7, 0x1, 0x73, 0x3, 0x9, 0x4, 0x1, 0x9, 0x0, 0x8, 0x0, 0x2, 0x80000004, 0x29, 0x9, 0x0, 0x4, 0x4, 0x0, 0x1, 0x4, 0x5, 0x4, 0x10001, 0xf, 0x9, 0x100, 0x4, 0x59b, 0x7, 0x8, 0x9, 0x3, 0x2, 0x4, 0xbf, 0x0, 0x8, 0x40, 0xd3, 0x7, 0x1, 0x89aa, 0x8, 0x7, 0xf0ce, 0x4, 0x1, 0x0, 0x2, 0xc6, 0x1000, 0x1, 0x937, 0xa, 0x6, 0x3, 0xffffffff, 0x5, 0x9, 0x5, 0xffffffff, 0xbe, 0x4, 0x7, 0x0, 0xffffffff, 0x0, 0x3d6, 0x0, 0xc, 0x6, 0x7, 0xfffffeff, 0x4, 0x8002, 0x7fff, 0x101, 0x7, 0x6, 0x706, 0x2, 0x49, 0x10, 0xfffffff7, 0xfffff772, 0x8, 0x80000000, 0x6, 0x1, 0xa9c, 0x9, 0x9, 0x1, 0x2, 0x5, 0x1000, 0x5, 0x1ff, 0x9, 0x3, 0x3, 0x10001, 0xffff0000, 0xf, 0x1, 0xffffa5ba, 0xffffa9b4, 0x8, 0x4, 0x8000005, 0x3, 0x4b5f, 0x6, 0xa, 0xffffffff, 0x1, 0x80000000, 0xb, 0x0, 0xc8f, 0x1, 0x7, 0x8, 0x4, 0x10000, 0x57dc, 0x818a, 0x10, 0x8, 0x10, 0xfffffffc, 0xfffff001, 0xa, 0x5, 0x5, 0x4, 0xfff, 0x9, 0x10, 0xfffffffd, 0x4, 0xc2, 0x7f, 0x4, 0x2, 0x80000000, 0xd, 0x3, 0x1, 0x0, 0x5, 0xb6, 0x101, 0x401, 0x2, 0x7, 0xc, 0x6623258, 0xf2, 0x741, 0xae6, 0x9, 0xffffa0ae, 0x9, 0x6, 0x2, 0x8, 0x9, 0x1, 0x7f, 0x9a, 0x9, 0xb, 0x800, 0x4, 0x3ff, 0x5, 0x7, 0x7, 0x8, 0xfe, 0x7f, 0x9, 0x4, 0x2, 0x20000000, 0x2, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x0, 0x7, 0x8000001, 0x0, 0xfff, 0x101, 0x4, 0x0, 0x96c6, 0xc, 0x5, 0xfff, 0x100, 0xffff, 0x1, 0x401, 0xf0, 0x0, 0xfffff53d, 0x9, 0x2, 0x6, 0x0, 0x6, 0x4b15, 0x10000, 0x1, 0x9, 0x1, 0xd, 0x9, 0x4, 0xfffffe01, 0x1, 0x6, 0x0, 0x3, 0x10001, 0x1, 0x7, 0x1, 0x5, 0x8, 0xffffc487, 0x200, 0x10001, 0x37c, 0x7, 0x6, 0x6, 0x8, 0xfffffe00, 0x1, 0x1, 0x0, 0xe, 0x0, 0x3, 0x4, 0x80000000, 0xb46d, 0x3, 0x1000, 0x1eb4bce6, 0x10, 0x8, 0x1, 0x5, 0x5, 0x3, 0x9, 0x1000, 0x7, 0x62f2f805, 0x9, 0x3, 0xffffffff, 0x9, 0x7f, 0x6, 0x8, 0x40, 0x5, 0x2, 0xa, 0x5, 0x6, 0x80000000, 0x28, 0x8, 0x7, 0x7, 0x1, 0x5, 0x9, 0x6709, 0x80000001, 0x0, 0x80, 0x8, 0x6, 0x0, 0xa95a, 0xff, 0x5, 0x2, 0x2, 0x4, 0x10000, 0x80000001, 0x5, 0x1c00, 0x9, 0x0, 0xb7, 0x3, 0xff, 0x9, 0xffff, 0x80, 0xfea5, 0x7fff, 0x7, 0x7, 0x7, 0x7485, 0x9, 0x8, 0x0, 0x5, 0xf, 0x5, 0xe, 0x8, 0x1000, 0x3, 0x7, 0x382d, 0x459, 0xcad, 0x9, 0x0, 0x2, 0x9, 0x6, 0x20000a4, 0xe0, 0xfffffffb, 0x5, 0xffffffff, 0x2, 0x7, 0xa05a, 0x0, 0x0, 0x0, 0x35, 0x8, 0x1, 0x1, 0x30, 0xffffff7e, 0x1, 0x10001, 0x9, 0x3, 0x7, 0x8, 0x8, 0x4000, 0x1, 0x4, 0x15294b70, 0x3, 0x3, 0x2, 0x43, 0x3, 0x9, 0x5, 0x80000000, 0x9, 0x0, 0x5, 0x81, 0x1, 0x2, 0x3fd, 0x1df, 0x6, 0x6, 0xfffffffa, 0x1a, 0x9, 0x2, 0x9, 0x1, 0x9, 0x7, 0x2c1, 0x9e95, 0x2, 0xfffffedd, 0x30c8, 0x2, 0x38a0, 0x7b, 0x0, 0x8, 0x9, 0x6, 0x9, 0x9, 0x8, 0x5, 0x8, 0x1ff, 0x7fff, 0x3, 0x8000002, 0x8, 0x2b, 0x200006, 0x4, 0x7, 0x2, 0xfb4, 0xbf8, 0x7, 0x405, 0x6, 0x4, 0x8001, 0x9, 0x8, 0x3, 0x6ae574d2, 0x6, 0xfffffe00, 0x1000, 0x5, 0x92, 0x3, 0x7fffffff, 0xd7, 0x8001, 0x905, 0x3, 0x6, 0xfffffb31, 0xb, 0x4, 0x7, 0x8, 0x1, 0x6, 0x1, 0xff, 0x100, 0x8, 0x3, 0x6, 0x80000000, 0x0, 0x100a, 0x7fffffff, 0x7fff, 0x2, 0xfffffff8, 0x2, 0x9af, 0x10001, 0x8, 0x4, 0x8, 0x6, 0x7742348d, 0x5, 0x5, 0x1f, 0x40, 0x0, 0x6, 0x7fffffff, 0x7, 0x7, 0x8, 0x8000, 0x6, 0x2, 0x5, 0x6, 0x1, 0xb, 0xe, 0x5, 0x1, 0xfe7, 0xfffffffc, 0x8, 0x7ff, 0x3e9, 0x0, 0x3, 0x2000, 0xd, 0x3, 0x4, 0x3, 0x81, 0x8, 0x14, 0x8, 0x9, 0x6, 0xffff, 0xf28c, 0x7, 0x6, 0x4, 0x7fffffff, 0xffff, 0x7fffffff, 0xc9, 0x2, 0x0, 0x924, 0x6, 0x100, 0x1, 0x5, 0xffff351b, 0x8, 0xfffffffb, 0x7, 0x9, 0x2, 0x5, 0x4, 0x4, 0x4, 0xff, 0xee, 0x2, 0x4, 0x8, 0x9f, 0x7, 0x3, 0x9, 0xc9, 0x1, 0x1, 0x1, 0xfffffff7, 0x0, 0x5, 0x5, 0x6, 0x400, 0x51, 0x7, 0xefb, 0xb8, 0x8, 0x10000, 0xfffffff7, 0x7, 0x8, 0x5, 0x6330, 0x0, 0x6, 0xea, 0x0, 0xfff, 0x809, 0x6, 0x0, 0x6, 0xffff, 0xfffffffa, 0x3, 0x0, 0x1, 0x6, 0xfffffc00, 0x5, 0x7, 0x2ec, 0x9, 0x6, 0x3ff, 0x6, 0xfff, 0x0, 0xa7b, 0x62cc, 0xfffffff7, 0x7, 0x40, 0xa, 0x8, 0x3, 0xe, 0x1, 0x1, 0xc, 0x40, 0x3, 0x4, 0x5, 0x5, 0x7ff, 0x5, 0x8, 0x5, 0x3, 0x9, 0x2, 0x80000001, 0x54, 0x400, 0x1, 0x8, 0xa, 0x9, 0xc0, 0x3, 0x72, 0x80, 0x1000, 0x7, 0x800, 0x10, 0xd19, 0x3, 0x93c, 0x6, 0x0, 0x0, 0xe, 0x5, 0x3, 0xfffffffa, 0xa01, 0xf3, 0xffffff00, 0x8, 0xe, 0x3, 0x3ff, 0x5, 0x2, 0x6, 0xfffffff8, 0xffff, 0xfffffff9, 0x9, 0x5, 0x62, 0x8, 0x1, 0xfffffffb, 0x1af88, 0x2, 0x9, 0x7, 0x0, 0x7, 0x8, 0x10000, 0x40, 0x8, 0x7, 0x2b, 0x6, 0x10, 0x5, 0x200, 0x7fff, 0x6, 0x3, 0x8, 0x10, 0x4, 0x6, 0x633, 0xf05, 0x0, 0x101, 0x200, 0x7, 0x7ff, 0x0, 0x1, 0x1, 0x10000, 0x9, 0x40, 0x9, 0x0, 0x7f, 0x8, 0x6, 0xe, 0x3, 0x80000001, 0x0, 0x8, 0x8, 0x7, 0xdd, 0x8, 0x89, 0x0, 0x1ff, 0x1, 0x9, 0xe75, 0x400, 0x1, 0x8, 0x200, 0xe9ab, 0xfffffff8, 0x8000, 0x7, 0x2, 0x2, 0x43, 0x3ff, 0x8, 0x7, 0x9, 0x1, 0x6, 0x1007, 0xa, 0xf, 0xf39d, 0x71, 0xfff, 0x5, 0x8]})
r4 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
write$char_usb(r4, &(0x7f0000000040)="e2", 0x2250)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0xe, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xa1}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7b5f76a2}}, @btf_id={0x18, 0x7, 0x3, 0x0, 0x1}]}, &(0x7f0000000080)='GPL\x00', 0x79ae, 0xe6, &(0x7f00000001c0)=""/230, 0x41100, 0x10, '\x00', r2, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000140)={0x4, 0x5}, 0x8, 0x10, &(0x7f00000002c0)={0x1, 0x8, 0xffffffff, 0x4ecc}, 0x10, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000300)=[{0x5, 0x5, 0x5, 0x4}, {0x5, 0x3, 0x10, 0x9}], 0x10, 0x2}, 0x94)

18.052409707s ago: executing program 9 (id=3687):
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x9, 0x2)
r1 = openat$mixer(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r0)
ioctl$IOC_PR_RESERVE(r2, 0x401070c9, &(0x7f0000000a00)={0x4, 0x10001})

18.050476134s ago: executing program 7 (id=3688):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x12, 0x6, 0x0, 0x0, 0x4, 0xeb, &(0x7f0000000080)=""/235, 0x0, 0x0, '\x00', 0x0, 0x13}, 0x94)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@mcast2={0xff, 0x5}, 0x40000200, 0x0, 0x1, 0x3, 0x4}, 0x2e)

17.900450351s ago: executing program 9 (id=3689):
r0 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r1, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r1, 0x0, <r2=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r0, 0x3ba0, &(0x7f0000000080)={0x48, 0x7, r2, 0x0, 0x10000, 0x0, 0x20002, 0x80195760, 0x1d3ed2, 0x8000000})

17.900094361s ago: executing program 7 (id=3690):
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000340)={0xe, 0x3, {0x7, @struct={0x1, 0xd}, 0x0, 0x7db, 0x7, 0x4, 0x2, 0x9, 0x50, @struct={0x8761, 0x5}, 0x9, 0x49, [0x4, 0x0, 0x4, 0x2, 0x602, 0x8]}, {0x401, @struct={0x7ff, 0x7f}, 0x0, 0x5e, 0x2, 0x5, 0x8, 0x100000000, 0x6c, @struct={0x2, 0x9}, 0x7, 0x4, [0x4165, 0xd, 0x0, 0x6, 0xffffffffffffff19, 0x8]}, {0x1, @struct={0x2, 0x1}, 0x0, 0x8, 0x101, 0x0, 0x9, 0x6, 0x0, @struct={0x6, 0x9}, 0x0, 0x200, [0xe, 0x5, 0x200000000000000, 0x7, 0xffffffffffffffff, 0x55]}, {0x2, 0x0, 0x57fe}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20181, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x3000005, 0x6031, 0xffffffffffffffff, 0x0)
r3 = socket$kcm(0x2d, 0x2, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x18, 0x3, &(0x7f0000000280)=ANY=[@ANYRES64=r1], &(0x7f0000000000)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x1a}, 0x94)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000400)='netfs_rreq_ref\x00', r4, 0x0, 0x9}, 0x18)
r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r5}, 0x8)
close(r6)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18080000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f00000000c0)='syzkaller\x00', 0xff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000640)="0a001c008e9381064e81f7a2db44b9b545c7910006007c09", 0x18}], 0x1}, 0x40008c4)
r8 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r8, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r8, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030486dd601b8b97004d88c19e9ace5ffb2e9fc603dd282100000002ff02000000000000000000000000000104004e20004db0"], 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e3, &(0x7f0000000180)={r3, r7})
munmap(&(0x7f0000ffd000/0x1000)=nil, 0x1000)
r9 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x7fff, 0x0, 0xffffffffffffffff, 0xc}, 0x50)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x1a, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000005000000000000000200000218110000aa15d6dd968a2507bf17c2c38e757cfb6814db45fa0e7164d17203e779d7eb43e1e6133fb11225fa2a0d04d51cc848e15560371a720cd1728336e8883e279dc7384763ed2e6bee0a3f4301998b6b2c4d2a5fe9141e6285bd2abc9ec6b2e6c8caebd074b9612c7bb43bd569ee0c5ae4e85492f7ed079221421be3721cb9cf5c007d3f513c2702409a9931fde388d2d235d648", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000f65d0000850000000600000018110000", @ANYRES32=r9, @ANYBLOB="00000000000000008500000075000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xed41d0969ec4053c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r10}, 0x10)
mremap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x4000, 0x0, &(0x7f00001b4000/0x4000)=nil)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x48, 0x0, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r2, 0x4008ae93, &(0x7f0000000640)=0x4)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0xf9, 0x3, 0x3, '\x00', 0x8})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

17.897307776s ago: executing program 8 (id=3691):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
bind$llc(r0, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x54}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)

17.84135319s ago: executing program 9 (id=3692):
r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
bind$llc(r0, &(0x7f0000000040)={0x1a, 0x0, 0x0, 0x54}, 0x10) (fail_nth: 1)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)

17.811373812s ago: executing program 8 (id=3693):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000f00), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_LIST(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1e, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20000000)
socket$kcm(0x10, 0x2, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x2)
socket$inet6_sctp(0xa, 0x801, 0x84)
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r6, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r7, 0x0, <r8=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r6, 0x3ba0, &(0x7f0000000080)={0x48, 0x7, r8, 0x0, 0x10000, 0x0, 0x20002, 0x80195760, 0x1d3ed2, 0x8000000})

16.876184898s ago: executing program 0 (id=3694):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
rt_sigaction(0xb, &(0x7f0000000600)={0x0, 0x8000000, 0x0}, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x8, &(0x7f0000000700)) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a70000000060a0b04000000000000000002007fd21be23b05dc78a424f3c24028ef000044000480400001800e000100002c000280080004400000000008000340000000010800014000000002080005400000003a08000340000000010900010073797a30000000000900020073797a320000000054000000080a010200000000000000000500000a0c000640040000000000000108000a400000000108000940000000010900020073797a30000000000900010073797a31000000000c00064000000000000080001400000011"], 0xec}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r3=>0x0}) (rerun: 64)
syz_emit_ethernet(0x1017, &(0x7f00000002c0)={@local, @multicast, @void, {@llc={0x4, {@snap={0xfe, 0x154, "68e9", "0879bd", 0x86dd, "53d68fa7cfb1f3811efb244e0a35c092271acc7d0b5f30559226968e698e4dabcce8fdd6fe2f4c1ff45bfbfccb25b030eb9ee7280945abde3cfa7abb698fdb6466e98be0afeba16019eae5c2faf996d5b1d38f307d6afb24e5494a1d82031faac980a479ec10fccc45434a0b3df60f7f12ce5aff7c3d16921396525b31ed5a13d4d94f95a94a7591c9cea007869bbb86689f11ef6200a37bd80100134871fc5fa892025d72f5d3035dbc916cb1ff5e654a7f8921437772a089ceb3a7c950b5a927e314378c700b2f40b99854b1d3d299b1fecc8c1e3f30b80ae480ffffd10c6f295ce758722e7ccf1aa5acbb45e091231b73594b5b99543b18350d1f0d2c18ae38e46fec1a55a766ad3edb0a331c7750a9f4d4051fbdb6fc6731b1642192bb1ab139c7698a081aa976d872915d0c3abcd2c27e83cd42f80f8d80b38083c30650b9bafceda00354c257699916faf0a46748b1cea392cc12e6c85a905cc42c123e176702d25b2bd12529547c43b06ca7e880259bb9c9097427e4d0bf29d2f657dbe9b218fff470cb2c275ed71b0971e40ace227c358fa227e0cef49bec3d54abc5f562e2ad5f72a7de143c2aa2ab6ea194fa65ddd92efe59c52804379730e446bb9df9731906fe19f5b048c8ec32bdfe497fe1dd9e6fb4f17d949cac3b08b79143686330326601cc9033b8617023655522de685a81aefd728fcbc8722297ac3e9a2f94c2f14e9e84eff59ace34ae7e688da47bd9a1030c5fc497f24dabb580c432adddc9d52eab8751b51fb8e075f81aa97115af03beda3594aab94f426a0132515edb27131e7e16751326eb399664b2fe3f21a43f9bfb0cce7f0999a0afd063f73dd8589d54864e30e1eda89b9284bf3958e3e50e328c80634cbfe3e5d1fd1874d07efc9ae815296883dfcd8b4f82274379d0da2244a04f0726a21941aae5d64af459022b20300340cab4b796e6d4295d9984935f185a968d275f5aada6cb186b159fdecae92acb9e087210758e3f64588af7f9f0561c902d8b02a4fad98cd1d223cf7686e9e445bb4c35a332d7c43df9e379539332097ca49133cba9e120c5fdb5e1c6cc778201d04c5d342421f611891ab9b60568c13f0ebda941988564279070b8b365110f3ba07e3046fe7e881976317a69e8155e639136361eb8b181674305586d22323aa94f3956749423fb254dc4b72782ac73b92faa2046f965ae13ebe2ae0dbf954361ba0c5b13cdbd27210deb12dd775a0b82b5619251ca2e4e9f70731f4d6f174c35f63cbf5140f20cb9eb364e01cadce124b6e9365f504e56d2e0fe75be7b269962a671c0b913314e4c1efbc2fc95f83216cb9a5b117bc2f81241c49c57ef8be980c0e1a4a20a1a4db39890b058a8d45e52af6ec89ce26be61a4d0ba3f6ed612149b88b631ead6cbe979ff59f04052910c514afe721e087838a335cc527b206dae890e1bbd6771783b4c06292baf4cad04829d583f4640867b2af828ed3bc0382b6f0578595745583ada7714e572219038dd03d2a6c4fb50fcb81d962acd0e9e1ee974997a7421e06a446ac5fd91c1fa5c97517ac790c41619654e286a875213162aeca7955f577ce3cb766bb4f11cbf508f9ac5a06c94e8159cfeab5e70b22e15c38d41a73c6c348f7108522230b4a4de1e0b08b02bc42245d18c75e621f48f35737ddd56ff6b501541102a3b55a763268e2b00b6069e395468af65360511b4763f7b943f7a4ff81326b24aaaa8a7b0c4dcc80c58a740732c284168d4b41bdfdc7d58f3c54eb64922a931ee5c53b8eb029705ba5a4c89242088bf8f8cb24362c5190c9667e08b5b1e023b8f0253f0d9d6710f03b697c4330efca5f415da41f956e519ce5f883a46cc03ca67c7f2ad994af42f3fb806f002656d176e7d541065fbed905e05d4313f309affb2df6dfda66867fcb15408862e3035927722b519e217515d24cd09a0353eab10e988c1137603f1f580b11da599f5ead701a20612107958629f358855268f88b49539dfc698672926ef3d324482a8cfd68f3445545f49c1a37252025b8677222cfeee00e930123015724ced5a5c8ed36c010624a9dd8ec753dc4d91d9005a2319cd4cbbb5c9efcc48a0a0e25f29ef2a58b7119c2d7b0038a8bd1057c80c11df9d218572823e2b4b10cef8ca24136732809dc61ecd5f0579b3014b8d616df61044ef58dc4574df8ebecdae24000c8f2a5bf0fdfb1298d5d49b4934683caf6c87f7ab7e931027145dd1938c7636abebacbdf9d6ae04b224d3aa611a9ec2d98c64b717bedfe51cc736ec127c1e5c69e26667423dffcb9c2f7673ba18c580c17a366ece166f621e64b4b98c7b1d902b5026d3fe1549093ee5196a5ed7f675e0747cffbc83c3a65aed8d3b195420e941de9d1edf52487de581dbc2a1536f12bec70385c420f64fa0f6ab4c7b03262864ebc55a97864023ff5b0ed7bad1946a3e18053f110222e3fa5d199cf448e279fead48ce783e0ee9db9d6d1dffdd1d16eeaae78c8af7d640fb890b3158d8e48a1ded9e45734389f1b7a1a92867be541a4954875ccbf36d71e3dd307a6907d9c6b5d695857af47a80cba45b12ee37ee1c23233174f6a9a5abd775add0e3f074db58d7adf0cc6f9a72fca47d4196d242cf69452d8b1a5d8f8907592a8e04bd93b2f3524bf433ca0242ba25c3cd53f2f7696a7c1de569a63ed9921d2e7a2a41ed088fbe103a74985858c9037e730914b5546c3f2a8e9be0b2e2442304491265c808db4d8bdb7d109439a2388ddb30ed856019ecce5fee3d5feed64d7e8d16b9e98d42f4597ab8893ae8670253d01984a35b57100caed35899c637f1508f98c8773e5028ff16d12714335d52cfa8c28c9e08f97751de085804975104b44c5b22219fbfae7166b0d05c258acd3c7d936b346af1400a9d33843cba13f7b71b654518a0a91cc09862e09d4af0bb211cc80ae0da10d8f052c236aa446097fcfbc3d097180b5d8bf89692c710ac001e6af14bb880fd3864df864ee1c89e47b54c3a610656269bd5bb41291ade9e711c2bc9821f01b903972b4d001f772248e4817b780303e884c81ee354b8c7af76b877ae828e9c7517b5cbb907b88f7d16e511ff8f5b514008fd245539f5750717dd7553a128a1954ff4939a5cf5b0f0e92490575f39ff428044109dedf8ec0e5cb138a5ec3abaf78953279117eb494d1bbbe04b3724debb7df3fac42c51d8ab415bbf579f3e57a2cd28bb9aa4dd7f20da8dd90ce375efe79696213040c5ea292cc755afba34d066c3344587b72ffd1c2609a780b9839956b69aa21373a83c1512cf71ecf9af56c8ae5bd19a85c497981a482555aa74ef7769976890c11075d1dda5ecd8d0e785c2f2da06e06cd3b299b7416733e5d5c66e8b7de8230040996a37602d0a9e8b5fbabdf891aebeab0ebbcefb8533a358d4d84e89121fc790db2b7d5bd2c9699436372a09bec888f0803d5d57ac68236dd7742318822b438ab533fa688bf4324eb4a66d940771e4c30cde31a5d222f7641c03d134286d9c9fbfd6c4a678935ec8a47b6065adc6ccb79b093cd6eb8a92f4ca6917b3d7cfe970b44ccb8ec4f5008b810dd60c9feb770ea5fbbf8a7e152fa819953ea895cc2ede7fa7aeb5cec692439fccb5f6746e802fac2797b9ee0f894787d4c03deccec29f870f6ff6233c2404eab953657dfabd39d02d6592683a64280f7fb7b53d08bec921fa57b30ab1e3b37e66d9379fb09568617a861a010efa70973434698ad73c926e7fd634d4d27840c7167918b16c6fca54912152c572133f246c7b466b824bf9abb9dcebb380247d79bdc8a14b48ca0c016328792fa360819f83b31290519fa9ac904bb858f820a46b1fd8f29ed10d0c18fce936a2ecfa9875507c18d5309cc3517dea6d7f6441f91d2fab0c71388d03b1f8cb4621f09652a129338f49027f846701b1a4757e093f69d22ed36cdf8878fdcb31dd8e544061db99fafa61d9e0fc15cdd924ee1f3dc13d5999d232f2c1dfdf58dc3f1d1df081961010d68462677c3df8e8d06fda4a444f1137e7cf04ba0bec92cb40415a5102b058ad5e299a5c85e5218914f9f778cbdadc98734fd1d62dfa0c8820bfee27d3ab14fcfa77d0768f819e41ebc9cb43dad76a6879f141f739ae94898db58e6611a78da11b3c25149bdf7750934fcf216a07d2c85cd0f156e391b5f202316e0503f4d34531421c693fdddf190542008ae644925dca02fd25424363d1b2fc3ecdf712e69db125af11a676505d063131784a4333591dc793eb9b7f20796f9112bd26d16ba8bd1c48c9683f3f549e1f9b94dc99db22f247d2030fb1b4696e1ca8dbe0a38cfab0feb05a3dace833bdc1b0a2f508392e027c569cedca5763bb57d58359c50e8db24fcf9271b6940f54d26be6a4fcf675ce9d4119f2856acfc45b02cf04bd56c50fa7b8856e58a821804551e5e20096653d3990a9028194abf72a299f825109753e3f7eb055d598c246f74231b790510b7168f80022a729583ffb5302cbbf97985548b3e18e391e8abcb9e99340cafae31f15f96ef4c94519c8ddb3e720e9bf87f5559fba78ddf9790cb42521736ace1ae4e1d774caba63f92a144c71222a88fbe8a14f8f93c21998a685648f850d8c0f4f2d85697637a7b312785470acb6ce79b490039d97455c0c2cefb59036d49a1cf405e644dacb57a88441701d34504cfdc343d77bbf900d6cb2563d4d46f08c7f89820bcc732a862ee6aacc592855745203430919ee5ba4b4d31f99de9079700b0efaccd3447a71ea315568ce97ce3075bec11cd57104471f4532544228e6dc3a31ef202173398a85afd485b3b18c0b90d7072a9cced06ab99a0667eaccebeaebb830f15e9fbea1d7df64e7d3c7c7b1378fd3c0743e2b8ff9c80a359751dce78f6759f2bfce10f46edc071aec53a978490cb9728f4416426a03b0467fc1fd8222d7d73bbdb485562a38fadbf8cc8867c882c568670668fc5fb2e55827488c82f2ed2a98793e285b975e34fb762712bea74b64322148ed983af2d199be787f7f1b5aa5e6e72f5d475e3d9af4c9850a29db5f007f1622a9e45cfa84cc6651c6be06f0c07929bf1371b068e11424602d8e3da52893a232d3779c502813169c5bae8219972e94890ec51455f5dcc0a00c122d2757b4250283df1ff9ccea356862f122cd80d42c97356da52bfe1e44e5a5d18d28f2496dce6b6d484760878abbeaaa0e0d2da40857164416017f99b1bfdb79ad2b87c3731533cdf6aa4b4b8cd0ce3d7fd4d0fdc2f998fb5454cad94a44b8a1f7272fef5118763284b42decfcfcea0eb582ad527510d8c239942d5fd8d0db72c062568781835d47ad118b2c83992d83d9218ac59b1e2fb13c5b15f823d6e024e84b910c26b25cb3084147c83c4111f5cdcd44d326fa8df75108b6c8caa838077460ea606fc518d6540262bc682453150ebd368549d096a31e7146f5fe80dab296a830501cebc8bc1845cd60a931fc3ccd5b3a9219e9da869a14a4a8bfcd6ad553222d24c5e9d50af1f41b8603954a1916330d9c9ef06a3c635179da1e95a550c476a50c83cc94a21ffb694b553572256b0f34bebc88548a43e303b9afd0304cbd4106378263fbdb2725ab4e3a3b2fe68897f85b17fd871dff4c1319d35b0143fc40f1a67ec730a83086a90d023120e2e3d65751528aa2fbe26939e1ae78f87ad5ccad4a21557b925c4ffc182cc4cbb72af163a5274035351712096ef45b4a6513bcf1fef3b69e29793690ad5a00ce6f9c423e40da37b6cb8f0f5c242bd5b96b02873"}}}}}, 0x0) (async)
sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="110c2dbd7000fedbdf256800000008000300", @ANYRES32=r3, @ANYBLOB="3000c70001020177"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) (async)
r4 = accept$unix(0xffffffffffffffff, &(0x7f0000002e40)=@abs, &(0x7f0000002ec0)=0x6e) (async)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r5) (async, rerun: 64)
sendmsg$NLBL_CIPSOV4_C_ADD(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001380)={0x9c, 0x0, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CIPSOV4_A_MLSCATLST={0x74, 0xc, 0x0, 0x1, [{0x4c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x14ff09f2}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x598d2ab3}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x24bcaa36}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2e807965}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4027b85d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x48450d86}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x24cea5b8}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x182a954e}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7149}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x56b1}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc681}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1ed84781}]}]}]}, 0x9c}}, 0x0) (rerun: 64)
connect$unix(r4, &(0x7f0000002f00)=@abs={0x1, 0x0, 0x4e21}, 0x6e) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000001300), 0xa0000, 0x0) (rerun: 32)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000001340)={'vxcan1\x00'}) (async)
r8 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)
r9 = fsmount(r8, 0x0, 0x1)
getsockopt$inet6_buf(r9, 0x29, 0x23, &(0x7f0000002c00)=""/251, &(0x7f0000003100)=0xfb)
fchdir(r9)
r10 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r10, &(0x7f00000002c0)={0x1, 0x5}, 0x2) (async, rerun: 32)
write$USERIO_CMD_REGISTER(r10, &(0x7f00000000c0), 0x2) (async, rerun: 32)
read(r10, &(0x7f00000001c0)=""/93, 0x5d) (async)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) (async)
openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x8042, 0x0) (async)
sendmsg$NL80211_CMD_NEW_STATION(r6, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c13e3034890b5936b0eca9c978e97ce9800002aeabfc0455e", @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf25130000000500190001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x890)

16.828640876s ago: executing program 6 (id=3695):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x101142, 0x0)
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2) (async, rerun: 32)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (rerun: 32)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000000180)={'wpan0\x00', <r2=>0x0}) (async, rerun: 64)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 64)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/stat\x00')
getdents(r4, &(0x7f0000000240)=""/24, 0x18) (async, rerun: 32)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r3) (async, rerun: 32)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$IEEE802154_LLSEC_ADD_DEV(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x1c, r5, 0x852dd6c070cd7e4d, 0x0, 0x25dfdbfb, {}, [@IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r2}]}, 0x1c}, 0x4, 0x700000000000000}, 0x8850)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1}) (async)
ioctl$vim2m_VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000040)={0x2})
close(0x4) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0xe, &(0x7f0000001540)=ANY=[@ANYBLOB="b7020000f53f6314bfa300000000000024020000fffeff7f7a0300fef0ffffff79a4f0ff00000000b7060000ffffffff2e64050000000000750afaff07cd02020404000000247d60b7030000030a00006a0a00fe0000000c850000008b000000b70000000000002995000000000000001da5ad3548ebb63d18c5071c7e821c9b767ac8308fbcd5c5e4a5ad1065b572c2c9ff215ac60c2ceaea4c0ec908abb6e7325ec1956bd8660bf3664148a2c96752fe2bb328dff1a15750ab9a780001000000000000d4bf20c2bd152d814f01f2cd519e078d4ffab418e4682b2aec5e4a35629e8ef040c50287c37a7f4182f32333b08c6e497687e10a4daea5cac0ceafdbb126eb02a1f5104d16ddb64963d84d91814cd5817e0b8f6f5e6ee7a39e180b5a18ed786b782ab1321ea5e82ae5ba2c42a5e23ea6253d5df768d0cb9f35e4f41a6211e52bb3598e9b5d4f22d8c19f958e8b34de35949a7a48ce18799ee53da177a81ea65e652c1d71b7ee86a75b0100000042127a8f84538a9a311c757f7169f006f3f5c95177fbd0b14b36259e2905ef911785c88a16aae46084d676d8ef8aa6ecc2d32e3f4ee367c5a769c0a606636c9f4a4413c098f4fcc96623b7c373b0ef04d55b846b094bf97e2ef5987b6e09a6a7cab79bffda141f65e7d9ebe3be70c436432b70a80cce69df30d3d67d84ccf3f9db9b690111de2ddc4b153c989ef100bbf76063d3f6ffffb73d70e9c3d7b90aecf48e7565efff2dbbb512218c98442406333c890923a797e00b75481739952fe87fde27ce81893f54ec0ea8e792414f639bc9ce1fea3f6ac0d7025759d4b45576c205c70631e8ad585951950e521f4e210b6494e3c52d927195737945cc03d5668483151710de246420a1b6c55b73876a6ed7fd0d9338923789a1edcd8043fe83919088383268324a25df14010c8ed6b8d43400eaa00ff9bc46e1cfecbdc0e451ac53b409d04544d3a7edd4d447d2fb431e226ae182b8dcc86fe09b404e0b7c723d3b19c3dc382fa91fb0fb8f9f3f13296bb1758b24aad0922091d49e2bc408a5a37deee7a60b903d2d9fe9d451cafcc8dc389671c2d08b6e264150a6b9445b00cee4585af04fa69e0380be0d66649dcf3bf8a906b029faca75ce34c41aec7aa86e596119109ea8b3f7c65c902499227c087301643baab1c95bb22cedd913b22dcaa197ccc34586dc50bd9f4628e3e77a0de32e356521df06f995cb57f97052fc4158250ccecfb67ea8faf509593fadc7eafb613327b052397af1ede94d87590ce90a0a7579766f0e5eb09d38ac46e99e7ec4fcd3cb0b1a8c531724d5ef6b334803cedaa9cedf16dc3af6e0b67f62a83a256474c97c925d9d447175b535c87dbdeb0dcca5303eed6689ea91e1665c691df736368dde47e6672e93a314c5f60e7b68c2242bd0f0d8c66449d8687dcf2d0f76668b2b9bf8b32b99b7daf34b2d825d192ade90a1162acfe9749d516d014cef5f99126324ea02baea5808c430985749901b09e4902a6f5addc0103756b894418e4591c624a9b206abbfb888d413d923b0d7c9d997d6d8e64787c4d397f57a15b6e0b4212b6cb55b9c207bbe08f483b1bea05f41b9a1d3af087047c568ae6ebfc0bb5ec10b6290dc757a4903a88fb2c035b2349b6d2f0c051b8b7718384eebd5fc19928cea713ff09e179c308fbe9bd64374d96ef2447a2a4af5ca0c39e7ca2e801e57560a55e9cfa095cf3f74398219ad1030a79517a88de7596429a20793e12616aa32b3e720c6521fbe93963e9536d16f3db211fca7dd99c0a0125ff8ef534b93dcb34e1da2c008a9f2a29e30823bf0ec3639cadaf9be9608358e1e5ab17eea477b1754f78f45468c9568471667f82f5e250b979b9f2bd0d1b6bc03d11811ac6eec9a3ecd9e3c3299ee5eb3c6cac8fbd06514b7ee743ece79c04566d02a08fd5fcabbab3d129c0cced3ce11dafa380700000000000000c114d0b423e64c6157fac5e4e2168f33541daeff9983d0e488a78bef538f870b84798272b2101e0abf1cd64500b79e01e11d727389653bd80a39d5bbe2e23d2f5ff10047423429981bd9b4ce680e174c266391e3e7689452654e5cd5ada6e025327a1942b5a068f15fa58eaa267d4e0881783dddbdd777f8be0824ffdf6d06c621880dbbe9534f15e8c2e364d3ec67deb6ab9f2a0f03212972dbd38500000008173553a67be48633103809eee0be51d67d7ce230b389607b4c3b18da1c48f3180f2e0d79e54565fdd9a099b5b5ba2761905b88b7cbfc39c35dd153609da3da263438f12769602c2195245ff83e249119d4f6cabfbdef84ada19ef4a67ed66d7043036515d0be5a231f99e71aba5d5ae04676eff3e85f0844c41bbcfde7a931d1ec55c01f703bfd1b97756bfe55a91f6b379f34a018906339771157c66dbd7471d1beec7f029ef552cf5e92a1a0db21b59355763967ce26a577bc514b6d22a09c385c5ba6caf524e1688fc0f29f8bb35ae7bc8eb5ba51aebdf7d972c3267cedbe77ed70d9c539bc455a6f88b39196c8a224b0acf4d796fea59a07baa34cc270fb096ef330fbebdf872d7d0bc4f9a963355c554abc5cdb91464faabcd09cd9a53f5d1b2ea7e96f428f7cd6735c19c61dc9942d30bf29ef85ed01c2fcd6060aa40eeff971477b4fde48507b7bad95a496540adff7e4a72fd1f94d7c703ab1525c946c54e0da3d7ebfcc8cea2e84c3b310aaea5a1627df898c00a9aaf2d88a36afa4c5b1816384310600001c33125ad7f7970beeb256aec06e39fc6c66544e1d1dc5fea4b68a82e3568ca30aea9a1d097f06f11dc362f4bae5ef57c67686a15855cd351bf26f40fb1348cfce79897682228e6d9643530c81bab27bf7b1c4a76a5be180bb830cf06827c3f38a9c9c580c732c30aaceda78b0297de35a922b1375b129655beb31899e26052cc216f832fdb0a0015f93c9cff77f59cda1ec5f3e358848756cebb074266a47e39ae26e80e8c65aaf73c24925458520a9ca98760d1005c9f81846459ae6d5baa4f02807939ddc29c3520f7c58ed9bc5a569c7a1bc33cf4f330a18276ffb4550b9166c3939e8041094bec034aa0ec6638b74fe34f0f1ec6903a1135808d5d8d26c9203c3f87e66c407b7c5c0888d4558dd657cc0213efad68e76fdd7b23e68064fd4b271ed79c50abacdd2871b0c1f8c971df59a5a1901ddf804bed43e391f882d2a45c51cdbba86b2a1b7c0c4923642a731ea4dcbad2b6ebbebe787a8e28e781d75beee924b3b1e390750f316648133922c021f98fd2d5d71a7a3679397ef6cf432837b7e264831ec01c4c3146ba0caac3b13d55945ec00e978a1c1712cd51187936200606c9cd6877b2f72125295c54721f8e15df2ae282a8becb99a726fd92acc92141e1f574b4b0b3c992a61af3372d0d9217776b1a42cd2cee816a70bf1ddd69b590d53e28ba356e74b38e23e50d898e95cdc7cc809e462c884b53f672aab1411ecfd4c91e7a9782fc6763f0efd4bcbaf1fc3a00000000000000000000000000000000500000000000000000000000048e510340087caf22439d5304bd704a6a78a512269a9b1cbd13bea78c807bbc73853ae187cbb768673e9d1bf74a3b0a6c234accd8506adf314f4c5e08174540b69d3c0da660052b43b86baf49e7ac64d9c21598b1e01dc1e1b5a53626b090496dbf7af441e397016c3c094d5c91ffe0a7ceacfd225ed9a6c905f79ad7052747dd6cceef4c310e0e935311118bc6bf0e5ca6c7cca7d5c03be570308da8a40578b4db14961fbccf6e2f2d56e9509c434126515b56d032e20c12e830d1bc64826fc9b318da5911e466878dbb81edeff69363fb75af5cd80536f14d2eaa7764db23acdbd394bbbbccfd8b129258bb0a93cee1d44f8665172c06933d20f184b78b435462c52a85149451ffd564c56a7cbf11a1127c77242915e43b2bc"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x200000, 0x10, &(0x7f0000000000), 0x143}, 0x48)

16.782356064s ago: executing program 8 (id=3696):
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x240)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2, r0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = socket(0x2, 0x80805, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x15d74000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000380)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lc\x00', 0x4, 0x8, 0x77}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcd, 0x12d5f, 0x3}}, 0x44)
setsockopt$IP_VS_SO_SET_FLUSH(r3, 0x0, 0x485, 0x0, 0x0)
r7 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r7, 0x4020565a, &(0x7f00000000c0)={0x3, 0x980900})
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f0000000280)={0x3, 0x980900, 0x2eae0342ca72d7e8})
ioctl$VIDIOC_QUERYMENU(0xffffffffffffffff, 0xc008561c, &(0x7f0000000000)={0x980900, 0x3, @name="51da06bc7338e17dfebb1580e15b95473b09f0d1fb8aa1e9959ef9dc00"})

16.716190929s ago: executing program 9 (id=3697):
socket$alg(0x26, 0x5, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
recvmsg(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000080)=""/21, 0x15}, {&(0x7f0000000180)=""/135, 0x87}], 0x2}, 0x2020)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)={0x10, 0x1e, 0x505}, 0x10}], 0x1}, 0x0)

16.528511859s ago: executing program 6 (id=3698):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000f00), 0xffffffffffffffff)
sendmsg$NLBL_CIPSOV4_C_LIST(0xffffffffffffffff, &(0x7f00000011c0)={0x0, 0x0, &(0x7f0000001180)={0x0}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
ioctl$KVM_SET_GSI_ROUTING(0xffffffffffffffff, 0x4008ae6a, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1e, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20000000)
socket$kcm(0x10, 0x2, 0x0)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x2)
socket$inet6_sctp(0xa, 0x801, 0x84)
r4 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r4, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc)
r5 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r5, &(0x7f0000000000)={0x10, 0x0, 0x2ddfdbff, 0x2ffffffff}, 0xc)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r6, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r7, 0x0, <r8=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r6, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r8, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x334e8b})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r6, 0x3ba0, &(0x7f0000000080)={0x48, 0x7, r8, 0x0, 0x10000, 0x0, 0x20002, 0x80195760, 0x1d3ed2, 0x8000000})

16.487268151s ago: executing program 7 (id=3699):
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x9, 0x2)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f00000009c0), 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r0)
ioctl$IOC_PR_RESERVE(r2, 0x401070c9, 0x0)

15.587557146s ago: executing program 7 (id=3700):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000002c0)=@o_path={&(0x7f00000001c0)='./file0\x00', 0x0, 0x2030, r0}, 0x18)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000003580)={0x2, 0x4e21, @dev}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000100), 0x4)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
ioctl$sock_netrom_SIOCADDRT(r2, 0x8918, 0x0)
r3 = gettid()
tkill(r3, 0x11)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000300)={0x7, 0x2f12e6e3, {0xffffffffffffffff}, {0xee00}, 0x1, 0x7})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NL80211_CMD_NEW_KEY(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x0)
ioctl$sock_SIOCBRDELBR(r8, 0x89a2, &(0x7f0000000000)='bridge0\x00')
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_SERVICE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaabb00006a9ce7f386dd6040000000140600fc000000000000000000000000000003fe8000000000000000000000000000aa4e204e21c2f16f938d8fc96e54181c930ab4b95f5c880e4e30591bc3adbe29f57110d969d570e79a5627ff2e814667ec768b84828c8d5b3cf2ec2d2d3433b6efca794e1af7c76473076743b5b45cae3fbc69ecb5e06c71eff916cc807e253dacfda4e06201e21c384d905dec1ef7b7c1c3e97e89d2f0e2da845df6201c32a49331c2ce08b782a1fbcd0363d68c5f6e7915190000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="51c2000990780005"], 0x0)
setsockopt$IPT_SO_SET_REPLACE(r7, 0x4000000000000, 0x40, &(0x7f0000000600)=@raw={'raw\x00', 0x2, 0x3, 0x2f8, 0x0, 0x0, 0x160, 0x160, 0x62020048, 0x260, 0x260, 0x260, 0x260, 0x260, 0x3, 0x0, {[{{@ip={@loopback=0x7f008e04, @local, 0x0, 0x0, 'vlan0\x00', 'geneve1\x00'}, 0xb003, 0x130, 0x160, 0x8, {0xf400000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'bm\x00', "4bc74c01d6369df17d17ac76fa5f9b3bfa0c34430d864040bc25b2b73a59aa2acab6b1d2cc05060feb70b5bc8c2d4ba3a94a2d2393e3182f64695d7d05fb478c8f56627a5cf905d564eeeb83ff0150ca0f3c44f7fda4d20a05050342ea9685ecc8838e049f1f2e2d081ddda375bb7008adc297a5ece1bb2df53d17bef26bb6f8", 0x5a}}]}, @common=@unspec=@CONNMARK={0x30}}, {{@uncond, 0x0, 0x98, 0x100, 0x0, {}, [@common=@ttl={{0x28}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98, 0x0, {0xed030000}}, {0x28, '\x00', 0x4}}}}, 0x3a4)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000340)={{0x1, 0x1, 0x18, r0, {0xffffffffffffffff}}, './file0\x00'})
socket$inet_mptcp(0x2, 0x1, 0x106)

13.886749563s ago: executing program 6 (id=3701):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x12, 0x6, 0x0, &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x13}, 0x94)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000000)={@mcast2={0xff, 0x5}, 0x40000200, 0x0, 0x1, 0x3, 0x4}, 0x2e)

10.191339887s ago: executing program 9 (id=3702):
r0 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r1, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r1, 0x0, <r2=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r0, 0x3ba0, &(0x7f0000000080)={0x48, 0x7, r2, 0x0, 0x10000, 0x0, 0x20002, 0x80195760, 0x1d3ed2, 0x8000000})

3.918969654s ago: executing program 8 (id=3703):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x22042, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socket(0x10, 0x3, 0x0)
socket$alg(0x26, 0x5, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0xc0200, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000240)={0x10000001})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000040)={0x9, 0x1, {0xffffffffffffffff}, {0xee00}, 0x8001, 0xffffffff})
r3 = add_key$user(&(0x7f0000000180), &(0x7f0000000340)={'syz', 0x0}, &(0x7f0000000480)='.', 0x1, 0xfffffffffffffffd)
r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xf1, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f00000000c0)={r3, r4, r3}, &(0x7f00000001c0)=""/241, 0xf1, &(0x7f0000000000)={&(0x7f0000000140)={'rmd160\x00'}})
r5 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000000c0)={0x1, 0x2, 0x1, 0x0, 0x2})
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, 0x0, &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r6, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r7 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r7, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={0x20, 0xd, 0x701, 0x0, 0x0, {0x8}, [@typed={0xffffffffffffff41, 0x2, 0x0, 0x0, @str='\al80211\x00'}]}, 0x20}}, 0x0)
recvmmsg(r8, &(0x7f0000001b40)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)=""/189, 0xbd}, {&(0x7f00000003c0)=""/152, 0x98}, {&(0x7f0000000480)=""/4096, 0x1000}], 0x3}}], 0x7, 0x0, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000040)=0x1)
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000080)=0x2)
r9 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r9, 0x40000000af01, 0x0)

0s ago: executing program 37 (id=3694):
r0 = socket$nl_generic(0x10, 0x3, 0x10) (async)
rt_sigaction(0xb, &(0x7f0000000600)={0x0, 0x8000000, 0x0}, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x8, &(0x7f0000000700)) (async)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a70000000060a0b04000000000000000002007fd21be23b05dc78a424f3c24028ef000044000480400001800e000100002c000280080004400000000008000340000000010800014000000002080005400000003a08000340000000010900010073797a30000000000900020073797a320000000054000000080a010200000000000000000500000a0c000640040000000000000108000a400000000108000940000000010900020073797a30000000000900010073797a31000000000c00064000000000000080001400000011"], 0xec}, 0x1, 0x0, 0x0, 0x800}, 0x0)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r0) (async, rerun: 64)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000140)={'wlan0\x00', <r3=>0x0}) (rerun: 64)
syz_emit_ethernet(0x1017, &(0x7f00000002c0)={@local, @multicast, @void, {@llc={0x4, {@snap={0xfe, 0x154, "68e9", "0879bd", 0x86dd, "53d68fa7cfb1f3811efb244e0a35c092271acc7d0b5f30559226968e698e4dabcce8fdd6fe2f4c1ff45bfbfccb25b030eb9ee7280945abde3cfa7abb698fdb6466e98be0afeba16019eae5c2faf996d5b1d38f307d6afb24e5494a1d82031faac980a479ec10fccc45434a0b3df60f7f12ce5aff7c3d16921396525b31ed5a13d4d94f95a94a7591c9cea007869bbb86689f11ef6200a37bd80100134871fc5fa892025d72f5d3035dbc916cb1ff5e654a7f8921437772a089ceb3a7c950b5a927e314378c700b2f40b99854b1d3d299b1fecc8c1e3f30b80ae480ffffd10c6f295ce758722e7ccf1aa5acbb45e091231b73594b5b99543b18350d1f0d2c18ae38e46fec1a55a766ad3edb0a331c7750a9f4d4051fbdb6fc6731b1642192bb1ab139c7698a081aa976d872915d0c3abcd2c27e83cd42f80f8d80b38083c30650b9bafceda00354c257699916faf0a46748b1cea392cc12e6c85a905cc42c123e176702d25b2bd12529547c43b06ca7e880259bb9c9097427e4d0bf29d2f657dbe9b218fff470cb2c275ed71b0971e40ace227c358fa227e0cef49bec3d54abc5f562e2ad5f72a7de143c2aa2ab6ea194fa65ddd92efe59c52804379730e446bb9df9731906fe19f5b048c8ec32bdfe497fe1dd9e6fb4f17d949cac3b08b79143686330326601cc9033b8617023655522de685a81aefd728fcbc8722297ac3e9a2f94c2f14e9e84eff59ace34ae7e688da47bd9a1030c5fc497f24dabb580c432adddc9d52eab8751b51fb8e075f81aa97115af03beda3594aab94f426a0132515edb27131e7e16751326eb399664b2fe3f21a43f9bfb0cce7f0999a0afd063f73dd8589d54864e30e1eda89b9284bf3958e3e50e328c80634cbfe3e5d1fd1874d07efc9ae815296883dfcd8b4f82274379d0da2244a04f0726a21941aae5d64af459022b20300340cab4b796e6d4295d9984935f185a968d275f5aada6cb186b159fdecae92acb9e087210758e3f64588af7f9f0561c902d8b02a4fad98cd1d223cf7686e9e445bb4c35a332d7c43df9e379539332097ca49133cba9e120c5fdb5e1c6cc778201d04c5d342421f611891ab9b60568c13f0ebda941988564279070b8b365110f3ba07e3046fe7e881976317a69e8155e639136361eb8b181674305586d22323aa94f3956749423fb254dc4b72782ac73b92faa2046f965ae13ebe2ae0dbf954361ba0c5b13cdbd27210deb12dd775a0b82b5619251ca2e4e9f70731f4d6f174c35f63cbf5140f20cb9eb364e01cadce124b6e9365f504e56d2e0fe75be7b269962a671c0b913314e4c1efbc2fc95f83216cb9a5b117bc2f81241c49c57ef8be980c0e1a4a20a1a4db39890b058a8d45e52af6ec89ce26be61a4d0ba3f6ed612149b88b631ead6cbe979ff59f04052910c514afe721e087838a335cc527b206dae890e1bbd6771783b4c06292baf4cad04829d583f4640867b2af828ed3bc0382b6f0578595745583ada7714e572219038dd03d2a6c4fb50fcb81d962acd0e9e1ee974997a7421e06a446ac5fd91c1fa5c97517ac790c41619654e286a875213162aeca7955f577ce3cb766bb4f11cbf508f9ac5a06c94e8159cfeab5e70b22e15c38d41a73c6c348f7108522230b4a4de1e0b08b02bc42245d18c75e621f48f35737ddd56ff6b501541102a3b55a763268e2b00b6069e395468af65360511b4763f7b943f7a4ff81326b24aaaa8a7b0c4dcc80c58a740732c284168d4b41bdfdc7d58f3c54eb64922a931ee5c53b8eb029705ba5a4c89242088bf8f8cb24362c5190c9667e08b5b1e023b8f0253f0d9d6710f03b697c4330efca5f415da41f956e519ce5f883a46cc03ca67c7f2ad994af42f3fb806f002656d176e7d541065fbed905e05d4313f309affb2df6dfda66867fcb15408862e3035927722b519e217515d24cd09a0353eab10e988c1137603f1f580b11da599f5ead701a20612107958629f358855268f88b49539dfc698672926ef3d324482a8cfd68f3445545f49c1a37252025b8677222cfeee00e930123015724ced5a5c8ed36c010624a9dd8ec753dc4d91d9005a2319cd4cbbb5c9efcc48a0a0e25f29ef2a58b7119c2d7b0038a8bd1057c80c11df9d218572823e2b4b10cef8ca24136732809dc61ecd5f0579b3014b8d616df61044ef58dc4574df8ebecdae24000c8f2a5bf0fdfb1298d5d49b4934683caf6c87f7ab7e931027145dd1938c7636abebacbdf9d6ae04b224d3aa611a9ec2d98c64b717bedfe51cc736ec127c1e5c69e26667423dffcb9c2f7673ba18c580c17a366ece166f621e64b4b98c7b1d902b5026d3fe1549093ee5196a5ed7f675e0747cffbc83c3a65aed8d3b195420e941de9d1edf52487de581dbc2a1536f12bec70385c420f64fa0f6ab4c7b03262864ebc55a97864023ff5b0ed7bad1946a3e18053f110222e3fa5d199cf448e279fead48ce783e0ee9db9d6d1dffdd1d16eeaae78c8af7d640fb890b3158d8e48a1ded9e45734389f1b7a1a92867be541a4954875ccbf36d71e3dd307a6907d9c6b5d695857af47a80cba45b12ee37ee1c23233174f6a9a5abd775add0e3f074db58d7adf0cc6f9a72fca47d4196d242cf69452d8b1a5d8f8907592a8e04bd93b2f3524bf433ca0242ba25c3cd53f2f7696a7c1de569a63ed9921d2e7a2a41ed088fbe103a74985858c9037e730914b5546c3f2a8e9be0b2e2442304491265c808db4d8bdb7d109439a2388ddb30ed856019ecce5fee3d5feed64d7e8d16b9e98d42f4597ab8893ae8670253d01984a35b57100caed35899c637f1508f98c8773e5028ff16d12714335d52cfa8c28c9e08f97751de085804975104b44c5b22219fbfae7166b0d05c258acd3c7d936b346af1400a9d33843cba13f7b71b654518a0a91cc09862e09d4af0bb211cc80ae0da10d8f052c236aa446097fcfbc3d097180b5d8bf89692c710ac001e6af14bb880fd3864df864ee1c89e47b54c3a610656269bd5bb41291ade9e711c2bc9821f01b903972b4d001f772248e4817b780303e884c81ee354b8c7af76b877ae828e9c7517b5cbb907b88f7d16e511ff8f5b514008fd245539f5750717dd7553a128a1954ff4939a5cf5b0f0e92490575f39ff428044109dedf8ec0e5cb138a5ec3abaf78953279117eb494d1bbbe04b3724debb7df3fac42c51d8ab415bbf579f3e57a2cd28bb9aa4dd7f20da8dd90ce375efe79696213040c5ea292cc755afba34d066c3344587b72ffd1c2609a780b9839956b69aa21373a83c1512cf71ecf9af56c8ae5bd19a85c497981a482555aa74ef7769976890c11075d1dda5ecd8d0e785c2f2da06e06cd3b299b7416733e5d5c66e8b7de8230040996a37602d0a9e8b5fbabdf891aebeab0ebbcefb8533a358d4d84e89121fc790db2b7d5bd2c9699436372a09bec888f0803d5d57ac68236dd7742318822b438ab533fa688bf4324eb4a66d940771e4c30cde31a5d222f7641c03d134286d9c9fbfd6c4a678935ec8a47b6065adc6ccb79b093cd6eb8a92f4ca6917b3d7cfe970b44ccb8ec4f5008b810dd60c9feb770ea5fbbf8a7e152fa819953ea895cc2ede7fa7aeb5cec692439fccb5f6746e802fac2797b9ee0f894787d4c03deccec29f870f6ff6233c2404eab953657dfabd39d02d6592683a64280f7fb7b53d08bec921fa57b30ab1e3b37e66d9379fb09568617a861a010efa70973434698ad73c926e7fd634d4d27840c7167918b16c6fca54912152c572133f246c7b466b824bf9abb9dcebb380247d79bdc8a14b48ca0c016328792fa360819f83b31290519fa9ac904bb858f820a46b1fd8f29ed10d0c18fce936a2ecfa9875507c18d5309cc3517dea6d7f6441f91d2fab0c71388d03b1f8cb4621f09652a129338f49027f846701b1a4757e093f69d22ed36cdf8878fdcb31dd8e544061db99fafa61d9e0fc15cdd924ee1f3dc13d5999d232f2c1dfdf58dc3f1d1df081961010d68462677c3df8e8d06fda4a444f1137e7cf04ba0bec92cb40415a5102b058ad5e299a5c85e5218914f9f778cbdadc98734fd1d62dfa0c8820bfee27d3ab14fcfa77d0768f819e41ebc9cb43dad76a6879f141f739ae94898db58e6611a78da11b3c25149bdf7750934fcf216a07d2c85cd0f156e391b5f202316e0503f4d34531421c693fdddf190542008ae644925dca02fd25424363d1b2fc3ecdf712e69db125af11a676505d063131784a4333591dc793eb9b7f20796f9112bd26d16ba8bd1c48c9683f3f549e1f9b94dc99db22f247d2030fb1b4696e1ca8dbe0a38cfab0feb05a3dace833bdc1b0a2f508392e027c569cedca5763bb57d58359c50e8db24fcf9271b6940f54d26be6a4fcf675ce9d4119f2856acfc45b02cf04bd56c50fa7b8856e58a821804551e5e20096653d3990a9028194abf72a299f825109753e3f7eb055d598c246f74231b790510b7168f80022a729583ffb5302cbbf97985548b3e18e391e8abcb9e99340cafae31f15f96ef4c94519c8ddb3e720e9bf87f5559fba78ddf9790cb42521736ace1ae4e1d774caba63f92a144c71222a88fbe8a14f8f93c21998a685648f850d8c0f4f2d85697637a7b312785470acb6ce79b490039d97455c0c2cefb59036d49a1cf405e644dacb57a88441701d34504cfdc343d77bbf900d6cb2563d4d46f08c7f89820bcc732a862ee6aacc592855745203430919ee5ba4b4d31f99de9079700b0efaccd3447a71ea315568ce97ce3075bec11cd57104471f4532544228e6dc3a31ef202173398a85afd485b3b18c0b90d7072a9cced06ab99a0667eaccebeaebb830f15e9fbea1d7df64e7d3c7c7b1378fd3c0743e2b8ff9c80a359751dce78f6759f2bfce10f46edc071aec53a978490cb9728f4416426a03b0467fc1fd8222d7d73bbdb485562a38fadbf8cc8867c882c568670668fc5fb2e55827488c82f2ed2a98793e285b975e34fb762712bea74b64322148ed983af2d199be787f7f1b5aa5e6e72f5d475e3d9af4c9850a29db5f007f1622a9e45cfa84cc6651c6be06f0c07929bf1371b068e11424602d8e3da52893a232d3779c502813169c5bae8219972e94890ec51455f5dcc0a00c122d2757b4250283df1ff9ccea356862f122cd80d42c97356da52bfe1e44e5a5d18d28f2496dce6b6d484760878abbeaaa0e0d2da40857164416017f99b1bfdb79ad2b87c3731533cdf6aa4b4b8cd0ce3d7fd4d0fdc2f998fb5454cad94a44b8a1f7272fef5118763284b42decfcfcea0eb582ad527510d8c239942d5fd8d0db72c062568781835d47ad118b2c83992d83d9218ac59b1e2fb13c5b15f823d6e024e84b910c26b25cb3084147c83c4111f5cdcd44d326fa8df75108b6c8caa838077460ea606fc518d6540262bc682453150ebd368549d096a31e7146f5fe80dab296a830501cebc8bc1845cd60a931fc3ccd5b3a9219e9da869a14a4a8bfcd6ad553222d24c5e9d50af1f41b8603954a1916330d9c9ef06a3c635179da1e95a550c476a50c83cc94a21ffb694b553572256b0f34bebc88548a43e303b9afd0304cbd4106378263fbdb2725ab4e3a3b2fe68897f85b17fd871dff4c1319d35b0143fc40f1a67ec730a83086a90d023120e2e3d65751528aa2fbe26939e1ae78f87ad5ccad4a21557b925c4ffc182cc4cbb72af163a5274035351712096ef45b4a6513bcf1fef3b69e29793690ad5a00ce6f9c423e40da37b6cb8f0f5c242bd5b96b02873"}}}}}, 0x0) (async)
sendmsg$NL80211_CMD_SET_QOS_MAP(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="110c2dbd7000fedbdf256800000008000300", @ANYRES32=r3, @ANYBLOB="3000c70001020177"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x8000) (async)
r4 = accept$unix(0xffffffffffffffff, &(0x7f0000002e40)=@abs, &(0x7f0000002ec0)=0x6e) (async)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r5) (async, rerun: 64)
sendmsg$NLBL_CIPSOV4_C_ADD(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001380)={0x9c, 0x0, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x3}, @NLBL_CIPSOV4_A_MLSCATLST={0x74, 0xc, 0x0, 0x1, [{0x4c, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x14ff09f2}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x598d2ab3}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x24bcaa36}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x2e807965}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x8}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x4027b85d}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x48450d86}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x24cea5b8}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x182a954e}]}, {0x24, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x7149}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x56b1}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0xc681}, @NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0x9, 0x1ed84781}]}]}]}, 0x9c}}, 0x0) (rerun: 64)
connect$unix(r4, &(0x7f0000002f00)=@abs={0x1, 0x0, 0x4e21}, 0x6e) (async)
r6 = socket$nl_generic(0x10, 0x3, 0x10) (async, rerun: 32)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000001300), 0xa0000, 0x0) (rerun: 32)
ioctl$TUNSETIFF(r7, 0x400454ca, &(0x7f0000001340)={'vxcan1\x00'}) (async)
r8 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)
r9 = fsmount(r8, 0x0, 0x1)
getsockopt$inet6_buf(r9, 0x29, 0x23, &(0x7f0000002c00)=""/251, &(0x7f0000003100)=0xfb)
fchdir(r9)
r10 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r10, &(0x7f00000002c0)={0x1, 0x5}, 0x2) (async, rerun: 32)
write$USERIO_CMD_REGISTER(r10, &(0x7f00000000c0), 0x2) (async, rerun: 32)
read(r10, &(0x7f00000001c0)=""/93, 0x5d) (async)
open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) (async)
openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x8042, 0x0) (async)
sendmsg$NL80211_CMD_NEW_STATION(r6, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c13e3034890b5936b0eca9c978e97ce9800002aeabfc0455e", @ANYRES16=r2, @ANYBLOB="01002bbd7000fcdbdf25130000000500190001000000"], 0x1c}, 0x1, 0x0, 0x0, 0x80}, 0x890)

kernel console output (not intermixed with test programs):

erface
[ 1825.028634][   T77] bond0 (unregistering): Released all slaves
[ 1825.049182][T18807] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1825.061857][T18807] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1825.094816][T18807] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1825.109124][T18807] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1825.116496][T18807] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1825.143741][T18807] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1825.155065][T12898] Bluetooth: hci5: command tx timeout
[ 1826.116784][T18525] veth0_vlan: entered promiscuous mode
[ 1826.420004][   T77] hsr_slave_0: left promiscuous mode
[ 1826.446878][   T77] hsr_slave_1: left promiscuous mode
[ 1827.160387][   T77] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1827.197403][   T77] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1828.665909][   T77] team0 (unregistering): Port device team_slave_1 removed
[ 1828.718594][   T77] team0 (unregistering): Port device team_slave_0 removed
[ 1830.886307][T18807] hsr_slave_0: entered promiscuous mode
[ 1830.903836][T18807] hsr_slave_1: entered promiscuous mode
[ 1830.924017][T18807] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1830.938328][T18807] Cannot create hsr debugfs directory
[ 1830.954137][T18525] veth1_vlan: entered promiscuous mode
[ 1831.723095][T18525] veth0_macvtap: entered promiscuous mode
[ 1832.145754][T18525] veth1_macvtap: entered promiscuous mode
[ 1834.503271][T18807] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1834.516216][T18807] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1834.527841][T18807] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1834.541026][T18807] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1834.684155][T18807] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1834.710320][T18807] 8021q: adding VLAN 0 to HW filter on device team0
[ 1834.723883][T15175] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1834.731059][T15175] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1834.746659][T15698] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1834.753837][T15698] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1834.882018][T18961] FAULT_INJECTION: forcing a failure.
[ 1834.882018][T18961] name failslab, interval 1, probability 0, space 0, times 1
[ 1834.905180][T18961] CPU: 0 UID: 0 PID: 18961 Comm: syz.6.3206 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1834.905209][T18961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1834.905223][T18961] Call Trace:
[ 1834.905234][T18961]  <TASK>
[ 1834.905244][T18961]  dump_stack_lvl+0x189/0x250
[ 1834.905419][T18961]  ? __pfx____ratelimit+0x10/0x10
[ 1834.905522][T18961]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1834.905542][T18961]  ? __pfx__printk+0x10/0x10
[ 1834.905571][T18961]  ? __pfx___might_resched+0x10/0x10
[ 1834.905610][T18961]  ? fs_reclaim_acquire+0x7d/0x100
[ 1834.905688][T18961]  should_fail_ex+0x414/0x560
[ 1834.905801][T18961]  should_failslab+0xa8/0x100
[ 1834.905878][T18961]  __kmalloc_noprof+0xcb/0x4f0
[ 1834.905926][T18961]  ? kfree+0x4d/0x440
[ 1834.905948][T18961]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1834.906020][T18961]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1834.906044][T18961]  ? tomoyo_domain+0xda/0x130
[ 1834.906077][T18961]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1834.906124][T18961]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1834.906151][T18961]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1834.906192][T18961]  ? __lock_acquire+0xab9/0xd20
[ 1834.906240][T18961]  ? __fget_files+0x2a/0x420
[ 1834.906292][T18961]  ? __fget_files+0x2a/0x420
[ 1834.906307][T18961]  ? __fget_files+0x3a0/0x420
[ 1834.906321][T18961]  ? __fget_files+0x2a/0x420
[ 1834.906342][T18961]  security_file_ioctl+0xcb/0x2d0
[ 1834.906424][T18961]  __se_sys_ioctl+0x47/0x170
[ 1834.906477][T18961]  do_syscall_64+0xfa/0x3b0
[ 1834.906542][T18961]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1834.906593][T18961]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1834.906629][T18961]  ? clear_bhb_loop+0x60/0xb0
[ 1834.906654][T18961]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1834.906674][T18961] RIP: 0033:0x7ff001f8e929
[ 1834.906692][T18961] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1834.906711][T18961] RSP: 002b:00007ff002e0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1834.906734][T18961] RAX: ffffffffffffffda RBX: 00007ff0021b5fa0 RCX: 00007ff001f8e929
[ 1834.906749][T18961] RDX: 0000000000000000 RSI: 0000000040045532 RDI: 0000000000000003
[ 1834.906761][T18961] RBP: 00007ff002e0f090 R08: 0000000000000000 R09: 0000000000000000
[ 1834.906774][T18961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1834.906786][T18961] R13: 0000000000000000 R14: 00007ff0021b5fa0 R15: 00007ffc23a91c08
[ 1834.906818][T18961]  </TASK>
[ 1834.907164][T18961] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1835.150793][ T5838] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[ 1835.379805][ T5838] usb 1-1: Using ep0 maxpacket: 8
[ 1835.441949][ T5838] usb 1-1: config 8 has an invalid interface number: 144 but max is 0
[ 1835.854306][ T5838] usb 1-1: config 8 has no interface number 0
[ 1835.867889][ T5838] usb 1-1: config 8 interface 144 has no altsetting 0
[ 1835.899149][T18972] FAULT_INJECTION: forcing a failure.
[ 1835.899149][T18972] name failslab, interval 1, probability 0, space 0, times 0
[ 1835.923246][ T5838] usb 1-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice=62.ad
[ 1835.937326][T18972] CPU: 1 UID: 0 PID: 18972 Comm: syz.7.3209 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1835.937355][T18972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1835.937368][T18972] Call Trace:
[ 1835.937376][T18972]  <TASK>
[ 1835.937385][T18972]  dump_stack_lvl+0x189/0x250
[ 1835.937415][T18972]  ? __pfx____ratelimit+0x10/0x10
[ 1835.937449][T18972]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1835.937472][T18972]  ? __pfx__printk+0x10/0x10
[ 1835.937505][T18972]  ? __pfx___might_resched+0x10/0x10
[ 1835.937527][T18972]  ? fs_reclaim_acquire+0x7d/0x100
[ 1835.937554][T18972]  should_fail_ex+0x414/0x560
[ 1835.937589][T18972]  should_failslab+0xa8/0x100
[ 1835.937621][T18972]  __kmalloc_noprof+0xcb/0x4f0
[ 1835.937646][T18972]  ? kfree+0x4d/0x440
[ 1835.937668][T18972]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1835.937696][T18972]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1835.937719][T18972]  ? tomoyo_domain+0xda/0x130
[ 1835.937748][T18972]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1835.937776][T18972]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1835.937809][T18972]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1835.937857][T18972]  ? __lock_acquire+0xab9/0xd20
[ 1835.937896][T18972]  ? __fget_files+0x2a/0x420
[ 1835.937917][T18972]  ? __fget_files+0x2a/0x420
[ 1835.937933][T18972]  ? __fget_files+0x3a0/0x420
[ 1835.937950][T18972]  ? __fget_files+0x2a/0x420
[ 1835.937972][T18972]  security_file_ioctl+0xcb/0x2d0
[ 1835.938006][T18972]  __se_sys_ioctl+0x47/0x170
[ 1835.938036][T18972]  do_syscall_64+0xfa/0x3b0
[ 1835.938055][T18972]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1835.938085][T18972]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1835.938115][T18972]  ? clear_bhb_loop+0x60/0xb0
[ 1835.938139][T18972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1835.938158][T18972] RIP: 0033:0x7fd33cf8e929
[ 1835.938176][T18972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1835.938194][T18972] RSP: 002b:00007fd33dd4c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1835.938215][T18972] RAX: ffffffffffffffda RBX: 00007fd33d1b5fa0 RCX: 00007fd33cf8e929
[ 1835.938230][T18972] RDX: 0000200000000280 RSI: 00000000802c550a RDI: 0000000000000003
[ 1835.938243][T18972] RBP: 00007fd33dd4c090 R08: 0000000000000000 R09: 0000000000000000
[ 1835.938256][T18972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1835.938267][T18972] R13: 0000000000000000 R14: 00007fd33d1b5fa0 R15: 00007ffc3bf6e6b8
[ 1835.938300][T18972]  </TASK>
[ 1835.938318][T18972] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1836.131396][T12908] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1836.134684][ T5838] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1836.164607][T12908] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1836.168037][ T5838] usb 1-1: Product: syz
[ 1836.178944][T12908] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1836.194844][ T5838] usb 1-1: Manufacturer: syz
[ 1836.205471][T12908] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1836.210407][ T5838] usb 1-1: SerialNumber: syz
[ 1836.217874][T12908] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1836.261354][ T5838] rtl8150 1-1:8.144: couldn't find required endpoints
[ 1836.273072][ T5838] rtl8150 1-1:8.144: probe with driver rtl8150 failed with error -5
[ 1836.546048][T16665] usb 1-1: USB disconnect, device number 23
[ 1836.723666][T18807] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1836.869868][  T978] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[ 1836.973804][T18974] chnl_net:caif_netlink_parms(): no params data found
[ 1837.039622][  T978] usb 7-1: Using ep0 maxpacket: 32
[ 1837.050650][  T978] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 219
[ 1837.074602][T15175] bridge_slave_1: left allmulticast mode
[ 1837.090034][T15175] bridge_slave_1: left promiscuous mode
[ 1837.096058][  T978] usb 7-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[ 1837.106319][T15175] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1837.119772][  T978] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1837.128268][  T978] usb 7-1: Product: syz
[ 1837.152954][T15175] bridge_slave_0: left allmulticast mode
[ 1837.158694][T15175] bridge_slave_0: left promiscuous mode
[ 1837.169597][  T978] usb 7-1: Manufacturer: syz
[ 1837.174265][  T978] usb 7-1: SerialNumber: syz
[ 1837.199940][T15175] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1837.212539][  T978] usb 7-1: config 0 descriptor??
[ 1837.235652][T18981] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1837.274095][  T978] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[ 1837.873907][T18023] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[ 1837.892107][  T978] usb 7-1: USB disconnect, device number 9
[ 1837.977059][T19007] FAULT_INJECTION: forcing a failure.
[ 1837.977059][T19007] name fail_usercopy, interval 1, probability 0, space 0, times 1
[ 1837.991574][T19007] CPU: 1 UID: 0 PID: 19007 Comm: syz.7.3213 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1837.991599][T19007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1837.991610][T19007] Call Trace:
[ 1837.991618][T19007]  <TASK>
[ 1837.991626][T19007]  dump_stack_lvl+0x189/0x250
[ 1837.991651][T19007]  ? __pfx____ratelimit+0x10/0x10
[ 1837.991688][T19007]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1837.991707][T19007]  ? __pfx__printk+0x10/0x10
[ 1837.991729][T19007]  ? __might_fault+0xb0/0x130
[ 1837.991869][T19007]  should_fail_ex+0x414/0x560
[ 1837.991899][T19007]  _copy_from_user+0x2d/0xb0
[ 1837.991947][T19007]  ___sys_sendmsg+0x158/0x2a0
[ 1837.992034][T19007]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1837.992088][T19007]  ? __fget_files+0x2a/0x420
[ 1837.992103][T19007]  ? __fget_files+0x3a0/0x420
[ 1837.992128][T19007]  __x64_sys_sendmsg+0x19b/0x260
[ 1837.992152][T19007]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1837.992182][T19007]  ? __pfx_ksys_write+0x10/0x10
[ 1837.992245][T19007]  ? rcu_is_watching+0x15/0xb0
[ 1837.992284][T19007]  ? do_syscall_64+0xbe/0x3b0
[ 1837.992304][T19007]  do_syscall_64+0xfa/0x3b0
[ 1837.992319][T19007]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1837.992344][T19007]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1837.992361][T19007]  ? clear_bhb_loop+0x60/0xb0
[ 1837.992382][T19007]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1837.992398][T19007] RIP: 0033:0x7fd33cf8e929
[ 1837.992414][T19007] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1837.992430][T19007] RSP: 002b:00007fd33dd4c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1837.992448][T19007] RAX: ffffffffffffffda RBX: 00007fd33d1b5fa0 RCX: 00007fd33cf8e929
[ 1837.992461][T19007] RDX: 0000000000000010 RSI: 0000200000001440 RDI: 0000000000000003
[ 1837.992471][T19007] RBP: 00007fd33dd4c090 R08: 0000000000000000 R09: 0000000000000000
[ 1837.992481][T19007] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1837.992491][T19007] R13: 0000000000000000 R14: 00007fd33d1b5fa0 R15: 00007ffc3bf6e6b8
[ 1837.992518][T19007]  </TASK>
[ 1838.241735][T18023] usb 1-1: Using ep0 maxpacket: 16
[ 1838.250220][T18023] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1838.264143][T18023] usb 1-1: config 1 has no interface number 1
[ 1838.272032][T18023] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1838.292733][T18023] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1838.307880][T18023] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1838.321728][T18023] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1838.331213][T18023] usb 1-1: Product: syz
[ 1838.335444][T18023] usb 1-1: Manufacturer: syz
[ 1838.346164][T18023] usb 1-1: SerialNumber: syz
[ 1838.360421][T12908] Bluetooth: hci1: command tx timeout
[ 1838.507546][T19012] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3215'.
[ 1838.597252][T19015] FAULT_INJECTION: forcing a failure.
[ 1838.597252][T19015] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1838.601069][T19014] ptm ptm0: ldisc open failed (-12), clearing slot 0
[ 1838.616589][T19015] CPU: 0 UID: 0 PID: 19015 Comm: syz.6.3216 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1838.616627][T19015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1838.616643][T19015] Call Trace:
[ 1838.616654][T19015]  <TASK>
[ 1838.616664][T19015]  dump_stack_lvl+0x189/0x250
[ 1838.616702][T19015]  ? __pfx____ratelimit+0x10/0x10
[ 1838.616738][T19015]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1838.616765][T19015]  ? __pfx__printk+0x10/0x10
[ 1838.616795][T19015]  ? __might_fault+0xb0/0x130
[ 1838.616841][T19015]  should_fail_ex+0x414/0x560
[ 1838.616880][T19015]  _copy_from_user+0x2d/0xb0
[ 1838.616909][T19015]  ___sys_sendmsg+0x158/0x2a0
[ 1838.616943][T19015]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1838.617017][T19015]  ? __fget_files+0x2a/0x420
[ 1838.617037][T19015]  ? __fget_files+0x3a0/0x420
[ 1838.617071][T19015]  __x64_sys_sendmsg+0x19b/0x260
[ 1838.617103][T19015]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1838.617145][T19015]  ? __pfx_ksys_write+0x10/0x10
[ 1838.617173][T19015]  ? rcu_is_watching+0x15/0xb0
[ 1838.617204][T19015]  ? do_syscall_64+0xbe/0x3b0
[ 1838.617231][T19015]  do_syscall_64+0xfa/0x3b0
[ 1838.617253][T19015]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1838.617285][T19015]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1838.617309][T19015]  ? clear_bhb_loop+0x60/0xb0
[ 1838.617337][T19015]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1838.617358][T19015] RIP: 0033:0x7ff001f8e929
[ 1838.617379][T19015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1838.617398][T19015] RSP: 002b:00007ff002e0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1838.617423][T19015] RAX: ffffffffffffffda RBX: 00007ff0021b5fa0 RCX: 00007ff001f8e929
[ 1838.617441][T19015] RDX: 0000000000040882 RSI: 0000200000000140 RDI: 0000000000000004
[ 1838.617457][T19015] RBP: 00007ff002e0f090 R08: 0000000000000000 R09: 0000000000000000
[ 1838.617470][T19015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1838.617485][T19015] R13: 0000000000000000 R14: 00007ff0021b5fa0 R15: 00007ffc23a91c08
[ 1838.617522][T19015]  </TASK>
[ 1839.082457][T15175] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1839.095517][T15175] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1839.111754][T15175] bond0 (unregistering): Released all slaves
[ 1839.379342][T15175] hsr_slave_0: left promiscuous mode
[ 1839.396657][T15175] hsr_slave_1: left promiscuous mode
[ 1839.409044][T15175] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1839.430174][T15175] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1839.467772][T15175] veth1_macvtap: left promiscuous mode
[ 1839.474495][T15175] veth0_macvtap: left promiscuous mode
[ 1839.482119][T15175] veth1_vlan: left promiscuous mode
[ 1839.487709][T15175] veth0_vlan: left promiscuous mode
[ 1839.823383][   T30] audit: type=1326 audit(1752561819.041:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19027 comm="syz.6.3219" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff001f8e929 code=0x0
[ 1840.430453][T12908] Bluetooth: hci1: command tx timeout
[ 1840.443842][T15175] team0 (unregistering): Port device team_slave_1 removed
[ 1840.528591][T15175] team0 (unregistering): Port device team_slave_0 removed
[ 1841.282446][T18974] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1841.291501][T18974] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1841.299301][T18974] bridge_slave_0: entered allmulticast mode
[ 1841.308804][T18974] bridge_slave_0: entered promiscuous mode
[ 1841.353810][T18974] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1841.369779][T18974] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1841.377341][T18974] bridge_slave_1: entered allmulticast mode
[ 1841.398227][T18974] bridge_slave_1: entered promiscuous mode
[ 1841.420677][T18023] usb 1-1: 2:1 : no UAC_FORMAT_TYPE desc
[ 1841.472522][T18023] usb 1-1: USB disconnect, device number 24
[ 1841.582344][T18974] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1841.633660][T18974] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1841.823957][T18974] team0: Port device team_slave_0 added
[ 1841.867179][T18974] team0: Port device team_slave_1 added
[ 1842.016727][T18807] veth0_vlan: entered promiscuous mode
[ 1842.099421][T18974] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1842.113802][T18974] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1842.151325][T18974] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1842.175929][T18974] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1842.184529][T18974] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1842.215499][T18974] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1842.443731][T19048] usb usb1: usbfs: process 19048 (syz.6.3225) did not claim interface 2 before use
[ 1842.466668][T18807] veth1_vlan: entered promiscuous mode
[ 1842.509574][T12908] Bluetooth: hci1: command tx timeout
[ 1843.041357][T19062] Invalid ELF header magic: != ELF
[ 1843.090271][T18974] hsr_slave_0: entered promiscuous mode
[ 1843.129581][T18974] hsr_slave_1: entered promiscuous mode
[ 1843.147126][T18974] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1843.170654][T18974] Cannot create hsr debugfs directory
[ 1843.590567][T18807] veth0_macvtap: entered promiscuous mode
[ 1843.672082][T18807] veth1_macvtap: entered promiscuous mode
[ 1844.129135][T19073] FAULT_INJECTION: forcing a failure.
[ 1844.129135][T19073] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1844.145239][T19073] CPU: 0 UID: 0 PID: 19073 Comm: syz.7.3233 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1844.145269][T19073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1844.145283][T19073] Call Trace:
[ 1844.145291][T19073]  <TASK>
[ 1844.145300][T19073]  dump_stack_lvl+0x189/0x250
[ 1844.145330][T19073]  ? __pfx____ratelimit+0x10/0x10
[ 1844.145362][T19073]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1844.145386][T19073]  ? __pfx__printk+0x10/0x10
[ 1844.145413][T19073]  ? __might_fault+0xb0/0x130
[ 1844.145457][T19073]  should_fail_ex+0x414/0x560
[ 1844.145492][T19073]  _copy_from_user+0x2d/0xb0
[ 1844.145517][T19073]  sk_getsockopt+0x197/0x2530
[ 1844.145624][T19073]  ? __pfx_sk_getsockopt+0x10/0x10
[ 1844.145648][T19073]  ? do_syscall_64+0x20/0x3b0
[ 1844.145680][T19073]  ? __lock_acquire+0xab9/0xd20
[ 1844.145712][T19073]  ? __might_fault+0xb0/0x130
[ 1844.145764][T19073]  do_sock_getsockopt+0x275/0x650
[ 1844.145788][T19073]  ? do_syscall_64+0x20/0x3b0
[ 1844.145811][T19073]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1844.145836][T19073]  ? do_syscall_64+0x20/0x3b0
[ 1844.145854][T19073]  ? __fget_files+0x3a0/0x420
[ 1844.145872][T19073]  ? __fget_files+0x2a/0x420
[ 1844.145898][T19073]  __x64_sys_getsockopt+0x1a5/0x250
[ 1844.145923][T19073]  ? do_syscall_64+0x20/0x3b0
[ 1844.145943][T19073]  ? do_syscall_64+0x20/0x3b0
[ 1844.145967][T19073]  do_syscall_64+0xfa/0x3b0
[ 1844.145984][T19073]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1844.146014][T19073]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1844.146035][T19073]  ? clear_bhb_loop+0x60/0xb0
[ 1844.146060][T19073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1844.146079][T19073] RIP: 0033:0x7fd33cf8e929
[ 1844.146098][T19073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1844.146115][T19073] RSP: 002b:00007fd33dd4c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 1844.146137][T19073] RAX: ffffffffffffffda RBX: 00007fd33d1b5fa0 RCX: 00007fd33cf8e929
[ 1844.146155][T19073] RDX: 000000000000001c RSI: 0000000000000001 RDI: 0000000000000004
[ 1844.146175][T19073] RBP: 00007fd33dd4c090 R08: 0000200000001900 R09: 0000000000000000
[ 1844.146189][T19073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1844.146201][T19073] R13: 0000000000000000 R14: 00007fd33d1b5fa0 R15: 00007ffc3bf6e6b8
[ 1844.146234][T19073]  </TASK>
[ 1844.556662][T18807] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1844.567050][T19075] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3234'.
[ 1844.590706][T12908] Bluetooth: hci1: command tx timeout
[ 1844.647869][T18807] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1844.693900][T18807] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1844.713648][T18807] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1844.734122][T18807] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1844.751490][T18807] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1845.035608][T17215] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1845.048497][T17215] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1845.144340][T18974] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1845.157488][T18974] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1845.185625][T15698] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1845.195884][T18974] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1845.206218][T15698] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1845.230035][T18974] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1846.204744][T18974] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1846.293861][T18974] 8021q: adding VLAN 0 to HW filter on device team0
[ 1846.332445][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1846.339745][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1846.412663][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1846.419919][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1846.547384][T19096] netlink: 4268 bytes leftover after parsing attributes in process `syz.9.2967'.
[ 1846.556723][T19096] netlink: 4268 bytes leftover after parsing attributes in process `syz.9.2967'.
[ 1846.739661][T18974] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1846.804501][T18974] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1847.154493][T19112] netlink: 'syz.6.3241': attribute type 39 has an invalid length.
[ 1847.454263][    T9] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[ 1847.703708][    T9] usb 7-1: config 1 has an invalid descriptor of length 246, skipping remainder of the config
[ 1847.769299][    T9] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1847.812743][    T9] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1847.831678][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1847.841119][T18974] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1847.867559][    T9] usb 7-1: Product: syz
[ 1847.882134][    T9] usb 7-1: Manufacturer: syz
[ 1847.886821][    T9] usb 7-1: SerialNumber: syz
[ 1847.935473][T19119] x_tables: ip6_tables: REJECT target: only valid in filter table, not 
[ 1847.939398][    T9] cdc_ether 7-1:1.0: skipping garbage
[ 1847.986229][    T9] usb 7-1: bad CDC descriptors
[ 1848.150628][ T5838] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[ 1848.181601][T19131] netlink: 20 bytes leftover after parsing attributes in process `syz.9.3247'.
[ 1848.289589][ T5838] usb 1-1: device descriptor read/64, error -71
[ 1848.323869][T18974] veth0_vlan: entered promiscuous mode
[ 1848.337270][T18974] veth1_vlan: entered promiscuous mode
[ 1848.375764][T18974] veth0_macvtap: entered promiscuous mode
[ 1848.387765][T18974] veth1_macvtap: entered promiscuous mode
[ 1848.407854][T18974] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1848.425607][T18974] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1848.439135][T18974] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1848.449060][T18974] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1848.458539][T18974] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1848.468163][T18974] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1848.540187][ T5838] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[ 1848.575451][ T9235] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1848.584784][ T9235] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1848.617378][T18850] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1848.628842][T18850] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1848.690291][ T5838] usb 1-1: device descriptor read/64, error -71
[ 1848.811940][ T5838] usb usb1-port1: attempt power cycle
[ 1849.359848][ T5838] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[ 1849.367603][T19141] openvswitch: netlink: nsh attribute has 99 unknown bytes.
[ 1849.601109][ T5838] usb 1-1: device descriptor read/8, error -71
[ 1849.929834][ T5838] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[ 1849.938878][T15771] usb 7-1: USB disconnect, device number 10
[ 1850.183899][ T5838] usb 1-1: device descriptor read/8, error -71
[ 1850.386348][ T5838] usb usb1-port1: unable to enumerate USB device
[ 1851.450005][ T5838] usb 7-1: new full-speed USB device number 11 using dummy_hcd
[ 1851.662203][ T5838] usb 7-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[ 1851.773200][ T5838] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1852.349362][ T5838] usb 7-1: config 0 descriptor??
[ 1852.981660][T19194] FAULT_INJECTION: forcing a failure.
[ 1852.981660][T19194] name failslab, interval 1, probability 0, space 0, times 0
[ 1853.026487][T19194] CPU: 1 UID: 0 PID: 19194 Comm: syz.0.3262 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1853.026518][T19194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1853.026531][T19194] Call Trace:
[ 1853.026540][T19194]  <TASK>
[ 1853.026549][T19194]  dump_stack_lvl+0x189/0x250
[ 1853.026582][T19194]  ? __pfx____ratelimit+0x10/0x10
[ 1853.026613][T19194]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1853.026636][T19194]  ? __pfx__printk+0x10/0x10
[ 1853.026665][T19194]  ? __pfx___might_resched+0x10/0x10
[ 1853.026687][T19194]  ? fs_reclaim_acquire+0x7d/0x100
[ 1853.026713][T19194]  should_fail_ex+0x414/0x560
[ 1853.026748][T19194]  should_failslab+0xa8/0x100
[ 1853.026780][T19194]  __kmalloc_noprof+0xcb/0x4f0
[ 1853.026808][T19194]  ? tomoyo_encode+0x28b/0x550
[ 1853.026840][T19194]  tomoyo_encode+0x28b/0x550
[ 1853.026867][T19194]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1853.026901][T19194]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1853.026931][T19194]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1853.026964][T19194]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1853.027012][T19194]  ? __lock_acquire+0xab9/0xd20
[ 1853.027053][T19194]  ? __fget_files+0x2a/0x420
[ 1853.027075][T19194]  ? __fget_files+0x2a/0x420
[ 1853.027091][T19194]  ? __fget_files+0x3a0/0x420
[ 1853.027108][T19194]  ? __fget_files+0x2a/0x420
[ 1853.027131][T19194]  security_file_ioctl+0xcb/0x2d0
[ 1853.027164][T19194]  __se_sys_ioctl+0x47/0x170
[ 1853.027193][T19194]  do_syscall_64+0xfa/0x3b0
[ 1853.027212][T19194]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1853.027241][T19194]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1853.027262][T19194]  ? clear_bhb_loop+0x60/0xb0
[ 1853.027287][T19194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1853.027307][T19194] RIP: 0033:0x7fa0eb98e929
[ 1853.027325][T19194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1853.027343][T19194] RSP: 002b:00007fa0ec7a9038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1853.027365][T19194] RAX: ffffffffffffffda RBX: 00007fa0ebbb5fa0 RCX: 00007fa0eb98e929
[ 1853.027380][T19194] RDX: 0000200000000580 RSI: 0000000000000001 RDI: 0000000000000003
[ 1853.027393][T19194] RBP: 00007fa0ec7a9090 R08: 0000000000000000 R09: 0000000000000000
[ 1853.027406][T19194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1853.027417][T19194] R13: 0000000000000000 R14: 00007fa0ebbb5fa0 R15: 00007ffd6baa9d68
[ 1853.027449][T19194]  </TASK>
[ 1853.027498][T19194] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1853.279743][  T978] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[ 1853.308538][T19194] program syz.0.3262 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1853.445961][  T978] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1853.499586][  T978] usb 10-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1853.620409][  T978] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1853.699683][  T978] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1853.707853][  T978] usb 10-1: Product: syz
[ 1853.737442][  T978] usb 10-1: Manufacturer: syz
[ 1853.769843][T18023] usb 1-1: new low-speed USB device number 29 using dummy_hcd
[ 1853.779555][  T978] usb 10-1: SerialNumber: syz
[ 1853.969045][T18023] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[ 1853.986874][T18023] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1853.997816][T18023] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1854.017546][T18023] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1854.039693][T18023] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1854.059047][T18023] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[ 1854.067835][T18023] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1854.086315][T18023] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1854.106260][T18023] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1854.118364][T18023] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1854.132216][T18023] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[ 1854.139874][T18023] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[ 1854.152326][T18023] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1854.181042][T18023] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1854.353929][ T5838] pegasus 7-1:0.0: probe with driver pegasus failed with error -110
[ 1854.397985][T18023] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1854.414132][T18023] usb 1-1: string descriptor 0 read error: -22
[ 1854.420674][T18023] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 1854.430752][T18023] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1854.458156][T18023] adutux 1-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 1855.259339][ T5838] usb 1-1: USB disconnect, device number 29
[ 1855.271032][T18023] usb 7-1: USB disconnect, device number 11
[ 1855.495450][  T978] cdc_ncm 10-1:1.0: bind() failure
[ 1855.675897][  T978] cdc_ncm 10-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1855.887885][  T978] cdc_mbim 10-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1856.076811][  T978] usbtest 10-1:1.1: probe with driver usbtest failed with error -71
[ 1856.101685][  T978] usb 10-1: USB disconnect, device number 2
[ 1856.569698][  T978] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[ 1856.925567][  T978] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1857.035137][  T978] usb 9-1: New USB device found, idVendor=1430, idProduct=07bb, bcdDevice= 0.00
[ 1857.134177][  T978] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1857.245730][  T978] usb 9-1: config 0 descriptor??
[ 1857.570564][T19249] program syz.9.3281 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1858.559554][T19257] netlink: 'syz.6.3284': attribute type 12 has an invalid length.
[ 1858.702369][    C0] raw-gadget.0 gadget.8: ignoring, device is not running
[ 1858.719228][    C0] raw-gadget.0 gadget.8: ignoring, device is not running
[ 1858.732978][    C0] raw-gadget.0 gadget.8: ignoring, device is not running
[ 1858.740784][    C0] raw-gadget.0 gadget.8: ignoring, device is not running
[ 1858.749296][  T978] usb 9-1: string descriptor 0 read error: -32
[ 1858.842033][T19262] binder: BINDER_SET_CONTEXT_MGR already set
[ 1858.848207][T19262] binder: 19251:19262 ioctl 4018620d 200000000040 returned -16
[ 1858.910922][  T978] usbhid 9-1:0.0: can't add hid device: -71
[ 1858.913291][  T978] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[ 1859.057683][  T978] usb 9-1: USB disconnect, device number 2
[ 1859.439319][T17283] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[ 1859.600480][T17283] usb 10-1: Using ep0 maxpacket: 8
[ 1859.643760][T17283] usb 10-1: config 1 interface 0 altsetting 3 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1859.687945][T17283] usb 10-1: config 1 interface 0 has no altsetting 0
[ 1859.707231][T17283] usb 10-1: New USB device found, idVendor=17ef, idProduct=6004, bcdDevice= 0.40
[ 1859.732978][T17283] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1859.869191][T17283] usb 10-1: Product: 䰅
[ 1859.881499][T17283] usb 10-1: Manufacturer: 峛ธ䛺䚤㦤ྠ믅荋ᧇ봑恻陯ﾉǿې낑砠﷚낑답ᇤ陘籂毎㮃蠞똜칞僞㓙촳䠌洝圱䈵쵧它ﰢ硔㷬福ꬖ徏＠⳷姝␺扲⻙뮪ꜿ湈㪒ඕ뾜巛꣛ᑞ뺜閥肋綻❦篰錧栢㸩ᔜ⡀瓉繍所씂ʊ䙰랉눇듶퉰࿱䡂㜄˰蕣ụ㨎甇ᗴ輯਒
[ 1859.947672][T19274] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[ 1860.474827][   T30] audit: type=1326 audit(1752561839.671:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19280 comm="syz.6.3292" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff001f8e929 code=0x0
[ 1860.599839][T17283] usb 10-1: SerialNumber: 鷷悔岗듁썂예둨뉿빻䙌瓗ྛꈤʲ㖟쉌岠䜦蜆ᚮ蒎岻ࠕ幣螓᧚ꈨ痳ᖤﾲᇂ屢↰㘔⤾唑ｦ됁鼩䴢⥨䉗月ై眪聻⣖捌鏅娴裿⟧沎ຌ斬䅲韘ᕵ꿷嵦᷀蟀턆ꭁ⃿뀵䥠ﭑ镎쿣榋火
[ 1860.771903][T19284] netlink: 'syz.8.3293': attribute type 34 has an invalid length.
[ 1861.070075][T17283] usbhid 10-1:1.0: can't add hid device: -71
[ 1861.292160][T17283] usbhid 10-1:1.0: probe with driver usbhid failed with error -71
[ 1861.320674][T17283] usb 10-1: USB disconnect, device number 3
[ 1861.673484][T19294] x_tables: unsorted underflow at hook 4
[ 1861.766428][T19297] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3297'.
[ 1861.803880][T19297] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3297'.
[ 1862.113903][T19311] netlink: 'syz.6.3303': attribute type 12 has an invalid length.
[ 1862.260990][T15771] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[ 1862.319379][T19316] FAULT_INJECTION: forcing a failure.
[ 1862.319379][T19316] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1862.426111][T19316] CPU: 1 UID: 0 PID: 19316 Comm: syz.6.3306 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1862.426142][T19316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1862.426163][T19316] Call Trace:
[ 1862.426172][T19316]  <TASK>
[ 1862.426181][T19316]  dump_stack_lvl+0x189/0x250
[ 1862.426211][T19316]  ? __pfx____ratelimit+0x10/0x10
[ 1862.426243][T19316]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1862.426267][T19316]  ? __pfx__printk+0x10/0x10
[ 1862.426309][T19316]  should_fail_ex+0x414/0x560
[ 1862.426345][T19316]  _copy_to_user+0x31/0xb0
[ 1862.426372][T19316]  sk_getsockopt+0x1a75/0x2530
[ 1862.426405][T19316]  ? __pfx_sk_getsockopt+0x10/0x10
[ 1862.426429][T19316]  ? do_syscall_64+0x20/0x3b0
[ 1862.426461][T19316]  ? __lock_acquire+0xab9/0xd20
[ 1862.426524][T19316]  do_sock_getsockopt+0x275/0x650
[ 1862.426549][T19316]  ? do_syscall_64+0x20/0x3b0
[ 1862.426573][T19316]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1862.426598][T19316]  ? do_syscall_64+0x20/0x3b0
[ 1862.426617][T19316]  ? __fget_files+0x3a0/0x420
[ 1862.426635][T19316]  ? __fget_files+0x2a/0x420
[ 1862.426663][T19316]  __x64_sys_getsockopt+0x1a5/0x250
[ 1862.426688][T19316]  ? do_syscall_64+0x20/0x3b0
[ 1862.426709][T19316]  ? do_syscall_64+0x20/0x3b0
[ 1862.426733][T19316]  do_syscall_64+0xfa/0x3b0
[ 1862.426754][T19316]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1862.426774][T19316]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1862.426795][T19316]  ? clear_bhb_loop+0x60/0xb0
[ 1862.426820][T19316]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1862.426840][T19316] RIP: 0033:0x7ff001f8e929
[ 1862.426859][T19316] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1862.426877][T19316] RSP: 002b:00007ff002e0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 1862.426899][T19316] RAX: ffffffffffffffda RBX: 00007ff0021b5fa0 RCX: 00007ff001f8e929
[ 1862.426915][T19316] RDX: 000000000000001c RSI: 0000000000000001 RDI: 0000000000000004
[ 1862.426927][T19316] RBP: 00007ff002e0f090 R08: 0000200000001900 R09: 0000000000000000
[ 1862.426941][T19316] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1862.426953][T19316] R13: 0000000000000000 R14: 00007ff0021b5fa0 R15: 00007ffc23a91c08
[ 1862.426985][T19316]  </TASK>
[ 1863.311263][T15771] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1863.337115][T19317] geneve2: entered allmulticast mode
[ 1863.361947][T15771] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1863.450933][T15771] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1863.518970][T15771] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1863.543987][T15771] usb 1-1: SerialNumber: syz
[ 1863.700924][T19328] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1863.820697][T15771] usb 1-1: 0:2 : does not exist
[ 1863.861543][T15771] usb 1-1: unit 255 not found!
[ 1864.075604][T15771] usb 1-1: USB disconnect, device number 30
[ 1864.352407][T19342] netlink: 128124 bytes leftover after parsing attributes in process `syz.9.3313'.
[ 1864.585987][T19350] netlink: 'syz.0.3316': attribute type 12 has an invalid length.
[ 1865.449573][  T978] usb 1-1: new full-speed USB device number 31 using dummy_hcd
[ 1865.575757][T19363] FAULT_INJECTION: forcing a failure.
[ 1865.575757][T19363] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1865.592916][T19363] CPU: 0 UID: 0 PID: 19363 Comm: syz.6.3319 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1865.592947][T19363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1865.592963][T19363] Call Trace:
[ 1865.592971][T19363]  <TASK>
[ 1865.592978][T19363]  dump_stack_lvl+0x189/0x250
[ 1865.593001][T19363]  ? __pfx____ratelimit+0x10/0x10
[ 1865.593024][T19363]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1865.593040][T19363]  ? __pfx__printk+0x10/0x10
[ 1865.593059][T19363]  ? __might_fault+0xb0/0x130
[ 1865.593089][T19363]  should_fail_ex+0x414/0x560
[ 1865.593115][T19363]  _copy_from_iter+0x1db/0x16f0
[ 1865.593211][T19363]  ? rcu_is_watching+0x15/0xb0
[ 1865.593228][T19363]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[ 1865.593251][T19363]  ? __pfx__copy_from_iter+0x10/0x10
[ 1865.593268][T19363]  ? __build_skb_around+0x257/0x3e0
[ 1865.593310][T19363]  ? netlink_sendmsg+0x642/0xb30
[ 1865.593353][T19363]  ? skb_put+0x11b/0x210
[ 1865.593378][T19363]  netlink_sendmsg+0x6b2/0xb30
[ 1865.593402][T19363]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1865.593426][T19363]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1865.593476][T19363]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1865.593494][T19363]  __sock_sendmsg+0x219/0x270
[ 1865.593534][T19363]  ____sys_sendmsg+0x505/0x830
[ 1865.593557][T19363]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1865.593583][T19363]  ? import_iovec+0x74/0xa0
[ 1865.593603][T19363]  ___sys_sendmsg+0x21f/0x2a0
[ 1865.593624][T19363]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1865.593671][T19363]  ? __fget_files+0x2a/0x420
[ 1865.593684][T19363]  ? __fget_files+0x3a0/0x420
[ 1865.593706][T19363]  __x64_sys_sendmsg+0x19b/0x260
[ 1865.593727][T19363]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1865.593754][T19363]  ? __pfx_ksys_write+0x10/0x10
[ 1865.593779][T19363]  ? do_syscall_64+0xbe/0x3b0
[ 1865.593796][T19363]  do_syscall_64+0xfa/0x3b0
[ 1865.593811][T19363]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1865.593825][T19363]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1865.593843][T19363]  ? clear_bhb_loop+0x60/0xb0
[ 1865.593860][T19363]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1865.593875][T19363] RIP: 0033:0x7ff001f8e929
[ 1865.593888][T19363] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1865.593906][T19363] RSP: 002b:00007ff002e0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1865.593922][T19363] RAX: ffffffffffffffda RBX: 00007ff0021b5fa0 RCX: 00007ff001f8e929
[ 1865.593933][T19363] RDX: 0000000000000810 RSI: 0000200000000000 RDI: 0000000000000003
[ 1865.593942][T19363] RBP: 00007ff002e0f090 R08: 0000000000000000 R09: 0000000000000000
[ 1865.593951][T19363] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1865.593959][T19363] R13: 0000000000000000 R14: 00007ff0021b5fa0 R15: 00007ffc23a91c08
[ 1865.593982][T19363]  </TASK>
[ 1865.885712][  T978] usb 1-1: not running at top speed; connect to a high speed hub
[ 1865.900770][  T978] usb 1-1: config 95 has an invalid interface number: 1 but max is 0
[ 1865.908940][  T978] usb 1-1: config 95 has no interface number 0
[ 1865.915363][  T978] usb 1-1: config 95 interface 1 has no altsetting 0
[ 1865.925173][  T978] usb 1-1: string descriptor 0 read error: -22
[ 1865.931857][  T978] usb 1-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[ 1865.941113][  T978] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1866.442323][  T978] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[ 1866.514657][T19352] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1866.531040][T19352] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1866.619681][  T978] usb 7-1: Using ep0 maxpacket: 8
[ 1866.635901][  T978] usb 7-1: config 179 has an invalid interface number: 65 but max is 0
[ 1866.664764][  T978] usb 7-1: config 179 has no interface number 0
[ 1866.676461][  T978] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[ 1866.689283][  T978] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[ 1866.701246][  T978] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1866.713312][  T978] usb 7-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1866.724398][  T978] usb 7-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1866.756633][  T978] usb 7-1: config 179 interface 65 has no altsetting 0
[ 1866.769656][  T978] usb 7-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[ 1866.779091][  T978] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1866.822586][  T978] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:179.65/input/input24
[ 1866.953156][T19382] netlink: 'syz.8.3327': attribute type 12 has an invalid length.
[ 1867.209384][T17283] usb 7-1: USB disconnect, device number 12
[ 1867.936589][T11773] usb 1-1: USB disconnect, device number 31
[ 1868.156941][T19387] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3329'.
[ 1869.261514][T11773] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[ 1869.489710][T11773] usb 1-1: Using ep0 maxpacket: 32
[ 1869.664179][T11773] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[ 1869.689663][T11773] usb 1-1: config 0 has no interface number 0
[ 1869.706317][T11773] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1869.751489][T11773] usb 1-1: config 0 interface 85 has no altsetting 0
[ 1869.767215][T11773] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1869.779069][T11773] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1869.787680][T11773] usb 1-1: Product: syz
[ 1869.792876][T11773] usb 1-1: Manufacturer: syz
[ 1869.799591][T11773] usb 1-1: SerialNumber: syz
[ 1869.800677][T17283] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[ 1869.807996][T19413] program syz.8.3339 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1869.826170][T11773] usb 1-1: config 0 descriptor??
[ 1869.834190][T19413] FAULT_INJECTION: forcing a failure.
[ 1869.834190][T19413] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1869.849717][T19413] CPU: 0 UID: 0 PID: 19413 Comm: syz.8.3339 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1869.849748][T19413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1869.849760][T19413] Call Trace:
[ 1869.849769][T19413]  <TASK>
[ 1869.849778][T19413]  dump_stack_lvl+0x189/0x250
[ 1869.849812][T19413]  ? __pfx____ratelimit+0x10/0x10
[ 1869.849844][T19413]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1869.849867][T19413]  ? __pfx__printk+0x10/0x10
[ 1869.849893][T19413]  ? __might_fault+0xb0/0x130
[ 1869.849934][T19413]  should_fail_ex+0x414/0x560
[ 1869.849970][T19413]  _copy_from_user+0x2d/0xb0
[ 1869.849994][T19413]  scsi_ioctl+0x168b/0x1fb0
[ 1869.850136][T19413]  ? __pfx_scsi_ioctl+0x10/0x10
[ 1869.850181][T19413]  ? do_vfs_ioctl+0xf37/0x1990
[ 1869.850210][T19413]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1869.850243][T19413]  ? kasan_quarantine_put+0xdd/0x220
[ 1869.850280][T19413]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1869.850312][T19413]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1869.850340][T19413]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[ 1869.850368][T19413]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1869.850398][T19413]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1869.850445][T19413]  ? __lock_acquire+0xab9/0xd20
[ 1869.850468][T19413]  sg_ioctl+0x158e/0x2230
[ 1869.850545][T19413]  ? __pfx_sg_ioctl+0x10/0x10
[ 1869.850574][T19413]  ? __fget_files+0x2a/0x420
[ 1869.850592][T19413]  ? __fget_files+0x3a0/0x420
[ 1869.850609][T19413]  ? __fget_files+0x2a/0x420
[ 1869.850631][T19413]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1869.850651][T19413]  ? __pfx_sg_ioctl+0x10/0x10
[ 1869.850678][T19413]  __se_sys_ioctl+0xfc/0x170
[ 1869.850706][T19413]  do_syscall_64+0xfa/0x3b0
[ 1869.850725][T19413]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1869.850754][T19413]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1869.850775][T19413]  ? clear_bhb_loop+0x60/0xb0
[ 1869.850799][T19413]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1869.850819][T19413] RIP: 0033:0x7f4c2bd8e929
[ 1869.850837][T19413] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1869.850855][T19413] RSP: 002b:00007f4c2cc9c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1869.850876][T19413] RAX: ffffffffffffffda RBX: 00007f4c2bfb5fa0 RCX: 00007f4c2bd8e929
[ 1869.850891][T19413] RDX: 0000200000000580 RSI: 0000000000000001 RDI: 0000000000000003
[ 1869.850904][T19413] RBP: 00007f4c2cc9c090 R08: 0000000000000000 R09: 0000000000000000
[ 1869.850916][T19413] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1869.850928][T19413] R13: 0000000000000000 R14: 00007f4c2bfb5fa0 R15: 00007ffc065fe7e8
[ 1869.850960][T19413]  </TASK>
[ 1870.134760][T11773] appletouch 1-1:0.85: Failed to read mode from device.
[ 1870.142169][T11773] appletouch 1-1:0.85: probe with driver appletouch failed with error -5
[ 1870.200217][T17283] usb 7-1: Using ep0 maxpacket: 16
[ 1870.208325][T17283] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1870.237375][T17283] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFC, changing to 0x8C
[ 1870.483348][T17283] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8C has an invalid bInterval 0, changing to 7
[ 1870.494605][T17283] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1870.601511][T17283] usb 7-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f
[ 1870.753187][T17283] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1871.002376][T17283] usb 7-1: Product: syz
[ 1871.053354][T17283] usb 7-1: Manufacturer: syz
[ 1871.058300][T17283] usb 7-1: SerialNumber: syz
[ 1871.187917][T17283] usb 7-1: config 0 descriptor??
[ 1871.339599][T17283] rc_core: IR keymap rc-xbox-dvd not found
[ 1871.361118][T17283] Registered IR keymap rc-empty
[ 1871.377684][T17283] rc rc0: syz syz as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0
[ 1871.404903][T11773] usb 1-1: USB disconnect, device number 32
[ 1871.407755][T17283] input: syz syz as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/rc/rc0/input26
[ 1873.696769][   T30] audit: type=1326 audit(1752561852.911:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19447 comm="syz.0.3349" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa0eb98e929 code=0x0
[ 1873.772443][T19452] FAULT_INJECTION: forcing a failure.
[ 1873.772443][T19452] name failslab, interval 1, probability 0, space 0, times 0
[ 1873.839513][T19452] CPU: 1 UID: 0 PID: 19452 Comm: syz.0.3349 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1873.839547][T19452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1873.839559][T19452] Call Trace:
[ 1873.839568][T19452]  <TASK>
[ 1873.839577][T19452]  dump_stack_lvl+0x189/0x250
[ 1873.839605][T19452]  ? __pfx____ratelimit+0x10/0x10
[ 1873.839636][T19452]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1873.839659][T19452]  ? __pfx__printk+0x10/0x10
[ 1873.839686][T19452]  ? __pfx___might_resched+0x10/0x10
[ 1873.839705][T19452]  ? fs_reclaim_acquire+0x7d/0x100
[ 1873.839726][T19452]  should_fail_ex+0x414/0x560
[ 1873.839755][T19452]  should_failslab+0xa8/0x100
[ 1873.839782][T19452]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1873.839805][T19452]  ? security_file_alloc+0x34/0x330
[ 1873.839834][T19452]  security_file_alloc+0x34/0x330
[ 1873.839860][T19452]  init_file+0x93/0x2f0
[ 1873.839881][T19452]  alloc_empty_file+0x6e/0x1d0
[ 1873.839899][T19452]  path_openat+0x107/0x3830
[ 1873.839980][T19452]  ? arch_stack_walk+0xfc/0x150
[ 1873.840035][T19452]  ? kasan_save_track+0x4f/0x80
[ 1873.840074][T19452]  ? kasan_save_track+0x3e/0x80
[ 1873.840101][T19452]  ? __kasan_slab_alloc+0x6c/0x80
[ 1873.840123][T19452]  ? getname_flags+0xb8/0x540
[ 1873.840138][T19452]  ? __pfx_path_openat+0x10/0x10
[ 1873.840157][T19452]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1873.840191][T19452]  do_filp_open+0x1fa/0x410
[ 1873.840209][T19452]  ? __lock_acquire+0xab9/0xd20
[ 1873.840226][T19452]  ? __pfx_do_filp_open+0x10/0x10
[ 1873.840265][T19452]  ? _raw_spin_unlock+0x28/0x50
[ 1873.840313][T19452]  ? alloc_fd+0x64c/0x6c0
[ 1873.840368][T19452]  do_sys_openat2+0x121/0x1c0
[ 1873.840389][T19452]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1873.840408][T19452]  ? ksys_write+0x22a/0x250
[ 1873.840432][T19452]  ? __pfx_ksys_write+0x10/0x10
[ 1873.840458][T19452]  __x64_sys_openat+0x138/0x170
[ 1873.840481][T19452]  do_syscall_64+0xfa/0x3b0
[ 1873.840495][T19452]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1873.840520][T19452]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1873.840536][T19452]  ? clear_bhb_loop+0x60/0xb0
[ 1873.840558][T19452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1873.840574][T19452] RIP: 0033:0x7fa0eb98d290
[ 1873.840589][T19452] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[ 1873.840603][T19452] RSP: 002b:00007fa0ec787f10 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1873.840622][T19452] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fa0eb98d290
[ 1873.840634][T19452] RDX: 0000000000000002 RSI: 00007fa0ec787fa0 RDI: 00000000ffffff9c
[ 1873.840644][T19452] RBP: 00007fa0ec787fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1873.840655][T19452] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1873.840664][T19452] R13: 0000000000000001 R14: 00007fa0ebbb6080 R15: 00007ffd6baa9d68
[ 1873.840689][T19452]  </TASK>
[ 1874.659645][T11773] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1874.778004][  T978] usb 7-1: USB disconnect, device number 13
[ 1874.778139][    C1] xbox_remote 7-1:0.0: xbox_remote_irq_in: usb_submit_urb()=-19
[ 1874.812817][T11773] usb 9-1: config 0 has an invalid descriptor of length 51, skipping remainder of the config
[ 1874.872395][T11773] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1874.907285][T11773] usb 9-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[ 1874.935983][T11773] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1875.184443][T11773] usb 9-1: config 0 descriptor??
[ 1875.306311][T11773] usbhid 9-1:0.0: couldn't find an input interrupt endpoint
[ 1875.418243][T19465] kernel read not supported for file /${$ (pid: 19465 comm: syz.6.3354)
[ 1875.450417][T19469] 9pnet_fd: Insufficient options for proto=fd
[ 1875.482488][   T30] audit: type=1800 audit(1752561854.701:176): pid=19465 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.6.3354" name="${$" dev="mqueue" ino=72387 res=0 errno=0
[ 1877.366118][T11773] usb 9-1: USB disconnect, device number 3
[ 1877.412904][T19490] 9pnet_fd: Insufficient options for proto=fd
[ 1878.282207][T19505] netlink: 'syz.8.3364': attribute type 10 has an invalid length.
[ 1878.303287][T19505] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1878.311982][T19505] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1878.466137][T19505] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1878.473424][T19505] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1878.480968][T19505] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1878.488123][T19505] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1878.503369][T19505] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1878.590663][T19505] netlink: 'syz.8.3364': attribute type 3 has an invalid length.
[ 1878.700711][T19505] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3364'.
[ 1879.868924][T19531] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3371'.
[ 1880.930873][T19536] xt_CT: No such helper "netbios-ns"
[ 1883.673197][T17283] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1883.685425][T19577] program syz.6.3384 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1883.789961][   T30] audit: type=1326 audit(1752561863.001:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19578 comm="syz.6.3385" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff001f8e929 code=0x0
[ 1883.850259][T17283] usb 9-1: Using ep0 maxpacket: 16
[ 1883.864158][T17283] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1883.889023][T17283] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1883.914565][T17283] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1883.931571][T17283] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1883.941767][T17283] usb 9-1: Product: syz
[ 1883.946379][T17283] usb 9-1: Manufacturer: syz
[ 1883.956138][T17283] usb 9-1: SerialNumber: syz
[ 1883.992740][T19583] FAULT_INJECTION: forcing a failure.
[ 1883.992740][T19583] name failslab, interval 1, probability 0, space 0, times 0
[ 1884.006672][T19583] CPU: 0 UID: 0 PID: 19583 Comm: syz.0.3386 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1884.006701][T19583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1884.006714][T19583] Call Trace:
[ 1884.006722][T19583]  <TASK>
[ 1884.006732][T19583]  dump_stack_lvl+0x189/0x250
[ 1884.006764][T19583]  ? __pfx____ratelimit+0x10/0x10
[ 1884.006798][T19583]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1884.006822][T19583]  ? __pfx__printk+0x10/0x10
[ 1884.006855][T19583]  ? __pfx___might_resched+0x10/0x10
[ 1884.006878][T19583]  ? fs_reclaim_acquire+0x7d/0x100
[ 1884.006906][T19583]  should_fail_ex+0x414/0x560
[ 1884.006942][T19583]  should_failslab+0xa8/0x100
[ 1884.006977][T19583]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1884.007006][T19583]  ? ip_set_create+0x348/0x1940
[ 1884.007161][T19583]  ip_set_create+0x348/0x1940
[ 1884.007203][T19583]  ? trace_contention_end+0x39/0x120
[ 1884.007234][T19583]  ? __pfx_ip_set_create+0x10/0x10
[ 1884.007304][T19583]  nfnetlink_rcv_msg+0xb4a/0x1130
[ 1884.007383][T19583]  ? nfnetlink_rcv_msg+0x20d/0x1130
[ 1884.007437][T19583]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1884.007466][T19583]  ? kasan_save_free_info+0x46/0x50
[ 1884.007543][T19583]  netlink_rcv_skb+0x208/0x470
[ 1884.007570][T19583]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1884.007612][T19583]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1884.007650][T19583]  ? bpf_lsm_capable+0x9/0x20
[ 1884.007704][T19583]  ? security_capable+0x7e/0x2e0
[ 1884.007735][T19583]  nfnetlink_rcv+0x26a/0x2520
[ 1884.007770][T19583]  ? __dev_queue_xmit+0x1cd7/0x3a70
[ 1884.007848][T19583]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[ 1884.007880][T19583]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1884.007908][T19583]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1884.007942][T19583]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1884.007972][T19583]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1884.008018][T19583]  ? ref_tracker_free+0x63a/0x7d0
[ 1884.008071][T19583]  ? __copy_skb_header+0xa7/0x550
[ 1884.008100][T19583]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1884.008152][T19583]  ? skb_clone+0x246/0x3a0
[ 1884.008183][T19583]  ? __netlink_deliver_tap+0x807/0x850
[ 1884.008207][T19583]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1884.008238][T19583]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1884.008263][T19583]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1884.008293][T19583]  netlink_unicast+0x75c/0x8e0
[ 1884.008327][T19583]  netlink_sendmsg+0x805/0xb30
[ 1884.008362][T19583]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1884.008397][T19583]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1884.008426][T19583]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1884.008451][T19583]  __sock_sendmsg+0x219/0x270
[ 1884.008486][T19583]  ____sys_sendmsg+0x505/0x830
[ 1884.008519][T19583]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1884.008557][T19583]  ? import_iovec+0x74/0xa0
[ 1884.008585][T19583]  ___sys_sendmsg+0x21f/0x2a0
[ 1884.008622][T19583]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1884.008691][T19583]  ? __fget_files+0x2a/0x420
[ 1884.008709][T19583]  ? __fget_files+0x3a0/0x420
[ 1884.008740][T19583]  __x64_sys_sendmsg+0x19b/0x260
[ 1884.008770][T19583]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1884.008807][T19583]  ? __pfx_ksys_write+0x10/0x10
[ 1884.008832][T19583]  ? rcu_is_watching+0x15/0xb0
[ 1884.008861][T19583]  ? do_syscall_64+0xbe/0x3b0
[ 1884.008887][T19583]  do_syscall_64+0xfa/0x3b0
[ 1884.008905][T19583]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1884.008935][T19583]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1884.008955][T19583]  ? clear_bhb_loop+0x60/0xb0
[ 1884.008981][T19583]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1884.009001][T19583] RIP: 0033:0x7fa0eb98e929
[ 1884.009019][T19583] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1884.009037][T19583] RSP: 002b:00007fa0ec7a9038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1884.009059][T19583] RAX: ffffffffffffffda RBX: 00007fa0ebbb5fa0 RCX: 00007fa0eb98e929
[ 1884.009074][T19583] RDX: 0000000000000810 RSI: 0000200000000000 RDI: 0000000000000003
[ 1884.009088][T19583] RBP: 00007fa0ec7a9090 R08: 0000000000000000 R09: 0000000000000000
[ 1884.009102][T19583] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1884.009113][T19583] R13: 0000000000000000 R14: 00007fa0ebbb5fa0 R15: 00007ffd6baa9d68
[ 1884.009146][T19583]  </TASK>
[ 1884.417766][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1884.435839][T19572] fuse: Bad value for 'user_id'
[ 1884.441505][T19572] fuse: Bad value for 'user_id'
[ 1884.449114][T19572] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1884.458474][T19572] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1884.468958][T19572] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1884.477999][T19572] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1884.726221][T19591] IPVS: Error connecting to the multicast addr
[ 1884.934212][T19595] netlink: 20 bytes leftover after parsing attributes in process `syz.9.3391'.
[ 1885.239858][    T9] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[ 1885.478947][    T9] usb 7-1: config 0 has an invalid interface number: 117 but max is 0
[ 1885.492561][    T9] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1885.503209][    T9] usb 7-1: config 0 has no interface number 0
[ 1885.509396][    T9] usb 7-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[ 1885.529703][    T9] usb 7-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1885.587534][    T9] usb 7-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[ 1885.605321][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1885.644432][    T9] usb 7-1: Product: syz
[ 1885.654623][    T9] usb 7-1: Manufacturer: syz
[ 1885.659311][    T9] usb 7-1: SerialNumber: syz
[ 1885.692461][    T9] usb 7-1: config 0 descriptor??
[ 1886.759701][T17283] usb 9-1: 0:2 : does not exist
[ 1886.896382][ T5838] usb 7-1: USB disconnect, device number 14
[ 1886.905573][T17283] usb 9-1: USB disconnect, device number 4
[ 1887.760300][    T9] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[ 1887.939742][    T9] usb 1-1: Using ep0 maxpacket: 8
[ 1887.978659][    T9] usb 1-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[ 1888.008147][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1888.037047][    T9] usb 1-1: Product: syz
[ 1888.047993][    T9] usb 1-1: Manufacturer: syz
[ 1888.054006][    T9] usb 1-1: SerialNumber: syz
[ 1888.062071][    T9] usb 1-1: config 0 descriptor??
[ 1888.071490][    T9] gspca_main: sonixj-2.14.0 probing 0c45:613a
[ 1888.131769][T19636] netlink: 56 bytes leftover after parsing attributes in process `syz.7.3404'.
[ 1888.635861][T19644] netlink: 20 bytes leftover after parsing attributes in process `syz.8.3406'.
[ 1888.945131][T19647] FAULT_INJECTION: forcing a failure.
[ 1888.945131][T19647] name failslab, interval 1, probability 0, space 0, times 0
[ 1888.986291][T19647] CPU: 1 UID: 0 PID: 19647 Comm: syz.9.3407 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1888.986323][T19647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1888.986336][T19647] Call Trace:
[ 1888.986346][T19647]  <TASK>
[ 1888.986355][T19647]  dump_stack_lvl+0x189/0x250
[ 1888.986385][T19647]  ? __pfx____ratelimit+0x10/0x10
[ 1888.986418][T19647]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1888.986441][T19647]  ? __pfx__printk+0x10/0x10
[ 1888.986473][T19647]  ? __pfx___might_resched+0x10/0x10
[ 1888.986495][T19647]  ? fs_reclaim_acquire+0x7d/0x100
[ 1888.986522][T19647]  should_fail_ex+0x414/0x560
[ 1888.986557][T19647]  should_failslab+0xa8/0x100
[ 1888.986594][T19647]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[ 1888.986624][T19647]  ? __d_alloc+0x31/0x6f0
[ 1888.986652][T19647]  __d_alloc+0x31/0x6f0
[ 1888.986682][T19647]  d_alloc_parallel+0xe0/0x14e0
[ 1888.986728][T19647]  ? __lock_acquire+0xab9/0xd20
[ 1888.986749][T19647]  ? __pfx_d_alloc_parallel+0x10/0x10
[ 1888.986780][T19647]  ? __raw_spin_lock_init+0x45/0x100
[ 1888.986810][T19647]  ? __init_waitqueue_head+0xa9/0x150
[ 1888.986845][T19647]  __lookup_slow+0x116/0x3d0
[ 1888.986872][T19647]  ? __pfx___lookup_slow+0x10/0x10
[ 1888.986904][T19647]  ? generic_permission+0x2db/0x690
[ 1888.986931][T19647]  ? down_read+0x1ad/0x2e0
[ 1888.986966][T19647]  lookup_slow+0x53/0x70
[ 1888.986991][T19647]  link_path_walk+0x935/0xea0
[ 1888.987033][T19647]  path_openat+0x28c/0x3830
[ 1888.987057][T19647]  ? arch_stack_walk+0xfc/0x150
[ 1888.987120][T19647]  ? __pfx_path_openat+0x10/0x10
[ 1888.987143][T19647]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1888.987199][T19647]  do_filp_open+0x1fa/0x410
[ 1888.987222][T19647]  ? __lock_acquire+0xab9/0xd20
[ 1888.987243][T19647]  ? __pfx_do_filp_open+0x10/0x10
[ 1888.987279][T19647]  ? __pfx_kfree_link+0x10/0x10
[ 1888.987408][T19647]  ? _raw_spin_unlock+0x28/0x50
[ 1888.987433][T19647]  ? alloc_fd+0x64c/0x6c0
[ 1888.987474][T19647]  do_sys_openat2+0x121/0x1c0
[ 1888.987500][T19647]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1888.987525][T19647]  ? ksys_write+0x22a/0x250
[ 1888.987554][T19647]  ? __pfx_ksys_write+0x10/0x10
[ 1888.987585][T19647]  __x64_sys_openat+0x138/0x170
[ 1888.987614][T19647]  do_syscall_64+0xfa/0x3b0
[ 1888.987632][T19647]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1888.987661][T19647]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1888.987681][T19647]  ? clear_bhb_loop+0x60/0xb0
[ 1888.987705][T19647]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1888.987725][T19647] RIP: 0033:0x7f962438d290
[ 1888.987743][T19647] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[ 1888.987760][T19647] RSP: 002b:00007f9625134f70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1888.987782][T19647] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f962438d290
[ 1888.987796][T19647] RDX: 0000000000000000 RSI: 00007f9624410c51 RDI: 00000000ffffff9c
[ 1888.987809][T19647] RBP: 00007f9624410c51 R08: 0000000000000000 R09: 0000000000000000
[ 1888.987821][T19647] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1888.987832][T19647] R13: 0000000000000001 R14: 00007f96245b5fa0 R15: 00007ffdb0ec6388
[ 1888.987864][T19647]  </TASK>
[ 1889.879186][T19659] netlink: 36 bytes leftover after parsing attributes in process `syz.9.3412'.
[ 1890.274686][T19659] netlink: 'syz.9.3412': attribute type 1 has an invalid length.
[ 1890.406493][T19665] gretap1: entered promiscuous mode
[ 1890.576993][T19660] kvm: requested 9219 ns i8254 timer period limited to 200000 ns
[ 1890.673617][T19660] kvm: requested 92190 ns i8254 timer period limited to 200000 ns
[ 1890.748230][T19677] FAULT_INJECTION: forcing a failure.
[ 1890.748230][T19677] name failslab, interval 1, probability 0, space 0, times 0
[ 1890.800640][T19677] CPU: 0 UID: 0 PID: 19677 Comm: syz.6.3415 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1890.800672][T19677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1890.800686][T19677] Call Trace:
[ 1890.800694][T19677]  <TASK>
[ 1890.800703][T19677]  dump_stack_lvl+0x189/0x250
[ 1890.800736][T19677]  ? __pfx____ratelimit+0x10/0x10
[ 1890.800769][T19677]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1890.800792][T19677]  ? __pfx__printk+0x10/0x10
[ 1890.800824][T19677]  ? __pfx___might_resched+0x10/0x10
[ 1890.800847][T19677]  ? fs_reclaim_acquire+0x7d/0x100
[ 1890.800873][T19677]  should_fail_ex+0x414/0x560
[ 1890.800909][T19677]  should_failslab+0xa8/0x100
[ 1890.800942][T19677]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1890.800972][T19677]  ? rtnl_newlink+0xed/0x1c70
[ 1890.801106][T19677]  ? kasan_save_free_info+0x46/0x50
[ 1890.801139][T19677]  rtnl_newlink+0xed/0x1c70
[ 1890.801160][T19677]  ? netlink_sendmsg+0x805/0xb30
[ 1890.801182][T19677]  ? __sock_sendmsg+0x219/0x270
[ 1890.801212][T19677]  ? ____sys_sendmsg+0x505/0x830
[ 1890.801236][T19677]  ? ___sys_sendmsg+0x21f/0x2a0
[ 1890.801258][T19677]  ? __x64_sys_sendmsg+0x19b/0x260
[ 1890.801282][T19677]  ? do_syscall_64+0xfa/0x3b0
[ 1890.801300][T19677]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1890.801330][T19677]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1890.801377][T19677]  ? kasan_quarantine_put+0xdd/0x220
[ 1890.801404][T19677]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1890.801442][T19677]  ? nlmon_xmit+0xb0/0x100
[ 1890.801505][T19677]  ? kmem_cache_free+0x18f/0x400
[ 1890.801543][T19677]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1890.801573][T19677]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1890.801605][T19677]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1890.801626][T19677]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1890.801653][T19677]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1890.801681][T19677]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1890.801708][T19677]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1890.801737][T19677]  ? __dev_queue_xmit+0x1cd7/0x3a70
[ 1890.801771][T19677]  ? __lock_acquire+0xab9/0xd20
[ 1890.801819][T19677]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1890.801840][T19677]  rtnetlink_rcv_msg+0x7cc/0xb70
[ 1890.801866][T19677]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1890.801887][T19677]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1890.801906][T19677]  ? ref_tracker_free+0x63a/0x7d0
[ 1890.801934][T19677]  ? __copy_skb_header+0xa7/0x550
[ 1890.801963][T19677]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1890.802006][T19677]  netlink_rcv_skb+0x208/0x470
[ 1890.802031][T19677]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1890.802054][T19677]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1890.802093][T19677]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1890.802117][T19677]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1890.802158][T19677]  netlink_unicast+0x75c/0x8e0
[ 1890.802192][T19677]  netlink_sendmsg+0x805/0xb30
[ 1890.802227][T19677]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1890.802261][T19677]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1890.802291][T19677]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1890.802316][T19677]  __sock_sendmsg+0x219/0x270
[ 1890.802350][T19677]  ____sys_sendmsg+0x505/0x830
[ 1890.802382][T19677]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1890.802417][T19677]  ? import_iovec+0x74/0xa0
[ 1890.802444][T19677]  ___sys_sendmsg+0x21f/0x2a0
[ 1890.802473][T19677]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1890.802539][T19677]  ? __fget_files+0x2a/0x420
[ 1890.802558][T19677]  ? __fget_files+0x3a0/0x420
[ 1890.802589][T19677]  __x64_sys_sendmsg+0x19b/0x260
[ 1890.802619][T19677]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1890.802656][T19677]  ? __pfx_ksys_write+0x10/0x10
[ 1890.802682][T19677]  ? rcu_is_watching+0x15/0xb0
[ 1890.802710][T19677]  ? do_syscall_64+0xbe/0x3b0
[ 1890.802735][T19677]  do_syscall_64+0xfa/0x3b0
[ 1890.802755][T19677]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1890.802775][T19677]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1890.802796][T19677]  ? clear_bhb_loop+0x60/0xb0
[ 1890.802821][T19677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1890.802841][T19677] RIP: 0033:0x7ff001f8e929
[ 1890.802859][T19677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1890.802877][T19677] RSP: 002b:00007ff002e0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1890.802900][T19677] RAX: ffffffffffffffda RBX: 00007ff0021b5fa0 RCX: 00007ff001f8e929
[ 1890.802914][T19677] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[ 1890.802927][T19677] RBP: 00007ff002e0f090 R08: 0000000000000000 R09: 0000000000000000
[ 1890.802946][T19677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1890.802958][T19677] R13: 0000000000000000 R14: 00007ff0021b5fa0 R15: 00007ffc23a91c08
[ 1890.802991][T19677]  </TASK>
[ 1891.274507][    T9] gspca_sonixj: reg_w1 err -110
[ 1891.329749][    T9] sonixj 1-1:0.0: probe with driver sonixj failed with error -110
[ 1891.388222][T19683] netlink: 248 bytes leftover after parsing attributes in process `syz.6.3417'.
[ 1891.443206][T19683] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3417'.
[ 1891.456380][T19683] netlink: 48 bytes leftover after parsing attributes in process `syz.6.3417'.
[ 1891.858716][ T5838] usb 1-1: USB disconnect, device number 33
[ 1891.986719][T19698] netlink: 20 bytes leftover after parsing attributes in process `syz.9.3421'.
[ 1892.329548][ T5838] usb 1-1: new full-speed USB device number 34 using dummy_hcd
[ 1892.492902][ T5838] usb 1-1: config 252 has an invalid descriptor of length 41, skipping remainder of the config
[ 1892.515029][ T5838] usb 1-1: config 252 has 0 interfaces, different from the descriptor's value: 1
[ 1892.553531][ T5838] usb 1-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=d7.67
[ 1892.567622][ T5838] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1892.598614][ T5838] usb 1-1: Product: syz
[ 1892.606221][ T5838] usb 1-1: Manufacturer: syz
[ 1892.617052][ T5838] usb 1-1: SerialNumber: syz
[ 1892.878136][ T5838] usb 1-1: USB disconnect, device number 34
[ 1893.019554][T18023] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[ 1893.675810][T18023] usb 7-1: New USB device found, idVendor=8420, idProduct=157a, bcdDevice=77.64
[ 1893.685089][T18023] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1893.693467][T18023] usb 7-1: Product: syz
[ 1893.704489][T18023] usb 7-1: Manufacturer: syz
[ 1893.709192][T18023] usb 7-1: SerialNumber: syz
[ 1893.718122][T18023] usb 7-1: config 0 descriptor??
[ 1894.147032][T19700] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1894.167871][T19700] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1894.206033][T11773] usb 7-1: USB disconnect, device number 15
[ 1895.146537][T19723] fuse: Unknown parameter 'grouM[id�'
[ 1895.427735][T19730] netlink: 16 bytes leftover after parsing attributes in process `syz.9.3432'.
[ 1895.957665][T19731] kernel read not supported for file /blkio.throttle.io_service_bytes_recursive (pid: 19731 comm: syz.7.3433)
[ 1896.034830][   T30] audit: type=1800 audit(1752561875.251:178): pid=19731 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.7.3433" name="blkio.throttle.io_service_bytes_recursive" dev="mqueue" ino=73465 res=0 errno=0
[ 1896.093642][T19735] netlink: 20 bytes leftover after parsing attributes in process `syz.8.3434'.
[ 1896.370500][ T5838] usb 10-1: new full-speed USB device number 4 using dummy_hcd
[ 1896.551866][ T5838] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1896.783730][ T5838] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1896.795333][ T5838] usb 10-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1896.805254][ T5838] usb 10-1: New USB device strings: Mfr=145, Product=0, SerialNumber=0
[ 1896.818691][ T5838] usb 10-1: Manufacturer: syz
[ 1896.826927][T19750] FAULT_INJECTION: forcing a failure.
[ 1896.826927][T19750] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1896.854974][ T5838] usb 10-1: config 0 descriptor??
[ 1896.945293][ T5838] hub 10-1:0.0: USB hub found
[ 1897.388745][T19737] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1897.395394][T19750] CPU: 0 UID: 0 PID: 19750 Comm: syz.0.3441 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1897.395444][T19750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1897.395459][T19750] Call Trace:
[ 1897.395469][T19750]  <TASK>
[ 1897.395480][T19750]  dump_stack_lvl+0x189/0x250
[ 1897.395515][T19750]  ? __pfx____ratelimit+0x10/0x10
[ 1897.395550][T19750]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1897.395576][T19750]  ? __pfx__printk+0x10/0x10
[ 1897.395622][T19750]  should_fail_ex+0x414/0x560
[ 1897.395664][T19750]  _copy_to_user+0x31/0xb0
[ 1897.395693][T19750]  simple_read_from_buffer+0xe1/0x170
[ 1897.395733][T19750]  proc_fail_nth_read+0x1df/0x250
[ 1897.395877][T19750]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1897.395907][T19750]  ? rw_verify_area+0x258/0x650
[ 1897.395937][T19750]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1897.395963][T19750]  vfs_read+0x200/0x980
[ 1897.396000][T19750]  ? __pfx___mutex_lock+0x10/0x10
[ 1897.396025][T19750]  ? __pfx_vfs_read+0x10/0x10
[ 1897.396056][T19750]  ? __fget_files+0x2a/0x420
[ 1897.396084][T19750]  ? __fget_files+0x3a0/0x420
[ 1897.396103][T19750]  ? __fget_files+0x2a/0x420
[ 1897.396136][T19750]  ksys_read+0x145/0x250
[ 1897.396171][T19750]  ? __pfx_ksys_read+0x10/0x10
[ 1897.396198][T19750]  ? rcu_is_watching+0x15/0xb0
[ 1897.396230][T19750]  ? do_syscall_64+0xbe/0x3b0
[ 1897.396258][T19750]  do_syscall_64+0xfa/0x3b0
[ 1897.396279][T19750]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1897.396312][T19750]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1897.396336][T19750]  ? clear_bhb_loop+0x60/0xb0
[ 1897.396364][T19750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1897.396386][T19750] RIP: 0033:0x7fa0eb98d33c
[ 1897.396409][T19750] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1897.396437][T19750] RSP: 002b:00007fa0ec7a9030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1897.396461][T19750] RAX: ffffffffffffffda RBX: 00007fa0ebbb5fa0 RCX: 00007fa0eb98d33c
[ 1897.396479][T19750] RDX: 000000000000000f RSI: 00007fa0ec7a90a0 RDI: 0000000000000005
[ 1897.396494][T19750] RBP: 00007fa0ec7a9090 R08: 0000000000000000 R09: 0000000000000000
[ 1897.396507][T19750] R10: 0000000004000881 R11: 0000000000000246 R12: 0000000000000001
[ 1897.396522][T19750] R13: 0000000000000000 R14: 00007fa0ebbb5fa0 R15: 00007ffd6baa9d68
[ 1897.396559][T19750]  </TASK>
[ 1897.597475][T19758] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3444'.
[ 1897.645272][T19737] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1897.654106][T19758] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3444'.
[ 1897.796755][T19761] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3444'.
[ 1897.978181][ T5838] hub 10-1:0.0: 6 ports detected
[ 1898.013861][ T5838] hub 10-1:0.0: insufficient power available to use all downstream ports
[ 1898.571420][T19769] xt_CT: No such helper "netbios-ns"
[ 1898.877160][T19773] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3445'.
[ 1898.967149][ T5838] hub 10-1:0.0: hub_hub_status failed (err = -71)
[ 1899.024876][ T5838] hub 10-1:0.0: config failed, can't get hub status (err -71)
[ 1899.364512][ T5838] usbhid 10-1:0.0: can't add hid device: -71
[ 1899.399698][ T5838] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[ 1899.472898][ T5838] usb 10-1: USB disconnect, device number 4
[ 1899.819067][T19792] FAULT_INJECTION: forcing a failure.
[ 1899.819067][T19792] name failslab, interval 1, probability 0, space 0, times 0
[ 1899.839925][T19788] syzkaller1: entered promiscuous mode
[ 1899.850090][T19788] syzkaller1: entered allmulticast mode
[ 1899.871815][T19792] CPU: 0 UID: 0 PID: 19792 Comm: syz.7.3453 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1899.871848][T19792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1899.871861][T19792] Call Trace:
[ 1899.871869][T19792]  <TASK>
[ 1899.871879][T19792]  dump_stack_lvl+0x189/0x250
[ 1899.871909][T19792]  ? __pfx____ratelimit+0x10/0x10
[ 1899.871942][T19792]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1899.871965][T19792]  ? __pfx__printk+0x10/0x10
[ 1899.871995][T19792]  ? __pfx___might_resched+0x10/0x10
[ 1899.872018][T19792]  ? fs_reclaim_acquire+0x7d/0x100
[ 1899.872045][T19792]  should_fail_ex+0x414/0x560
[ 1899.872079][T19792]  ? __pfx_proc_alloc_inode+0x10/0x10
[ 1899.872180][T19792]  should_failslab+0xa8/0x100
[ 1899.872213][T19792]  ? __pfx_proc_alloc_inode+0x10/0x10
[ 1899.872231][T19792]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[ 1899.872260][T19792]  ? proc_alloc_inode+0x2a/0xc0
[ 1899.872286][T19792]  ? __pfx_proc_alloc_inode+0x10/0x10
[ 1899.872307][T19792]  proc_alloc_inode+0x2a/0xc0
[ 1899.872329][T19792]  alloc_inode+0x67/0x1b0
[ 1899.872362][T19792]  new_inode+0x22/0x170
[ 1899.872386][T19792]  proc_pid_make_inode+0x21/0x130
[ 1899.872415][T19792]  proc_pident_instantiate+0x6d/0x2b0
[ 1899.872449][T19792]  proc_pident_lookup+0x1b3/0x290
[ 1899.872487][T19792]  __lookup_slow+0x297/0x3d0
[ 1899.872525][T19792]  ? __pfx___lookup_slow+0x10/0x10
[ 1899.872558][T19792]  ? generic_permission+0x2db/0x690
[ 1899.872586][T19792]  ? down_read+0x1ad/0x2e0
[ 1899.872611][T19792]  lookup_slow+0x53/0x70
[ 1899.872637][T19792]  link_path_walk+0x935/0xea0
[ 1899.872677][T19792]  path_openat+0x28c/0x3830
[ 1899.872701][T19792]  ? arch_stack_walk+0xfc/0x150
[ 1899.872764][T19792]  ? __pfx_path_openat+0x10/0x10
[ 1899.872788][T19792]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1899.872833][T19792]  do_filp_open+0x1fa/0x410
[ 1899.872857][T19792]  ? __lock_acquire+0xab9/0xd20
[ 1899.872880][T19792]  ? __pfx_do_filp_open+0x10/0x10
[ 1899.872918][T19792]  ? __pfx_kfree_link+0x10/0x10
[ 1899.872960][T19792]  ? _raw_spin_unlock+0x28/0x50
[ 1899.872987][T19792]  ? alloc_fd+0x64c/0x6c0
[ 1899.873031][T19792]  do_sys_openat2+0x121/0x1c0
[ 1899.873058][T19792]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1899.873083][T19792]  ? ksys_write+0x22a/0x250
[ 1899.873114][T19792]  ? __pfx_ksys_write+0x10/0x10
[ 1899.873146][T19792]  __x64_sys_openat+0x138/0x170
[ 1899.873175][T19792]  do_syscall_64+0xfa/0x3b0
[ 1899.873194][T19792]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1899.873224][T19792]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1899.873244][T19792]  ? clear_bhb_loop+0x60/0xb0
[ 1899.873271][T19792]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1899.873291][T19792] RIP: 0033:0x7fd33cf8d290
[ 1899.873310][T19792] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[ 1899.873328][T19792] RSP: 002b:00007fd33dd4bf70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1899.873350][T19792] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fd33cf8d290
[ 1899.873365][T19792] RDX: 0000000000000000 RSI: 00007fd33d010c51 RDI: 00000000ffffff9c
[ 1899.873378][T19792] RBP: 00007fd33d010c51 R08: 0000000000000000 R09: 0000000000000000
[ 1899.873391][T19792] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1899.873403][T19792] R13: 0000000000000001 R14: 00007fd33d1b5fa0 R15: 00007ffc3bf6e6b8
[ 1899.873437][T19792]  </TASK>
[ 1900.976789][T19801] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3454'.
[ 1902.165518][T19813] xt_CT: No such helper "netbios-ns"
[ 1903.019753][T19823] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3459'.
[ 1904.702169][   T30] audit: type=1326 audit(1752561883.901:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19840 comm="syz.6.3466" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff001f8e929 code=0x0
[ 1904.723167][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1905.888321][   T30] audit: type=1326 audit(1752561885.071:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19850 comm="syz.8.3469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c2bd8e929 code=0x7ffc0000
[ 1905.954727][   T30] audit: type=1326 audit(1752561885.071:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19850 comm="syz.8.3469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f4c2bd8e929 code=0x7ffc0000
[ 1906.726656][T19862] xt_CT: No such helper "netbios-ns"
[ 1906.747018][   T30] audit: type=1326 audit(1752561885.071:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19850 comm="syz.8.3469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c2bd8e929 code=0x7ffc0000
[ 1907.349747][   T30] audit: type=1326 audit(1752561885.071:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19850 comm="syz.8.3469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4c2bd8d290 code=0x7ffc0000
[ 1907.417178][   T30] audit: type=1326 audit(1752561885.081:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19850 comm="syz.8.3469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c2bd8e929 code=0x7ffc0000
[ 1907.438818][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1907.519606][   T30] audit: type=1326 audit(1752561885.091:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19850 comm="syz.8.3469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c2bd8e929 code=0x7ffc0000
[ 1907.541244][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1908.134141][T18023] usb 7-1: new high-speed USB device number 16 using dummy_hcd
[ 1908.375955][T18023] usb 7-1: too many configurations: 215, using maximum allowed: 8
[ 1908.616644][T18023] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1908.642756][T18023] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1908.664814][T18023] usb 7-1: Product: syz
[ 1908.677642][T18023] usb 7-1: Manufacturer: syz
[ 1908.692833][T18023] usb 7-1: SerialNumber: syz
[ 1908.731897][T18023] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1908.791411][    T9] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1909.263184][T19904] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3484'.
[ 1909.320569][T19904] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3484'.
[ 1909.916936][  T978] usb 7-1: USB disconnect, device number 16
[ 1910.349672][    T9] usb 7-1: Service connection timeout for: 256
[ 1911.159404][    T9] ath9k_htc 7-1:1.0: ath9k_htc: Unable to initialize HTC services
[ 1911.176157][    T9] ath9k_htc: Failed to initialize the device
[ 1911.572557][  T978] usb 7-1: ath9k_htc: USB layer deinitialized
[ 1912.493141][T19922] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3488'.
[ 1912.813768][T19931] FAULT_INJECTION: forcing a failure.
[ 1912.813768][T19931] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1912.852873][T19931] CPU: 1 UID: 0 PID: 19931 Comm: syz.6.3492 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1912.852906][T19931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1912.852919][T19931] Call Trace:
[ 1912.852928][T19931]  <TASK>
[ 1912.852938][T19931]  dump_stack_lvl+0x189/0x250
[ 1912.852968][T19931]  ? __pfx____ratelimit+0x10/0x10
[ 1912.853001][T19931]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1912.853024][T19931]  ? __pfx__printk+0x10/0x10
[ 1912.853050][T19931]  ? __might_fault+0xb0/0x130
[ 1912.853092][T19931]  should_fail_ex+0x414/0x560
[ 1912.853127][T19931]  _copy_from_user+0x2d/0xb0
[ 1912.853152][T19931]  __sys_bind+0x199/0x3e0
[ 1912.853177][T19931]  ? __pfx___sys_bind+0x10/0x10
[ 1912.853212][T19931]  ? __pfx_ksys_write+0x10/0x10
[ 1912.853236][T19931]  ? rcu_is_watching+0x15/0xb0
[ 1912.853268][T19931]  __x64_sys_bind+0x7a/0x90
[ 1912.853290][T19931]  do_syscall_64+0xfa/0x3b0
[ 1912.853309][T19931]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1912.853340][T19931]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1912.853360][T19931]  ? clear_bhb_loop+0x60/0xb0
[ 1912.853385][T19931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1912.853405][T19931] RIP: 0033:0x7ff001f8e929
[ 1912.853423][T19931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1912.853440][T19931] RSP: 002b:00007ff002e0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[ 1912.853462][T19931] RAX: ffffffffffffffda RBX: 00007ff0021b5fa0 RCX: 00007ff001f8e929
[ 1912.853477][T19931] RDX: 0000000000000014 RSI: 0000200000000180 RDI: 0000000000000004
[ 1912.853489][T19931] RBP: 00007ff002e0f090 R08: 0000000000000000 R09: 0000000000000000
[ 1912.853502][T19931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1912.853514][T19931] R13: 0000000000000000 R14: 00007ff0021b5fa0 R15: 00007ffc23a91c08
[ 1912.853546][T19931]  </TASK>
[ 1913.046695][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1913.189705][  T978] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[ 1913.205683][   T30] audit: type=1326 audit(1752561892.421:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19932 comm="syz.7.3495" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd33cf8e929 code=0x0
[ 1913.389949][  T978] usb 1-1: Using ep0 maxpacket: 32
[ 1913.400611][  T978] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1913.422725][  T978] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1913.442933][  T978] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1913.444548][T19942] FAULT_INJECTION: forcing a failure.
[ 1913.444548][T19942] name failslab, interval 1, probability 0, space 0, times 0
[ 1913.454050][  T978] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1913.476991][T19942] CPU: 1 UID: 0 PID: 19942 Comm: syz.9.3497 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1913.477021][T19942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1913.477034][T19942] Call Trace:
[ 1913.477042][T19942]  <TASK>
[ 1913.477051][T19942]  dump_stack_lvl+0x189/0x250
[ 1913.477080][T19942]  ? __pfx____ratelimit+0x10/0x10
[ 1913.477112][T19942]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1913.477134][T19942]  ? __pfx__printk+0x10/0x10
[ 1913.477164][T19942]  ? __mutex_trylock_common+0x153/0x260
[ 1913.477198][T19942]  should_fail_ex+0x414/0x560
[ 1913.477232][T19942]  should_failslab+0xa8/0x100
[ 1913.477267][T19942]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1913.477297][T19942]  ? __hw_addr_add_ex+0x1f4/0x770
[ 1913.477384][T19942]  __hw_addr_add_ex+0x1f4/0x770
[ 1913.477418][T19942]  dev_addr_init+0x14f/0x230
[ 1913.477449][T19942]  ? __pfx_dev_addr_init+0x10/0x10
[ 1913.477475][T19942]  ? alloc_netdev_mqs+0xa6/0x11e0
[ 1913.477531][T19942]  alloc_netdev_mqs+0x2f3/0x11e0
[ 1913.477560][T19942]  ? __pfx_br_dev_setup+0x10/0x10
[ 1913.477650][T19942]  rtnl_create_link+0x31f/0xd10
[ 1913.477689][T19942]  rtnl_newlink_create+0x25c/0xb00
[ 1913.477721][T19942]  ? __lock_acquire+0xab9/0xd20
[ 1913.477747][T19942]  ? __pfx_rtnl_newlink_create+0x10/0x10
[ 1913.477769][T19942]  ? rtnl_newlink+0x8db/0x1c70
[ 1913.477795][T19942]  ? __pfx___mutex_lock+0x10/0x10
[ 1913.477827][T19942]  ? ns_capable+0x8a/0xf0
[ 1913.477862][T19942]  rtnl_newlink+0x16d6/0x1c70
[ 1913.477887][T19942]  ? netlink_sendmsg+0x805/0xb30
[ 1913.477927][T19942]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1913.477977][T19942]  ? kasan_quarantine_put+0xdd/0x220
[ 1913.478004][T19942]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1913.478042][T19942]  ? nlmon_xmit+0xb0/0x100
[ 1913.478062][T19942]  ? kmem_cache_free+0x18f/0x400
[ 1913.478101][T19942]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1913.478124][T19942]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1913.478157][T19942]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1913.478201][T19942]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1913.478229][T19942]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1913.478259][T19942]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1913.478286][T19942]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1913.478316][T19942]  ? __dev_queue_xmit+0x1cd7/0x3a70
[ 1913.478349][T19942]  ? __lock_acquire+0xab9/0xd20
[ 1913.478398][T19942]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1913.478420][T19942]  rtnetlink_rcv_msg+0x7cc/0xb70
[ 1913.478447][T19942]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1913.478468][T19942]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1913.478488][T19942]  ? ref_tracker_free+0x63a/0x7d0
[ 1913.478524][T19942]  ? __copy_skb_header+0xa7/0x550
[ 1913.478554][T19942]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1913.478598][T19942]  netlink_rcv_skb+0x208/0x470
[ 1913.478624][T19942]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1913.478648][T19942]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1913.478688][T19942]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1913.478712][T19942]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1913.478743][T19942]  netlink_unicast+0x75c/0x8e0
[ 1913.478778][T19942]  netlink_sendmsg+0x805/0xb30
[ 1913.478812][T19942]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1913.478846][T19942]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1913.478876][T19942]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1913.478901][T19942]  __sock_sendmsg+0x219/0x270
[ 1913.478937][T19942]  ____sys_sendmsg+0x505/0x830
[ 1913.478970][T19942]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1913.479005][T19942]  ? import_iovec+0x74/0xa0
[ 1913.479033][T19942]  ___sys_sendmsg+0x21f/0x2a0
[ 1913.479063][T19942]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1913.479133][T19942]  ? __fget_files+0x2a/0x420
[ 1913.479152][T19942]  ? __fget_files+0x3a0/0x420
[ 1913.479184][T19942]  __x64_sys_sendmsg+0x19b/0x260
[ 1913.479215][T19942]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1913.479254][T19942]  ? __pfx_ksys_write+0x10/0x10
[ 1913.479282][T19942]  ? rcu_is_watching+0x15/0xb0
[ 1913.479312][T19942]  ? do_syscall_64+0xbe/0x3b0
[ 1913.479337][T19942]  do_syscall_64+0xfa/0x3b0
[ 1913.479355][T19942]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1913.479385][T19942]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1913.479405][T19942]  ? clear_bhb_loop+0x60/0xb0
[ 1913.479430][T19942]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1913.479449][T19942] RIP: 0033:0x7f962438e929
[ 1913.479468][T19942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1913.479486][T19942] RSP: 002b:00007f9625135038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1913.479515][T19942] RAX: ffffffffffffffda RBX: 00007f96245b5fa0 RCX: 00007f962438e929
[ 1913.479530][T19942] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[ 1913.479543][T19942] RBP: 00007f9625135090 R08: 0000000000000000 R09: 0000000000000000
[ 1913.479557][T19942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1913.479570][T19942] R13: 0000000000000000 R14: 00007f96245b5fa0 R15: 00007ffdb0ec6388
[ 1913.479606][T19942]  </TASK>
[ 1913.502787][  T978] usb 1-1: config 0 descriptor??
[ 1913.505254][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1913.962256][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1914.160823][ T5906] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1914.235368][  T978] ft260 0003:0403:6030.000F: unknown main item tag 0x0
[ 1914.354995][ T5906] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1914.365163][ T5906] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 1914.375100][ T5906] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1914.385037][ T5906] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[ 1914.395074][ T5906] usb 9-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[ 1914.404226][ T5906] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1914.523369][ T5906] usb 9-1: config 0 descriptor??
[ 1914.625293][T11773] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[ 1914.633880][  T978] ft260 0003:0403:6030.000F: chip code: 6424 8183
[ 1914.931844][ T5906] hdpvr 9-1:0.0: firmware version 0x0 dated 
[ 1915.015166][ T5906] hdpvr 9-1:0.0: untested firmware, the driver might not work.
[ 1915.142738][  T978] ft260 0003:0403:6030.000F: failed to retrieve system status
[ 1915.169966][  T978] ft260 0003:0403:6030.000F: probe with driver ft260 failed with error -32
[ 1915.209571][T11773] usb 10-1: device descriptor read/64, error -71
[ 1915.411888][T19955] sctp: [Deprecated]: syz.0.3494 (pid 19955) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1915.411888][T19955] Use struct sctp_sack_info instead
[ 1915.428840][ T5906] hdpvr 9-1:0.0: device init failed
[ 1915.434475][ T5906] hdpvr 9-1:0.0: probe with driver hdpvr failed with error -12
[ 1915.451061][ T5906] usb 9-1: USB disconnect, device number 5
[ 1915.453324][T11773] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[ 1915.629632][T11773] usb 10-1: device descriptor read/64, error -71
[ 1915.759905][T11773] usb usb10-port1: attempt power cycle
[ 1916.210872][T11773] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[ 1916.346624][T11773] usb 10-1: device descriptor read/8, error -71
[ 1916.370312][ T5906] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[ 1916.636206][ T5906] usb 9-1: config 0 has an invalid interface number: 197 but max is 0
[ 1916.664144][ T5906] usb 9-1: config 0 has no interface number 0
[ 1916.678952][ T5838] usb 1-1: USB disconnect, device number 35
[ 1916.692512][ T5906] usb 9-1: config 0 interface 197 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 8
[ 1916.738245][ T5906] usb 9-1: config 0 interface 197 altsetting 0 endpoint 0xC has invalid maxpacket 1023, setting to 64
[ 1916.749684][T11773] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[ 1916.765732][ T5906] usb 9-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=bb.42
[ 1916.776823][ T5906] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1916.785761][T11773] usb 10-1: device descriptor read/8, error -71
[ 1916.794772][ T5906] usb 9-1: Product: syz
[ 1916.799148][ T5906] usb 9-1: Manufacturer: syz
[ 1916.805584][ T5906] usb 9-1: SerialNumber: syz
[ 1916.821574][ T5906] usb 9-1: config 0 descriptor??
[ 1916.827518][T19972] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[ 1916.900605][T11773] usb usb10-port1: unable to enumerate USB device
[ 1916.990285][T19981] netlink: 292 bytes leftover after parsing attributes in process `syz.0.3509'.
[ 1917.089806][ T5906] usb 9-1: USB disconnect, device number 6
[ 1918.114456][T17283] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[ 1918.316650][T17283] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1918.366547][T19995] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3514'.
[ 1918.388248][T17283] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1918.523404][T17283] usb 7-1: New USB device found, idVendor=07c0, idProduct=1524, bcdDevice= 0.00
[ 1918.680066][T17283] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1918.742763][T17283] usb 7-1: config 0 descriptor??
[ 1919.109993][T18023] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[ 1919.229982][    C0] raw-gadget.1 gadget.0: ignoring, device is not running
[ 1919.391972][T18023] usb 1-1: device descriptor read/64, error -32
[ 1919.518297][T20018] netlink: 20 bytes leftover after parsing attributes in process `syz.7.3520'.
[ 1919.562925][T20020] netlink: 292 bytes leftover after parsing attributes in process `syz.9.3522'.
[ 1919.792745][T18023] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[ 1919.810247][T20025] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3524'.
[ 1920.195730][T17283] usb 7-1: USB disconnect, device number 17
[ 1920.404854][T18023] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1920.424632][T18023] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1920.455205][T18023] usb 1-1: Product: syz
[ 1920.460587][T18023] usb 1-1: Manufacturer: syz
[ 1920.465936][T18023] usb 1-1: SerialNumber: syz
[ 1920.477643][T18023] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1920.514148][T11773] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1920.777762][T17283] hid-generic 0000:0000:0000.0010: unknown main item tag 0x0
[ 1920.862383][T17283] hid-generic 0000:0000:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1921.211265][T20006] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1921.242498][T20006] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1923.650063][T11773] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[ 1923.669668][T11773] ath9k_htc: Failed to initialize the device
[ 1924.236085][  T978] usb 1-1: USB disconnect, device number 37
[ 1924.258453][  T978] usb 1-1: ath9k_htc: USB layer deinitialized
[ 1924.970545][T20054] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3532'.
[ 1925.007916][T20054] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3532'.
[ 1925.035597][T20054] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3532'.
[ 1925.046064][T20054] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3532'.
[ 1925.061495][T20057] netlink: 104 bytes leftover after parsing attributes in process `syz.7.3532'.
[ 1926.150148][ T5906] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[ 1926.361782][ T5906] usb 9-1: Using ep0 maxpacket: 32
[ 1926.438898][ T5906] usb 9-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 1926.522326][ T5906] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1926.569334][ T5906] usb 9-1: config 0 descriptor??
[ 1926.589392][T20076] IPVS: Error connecting to the multicast addr
[ 1926.815768][ T5906] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[ 1926.838767][ T5906] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1926.857082][ T5906] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[ 1926.865854][ T5906] usb 9-1: media controller created
[ 1926.908755][ T5906] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1928.556705][ T5906] stb0899_attach: Driver disabled by Kconfig
[ 1928.583852][ T5906] az6027: no front-end attached
[ 1928.583852][ T5906] 
[ 1928.612947][ T5906] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[ 1928.652428][ T5906] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.8/usb9/9-1/input/input29
[ 1928.681689][ T5906] dvb-usb: schedule remote query interval to 400 msecs.
[ 1928.689322][ T5906] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[ 1928.789249][T20101] x_tables: unsorted entry at hook 2
[ 1930.498388][  T978] usb 9-1: USB disconnect, device number 7
[ 1931.022406][  T978] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[ 1931.220329][T20133] netlink: 20 bytes leftover after parsing attributes in process `syz.9.3559'.
[ 1931.891425][ T5906] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[ 1932.132192][ T5906] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 1932.155196][ T5906] usb 1-1: config 0 has no interface number 0
[ 1932.185235][ T5906] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1932.198513][T20157] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3568'.
[ 1932.209717][ T5906] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1932.215941][T20157] netem: invalid attributes len -6
[ 1932.218905][ T5906] usb 1-1: Product: syz
[ 1932.235496][ T5906] usb 1-1: Manufacturer: syz
[ 1932.240594][T20157] netem: change failed
[ 1932.398539][ T5906] usb 1-1: SerialNumber: syz
[ 1932.408732][ T5906] usb 1-1: config 0 descriptor??
[ 1932.691381][ T5906] usb 1-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[ 1932.794072][T15771] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[ 1932.874450][ T5906] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1933.222259][ T5906] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[ 1933.380345][ T5906] usb 1-1: media controller created
[ 1933.418030][ T5906] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1933.440160][T15771] usb 10-1: unable to get BOS descriptor or descriptor too short
[ 1933.461514][T15771] usb 10-1: config 6 has an invalid interface number: 88 but max is 0
[ 1933.475731][T20163] block nbd6: shutting down sockets
[ 1933.499981][T15771] usb 10-1: config 6 has no interface number 0
[ 1933.528719][T15771] usb 10-1: config 6 interface 88 has no altsetting 0
[ 1933.574075][T15771] usb 10-1: New USB device found, idVendor=12d1, idProduct=0081, bcdDevice=af.d5
[ 1933.616675][T15771] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1933.645675][T15771] usb 10-1: Product: syz
[ 1933.657275][T20165] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1933.699722][T15771] usb 10-1: Manufacturer: syz
[ 1933.734096][T15771] usb 10-1: SerialNumber: syz
[ 1933.737074][T20165] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1933.878073][ T5906] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[ 1933.939065][ T5906] usb 1-1: USB disconnect, device number 38
[ 1933.983045][T15771] usb-storage 10-1:6.88: USB Mass Storage device detected
[ 1934.212898][T15771] usb 10-1: USB disconnect, device number 9
[ 1934.916261][T20191] mac80211_hwsim hwsim18 wlan1: entered promiscuous mode
[ 1934.924632][T20191] mac80211_hwsim hwsim18 wlan1: entered allmulticast mode
[ 1935.193155][T20198] netlink: 292 bytes leftover after parsing attributes in process `syz.7.3583'.
[ 1935.582703][T20217] netlink: 284 bytes leftover after parsing attributes in process `syz.9.3590'.
[ 1935.700003][ T5838] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[ 1936.440012][ T5838] usb 9-1: Using ep0 maxpacket: 8
[ 1936.448050][ T5838] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1936.459980][ T5838] usb 9-1: New USB device found, idVendor=20a0, idProduct=4287, bcdDevice= 0.00
[ 1936.469090][ T5838] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1936.521195][ T5838] usb 9-1: config 0 descriptor??
[ 1937.498128][ T5838] hid-u2fzero 0003:20A0:4287.0011: hidraw0: USB HID v0.03 Device [HID 20a0:4287] on usb-dummy_hcd.8-1/input0
[ 1937.507907][T20238] loop6: detected capacity change from 0 to 7
[ 1937.518889][    C1] blk_print_req_error: 5 callbacks suppressed
[ 1937.518909][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1937.534317][    C1] buffer_io_error: 6 callbacks suppressed
[ 1937.534333][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1937.558193][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1937.567457][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1937.577226][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1937.586481][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1937.595156][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1937.604449][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1937.604940][ T5838] hid-u2fzero 0003:20A0:4287.0011: NitroKey U2F LED initialised
[ 1937.623894][ T5838] hid-u2fzero 0003:20A0:4287.0011: NitroKey U2F RNG initialised
[ 1937.623976][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1937.640876][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1937.653440][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1937.662838][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1937.677202][  T978] usb 7-1: new high-speed USB device number 18 using dummy_hcd
[ 1937.684901][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1937.684941][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1937.699635][T20238] ldm_validate_partition_table(): Disk read failed.
[ 1937.723123][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1937.732433][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1937.747895][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1937.757195][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1937.775050][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[ 1937.784352][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1937.796153][T20238] Dev loop6: unable to read RDB block 0
[ 1937.807959][ T5838] usb 9-1: USB disconnect, device number 8
[ 1937.810306][T20238]  loop6: unable to read partition table
[ 1937.828643][T20238] loop6: partition table beyond EOD, truncated
[ 1937.837738][T20238] loop_reread_partitions: partition scan of loop6 (�被x������() failed (rc=-5)
[ 1937.881207][  T978] usb 7-1: Using ep0 maxpacket: 32
[ 1937.902076][  T978] usb 7-1: config 0 has an invalid interface number: 51 but max is 0
[ 1937.935435][  T978] usb 7-1: config 0 has no interface number 0
[ 1937.948191][  T978] usb 7-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1937.967130][  T978] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1937.989462][  T978] usb 7-1: Product: syz
[ 1937.997965][  T978] usb 7-1: Manufacturer: syz
[ 1938.016530][  T978] usb 7-1: SerialNumber: syz
[ 1938.033121][  T978] usb 7-1: config 0 descriptor??
[ 1938.047548][  T978] quatech2 7-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1938.102884][ T5906] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[ 1938.253733][  T978] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1938.297291][  T978] usb 7-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1938.467528][    C0] quatech-serial ttyUSB0: qt2_process_read_urb - unsupported command 138
[ 1938.482803][    C0] quatech-serial ttyUSB0: qt2_process_read_urb - unsupported command 138
[ 1938.570383][ T5906] usb 10-1: device descriptor read/64, error -71
[ 1938.699841][    C0] usb 7-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1938.708311][  T978] usb 7-1: USB disconnect, device number 18
[ 1938.725859][  T978] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1938.744041][  T978] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1938.770133][  T978] quatech2 7-1:0.51: device disconnected
[ 1938.830595][ T5906] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[ 1939.462842][ T5906] usb 10-1: device descriptor read/64, error -71
[ 1939.589454][ T5906] usb usb10-port1: attempt power cycle
[ 1939.776463][T20264] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=7 (14 ns) > initial count (10 ns). Using initial count to start timer.
[ 1939.939642][ T5906] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[ 1939.984966][ T5906] usb 10-1: device descriptor read/8, error -71
[ 1940.400159][ T5906] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[ 1940.431839][ T5906] usb 10-1: device descriptor read/8, error -71
[ 1940.564982][ T5906] usb usb10-port1: unable to enumerate USB device
[ 1942.509614][T12898] Bluetooth: hci5: command 0x0406 tx timeout
[ 1942.519753][T11773] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[ 1942.699545][T11773] usb 1-1: Using ep0 maxpacket: 8
[ 1942.711853][T11773] usb 1-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[ 1942.732930][T11773] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1942.752871][T11773] usb 1-1: Product: syz
[ 1942.762495][T11773] usb 1-1: Manufacturer: syz
[ 1942.772523][T11773] usb 1-1: SerialNumber: syz
[ 1942.788882][T11773] usb 1-1: config 0 descriptor??
[ 1942.807078][T11773] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[ 1942.824827][T11773] usb 1-1: setting power ON
[ 1942.842696][T11773] dvb-usb: bulk message failed: -22 (2/0)
[ 1942.863509][T11773] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1942.885325][T11773] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[ 1942.904869][T11773] usb 1-1: media controller created
[ 1943.109112][T11773] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1943.222732][ T5906] usb 7-1: new high-speed USB device number 19 using dummy_hcd
[ 1943.297593][T20299] dummy0: entered promiscuous mode
[ 1943.304431][T20299] vlan0: entered promiscuous mode
[ 1943.949569][ T5906] usb 7-1: Using ep0 maxpacket: 8
[ 1944.341828][ T5906] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 15
[ 1944.368064][ T5906] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1944.451569][T20329] libceph: resolve '.
[ 1944.451569][T20329] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[ 1944.451569][T20329] ' (ret=-3): failed
[ 1944.624545][ T5906] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1944.639040][ T5906] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1944.686443][T11773] usb 1-1: selecting invalid altsetting 6
[ 1944.692598][T11773] usb 1-1: digital interface selection failed (-22)
[ 1944.699307][T11773] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[ 1944.708695][T11773] usb 1-1: setting power OFF
[ 1944.849884][T11773] dvb-usb: bulk message failed: -22 (2/0)
[ 1944.923864][ T5906] usb 7-1: New USB device found, idVendor=077d, idProduct=04aa, bcdDevice=5b.d8
[ 1944.930527][T11773] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[ 1945.048542][T11773] (NULL device *): no alternate interface
[ 1945.066406][ T5906] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1945.119708][ T5906] usb 7-1: Product: syz
[ 1945.123961][ T5906] usb 7-1: Manufacturer: syz
[ 1945.177260][T11773] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[ 1945.177620][ T5906] usb 7-1: SerialNumber: syz
[ 1945.213347][   T30] audit: type=1326 audit(1752561924.421:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20300 comm="syz.6.3620" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff001f8e929 code=0x7fc00000
[ 1945.267625][T11773] usb 1-1: USB disconnect, device number 39
[ 1945.279108][ T5906] usb 7-1: config 0 descriptor??
[ 1945.302932][T20337] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[ 1945.333393][ T5906] usb 7-1: can't set config #0, error -71
[ 1945.362213][ T5906] usb 7-1: USB disconnect, device number 19
[ 1949.842150][T20419] FAULT_INJECTION: forcing a failure.
[ 1949.842150][T20419] name failslab, interval 1, probability 0, space 0, times 0
[ 1949.864642][T20419] CPU: 0 UID: 0 PID: 20419 Comm: syz.8.3656 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1949.864674][T20419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1949.864687][T20419] Call Trace:
[ 1949.864696][T20419]  <TASK>
[ 1949.864706][T20419]  dump_stack_lvl+0x189/0x250
[ 1949.864736][T20419]  ? __pfx____ratelimit+0x10/0x10
[ 1949.864769][T20419]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1949.864793][T20419]  ? __pfx__printk+0x10/0x10
[ 1949.864827][T20419]  ? __pfx___might_resched+0x10/0x10
[ 1949.864859][T20419]  ? fs_reclaim_acquire+0x7d/0x100
[ 1949.864885][T20419]  should_fail_ex+0x414/0x560
[ 1949.864921][T20419]  ? alloc_netdev_mqs+0xa8b/0x11e0
[ 1949.864949][T20419]  should_failslab+0xa8/0x100
[ 1949.864983][T20419]  __kvmalloc_node_noprof+0x161/0x5f0
[ 1949.865015][T20419]  ? alloc_netdev_mqs+0xa8b/0x11e0
[ 1949.865050][T20419]  alloc_netdev_mqs+0xa8b/0x11e0
[ 1949.865090][T20419]  rtnl_create_link+0x31f/0xd10
[ 1949.865128][T20419]  rtnl_newlink_create+0x25c/0xb00
[ 1949.865159][T20419]  ? __lock_acquire+0xab9/0xd20
[ 1949.865186][T20419]  ? __pfx_rtnl_newlink_create+0x10/0x10
[ 1949.865208][T20419]  ? rtnl_newlink+0x8db/0x1c70
[ 1949.865234][T20419]  ? __pfx___mutex_lock+0x10/0x10
[ 1949.865267][T20419]  ? ns_capable+0x8a/0xf0
[ 1949.865294][T20419]  rtnl_newlink+0x16d6/0x1c70
[ 1949.865318][T20419]  ? netlink_sendmsg+0x805/0xb30
[ 1949.865362][T20419]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1949.865409][T20419]  ? kasan_quarantine_put+0xdd/0x220
[ 1949.865436][T20419]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1949.865474][T20419]  ? nlmon_xmit+0xb0/0x100
[ 1949.865493][T20419]  ? kmem_cache_free+0x18f/0x400
[ 1949.865530][T20419]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1949.865552][T20419]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1949.865583][T20419]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1949.865605][T20419]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1949.865630][T20419]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1949.865659][T20419]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1949.865685][T20419]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1949.865713][T20419]  ? __dev_queue_xmit+0x1cd7/0x3a70
[ 1949.865749][T20419]  ? __lock_acquire+0xab9/0xd20
[ 1949.865799][T20419]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1949.865820][T20419]  rtnetlink_rcv_msg+0x7cc/0xb70
[ 1949.865854][T20419]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1949.865875][T20419]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1949.865895][T20419]  ? ref_tracker_free+0x63a/0x7d0
[ 1949.865923][T20419]  ? __copy_skb_header+0xa7/0x550
[ 1949.865953][T20419]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1949.865997][T20419]  netlink_rcv_skb+0x208/0x470
[ 1949.866023][T20419]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1949.866047][T20419]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1949.866088][T20419]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1949.866111][T20419]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1949.866142][T20419]  netlink_unicast+0x75c/0x8e0
[ 1949.866176][T20419]  netlink_sendmsg+0x805/0xb30
[ 1949.866212][T20419]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1949.866247][T20419]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1949.866276][T20419]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1949.866303][T20419]  __sock_sendmsg+0x219/0x270
[ 1949.866339][T20419]  ____sys_sendmsg+0x505/0x830
[ 1949.866372][T20419]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1949.866410][T20419]  ? import_iovec+0x74/0xa0
[ 1949.866439][T20419]  ___sys_sendmsg+0x21f/0x2a0
[ 1949.866469][T20419]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1949.866538][T20419]  ? __fget_files+0x2a/0x420
[ 1949.866557][T20419]  ? __fget_files+0x3a0/0x420
[ 1949.866588][T20419]  __x64_sys_sendmsg+0x19b/0x260
[ 1949.866618][T20419]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1949.866656][T20419]  ? __pfx_ksys_write+0x10/0x10
[ 1949.866683][T20419]  ? rcu_is_watching+0x15/0xb0
[ 1949.866712][T20419]  ? do_syscall_64+0xbe/0x3b0
[ 1949.866737][T20419]  do_syscall_64+0xfa/0x3b0
[ 1949.866755][T20419]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1949.866785][T20419]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1949.866806][T20419]  ? clear_bhb_loop+0x60/0xb0
[ 1949.866832][T20419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1949.866860][T20419] RIP: 0033:0x7f4c2bd8e929
[ 1949.866879][T20419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1949.866898][T20419] RSP: 002b:00007f4c2cc9c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1949.866922][T20419] RAX: ffffffffffffffda RBX: 00007f4c2bfb5fa0 RCX: 00007f4c2bd8e929
[ 1949.866938][T20419] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[ 1949.866951][T20419] RBP: 00007f4c2cc9c090 R08: 0000000000000000 R09: 0000000000000000
[ 1949.866965][T20419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1949.866977][T20419] R13: 0000000000000000 R14: 00007f4c2bfb5fa0 R15: 00007ffc065fe7e8
[ 1949.867011][T20419]  </TASK>
[ 1950.370577][T20421] netlink: 176 bytes leftover after parsing attributes in process `syz.0.3657'.
[ 1950.380613][T20421] netlink: 176 bytes leftover after parsing attributes in process `syz.0.3657'.
[ 1951.219939][T20443] lo speed is unknown, defaulting to 1000
[ 1951.226268][T20443] lo speed is unknown, defaulting to 1000
[ 1951.232924][T20443] lo speed is unknown, defaulting to 1000
[ 1951.250637][T20443] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[ 1951.633056][T20443] lo speed is unknown, defaulting to 1000
[ 1951.810750][T20443] lo speed is unknown, defaulting to 1000
[ 1951.818051][T20443] lo speed is unknown, defaulting to 1000
[ 1951.825111][T20443] lo speed is unknown, defaulting to 1000
[ 1951.832269][T20443] lo speed is unknown, defaulting to 1000
[ 1956.940055][T11773] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[ 1957.592754][T11773] usb 1-1: device descriptor read/64, error -71
[ 1957.603885][T20514] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=7 (14 ns) > initial count (10 ns). Using initial count to start timer.
[ 1957.927831][T11773] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[ 1958.072516][T11773] usb 1-1: device descriptor read/64, error -71
[ 1958.211075][T11773] usb usb1-port1: attempt power cycle
[ 1958.436063][T20538] FAULT_INJECTION: forcing a failure.
[ 1958.436063][T20538] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1958.449669][T20538] CPU: 0 UID: 0 PID: 20538 Comm: syz.9.3692 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 1958.449698][T20538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1958.449712][T20538] Call Trace:
[ 1958.449721][T20538]  <TASK>
[ 1958.449730][T20538]  dump_stack_lvl+0x189/0x250
[ 1958.449761][T20538]  ? __pfx____ratelimit+0x10/0x10
[ 1958.449794][T20538]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1958.449817][T20538]  ? __pfx__printk+0x10/0x10
[ 1958.449845][T20538]  ? __might_fault+0xb0/0x130
[ 1958.449887][T20538]  should_fail_ex+0x414/0x560
[ 1958.449923][T20538]  _copy_from_user+0x2d/0xb0
[ 1958.449948][T20538]  __sys_bind+0x199/0x3e0
[ 1958.449973][T20538]  ? __pfx___sys_bind+0x10/0x10
[ 1958.450007][T20538]  ? __pfx_ksys_write+0x10/0x10
[ 1958.450045][T20538]  __x64_sys_bind+0x7a/0x90
[ 1958.450066][T20538]  do_syscall_64+0xfa/0x3b0
[ 1958.450087][T20538]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1958.450108][T20538]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1958.450128][T20538]  ? clear_bhb_loop+0x60/0xb0
[ 1958.450153][T20538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1958.450173][T20538] RIP: 0033:0x7f962438e929
[ 1958.450191][T20538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1958.450209][T20538] RSP: 002b:00007f9625135038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[ 1958.450231][T20538] RAX: ffffffffffffffda RBX: 00007f96245b5fa0 RCX: 00007f962438e929
[ 1958.450246][T20538] RDX: 0000000000000010 RSI: 0000200000000040 RDI: 0000000000000004
[ 1958.450259][T20538] RBP: 00007f9625135090 R08: 0000000000000000 R09: 0000000000000000
[ 1958.450281][T20538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1958.450294][T20538] R13: 0000000000000000 R14: 00007f96245b5fa0 R15: 00007ffdb0ec6388
[ 1958.450326][T20538]  </TASK>
[ 1958.648194][T20536] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=7 (14 ns) > initial count (10 ns). Using initial count to start timer.
[ 1958.727969][T11773] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[ 1959.149596][T11773] usb 1-1: device not accepting address 42, error -71
[ 1959.228076][T20544] netlink: 92 bytes leftover after parsing attributes in process `syz.0.3694'.
[ 1963.008126][T12898] Bluetooth: hci1: command 0x0406 tx timeout
[ 1965.977779][    C0] sched: DL replenish lagged too much
[ 1979.189903][T20569] bridge0: port 3(syz_tun) entered blocking state
[ 1979.215504][T20569] bridge0: port 3(syz_tun) entered disabled state
[ 1979.369099][T20569] syz_tun: entered allmulticast mode
[ 1980.953749][T20569] syz_tun: entered promiscuous mode
[ 2087.189377][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 2087.196399][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P20569/1:b..l
[ 2087.205177][    C0] rcu: 	(detected by 0, t=10503 jiffies, g=103433, q=2372 ncpus=2)
[ 2087.213126][    C0] task:syz.7.3700      state:R  running task     stack:26808 pid:20569 tgid:20562 ppid:11444  task_flags:0x400140 flags:0x00004006
[ 2087.228352][    C0] Call Trace:
[ 2087.231686][    C0]  <TASK>
[ 2087.234657][    C0]  __schedule+0x16a2/0x4cb0
[ 2087.239233][    C0]  ? __lock_acquire+0xab9/0xd20
[ 2087.244139][    C0]  ? preempt_schedule_irq+0xb5/0x150
[ 2087.249474][    C0]  ? do_raw_spin_lock+0x121/0x290
[ 2087.254637][    C0]  ? __pfx___schedule+0x10/0x10
[ 2087.259549][    C0]  ? __lock_acquire+0xab9/0xd20
[ 2087.264448][    C0]  ? preempt_schedule_irq+0xaa/0x150
[ 2087.269789][    C0]  preempt_schedule_irq+0xb5/0x150
[ 2087.274949][    C0]  ? __pfx_preempt_schedule_irq+0x10/0x10
[ 2087.280737][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[ 2087.286597][    C0]  irqentry_exit+0x6f/0x90
[ 2087.291065][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2087.297117][    C0] RIP: 0010:lock_release+0x9c/0x3e0
[ 2087.302365][    C0] Code: 0f 85 35 02 00 00 65 4c 8b 3c 25 08 10 9d 92 41 83 bf ec 0a 00 00 00 0f 85 1e 02 00 00 49 81 3e 00 c3 60 93 0f 84 11 02 00 00 <48> c7 44 24 20 00 00 00 00 9c 8f 44 24 20 48 8b 5c 24 20 fa 48 c7
[ 2087.322026][    C0] RSP: 0018:ffffc9000466f330 EFLAGS: 00000202
[ 2087.328155][    C0] RAX: 0000000000000000 RBX: ffffc9000466f401 RCX: 6f59f5a484fa8600
[ 2087.336172][    C0] RDX: ffffffff903d4801 RSI: ffffffff8be1c9e0 RDI: ffffffff8be1c9a0
[ 2087.344195][    C0] RBP: dffffc0000000000 R08: ffffc9000466f4c7 R09: 0000000000000000
[ 2087.352225][    C0] R10: ffffc9000466f4b8 R11: fffff520008cde99 R12: ffffc9000466f918
[ 2087.360332][    C0] R13: ffffffff8172aae5 R14: ffffffff8e13f0e0 R15: ffff88807ea61e00
[ 2087.368373][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 2087.373610][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 2087.378818][    C0]  unwind_next_frame+0x19a9/0x2390
[ 2087.384006][    C0]  ? unwind_next_frame+0xa5/0x2390
[ 2087.389179][    C0]  ? kasan_quarantine_reduce+0x148/0x160
[ 2087.394890][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 2087.401115][    C0]  arch_stack_walk+0x11c/0x150
[ 2087.405948][    C0]  ? __kasan_slab_alloc+0x22/0x80
[ 2087.411037][    C0]  stack_trace_save+0x9c/0xe0
[ 2087.415769][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 2087.421202][    C0]  save_stack+0xf7/0x1f0
[ 2087.425603][    C0]  ? __pfx_save_stack+0x10/0x10
[ 2087.430506][    C0]  ? __free_frozen_pages+0xc65/0xe60
[ 2087.435900][    C0]  ? __put_partials+0x161/0x1c0
[ 2087.440784][    C0]  ? put_cpu_partial+0x17c/0x250
[ 2087.445774][    C0]  ? __slab_free+0x2f7/0x400
[ 2087.450462][    C0]  ? qlist_free_all+0x97/0x140
[ 2087.455272][    C0]  ? kasan_quarantine_reduce+0x148/0x160
[ 2087.461069][    C0]  __reset_page_owner+0x71/0x1f0
[ 2087.466074][    C0]  __free_frozen_pages+0xc65/0xe60
[ 2087.471247][    C0]  __put_partials+0x161/0x1c0
[ 2087.475976][    C0]  put_cpu_partial+0x17c/0x250
[ 2087.480785][    C0]  ? put_cpu_partial+0x6d/0x250
[ 2087.485680][    C0]  __slab_free+0x2f7/0x400
[ 2087.490169][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 2087.496558][    C0]  ? __phys_addr+0xd3/0x180
[ 2087.501119][    C0]  qlist_free_all+0x97/0x140
[ 2087.505793][    C0]  kasan_quarantine_reduce+0x148/0x160
[ 2087.511325][    C0]  __kasan_slab_alloc+0x22/0x80
[ 2087.516235][    C0]  __kvmalloc_node_noprof+0x2b0/0x5f0
[ 2087.521664][    C0]  ? rhashtable_init_noprof+0x4ee/0xbb0
[ 2087.527262][    C0]  rhashtable_init_noprof+0x4ee/0xbb0
[ 2087.532686][    C0]  nbp_vlan_init+0x1e1/0x440
[ 2087.537457][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2087.542710][    C0]  ? __pfx_nbp_vlan_init+0x10/0x10
[ 2087.547871][    C0]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 2087.553266][    C0]  ? do_raw_spin_unlock+0x122/0x240
[ 2087.558488][    C0]  br_add_if+0xaa1/0xec0
[ 2087.562813][    C0]  br_ioctl_stub+0x6aa/0xc80
[ 2087.567417][    C0]  ? trace_contention_end+0x39/0x120
[ 2087.572716][    C0]  ? __pfx_br_ioctl_stub+0x10/0x10
[ 2087.577846][    C0]  ? sock_ioctl+0x4b4/0x790
[ 2087.582369][    C0]  ? __lock_acquire+0xab9/0xd20
[ 2087.587229][    C0]  ? __asan_memset+0x22/0x50
[ 2087.591826][    C0]  ? smack_file_ioctl+0x24a/0x340
[ 2087.596932][    C0]  ? __pfx_br_ioctl_stub+0x10/0x10
[ 2087.602052][    C0]  sock_ioctl+0x4d5/0x790
[ 2087.606394][    C0]  ? __pfx_sock_ioctl+0x10/0x10
[ 2087.611259][    C0]  ? __fget_files+0x2a/0x420
[ 2087.615857][    C0]  ? __fget_files+0x3a0/0x420
[ 2087.620540][    C0]  ? __fget_files+0x2a/0x420
[ 2087.625137][    C0]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 2087.630084][    C0]  ? __pfx_sock_ioctl+0x10/0x10
[ 2087.634948][    C0]  __se_sys_ioctl+0xfc/0x170
[ 2087.639550][    C0]  do_syscall_64+0xfa/0x3b0
[ 2087.644056][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2087.649265][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2087.655337][    C0]  ? clear_bhb_loop+0x60/0xb0
[ 2087.660028][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2087.665924][    C0] RIP: 0033:0x7fd33cf8e929
[ 2087.670342][    C0] RSP: 002b:00007fd33a5b0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 2087.678771][    C0] RAX: ffffffffffffffda RBX: 00007fd33d1b6320 RCX: 00007fd33cf8e929
[ 2087.686760][    C0] RDX: 0000200000000000 RSI: 00000000000089a2 RDI: 0000000000000009
[ 2087.694739][    C0] RBP: 00007fd33d010b39 R08: 0000000000000000 R09: 0000000000000000
[ 2087.702714][    C0] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2087.710693][    C0] R13: 0000000000000000 R14: 00007fd33d1b6320 R15: 00007ffc3bf6e6b8
[ 2087.718691][    C0]  </TASK>
[ 2087.721744][    C0] rcu: rcu_preempt kthread starved for 547 jiffies! g103433 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[ 2087.732902][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 2087.742921][    C0] rcu: RCU grace-period kthread stack dump:
[ 2087.748851][    C0] task:rcu_preempt     state:R  running task     stack:27128 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[ 2087.762440][    C0] Call Trace:
[ 2087.765757][    C0]  <TASK>
[ 2087.768722][    C0]  __schedule+0x16a2/0x4cb0
[ 2087.773287][    C0]  ? do_raw_spin_unlock+0x122/0x240
[ 2087.778542][    C0]  ? schedule+0x165/0x360
[ 2087.782923][    C0]  ? __lock_acquire+0xab9/0xd20
[ 2087.787819][    C0]  ? __pfx___schedule+0x10/0x10
[ 2087.792735][    C0]  ? schedule+0x91/0x360
[ 2087.797028][    C0]  schedule+0x165/0x360
[ 2087.801240][    C0]  schedule_timeout+0x12b/0x270
[ 2087.806139][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 2087.811551][    C0]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 2087.817494][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 2087.822832][    C0]  ? prepare_to_swait_event+0x341/0x380
[ 2087.828430][    C0]  rcu_gp_fqs_loop+0x301/0x1540
[ 2087.833334][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2087.838586][    C0]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[ 2087.844783][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 2087.850107][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[ 2087.855368][    C0]  rcu_gp_kthread+0x99/0x390
[ 2087.860008][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 2087.865245][    C0]  ? __kthread_parkme+0x7b/0x200
[ 2087.870223][    C0]  ? __kthread_parkme+0x1a1/0x200
[ 2087.875300][    C0]  kthread+0x711/0x8a0
[ 2087.879437][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 2087.884695][    C0]  ? __pfx_kthread+0x10/0x10
[ 2087.889341][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2087.894585][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2087.899838][    C0]  ? __pfx_kthread+0x10/0x10
[ 2087.904481][    C0]  ret_from_fork+0x3fc/0x770
[ 2087.909117][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 2087.914282][    C0]  ? __switch_to_asm+0x39/0x70
[ 2087.919102][    C0]  ? __switch_to_asm+0x33/0x70
[ 2087.923907][    C0]  ? __pfx_kthread+0x10/0x10
[ 2087.928545][    C0]  ret_from_fork_asm+0x1a/0x30
[ 2087.933375][    C0]  </TASK>
[ 2087.936426][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 2087.942795][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 2087.948047][    C1] NMI backtrace for cpu 1
[ 2087.948063][    C1] CPU: 1 UID: 0 PID: 20568 Comm: syz.7.3700 Not tainted 6.16.0-rc6-syzkaller-00002-g155a3c003e55 #0 PREEMPT(full) 
[ 2087.948085][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2087.948096][    C1] RIP: 0010:ip_rcv_finish_core+0xe11/0x1c00
[ 2087.948223][    C1] Code: b6 04 28 84 c0 0f 85 e7 0b 00 00 41 8b 1c 24 31 ff 89 de e8 21 e1 e7 f7 85 db 0f 84 7e 01 00 00 e8 d4 dc e7 f7 4c 8b 64 24 10 <4c> 8d 75 3c 4c 89 f0 48 c1 e8 03 42 0f b6 04 28 84 c0 0f 85 b3 0a
[ 2087.948238][    C1] RSP: 0018:ffffc90000a08820 EFLAGS: 00000246
[ 2087.948254][    C1] RAX: ffffffff89d8557c RBX: 0000000000000001 RCX: ffff88807ea63c00
[ 2087.948268][    C1] RDX: 0000000000000100 RSI: 0000000000000001 RDI: 0000000000000000
[ 2087.948278][    C1] RBP: ffff888080c88500 R08: ffff88807ea63c00 R09: 0000000000000004
[ 2087.948290][    C1] R10: 0000000000000003 R11: ffffffff89d834b0 R12: 1ffff110101910ab
[ 2087.948303][    C1] R13: dffffc0000000000 R14: ffff88814c92f844 R15: ffff888080c88558
[ 2087.948316][    C1] FS:  00007fd33a9d36c0(0000) GS:ffff888125d4f000(0000) knlGS:0000000000000000
[ 2087.948331][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2087.948343][    C1] CR2: 00007f9624582ef8 CR3: 00000000564ac000 CR4: 00000000003526f0
[ 2087.948359][    C1] Call Trace:
[ 2087.948367][    C1]  <IRQ>
[ 2087.948381][    C1]  ip_rcv_finish+0x14c/0x2f0
[ 2087.948404][    C1]  NF_HOOK+0x30c/0x3a0
[ 2087.948424][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 2087.948444][    C1]  ? NF_HOOK+0x9a/0x3a0
[ 2087.948462][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[ 2087.948479][    C1]  ? ip_rcv_core+0x7f7/0xd00
[ 2087.948499][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 2087.948524][    C1]  ? __pfx_ip_rcv+0x10/0x10
[ 2087.948541][    C1]  __netif_receive_skb+0x143/0x380
[ 2087.948561][    C1]  ? process_backlog+0x2d5/0x14f0
[ 2087.948581][    C1]  process_backlog+0x60e/0x14f0
[ 2087.948598][    C1]  ? __lock_acquire+0xab9/0xd20
[ 2087.948623][    C1]  ? __pfx_process_backlog+0x10/0x10
[ 2087.948647][    C1]  __napi_poll+0xc4/0x480
[ 2087.948661][    C1]  ? net_rx_action+0x46d/0xe30
[ 2087.948681][    C1]  net_rx_action+0x707/0xe30
[ 2087.948698][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2087.948740][    C1]  ? __pfx_net_rx_action+0x10/0x10
[ 2087.948780][    C1]  handle_softirqs+0x283/0x870
[ 2087.948801][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[ 2087.948823][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 2087.948847][    C1]  __irq_exit_rcu+0xca/0x1f0
[ 2087.948865][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[ 2087.948888][    C1]  irq_exit_rcu+0x9/0x30
[ 2087.948904][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 2087.948930][    C1]  </IRQ>
[ 2087.948936][    C1]  <TASK>
[ 2087.948943][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2087.948962][    C1] RIP: 0010:should_fail_usercopy+0x4/0x20
[ 2087.948990][    C1] Code: f7 e8 70 3f 33 fd eb a9 cc cc cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa <e8> 87 e9 d1 fc be 01 00 00 00 48 c7 c7 20 af 8c 8e e9 f6 ed ff ff
[ 2087.949004][    C1] RSP: 0018:ffffc9000465fa18 EFLAGS: 00000286
[ 2087.949018][    C1] RAX: 6bed3a1466885100 RBX: 0000000000000038 RCX: 6bed3a1466885100
[ 2087.949031][    C1] RDX: 0000000000000000 RSI: ffffffff8db72142 RDI: ffffffff8be1ca00
[ 2087.949044][    C1] RBP: ffffc9000465fc30 R08: 0000000000000000 R09: ffffffff820a2010
[ 2087.949056][    C1] R10: ffffc9000465faa0 R11: fffff520008cbf5b R12: 0000000000000002
[ 2087.949068][    C1] R13: dffffc0000000000 R14: ffffc9000465faa0 R15: 0000200000352600
[ 2087.949085][    C1]  ? __might_fault+0xb0/0x130
[ 2087.949116][    C1]  _copy_from_user+0x2d/0xb0
[ 2087.949137][    C1]  ___sys_recvmsg+0x12e/0x510
[ 2087.949163][    C1]  ? __pfx____sys_recvmsg+0x10/0x10
[ 2087.949205][    C1]  ? __might_fault+0xb0/0x130
[ 2087.949230][    C1]  do_recvmmsg+0x307/0x770
[ 2087.949258][    C1]  ? __pfx_do_recvmmsg+0x10/0x10
[ 2087.949289][    C1]  ? count_memcg_event_mm+0x21/0x260
[ 2087.949311][    C1]  ? count_memcg_event_mm+0x21/0x260
[ 2087.949340][    C1]  __x64_sys_recvmmsg+0x190/0x240
[ 2087.949371][    C1]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 2087.949398][    C1]  ? do_syscall_64+0xbe/0x3b0
[ 2087.949416][    C1]  do_syscall_64+0xfa/0x3b0
[ 2087.949432][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2087.949457][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2087.949475][    C1]  ? clear_bhb_loop+0x60/0xb0
[ 2087.949495][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2087.949512][    C1] RIP: 0033:0x7fd33cf8e929
[ 2087.949528][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2087.949542][    C1] RSP: 002b:00007fd33a9d3038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 2087.949559][    C1] RAX: ffffffffffffffda RBX: 00007fd33d1b6240 RCX: 00007fd33cf8e929
[ 2087.949572][    C1] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000005
[ 2087.949584][    C1] RBP: 00007fd33d010b39 R08: 0000000000000000 R09: 0000000000000000
[ 2087.949595][    C1] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 2087.949605][    C1] R13: 0000000000000001 R14: 00007fd33d1b6240 R15: 00007ffc3bf6e6b8
[ 2087.949627][    C1]  </TASK>
[ 2088.487643][T20569] bridge0: port 3(syz_tun) entered blocking state
[ 2088.496503][T20569] bridge0: port 3(syz_tun) entered forwarding state