last executing test programs:

9m59.563120582s ago: executing program 3 (id=1349):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, 0x0, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
r2 = openat$smackfs_cipso(0xffffffffffffff9c, &(0x7f0000000180)='/sys/fs/smackfs/cipso\x00', 0x2, 0x0)
write$smackfs_cipso(r2, &(0x7f0000000240)={']:}-!+\x9a!$', 0x20, 0x18, 0x20, 0x3, 0x20, [{0x64}, {0x31}, {}]}, 0x74)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000002540)=@abs, 0x6e)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
accept4$netrom(r4, &(0x7f0000000000)={{0x3, @bcast}, [@remote, @rose, @rose, @null, @remote, @netrom, @default, @rose]}, &(0x7f00000000c0)=0x48, 0x80000)

9m57.468321108s ago: executing program 3 (id=1354):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='net/fib_trie\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000004d00)=@newtaction={0x2bc, 0x30, 0xb, 0xfffffffc, 0x0, {}, [{0x84, 0x1, [@m_skbmod={0x80, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x51, 0x6, "db3817ca0b6bc021f0c579c007ab8f28880a96e4ee3cdd485738f5ab5a5273b61a3241e721ee5b8bb02038630ae44a47dbbf2d2ceb08757a0be98cd85b1eb2ee00000000000000000000002241"}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}, {0x224, 0x1, [@m_skbedit={0x6c, 0x1f, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_MARK={0x8, 0x5, 0x80000001}, @TCA_SKBEDIT_PTYPE={0x6}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x1}]}, {0x27, 0x6, "a09afd4130bb7556229b712e52d14a96d25d3e05a3e9712b6e8ace6f859dde3434d990"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x1b4, 0x8, 0x0, 0x0, {{0x8}, {0xc0, 0x2, 0x0, 0x1, [@TCA_IFE_METALST={0x8, 0x6, [@IFE_META_SKBMARK={0x4, 0x1, @void}]}, @TCA_IFE_TYPE={0x6, 0x5, 0x1}, @TCA_IFE_METALST={0x38, 0x6, [@IFE_META_TCINDEX={0x4, 0x5, @void}, @IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_SKBMARK={0x4, 0x1, @void}, @IFE_META_SKBMARK={0x8, 0x1, @val=0xc8}, @IFE_META_PRIO={0x8, 0x3, @val=0xc}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_SKBMARK={0x8, 0x1, @val=0x1}, @IFE_META_PRIO={0x4, 0x3, @void}, @IFE_META_TCINDEX={0x6, 0x5, @val=0x8}]}, @TCA_IFE_DMAC={0xa, 0x3, @random="1b58ce50eb31"}, @TCA_IFE_DMAC={0xfffffffffffffec7}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x1, 0x347db2d0, 0x6, 0x3, 0x6}}}, @TCA_IFE_SMAC={0xa, 0x4, @local}, @TCA_IFE_SMAC={0xa, 0x4, @remote}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x2, 0x0, 0x6, 0x6, 0x7}}}, @TCA_IFE_DMAC={0xa, 0x3, @remote}]}, {0xcd, 0x6, "b05e096b4e5a86873efdebfb082811137cba969c07c746a830c05b85a0c1ad7253015fa99c3fd5aeddd0aa234df509b044371273add9750e7d683dd918d383a270e65141ba7fae999a6792f556c3447f295c6965d3463eb2f4342a2252c9e44602729b258d3c6786a1d04b297c07f914acce1b14d5d945505f5dc73207ce4adf7536f8daf2d7d595fda47acd052422e0cb3ab96aae9c7c2cc82207d4600aef54de7ef378c2b61eb97a891ec6e8dc7216fce2753b9921edeb3a83a2813c36f8646d4d1751b0297b2eae"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x2bc}, 0x1, 0x0, 0x0, 0x4044800}, 0x0)
read$FUSE(r1, &(0x7f0000002cc0)={0x2020}, 0xfffffece)
preadv(r1, 0x0, 0x0, 0x80000001, 0x3)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={&(0x7f0000002800)=ANY=[@ANYBLOB="140000001000010000000000000000000700000ae8000000080a01020000000000000000000000060900010073797a310000000008000a40000000010c000340000000000000000308000a400000000208000a40000000000900020073797a32000000001300074020b69ad668756f3fb669faf5adc97200136952ac0c4e2882403056e5ba1236f4c08ce69acf104ba5ed906ffe13fc2fd6193a5a0bbdebb6a422dc1bcb82b90093f5299e36fc975f0111fcbf55669091f79bf887f949368878693c94fbfde7a3a2b49a93cad25b3d511218483e2adf6cd0a7cc0e744c38b1a35fcb4daf43156cba2872be5b6b0d5a92b99ad60313483f8016b6000078020000060a050000000000000000000a00000508000b400000000434000480100001800b0001006f626a7265660000100001800b00010072656a6563740000100001800b0001006c6f6f6b757000000c0003400000000000000001f8010480100001800b0001006e756d67656e0000140001800e000100627974656f726465720000003800018008000100667764002c000280080002400000000a080002400000000e0800034000000002080002400000000c080002400000000f20000180070001007274000014000280080002400000000008000140000000003c0001800b00010072656a65637400002c00028105000200e80000000540020009000000080001400000000208000140000000020500020054000000000101800a0001006d6174636800000000000280070003002399b500e3000300f90464690f0744c1cdc7a430a5a52b118364dbf0ca14e70749c41795db3375c1fb60af848747030d07dce0eb2710594c40e715a5c417acdf1e7235e5239e6ba9ccbf09f308b5470ab28da6b64d124db51d841f239a1cef057151ec5211cbe84f8dd52155fb8d43553bd4ec64a7ba83566892bb93589b5186a4dffc848b6ff9e99562a8cf0fc3f963286aa1f50a0b289bc5ffb90b89ec31d4935fda111dbd792916c0c738bff0fa968953855ed1493db8d75e66aa1408153ad40ebdaa7be52058280a6c957fe45218a5f0d399a6d9da70c9649df4c44f4a6fdc76b02d226b59d1d2fa003c0001800c0001007061796c6f6164002c00028008000340000000f208000440000000930800084000000000080005400000000808000540000000110900010073797a310000000008000a400000000108000940000400010800094000000001e0000000000a01040000000000000000030000020900010073797a30000000000900010073797a300000000008000240000000036a000600abd0860f9ff358ddc665273cf4ba8000ecfb5268215f4b4f0dc85cbae81c86e09a0191bf034c971d4b938c2553444579591f919568d5f774591424a60c573610e7d991d4fb779d33e809ec6725e9d99ba6b656ad1c8539469cfece4b4027f53a2d79eac030a000003d0006003dfabf1fb09c1d69727f5409a6b53cb78c920ffcd92209a4c8dddc4e99841c504e984740900d61e821029d5d28b4a06dc48e358f49a2dca05200000020000000060a03000000000000000000050000000900020073797a3100000000140000001100010000000000000000000a00000ad529374b8a9790"], 0x488}, 0x1, 0x0, 0x0, 0x48000}, 0x4004000)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f00000033c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="7fe5b8e8dfec915e", 0x8}], 0x1}}], 0x1, 0x4050)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$netlink(0x10, 0x3, 0x0)
r6 = getpid()
syz_pidfd_open(r6, 0x0)
ioctl$VIDIOC_SUBDEV_G_CROP(0xffffffffffffffff, 0xc038563b, &(0x7f0000000040)={0x1, 0x0, {0x9, 0x208, 0x12c68bba, 0x5}})
syz_open_procfs(0xffffffffffffffff, 0x0)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r7, 0x3b88, &(0x7f0000000200)={0xc, r8})
ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r7, 0x3b70, &(0x7f00000000c0)={0x1c})

9m56.114373263s ago: executing program 3 (id=1356):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000100000000000000000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = syz_usb_connect(0x2, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="12011f00abbe6740e9174e8b089c000000010902120001000000000904000000ff"], 0x0)
syz_usb_control_io(r1, &(0x7f00000000c0)={0x2c, &(0x7f0000000000)={0x20, 0x23, 0x2, {0x2, 0x7e8e703122aff25f}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000200)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000600)={&(0x7f00000006c0)={0x34, 0x0, 0x100, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0xa, 0xcd, [0xfc01, 0x5, 0x6]}, @NL80211_ATTR_DONT_WAIT_FOR_ACK={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000}, 0x80)
syz_usb_connect(0x0, 0x36, &(0x7f0000000280)={{0x12, 0x1, 0x141, 0x27, 0xc0, 0xde, 0x20, 0x86a, 0x3, 0xf03f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x2, 0x2, 0x2, 0xf3, 0xbf, 0xf5, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0x2, 0x0, 0xa}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000900), 0x2, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c41, 0x131)
flock(r4, 0x5)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x0)
flock(r5, 0x5)
r6 = syz_open_procfs(0x0, &(0x7f0000000280)='fdinfo/4\x00')
preadv(r6, &(0x7f0000000300)=[{&(0x7f00000001c0)=""/51, 0x33}], 0x1, 0x0, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='signal_generate\x00', r7}, 0x10)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='signal_generate\x00', r8}, 0x10)
prlimit64(0x0, 0x2, &(0x7f0000000000)={0x40000004000000, 0x800000008000000}, 0x0)
prctl$PR_SET_MM(0x23, 0x3, &(0x7f0000ffb000/0x1000)=nil)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
bind$bt_hci(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0xffff, 0x3}, 0x6)
write(0xffffffffffffffff, &(0x7f0000000000)="3f000000010000", 0x7)

9m52.785559538s ago: executing program 3 (id=1363):
syz_usb_connect(0x0, 0x24, &(0x7f0000000a00)=ANY=[@ANYBLOB="120100007856bb40da0b53813de20102030109021200010000000009040000000206"], 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{0xffffffffffffffff, <r0=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f00000001c0)}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000280)={0x1, <r1=>0xffffffffffffffff}, 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000580)={0xffffffffffffffff, 0x20, &(0x7f0000000540)={&(0x7f00000003c0)=""/136, 0x88, <r2=>0x0, &(0x7f0000000480)=""/177, 0xb1}}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=@raw=[@generic={0x5, 0x6, 0xa, 0x7, 0x3}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x3}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}], &(0x7f0000000640)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r7 = socket(0x848000000015, 0x805, 0x0)
bind$inet6(r7, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x1a}, 0x10}, 0x1c)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
sendto$inet6(r7, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private2}, 0x1c)
r8 = socket(0x40000000015, 0x805, 0x0)
getsockopt(r8, 0x114, 0x271c, 0x0, &(0x7f00000000c0))
socket$tipc(0x1e, 0x5, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

9m49.157950525s ago: executing program 3 (id=1370):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_control(r0, &(0x7f0000000080)='disconnect aa:aa:aa:aa:aa:10 2', 0x1e)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = add_key(&(0x7f0000000040)='dns_resolver\x00', &(0x7f0000000400)={'syz', 0x3}, &(0x7f0000000080)="000001020200", 0x6, 0xfffffffffffffffb)
keyctl$read(0xb, r1, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000000c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = socket$netlink(0x10, 0x3, 0x15)
write(r3, &(0x7f0000000780)="2f00000014000f3f00000000120f0a0011000000009a67ec53f737bf173907862ea62f9226ccc41b6cbd09f3a38cd179d5d267802f7ac7a24cd35c2cc23082ee6e8d06e500000000638c7b9916424819b7116081ee3eb1e05154085cc989ffe9", 0x60)

9m45.837354135s ago: executing program 3 (id=1376):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_io_uring_complete(0x0)
connect$tipc(r0, &(0x7f0000000000)=@id={0x1e, 0x3, 0x3, {0x4e23, 0x3}}, 0x10)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x84, &(0x7f0000000440)={0x0, @in6={{0xa, 0x0, 0x6, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, 0x0, 0x80}, &(0x7f0000000500)=0x90)
socket(0x2, 0x80805, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000300)={'wg0\x00'})
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$netlink(r3, &(0x7f0000004040)={0x0, 0x0, &(0x7f0000003fc0)=[{&(0x7f0000000340)={0x10}, 0x10}, {&(0x7f0000003900)={0x10, 0x3f6}, 0x10}], 0x2}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000850000005000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8242, 0x0)
r5 = syz_open_dev$evdev(&(0x7f00000000c0), 0x48, 0x2000)
ioctl$EVIOCSFF(r5, 0x40304580, &(0x7f00000006c0)={0x52, 0xfffb, 0x0, {0x0, 0x1}, {0x4c, 0x1}, @period={0x58, 0x0, 0x400, 0x5, 0x2, {0xfffe, 0x20}, 0x0, 0x0}})
r6 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x822b01)
write$char_usb(r6, &(0x7f0000000040)="e2", 0x12d8)
write$cgroup_subtree(r4, 0x0, 0x0)
r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x103201, 0x0)
write$P9_RSTATu(r7, &(0x7f0000000080)={0x265, 0x2, 0xafd, {{0x54f, 0x124, 0x28, 0x1f00, {}, 0x0, 0x0, 0xc, 0x401, 0xffffffffffffff7d, '\nnodev{evo\x03\xd3\x8b\x92\x00'/27, 0x28, 'pg>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18x\x99\xa9\x16c\x88\x14\xe5p\x81\x03\xb4\x94\xe1\x00\x00\x00\x00\x00\x00\x00\x00', 0x2, '\b\x00', 0xac, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4@\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x009\x86Ac\x1dD\xf4\xa3\x9b\x11\x91\x93z(\x0e\x8d\x88\x9f\xc2 \xd1\x15\xac\x8e/\x18K\x9aau\x8d&w*\xb0\xf2\x04M\x8e\xf0&=\xdd\x97\xd3\xc4\'\xb3\xa52\xef\xab\x1d\x1c\xe3,\xa7\xc1\xfc#\x1a\xf4\x84\b\xe0+%P(\xb7\xc9\xbb\x859oM\x8a\xf0\xeb\x95\xfc\x0e\xcc\x99\xf7\x80\xe2'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0xfd85)

9m29.895998663s ago: executing program 32 (id=1376):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_io_uring_complete(0x0)
connect$tipc(r0, &(0x7f0000000000)=@id={0x1e, 0x3, 0x3, {0x4e23, 0x3}}, 0x10)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x84, &(0x7f0000000440)={0x0, @in6={{0xa, 0x0, 0x6, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}, 0x0, 0x80}, &(0x7f0000000500)=0x90)
socket(0x2, 0x80805, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000300)={'wg0\x00'})
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$netlink(r3, &(0x7f0000004040)={0x0, 0x0, &(0x7f0000003fc0)=[{&(0x7f0000000340)={0x10}, 0x10}, {&(0x7f0000003900)={0x10, 0x3f6}, 0x10}], 0x2}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000e000000850000005000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8242, 0x0)
r5 = syz_open_dev$evdev(&(0x7f00000000c0), 0x48, 0x2000)
ioctl$EVIOCSFF(r5, 0x40304580, &(0x7f00000006c0)={0x52, 0xfffb, 0x0, {0x0, 0x1}, {0x4c, 0x1}, @period={0x58, 0x0, 0x400, 0x5, 0x2, {0xfffe, 0x20}, 0x0, 0x0}})
r6 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x822b01)
write$char_usb(r6, &(0x7f0000000040)="e2", 0x12d8)
write$cgroup_subtree(r4, 0x0, 0x0)
r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x103201, 0x0)
write$P9_RSTATu(r7, &(0x7f0000000080)={0x265, 0x2, 0xafd, {{0x54f, 0x124, 0x28, 0x1f00, {}, 0x0, 0x0, 0xc, 0x401, 0xffffffffffffff7d, '\nnodev{evo\x03\xd3\x8b\x92\x00'/27, 0x28, 'pg>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18x\x99\xa9\x16c\x88\x14\xe5p\x81\x03\xb4\x94\xe1\x00\x00\x00\x00\x00\x00\x00\x00', 0x2, '\b\x00', 0xac, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4@\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x009\x86Ac\x1dD\xf4\xa3\x9b\x11\x91\x93z(\x0e\x8d\x88\x9f\xc2 \xd1\x15\xac\x8e/\x18K\x9aau\x8d&w*\xb0\xf2\x04M\x8e\xf0&=\xdd\x97\xd3\xc4\'\xb3\xa52\xef\xab\x1d\x1c\xe3,\xa7\xc1\xfc#\x1a\xf4\x84\b\xe0+%P(\xb7\xc9\xbb\x859oM\x8a\xf0\xeb\x95\xfc\x0e\xcc\x99\xf7\x80\xe2'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0xfd85)

7m14.873998939s ago: executing program 4 (id=1686):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x2f)
sendmsg$sock(r1, &(0x7f0000000300)={&(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x6, 0x2}, 0x80, 0x0, 0x0, &(0x7f0000000600)=[@timestamping={{0x14, 0x1, 0x25, 0xd}}, @mark={{0x14, 0x1, 0x24, 0xfffff5db}}, @timestamping={{0x14, 0x1, 0x25, 0xffffffff}}], 0x48}, 0x90)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000014c0)={0x0, 0x1000, "3033691e4e079055ef87105026a617d1733b1efacd744d3ae0175b8c743ca20fc82933a2b8e83c6571d8dd7dae6ad76737bbfe3ff349bcef9aaecbf99a4615835f73a7f61e0cc97fa4f76140fdb29f62fafda4a79a2a47c4d14d04b7db9d2ce7830c514461fcf5215e34c3fc3786808152d96466f11396c44c649164bd1dc5cc88dd1ab534acbbced261e3c9b9a1531b551408cd6e110084af7a1f6bf29243bb252e09a6763e4362d7b952c922d30c0d6f931463ad33e26300e6a5b634f76cfb8010bb1050ae725d26362457d4ee5472ffa4b24ac2c1340bebc26c3db1a2a5b4a6154afffa59a74690185494248d86003a8acc5db45c56bac5f48017656eb8f92b45397934ff229686807a1526038631264706e5919de248f7bb713784c9e51d4fc3ff64d3ca752c10a8962df1cd061dc5ea5d65b436b6d3b76026380407627c5848351dd6ed6edd0809f1fdae4f109bf9495333d8d6529f76697dfde2e1467dfebf771e613c9bdbfaf0d0cedd6eb77ffdc31f985bb32305aedfc10336acd84fc7605d5e8dfd9c82907180e731e6a6d646197a45d9f68d9dbce687534a0b5223d6750f892dacc9535ab23853554801b877d20d925f3083017757ce7d293730fddec097c250f386c5f30d10c41e43dd609e32c99f60abb3cd6e6087c114cea6dce73321d343b3e880dab8c0d639d5499b68ed7297845f32c43cd814e804ae099e79955d0b58705f8e9b7f56db86b117a6da303c0a3694fd399ac8bffd32abec2584ac623aee4de9af0772de4574afc7c20c47f0c6c2b6d017a00afb33b79298a4f6c970ca3483504b24cbaba760954a6b4342ab3672aba8bc2cc824ec2063b340ce6267a23b682b412787b9a3a3fab3bab81db94592af777cf3567d450a807d80a83066d881971894de8b5c706e0e14100ac69f50a84aed37305b6a1a2e4769064aed109952a27531951e268406ea6d4c217a1daab475709ba15f6a14f1823085c4c8176e8f5552e2363a530603aab882d6422789d6e7b8d3298471cde2e410653eb8e7fd4c1c79852e522a416267e9fcf1f0008fe5433898fbfa24b3697d916fc97193e8d6c7c10a7d8fa136bc11bb79328ef80a3e3ad35f7440358ad2f3ad98b695408cb8a9f22470be1f93ec861decc936f625fc2259d47173b08fe71a636dd75646ea1f69fd612ff59f1fc03d92d32ec22624268a3d163fa4e21016198f75b17cbce03595422f3ca6dd4befa794da88d548f83f1eb122fd98bf3e6c8917037db8818d0f08db88248a836e12119d436a06951b0e376acff504c36077d08b6d5940e3753e1627f6402159186a3ee2624f9e21e96fa442ec9b121b09664c676b0b98997fe74f516b8c712d4783a9012d49e3617221b35b01c1f73e8ab3dcf980e234a1b48672694844a96ca3b388bb567fb9fec0f3d9ba356cb6a5754cb58bbf71007a2e3cae97924b344d7afb6b350842d704f31959c839614c0dcb6eec0e9a3ac95049fec500c76d840554ceb0544bca7f35a1376c766184f88034629363051feb0a39d9e4a3338d324ae96530b5cc5a49eecb4a522e393943dda3cdcadc0c698cce7f948518d995958069c22dbf69a5ed87f27433cfdcf7fca410f6dccc1886eb10364628cdb895dbde34ed334b244a6d7e4444e0207c921fbd3a00abb6930ddad0ca9f5f838e9ba1ac24f6c13cceaf05775621e7d254be640e7a7c1e7eb0c5b6405d519be5697355b6bf031a062089c4de2c2e5ecb44c109b738c70129aa5dafbce2093a48398c1d68ac99c8ed0447818549fe74a999a4aec49aea1c8e064490525063690b5054923bab5fb901ad3a8fab2ea3ad4a38f2b5493ffc2bf0f9d0594594486c3cfe74b5531075276ee5dd61522630b698294cde52e738de169203b27d81beb1f2a5b4ae39e39b4b8f55f61f7bef7d117d9e2db2e5b366f69f7f3eee32c4920c5cabc9da7a9ab589430e9a62970dba68e48d19cb20525c6fc575fee6793f9c6757409b178f919614c8964f7c100c599ffd3f2b466bc64e51a1227a91589eae41424f72313f7e78937ee55634fff654dd76c2337db2c23d8536ee4b6be5acec63160ffa9cb0fe2110f807860daf807b03bee202329422481a1d84d80a52ed340ae7f0cf4478c94a654493b0f3cacb1a740a3d3d507edf7d243546442bf7c360266aeabbfec72ed8cc7fdea46679c1f4a555a6636f9ca1f8c7250c46d30e927df418d7aa1ffdcce8fe593add32cb6747a36dfdf6b23f07ed6fa751197e16d9999afeddd3b8810570f435954b0173705a78e75e5b59238698270b0156704eb79e14a4c8d27b2ce11f9cffe25643e14b1e5b45bef8d6a5e886c4247dd8ebac95d2ba2f51121e1fef03b0ba90f53388b1ac13c9dc391b4bf224fa19e78159b6eaf1fcd38b71762fd1f7031efc6c695ca2f0dc7b7b9350d50d48549fe87124b3947b6db60b58b3e774effceedcdbd35e5ae0bc400d0b9faca6daee297ef29644f6a948bb54bee1668156943f68f2574f96ce54877a0f8c7f787500f9526e81bd6a2a9d03a5deea7475a0baf3e44cbb8219aa337a284fc978444d577d4495e5c3cb5cda0fc9fc192e9fbcffe7aed124ff3cf04939d9e16158c5ce11a9b6e99915d5a18fddfa1b5e5fd9cfda73efd39ec8144d4333a38c97526b22fffa79259d52d6da65c83bf19705834099d44690019ef164e94d967e1bba290d1096d03b9bd72ab75a59ba734ce71b0ff5a901df2b12dd4b6be37c30640658ce1943be4372b446629eb97d8b73fee73eb44f1007fc4933fb6e9a003d572a96c897835cea9e2defae4d8844560dea8a978c633a4a08316efd60fad0d6780643e3b572edc25512fbc238fddb259b3042baa28479fb03a29e96a788e79a2aa7b5d3f8b6b9fa4af5fdd810a4f9ab4f0af80bf4e54f866d771247a060362391acb1fad6a83f5032686e7cc04275c4ffc79954455f035245663ece1bbc12fc903c77bada84c0b923123447d83a081e592ba22a13a55aa9b4642f4aaccd1b4b9a3ddcfe0421b71aca62283bb72defa153c62b38a1de9fdf9f5f477c300c2baa8d38fe4a66a51a1a9f931ce67cc0f7b57be8a228664a730207031fce2558506db353d48ab746c380f504ab774a48b734b26a774c03ae8ebfb6e30fbf4afc15d7aff9970e4ab5a58055b4e747a0376d7c69384933c779d99fcbe94b4af40c801bfcf6714fbb0a3b26f69e04282db20ceff6680af49e4667204b06bf0f8c1536f7718d553dd48a06d3b1ed939a6932fa5dcafb9eb9f1f4232257ede6d9538c3749815c534dabdc56743902f280fdacb8ea0a059caee9b38312ae8c492bbcce4e1470a5a1877ec45199963b1086896f7bf36312930bf942761708bae088ce524a959ed1a0a2236513db671e8fcd4d52ac05bf0fde96f1e96d739ce40c5cb6e07db819981383b5e67385a26abb218bf90945d92df5fd3214773e19dc84661f56a1580d40b7b4d11c340d17dca5afab1f74afcc8d22affea61962480a51efabedd44e861e8d77467dd42c128dbd748885edacdc323a30e39046a61f4718d09436b58936934659c997b47577f6a1a6a4af80cc02180566f8bce96638d3ea6f0ca9e371f54e3623375c89dad591695dc809a1a9f658cb098de491031ce4e902356a6f518860c3353c4edfc150469b346298e245340cf3dfb0e6265fa6a8ff537acd8331f14ee95220d675d925aa4f812898f4e945b360440cf7bf553c34d2b70f7109a59a18e58bc2b33dc10c0693f12cc7fe99a096dd948773eb81527a66302d84753db2710ab53e313a9fdb0b60cd9e2ca57c80b3ed59e2b938b8ebe138d7de9df6998150e7cf81f2ce9b514d235ca02874fa83b06bca592cc6e8724726517cc66a0eeda98b27d0b6c1e4c47145091d9a8f2815b2562f55e65c738b5909ed81b4307be5da7da0d6fdaae53a3b2d95918cec3172d9bbaca43d99bb7897c4c7fef41c3320d6a2bdadbc3dde6be44a34b7c3dd95db6d9a39d2c61c40bde451b359dde150a28d6715be3264e7b7042c8939a2e6d98ad1948aae15eeaaab9b918f40e3b3df3ca55bafe9ec0c1dfeaad02c0687bc7999fb43879888f7c1dfe4b9db975e8f65779af134ce12ca7143d0cf3cea09cfd3a138d1d780e5d694aef3e0e67d64117ff6f3e38970dee7258345fa63dce56e80424e1ff468c243e82c24361d9cec411622223a6b1d3352cff4fc68c246599059ac145be112f809d75531d6f1aeeabd12cc24528f2f6c072e07021474a329cb2a1ecb3f7c113e295ec8d1cdfcea9a53a8c028350c15c96bffdd477a94e78af909a8dad8afb44d3cc4c2bea14deb32e4fa72298d8dc9d84ab0981d466fe672a4e9c14286a163c71e86e8bdd3f6228c1264b369e5e1b6a7f22ecd7b59d9394789be83dcbd4aa604d9842ecfd4c1c0ef2c1c6cd02b5d22638a65a04d42353ec0afb6f7420c546cd35345f1e81addd5e9f9b2c7cf1e7be42262cc52494181e4380785be42a37e196015e7562cd204a65a5a5734646e0d255fa626db4a27427f60aa458ce9d39470973e8ecd829975315f165fce2ca140cbde9b68937ba65fb690d686ca83664663dc888f03c7b3773450ff2a7192a01d954fba16dde82203b9ac835ea8aab8da021bee5aa86d3242f819667e9c29807ead4bde0569299e6c288f17d35bad8117c54d8257e1161e5931dd247b5a90a95aa183e98d12e51a42755f2d68aaddf3e7b990c1bdf7bf6ec235518091924c6a565725abe2f82ec6f090b1b427160a983bc7131a7d88d669da8e69c36f99017d944850ea13c05c64664dac219ef5277ccf9abb1e02fc6514402a5bf4d08d9affb910a9b1be293c1cd1a1b27ed5206209f04100631fb0a4fc9b5ec688aa13255862b17d48cceb82b60ca78c33e529c8ef1c23130a51c26cd96725323fe6ebe799bd817cb43d389eae9ffcedd8b05b12b439c8c29f7b4d4c563dbd46f64d21bbb735582e4ecb5fd3039e800324a063436920026be46909bdcfa068ca2c79528c3428b9ea4071a0a2d10e276699a9ccbb1de840f1340a29a0473b5969a63af596199f4a181c775349d964b3c236d08fb571bb53ab5a3fbfe8d7c92c3371fa8cfd6c2353c0bec8bf0c3312ec017b9f5cd2c97b94818374b3c52bb18be35a75504b16ad053313f8c4036b506487736b4971b032e28515acd162a9509832a693c783b546a8e56cb71f43d4fab2ce44b512133b63812e2f9a7bfd323f5eb417323e0543c097332f309a097e35e3e8840c87d170ff678a02779cc04477fbd3a9a0b555261280ad79ab9e04a21828d5e83729f73b0590d4c1a625527c8488f6a0a080798d985c2a8ef2c48fcd3b75c5ccb490c539d0956e15a4f831d7a9f8db5b5805d1508e7fa992c0b331004e001210b8632521a4c0f8780df33917026e3ec668d56efce8c7dc5ac786d0fffdcb2ff070bd5bdd7c7cd3a7203e06c00db4b2eda8622fd3060b0dc13728e2ec9175b0911aa545d86f3e411b6736f14e2b2c528017c8dc5177c77386ec9e52325340a2b7b622d262dbfb878af40fe25c9d2e8902cdfbf3cc52b5cb132792eca41eafc69b5170bb6a6ed669a264768e060a4b335fd7017d6993882c1127c942edc2f012dc2d3cd6410bd3b2b1b70703e40c9fa6581d0d0465b950529ec2d3012692231c729fc83225c1ce9fb07610b245cc741ca575d128b14cae4293ebe242241d3707cbc002896ace99bf4a3f96c12b2c02fe6fdfd9e827ea4edd3a0026af3e7f362cc18421f5ee74a28afa552c8d99268140f9fb9ffce3a2217535"}, &(0x7f0000000100)=0x1008)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000380)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101341)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSF2(r6, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1f, 0x0, "4a349800000000806913220909000909000a48"})
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000002880)=0x9)
ioctl$USBDEVFS_CLEAR_HALT(r5, 0x80045503, 0x0)
write$UHID_CREATE(r0, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', 0x0}}, 0x120)
r7 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r7, &(0x7f0000000200)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x34, 0x24, 0xf0b, 0x4, 0x25dfdbfe, {0x0, 0x0, 0x0, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r9 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
write$sndseq(r9, &(0x7f0000000300)=[{0x84, 0x77, 0x0, 0x0, @tick, {0xfd}, {0x7}, @raw32={[0x2, 0x0, 0x8000000]}}, {0x2, 0x0, 0x5, 0x83, @tick, {0xfd}, {}, @note={0x81}}, {0x6, 0x3, 0x9, 0x3, @tick=0x1, {0x10, 0x5}, {0xc, 0x2}, @control={0x3, 0xa, 0x7fff}}], 0x54)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r9, 0x4040534e, &(0x7f0000000080)={0x52, @time={0x3, 0x1}, 0x5, {0x1, 0x2}, 0x9, 0x1, 0x40})

7m13.508955218s ago: executing program 4 (id=1692):
prlimit64(0x0, 0xc, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xffffffff}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0x10000)
capset(0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_vhci(&(0x7f0000000640)=ANY=[@ANYBLOB="04040a00e0"], 0xd)
r3 = socket(0x23, 0x5, 0x0)
listen(r3, 0x0)

7m13.314078874s ago: executing program 4 (id=1693):
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xe)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x3, &(0x7f0000000080)=0x2)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6(0xa, 0x3, 0x6)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x5}, 0xfffffffffffffe2f)
r3 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r3, 0x29, 0x36, &(0x7f0000000040)=ANY=[], 0xc0)
read$alg(r3, &(0x7f0000000040)=""/9, 0x9)
sendmmsg$inet6(r2, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(0xffffffffffffffff, 0x0, 0xd)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="04000226", @ANYRES16=0x0, @ANYBLOB="00000000000000000004e800000008000317"], 0x1c}}, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pim6reg1\x00', 0x2})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8b28, &(0x7f0000000000)={'wlan0\x00'})
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0)

7m11.51336362s ago: executing program 4 (id=1697):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="940000001000010400000000fddbdf25004981f4000000", @ANYRES32=0x0, @ANYBLOB="0301000000000000600012800c0001006d6163766c616e00500002800a000400aaaaaaaaaa1200000800030001000000100005800a0004000180c20000000000080007000500000006000200000000000800030001000000060002000100000006000200000000001400030067656e65766531000000000000000000"], 0x94}}, 0x2000000)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000001600)={'filter\x00', 0xb001, 0x4, 0x3d0, 0x0, 0x0, 0x110, 0x2e8, 0x2e8, 0x2e8, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@broadcast, @private=0xa010102, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x7, 0xffffffff}}}, {{@uncond, 0xc0, 0xe8, 0x0, {0x0, 0x1e03}}, @unspec=@CLASSIFY={0x28, 'CLASSIFY\x00', 0x0, {0x6}}}, {{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x8, 0x0, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x420)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
prctl$PR_SET_MM(0x23, 0x9, &(0x7f0000004000/0x3000)=nil)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
r4 = gettid()
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000440)={0x0, 0x0, <r5=>0x0}, &(0x7f0000000480)=0xc)
ioctl$TUNSETGROUP(r0, 0x400454ce, r5)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r6 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000000)={<r8=>0x0, 0x78, "9cdfb8affd2ac06b00be582e5b7ba0966a11a95fd9a6ecf21ab1e4737189d8f4e63a9e1a8924eb8412e6e9dfa107697fcb72aef508371b1bcb5828d0c20e980d8a777ff3e2f9ac13c13af6075b4b4e4b151773647af10937bca46b341543e513f13a7594537bde057d9ef8acb2199ef64654ad5a26e29dfe"}, &(0x7f00000001c0)=0x80)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000000000000000000000000000004000000000a794f54191638ca9f32129f1a2df1b2cdd8660fa0ec2057da1fe486f38f19e51d9f0b8c4a57c23192af4ddae5e0aca938e948ae9180db1ade0146548645712f3462be60b6b774ef22f843679e2afa8ec43536a6ca869d309a892b0961a776ba6d7abd5e55a18a7b449c5323bbcfae04f647064cf580e12b24716171676ec8869f67e157b8e531f7685efaaa03a214ee1710d714c4eaf12e32dcdc4df2ae3f833b2426f", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x1f, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r9, @ANYBLOB="0000000000000000b702000014000000b70300000000000085000000b9000000bf0900000000000000bf91000000000000b70200000100000085000000850000000000009500"/91], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1d, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r7, 0x84, 0x72, &(0x7f0000000240)={r8, 0x7, 0x30}, &(0x7f0000000300)=0xc)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r10 = syz_io_uring_setup(0xee0, &(0x7f0000000080)={0x0, 0x9c88, 0x100, 0x1, 0x5}, &(0x7f0000000100), &(0x7f0000000580))
io_uring_enter(r10, 0x0, 0x3, 0x7, 0x0, 0x0)
connect$llc(r6, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @multicast}, 0x10)
recvmmsg(r6, &(0x7f00000050c0)=[{{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f00000002c0)=""/59, 0x3b}], 0x1}}], 0x1, 0x2, 0x0)

7m8.720504121s ago: executing program 4 (id=1705):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x2f)
sendmsg$sock(r1, &(0x7f0000000300)={&(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x6, 0x2}, 0x80, 0x0, 0x0, &(0x7f0000000600)=[@timestamping={{0x14, 0x1, 0x25, 0xd}}, @mark={{0x14, 0x1, 0x24, 0xfffff5db}}, @timestamping={{0x14, 0x1, 0x25, 0xffffffff}}], 0x48}, 0x90)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000014c0)={0x0, 0x1000, "3033691e4e079055ef87105026a617d1733b1efacd744d3ae0175b8c743ca20fc82933a2b8e83c6571d8dd7dae6ad76737bbfe3ff349bcef9aaecbf99a4615835f73a7f61e0cc97fa4f76140fdb29f62fafda4a79a2a47c4d14d04b7db9d2ce7830c514461fcf5215e34c3fc3786808152d96466f11396c44c649164bd1dc5cc88dd1ab534acbbced261e3c9b9a1531b551408cd6e110084af7a1f6bf29243bb252e09a6763e4362d7b952c922d30c0d6f931463ad33e26300e6a5b634f76cfb8010bb1050ae725d26362457d4ee5472ffa4b24ac2c1340bebc26c3db1a2a5b4a6154afffa59a74690185494248d86003a8acc5db45c56bac5f48017656eb8f92b45397934ff229686807a1526038631264706e5919de248f7bb713784c9e51d4fc3ff64d3ca752c10a8962df1cd061dc5ea5d65b436b6d3b76026380407627c5848351dd6ed6edd0809f1fdae4f109bf9495333d8d6529f76697dfde2e1467dfebf771e613c9bdbfaf0d0cedd6eb77ffdc31f985bb32305aedfc10336acd84fc7605d5e8dfd9c82907180e731e6a6d646197a45d9f68d9dbce687534a0b5223d6750f892dacc9535ab23853554801b877d20d925f3083017757ce7d293730fddec097c250f386c5f30d10c41e43dd609e32c99f60abb3cd6e6087c114cea6dce73321d343b3e880dab8c0d639d5499b68ed7297845f32c43cd814e804ae099e79955d0b58705f8e9b7f56db86b117a6da303c0a3694fd399ac8bffd32abec2584ac623aee4de9af0772de4574afc7c20c47f0c6c2b6d017a00afb33b79298a4f6c970ca3483504b24cbaba760954a6b4342ab3672aba8bc2cc824ec2063b340ce6267a23b682b412787b9a3a3fab3bab81db94592af777cf3567d450a807d80a83066d881971894de8b5c706e0e14100ac69f50a84aed37305b6a1a2e4769064aed109952a27531951e268406ea6d4c217a1daab475709ba15f6a14f1823085c4c8176e8f5552e2363a530603aab882d6422789d6e7b8d3298471cde2e410653eb8e7fd4c1c79852e522a416267e9fcf1f0008fe5433898fbfa24b3697d916fc97193e8d6c7c10a7d8fa136bc11bb79328ef80a3e3ad35f7440358ad2f3ad98b695408cb8a9f22470be1f93ec861decc936f625fc2259d47173b08fe71a636dd75646ea1f69fd612ff59f1fc03d92d32ec22624268a3d163fa4e21016198f75b17cbce03595422f3ca6dd4befa794da88d548f83f1eb122fd98bf3e6c8917037db8818d0f08db88248a836e12119d436a06951b0e376acff504c36077d08b6d5940e3753e1627f6402159186a3ee2624f9e21e96fa442ec9b121b09664c676b0b98997fe74f516b8c712d4783a9012d49e3617221b35b01c1f73e8ab3dcf980e234a1b48672694844a96ca3b388bb567fb9fec0f3d9ba356cb6a5754cb58bbf71007a2e3cae97924b344d7afb6b350842d704f31959c839614c0dcb6eec0e9a3ac95049fec500c76d840554ceb0544bca7f35a1376c766184f88034629363051feb0a39d9e4a3338d324ae96530b5cc5a49eecb4a522e393943dda3cdcadc0c698cce7f948518d995958069c22dbf69a5ed87f27433cfdcf7fca410f6dccc1886eb10364628cdb895dbde34ed334b244a6d7e4444e0207c921fbd3a00abb6930ddad0ca9f5f838e9ba1ac24f6c13cceaf05775621e7d254be640e7a7c1e7eb0c5b6405d519be5697355b6bf031a062089c4de2c2e5ecb44c109b738c70129aa5dafbce2093a48398c1d68ac99c8ed0447818549fe74a999a4aec49aea1c8e064490525063690b5054923bab5fb901ad3a8fab2ea3ad4a38f2b5493ffc2bf0f9d0594594486c3cfe74b5531075276ee5dd61522630b698294cde52e738de169203b27d81beb1f2a5b4ae39e39b4b8f55f61f7bef7d117d9e2db2e5b366f69f7f3eee32c4920c5cabc9da7a9ab589430e9a62970dba68e48d19cb20525c6fc575fee6793f9c6757409b178f919614c8964f7c100c599ffd3f2b466bc64e51a1227a91589eae41424f72313f7e78937ee55634fff654dd76c2337db2c23d8536ee4b6be5acec63160ffa9cb0fe2110f807860daf807b03bee202329422481a1d84d80a52ed340ae7f0cf4478c94a654493b0f3cacb1a740a3d3d507edf7d243546442bf7c360266aeabbfec72ed8cc7fdea46679c1f4a555a6636f9ca1f8c7250c46d30e927df418d7aa1ffdcce8fe593add32cb6747a36dfdf6b23f07ed6fa751197e16d9999afeddd3b8810570f435954b0173705a78e75e5b59238698270b0156704eb79e14a4c8d27b2ce11f9cffe25643e14b1e5b45bef8d6a5e886c4247dd8ebac95d2ba2f51121e1fef03b0ba90f53388b1ac13c9dc391b4bf224fa19e78159b6eaf1fcd38b71762fd1f7031efc6c695ca2f0dc7b7b9350d50d48549fe87124b3947b6db60b58b3e774effceedcdbd35e5ae0bc400d0b9faca6daee297ef29644f6a948bb54bee1668156943f68f2574f96ce54877a0f8c7f787500f9526e81bd6a2a9d03a5deea7475a0baf3e44cbb8219aa337a284fc978444d577d4495e5c3cb5cda0fc9fc192e9fbcffe7aed124ff3cf04939d9e16158c5ce11a9b6e99915d5a18fddfa1b5e5fd9cfda73efd39ec8144d4333a38c97526b22fffa79259d52d6da65c83bf19705834099d44690019ef164e94d967e1bba290d1096d03b9bd72ab75a59ba734ce71b0ff5a901df2b12dd4b6be37c30640658ce1943be4372b446629eb97d8b73fee73eb44f1007fc4933fb6e9a003d572a96c897835cea9e2defae4d8844560dea8a978c633a4a08316efd60fad0d6780643e3b572edc25512fbc238fddb259b3042baa28479fb03a29e96a788e79a2aa7b5d3f8b6b9fa4af5fdd810a4f9ab4f0af80bf4e54f866d771247a060362391acb1fad6a83f5032686e7cc04275c4ffc79954455f035245663ece1bbc12fc903c77bada84c0b923123447d83a081e592ba22a13a55aa9b4642f4aaccd1b4b9a3ddcfe0421b71aca62283bb72defa153c62b38a1de9fdf9f5f477c300c2baa8d38fe4a66a51a1a9f931ce67cc0f7b57be8a228664a730207031fce2558506db353d48ab746c380f504ab774a48b734b26a774c03ae8ebfb6e30fbf4afc15d7aff9970e4ab5a58055b4e747a0376d7c69384933c779d99fcbe94b4af40c801bfcf6714fbb0a3b26f69e04282db20ceff6680af49e4667204b06bf0f8c1536f7718d553dd48a06d3b1ed939a6932fa5dcafb9eb9f1f4232257ede6d9538c3749815c534dabdc56743902f280fdacb8ea0a059caee9b38312ae8c492bbcce4e1470a5a1877ec45199963b1086896f7bf36312930bf942761708bae088ce524a959ed1a0a2236513db671e8fcd4d52ac05bf0fde96f1e96d739ce40c5cb6e07db819981383b5e67385a26abb218bf90945d92df5fd3214773e19dc84661f56a1580d40b7b4d11c340d17dca5afab1f74afcc8d22affea61962480a51efabedd44e861e8d77467dd42c128dbd748885edacdc323a30e39046a61f4718d09436b58936934659c997b47577f6a1a6a4af80cc02180566f8bce96638d3ea6f0ca9e371f54e3623375c89dad591695dc809a1a9f658cb098de491031ce4e902356a6f518860c3353c4edfc150469b346298e245340cf3dfb0e6265fa6a8ff537acd8331f14ee95220d675d925aa4f812898f4e945b360440cf7bf553c34d2b70f7109a59a18e58bc2b33dc10c0693f12cc7fe99a096dd948773eb81527a66302d84753db2710ab53e313a9fdb0b60cd9e2ca57c80b3ed59e2b938b8ebe138d7de9df6998150e7cf81f2ce9b514d235ca02874fa83b06bca592cc6e8724726517cc66a0eeda98b27d0b6c1e4c47145091d9a8f2815b2562f55e65c738b5909ed81b4307be5da7da0d6fdaae53a3b2d95918cec3172d9bbaca43d99bb7897c4c7fef41c3320d6a2bdadbc3dde6be44a34b7c3dd95db6d9a39d2c61c40bde451b359dde150a28d6715be3264e7b7042c8939a2e6d98ad1948aae15eeaaab9b918f40e3b3df3ca55bafe9ec0c1dfeaad02c0687bc7999fb43879888f7c1dfe4b9db975e8f65779af134ce12ca7143d0cf3cea09cfd3a138d1d780e5d694aef3e0e67d64117ff6f3e38970dee7258345fa63dce56e80424e1ff468c243e82c24361d9cec411622223a6b1d3352cff4fc68c246599059ac145be112f809d75531d6f1aeeabd12cc24528f2f6c072e07021474a329cb2a1ecb3f7c113e295ec8d1cdfcea9a53a8c028350c15c96bffdd477a94e78af909a8dad8afb44d3cc4c2bea14deb32e4fa72298d8dc9d84ab0981d466fe672a4e9c14286a163c71e86e8bdd3f6228c1264b369e5e1b6a7f22ecd7b59d9394789be83dcbd4aa604d9842ecfd4c1c0ef2c1c6cd02b5d22638a65a04d42353ec0afb6f7420c546cd35345f1e81addd5e9f9b2c7cf1e7be42262cc52494181e4380785be42a37e196015e7562cd204a65a5a5734646e0d255fa626db4a27427f60aa458ce9d39470973e8ecd829975315f165fce2ca140cbde9b68937ba65fb690d686ca83664663dc888f03c7b3773450ff2a7192a01d954fba16dde82203b9ac835ea8aab8da021bee5aa86d3242f819667e9c29807ead4bde0569299e6c288f17d35bad8117c54d8257e1161e5931dd247b5a90a95aa183e98d12e51a42755f2d68aaddf3e7b990c1bdf7bf6ec235518091924c6a565725abe2f82ec6f090b1b427160a983bc7131a7d88d669da8e69c36f99017d944850ea13c05c64664dac219ef5277ccf9abb1e02fc6514402a5bf4d08d9affb910a9b1be293c1cd1a1b27ed5206209f04100631fb0a4fc9b5ec688aa13255862b17d48cceb82b60ca78c33e529c8ef1c23130a51c26cd96725323fe6ebe799bd817cb43d389eae9ffcedd8b05b12b439c8c29f7b4d4c563dbd46f64d21bbb735582e4ecb5fd3039e800324a063436920026be46909bdcfa068ca2c79528c3428b9ea4071a0a2d10e276699a9ccbb1de840f1340a29a0473b5969a63af596199f4a181c775349d964b3c236d08fb571bb53ab5a3fbfe8d7c92c3371fa8cfd6c2353c0bec8bf0c3312ec017b9f5cd2c97b94818374b3c52bb18be35a75504b16ad053313f8c4036b506487736b4971b032e28515acd162a9509832a693c783b546a8e56cb71f43d4fab2ce44b512133b63812e2f9a7bfd323f5eb417323e0543c097332f309a097e35e3e8840c87d170ff678a02779cc04477fbd3a9a0b555261280ad79ab9e04a21828d5e83729f73b0590d4c1a625527c8488f6a0a080798d985c2a8ef2c48fcd3b75c5ccb490c539d0956e15a4f831d7a9f8db5b5805d1508e7fa992c0b331004e001210b8632521a4c0f8780df33917026e3ec668d56efce8c7dc5ac786d0fffdcb2ff070bd5bdd7c7cd3a7203e06c00db4b2eda8622fd3060b0dc13728e2ec9175b0911aa545d86f3e411b6736f14e2b2c528017c8dc5177c77386ec9e52325340a2b7b622d262dbfb878af40fe25c9d2e8902cdfbf3cc52b5cb132792eca41eafc69b5170bb6a6ed669a264768e060a4b335fd7017d6993882c1127c942edc2f012dc2d3cd6410bd3b2b1b70703e40c9fa6581d0d0465b950529ec2d3012692231c729fc83225c1ce9fb07610b245cc741ca575d128b14cae4293ebe242241d3707cbc002896ace99bf4a3f96c12b2c02fe6fdfd9e827ea4edd3a0026af3e7f362cc18421f5ee74a28afa552c8d99268140f9fb9ffce3a2217535"}, &(0x7f0000000100)=0x1008)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000380)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101341)
r6 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETSF2(r6, 0x402c542d, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1f, 0x0, "4a349800000000806913220909000909000a48"})
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000002880)=0x9)
ioctl$USBDEVFS_CLEAR_HALT(r5, 0x80045503, 0x0)
write$UHID_CREATE(r0, &(0x7f0000002a00)={0x0, {'syz0\x00', 'syz1\x00', 'syz0\x00', 0x0}}, 0x120)
r7 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r7, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)

7m7.393127291s ago: executing program 4 (id=1709):
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffcc5, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000400)='io_uring_create\x00', r2}, 0x18)
syz_io_uring_setup(0x4174, &(0x7f0000000780)={0x0, 0x7e05, 0x10100}, &(0x7f0000000100), &(0x7f0000000040))
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r3, &(0x7f0000001600)={&(0x7f0000000040)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000880)=[@fadd={0x58, 0x114, 0x6, {{}, 0xfffffffffffffffc, 0x0}}], 0x58}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="140000006bffff"], 0x15)
r4 = creat(&(0x7f0000000200)='./file0\x00', 0x0)
r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000040)={@dev}, 0x14)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@dellink={0x58, 0x11, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, r9, 0x2000, 0x440}, [@IFLA_IFALIAS={0x14}, @IFLA_MAP={0x24, 0xe, {0x757, 0x4, 0x200000000008, 0x3, 0x5, 0xb1}}]}, 0x58}}, 0x1)
close_range(r5, 0xffffffffffffffff, 0x0)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}})
write$P9_RVERSION(r1, &(0x7f0000000080)={0x13, 0x65, 0xffff, 0x0, 0x6, '9P2000'}, 0x13)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r11 = accept$inet6(r4, &(0x7f0000000140)={0xa, 0x0, 0x0, @private1}, &(0x7f00000001c0)=0x1c)
getpeername(r11, &(0x7f0000000240)=@l2tp={0x2, 0x0, @private}, &(0x7f00000002c0)=0x80)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r13=>0x0})
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001cc0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010000000000000000004f00000008000300f94c8e5f140f95d82983b27e58196cfadd34aaf1ae4538cd218ea203bbf7db74017795a83329b6699a51abd0a12ffadbd6c14e25dbab88cc38c8bd3063b2581e6c24ad7d37dad858347c7084a70b8bfabf19afb42952ffa2fdc349a92212c4b743ab4a9075bb6fd89215bf8022512775144947c24ecaf6ce71269604ce1b925d924751eb309462e37cf0c7a0f99ad7a21936c739f5e88cb9c5bd7dc231bbc9d7abc1b2f73bc34c95bafbb569b546e3dd1b6927", @ANYRES32=r13, @ANYBLOB="40007a800c000300a79c32ffb9fbee541400020020bb7bcad0230550ca1bb4b60de42fec140001007937f2e177f96e257b6f6afa9a2839ef0800040008000000"], 0x5c}}, 0x4000840)
sendmsg$NL80211_CMD_SET_MCAST_RATE(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000580)={&(0x7f00000004c0)={0x60, 0x0, 0x2, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r13}, @val={0xc, 0x99, {0x775, 0x19}}}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x168}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x3c}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x168}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x28}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xf0}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xa}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xb4}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x44810)
ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f0000000540)={'wlan0\x00'})
sendmsg$NL80211_CMD_NEW_KEY(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000640)={0x20, r10, 0x801, 0x0, 0x0, {{}, {@void, @val={0xc, 0x99, {0x9, 0x35}}}}}, 0xfffffffffffffe76}}, 0x48011)

6m50.977419254s ago: executing program 33 (id=1709):
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffcc5, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000400)='io_uring_create\x00', r2}, 0x18)
syz_io_uring_setup(0x4174, &(0x7f0000000780)={0x0, 0x7e05, 0x10100}, &(0x7f0000000100), &(0x7f0000000040))
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r3, &(0x7f0000001600)={&(0x7f0000000040)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0, 0x0, &(0x7f0000000880)=[@fadd={0x58, 0x114, 0x6, {{}, 0xfffffffffffffffc, 0x0}}], 0x58}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="140000006bffff"], 0x15)
r4 = creat(&(0x7f0000000200)='./file0\x00', 0x0)
r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r6 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000040)={@dev}, 0x14)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@dellink={0x58, 0x11, 0x800, 0x0, 0x0, {0x0, 0x0, 0x0, r9, 0x2000, 0x440}, [@IFLA_IFALIAS={0x14}, @IFLA_MAP={0x24, 0xe, {0x757, 0x4, 0x200000000008, 0x3, 0x5, 0xb1}}]}, 0x58}}, 0x1)
close_range(r5, 0xffffffffffffffff, 0x0)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r4}})
write$P9_RVERSION(r1, &(0x7f0000000080)={0x13, 0x65, 0xffff, 0x0, 0x6, '9P2000'}, 0x13)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff)
r11 = accept$inet6(r4, &(0x7f0000000140)={0xa, 0x0, 0x0, @private1}, &(0x7f00000001c0)=0x1c)
getpeername(r11, &(0x7f0000000240)=@l2tp={0x2, 0x0, @private}, &(0x7f00000002c0)=0x80)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan0\x00', <r13=>0x0})
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001cc0)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="010000000000000000004f00000008000300f94c8e5f140f95d82983b27e58196cfadd34aaf1ae4538cd218ea203bbf7db74017795a83329b6699a51abd0a12ffadbd6c14e25dbab88cc38c8bd3063b2581e6c24ad7d37dad858347c7084a70b8bfabf19afb42952ffa2fdc349a92212c4b743ab4a9075bb6fd89215bf8022512775144947c24ecaf6ce71269604ce1b925d924751eb309462e37cf0c7a0f99ad7a21936c739f5e88cb9c5bd7dc231bbc9d7abc1b2f73bc34c95bafbb569b546e3dd1b6927", @ANYRES32=r13, @ANYBLOB="40007a800c000300a79c32ffb9fbee541400020020bb7bcad0230550ca1bb4b60de42fec140001007937f2e177f96e257b6f6afa9a2839ef0800040008000000"], 0x5c}}, 0x4000840)
sendmsg$NL80211_CMD_SET_MCAST_RATE(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000580)={&(0x7f00000004c0)={0x60, 0x0, 0x2, 0x70bd2b, 0x25dfdbfe, {{}, {@val={0x8, 0x3, r13}, @val={0xc, 0x99, {0x775, 0x19}}}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x168}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x3c}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x168}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x28}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xf0}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xa}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xb4}]}, 0x60}, 0x1, 0x0, 0x0, 0x20000000}, 0x44810)
ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f0000000540)={'wlan0\x00'})
sendmsg$NL80211_CMD_NEW_KEY(r12, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000640)={0x20, r10, 0x801, 0x0, 0x0, {{}, {@void, @val={0xc, 0x99, {0x9, 0x35}}}}}, 0xfffffffffffffe76}}, 0x48011)

2m59.264707306s ago: executing program 6 (id=2329):
r0 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r1 = fanotify_init(0xf00, 0x0)
fanotify_mark(r1, 0x105, 0x40009975, r0, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r2 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r2, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r2, &(0x7f0000000100)='./file1\x00', r2, &(0x7f0000000240)='./file0\x00', 0x0)
rename(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00') (fail_nth: 1)

2m58.694626492s ago: executing program 6 (id=2331):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x140, 0x82)
r1 = fanotify_init(0x81, 0x0)
r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0)
io_setup(0x3, &(0x7f0000000180)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}])
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newtaction={0x224, 0x30, 0x1, 0x0, 0x0, {}, [{0x210, 0x1, [@m_gact={0x1d0, 0xe, 0x0, 0x0, {{0x9}, {0xac, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x3, 0x8, 0xd, 0x4}}, @TCA_GACT_PARMS={0x18, 0x2, {0x3ff, 0x1, 0x20000000, 0x1, 0x1}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x75b, 0x2}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x2658, 0x10000000}}, @TCA_GACT_PARMS={0x18, 0x2, {0x3, 0x6, 0x0, 0x100, 0x8}}, @TCA_GACT_PARMS={0x18, 0x2, {0x2, 0x2, 0x6, 0x10, 0x5}}, @TCA_GACT_PARMS={0x18, 0x2, {0x7ff, 0x7, 0x10000000, 0x7fff, 0x2}}, @TCA_GACT_PARMS={0x18, 0x2, {0x50, 0x401, 0x1, 0x6d, 0xcafe}}]}, {0xfa, 0x6, "8b7db28e9f1c077949aebabf4989be426b3f1fee3d3499cc9f1d5aa1b4c52f0a53678be31b1ec505611331b8184553514a9975c826f928bf77e87f4552c994e99923abc3f12e08540d638764b0ff0ce7517d67e30e7919bf9cf1790e9c4dedc468a87cd18925994eb9edd8ad52a90cf75bfef3de6ec240ecdd1f6d059342822cefe28879e65bebc47a64a5ee554c86eaa9bde7a5edc7273064dd4fe81ca26e4d6014cfc3865aed6f66c09502edc24a58f3fc32dd14415777fdd90fc47b5aa2529e0e71fc44d577d21bb3b3813a7c3625739ba163fe8d47be05c833f8bfaff5582dfc60f34d01549cb1bc883b62b4e87ffbf92a811135"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1}}}}, @m_ct={0x3c, 0x14, 0x0, 0x0, {{0x7}, {0xc, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x5, 0x70}]}, {0xb, 0x6, "ec5e57cda0b251"}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x224}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0xfffffffffffffe43, &(0x7f0000000240)=0x2)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r8 = fsopen(&(0x7f0000000280)='sysfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f00000001c0)='\b\x1bH\x95t|[\x12q\xd6\xa3\x12\xf7\x9e\x16\x8c\t\x86\xeb\xc5Q\x87\x15\xf0\rM\xdd\x91\xd1%\a\x91(\xb4\x12\xc0\x10\x11\xd4\no\xb4\x8e{\xfb\xc0T\xe9F\x85&\x18\xc4f', &(0x7f0000000100)='\x17\xec#\xac\x00w\xe9\x99BL\fE4%C\x00\x96\xda}\x02\x90\x84\xb9A\x8f\xe2\xaa\xf9V\x8d\x00[}\xdc\\', 0x0)
ioctl$CEC_DQEVENT(r2, 0xc0506107, 0x0)
ioctl$CEC_DQEVENT(r2, 0xc0506107, 0x0)
ioctl$IOC_PR_PREEMPT(r2, 0x40046109, &(0x7f0000000040)={0xd0, 0xfffffffffffffffe})
syslog(0x4, &(0x7f0000002000)=""/245, 0xf5)
fanotify_mark(r1, 0x105, 0x40001032, r0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
read$FUSE(r1, &(0x7f00000057c0)={0x2020}, 0x2020)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001a40)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x60, 0x60, 0x8, [@enum64={0x200005, 0x7, 0x0, 0x13, 0x0, 0x4, [{0x4, 0x1, 0xe081}, {0x9, 0xf9, 0xc}, {0x7, 0xa}, {0x2, 0x5, 0xc}, {0x4, 0x2, 0x5}, {0x8, 0x5, 0xb}, {0xf, 0x7ff, 0x9}]}]}, {0x0, [0x61, 0x0, 0x10, 0x2e, 0x61, 0x2e]}}, 0x0, 0x80, 0x0, 0x1, 0x5, 0x0, @void, @value}, 0x28)

2m56.849362155s ago: executing program 6 (id=2336):
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x80080, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_open_dev$dri(0x0, 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
io_uring_enter(0xffffffffffffffff, 0x3516, 0x1, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
chdir(&(0x7f0000000140)='./file1\x00')
quotactl_fd$Q_SETQUOTA(0xffffffffffffffff, 0xffffffff80000800, 0x0, 0x0)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000080)='.log\x00', 0x181041, 0x0)
r2 = socket$caif_seqpacket(0x25, 0x5, 0x3)
connect$caif(r2, &(0x7f0000000140)=@util, 0x18)
r3 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x23e42)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f0000001ac0)={0xffffffffffffffff, 0x0, {0x0, 0x0, 0x0, 0x80000001, 0x8000, 0x0, 0x0, 0x0, 0x4, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d52856bf3d3289737f0374c72a964a0244717deb7ba19bb3e7772fd29f35239d200", "24431a1e77a68e174ff10000000000000010e200", [0x4]}})
madvise(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x16)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000080)={0xffffffff, 0xe7, 0xfffffffe, 0x2, 0xb, "ea7174ddb80fc70000020000000000d3a2d975", 0x2, 0x4})
syz_usb_connect(0x2, 0x24, &(0x7f0000000040)=ANY=[@ANYRESHEX=r0, @ANYRESOCT=0x0], 0x0)

2m53.75247032s ago: executing program 6 (id=2345):
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
io_submit(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r3=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x0, @empty}, {0xa, 0x0, 0x0, @remote}, r3}}, 0x48)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=@newtfilter={0x78, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r7, {0x0, 0x7}, {}, {0xa, 0x1}}, [@filter_kind_options=@f_flower={{0xb}, {0x48, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS_MASK={0x8, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x4}]}, @TCA_FLOWER_KEY_ENC_OPTS={0x3c, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x14, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x100c}]}, @TCA_FLOWER_KEY_ENC_OPTS_VXLAN={0x24, 0x2, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x1}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x3}, @TCA_FLOWER_KEY_ENC_OPT_VXLAN_GBP={0x8, 0x1, 0x8}]}]}]}}]}, 0x78}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)

2m47.196071072s ago: executing program 6 (id=2359):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x140, 0x82)
r1 = fanotify_init(0x81, 0x0)
r2 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
r3 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0)
io_setup(0x3, &(0x7f0000000180)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000800)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}])
sendmsg$nl_route_sched(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@newtaction={0x224, 0x30, 0x1, 0x0, 0x0, {}, [{0x210, 0x1, [@m_gact={0x1d0, 0xe, 0x0, 0x0, {{0x9}, {0xac, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x3, 0x8, 0xd, 0x4}}, @TCA_GACT_PARMS={0x18, 0x2, {0x3ff, 0x1, 0x20000000, 0x1, 0x1}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x75b, 0x2}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x2658, 0x10000000}}, @TCA_GACT_PARMS={0x18, 0x2, {0x3, 0x6, 0x0, 0x100, 0x8}}, @TCA_GACT_PARMS={0x18, 0x2, {0x2, 0x2, 0x6, 0x10, 0x5}}, @TCA_GACT_PARMS={0x18, 0x2, {0x7ff, 0x7, 0x10000000, 0x7fff, 0x2}}, @TCA_GACT_PARMS={0x18, 0x2, {0x50, 0x401, 0x1, 0x6d, 0xcafe}}]}, {0xfa, 0x6, "8b7db28e9f1c077949aebabf4989be426b3f1fee3d3499cc9f1d5aa1b4c52f0a53678be31b1ec505611331b8184553514a9975c826f928bf77e87f4552c994e99923abc3f12e08540d638764b0ff0ce7517d67e30e7919bf9cf1790e9c4dedc468a87cd18925994eb9edd8ad52a90cf75bfef3de6ec240ecdd1f6d059342822cefe28879e65bebc47a64a5ee554c86eaa9bde7a5edc7273064dd4fe81ca26e4d6014cfc3865aed6f66c09502edc24a58f3fc32dd14415777fdd90fc47b5aa2529e0e71fc44d577d21bb3b3813a7c3625739ba163fe8d47be05c833f8bfaff5582dfc60f34d01549cb1bc883b62b4e87ffbf92a811135"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1}}}}, @m_ct={0x3c, 0x14, 0x0, 0x0, {{0x7}, {0xc, 0x2, 0x0, 0x1, [@TCA_CT_MARK={0x8, 0x5, 0x70}]}, {0xb, 0x6, "ec5e57cda0b251"}, {0xc}, {0xc, 0x8, {0x1, 0x3}}}}]}]}, 0x224}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r5, 0xfffffffffffffe43, &(0x7f0000000240)=0x2)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r8 = fsopen(&(0x7f0000000280)='sysfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f00000001c0)='\b\x1bH\x95t|[\x12q\xd6\xa3\x12\xf7\x9e\x16\x8c\t\x86\xeb\xc5Q\x87\x15\xf0\rM\xdd\x91\xd1%\a\x91(\xb4\x12\xc0\x10\x11\xd4\no\xb4\x8e{\xfb\xc0T\xe9F\x85&\x18\xc4f', &(0x7f0000000100)='\x17\xec#\xac\x00w\xe9\x99BL\fE4%C\x00\x96\xda}\x02\x90\x84\xb9A\x8f\xe2\xaa\xf9V\x8d\x00[}\xdc\\', 0x0)
ioctl$CEC_DQEVENT(r2, 0xc0506107, 0x0)
ioctl$CEC_DQEVENT(r2, 0xc0506107, 0x0)
ioctl$IOC_PR_PREEMPT(r2, 0x40046109, &(0x7f0000000040)={0xd0, 0xfffffffffffffffe})
syslog(0x4, &(0x7f0000002000)=""/245, 0xf5)
fanotify_mark(r1, 0x105, 0x40001032, r0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
read$FUSE(r1, &(0x7f00000057c0)={0x2020}, 0x2020)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001a40)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x60, 0x60, 0x8, [@enum64={0x200005, 0x7, 0x0, 0x13, 0x0, 0x4, [{0x4, 0x1, 0xe081}, {0x9, 0xf9, 0xc}, {0x7, 0xa}, {0x2, 0x5, 0xc}, {0x4, 0x2, 0x5}, {0x8, 0x5, 0xb}, {0xf, 0x7ff, 0x9}]}]}, {0x0, [0x61, 0x0, 0x10, 0x2e, 0x61, 0x2e]}}, 0x0, 0x80, 0x0, 0x1, 0x5, 0x0, @void, @value}, 0x28)

2m44.373656197s ago: executing program 6 (id=2367):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000e59a73c00000000", @ANYRES32=0x1, @ANYBLOB="0000000000000000000000000000581214890000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1b, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r3, 0x0, 0x0}, 0x10)
mount(0x0, &(0x7f0000003c40)='./file0\x00', &(0x7f0000000040)='proc\x00', 0x0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES64=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xb0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='mm_page_free\x00', r4}, 0x18)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000340)=@newqdisc={0x64, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}, @qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0xbf}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r8, &(0x7f0000006300)={0x2020, 0x0, <r9=>0x0}, 0x2020)
write$FUSE_INIT(r8, &(0x7f0000000040)={0x50, 0x0, r9, {0x7, 0x1f, 0x0, 0x10408}}, 0x50)
recvmmsg(r6, &(0x7f0000003780)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000840)=""/150, 0x96}, {&(0x7f0000000140)=""/89, 0x59}, {&(0x7f00000006c0)=""/77, 0x4d}], 0x3, &(0x7f0000000bc0)=""/207, 0xcf}, 0x9}, {{&(0x7f0000000900)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f00000013c0)=[{&(0x7f0000000cc0)=""/171, 0xab}, {&(0x7f0000000d80)=""/106, 0x6a}, {&(0x7f0000000e00)=""/243, 0xf3}, {&(0x7f0000000f00)=""/247, 0xf7}, {&(0x7f0000001000)=""/171, 0xab}, {&(0x7f00000010c0)=""/87, 0x57}, {&(0x7f0000001140)=""/234, 0xea}, {&(0x7f0000001240)=""/184, 0xb8}, {&(0x7f0000000600)=""/46, 0x2e}, {&(0x7f0000001300)=""/140, 0x8c}], 0xa, &(0x7f00000014c0)=""/72, 0x48}, 0x4d}, {{&(0x7f0000001540)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x80, &(0x7f0000000980)=[{&(0x7f00000015c0)=""/170, 0xaa}, {&(0x7f00000021c0)=""/4096, 0x1000}, {&(0x7f0000001680)=""/73, 0x49}, {&(0x7f0000001700)=""/219, 0xdb}], 0x4, &(0x7f0000001800)=""/202, 0xca}, 0x1}, {{&(0x7f0000001900)=@pptp={0x18, 0x2, {0x0, @initdev}}, 0x80, &(0x7f0000001e00)=[{&(0x7f0000001980)=""/125, 0x7d}, {&(0x7f0000001a00)=""/169, 0xa9}, {&(0x7f0000000a00)=""/21, 0x15}, {&(0x7f0000001ac0)=""/220, 0xdc}, {&(0x7f0000001bc0)=""/10, 0xa}, {&(0x7f0000001c00)=""/67, 0x43}, {&(0x7f0000001c80)=""/161, 0xa1}, {&(0x7f0000001d40)=""/164, 0xa4}], 0x8, &(0x7f0000001e80)=""/23, 0x17}, 0x7fff}, {{&(0x7f0000001ec0)=@qipcrtr, 0x80, &(0x7f0000002040)=[{&(0x7f0000001f40)=""/106, 0x6a}, {&(0x7f0000001fc0)=""/68, 0x44}], 0x2, &(0x7f0000002080)=""/17, 0x11}, 0xfffffffd}, {{&(0x7f00000031c0)=@l2={0x1f, 0x0, @fixed}, 0x80, &(0x7f00000036c0)=[{&(0x7f0000003240)=""/102, 0x66}, {&(0x7f0000004680)=""/4096, 0x1000}, {&(0x7f00000032c0)=""/188, 0xbc}, {&(0x7f0000008340)=""/4096, 0x1000}, {&(0x7f0000003380)=""/203, 0xcb}, {&(0x7f0000003480)=""/219, 0xdb}, {&(0x7f0000003580)=""/17, 0x11}, {&(0x7f00000035c0)=""/210, 0xd2}], 0x8, &(0x7f0000003740)=""/42, 0x2a}, 0x40}], 0x6, 0x1, &(0x7f0000003940))
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000003900)={0x0}}, 0x0)
r10 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r10, &(0x7f0000000200)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=@newqdisc={0x24, 0x24, 0xf0b, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r11, {0xd}, {0xffff, 0xffff}}}, 0x24}}, 0x20000800)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=@newtfilter={0x70, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {0xfffa, 0xb}, {}, {0x1c}}, [@filter_kind_options=@f_fw={{0x7}, {0x44, 0x2, [@TCA_FW_POLICE={0x40, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0xffff, 0x2, 0x7, 0x5, 0x7, {0xa5, 0x1, 0x0, 0x6, 0x6}, {0x3, 0x2, 0x80, 0x401, 0x8000, 0x3ff}, 0x0, 0x8, 0x7ffb}}]}]}}]}, 0x70}}, 0x24000004)
r12 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r12, &(0x7f00000002c0), 0x40000000000009f, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)

2m36.829866707s ago: executing program 0 (id=2383):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

2m36.118029409s ago: executing program 0 (id=2386):
ioperm(0x0, 0x6, 0x8000000000004)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x10)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_getattr(r2, &(0x7f0000000080)={0x38}, 0x38, 0x0)
pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

2m34.381063973s ago: executing program 0 (id=2390):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$bt_hci(r0, 0x84, 0x81, &(0x7f0000000080)=""/4076, &(0x7f00000010c0)=0xfec)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000100)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e21, @local}, 0x4, 0x0, 0x2}}, 0x26)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f00000002c0)=ANY=[@ANYBLOB="03000000000000006f0200000000000006000000000002"])
mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000400)='ramfs\x00', 0x2000000, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
creat(&(0x7f0000000300)='./bus\x00', 0x15d)
r6 = open(&(0x7f00000000c0)='./bus\x00', 0x14103e, 0x8e)
r7 = open(&(0x7f0000000000)='./file0\x00', 0x143042, 0xfe)
io_setup(0x3ff, &(0x7f0000000640)=<r8=>0x0)
io_destroy(r8)
io_submit(r8, 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ftruncate(r7, 0x2008002)
sendfile(r6, r7, 0x0, 0x80000001)

2m33.121627864s ago: executing program 0 (id=2392):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$ttyprintk(0xffffffffffffff9c, 0x0, 0x540, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
r3 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$get_persistent(0x16, 0xffffffffffffffff, r3)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
close(r4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000380)=[@in6={0xa, 0x4e20, 0x0, @private2, 0x5}]}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, 0x0, &(0x7f0000000240))
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r6 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r6, 0x400448c8, &(0x7f0000000280)={r5, r5, 0xc, 0x7, &(0x7f0000000340)="9ccf7041e63e3d", 0x9, 0x1, 0x458, 0x9, 0x9, 0x1, 0x7, 'syz0\x00'})
keyctl$clear(0x7, r3)
getsockopt$inet_int(r2, 0x10d, 0xa9, &(0x7f0000000000), &(0x7f0000000080)=0x4)
r7 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x10004, 0x0, r7, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0xffffffff, 0x3, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

2m30.717561295s ago: executing program 0 (id=2401):
setresuid(0x0, 0x0, 0xffffffffffffffff) (async)
r0 = socket$inet6(0xa, 0x3, 0xff) (async)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
write$sndseq(0xffffffffffffffff, &(0x7f0000000000)=[{0xfc, 0x0, 0x0, 0x0, @time={0x0, 0x101}, {0x0, 0xb8}, {0x0, 0x9}, @control={0x9, 0x9, 0xa}}], 0x1c) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r1}, 0x10)
r2 = io_uring_setup(0x22, &(0x7f00000000c0)={0x0, 0x0, 0x3000, 0x80000000, 0xfeffffff})
io_uring_register$IORING_REGISTER_RESIZE_RINGS(r2, 0x21, &(0x7f00000003c0)={0x0, 0xebb9, 0x8, 0x2000003, 0xd8, 0x0, r2}, 0x1) (async)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) (async)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0) (async)
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00') (async)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000080)={'ip6tnl0\x00', &(0x7f0000000100)={'syztnl0\x00', 0x0, 0x4, 0xe3, 0x81, 0x5, 0x54, @mcast1, @dev={0xfe, 0x80, '\x00', 0x2e}, 0x7, 0x8, 0x2, 0x5}}) (async)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) (async)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)

2m29.1555301s ago: executing program 0 (id=2403):
sync()

2m29.059690864s ago: executing program 34 (id=2367):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1600000000000000040000000e59a73c00000000", @ANYRES32=0x1, @ANYBLOB="0000000000000000000000000000581214890000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1b, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000400)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000740)={r3, 0x0, 0x0}, 0x10)
mount(0x0, &(0x7f0000003c40)='./file0\x00', &(0x7f0000000040)='proc\x00', 0x0, 0x0)
stat(&(0x7f0000000300)='./file0\x00', 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000000000000004000000018110000", @ANYRES64=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0xb0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000003c0)='mm_page_free\x00', r4}, 0x18)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000340)=@newqdisc={0x64, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c}, {0x4}}]}, @qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0xbf}]}}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r8 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r8, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r8, &(0x7f0000006300)={0x2020, 0x0, <r9=>0x0}, 0x2020)
write$FUSE_INIT(r8, &(0x7f0000000040)={0x50, 0x0, r9, {0x7, 0x1f, 0x0, 0x10408}}, 0x50)
recvmmsg(r6, &(0x7f0000003780)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000840)=""/150, 0x96}, {&(0x7f0000000140)=""/89, 0x59}, {&(0x7f00000006c0)=""/77, 0x4d}], 0x3, &(0x7f0000000bc0)=""/207, 0xcf}, 0x9}, {{&(0x7f0000000900)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, &(0x7f00000013c0)=[{&(0x7f0000000cc0)=""/171, 0xab}, {&(0x7f0000000d80)=""/106, 0x6a}, {&(0x7f0000000e00)=""/243, 0xf3}, {&(0x7f0000000f00)=""/247, 0xf7}, {&(0x7f0000001000)=""/171, 0xab}, {&(0x7f00000010c0)=""/87, 0x57}, {&(0x7f0000001140)=""/234, 0xea}, {&(0x7f0000001240)=""/184, 0xb8}, {&(0x7f0000000600)=""/46, 0x2e}, {&(0x7f0000001300)=""/140, 0x8c}], 0xa, &(0x7f00000014c0)=""/72, 0x48}, 0x4d}, {{&(0x7f0000001540)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @empty}}, 0x80, &(0x7f0000000980)=[{&(0x7f00000015c0)=""/170, 0xaa}, {&(0x7f00000021c0)=""/4096, 0x1000}, {&(0x7f0000001680)=""/73, 0x49}, {&(0x7f0000001700)=""/219, 0xdb}], 0x4, &(0x7f0000001800)=""/202, 0xca}, 0x1}, {{&(0x7f0000001900)=@pptp={0x18, 0x2, {0x0, @initdev}}, 0x80, &(0x7f0000001e00)=[{&(0x7f0000001980)=""/125, 0x7d}, {&(0x7f0000001a00)=""/169, 0xa9}, {&(0x7f0000000a00)=""/21, 0x15}, {&(0x7f0000001ac0)=""/220, 0xdc}, {&(0x7f0000001bc0)=""/10, 0xa}, {&(0x7f0000001c00)=""/67, 0x43}, {&(0x7f0000001c80)=""/161, 0xa1}, {&(0x7f0000001d40)=""/164, 0xa4}], 0x8, &(0x7f0000001e80)=""/23, 0x17}, 0x7fff}, {{&(0x7f0000001ec0)=@qipcrtr, 0x80, &(0x7f0000002040)=[{&(0x7f0000001f40)=""/106, 0x6a}, {&(0x7f0000001fc0)=""/68, 0x44}], 0x2, &(0x7f0000002080)=""/17, 0x11}, 0xfffffffd}, {{&(0x7f00000031c0)=@l2={0x1f, 0x0, @fixed}, 0x80, &(0x7f00000036c0)=[{&(0x7f0000003240)=""/102, 0x66}, {&(0x7f0000004680)=""/4096, 0x1000}, {&(0x7f00000032c0)=""/188, 0xbc}, {&(0x7f0000008340)=""/4096, 0x1000}, {&(0x7f0000003380)=""/203, 0xcb}, {&(0x7f0000003480)=""/219, 0xdb}, {&(0x7f0000003580)=""/17, 0x11}, {&(0x7f00000035c0)=""/210, 0xd2}], 0x8, &(0x7f0000003740)=""/42, 0x2a}, 0x40}], 0x6, 0x1, &(0x7f0000003940))
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000003900)={0x0}}, 0x0)
r10 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r10, &(0x7f0000000200)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000800)=@newqdisc={0x24, 0x24, 0xf0b, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r11, {0xd}, {0xffff, 0xffff}}}, 0x24}}, 0x20000800)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000000c0)=@newtfilter={0x70, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r11, {0xfffa, 0xb}, {}, {0x1c}}, [@filter_kind_options=@f_fw={{0x7}, {0x44, 0x2, [@TCA_FW_POLICE={0x40, 0x2, [@TCA_POLICE_TBF={0x3c, 0x1, {0xffff, 0x2, 0x7, 0x5, 0x7, {0xa5, 0x1, 0x0, 0x6, 0x6}, {0x3, 0x2, 0x80, 0x401, 0x8000, 0x3ff}, 0x0, 0x8, 0x7ffb}}]}]}}]}, 0x70}}, 0x24000004)
r12 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r12, &(0x7f00000002c0), 0x40000000000009f, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)

2m13.669027529s ago: executing program 35 (id=2403):
sync()

1m9.056665321s ago: executing program 2 (id=2568):
unshare(0x26020480)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000000)={&(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x3000})

1m8.674075892s ago: executing program 2 (id=2571):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="bf0500000000000071104b000000000066000000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r0 = socket$inet_smc(0x2b, 0x1, 0x0) (async)
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000380)={0x0, 0x9, 0x1, {0xa, @pix_mp={0x9, 0x81, 0x0, 0x8, 0x2, [{0xc, 0xffffffff}, {0x3, 0x7}, {0x8, 0x7fffffff}, {0x200, 0x3fc}, {0x5, 0x1}, {0x4ce, 0x8}, {0x7ff, 0x9}, {0x6, 0x1}], 0x7, 0xff, 0x6, 0x1, 0x5}}, 0x1}) (async)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000680)='syzkaller\x00', 0x4, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffc, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r2}, 0x10) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x7, 0x4, 0x18, 0x28e, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1a000000, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000100)={{0x2f, @broadcast, 0x4e21, 0x3, 'lblcr\x00', 0x2, 0x7, 0x69}, {@remote, 0x4e22, 0x0, 0x81, 0x1a4, 0x5}}, 0x44) (async)
umount2(&(0x7f0000000040)='./file0\x00', 0x9)

1m8.229931112s ago: executing program 2 (id=2573):
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000e09d7040460a2196324f01020301090224000100000000090400000206d3450009050102100000000009058b0240"], 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = syz_io_uring_setup(0x10e, &(0x7f0000000140)={0x0, 0xfffffffe, 0x0, 0x1}, &(0x7f0000000240)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_SENDMSG={0x9, 0x40, 0x0, r3, 0x0, &(0x7f0000001c00)={0x0, 0x0, 0x0}, 0x0, 0x0, 0x1})
io_uring_enter(r4, 0x47f5, 0x6021, 0x0, 0x0, 0x0)
r7 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
ioctl$NBD_SET_SIZE_BLOCKS(r7, 0xab07, 0x9)
r8 = memfd_secret(0x80000)
getsockopt$EBT_SO_GET_INFO(r8, 0x0, 0x80, &(0x7f00000000c0)={'nat\x00', 0x0, 0x0, 0x0, [0x1, 0x8, 0x7fffffff, 0x9, 0x3, 0x4]}, &(0x7f00000001c0)=0x78)
ioctl$BLKPG(r7, 0x1269, &(0x7f0000000040)={0x3, 0x0, 0x98, &(0x7f0000000300)={0x5, 0x0, 0x4}})

1m4.452940994s ago: executing program 2 (id=2581):
r0 = syz_open_dev$midi(&(0x7f0000000040), 0xb6, 0x48801)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x10}]}, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
writev(r0, &(0x7f0000003480)=[{&(0x7f0000001380)="03", 0x1}], 0x1)

1m4.146216s ago: executing program 2 (id=2582):
unshare(0x26020480)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000000)={&(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, 0x3000})

1m3.177707782s ago: executing program 2 (id=2585):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(r0, &(0x7f0000000080)='attr/current\x00')
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, {0x5, 0x8004}}, './file0\x00'})
sync()
sync()
ioctl$BTRFS_IOC_SCRUB_CANCEL(r2, 0x941c, 0x0)
sync()
sync()
sync()
sync()
sync()
sync()
sync()
fchdir(r1)

47.994970708s ago: executing program 36 (id=2585):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(r0, &(0x7f0000000080)='attr/current\x00')
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
sync()
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000040)={{0x1, 0x1, 0x18, <r2=>0xffffffffffffffff, {0x5, 0x8004}}, './file0\x00'})
sync()
sync()
ioctl$BTRFS_IOC_SCRUB_CANCEL(r2, 0x941c, 0x0)
sync()
sync()
sync()
sync()
sync()
sync()
sync()
fchdir(r1)

14.0049488s ago: executing program 8 (id=2717):
r0 = socket(0x848000000015, 0x805, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x8060, @mcast1, 0x10}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
socket$inet_smc(0x2b, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(0xffffffffffffffff, 0xf504, 0x0)
syz_open_pts(0xffffffffffffffff, 0x22000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r3 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000240)={0x80000020, 0x2000}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0xd0}, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
clock_adjtime(0x0, &(0x7f0000000000)={0x100000001, 0x0, 0x0, 0x0, 0xb, 0xfffffffffffffffd, 0x77, 0x0, 0x100000000000000, 0xffffffffffffffff, 0x3, 0x248a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x6, 0x6})
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x567, 0x0, 0x0, 0x0, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r5, 0x890b, &(0x7f0000000380)={0x0, {0x2, 0x4e23, @empty}, {0x2, 0x0, @remote}, {0x2, 0x4e21, @empty}, 0x107, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000})
ioctl$sock_inet_SIOCADDRT(r6, 0x890b, &(0x7f0000000840)={0x0, {0x2, 0x4e24, @empty}, {0x2, 0x0, @loopback}, {0x2, 0x4e23, @broadcast}, 0x102, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff})
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, 0x0, 0x0)
execveat(0xffffffffffffffff, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

13.805976983s ago: executing program 8 (id=2719):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
r1 = dup3(r0, r0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='net/fib_trie\x00')
read$FUSE(r2, &(0x7f0000020940)={0x2020}, 0x2020)
preadv(r2, 0x0, 0x0, 0x80000001, 0x3)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$netlink(0x10, 0x3, 0x0)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
ioctl$FS_IOC_GETVERSION(r4, 0xc040ff0b, &(0x7f0000000180))
r5 = syz_open_dev$video4linux(&(0x7f0000000240), 0x145, 0x0)
ioctl$VIDIOC_SUBDEV_G_CROP(r5, 0xc038563b, &(0x7f0000000040)={0x1, 0x0, {0x9, 0x208, 0x12c68bba, 0x5}})
syz_open_procfs(0xffffffffffffffff, 0x0)
read$FUSE(r2, &(0x7f0000000300)={0x2020}, 0x2020)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f00000003c0)=0x2, 0x4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010129bd7000000000002b00000008000300", @ANYRES32=r8, @ANYBLOB="05003400c40000000800270001000000080026009e09"], 0x3c}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000300000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000100"/17], 0x48)
connect$inet6(r0, &(0x7f0000000300)={0xa, 0x3, 0x8, @loopback, 0xfffffffe}, 0x1c)

12.87856056s ago: executing program 8 (id=2722):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_emit_ethernet(0x56, &(0x7f00000002c0)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa00000d010000a03902000053a9fdf3c911e2b3b79f6dcf14b59e4087a490d54b"], 0x0)
io_setup(0xfb, &(0x7f0000000140)=<r0=>0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
io_submit(r0, 0x1, &(0x7f00000004c0)=[&(0x7f0000000340)={0x2000000, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000200)="13", 0xfffffdfc}])
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x2)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
open_tree(r3, 0x0, 0x89981)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r5, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
r6 = socket$inet6(0xa, 0x3, 0x1)
getsockopt$PNPIPE_HANDLE(0xffffffffffffffff, 0x113, 0x3, 0x0, &(0x7f0000000040))
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0x0, '.\x00'}})

11.797891389s ago: executing program 8 (id=2724):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = fsopen(&(0x7f0000000400)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r1}, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r2}, 0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000140)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @empty}, 0x1, 0x3}}, 0x26)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r4, &(0x7f00000003c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYBLOB="90000000000801020000000000000000010000080900010073797a30000000000c00048008000140000000070900010073797a300000000006000240e8400000060002408808000005000300110000000900010073797a31000000000600024000000000240004800800064013000008080006400000000179fe05400000000c0800054000000000050003002100"], 0x90}, 0x1, 0x0, 0x0, 0x400c000}, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r5 = fsmount(r0, 0x0, 0x0)
ioctl$CEC_DQEVENT(0xffffffffffffffff, 0xc0506107, &(0x7f0000000600))
openat$cgroup_ro(r5, &(0x7f0000000340)='cgroup.stat\x00', 0x300, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000031c0)={&(0x7f00000006c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1}, 0x80, 0x0, 0x0, 0x0, 0x10}, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r4, 0x0, 0x4000001)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

9.650731358s ago: executing program 8 (id=2730):
socket$inet6(0xa, 0x3, 0x5)
r0 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000100)={@loopback={0x0, 0x7ffffffff000}, 0x800, 0x0, 0x1, 0x0, 0x0, 0x7}, 0x20)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYRESOCT=0x0], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x26, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r7 = dup(r6)
bind$bt_l2cap(r7, &(0x7f0000000300)={0x1f, 0x0, @none}, 0xe)
listen(r7, 0x0)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet_sctp(r9, &(0x7f0000001bc0)=[{&(0x7f0000000080)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000016c0)=[{&(0x7f00000000c0)="8a", 0x1}], 0x1, &(0x7f0000000380)=[@prinfo={0x18, 0x84, 0x5, {0x30, 0xffffe1a1}}, @sndrcv={0x30, 0x84, 0x1, {0xffff, 0x0, 0x2, 0x5, 0x9, 0x914, 0x3, 0x8}}, @dstaddrv6={0x20, 0x84, 0x8, @private1}], 0x68}], 0x1, 0x40)
r10 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r10, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)
r11 = dup(r3)
ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x1)

7.771168072s ago: executing program 9 (id=2732):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
r1 = dup3(r0, r0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='net/fib_trie\x00')
read$FUSE(r2, &(0x7f0000020940)={0x2020}, 0x2020)
preadv(r2, 0x0, 0x0, 0x80000001, 0x3)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$netlink(0x10, 0x3, 0x0)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
ioctl$FS_IOC_GETVERSION(r4, 0xc040ff0b, &(0x7f0000000180))
r5 = syz_open_dev$video4linux(&(0x7f0000000240), 0x145, 0x0)
ioctl$VIDIOC_SUBDEV_G_CROP(r5, 0xc038563b, &(0x7f0000000040)={0x1, 0x0, {0x9, 0x208, 0x12c68bba, 0x5}})
syz_open_procfs(0xffffffffffffffff, 0x0)
read$FUSE(r2, &(0x7f0000000300)={0x2020}, 0x2020)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f00000003c0)=0x2, 0x4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010129bd7000000000002b00000008000300", @ANYRES32=r8, @ANYBLOB="05003400c40000000800270001000000080026009e09"], 0x3c}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000300000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000100"/17], 0x48)
connect$inet6(r0, &(0x7f0000000300)={0xa, 0x3, 0x8, @loopback, 0xfffffffe}, 0x1c)

7.437331128s ago: executing program 9 (id=2734):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xd)
epoll_create(0x7)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
rseq(&(0x7f0000000580)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
r4 = gettid()
r5 = openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_GET_EVENT(r5, &(0x7f00000003c0)={0xc, 0x8, 0xfa00, {&(0x7f0000001140)}}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000d00)={0x0, 0x18, 0xfa00, {0x204, &(0x7f0000000cc0)={<r6=>0xffffffffffffffff}, 0x106}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, &(0x7f0000000d40)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}}, {0xa, 0x0, 0x40000000, @local}, r6, 0x2000}}, 0x48)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000200)={<r7=>0x0})
openat$smackfs_access(0xffffffffffffff9c, &(0x7f0000000500)='/sys/fs/smackfs/access\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000240)={<r8=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_QUERY(0xffffffffffffffff, 0xc01864cb, &(0x7f0000000340)={&(0x7f0000000280)=[0x0, r7, r8], &(0x7f0000000300)=[0x6, 0x4116, 0x6, 0x199, 0xa, 0x5, 0x100000001, 0x4], 0x3, 0x1})
rt_sigtimedwait(&(0x7f0000000080)={[0x3ff]}, 0x0, 0x0, 0x8)
r9 = socket$inet_tcp(0x2, 0x1, 0x0)
clock_gettime(0x0, &(0x7f0000000100)={<r10=>0x0, <r11=>0x0})
ppoll(&(0x7f0000000380)=[{r5, 0x2008}, {r5, 0x780}], 0x2, &(0x7f0000000440), &(0x7f0000000480)={[0x8000000000000000]}, 0x8)
ppoll(&(0x7f00000002c0)=[{r9, 0x300}, {r1, 0x621}, {r5}, {r5, 0x2200}], 0x4, &(0x7f0000000180)={r10, r11+60000000}, &(0x7f00000001c0)={[0x25]}, 0x8)
setsockopt$inet_msfilter(r9, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="e000"/16], 0x10)
tkill(r4, 0x8)
prctl$PR_CAPBSET_READ(0x59616d61, 0x20)
umount2(&(0x7f0000000540)='./file0\x00', 0x8)
r12 = syz_open_dev$video4linux(&(0x7f0000000980), 0x6, 0x140)
ioctl$VIDIOC_SUBDEV_S_FRAME_INTERVAL(r12, 0xc0305616, &(0x7f0000001640)={0x0, {0x2, 0x7}})
openat$procfs(0xffffffffffffff9c, &(0x7f00000010c0)='/proc/bus/input/handlers\x00', 0x0, 0x0)

7.357388589s ago: executing program 5 (id=2735):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_emit_ethernet(0x56, &(0x7f00000002c0)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa00000d010000a03902000053a9fdf3c911e2b3b79f6dcf14b59e4087a490d54baa9acaae3143b9b0012d4d25046ca637129be1a75d61"], 0x0)
io_setup(0xfb, &(0x7f0000000140)=<r0=>0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
io_submit(r0, 0x1, &(0x7f00000004c0)=[&(0x7f0000000340)={0x2000000, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000200)="13", 0xfffffdfc}])
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x2)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
open_tree(r3, 0x0, 0x89981)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r5, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
r6 = socket$inet6(0xa, 0x3, 0x1)
getsockopt$PNPIPE_HANDLE(0xffffffffffffffff, 0x113, 0x3, 0x0, &(0x7f0000000040))
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0x0, '.\x00'}})

6.413987255s ago: executing program 7 (id=2736):
r0 = syz_open_dev$evdev(&(0x7f0000000040), 0x3d, 0x0)
ioctl$EVIOCGRAB(r0, 0x40044590, &(0x7f0000000080))
r1 = epoll_create(0x2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x2})
ioctl$EVIOCGABS20(r0, 0x40044591, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
pwritev(r2, &(0x7f0000000600)=[{&(0x7f0000000240)="02000000", 0x4}, {&(0x7f0000000280)="f697079a161cfb7702311e629acda76933ddd0c24174eb4d4d28f9", 0x1b}, {&(0x7f0000000340)="527302587e0a4e47ad", 0x32}], 0x5a, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0xfffffffffffffffd, 0x109200)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r4, 0xc4c85512, &(0x7f0000000280)={{0x1, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [0x0, 0x83fc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x6, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0xfffffffffffffffd, 0x100000000, 0x0, 0xfffffffffffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd451, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x10000, 0x0, 0x0, 0xfffffffffffffffa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x40, 0xfffffffffffffffa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffffffffffff0001, 0x0, 0x4000000]})
sendmsg$IPSET_CMD_LIST(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x5, 0x0, 0x0, {0x0, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}}, 0x1000000000000)

6.366168526s ago: executing program 5 (id=2737):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@getroute={0x14, 0x1a, 0x2, 0x70bd2b, 0x25dfdbfc, {}, ["", "", "", ""]}, 0xfffffffffffffc3e}}, 0x2000000)

6.298722978s ago: executing program 1 (id=2738):
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="000000000000edffff03001c0000000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x61d2, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x73d0, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0), &(0x7f00000001c0))

6.221894094s ago: executing program 7 (id=2739):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, 0x0, &(0x7f0000000280))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
r1 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
getresuid(&(0x7f00000001c0), &(0x7f0000000300), &(0x7f0000000380))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x100c000, 0x83e, 0x0, 0x3}, 0x1c)
sendmsg$nl_generic(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="400000001d00fedbdf251d00000005000000000016d9240008800800c200e000000204001e80002b2b0000080073004e055956000004001b00000000000000"], 0x40}}, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r8=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r6, 0xc01c64a3, &(0x7f0000000100)={0x3, r8, 0x0, 0x1, 0xa, 0x1ff, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR2(r6, 0xc02464bb, &(0x7f0000000080)={0x3, r8, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8})

6.17758373s ago: executing program 5 (id=2740):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000240)='net/fib_trie\x00')
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000004d00)=@newtaction={0x1cc, 0x30, 0xb, 0xfffffffc, 0x0, {}, [{0x84, 0x1, [@m_skbmod={0x80, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x51, 0x6, "db3817ca0b6bc021f0c579c007ab8f28880a96e4ee3cdd485738f5ab5a5273b61a3241e721ee5b8bb02038630ae44a47dbbf2d2ceb08757a0be98cd85b1eb2ee00000000000000000000002241"}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}, {0x134, 0x1, [@m_skbedit={0x6c, 0x1f, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_MARK={0x8, 0x5, 0x80000001}, @TCA_SKBEDIT_PTYPE={0x6}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x1}]}, {0x27, 0x6, "a09afd4130bb7556229b712e52d14a96d25d3e05a3e9712b6e8ace6f859dde3434d990"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0xc4, 0x8, 0x0, 0x0, {{0x8}, {0x4}, {0x9b, 0x6, "b05e096b4e5a86873efdebfb082811137cba969c07c746a830c05b85a0c1ad7253015fa99c3fd5aeddd0aa234df509b044371273add9750e7d683dd918d383a270e65141ba7fae999a6792f556c3447f295c6965d3463eb2f4342a2252c9e44602729b258d3c6786a1d04b297c07f914acce1b14d5d945505f5dc73207ce4adf7536f8daf2d7d595fda47acd052422e0cb3ab96aae9c7c"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0x1cc}, 0x1, 0x0, 0x0, 0x4044800}, 0x0)
read$FUSE(r1, &(0x7f0000002cc0)={0x2020}, 0xfffffece)
preadv(r1, 0x0, 0x0, 0x80000001, 0x3)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000080)={&(0x7f0000002800)=ANY=[@ANYBLOB="140000001000010000000000000000000700000ae8000000080a01020000000000000000000000060900010073797a310000000008000a40000000010c000340000000000000000308000a400000000208000a40000000000900020073797a32000000001300074020b69ad668756f3fb669faf5adc97200136952ac0c4e2882403056e5ba1236f4c08ce69acf104ba5ed906ffe13fc2fd6193a5a0bbdebb6a422dc1bcb82b90093f5299e36fc975f0111fcbf55669091f79bf887f949368878693c94fbfde7a3a2b49a93cad25b3d511218483e2adf6cd0a7cc0e744c38b1a35fcb4daf43156cba2872be5b6b0d5a92b99ad60313483f8016b6000078020000060a050000000000000000000a00000508000b400000000434000480100001800b0001006f626a7265660000100001800b00010072656a6563740000100001800b0001006c6f6f6b757000000c0003400000000000000001f8010480100001800b0001006e756d67656e0000140001800e000100627974656f726465720000003800018008000100667764002c000280080002400000000a080002400000000e0800034000000002080002400000000c080002400000000f20000180070001007274000014000280080002400000000008000140000000003c0001800b00010072656a65637400002c00028105000200e80000000540020009000000080001400000000208000140000000020500020054000000000101800a0001006d6174636800000000000280070003002399b500e3000300f90464690f0744c1cdc7a430a5a52b118364dbf0ca14e70749c41795db3375c1fb60af848747030d07dce0eb2710594c40e715a5c417acdf1e7235e5239e6ba9ccbf09f308b5470ab28da6b64d124db51d841f239a1cef057151ec5211cbe84f8dd52155fb8d43553bd4ec64a7ba83566892bb93589b5186a4dffc848b6ff9e99562a8cf0fc3f963286aa1f50a0b289bc5ffb90b89ec31d4935fda111dbd792916c0c738bff0fa968953855ed1493db8d75e66aa1408153ad40ebdaa7be52058280a6c957fe45218a5f0d399a6d9da70c9649df4c44f4a6fdc76b02d226b59d1d2fa003c0001800c0001007061796c6f6164002c00028008000340000000f208000440000000930800084000000000080005400000000808000540000000110900010073797a310000000008000a400000000108000940000400010800094000000001e0000000000a01040000000000000000030000020900010073797a30000000000900010073797a300000000008000240000000036a000600abd0860f9ff358ddc665273cf4ba8000ecfb5268215f4b4f0dc85cbae81c86e09a0191bf034c971d4b938c2553444579591f919568d5f774591424a60c573610e7d991d4fb779d33e809ec6725e9d99ba6b656ad1c8539469cfece4b4027f53a2d79eac030a000003d0006003dfabf1fb09c1d69727f5409a6b53cb78c920ffcd92209a4c8dddc4e99841c504e984740900d61e821029d5d28b4a06dc48e358f49a2dca05200000020000000060a03000000000000000000050000000900020073797a3100000000140000001100010000000000000000000a00000ad529374b8a9790"], 0x488}, 0x1, 0x0, 0x0, 0x48000}, 0x4004000)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'xxhash64\x00'}, 0x58)
r4 = accept4(r3, 0x0, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f00000033c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="7fe5b8e8dfec915e", 0x8}], 0x1}}], 0x1, 0x4050)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$netlink(0x10, 0x3, 0x0)
r6 = getpid()
syz_pidfd_open(r6, 0x0)
syz_open_dev$midi(&(0x7f0000000200), 0x0, 0x4800)
ioctl$VIDIOC_SUBDEV_G_CROP(0xffffffffffffffff, 0xc038563b, &(0x7f0000000040)={0x1, 0x0, {0x9, 0x208, 0x12c68bba, 0x5}})
syz_open_procfs(0xffffffffffffffff, 0x0)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r7, 0x3b88, &(0x7f0000000200)={0xc, r8})
ioctl$IOMMU_VFIO_IOMMU_GET_INFO(r7, 0x3b70, &(0x7f00000000c0)={0x1c})

5.117399617s ago: executing program 1 (id=2741):
io_setup(0x5, &(0x7f0000000e80)=<r0=>0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
io_submit(r0, 0x1, &(0x7f0000001580)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x7, 0x0, r1, &(0x7f0000000080)='d', 0x2}])

4.98031321s ago: executing program 7 (id=2742):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
syz_io_uring_setup(0x10d, 0x0, &(0x7f0000000340), &(0x7f0000000280))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
r1 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
getresuid(&(0x7f00000001c0), &(0x7f0000000300), &(0x7f0000000380))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x100c000, 0x83e, 0x0, 0x3}, 0x1c)
sendmsg$nl_generic(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="400000001d00fedbdf251d00000005000000000016d9240008800800c200e000000204001e80002b2b0000080073004e055956000004001b00000000000000"], 0x40}}, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r8=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r6, 0xc01c64a3, &(0x7f0000000100)={0x3, r8, 0x0, 0x1, 0xa, 0x1ff, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR2(r6, 0xc02464bb, &(0x7f0000000080)={0x3, r8, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8})

4.476554519s ago: executing program 5 (id=2743):
r0 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x800, 0x0, 0x3, 0x9}, 0x20)
r1 = socket$inet6(0xa, 0x3, 0x7)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000100)={@loopback={0x0, 0x7ffffffff000}, 0x800, 0x0, 0x1, 0x0, 0x0, 0x7}, 0x20)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYRESOCT=0x0], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r2}, 0x10)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x26, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r8 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r9 = dup(r8)
bind$bt_l2cap(r9, &(0x7f0000000300)={0x1f, 0x0, @none}, 0xe)
listen(r9, 0x0)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r11 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet_sctp(r11, &(0x7f0000001bc0)=[{&(0x7f0000000080)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, &(0x7f0000000380)=[@prinfo={0x18, 0x84, 0x5, {0x30, 0xffffe1a1}}, @sndrcv={0x30, 0x84, 0x1, {0xffff, 0x0, 0x2, 0x5, 0x9, 0x914, 0x3, 0x8}}, @dstaddrv6={0x20, 0x84, 0x8, @private1}], 0x68}], 0x1, 0x40)
r12 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r12, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000010}, 0x0)
r13 = dup(r4)
ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x1)

3.203473867s ago: executing program 1 (id=2744):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
r1 = dup3(r0, r0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000240)='net/fib_trie\x00')
read$FUSE(r2, &(0x7f0000020940)={0x2020}, 0x2020)
preadv(r2, 0x0, 0x0, 0x80000001, 0x3)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$netlink(0x10, 0x3, 0x0)
r3 = getpid()
r4 = syz_pidfd_open(r3, 0x0)
ioctl$FS_IOC_GETVERSION(r4, 0xc040ff0b, &(0x7f0000000180))
r5 = syz_open_dev$video4linux(&(0x7f0000000240), 0x145, 0x0)
ioctl$VIDIOC_SUBDEV_G_CROP(r5, 0xc038563b, &(0x7f0000000040)={0x1, 0x0, {0x9, 0x208, 0x12c68bba, 0x5}})
syz_open_procfs(0xffffffffffffffff, 0x0)
read$FUSE(r2, &(0x7f0000000300)={0x2020}, 0x2020)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f00000003c0)=0x2, 0x4)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010129bd7000000000002b00000008000300", @ANYRES32=r8, @ANYBLOB="05003400c40000000800270001000000080026009e09"], 0x3c}}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b000000080000000c0000000300000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000100"/17], 0x48)
connect$inet6(r0, &(0x7f0000000300)={0xa, 0x3, 0x8, @loopback, 0xfffffffe}, 0x1c)

3.186934596s ago: executing program 9 (id=2745):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x1})
ioctl$UFFDIO_COPY(r0, 0xc028aa05, 0x0)

2.961809938s ago: executing program 7 (id=2746):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000000)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x8, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x61}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r3, 0xc0205648, &(0x7f0000000100)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)={0x98f90e, 0xf4c, '\x00', @p_u16=0x0}})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e000f260cd8"], 0x7)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="d2ff03076003008cb89e08f086dd", 0x0, 0x4, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x50)

2.93036459s ago: executing program 1 (id=2747):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000002400)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004870000000000000400000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4d94f204e345c65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d57aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c295122a1bcf9436e192e23fd275985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e720c9901de2ebb9000000018e3095c4c5c7a156cec37dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e8f0a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340bdc8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9fae997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69d384146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfd0aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8ca049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5ea3c88d5480efd8329d9a733d8f9ffffff5f91ae162745f6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bc39c1e91c000b85457917dcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a9c1f2dc7e8542422113285b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69279500bb82f6b4a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef3b398f0e6bb7a30006000000cba12953d58cff0f65fd31fbd9853fd57b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0091245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181d530fb865e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8596970d5254727e804fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689df8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c00000000040000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00122e812a5e37cd52c9eb7336281cb8c6c64c382680fdc8f7eeafce2e993c51cd1eab8a26b232acf6bf0ab829c26dab637538b2eb1420d812d2b80c777710b20f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d8549f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290f4996fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba334c83e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaaf56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9f30f840f1ba4664f35547cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c67491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce169117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd803bc81460eee57ceb3c33f4e9300b0144fe040cf5fcfc8c00000000000000afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef1696e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb56923b0735ab60a539ade786bd6004d0ea3edbd6c49859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3030000000000000059f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee2838903b6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2caa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5cc98d992f3de7d1cdfb24384b9f10f615c87c441dc970ec896a5af6bf69b50a244bc131538c6cfc98a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d5b7b29a938f488be7eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cb00000000000000000000f4e1b774d0732ede6385923110ae01da6437a9b7a01b2d8c6afdcf15fd0040393ed3f2d3bf40285c414df6ddaab8e27b4c0028bd945d6e622017b2d96c978859fc2917951c5662b325f7fead9c68f9df5ef9f401a2127dc1d386022cdf8a786b02d0a7a74f7c7564e993772bacf42831528fa72bbb64cbe93d2ce0ff64ec7499e7d4c326d1497916ce58b283ff659db3ef576a74571a2bc325e87a72a3ed27a57efe5d6016193ea3d6c63fb777ca5aec649e977443cbe3603ebf1a3b1f705b6f576fe7a6bfa7f20036821615b808c442658d069434c8fb423dd1e5673b61f867e042172654f48c3aa8464e8f75f93b5660f6449b93a5957198ee5c258f04edd640b77f3a49b01230a2a863d4a8d69ebbd0cffbae7602956090f6681131b7ced5ac86f330282f1e3a435a915a790dd88e2220c7904457576c4e0942ccbd07f1cd9c04645ae4c77bcd2f95b263b7495bd56a99536092c1fc86b32d9e57d1d7627ec3390ffa7d4f229a071639f4d61bf0030b4f9ee0533d8c5ce2e06b98e859df68e9491b1a708c60baa367370b2cd91b56b537425ed74d811ff4e07f53abeb164a"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000004c0)=r2, 0x4)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x0, @none, 0x0, 0x1}, 0xe)
listen(r3, 0xa1)
r4 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100}, &(0x7f0000000180)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000080)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x8013}, 0x1})
io_uring_enter(r4, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_SET(r4, &(0x7f0000000440)={&(0x7f0000000040), 0xc, &(0x7f0000000400)={&(0x7f0000000240)={0x24, r7, 0x800, 0x70bd2c, 0x25dfdbff, {}, [@ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0x1800}, @ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x200000c5}, 0x20048044)
sendmsg$inet(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)="25b096f681cd731c3f3a9badc4e3cf5edeae1f3b5082d7ab3a97c053df68744e7c7e24d0b59997bab4bccff8363b275de3510b0ebe4275d8d2f153395668e3d608e358fc2294263c03f8dc4f8bf194e4fde4600a2dec2f483a914e2fde0cbc344a2b9fc18dd198966045a6d4d4eb8571e8bb69e6724e37fcbaa6e4c64050b47256b9bb17f5c0aa5101e015ecdcb62fec46fc0205512535", 0xfed7}, {&(0x7f0000000280)="d3a88bea5916e313729a3989393caca70c74cd74e62e524bdd37be131ad827f911027e70ccf679d8e7c0cd3333095f83d6d473db345ded2ac8acaa87503de74c82431758e8e11e3ecb7bce02d6cd65f4eb88cc49ceb9e39f7117eb0f62323dc9b80dea447b0c96a383f14281bb87b09de0a6153ceeaae2b50a2b0f0f41810f379f9c3a1f3938461829d716a4bda86ab11b41f754bc15d71b", 0xfed0}], 0x2}, 0x0)

2.847625937s ago: executing program 9 (id=2748):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
syz_emit_ethernet(0x56, &(0x7f00000002c0)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaa00000d010000a03902000053a9fdf3c911e2b3b79f6dcf14b59e4087a490d54baa9acaae3143b9b0012d4d25"], 0x0)
io_setup(0xfb, &(0x7f0000000140)=<r0=>0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
io_submit(r0, 0x1, &(0x7f00000004c0)=[&(0x7f0000000340)={0x2000000, 0x0, 0x0, 0x0, 0x0, r1, &(0x7f0000000200)="13", 0xfffffdfc}])
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000340)=0x2)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
open_tree(r3, 0x0, 0x89981)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r5, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
r6 = socket$inet6(0xa, 0x3, 0x1)
getsockopt$PNPIPE_HANDLE(0xffffffffffffffff, 0x113, 0x3, 0x0, &(0x7f0000000040))
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f0000000400)=@ethtool_flash={0x33, 0x0, '.\x00'}})

2.754770042s ago: executing program 1 (id=2749):
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={0x0, 0x58}, 0x1, 0x0, 0x0, 0x24004000}, 0x24040840)
r0 = accept4$unix(0xffffffffffffffff, &(0x7f0000000380)=@abs, &(0x7f0000000480)=0x6e, 0x80800)
recvmsg$unix(r0, &(0x7f00000019c0)={&(0x7f00000005c0), 0x6e, &(0x7f0000001940)=[{&(0x7f0000000640)=""/182, 0xb6}, {&(0x7f0000000700)=""/112, 0x70}, {&(0x7f0000000780)=""/98, 0x62}, {&(0x7f00000004c0)=""/48, 0x30}, {&(0x7f0000000800)=""/79, 0x4f}, {&(0x7f0000000880)=""/4096, 0x1000}, {&(0x7f0000001880)=""/164, 0xa4}], 0x7}, 0x100)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
fcntl$getownex(r1, 0x10, &(0x7f0000001a00)={0x0, <r2=>0x0})
ptrace$PTRACE_GETSIGMASK(0x420a, r2, 0x8, &(0x7f0000001a40))
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
add_key$user(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x1}, &(0x7f00000001c0)="6833d0de777d423c868f6a1bb2a1a938be2115b6bb0c338f41c4e90ed341921a02eb00bcb587df9ec9c103fd4fada85f8550a5d46ac4f9418d883274733609ab9892d26aa26229807e2761bc6a27c79c5cba369719105538d6220c8a4cc0c9b81597c210ca6d49c66d14180808850c335a365e6506cc", 0x76, 0xffffffffffffffff)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="1400000037000b63717a3c4a01d8b45b0808aa78", 0x14}], 0x1}, 0x0)

2.753958727s ago: executing program 5 (id=2750):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e26, 0x3, 'dh\x00', 0x1, 0x7, 0x4b}, 0x2c)
r5 = io_uring_setup(0x911, &(0x7f0000000140)={0x0, 0x0, 0x200})
r6 = socket(0x28, 0x5, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r6, 0x6, 0x1, 0x0, 0x0)
r7 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
bind$tipc(r7, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_OPENMOUNT(0xffffffffffffffff, 0xc0189374, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r8=>r3, {0x4}}, './file0\x00'})
writev(r8, &(0x7f0000001a40)=[{&(0x7f0000000300)="57f88e5e7d7ca8d453b6b27acebe9bff98297bcd068e797adb3faf5b66b7fe568270302a6ee18b0c6ed2634584390d278cf42cee51e755", 0x37}, {&(0x7f0000000100)="53cf94cb0f5b6dbe7368c89d6fb3d293d10eacfd1d840727d493ecfb916f9963eee22a2ce2cad38d734fe9e65386e48274b309557290a901", 0x38}, {&(0x7f00000008c0)="cb64bbeb37b251baecf0560a5fc387eecce428aba30ce0cab626c93ea525deb62534a89c0318a56989a98bbdab3ddfa0143c92033c6564021eb2450ab86d1c1e02c70d20ad671123ef69dda6d94160d8ca57add2149f2d8b2fe1ea52e5a0104b59e50fefded1bab03ac49575895910b30c323c7fedcf4a1f54105ca544b98ac63fd7a358bf346bfdc45565f36d0b547a2e588223b580", 0x96}, {&(0x7f0000000a40)="7bbe6e59fc0a34d28a0e1125f9ac70283915b1c616bca07d95a9fc59082e1c65a3ce432927b97afccb5064b4b6672adcccc4194398008c03b25bb54e8ed0044e742b91a32beb748f836d25467a536e9cdacae466150c0dbcf965f53de3cae0529f1289afe5534185fd9922cef8a5dce2059346651dd39a741a582a0c644aef7c85a59d390d2f2352445cc1f9a3c78ddf42776b3382c900d30d64023a2561487deeacfd3cd8c034825c4965e14ea0d5f2c930a7330c34dd55746903f3a8f95f2c7079b20820bbc01f179aa4c609f57e2cd322fa842c8ec7e3a660246d4bca443d15937ddacce17555dc8857759e4c3fce8c8583c7e88b25ba6c782bab97be3044ca4aac9db2159e59ed3bc07c822f970e72eb7140eccd18e0d0a892184dce405c23ca854b29059ecbaa7773cfe67c7e064bf75528ab9c6d84513de10db6619bf1a73080057a4b5247f0a3b1c0ad5257f31b59543c4737cb3e45a93663eba03225c10e72806a2eb17646a2f1b3e921aa8166dba58ceb4bb744a4afdf2d8766c1fbe5cca0661384e4bd648436d1e5a5aac846dd536f4dac5daf81264614de44d8d83928875a125383b10dd2fa78c37e72fb8921e97c29a80a53d76ca60a25072a9b31a1d4fff3419fda1ac9cef760b34ed95bc8fbd5bea09cd75cd72f44c7f50b07461f4fd8231e619c48f634dd5809ba66d77e8a1a8a98b727a860462fda92b2a780dd5d6bc0d69ea0f6bea145490d0f29b65b324572ea56e3b924fb1984d04197d75b91132e9c2e7c738270bfe172b348b836ec8e8c73a9b5004de792e0c1aa3187e501b44c21eb1603eaa69f0a22f49430c4aa42d4406d7dacfe676deff328d3b189b250467b0a564c57cf30105bc86b3b73d5893c0aab462043fbf9e105864e4faa04cd466647829509649595b1428ebfff103967a088971919d2c4a1eaf31ef3d7807e5ac13ce01ca66cc1684de0b2a31e8f9c661f107c17030fdd43a4d1110e12d0cfd06b2d08edfa3b9fb002ea302f7707f1d28db5b93344d63241502fd37ff8020905e1f2e1341dd0d20b55d44e7eb252d1a123f26e004b30593fa086a912d5ba63dabe1b13710e4195cfb0847bd82711699f9d2c1209f9b2493fa83980a368645201330a6e7d5dea040e03fc15bad2dfbea2f57fd5dc97efbc8a26b0c9db3610b87002c8853d57c385de1f9037b60bacea3f72dc588e2f963e5d3a66bedfdc625d5772995bb86c7be99d86029bbf23ca9f1e5e5cdbfedf6f1cff50b8ec36c1beff8fdbd656be9312e1765f0cd245a4d2b069b3ea98c076171af631a2eabe40048b85b9e8783acbda7f17f9de0e774814c7b62600828a530a57619a72a2c1169ef9ca1796571f08b6f8ffed2538edb49fbc1a88afd2b8cd28c20572fdd0fdd0dd1a76b74a193e6916bcd7eb1876b0d2674fb6639174077a31ae16e32d0e76060c652525d5ff41fbc3f4d8b19c10cafc52e40ce512f27f1819679cfa4bb51dad2704ab3f7846dbd7f112fd8d8295499f3e23f29e0b6645ada2b2fa1a0a433409aa03dd0491c8cb117548c5458c884766519b51272a71e683869d1790c7101513776cc0dd12d2162f74df4b6d641c1a1122d448ae565380b386ffb9df1edaf75137f93b4cdbcf5d6f9e508eb3987122224f4b723890d6a4a526f2a3219094b747581fd254c9ee836715213cebc5d3af6982d9cbf3369476a239c9733fcd90982a985a43c07c4dd959831ab32a05ae1596a0db03765eb69a1b0297fe853c75e2f281e523620b44db1c63be734800bdcf0d0a44bbfe4e6333102eb7a6cb0a0c4e3151c211f343ad1b733b99fcf796d12c05a2738436a2ec0351d80798a9c3ab239bcb224f39edffedbab7c969872a7b2c249efa9160f9ab8ab20933632d61018d4ba94405e57f3f831680ad07ce6889f687db4b26cf739213fc6ab5e94cee9f5d02ca2b596c3b9b7f2718564d9c0c9f38267d170aecf01cccc878b48885ee07857f632308521cd3b16bb89502b6f4d8acd70fdaeebb21b7674d2b29773f7c73a733dbbf4d3bbece2d672b04113358469f64329891aeac571d19a5735ba3aaa4b011c6da4c644eee01f28bd64f75db8cb363c9b6b99f9b7b2c4975836a6c163c6fd4962fb6dacc1c4aacfd78f70a588219b4a3ea990efbccbaf23659ef1633bffdd4988ffda376892e0d9046b085da825463f907e91275ce0126cb9d336f9957e7cafe6c8a1b8ec1f4b949d8f5bee1b15fc258e5abff0ca5cd157dbd3c6757284c0a3f15b2dc7a3715a06ee11f7ca412d4f59b5fa7965a86bab5c5979135dcde8f02ec0170fcceb48dd7f14366865cb99bb0e7d6116b5fbbb4988eb5519951294c602a28568232ccf3bedb76420b1a37a7c4a256c113b86181531db2af0dfa29e256daedde8083edc9dc95f16e03c8c4daf8ce2ce777aca451b4054395d8446d5a17d1f376a481c38792f9f1e1bfc0c4b6d2e60e88a2b8cfa288f145b66e4fd2ddea5c0503946ff9eacb9a043603dd395fbf20086747b071c2709fa09a879e10ca72d3753e63fc7e34d0137245b5e9e22980ae63823438ed2b67d603867e1572adedbd3cc7655f4f2785407ec7391dafee87a602e3e9d128dcf751485d3133c3a3e0a87b48b643e7c230d3f0053c242735564ffa13003fad47445815ac2988f24325b8ad52eb4476faf54ec18e270608e43275713712e8d20566df89ed2a317f5567d23610ff6b4c766b62f73c7c147e4eeb5bbb894f2ebd7efdf13ea3a30ca8835008a73b41523c78010125811796f0b0bea101bc511397ea34927e3d5da325c6a424289923132ccb6a0b53dfa2787d94d72edbdf66c04d8bff468276cfc7454419f5ee60a575693a5a1df4fcab46fba9edc44bc0254cd64616f41144b377856c3a7f6d432515ded8ed75b0d4f2ce3e74fc0b6524ebbb1998da436f15ef5a99f3ef5bfac8d1233adfb73e2678610ac8d576a477db63e18b989d08abebde768d8484b75cdcaf061cd5d9704853b6b44d7847ca42894383fed9f88ac20638fc22fccee64d9e8a896ebbd78a099a86acdd563c2ca1bfc8b9459cc5938230287feed3e39e008cc5d4dd8b4f3ed448cfdb9142ad4d7e361ca53962f3289e5e94a460898d000d980486435eecde10ba47b5e09d1eb0af3e96c70df13d99925a5df626f39cbf12fd8b06a16fdb77f8049a163ed5ad7a3693f8dec7c55a205ded31ccc4ddbe00855e1232b40b6776888d90076e0ae670b7021907f7bc580dcd02f6d4295183daa3cb431315b3dc0763150c77517e3b6667e5f0ca6793de300b891860295646ef8109a5ae42ab91cb242fd6b3106cd9fee49c81a0c5c2d1fcf494c833e8b3327ba80c4b5dcb5632a23faec817d54ca48d1ea48d20c88d75790ad0f1c67ec04bbc09a586c1b7ceed6acf78f01b25a3aa326881d777b5d692da1087aff959ca1379f4071e18e1cadc445abb4ed86e7679e582ea5eeeb0d4dc989c067c937f71ea2995347903676936e32edb83bbdab7d888140dd8b2ce88b7018b3a433af90656cb039a830cc10240fe28ba6166da58690df625e55d0c084e65642336196ba5a8e48a35ff45553327525dd902af1ab0387a89d48cd0b0b1fda5192b9a388abe128eabf855557ff9bd7d8ee598e784e7f38497f4dfdbfd49455b45c0b8323df5a363ff8af81c96d29f3210ad0195f5008522cfe7c9f23a42f21341f4f61cf82a61c85f8911eadb20e0c6f9a0dbc3ddd5777d3bcd5821a3e14b44e6f2254d830fcb11d144b96bf9b602264efd9f303b7bcbb0e0f460a05991125d80bed28a0e15fea4fb3aa412576c15b853729278cfd06e8b5558e8aab07fd3872f3831db5cf22dd6c232f07bc48a4425eb52bac90bc63c2db3d8b778dd5ff3f9ea66d7a6b8a89d25279e97466da512c09b12e620903632f88acb54c8a88795c22e50395039bef76a9abcf9c2e85b4722ad34ffc75b19f2271aa6db38a8485bc6b1f17d6339a7b145128d5bd02f9d900d6061e17bd6a96fc2cd41c06247bc9250d8ecdbbfda21a6058222fb804ad8c13e60dfd6f607ea70d9f7f869c0e1f0f3fc1f4179c673b3000a80e21a7dfea1b87aa1d2fb6526df9a19ca789009a7332daec8f074051560b01a497fe16ed57fe9ae59f26976ccbe7632f7c10f20ffd8e70daf665ec887816a4cba85a3a34beb5c378c5772e2f6e813e3407cda6ad528690a4d1ba67a2b014c1797a0b5b401e3211235f84f072701804c7a4f52b80839044ef5dd183989578346d239996f46cbcac271db81fd4962db06a6fe164c1dff8023484b0b40eba4af26ffa9", 0xbe5}], 0x4)
close_range(r5, 0xffffffffffffffff, 0x0)
setsockopt$IP_VS_SO_SET_DELDEST(r4, 0x0, 0x488, &(0x7f0000000280)={{0x84, @empty, 0x4e22, 0x3, 'lblc\x00', 0x1d, 0x2, 0x4a}, {@broadcast, 0x4e21, 0x10000, 0xc24, 0x0, 0xfffffffb}}, 0x44)
r9 = fsopen(&(0x7f00000001c0)='btrfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r9, 0x6, 0x0, 0x0, 0x0)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r10, 0x29, 0x40, &(0x7f0000000400)=@raw={'raw\x00', 0x3c1, 0x3, 0x460, 0x258, 0x268, 0x300, 0x0, 0x268, 0x390, 0x460, 0x460, 0x390, 0x460, 0x9, 0x0, {[{{@uncond, 0x0, 0x230, 0x258, 0x0, {0x9401}, [@common=@inet=@hashlimit2={{0x150}, {'hsr0\x00', {0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x9}}}, @common=@unspec=@time={{0x38}, {0x0, 0x0, 0x10000000}}]}, @common=@unspec=@NFQUEUE2={0x28}}, {{@ipv6={@private2, @remote, [], [], 'ip6gretap0\x00', 'dummy0\x00'}, 0x0, 0xd0, 0x138, 0x0, {}, [@common=@ipv6header={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4c0)
fcntl$notify(r0, 0x402, 0x5)
unshare(0xc040400)
fcntl$notify(r0, 0x402, 0x8000003d)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='pids.current\x00', 0x275a, 0x0)

2.711710041s ago: executing program 7 (id=2751):
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x2000)=nil, 0x2000, &(0x7f0000000040)='}\x00')
r0 = fsopen(0x0, 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000000)='source', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000440)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x1)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_G_SELECTION(r1, 0xc040565e, &(0x7f0000000040)={0x2, 0x1, 0x0, {0x0, 0x20000004, 0x7f, 0x9c}})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r3 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x100000000, 0x191081)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x182b02)
ioctl$SNDRV_TIMER_IOCTL_TREAD(r4, 0x40045402, &(0x7f0000000040)=0x1)
readv(r4, &(0x7f0000000080)=[{&(0x7f0000000140)=""/144, 0x90}], 0x1)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r3, 0x40045532, &(0x7f0000000100)=0x5)
openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000, &(0x7f0000000240)='}\x00')

1.557582263s ago: executing program 5 (id=2752):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, 0x0, &(0x7f0000000280))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
r1 = socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
getresuid(&(0x7f00000001c0), &(0x7f0000000300), &(0x7f0000000380))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x100c000, 0x83e, 0x0, 0x3}, 0x1c)
sendmsg$nl_generic(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="400000001d00fedbdf251d00000005000000000016d9240008800800c200e000000204001e80002b2b0000080073004e055956000004001b00000000000000"], 0x40}}, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r8=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r6, 0xc01c64a3, &(0x7f0000000100)={0x3, r8, 0x0, 0x1, 0xa, 0x1ff, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR2(r6, 0xc02464bb, &(0x7f0000000080)={0x3, r8, 0x0, 0x0, 0x3, 0x0, 0x0, 0x8})

1.225668119s ago: executing program 9 (id=2753):
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000740)={@map, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r2}, 0x10)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000180)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff})
splice(r4, 0x0, r3, 0x0, 0x1, 0x0)
fcntl$setpipe(r3, 0x408, 0x7)

1.0846968s ago: executing program 7 (id=2754):
io_setup(0x5, &(0x7f0000000e80)=<r0=>0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
io_submit(r0, 0x1, &(0x7f0000001580)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x7, 0x0, r1, &(0x7f0000000080)='d', 0x2}])

1.083799807s ago: executing program 1 (id=2755):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x2, &(0x7f0000006680))
alarm(0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="4400000000000100000000c0aca00ca9cf0ae488422b4d2343900000000062b7172e84d306000700001026000300fc99ea6b09d91e148967046c900638e1d693911000000000000000540128f110f7410000080001e5868c8bdb44e1432afe4ecaa7376b841d687db3919dc491d2c3e6319cd4affa2a9ce40da9ef84bba513b528ea6eaab3b0d3016b670eeee739db10a06cf4b52f22e13181ba6bb2a4fd410c387c5da30b8216b6ea1628e66175ccf000cd8028afba3e01c301df19282f38dcf32a2eef8a5c1eb09e7079e6bd779313baa5d45a9a5c654fae0891fd1e62cedb52a730970d0da30d328d81fd4109e8b636581c677e904145d9b61003edc3eee9220a1522a3fe9aa091941af4e00006e3f4d365f478568f18d19f1844300dce"], 0x44}, 0x1, 0x0, 0x0, 0x20000014}, 0x40040c0)
preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000240)=""/232, 0xe8}], 0x1, 0x4, 0x5)
sendmsg$NL80211_CMD_SET_NOACK_MAP(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)=ANY=[@ANYRES16=0x0, @ANYBLOB="010029bd7000ffdbdf2557000000060095000101000006009500ff0300"], 0x2c}, 0x1, 0x0, 0x0, 0x90}, 0x8040)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000240)={@ipv4={'\x00', '\xff\xff', @private=0xa010102}, @private2={0xfc, 0x2, '\x00', 0x1}, @private0, 0x0, 0x80, 0x2000})
keyctl$dh_compute(0x11, &(0x7f0000000140), 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x7, 0x0, &(0x7f0000000100)="b9ff0307684426", 0x0, 0x8, 0x60000000, 0x0, 0x3, 0x0, &(0x7f00000011c0)="95cd3d"}, 0x50)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000003c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c-generic\x00'}, 0x58)
r2 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000005cc0)=[{0x0, 0x0, &(0x7f0000001800)=[{0x0}, {&(0x7f0000000140)="b99457", 0x3}], 0x2, 0x0, 0x0, 0x4000081}], 0x1, 0x11)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x2f}, &(0x7f0000000140)=0x8)
r4 = syz_open_procfs(0x0, &(0x7f0000000780)='syscall\x00')
fanotify_init(0x0, 0x2)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000d80)=ANY=[@ANYBLOB="6000000002060500000000000900000900020073797a32000000001400078005001500080012400018000002000000050001000600000011000300686173683a6e65742c6e657400000000"], 0x60}, 0x1, 0x0, 0x0, 0x40}, 0x0)
pread64(r4, &(0x7f0000000180)=""/116, 0x74, 0x3)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001840)=ANY=[@ANYBLOB="101100003d0007010000000100000000047c000004000880ce100180080006008e090000d3a58b03fb258c14cf55ed6ebfbb039d1828596a83cf76af254dfb4a57aa228800d012aab09d14dbf5690f60f5e62d9de526cec1f67140d1f884ab498d8a87e4bc217264e017e9335c7bce4ae976375d9875aead253b32f669b153114f523663c7f03ad660facc593d0c104f7332ccf1719a40b4548a0979764a0d01ddd8d830a1b547d26f2f91d2cd346f3edcf96eafcca70272a9372f0318c6f71cac7fc789729a11161608bac97d0da600ce4e9fa1f1dcaac08fede6f27fe14fdd26c90c80f2586d8a97364d1628d74adb10942629fa82f2bf7ace70b181dce56a042e14be92cfb12a52a2135b0fe08aabd7efbacb59899176ab1f0c0ea891d27a09648bf171c3f74b64954e35b2f17a5018fc10aeb7d59080b8ec22afa193cb0d433f8b9e095fd5ce40be60e68b4986f0567f614b7f040b536757a69a9a6983cba3a1081f4a8952130f2d7b1dd2a2a628213e84b7a3d0279f5c5712a5812b71cb499cc87f8ec3f70e327ff9dc0790bb4ca5c994837f21f9820bc695d34f9478e420258a5cded5717ac7ba20f6ff7319a4769da59d40ee99cd6bcc38bfcb61b5ac0ba35a11ce02d01a6166f409b6b0c884c59b0613794674e45650bbbe2de27742cf0e0830c42902dfab175185b60ed671ae202b2ac88be721ec97439314f17449a3fb4930a371b401473c765078eb2cbed792179c14208c893231856cb027baff90856306903fe65c15612b3403940fbf9301fcc03a7274c9d6e5baa029f32d04fa513f0af316879919ad5afa717ba85f98c948ce1960cfa3ac06078b71acb32dd7858ff67504b507f66ffea47f292cc681c251b2b3f3cbd03cf5b5c99279d8f7f5f51d585d2ed323c4e86be1fa6e9a30874d3ae1a8e72e7bdea82f1f2902da12f7c751955491cbaa1f1fa28a3d5ef56ecb4dc27082ad9667ec078c197babbda72efd8262beb35279e55500943b9aab9e234200f2877db0f555945d5eba09c117d6fbffcd03b31dd5de22a9f9cb3e32eb749b0079ca04de5669b490c7d0c30fb44a8650cce0105e57507e6a10c88330504311ab15d7a5e45d3977408f166f07d83d9e1c8a362537a392ecfa02795628894e2f2655e23bff7549fb53ab1652713588a081ee18a8fc0c0024fce27874ce3d98217b398ce5d50268895fdcd656e6ac8ead88db9eca8a2145bf62166bfc578a1c9251e87f067a6027037ea73652a3352a0cb4c276aa3e30658a2a68bb0dc9f0f406a4d52dedaf8c10e7980d75c67cdd7013eb44417db56e393e8ebb68b0f331915813d1995fe53301c6ba3cf4c12a980fd36d0dfad5c0a59567245fbb21d3dfe6b2b52532e652afd1f7fa81c0ac65f53bebc18fb57e8be3754f7065ee755667e16a7f7feffd35289b74f6f98d43235210fff8de4f3c7fa5108aab903be9678651ef2491ba79dec924883d35717e303bf49d237918a8bf46c42e80f73fdef3cd7443b196d1aa0a8df34dab28e5f198f7985760eb7ee51aaa8d9a810ab9ecc42055b3ca4a7a00c9e8a443b711d4ecbd7239e1521eab40e71d3edfd9d7c70214bd3fa54a9cfb2a54bc53ca2c123e26fce7108098e227666290c25338813b4511373727cdef35eb741516202a545ce811c342331097ebb587c83a6be109881d2515a7b9e205a41020617540ca00671bdecbb6214e88d54f67dca3006a3a662087ab5b60862000c5a6fd9b4b31b7d89319c9d4030b1354060916973cd9f5f05added4275cd6a76e3f96a8ba46e9a67c9884d2f3300d311bba755483dfe335782b1eea0d26f7a8be5a36bac9da3273bf9919583d451e3440cf3c31f251d78cf1d1c537ef590aaf6c99d15da218c3b0001f6c9c97411b54aef7fe9b09d46766718dc0d9398d02bef5c3b845e1d6252cdc9a00ea7a680ab5bd8581a660e548094043d0084e4f72ac3909e20947f6eef47cedb515c5c3081c232cee6a94ecda56866af4a1736d57b1d27dbac8b15fe4ed4ad7b9ad7b816e59731f775391203a2c82b26aae5be6c9c7cc1b7f0519947b85f6ecab3c32f9480d02e326621d75735fcbfa6fb5d0809ce8f50b08ee021a8a18c0a56b2b80f23fccb3ff60b88c6b3ecc4a1840ecf78d93800049219fe304a4ebb6c384d002eb90ee72b5133a81a5fd64b5bfa19a642049933f7efa81b027af3f4821bc1c10ddf69504c8b39d3d1fc5f480fd9774839f984c996bbc4bb1aa6de253513573f4084452982ac12644b867ab15768d73448f300b27f171b5da796d3ba8a6bed0c8b7620676f014c0e0aad9d3b354ff2fecb373b2439a27da2a444c5fec540319ea75e10d283d6624e1576aece3a9b50950ef2022ccdc0c2335476b397015e47a17721546037d169470d20b73b98cdd14ea20390e661199bb8f123d78f869d608c38dc18dd63def6cf2b710eba742c0a590ecc90ab25eb85314de9955cf8a7b77bf6ea3134f2e072e118a3e3e79e418dd985fe58e740550c2cb31a0fd5d665c741e010c5ee88cccc84e03ad26ce082df06e3345e1f078dc673721ac6f22926b13af5cbdae99ad392a9863ce1137c2e7622482de02ff64a27840589d4f362d8ad7b534c4e8bd2ac5301940f9638022355cd0caafa2923ec38b7d2e6ee4439a5970a341c05bc59d45f595cdbed566c790bc07c0602050bdaaee9b231e997cdcbd2c650ae7b4818fdc2a2c01c13e31b19be262e5154d97098b084da5077afc50465c4a7c33cf1acb6715f79cbdecb740ef1e072a211b09cbb3086a95fed80dca67577ce4d5e693f7b80aa0c72b8dbcc8721458362a0a87c8372763e1bb8dd96c588668a8f8fc3790b94d3fef351fc0b42beed51710858109e6c88e066779163381846f06b968adfb58e1f2f55e23afc804b85ae7d8c86a6781e66cb989a413693450f9b63058d516eaf9ecba81786992583b944c35b2a9929b4b35127c8eb6a2ee6854644f91f2602d2ed38f24d767770a826548c4d521eecab844be2ca03714f2484871b91267b56955216a831493e534cda0fce4ffcab02f061d450d070712e3a189fe6564f9144ae7fe5117af87044130cc0d5771104ddb8dc499e4149f67358feaa747bd78683fcfc0b5501ce179d39adb8a776bc09c81418f54d856936611b7c57920980b2e8ca3a34479b23cfcea540ae0a72980bbc1e24eed2717d1bfe25c9a39435237edfd187ecedeaf379e65a96598cbb5c833b3fe94ab28b535a53e4360fa5d2402a79e57aa898a10f5f3487bb498151f8a47b6e804206e568d85d0d830400000000000000d7da530e6d41ec53dc2b0e2a78d79ffd8761040f2d50a179a476f84d0b0c0bcc57350f672df7086b849f2c3974332e850748c724db3eb289371a7bd51fea708bbf1e4eaa85505507b8e53a99b442ca086ddd9b5b70ef8e41a5e9b7ead03dac769eb5644c9ee850824580164c99b8c9b308b905ddd11ec067580e604abe58de4debdfd7436c4c4065a8a49d9ec3be3acee2fa993a74afa76ecabd63d091692171f4e3a3f2e2412198825998145b60d17d6b1dde68eea295f5ef29528a96ce5fde4101b68c97d924541bf86da5bc2f63acd8639daff7deab0259957e6812f59ab8b4297eff624b3356d821566efc5a008ed996187db6d4ac5508a8ea917424257bf3fbe2b2f0faa291e6026ed773d61387658fb8e9d4f6a777e26bee88350dab9ef1d95d1052ec3ef2ebadcf08eb7794eb33cec6729f463df8d71b290bef03525ddbea83c4a527c36006c3a0214e3d513c235a60853ecb60f06abd738c0763e095b084633480f3a9d3050013511384f1fe9e67a1ce7b846d97c73ea03c4e6ba501a5562f7c4d7a4514f4a5617e3769dc2a30b6e3489390d0c88039cb19f4581050771344d88ec089b63c19ba0fd381cbf6c1c45315201d5ac17ed9a8295909dfb68fe6154ead02af55ca663a56684faaa87c824bacffefd7cfc896cff328b82b6f02d932b54c308c63a9d0528830270e90053a92b5607dc88be9e1a10956c69534d675b9e84c5b145a607a41f64d9248134e6479fdb015c346251b26edb6455eff754f8331d02f8c00039ec872c374f6f5507c2cb86436224d98bdedf982d1f13c83d4de25a6260187792913cd875d849563c0525b21b2aa252761b304be978728177768cec62b1e3c1c79e7eb63a66168f6b5949184226d4e49fd4e1f5d1e504833adcecec683f0f236f378156f7df1ad4a6d7a0bbbff037c2e6f7b8069a8f59c497e616899e99789adbbd27f5bbe607e2e126fb4c81c022fa0f4038a4c7ff869ab2511f2fd71a09f41952541e122bce87094c3e66d6d6a07642ab1f9ae469c968854c6b7f940558074663592b263870d699c14a664f49f56210da0e3f152980273a92c75f781154be481f6fd6928440051b5dda88be1500384b205d7c4ad718a1504f110d7d56adf3e93c1e21c1af2376312fe7a0f7b31e6968206da675e2dab1fce7b8e04988dfa6eef2cea548260cbd39c5294f9527c0a3064ba88f1acd8789046734256c4439028953827dbd21fecb8cf603dc46ea201a80a011df90f44524154c5e67dc21459fb19063996f10a8317fa206e14037bc80e5fff6719c2dacc97cd321f327f60093fcf90cabdbae419f6a9049f33f9da02472148dae33c5411039247f0a872ef072fb445170e3e7d96d04cf38c776b0867dee1d274ad8724623ea0111160b2825eadc5a9e8628b70cc4c6b9c5a47c908d6b93f7f29ebc3b4ff21ae74a267edabdb70db1c7365bc4859c7c7be4d92514394248daa4f0649dfd3e766038baa3a371b6abf086d266f55ee0d60b1f100afa433750e87e99b4889f41095c74bab9bdfdbb6e90a370275ee33e6b183db0ccc2376dc10f883b0e9b636408c859fef0eaddc84715a081b3ac027dc0a432358190a69ac4e83ef6c3ad1943b3b01316c506fa6a0707dc592ef0594ce6e0c291d9f10ad17e913880a882e8d58f520c795168bf4f1222c86c59d573e8de92953d2dda4876bf3d34f6245e2fc905f77cbcb5235f67b2e0cab8044a44ac69723cc1216c039057dd3a2355f86b1449e1bb90f685d3e5b57f742f19e346ecfb9accc11642eb1cd294512905827ba4badd33543df52b6918cbedbe84c41e21290633dbe691c4bcf746569f35d25f47ed8b9bbbe32f0842949cf8c71c3314f67aa4d71f815429b451cb8b7b4c305dd42d418aa31552f1899aba1394d2356f391253c2b3f4af201e956ccfb899a7762dd13267b5d221707f7d30d62abf4ea07eb1e3510804012318f8a491fb58cc4d62bce1a1bf9c2f949fd6d31a0095e7135a63ab610ad9d360629a74be423c09b246349fd10c1aa997f9d43d3670b6a54012aab89191a1220bb59abaa1e339e15e884002c7f18166ecc1da31aaf2181329bcbf19c3b396d53de017c4c06bac596e59f8b7da08f276fbc520cb76a933fe29eab650d30bd8b306b9d5bbf1004cc6acb3c01d8de4c716d6e805ef303cd75711e63504d072e1de19ad7d966a2173d5d44745a800bafae704cff148b74a770f4f54072653126c69acf66fbbe7c14962570f078bbae237a73ef60ef041b4225905248de2e6073392be95719d48cfc012377a105c7a319ea2662dd05ca32b7d1f33e2a9b60b9cca0b63c95a22214ab8ac7d16eefaadf4bb75b7cf097f8708e0b7ad236dcbf1aca9df56f578457cce8925381ca6d8562ac8d78edef33de4d5912f381d5e72509dde420768f95c68450c1a1948eaf4a7928c7efa52db3b4c559f3c5f2f2c8248599237f1a1ba09386e9f3166ed6cc22088ca914f34e7e41dff5c05a6553abb59a3f9fd486a56595cd3b93cb2ca2474980218ecae284ad5b0af8b56555abbcf1f8d96154ae5648b071017ddb1b185964145cc9e485e7e7bb8823db972693226fe776cad3b7c1d32e2239945c2c74998404f5265d3db01b4804f5299c45cc12512c4118a60295736adfdb001c14723fc6efbd7516f4bdd83ee336080543860c3636f5d6426fbd90ddc57217e4571eebbd25e086642e94d8ddda2f7cbc60a2f58d53a198a94eac3394e8bda64f86f070fab58f1af8bea4f03e86e4a60799c5ac9f8e6144bb2f67e7d175d10000280002802400140042a7ed1a0634218928630c8df6fd03d1d4bbb71fd650f60b7b83ea0ad0115f36"], 0x1110}}, 0x40488a0)

14.010135ms ago: executing program 8 (id=2756):
mkdir(&(0x7f0000000140)='./control\x00', 0x0)
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f0000000180)='./control\x00', 0xa4000960)
r1 = inotify_init1(0x0)
inotify_add_watch(r1, &(0x7f0000000000)='./control\x00', 0x42000400)
rmdir(&(0x7f0000000100)='./control\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x90, 0x7fffffff}]})
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="380000005500e5c6000000000000000007000000", @ANYRES32=r2, @ANYBLOB="200001"], 0x38}}, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0), 0x0, 0x0)
r3 = syz_open_dev$usbmon(&(0x7f0000000080), 0x8, 0x28000)
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r3, 0x40047211, &(0x7f0000000200))

0s ago: executing program 9 (id=2757):
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
sync_file_range(r0, 0xc, 0xfff, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0xffffff1f, 0xffffffff, 0x25dfdbfe, {}, [@IFLA_NUM_RX_QUEUES={0x8, 0x20, 0x1ff}, @IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipoib={{0xa}, {0x4}}}]}, 0x3c}}, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_open_dev$video4linux(&(0x7f0000000100), 0x0, 0x102300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f0000002b00)=[{{&(0x7f0000000340)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0x80, &(0x7f00000009c0)=[{&(0x7f0000000440)=""/125, 0x7d}, {&(0x7f00000004c0)=""/94, 0x5e}, {&(0x7f0000000540)=""/242, 0xf2}, {&(0x7f0000000640)=""/76, 0x4c}, {&(0x7f00000006c0)=""/112, 0x70}, {&(0x7f0000000c80)=""/51, 0x33}, {&(0x7f0000000740)=""/141, 0x8d}, {&(0x7f0000000800)=""/94, 0x5e}, {&(0x7f0000000880)=""/87, 0x57}, {&(0x7f0000000900)=""/136, 0x88}], 0xa, &(0x7f0000000a80)=""/15, 0xf}, 0x5d}, {{&(0x7f0000000ac0)=@rc, 0x80, &(0x7f0000001f00)=[{&(0x7f0000000b40)=""/54, 0x36}, {&(0x7f0000000b80)=""/252, 0xfc}, {&(0x7f0000000c80)}, {&(0x7f0000000cc0)=""/175, 0xaf}, {&(0x7f0000000d80)=""/4096, 0x1000}, {&(0x7f0000001d80)=""/152, 0x98}, {&(0x7f0000001e40)=""/93, 0x5d}, {&(0x7f0000001ec0)=""/40, 0x28}], 0x8, &(0x7f0000001f80)=""/25, 0x19}, 0xffff}, {{&(0x7f0000001fc0)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, 0x80, &(0x7f0000002100)=[{&(0x7f0000002040)=""/112, 0x70}, {&(0x7f00000020c0)=""/11, 0xb}], 0x2}, 0x682}, {{0x0, 0x0, &(0x7f0000002280)=[{&(0x7f0000002140)=""/68, 0x44}, {&(0x7f00000021c0)=""/136, 0x88}], 0x2, &(0x7f00000022c0)=""/203, 0xcb}, 0x2}, {{&(0x7f00000023c0)=@alg, 0x80, &(0x7f0000002980)=[{&(0x7f0000002440)=""/150, 0x96}, {&(0x7f0000002500)=""/80, 0x50}, {&(0x7f0000002580)=""/233, 0xe9}, {&(0x7f0000002680)=""/227, 0xe3}, {&(0x7f0000002780)=""/163, 0xa3}, {&(0x7f0000002840)=""/198, 0xc6}, {&(0x7f0000002940)=""/1, 0x1}], 0x7, &(0x7f0000002a00)=""/201, 0xc9}, 0x800}], 0x5, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, 0x0, 0x4880)
socket$nl_route(0x10, 0x3, 0x0)
r8 = add_key(&(0x7f0000000080)='user\x00', &(0x7f0000000000)={'syz', 0x2}, &(0x7f0000000040)='9', 0x1, 0xfffffffffffffffc)
keyctl$chown(0x4, r8, 0xee00, 0xffffffffffffffff)
keyctl$setperm(0x5, r8, 0x4002410)
keyctl$chown(0x4, r8, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)

kernel console output (not intermixed with test programs):

/0x1380
[  854.940078][T13125]  ? __pfx_warn_alloc+0x10/0x10
[  854.940111][T13125]  ? __vmalloc_node_range_noprof+0xdd/0x1380
[  854.940137][T13125]  __vmalloc_node_range_noprof+0x126/0x1380
[  854.940186][T13125]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  854.940213][T13125]  ? __kasan_kmalloc+0x98/0xb0
[  854.940240][T13125]  vmalloc_user_noprof+0x74/0x80
[  854.940261][T13125]  ? xskq_create+0xb6/0x170
[  854.940277][T13125]  xskq_create+0xb6/0x170
[  854.940296][T13125]  xsk_init_queue+0xa1/0x100
[  854.940325][T13125]  xsk_setsockopt+0x4aa/0x810
[  854.940349][T13125]  ? irqentry_exit+0x63/0x90
[  854.940372][T13125]  ? __pfx_xsk_setsockopt+0x10/0x10
[  854.940396][T13125]  ? __pfx_xsk_setsockopt+0x10/0x10
[  854.940435][T13125]  ? __pfx_xsk_setsockopt+0x10/0x10
[  854.940468][T13125]  ? __pfx_xsk_setsockopt+0x10/0x10
[  854.940491][T13125]  do_sock_setsockopt+0x3af/0x720
[  854.940522][T13125]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  854.940545][T13125]  ? __rcu_read_unlock+0xa1/0x110
[  854.940570][T13125]  ? __fget_files+0x395/0x410
[  854.940587][T13125]  ? __fget_files+0x2a/0x410
[  854.940613][T13125]  __x64_sys_setsockopt+0x1ee/0x280
[  854.940644][T13125]  do_syscall_64+0xf3/0x230
[  854.940671][T13125]  ? clear_bhb_loop+0x35/0x90
[  854.940699][T13125]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.940721][T13125] RIP: 0033:0x7f85e5f8d0a9
[  854.940738][T13125] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  854.940752][T13125] RSP: 002b:00007f85e6d86038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  854.940771][T13125] RAX: ffffffffffffffda RBX: 00007f85e61a6160 RCX: 00007f85e5f8d0a9
[  854.940784][T13125] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000004
[  854.940795][T13125] RBP: 00007f85e600e2a0 R08: 0000000000000052 R09: 0000000000000000
[  854.940806][T13125] R10: 0000400000000000 R11: 0000000000000246 R12: 0000000000000000
[  854.940817][T13125] R13: 0000000000000000 R14: 00007f85e61a6160 R15: 00007ffcb053e0e8
[  854.940846][T13125]  </TASK>
[  855.194865][T13125] Mem-Info:
[  855.198031][T13125] active_anon:342 inactive_anon:8514 isolated_anon:0
[  855.198031][T13125]  active_file:21003 inactive_file:38307 isolated_file:0
[  855.198031][T13125]  unevictable:768 dirty:147 writeback:0
[  855.198031][T13125]  slab_reclaimable:10542 slab_unreclaimable:106873
[  855.198031][T13125]  mapped:39214 shmem:5143 pagetables:845
[  855.198031][T13125]  sec_pagetables:0 bounce:0
[  855.198031][T13125]  kernel_misc_reclaimable:0
[  855.198031][T13125]  free:1290865 free_pcp:436 free_cma:0
[  855.243518][T13125] Node 0 active_anon:1368kB inactive_anon:34056kB active_file:83900kB inactive_file:153228kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:156816kB dirty:584kB writeback:0kB shmem:19036kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:10880kB pagetables:3380kB sec_pagetables:0kB all_unreclaimable? no
[  855.276692][T13125] Node 1 active_anon:0kB inactive_anon:0kB active_file:112kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:40kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  855.310504][T13125] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  855.337743][T13125] lowmem_reserve[]: 0 2490 2490 0 0
[  855.342963][T13125] Node 0 DMA32 free:1238324kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:1364kB inactive_anon:34024kB active_file:83624kB inactive_file:153176kB unevictable:1536kB writepending:584kB present:3129332kB managed:2550364kB mlocked:0kB bounce:0kB free_pcp:1716kB local_pcp:900kB free_cma:0kB
[  855.373588][T13125] lowmem_reserve[]: 0 0 0 0 0
[  855.378440][T13125] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:4kB inactive_anon:32kB active_file:276kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:368kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB
[  855.405400][T13125] lowmem_reserve[]: 0 0 0 0 0
[  855.410104][T13125] Node 1 Normal free:3909776kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:112kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  855.439000][T13125] lowmem_reserve[]: 0 0 0 0 0
[  855.443773][ T7095] Bluetooth: hci0: command 0x0406 tx timeout
[  855.460196][T13125] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  855.473122][T13125] Node 0 DMA32: 844*4kB (UME) 338*8kB (UE) 595*16kB (UME) 802*32kB (UME) 392*64kB (UME) 92*128kB (UME) 33*256kB (UME) 35*512kB (UME) 12*1024kB (UME) 8*2048kB (UME) 270*4096kB (UM) = 1239088kB
[  855.492057][T13125] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  855.503645][T13125] Node 1 Normal: 188*4kB (UME) 48*8kB (UME) 38*16kB (UME) 214*32kB (UME) 108*64kB (UME) 30*128kB (UME) 15*256kB (UM) 7*512kB (UM) 2*1024kB (UM) 3*2048kB (U) 946*4096kB (ME) = 3909776kB
[  855.521988][T13125] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  855.541007][T13125] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  855.550533][T13125] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  855.560225][T13125] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  855.569678][T13125] 64440 total pagecache pages
[  855.574340][T13125] 0 pages in swap cache
[  855.578515][T13125] Free swap  = 124704kB
[  855.582655][T13125] Total swap = 124996kB
[  855.586960][T13125] 2097051 pages RAM
[  855.590753][T13125] 0 pages HighMem/MovableOnly
[  855.595425][T13125] 427736 pages reserved
[  855.599650][T13125] 0 pages cma reserved
[  856.203425][T13130] netlink: 11 bytes leftover after parsing attributes in process `syz.1.1969'.
[  858.115214][    T9] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  858.555388][    T9] usb 3-1: Using ep0 maxpacket: 8
[  859.666749][    T9] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  859.682037][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  859.690802][    T9] usb 3-1: Product: syz
[  859.695078][    T9] usb 3-1: Manufacturer: syz
[  859.699938][    T9] usb 3-1: SerialNumber: syz
[  859.710315][    T9] usb 3-1: config 0 descriptor??
[  860.317705][T13154] [U] W!TÁÍ—Ž}Ý©ÏS…L^Ï=ÍÝ
[  860.994069][    T9] dvb_usb_rtl28xxu 3-1:0.0: chip type detection failed -110
[  861.003348][    T9] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -110
[  861.005575][T13140] [U] '
[  861.118967][ T5935] usb 3-1: USB disconnect, device number 42
[  862.370241][T13171] x_tables: ip6_tables: icmp6 match: only valid for protocol 58
[  863.885506][ T7095] Bluetooth: hci1: command 0x080f tx timeout
[  864.262646][T13204] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1990'.
[  864.955473][T13204] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1990'.
[  865.152854][T13204] netlink: 'syz.1.1990': attribute type 1 has an invalid length.
[  866.537209][T13223] warn_alloc: 1 callbacks suppressed
[  866.542621][T13223] syz.1.1995: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  866.557667][T13223] CPU: 1 UID: 0 PID: 13223 Comm: syz.1.1995 Not tainted 6.14.0-rc3-syzkaller-00137-g27eddbf34490 #0
[  866.557692][T13223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  866.557704][T13223] Call Trace:
[  866.557712][T13223]  <TASK>
[  866.557721][T13223]  dump_stack_lvl+0x241/0x360
[  866.557748][T13223]  ? __pfx_dump_stack_lvl+0x10/0x10
[  866.557767][T13223]  ? __pfx__printk+0x10/0x10
[  866.557801][T13223]  ? __rcu_read_unlock+0xa1/0x110
[  866.557827][T13223]  warn_alloc+0x278/0x410
[  866.557851][T13223]  ? __vmalloc_node_range_noprof+0x106/0x1380
[  866.557873][T13223]  ? __pfx_warn_alloc+0x10/0x10
[  866.557906][T13223]  ? __vmalloc_node_range_noprof+0xdd/0x1380
[  866.557932][T13223]  __vmalloc_node_range_noprof+0x126/0x1380
[  866.557982][T13223]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  866.558008][T13223]  ? __kasan_kmalloc+0x98/0xb0
[  866.558036][T13223]  vmalloc_user_noprof+0x74/0x80
[  866.558057][T13223]  ? xskq_create+0xb6/0x170
[  866.558074][T13223]  xskq_create+0xb6/0x170
[  866.558093][T13223]  xsk_init_queue+0xa1/0x100
[  866.558121][T13223]  xsk_setsockopt+0x4aa/0x810
[  866.558144][T13223]  ? irqentry_exit+0x63/0x90
[  866.558168][T13223]  ? __pfx_xsk_setsockopt+0x10/0x10
[  866.558193][T13223]  ? __pfx_xsk_setsockopt+0x10/0x10
[  866.558219][T13223]  ? __pfx_xsk_setsockopt+0x10/0x10
[  866.558251][T13223]  ? __pfx_xsk_setsockopt+0x10/0x10
[  866.558274][T13223]  do_sock_setsockopt+0x3af/0x720
[  866.558305][T13223]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  866.558328][T13223]  ? __rcu_read_unlock+0xa1/0x110
[  866.558353][T13223]  ? __fget_files+0x395/0x410
[  866.558370][T13223]  ? __fget_files+0x2a/0x410
[  866.558396][T13223]  __x64_sys_setsockopt+0x1ee/0x280
[  866.558427][T13223]  do_syscall_64+0xf3/0x230
[  866.558448][T13223]  ? clear_bhb_loop+0x35/0x90
[  866.558474][T13223]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  866.558496][T13223] RIP: 0033:0x7f919fb8d0a9
[  866.558520][T13223] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  866.558535][T13223] RSP: 002b:00007f91a0a1b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  866.558555][T13223] RAX: ffffffffffffffda RBX: 00007f919fda6160 RCX: 00007f919fb8d0a9
[  866.558568][T13223] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000004
[  866.558579][T13223] RBP: 00007f919fc0e2a0 R08: 0000000000000052 R09: 0000000000000000
[  866.558591][T13223] R10: 0000400000000000 R11: 0000000000000246 R12: 0000000000000000
[  866.558602][T13223] R13: 0000000000000000 R14: 00007f919fda6160 R15: 00007ffdd47350d8
[  866.558628][T13223]  </TASK>
[  866.812370][T13223] Mem-Info:
[  866.815669][T13223] active_anon:345 inactive_anon:15908 isolated_anon:0
[  866.815669][T13223]  active_file:21007 inactive_file:38288 isolated_file:0
[  866.815669][T13223]  unevictable:768 dirty:225 writeback:0
[  866.815669][T13223]  slab_reclaimable:10542 slab_unreclaimable:110683
[  866.815669][T13223]  mapped:48590 shmem:12455 pagetables:942
[  866.815669][T13223]  sec_pagetables:0 bounce:0
[  866.815669][T13223]  kernel_misc_reclaimable:0
[  866.815669][T13223]  free:1279057 free_pcp:577 free_cma:0
[  866.861329][T13223] Node 0 active_anon:1380kB inactive_anon:63676kB active_file:83924kB inactive_file:153152kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:194420kB dirty:896kB writeback:0kB shmem:48376kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11088kB pagetables:3752kB sec_pagetables:0kB all_unreclaimable? no
[  866.935524][T13223] Node 1 active_anon:0kB inactive_anon:0kB active_file:112kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:36kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  867.118087][T13223] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  867.146061][T13223] lowmem_reserve[]: 0 2490 2490 0 0
[  867.151376][T13223] Node 0 DMA32 free:1187888kB boost:0kB min:34168kB low:42708kB high:51248kB reserved_highatomic:0KB active_anon:1376kB inactive_anon:54040kB active_file:83648kB inactive_file:153096kB unevictable:1536kB writepending:896kB present:3129332kB managed:2550364kB mlocked:0kB bounce:0kB free_pcp:13824kB local_pcp:12812kB free_cma:0kB
[  867.485409][T11578] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  867.655368][T11578] usb 7-1: Using ep0 maxpacket: 8
[  867.661160][T13223] lowmem_reserve[]: 0 0 0 0 0
[  867.666034][T13223] Node 0 Normal free:0kB boost:0kB min:4kB low:4kB high:4kB reserved_highatomic:0KB active_anon:4kB inactive_anon:32kB active_file:276kB inactive_file:52kB unevictable:0kB writepending:0kB present:1048580kB managed:368kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB
[  867.678881][T11578] usb 7-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  867.693102][T13223] lowmem_reserve[]: 0 0 0 0 0
[  867.707272][T13223] Node 1 Normal free:3909776kB boost:0kB min:55728kB low:69660kB high:83592kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:112kB inactive_file:0kB unevictable:1536kB writepending:4kB present:4194300kB managed:4111168kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  867.736359][T13223] lowmem_reserve[]: 0 0 0 0 0
[  867.741220][T13223] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  867.754004][T13223] Node 0 DMA32: 8*4kB (UE) 327*8kB (UE) 123*16kB (UE) 38*32kB (UME) 174*64kB (UME) 97*128kB (UME) 34*256kB (UME) 35*512kB (UME) 12*1024kB (UME) 8*2048kB (UME) 270*4096kB (UM) = 1190600kB
[  867.772959][T13223] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  867.784582][T13223] Node 1 Normal: 188*4kB (UME) 48*8kB (UME) 38*16kB (UME) 214*32kB (UME) 108*64kB (UME) 30*128kB (UME) 15*256kB (UM) 7*512kB (UM) 2*1024kB (UM) 3*2048kB (U) 946*4096kB (ME) = 3909776kB
[  867.790249][T11578] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  867.803421][T13223] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  867.836450][T13223] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  867.845902][T13223] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  867.855838][T13223] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  867.865201][T13223] 66483 total pagecache pages
[  867.869896][T13223] 0 pages in swap cache
[  867.874065][T13223] Free swap  = 124704kB
[  867.878300][T13223] Total swap = 124996kB
[  867.878937][T11578] usb 7-1: Product: syz
[  867.882459][T13223] 2097051 pages RAM
[  867.890765][T13223] 0 pages HighMem/MovableOnly
[  867.895491][T13223] 427736 pages reserved
[  867.899662][T13223] 0 pages cma reserved
[  867.910166][T11578] usb 7-1: Manufacturer: syz
[  867.914910][T11578] usb 7-1: SerialNumber: syz
[  867.971885][T11578] usb 7-1: config 0 descriptor??
[  868.397547][T13237] [U] W!TÁÍ—Ž}Ý©ÏS…L^Ï=ÍÝ
[  868.954374][T13227] [U] '
[  868.975617][ T7095] Bluetooth: hci1: command 0x080f tx timeout
[  869.623091][T11578] dvb_usb_rtl28xxu 7-1:0.0: chip type detection failed -110
[  869.679046][T11578] dvb_usb_rtl28xxu 7-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -110
[  869.710313][T11578] usb 7-1: USB disconnect, device number 8
[  870.424378][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  870.453447][   T98] block nbd0: Possible stuck request ffff888025ed5080: control (read@0,4096B). Runtime 600 seconds
[  870.536316][T13248] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  870.544556][T13248] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  870.553310][T13248] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  874.005066][T13275] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2012'.
[  874.267435][T13275] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2012'.
[  874.310990][T13275] netlink: 'syz.2.2012': attribute type 4 has an invalid length.
[  874.878805][    T9] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  876.345721][    T9] usb 2-1: Using ep0 maxpacket: 8
[  876.390605][T13301] Bluetooth: hci1: Opcode 0x080f failed: -4
[  876.408031][    T9] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  876.428571][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  876.454431][    T9] usb 2-1: Product: syz
[  876.464901][    T9] usb 2-1: Manufacturer: syz
[  876.520676][    T9] usb 2-1: SerialNumber: syz
[  876.600125][    T9] usb 2-1: config 0 descriptor??
[  877.285831][T13310] [U] W!TÁÍ—Ž}Ý©ÏS…L^Ï=ÍÝ
[  877.702532][ T7095] Bluetooth: hci5: command 0x0406 tx timeout
[  877.748265][    T9] dvb_usb_rtl28xxu 2-1:0.0: chip type detection failed -110
[  877.773128][    T9] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -110
[  878.205459][ T5840] Bluetooth: hci1: command 0x080f tx timeout
[  878.746308][T13283] [U] '
[  878.770252][  T976] usb 2-1: USB disconnect, device number 46
[  880.157793][T13334] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input27
[  881.572631][   T29] audit: type=1326 audit(1740149254.109:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13338 comm="syz.2.2025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  881.683710][   T29] audit: type=1326 audit(1740149254.109:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13338 comm="syz.2.2025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  881.868010][T13347] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2026'.
[  881.895937][T13345] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2024'.
[  881.898985][   T29] audit: type=1326 audit(1740149254.119:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13338 comm="syz.2.2025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  881.956867][T13349] (unnamed net_device) (uninitialized): ARP target 1.0.0.0 is already present
[  881.967361][T13349] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (1)
[  881.984695][T13347] netlink: 48 bytes leftover after parsing attributes in process `syz.0.2026'.
[  881.994609][ T5840] Bluetooth: hci1: link tx timeout
[  882.001400][ T5840] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[  882.035244][   T29] audit: type=1326 audit(1740149254.129:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13338 comm="syz.2.2025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  882.064118][   T29] audit: type=1326 audit(1740149254.129:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13338 comm="syz.2.2025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  882.086315][   T29] audit: type=1326 audit(1740149254.139:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13338 comm="syz.2.2025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  882.584794][   T29] audit: type=1326 audit(1740149254.149:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13338 comm="syz.2.2025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  882.705308][   T29] audit: type=1326 audit(1740149254.149:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13338 comm="syz.2.2025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  882.758623][T13353] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  882.767214][T13353] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  882.775728][T13353] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  882.805308][   T29] audit: type=1326 audit(1740149254.159:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13338 comm="syz.2.2025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  883.895261][   T29] audit: type=1326 audit(1740149254.159:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13338 comm="syz.2.2025" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  884.117108][ T5840] Bluetooth: hci1: command 0x080f tx timeout
[  888.398420][T13391] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  888.435748][T13392] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  889.135320][ T7095] Bluetooth: hci2: command 0x0406 tx timeout
[  890.615984][T13403] sg_write: data in/out 65489/8 bytes for SCSI command 0xff-- guessing data in;
[  890.615984][T13403]    program syz.6.2042 not setting count and/or reply_len properly
[  890.696744][T13413] netdevsim netdevsim2: loading /lib/firmware/. failed with error -22
[  890.705061][T13413] netdevsim netdevsim2: Direct firmware load for . failed with error -22
[  890.713764][T13413] netdevsim netdevsim2: Falling back to sysfs fallback for: .
[  892.745652][ T5840] Bluetooth: hci1: command 0x080f tx timeout
[  894.362556][T13441] FAULT_INJECTION: forcing a failure.
[  894.362556][T13441] name failslab, interval 1, probability 0, space 0, times 0
[  894.608645][T13441] CPU: 0 UID: 0 PID: 13441 Comm: syz.6.2053 Not tainted 6.14.0-rc3-syzkaller-00137-g27eddbf34490 #0
[  894.608672][T13441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  894.608684][T13441] Call Trace:
[  894.608690][T13441]  <TASK>
[  894.608698][T13441]  dump_stack_lvl+0x241/0x360
[  894.608723][T13441]  ? __pfx_dump_stack_lvl+0x10/0x10
[  894.608741][T13441]  ? __pfx__printk+0x10/0x10
[  894.608767][T13441]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  894.608794][T13441]  ? __pfx___might_resched+0x10/0x10
[  894.608819][T13441]  should_fail_ex+0x40a/0x550
[  894.608846][T13441]  should_failslab+0xac/0x100
[  894.608871][T13441]  kmem_cache_alloc_node_noprof+0x77/0x380
[  894.608895][T13441]  ? __alloc_skb+0x1c3/0x440
[  894.608924][T13441]  __alloc_skb+0x1c3/0x440
[  894.608946][T13441]  ? __pfx_tc_new_tfilter+0x10/0x10
[  894.608963][T13441]  ? __pfx_tc_new_tfilter+0x10/0x10
[  894.608984][T13441]  ? __pfx___alloc_skb+0x10/0x10
[  894.609005][T13441]  ? __pfx_tc_new_tfilter+0x10/0x10
[  894.609027][T13441]  ? netlink_ack_tlv_len+0x6e/0x200
[  894.609054][T13441]  netlink_ack+0x145/0xa60
[  894.609075][T13441]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  894.609109][T13441]  netlink_rcv_skb+0x294/0x480
[  894.609134][T13441]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  894.609154][T13441]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  894.609199][T13441]  ? __rcu_read_unlock+0xa1/0x110
[  894.609223][T13441]  netlink_unicast+0x7f6/0x990
[  894.609253][T13441]  ? __pfx_netlink_unicast+0x10/0x10
[  894.609273][T13441]  ? __virt_addr_valid+0x45f/0x530
[  894.609297][T13441]  ? __phys_addr_symbol+0x2f/0x70
[  894.609318][T13441]  ? __check_object_size+0x47a/0x730
[  894.609346][T13441]  netlink_sendmsg+0x8de/0xcb0
[  894.609375][T13441]  ? __pfx_netlink_sendmsg+0x10/0x10
[  894.609403][T13441]  ? __pfx_netlink_sendmsg+0x10/0x10
[  894.609425][T13441]  __sock_sendmsg+0x221/0x270
[  894.609447][T13441]  ____sys_sendmsg+0x53a/0x860
[  894.609479][T13441]  ? __pfx_____sys_sendmsg+0x10/0x10
[  894.609500][T13441]  ? __fget_files+0x2a/0x410
[  894.609520][T13441]  ? __fget_files+0x2a/0x410
[  894.609546][T13441]  __sys_sendmsg+0x269/0x350
[  894.609574][T13441]  ? __pfx___sys_sendmsg+0x10/0x10
[  894.609625][T13441]  ? __pfx___schedule+0x10/0x10
[  894.609653][T13441]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  894.609675][T13441]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  894.609701][T13441]  ? do_syscall_64+0xb6/0x230
[  894.609724][T13441]  do_syscall_64+0xf3/0x230
[  894.609744][T13441]  ? clear_bhb_loop+0x35/0x90
[  894.609769][T13441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  894.609790][T13441] RIP: 0033:0x7f476578d0a9
[  894.609805][T13441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  894.609819][T13441] RSP: 002b:00007f4766579038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  894.609838][T13441] RAX: ffffffffffffffda RBX: 00007f47659a6080 RCX: 00007f476578d0a9
[  894.609850][T13441] RDX: 0000000000000800 RSI: 00004000000001c0 RDI: 0000000000000004
[  894.609861][T13441] RBP: 00007f4766579090 R08: 0000000000000000 R09: 0000000000000000
[  894.609872][T13441] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  894.609882][T13441] R13: 0000000000000000 R14: 00007f47659a6080 R15: 00007ffddb6e6798
[  894.609908][T13441]  </TASK>
[  895.295734][ T7095] Bluetooth: hci5: command 0x0406 tx timeout
[  897.861916][T13481] FAULT_INJECTION: forcing a failure.
[  897.861916][T13481] name failslab, interval 1, probability 0, space 0, times 0
[  898.006840][T13481] CPU: 0 UID: 0 PID: 13481 Comm: syz.2.2063 Not tainted 6.14.0-rc3-syzkaller-00137-g27eddbf34490 #0
[  898.006866][T13481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  898.006876][T13481] Call Trace:
[  898.006882][T13481]  <TASK>
[  898.006889][T13481]  dump_stack_lvl+0x241/0x360
[  898.006912][T13481]  ? __pfx_dump_stack_lvl+0x10/0x10
[  898.006926][T13481]  ? __pfx__printk+0x10/0x10
[  898.006949][T13481]  ? fs_reclaim_acquire+0x93/0x130
[  898.006969][T13481]  ? __pfx___might_resched+0x10/0x10
[  898.006988][T13481]  should_fail_ex+0x40a/0x550
[  898.007013][T13481]  should_failslab+0xac/0x100
[  898.007046][T13481]  __kmalloc_noprof+0xdd/0x4c0
[  898.007060][T13481]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  898.007083][T13481]  tomoyo_realpath_from_path+0xcf/0x5e0
[  898.007103][T13481]  ? tomoyo_init_request_info+0xfe/0x350
[  898.007133][T13481]  tomoyo_path_number_perm+0x239/0x770
[  898.007154][T13481]  ? __lock_acquire+0x1397/0x2100
[  898.007178][T13481]  ? tomoyo_path_number_perm+0x209/0x770
[  898.007201][T13481]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  898.007259][T13481]  ? __fget_files+0x2a/0x410
[  898.007279][T13481]  ? __fget_files+0x2a/0x410
[  898.007299][T13481]  security_file_ioctl+0xc6/0x2a0
[  898.007322][T13481]  __se_sys_ioctl+0x46/0x170
[  898.007344][T13481]  do_syscall_64+0xf3/0x230
[  898.007364][T13481]  ? clear_bhb_loop+0x35/0x90
[  898.007388][T13481]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  898.007408][T13481] RIP: 0033:0x7f346958d0a9
[  898.007423][T13481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  898.007436][T13481] RSP: 002b:00007f346a37b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  898.007455][T13481] RAX: ffffffffffffffda RBX: 00007f34697a6080 RCX: 00007f346958d0a9
[  898.007467][T13481] RDX: 0000400000000440 RSI: 0000000000003b72 RDI: 0000000000000008
[  898.007477][T13481] RBP: 00007f346a37b090 R08: 0000000000000000 R09: 0000000000000000
[  898.007487][T13481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  898.007497][T13481] R13: 0000000000000000 R14: 00007f34697a6080 R15: 00007ffce68b8678
[  898.007522][T13481]  </TASK>
[  898.316794][T13481] ERROR: Out of memory at tomoyo_realpath_from_path.
[  898.317720][  T976] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  898.641872][  T976] usb 7-1: Using ep0 maxpacket: 8
[  899.306144][  T976] usb 7-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  899.321187][  T976] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  899.349622][  T976] usb 7-1: Product: syz
[  899.358463][  T976] usb 7-1: Manufacturer: syz
[  899.369809][  T976] usb 7-1: SerialNumber: syz
[  899.860398][  T976] usb 7-1: config 0 descriptor??
[  900.859710][T13499] [U] W!TÁÍ—Ž}Ý©ÏS…L^Ï=ÍÝ
[  901.075302][  T976] dvb_usb_rtl28xxu 7-1:0.0: chip type detection failed -110
[  901.242480][   T98] block nbd0: Possible stuck request ffff888025ed5080: control (read@0,4096B). Runtime 630 seconds
[  901.306553][  T976] dvb_usb_rtl28xxu 7-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -110
[  902.324713][    T8] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  902.377854][T13509] Bluetooth: hci1: Opcode 0x080f failed: -4
[  902.450004][T13475] [U] '
[  902.454312][   T51] usb 7-1: USB disconnect, device number 9
[  902.527300][    T8] usb 3-1: Using ep0 maxpacket: 16
[  902.542961][    T8] usb 3-1: config 0 has an invalid interface number: 132 but max is 0
[  902.558489][    T8] usb 3-1: config 0 has no interface number 0
[  902.582929][    T8] usb 3-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  902.601566][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  902.624497][    T8] usb 3-1: Product: syz
[  902.634613][    T8] usb 3-1: Manufacturer: syz
[  902.643672][    T8] usb 3-1: SerialNumber: syz
[  902.679708][    T8] usb 3-1: config 0 descriptor??
[  903.563712][    T8] hub 3-1:0.132: bad descriptor, ignoring hub
[  903.570074][    T8] hub 3-1:0.132: probe with driver hub failed with error -5
[  903.581664][    T8] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.132/input/input28
[  905.132988][ T7095] Bluetooth: hci1: command 0x080f tx timeout
[  905.307089][    T8] input: failed to attach handler mousedev to device input28, error: -2
[  905.395449][    T8] usb 3-1: USB disconnect, device number 43
[  906.963721][T13559] Bluetooth: MGMT ver 1.23
[  907.239336][   T51] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  907.460203][   T51] usb 3-1: Using ep0 maxpacket: 32
[  907.589114][   T51] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  907.626873][   T51] usb 3-1: config 0 has no interface number 0
[  907.665254][   T51] usb 3-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[  907.693020][   T51] usb 3-1: config 0 interface 1 has no altsetting 0
[  907.727886][   T51] usb 3-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a
[  907.749731][   T51] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  907.775429][   T51] usb 3-1: Product: syz
[  907.779976][   T51] usb 3-1: Manufacturer: syz
[  907.784607][   T51] usb 3-1: SerialNumber: syz
[  908.773888][   T51] usb 3-1: config 0 descriptor??
[  909.408072][   T51] cx231xx 3-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces
[  909.429269][   T51] cx231xx 3-1:0.1: Failed to read PCB config
[  909.442078][   T51] cx231xx 3-1:0.1: probe with driver cx231xx failed with error -71
[  909.558235][  T976] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  909.674279][   T51] usb 3-1: USB disconnect, device number 44
[  909.807196][  T976] usb 2-1: device descriptor read/64, error -71
[  910.427052][  T976] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  911.425412][   T51] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  911.495743][  T976] usb 2-1: device descriptor read/64, error -71
[  911.606169][  T976] usb usb2-port1: attempt power cycle
[  911.921755][T13598] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2097'.
[  911.955222][ T5915] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  912.067160][T13600] input: syz0 as /devices/virtual/input/input29
[  912.136596][ T5915] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  912.553199][ T5915] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[  912.605500][ T5915] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  912.685747][ T5915] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[  912.731715][ T5915] usb 6-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  912.749433][ T5915] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  912.761603][ T5915] usb 6-1: Product: syz
[  912.769503][ T5915] usb 6-1: Manufacturer: syz
[  912.775023][ T5915] usb 6-1: SerialNumber: syz
[  912.795008][ T5915] usb 6-1: config 0 descriptor??
[  912.802755][ T5915] ums-isd200 6-1:0.0: USB Mass Storage device detected
[  913.089936][ T5915] scsi host1: usb-storage 6-1:0.0
[  913.201240][T13623] FAULT_INJECTION: forcing a failure.
[  913.201240][T13623] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  913.214749][T13623] CPU: 1 UID: 0 PID: 13623 Comm: syz.0.2102 Not tainted 6.14.0-rc3-syzkaller-00137-g27eddbf34490 #0
[  913.214772][T13623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  913.214782][T13623] Call Trace:
[  913.214788][T13623]  <TASK>
[  913.214795][T13623]  dump_stack_lvl+0x241/0x360
[  913.214821][T13623]  ? __pfx_dump_stack_lvl+0x10/0x10
[  913.214839][T13623]  ? __pfx__printk+0x10/0x10
[  913.214864][T13623]  ? __pfx_lock_release+0x10/0x10
[  913.214894][T13623]  should_fail_ex+0x40a/0x550
[  913.214921][T13623]  _copy_from_user+0x2d/0xb0
[  913.214942][T13623]  copy_msghdr_from_user+0xae/0x680
[  913.214968][T13623]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  913.214985][T13623]  ? __fget_files+0x2a/0x410
[  913.215006][T13623]  ? __fget_files+0x2a/0x410
[  913.215031][T13623]  do_recvmmsg+0x3bd/0xab0
[  913.215066][T13623]  ? __pfx_do_recvmmsg+0x10/0x10
[  913.215110][T13623]  ? finish_task_switch+0x1ea/0x870
[  913.215135][T13623]  ? finish_task_switch+0x1e5/0x870
[  913.215163][T13623]  ? __schedule+0x18c4/0x4c40
[  913.215216][T13623]  __x64_sys_recvmmsg+0x199/0x250
[  913.215242][T13623]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  913.215267][T13623]  ? do_syscall_64+0x100/0x230
[  913.215291][T13623]  ? do_syscall_64+0xb6/0x230
[  913.215313][T13623]  do_syscall_64+0xf3/0x230
[  913.215333][T13623]  ? clear_bhb_loop+0x35/0x90
[  913.215357][T13623]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  913.215377][T13623] RIP: 0033:0x7f85e5f8d0a9
[  913.215392][T13623] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  913.215406][T13623] RSP: 002b:00007f85e6d86038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  913.215424][T13623] RAX: ffffffffffffffda RBX: 00007f85e61a6160 RCX: 00007f85e5f8d0a9
[  913.215436][T13623] RDX: 0000000000000001 RSI: 00004000000050c0 RDI: 0000000000000008
[  913.215447][T13623] RBP: 00007f85e6d86090 R08: 0000000000000000 R09: 0000000000000000
[  913.215457][T13623] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  913.215467][T13623] R13: 0000000000000000 R14: 00007f85e61a6160 R15: 00007ffcb053e0e8
[  913.215493][T13623]  </TASK>
[  913.742778][  T976] usb 6-1: USB disconnect, device number 11
[  913.879110][T13631] overlayfs: workdir and upperdir must be separate subtrees
[  916.344435][  T976] IPVS: starting estimator thread 0...
[  916.568306][T13650] IPVS: using max 23 ests per chain, 55200 per kthread
[  916.915230][T13660] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2111'.
[  917.021397][T13660] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[  917.165820][  T976] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  917.345969][  T976] usb 2-1: Using ep0 maxpacket: 32
[  917.469245][  T976] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  917.671783][  T976] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  917.699157][  T976] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  917.721858][  T976] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  917.742724][  T976] usb 2-1: config 0 descriptor??
[  917.758880][  T976] hub 2-1:0.0: USB hub found
[  917.817214][T13673] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_to_hsr, syncid = 0, id = 0
[  918.772179][  T976] hub 2-1:0.0: 1 port detected
[  919.834525][  T976] usb 2-1: USB disconnect, device number 50
[  919.840944][T13686] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2119'.
[  920.913823][T13697] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  920.941473][T13693] netlink: 'syz.1.2122': attribute type 9 has an invalid length.
[  922.012965][T13697] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  922.044793][T13699] IPVS: set_ctl: invalid protocol: 94 10.1.1.1:20001
[  922.051915][T13702] IPVS: sync thread started: state = BACKUP, mcast_ifn = syz_tun, syncid = 0, id = 0
[  922.278407][T13671] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2116'.
[  922.792929][T13691] syz.6.2123 (13691): drop_caches: 2
[  923.023963][    T9] IPVS: starting estimator thread 0...
[  923.029938][    T8] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  923.175650][T13717] IPVS: using max 37 ests per chain, 88800 per kthread
[  923.195477][    T8] usb 6-1: Using ep0 maxpacket: 8
[  923.228747][    T8] usb 6-1: config 0 has an invalid interface number: 113 but max is 0
[  923.260731][    T8] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  923.273430][    T8] usb 6-1: config 0 has no interface number 0
[  923.287443][    T8] usb 6-1: New USB device found, idVendor=0b48, idProduct=1006, bcdDevice=c0.0a
[  923.306956][    T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  923.324321][    T8] usb 6-1: Product: syz
[  923.332434][    T8] usb 6-1: Manufacturer: syz
[  923.342636][    T8] usb 6-1: SerialNumber: syz
[  923.437371][    T8] usb 6-1: config 0 descriptor??
[  923.450846][    T8] ttusb_dec_send_command: command bulk message failed: error -22
[  923.461004][    T8] ttusb-dec 6-1:0.113: probe with driver ttusb-dec failed with error -22
[  924.249545][    T8] usb 6-1: USB disconnect, device number 12
[  925.342704][T13737] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2134'.
[  926.762288][T13750] bridge0: port 3(gretap0) entered blocking state
[  926.769598][T13750] bridge0: port 3(gretap0) entered disabled state
[  926.778373][T13750] gretap0: entered allmulticast mode
[  926.797563][T13750] gretap0: entered promiscuous mode
[  926.806610][T13750] bridge0: port 3(gretap0) entered blocking state
[  926.813596][T13750] bridge0: port 3(gretap0) entered forwarding state
[  927.550876][    T9] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  928.131035][T13754] FAULT_INJECTION: forcing a failure.
[  928.131035][T13754] name failslab, interval 1, probability 0, space 0, times 0
[  928.144048][T13754] CPU: 1 UID: 0 PID: 13754 Comm: syz.2.2139 Not tainted 6.14.0-rc3-syzkaller-00137-g27eddbf34490 #0
[  928.144072][T13754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  928.144083][T13754] Call Trace:
[  928.144089][T13754]  <TASK>
[  928.144095][T13754]  dump_stack_lvl+0x241/0x360
[  928.144120][T13754]  ? __pfx_dump_stack_lvl+0x10/0x10
[  928.144137][T13754]  ? __pfx__printk+0x10/0x10
[  928.144162][T13754]  ? kmem_cache_alloc_lru_noprof+0x4d/0x390
[  928.144188][T13754]  ? __pfx___might_resched+0x10/0x10
[  928.144213][T13754]  should_fail_ex+0x40a/0x550
[  928.144250][T13754]  should_failslab+0xac/0x100
[  928.144274][T13754]  ? proc_alloc_inode+0x2a/0xc0
[  928.144290][T13754]  kmem_cache_alloc_lru_noprof+0x75/0x390
[  928.144320][T13754]  proc_alloc_inode+0x2a/0xc0
[  928.144334][T13754]  ? __pfx_proc_alloc_inode+0x10/0x10
[  928.144350][T13754]  alloc_inode+0x65/0x1a0
[  928.144368][T13754]  new_inode+0x22/0x1d0
[  928.144388][T13754]  proc_pid_make_inode+0x1f/0x130
[  928.144410][T13754]  proc_fdinfo_instantiate+0x52/0x250
[  928.144435][T13754]  proc_fill_cache+0x316/0x420
[  928.144458][T13754]  ? __pfx_proc_fdinfo_instantiate+0x10/0x10
[  928.144481][T13754]  ? __pfx_proc_fill_cache+0x10/0x10
[  928.144499][T13754]  ? snprintf+0xda/0x120
[  928.144523][T13754]  ? fget_task_next+0x5aa/0x620
[  928.144549][T13754]  proc_readfd_common+0x483/0x820
[  928.144578][T13754]  ? __pfx_proc_fdinfo_instantiate+0x10/0x10
[  928.144601][T13754]  ? __pfx_proc_readfd_common+0x10/0x10
[  928.144624][    T9] usb 6-1: unable to get BOS descriptor or descriptor too short
[  928.144623][T13754]  ? vfs_write+0x7fa/0xd10
[  928.144645][T13754]  ? __fget_files+0x2a/0x410
[  928.144665][T13754]  iterate_dir+0x5a9/0x760
[  928.144689][T13754]  __se_sys_getdents64+0x1e2/0x4b0
[  928.144719][T13754]  ? __pfx___se_sys_getdents64+0x10/0x10
[  928.144738][T13754]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  928.144759][T13754]  ? __pfx_filldir64+0x10/0x10
[  928.144781][T13754]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  928.144803][T13754]  ? do_syscall_64+0x100/0x230
[  928.144826][T13754]  ? do_syscall_64+0xb6/0x230
[  928.144847][T13754]  do_syscall_64+0xf3/0x230
[  928.144867][T13754]  ? clear_bhb_loop+0x35/0x90
[  928.144891][T13754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  928.144912][T13754] RIP: 0033:0x7f346958d0a9
[  928.144927][T13754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  928.144940][T13754] RSP: 002b:00007f346a37b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d9
[  928.144958][T13754] RAX: ffffffffffffffda RBX: 00007f34697a6080 RCX: 00007f346958d0a9
[  928.144970][T13754] RDX: 0000000000001002 RSI: 0000400000002f40 RDI: 000000000000000a
[  928.144980][T13754] RBP: 00007f346a37b090 R08: 0000000000000000 R09: 0000000000000000
[  928.144990][T13754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  928.145000][T13754] R13: 0000000000000000 R14: 00007f34697a6080 R15: 00007ffce68b8678
[  928.145026][T13754]  </TASK>
[  928.812396][    T9] usb 6-1: config 247 has an invalid interface number: 141 but max is 0
[  928.821022][    T9] usb 6-1: config 247 has no interface number 0
[  928.833893][    T9] usb 6-1: too many endpoints for config 247 interface 141 altsetting 4: 218, using maximum allowed: 30
[  929.069647][    T9] usb 6-1: config 247 interface 141 altsetting 4 has 0 endpoint descriptors, different from the interface descriptor's value: 218
[  929.091132][    T9] usb 6-1: config 247 interface 141 has no altsetting 0
[  929.102269][    T9] usb 6-1: New USB device found, idVendor=0af0, idProduct=7811, bcdDevice= 2.22
[  929.117456][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  929.155396][    T9] usb 6-1: Product: syz
[  929.463287][    T9] usb 6-1: Manufacturer: syz
[  929.869238][    T9] usb 6-1: SerialNumber: syz
[  929.962903][    T9] usb 6-1: can't set config #247, error -71
[  929.994998][    T9] usb 6-1: USB disconnect, device number 13
[  931.858612][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  932.295491][ T7095] Bluetooth: hci2: command 0x0406 tx timeout
[  932.301568][   T98] block nbd0: Possible stuck request ffff888025ed5080: control (read@0,4096B). Runtime 660 seconds
[  933.120508][T13797] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2151'.
[  933.373902][T13804] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[  933.617537][T13806] netlink: 76 bytes leftover after parsing attributes in process `syz.6.2153'.
[  936.213489][T13833] Cannot find set identified by id 632 to match
[  937.790614][T13844] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[  938.027627][   T29] kauditd_printk_skb: 10 callbacks suppressed
[  938.027644][   T29] audit: type=1326 audit(1740149310.824:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13845 comm="syz.2.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  938.071523][T13846] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  938.131342][T13795] Bluetooth: hci0: command 0x0406 tx timeout
[  938.451418][T13850] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2167'.
[  938.675977][   T29] audit: type=1326 audit(1740149310.854:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13845 comm="syz.2.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  938.852157][   T29] audit: type=1326 audit(1740149310.864:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13845 comm="syz.2.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=460 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  938.918845][   T29] audit: type=1326 audit(1740149310.864:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13845 comm="syz.2.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  938.961649][   T29] audit: type=1326 audit(1740149310.864:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13845 comm="syz.2.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  939.000381][   T29] audit: type=1326 audit(1740149310.864:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13845 comm="syz.2.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  939.022592][   T29] audit: type=1326 audit(1740149310.864:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13845 comm="syz.2.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  939.044851][   T29] audit: type=1326 audit(1740149310.864:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13845 comm="syz.2.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  939.092961][   T29] audit: type=1326 audit(1740149310.864:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13845 comm="syz.2.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  939.172793][   T29] audit: type=1326 audit(1740149310.864:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13845 comm="syz.2.2166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f346958d0a9 code=0x7ffc0000
[  939.262906][T13865] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(5)
[  939.269977][T13865] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  939.489801][T13865] vhci_hcd vhci_hcd.0: Device attached
[  939.603563][T13867] vhci_hcd: connection closed
[  939.635782][T13865] vhci_hcd vhci_hcd.0: port 0 already used
[  939.870543][ T6048] vhci_hcd: stop threads
[  939.905418][ T6048] vhci_hcd: release socket
[  939.917808][ T6048] vhci_hcd: disconnect device
[  939.935293][  T976] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  939.965467][   T51] usb 38-1: enqueue for inactive port 0
[  940.272575][T13875] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  940.281168][T13875] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  940.584056][T13884] FAULT_INJECTION: forcing a failure.
[  940.584056][T13884] name failslab, interval 1, probability 0, space 0, times 0
[  940.597191][T13884] CPU: 0 UID: 0 PID: 13884 Comm: syz.0.2176 Not tainted 6.14.0-rc3-syzkaller-00137-g27eddbf34490 #0
[  940.597216][T13884] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  940.597226][T13884] Call Trace:
[  940.597232][T13884]  <TASK>
[  940.597239][T13884]  dump_stack_lvl+0x241/0x360
[  940.597265][T13884]  ? __pfx_dump_stack_lvl+0x10/0x10
[  940.597283][T13884]  ? __pfx__printk+0x10/0x10
[  940.597307][T13884]  ? __kmalloc_noprof+0xb5/0x4c0
[  940.597324][T13884]  ? __pfx___might_resched+0x10/0x10
[  940.597349][T13884]  should_fail_ex+0x40a/0x550
[  940.597376][T13884]  should_failslab+0xac/0x100
[  940.597402][T13884]  __kmalloc_noprof+0xdd/0x4c0
[  940.597417][T13884]  ? skcipher_next_slow+0xea/0x230
[  940.597437][T13884]  ? skcipher_walk_done+0x7bf/0xbd0
[  940.597457][T13884]  skcipher_next_slow+0xea/0x230
[  940.597471][T13884]  crypto_aegis128_decrypt_generic+0x1251/0x1450
[  940.597485][T13884]  ? __kmalloc_noprof+0x285/0x4c0
[  940.597493][T13884]  ? sock_kmalloc+0xd7/0x160
[  940.597519][T13884]  ? __pfx_crypto_aegis128_decrypt_generic+0x10/0x10
[  940.597566][T13884]  ? af_alg_pull_tsgl+0x868/0x990
[  940.597600][T13884]  ? crypto_aead_decrypt+0xd8/0x180
[  940.597620][T13884]  aead_recvmsg+0x1389/0x19f0
[  940.597650][T13884]  ? __pfx_aead_recvmsg+0x10/0x10
[  940.597664][T13884]  ? up_write+0x1a9/0x590
[  940.597722][T13884]  ? __pfx_validate_chain+0x10/0x10
[  940.597739][T13884]  ? __lock_acquire+0x1397/0x2100
[  940.597766][T13884]  ? mark_lock+0x9a/0x360
[  940.597781][T13884]  ? __lock_acquire+0x1397/0x2100
[  940.597811][T13884]  ? iovec_from_user+0x1b4/0x240
[  940.597835][T13884]  ? __import_iovec+0x3bf/0x830
[  940.597853][T13884]  ? __pfx_aead_recvmsg+0x10/0x10
[  940.597878][T13884]  sock_recvmsg_nosec+0x18e/0x1d0
[  940.597901][T13884]  ____sys_recvmsg+0x3cd/0x480
[  940.597925][T13884]  ? __pfx_____sys_recvmsg+0x10/0x10
[  940.597951][T13884]  ? do_recvmmsg+0x44e/0xab0
[  940.597966][T13884]  ? __might_fault+0xaa/0x120
[  940.597989][T13884]  do_recvmmsg+0x426/0xab0
[  940.598025][T13884]  ? __pfx_do_recvmmsg+0x10/0x10
[  940.598063][T13884]  ? raw_spin_rq_unlock_irq+0x12/0x90
[  940.598078][T13884]  ? update_curr+0x8ad/0xda0
[  940.598093][T13884]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  940.598108][T13884]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  940.598122][T13884]  ? do_raw_spin_unlock+0x13c/0x8b0
[  940.598144][T13884]  ? raw_spin_rq_unlock_irq+0x17/0x90
[  940.598171][T13884]  ? lockdep_hardirqs_on+0x99/0x150
[  940.598192][T13884]  ? raw_spin_rq_unlock_irq+0x17/0x90
[  940.598214][T13884]  ? __schedule+0x1a75/0x4c40
[  940.598241][T13884]  __x64_sys_recvmmsg+0x199/0x250
[  940.598257][T13884]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  940.598271][T13884]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  940.598297][T13884]  ? do_syscall_64+0xb6/0x230
[  940.598320][T13884]  do_syscall_64+0xf3/0x230
[  940.598340][T13884]  ? clear_bhb_loop+0x35/0x90
[  940.598364][T13884]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  940.598378][T13884] RIP: 0033:0x7f85e5f8d0a9
[  940.598388][T13884] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  940.598395][T13884] RSP: 002b:00007f85e6da7038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  940.598406][T13884] RAX: ffffffffffffffda RBX: 00007f85e61a6080 RCX: 00007f85e5f8d0a9
[  940.598413][T13884] RDX: 0000000000000002 RSI: 0000400000000180 RDI: 000000000000000c
[  940.598419][T13884] RBP: 00007f85e6da7090 R08: 0000000000000000 R09: 0000000000000000
[  940.598427][T13884] R10: 0000000000000060 R11: 0000000000000246 R12: 0000000000000001
[  940.598436][T13884] R13: 0000000000000000 R14: 00007f85e61a6080 R15: 00007ffcb053e0e8
[  940.598463][T13884]  </TASK>
[  940.954027][    C0] vkms_vblank_simulate: vblank timer overrun
[  940.965241][ T5874] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  941.093924][   T51] usb usb38-port1: attempt power cycle
[  941.226050][ T5874] usb 7-1: Using ep0 maxpacket: 8
[  941.598450][ T5874] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  941.607933][ T5874] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  941.617945][ T5874] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  941.627861][ T5874] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  941.648612][ T5874] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  941.677993][ T5874] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  941.696865][ T5874] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  941.888679][   T51] usb usb38-port1: unable to enumerate USB device
[  942.041660][ T5874] usb 7-1: usb_control_msg returned -32
[  942.391333][ T5874] usbtmc 7-1:16.0: can't read capabilities
[  943.285715][  T976] usb 2-1: unable to get BOS descriptor or descriptor too short
[  943.306946][  T976] usb 2-1: unable to read config index 0 descriptor/start: -71
[  943.314614][  T976] usb 2-1: can't read configurations, error -71
[  943.518107][T13901] tmpfs: Bad value for 'mpol'
[  944.440315][    T8] usb 7-1: USB disconnect, device number 10
[  944.929057][T13918] sctp: [Deprecated]: syz.1.2184 (pid 13918) Use of struct sctp_assoc_value in delayed_ack socket option.
[  944.929057][T13918] Use struct sctp_sack_info instead
[  945.648137][T13922] veth0_vlan: entered allmulticast mode
[  945.717470][T13923] veth0_vlan: left promiscuous mode
[  945.726342][T13923] veth0_vlan: entered promiscuous mode
[  947.620902][T13939] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2187'.
[  948.477352][T13947] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2191'.
[  949.156511][T13962] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2196'.
[  949.182687][T11578] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  949.585364][T11578] usb 6-1: Using ep0 maxpacket: 32
[  949.656423][T13963] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2197'.
[  949.880332][T11578] usb 6-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  949.907705][T11578] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  949.935389][T11578] usb 6-1: Product: syz
[  949.939609][T11578] usb 6-1: Manufacturer: syz
[  949.975609][T11578] usb 6-1: SerialNumber: syz
[  950.177393][T11578] usb 6-1: config 0 descriptor??
[  950.193757][T11578] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  950.561074][T13970] gtp1: entered promiscuous mode
[  950.711586][T11578] gspca_ov534_9: reg_w failed -71
[  950.727621][T13978] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  950.734194][T13978] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  950.748672][T13978] vhci_hcd vhci_hcd.0: Device attached
[  950.764425][T13978] vhci_hcd vhci_hcd.0: pdev(2) rhport(1) sockfd(5)
[  950.771003][T13978] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  950.779163][T13978] vhci_hcd vhci_hcd.0: Device attached
[  950.785908][T13982] vhci_hcd: connection closed
[  950.786290][T13980] vhci_hcd: connection closed
[  950.795316][ T6048] vhci_hcd: stop threads
[  950.804285][ T6048] vhci_hcd: release socket
[  950.850951][ T6048] vhci_hcd: disconnect device
[  950.918109][ T6048] vhci_hcd: stop threads
[  950.935755][ T6048] vhci_hcd: release socket
[  950.976534][ T6048] vhci_hcd: disconnect device
[  951.315901][T11578] gspca_ov534_9: Unknown sensor 0000
[  951.323776][T11578] ov534_9 6-1:0.0: probe with driver ov534_9 failed with error -22
[  951.351914][  T976] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  951.656519][T11578] usb 6-1: USB disconnect, device number 14
[  951.884618][  T976] usb 7-1: Using ep0 maxpacket: 8
[  951.914091][  T976] usb 7-1: unable to get BOS descriptor or descriptor too short
[  952.043850][  T976] usb 7-1: config 0 has an invalid interface number: 88 but max is 0
[  952.052232][  T976] usb 7-1: config 0 has no interface number 0
[  952.059091][  T976] usb 7-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  952.074152][  T976] usb 7-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid wMaxPacketSize 0
[  952.084594][  T976] usb 7-1: config 0 interface 88 has no altsetting 0
[  952.094907][  T976] usb 7-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[  952.107715][  T976] usb 7-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[  952.771705][  T976] usb 7-1: Product: syz
[  952.779320][  T976] usb 7-1: Manufacturer: syz
[  952.789370][  T976] usb 7-1: SerialNumber: syz
[  952.809856][  T976] usb 7-1: config 0 descriptor??
[  953.052603][T14006] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2209'.
[  953.666151][T14011] input: syz1 as /devices/virtual/input/input30
[  953.869578][T13990] netlink: 165 bytes leftover after parsing attributes in process `syz.6.2205'.
[  954.446374][  T976] input: syz syz as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.88/input/input31
[  954.541591][  T976] usb 7-1: USB disconnect, device number 11
[  954.584291][T14023] netlink: 11 bytes leftover after parsing attributes in process `syz.0.2213'.
[  956.623634][ T5840] Bluetooth: hci1: command 0x080f tx timeout
[  957.385595][ T5935] usb 7-1: new full-speed USB device number 12 using dummy_hcd
[  957.610596][ T5935] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  957.642044][ T5935] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  957.663318][ T5935] usb 7-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00
[  957.771007][ T5935] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  958.317391][ T5935] usb 7-1: config 0 descriptor??
[  958.388969][T14062] 9pnet_fd: Insufficient options for proto=fd
[  958.612546][T14065] netlink: 11 bytes leftover after parsing attributes in process `syz.5.2226'.
[  958.733755][ T5935] hid (null): nested delimiters
[  958.767630][ T5935] hid (null): nested delimiters
[  958.791598][ T5935] hid (null): nested delimiters
[  958.805557][ T5935] hid (null): bogus close delimiter
[  958.812610][ T5935] hid (null): report_id 24797 is invalid
[  958.842376][ T5935] hid (null): unknown global tag 0xe
[  958.850402][ T5935] hid (null): unknown global tag 0xd
[  958.871631][ T5935] uclogic 0003:28BD:0042.000A: interface is invalid, ignoring
[  959.015299][ T5874] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  959.828476][T14077] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  959.875719][T14077] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  959.887088][ T5935] usb 7-1: USB disconnect, device number 12
[  960.237095][ T5874] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  960.258198][ T5874] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  960.842035][ T5874] usb 6-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00
[  960.851522][ T5874] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  960.861994][ T5874] usb 6-1: config 0 descriptor??
[  961.079522][T14067] netlink: 'syz.5.2227': attribute type 3 has an invalid length.
[  961.087676][T14067] netlink: 'syz.5.2227': attribute type 1 has an invalid length.
[  961.096048][T14067] netlink: 112865 bytes leftover after parsing attributes in process `syz.5.2227'.
[  961.328690][ T5874] usbhid 6-1:0.0: can't add hid device: -71
[  961.347012][ T5874] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  961.379194][ T5874] usb 6-1: USB disconnect, device number 15
[  961.992221][T14103] netlink: 11 bytes leftover after parsing attributes in process `syz.1.2238'.
[  962.347349][T14108] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2239'.
[  962.693324][   T98] block nbd0: Possible stuck request ffff888025ed5080: control (read@0,4096B). Runtime 690 seconds
[  963.978144][T14118] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[  963.986558][T14118] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[  963.994963][T14118] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[  964.820446][T14135] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2249'.
[  965.250626][T14147] netlink: 104 bytes leftover after parsing attributes in process `syz.6.2252'.
[  965.829391][T14149] loop6: detected capacity change from 0 to 524287999
[  966.219016][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 32 prio class 0
[  966.231329][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  966.240563][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  966.250627][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  966.259889][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  966.985696][T13795] Bluetooth: hci0: command 0x0406 tx timeout
[  968.057769][T14172] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2259'.
[  968.086672][T14172] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[  968.769733][T14177] netlink: 76 bytes leftover after parsing attributes in process `syz.0.2260'.
[  973.169465][T14220] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2274'.
[  973.651466][T14223] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2275'.
[  975.966127][ T5935] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  976.099330][T14242] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2281'.
[  976.617649][ T5935] usb 3-1: Using ep0 maxpacket: 32
[  976.643798][ T5935] usb 3-1: config 4 has an invalid interface number: 128 but max is 0
[  976.678473][ T5935] usb 3-1: config 4 has no interface number 0
[  976.684626][ T5935] usb 3-1: config 4 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  977.167684][ T5935] usb 3-1: config 4 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  977.302702][ T5935] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  977.312547][ T5935] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  977.363949][ T5935] hub 3-1:4.128: USB hub found
[  978.030661][ T5935] hub 3-1:4.128: config failed, can't read hub descriptor (err -90)
[  979.299239][ T5935] usb 3-1: USB disconnect, device number 46
[  981.820702][T14288] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2294'.
[  983.701543][T14306] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2298'.
[  984.106295][T14308] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  984.407006][T14315] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2301'.
[  984.582968][ T5915] IPVS: starting estimator thread 0...
[  984.805904][T14316] IPVS: using max 21 ests per chain, 50400 per kthread
[  985.459093][T14335] netlink: 48 bytes leftover after parsing attributes in process `syz.6.2306'.
[  985.811149][ T5915] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  986.027785][T14335] netlink: 'syz.6.2306': attribute type 29 has an invalid length.
[  986.188123][T14341] netlink: 'syz.6.2306': attribute type 29 has an invalid length.
[  986.365408][ T5915] usb 2-1: Using ep0 maxpacket: 8
[  986.383210][ T5915] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  986.405166][ T5915] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  986.413216][ T5915] usb 2-1: Product: syz
[  986.418443][ T5915] usb 2-1: Manufacturer: syz
[  986.423073][ T5915] usb 2-1: SerialNumber: syz
[  986.431216][ T5915] usb 2-1: config 0 descriptor??
[  987.541204][ T5915] dvb_usb_rtl28xxu 2-1:0.0: chip type detection failed -110
[  987.554380][ T5915] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -110
[  987.596292][T14357] 9pnet_fd: Insufficient options for proto=fd
[  987.634997][T14354] [U] W!TÁÍ—Ž}Ý©ÏS…L^Ï=ÍÝ
[  988.583356][T14369] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2314'.
[  988.908061][T14333] [U] '
[  988.919059][ T5874] usb 2-1: USB disconnect, device number 53
[  992.034775][T14386] Bluetooth: hci1: Opcode 0x080f failed: -4
[  992.383893][T13795] Bluetooth: hci1: command 0x080f tx timeout
[  992.435287][    T9] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  992.462867][T14411] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2328'.
[  992.472033][T14411] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2328'.
[  992.481457][T14412] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  992.897224][    T9] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 196, using maximum allowed: 30
[  992.925225][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  992.959804][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  992.959837][T14415] FAULT_INJECTION: forcing a failure.
[  992.959837][T14415] name failslab, interval 1, probability 0, space 0, times 0
[  993.003612][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 196
[  993.049627][    T9] usb 3-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[  993.053692][T14415] CPU: 1 UID: 0 PID: 14415 Comm: syz.6.2329 Not tainted 6.14.0-rc3-syzkaller-00137-g27eddbf34490 #0
[  993.053716][T14415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  993.053727][T14415] Call Trace:
[  993.053734][T14415]  <TASK>
[  993.053742][T14415]  dump_stack_lvl+0x241/0x360
[  993.053771][T14415]  ? __pfx_dump_stack_lvl+0x10/0x10
[  993.053788][T14415]  ? __pfx__printk+0x10/0x10
[  993.053814][T14415]  ? kmem_cache_alloc_noprof+0x48/0x380
[  993.053839][T14415]  ? __pfx___might_resched+0x10/0x10
[  993.053862][T14415]  should_fail_ex+0x40a/0x550
[  993.053889][T14415]  should_failslab+0xac/0x100
[  993.053914][T14415]  ? getname_flags+0xb7/0x540
[  993.053930][T14415]  kmem_cache_alloc_noprof+0x70/0x380
[  993.053959][T14415]  getname_flags+0xb7/0x540
[  993.053979][T14415]  __x64_sys_rename+0x5d/0x90
[  993.054003][T14415]  do_syscall_64+0xf3/0x230
[  993.054023][T14415]  ? clear_bhb_loop+0x35/0x90
[  993.054048][T14415]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  993.054069][T14415] RIP: 0033:0x7f476578d0a9
[  993.054084][T14415] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  993.054098][T14415] RSP: 002b:00007f476659a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  993.054116][T14415] RAX: ffffffffffffffda RBX: 00007f47659a5fa0 RCX: 00007f476578d0a9
[  993.054129][T14415] RDX: 0000000000000000 RSI: 0000400000000f40 RDI: 00004000000003c0
[  993.054140][T14415] RBP: 00007f476659a090 R08: 0000000000000000 R09: 0000000000000000
[  993.054151][T14415] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  993.054161][T14415] R13: 0000000000000000 R14: 00007f47659a5fa0 R15: 00007ffddb6e6798
[  993.054187][T14415]  </TASK>
[  993.234227][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  993.281145][    T9] usb 3-1: config 0 descriptor??
[  993.297961][   T98] block nbd0: Possible stuck request ffff888025ed5080: control (read@0,4096B). Runtime 720 seconds
[  993.299552][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  994.577630][T14431] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  994.606370][T14429] Bluetooth: hci1: Opcode 0x080f failed: -4
[  994.627045][T14431] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  994.648599][    T9] usbhid 3-1:0.0: can't add hid device: -71
[  994.665568][    T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  994.715678][    T9] usb 3-1: USB disconnect, device number 47
[  994.787805][T14420] netdevsim netdevsim0: loading /lib/firmware/. failed with error -22
[  994.805618][T14420] netdevsim netdevsim0: Direct firmware load for . failed with error -22
[  994.830703][T14420] netdevsim netdevsim0: Falling back to sysfs fallback for: .
[  996.001858][T14452] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[  996.011966][T14452] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[  996.020761][T14452] netdevsim netdevsim5: Falling back to sysfs fallback for: .
[  996.105171][    T9] usb 7-1: new full-speed USB device number 13 using dummy_hcd
[  996.495374][ T5840] Bluetooth: hci1: command 0x080f tx timeout
[  996.679575][    T9] usb 7-1: device descriptor read/64, error -71
[  997.145259][    T9] usb 7-1: new full-speed USB device number 14 using dummy_hcd
[  997.290552][T14462] openvswitch: netlink: Actions may not be safe on all matching packets
[  998.121154][    T9] usb 7-1: device descriptor read/64, error -71
[  998.233033][T14467] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  998.245694][    T9] usb usb7-port1: attempt power cycle
[ 1000.630637][T14485] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2348'.
[ 1001.785233][T14485] netlink: 'syz.1.2348': attribute type 29 has an invalid length.
[ 1003.802737][T14509] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1004.591042][T14516] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input32
[ 1004.739639][T14514] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2358'.
[ 1004.749116][ T5840] Bluetooth: hci1: link tx timeout
[ 1004.754263][ T5840] Bluetooth: hci1: killing stalled connection 10:aa:aa:aa:aa:aa
[ 1004.763893][T14514] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2358'.
[ 1006.193935][T14531] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2363'.
[ 1006.295947][T14531] netlink: 'syz.1.2363': attribute type 29 has an invalid length.
[ 1006.322286][T14531] netlink: 'syz.1.2363': attribute type 29 has an invalid length.
[ 1006.824127][T13795] Bluetooth: hci1: command 0x080f tx timeout
[ 1007.915892][T14548] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1009.173358][T14562] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2372'.
[ 1009.213816][T14562] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2372'.
[ 1010.848300][T14574] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[ 1010.857373][T14574] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[ 1010.866370][T14574] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[ 1011.773603][T14580] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2376'.
[ 1012.602283][T14583] slcan: can't register candev
[ 1012.607603][T14583] Falling back ldisc for ttyS3.
[ 1012.640003][T14584] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2377'.
[ 1012.819890][T14590] 9pnet_fd: Insufficient options for proto=fd
[ 1013.431438][T14593] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1015.952237][T14611] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2385'.
[ 1017.529815][T14622] 9pnet_fd: Insufficient options for proto=fd
[ 1017.876456][ T5935] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[ 1018.125823][ T5935] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1018.368059][ T5935] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1018.403156][ T5935] usb 2-1: New USB device found, idVendor=046d, idProduct=c532, bcdDevice= 0.00
[ 1018.494133][ T5935] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1018.617332][ T5935] usb 2-1: config 0 descriptor??
[ 1018.635416][    T9] usb 3-1: new full-speed USB device number 48 using dummy_hcd
[ 1018.775940][    T9] usb 3-1: device descriptor read/64, error -71
[ 1019.015389][    T9] usb 3-1: new full-speed USB device number 49 using dummy_hcd
[ 1019.030382][ T5935] usbhid 2-1:0.0: can't add hid device: -71
[ 1019.037812][ T5935] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1019.106642][ T5935] usb 2-1: USB disconnect, device number 54
[ 1019.177352][    T9] usb 3-1: device descriptor read/64, error -71
[ 1019.214892][   T11] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1019.357531][    T9] usb usb3-port1: attempt power cycle
[ 1020.015754][    T9] usb 3-1: new full-speed USB device number 50 using dummy_hcd
[ 1020.046544][    T9] usb 3-1: device descriptor read/8, error -71
[ 1020.211004][T14648] openvswitch: netlink: nsh attribute has 65532 unknown bytes.
[ 1020.218961][T14648] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1020.305290][    T9] usb 3-1: new full-speed USB device number 51 using dummy_hcd
[ 1020.350206][    T9] usb 3-1: device descriptor read/8, error -71
[ 1020.476074][    T9] usb usb3-port1: unable to enumerate USB device
[ 1021.215351][ T7095] Bluetooth: hci4: command 0x1003 tx timeout
[ 1021.223257][ T5840] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1023.038231][T14674] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1023.387997][   T98] block nbd0: Possible stuck request ffff888025ed5080: control (read@0,4096B). Runtime 750 seconds
[ 1024.047109][ T5840] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1024.058556][ T5840] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1024.068208][ T5840] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1024.077429][ T5840] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1024.131579][ T5840] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1024.148234][ T5840] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1024.167158][T14689] netdevsim netdevsim1: loading /lib/firmware/. failed with error -22
[ 1024.180122][T14689] netdevsim netdevsim1: Direct firmware load for . failed with error -22
[ 1024.190301][T14689] netdevsim netdevsim1: Falling back to sysfs fallback for: .
[ 1024.982708][T14692] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[ 1025.445420][T14696] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2413'.
[ 1025.565610][T14696] nbd: must specify at least one socket
[ 1026.337405][T13795] Bluetooth: hci4: command tx timeout
[ 1027.056519][T14708] netlink: 356 bytes leftover after parsing attributes in process `syz.2.2415'.
[ 1027.118747][T14687] chnl_net:caif_netlink_parms(): no params data found
[ 1027.921208][T14687] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1027.951997][T14687] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1027.963551][T14687] bridge_slave_0: entered allmulticast mode
[ 1027.980919][T14687] bridge_slave_0: entered promiscuous mode
[ 1028.002928][T14687] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1028.014727][T14687] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1028.032682][T14687] bridge_slave_1: entered allmulticast mode
[ 1028.042985][T14687] bridge_slave_1: entered promiscuous mode
[ 1028.128174][T14687] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1028.142497][T14687] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1028.299092][T14687] team0: Port device team_slave_0 added
[ 1028.317435][T14687] team0: Port device team_slave_1 added
[ 1028.416681][T13795] Bluetooth: hci4: command tx timeout
[ 1028.519912][T14687] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1028.535430][T14687] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1028.620471][T14687] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1029.109398][T14687] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1029.594715][T14687] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1030.120804][T14687] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1030.155021][T14737] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[ 1030.190380][T14737] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[ 1030.248144][T14737] netdevsim netdevsim5: Falling back to sysfs fallback for: .
[ 1030.299734][T14687] hsr_slave_0: entered promiscuous mode
[ 1030.499596][T13795] Bluetooth: hci4: command tx timeout
[ 1030.551042][T14687] hsr_slave_1: entered promiscuous mode
[ 1030.572087][T14687] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1030.849733][T14687] Cannot create hsr debugfs directory
[ 1031.736796][T14752] Bluetooth: hci1: Opcode 0x080f failed: -4
[ 1032.368684][T14687] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1032.396148][T14687] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1032.546227][T14687] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1032.578588][T13795] Bluetooth: hci4: command tx timeout
[ 1032.602592][T14687] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1032.983451][T14687] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1033.060436][T14687] 8021q: adding VLAN 0 to HW filter on device team0
[ 1033.145219][T13795] Bluetooth: hci1: command 0x080f tx timeout
[ 1033.730778][ T2986] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1033.738047][ T2986] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1033.796562][ T2986] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1033.803753][ T2986] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1035.024446][T14687] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1036.205362][T14799] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2436'.
[ 1038.428004][T14687] veth0_vlan: entered promiscuous mode
[ 1038.468864][T14687] veth1_vlan: entered promiscuous mode
[ 1039.009195][T14824] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2442'.
[ 1039.110915][T14823] GUP no longer grows the stack in syz.2.2441 (14823): 400000004000-40000000a000 (400000002000)
[ 1039.122134][T14823] CPU: 0 UID: 0 PID: 14823 Comm: syz.2.2441 Not tainted 6.14.0-rc3-syzkaller-00137-g27eddbf34490 #0
[ 1039.122160][T14823] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1039.122172][T14823] Call Trace:
[ 1039.122181][T14823]  <TASK>
[ 1039.122190][T14823]  dump_stack_lvl+0x241/0x360
[ 1039.122219][T14823]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1039.122239][T14823]  ? __pfx__printk+0x10/0x10
[ 1039.122262][T14823]  ? find_vma+0xf9/0x170
[ 1039.122296][T14823]  __get_user_pages+0x3b07/0x4140
[ 1039.122322][T14823]  ? __schedule+0x18c4/0x4c40
[ 1039.122372][T14823]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1039.122397][T14823]  ? __pfx___get_user_pages+0x10/0x10
[ 1039.122425][T14823]  ? mark_lock+0x9a/0x360
[ 1039.122462][T14823]  get_user_pages_remote+0x31e/0xb60
[ 1039.122480][T14823]  ? irqentry_exit+0x63/0x90
[ 1039.122504][T14823]  ? __pfx_get_user_pages_remote+0x10/0x10
[ 1039.122528][T14823]  __access_remote_vm+0x22d/0x800
[ 1039.122551][T14823]  ? __pfx___access_remote_vm+0x10/0x10
[ 1039.122568][T14823]  ? set_page_refcounted+0xa1/0x1e0
[ 1039.122589][T14823]  ? alloc_pages_noprof+0x136/0x190
[ 1039.122611][T14823]  proc_pid_cmdline_read+0x4b6/0x8c0
[ 1039.122637][T14823]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[ 1039.122656][T14823]  ? rw_verify_area+0x1ed/0x630
[ 1039.122677][T14823]  vfs_readv+0x6bc/0xa80
[ 1039.122697][T14823]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[ 1039.122715][T14823]  ? __pfx_vfs_readv+0x10/0x10
[ 1039.122740][T14823]  ? __rcu_read_unlock+0xa1/0x110
[ 1039.122756][T14823]  ? __fget_files+0x2a/0x410
[ 1039.122771][T14823]  ? __fget_files+0x395/0x410
[ 1039.122783][T14823]  ? __fget_files+0x2a/0x410
[ 1039.122810][T14823]  __x64_sys_preadv+0x1b7/0x2d0
[ 1039.122831][T14823]  ? __pfx___x64_sys_preadv+0x10/0x10
[ 1039.122858][T14823]  do_syscall_64+0xf3/0x230
[ 1039.122876][T14823]  ? clear_bhb_loop+0x35/0x90
[ 1039.122897][T14823]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1039.122914][T14823] RIP: 0033:0x7f346958d0a9
[ 1039.122927][T14823] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1039.122939][T14823] RSP: 002b:00007f346a339038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[ 1039.122955][T14823] RAX: ffffffffffffffda RBX: 00007f34697a6240 RCX: 00007f346958d0a9
[ 1039.122965][T14823] RDX: 0000000000000001 RSI: 0000400000000040 RDI: 0000000000000006
[ 1039.122973][T14823] RBP: 00007f346960e2a0 R08: 0000000000000000 R09: 0000000000000000
[ 1039.122982][T14823] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[ 1039.122990][T14823] R13: 0000000000000000 R14: 00007f34697a6240 R15: 00007ffce68b8678
[ 1039.123011][T14823]  </TASK>
[ 1040.027555][T14687] veth0_macvtap: entered promiscuous mode
[ 1040.071131][T14687] veth1_macvtap: entered promiscuous mode
[ 1040.185393][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1040.244538][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1040.255501][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1040.266395][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1040.276403][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1040.287076][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1040.297712][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1040.798631][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1040.824564][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1040.858723][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1041.005893][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1041.050491][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1041.081725][T14687] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1041.321423][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1041.333819][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1041.345855][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1041.356977][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1041.367154][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1041.377951][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1041.392128][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1041.404081][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1041.414481][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1041.426041][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1041.436270][T14687] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1041.465193][T14687] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1041.486536][T14687] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1041.509962][ T5840] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1041.523244][ T5840] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1041.536586][ T5840] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1041.546911][ T5840] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1041.557913][ T5840] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1041.565721][ T5840] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1041.576288][T14687] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1041.596920][T14687] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1041.615395][T14687] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1041.633705][T14687] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1041.955446][ T2986] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1041.976341][ T2986] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1042.047624][ T2986] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1042.097938][ T2986] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1043.617001][T13795] Bluetooth: hci1: command tx timeout
[ 1043.976581][T14842] chnl_net:caif_netlink_parms(): no params data found
[ 1044.071538][T14861] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1044.480423][T14842] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1044.506482][T14842] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1045.169330][T14869] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2451'.
[ 1045.260571][T14842] bridge_slave_0: entered allmulticast mode
[ 1045.268316][T14842] bridge_slave_0: entered promiscuous mode
[ 1045.278100][T14842] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1045.285955][T14842] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1045.293226][T14842] bridge_slave_1: entered allmulticast mode
[ 1045.300566][T14842] bridge_slave_1: entered promiscuous mode
[ 1045.726201][T13795] Bluetooth: hci1: command tx timeout
[ 1046.191862][T14882] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2453'.
[ 1046.592189][T14842] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1046.645938][T14842] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1046.757489][T14886] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2455'.
[ 1047.383880][T14842] team0: Port device team_slave_0 added
[ 1047.413780][T14842] team0: Port device team_slave_1 added
[ 1047.694300][T14842] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1047.728649][T14842] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1047.818792][T13795] Bluetooth: hci1: command tx timeout
[ 1048.017175][T14899] netlink: 76 bytes leftover after parsing attributes in process `syz.5.2458'.
[ 1048.040725][T14899] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[ 1048.048278][T14842] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1048.483201][T14842] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1048.519597][T14842] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1049.022563][T14842] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1049.418785][T14906] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[ 1049.633400][T14911] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1049.855358][T13795] Bluetooth: hci1: command tx timeout
[ 1050.257749][T14842] hsr_slave_0: entered promiscuous mode
[ 1050.264181][T14842] hsr_slave_1: entered promiscuous mode
[ 1050.756131][T14842] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1050.764208][T14842] Cannot create hsr debugfs directory
[ 1050.879550][T14915] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2463'.
[ 1051.650431][T14923] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2465'.
[ 1052.180620][T14927] input: syz0 as /devices/virtual/input/input33
[ 1052.289772][T14842] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1052.336183][T14842] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1052.393291][T14842] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1052.848649][T14842] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1053.485352][T14941] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[ 1053.756606][   T98] block nbd0: Possible stuck request ffff888025ed5080: control (read@0,4096B). Runtime 780 seconds
[ 1054.009408][T14842] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1055.205560][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1056.119621][T14842] 8021q: adding VLAN 0 to HW filter on device team0
[ 1056.298594][ T2986] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1056.305901][ T2986] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1056.363703][ T2986] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1056.370863][ T2986] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1056.399449][T14960] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1056.910641][T14842] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1056.931665][T14842] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1058.204122][T14842] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1058.388733][T14987] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[ 1059.235420][T13795] Bluetooth: hci2: command 0x0406 tx timeout
[ 1059.619789][T14842] veth0_vlan: entered promiscuous mode
[ 1059.662220][T14842] veth1_vlan: entered promiscuous mode
[ 1060.527548][T14842] veth0_macvtap: entered promiscuous mode
[ 1060.716369][T14842] veth1_macvtap: entered promiscuous mode
[ 1060.860205][T14842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1060.885833][T14842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1060.905059][T14842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1061.952969][T14842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1061.963374][T14842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1061.984857][T14842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1062.147179][T14842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1062.179167][T14842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1062.208855][T14842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1062.256048][T14842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1062.292863][T14842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1062.325888][T14842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1062.385022][T14842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1062.433657][T14842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1062.461288][T14842] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1062.543352][T14842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1062.575333][T14842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1062.606402][T14842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1062.645282][T14842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1062.646791][T15020] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1062.695175][T14842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1062.809807][T14842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1062.869266][T14842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1062.961197][T14842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1063.003327][T14842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1063.028454][T14842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1063.060596][T14842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1063.092904][T14842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1063.136690][T14842] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1063.159647][T14842] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1063.247245][T15023] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1063.378834][T14842] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1063.704663][T14842] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.714497][T14842] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.785389][T14842] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1063.796186][T14842] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1064.172174][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1064.200973][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1065.200599][T12977] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1065.210786][T12977] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1065.349898][T15033] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[ 1066.203829][T15040] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[ 1066.213040][T15040] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[ 1066.222733][T15040] netdevsim netdevsim5: Falling back to sysfs fallback for: .
[ 1068.337659][T15056] Bluetooth: hci1: Opcode 0x080f failed: -4
[ 1068.636061][T15062] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1068.924674][T15067] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2499'.
[ 1069.775463][ T5840] Bluetooth: hci1: command 0x080f tx timeout
[ 1072.013658][T15090] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[ 1073.477648][T15105] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1075.074696][T15115] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2511'.
[ 1075.165876][T15114] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci1/hci1:200/input34
[ 1075.763512][T15111] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2510'.
[ 1075.895344][T15111] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2510'.
[ 1076.395259][    T8] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[ 1077.005191][    T8] usb 9-1: device descriptor read/64, error -71
[ 1077.269462][T15131] QAT: Invalid ioctl 1075883590
[ 1077.275376][T15131] QAT: Invalid ioctl 1075883590
[ 1077.280856][T15131] QAT: Invalid ioctl 1075883590
[ 1077.286344][T15131] QAT: Invalid ioctl 1075883590
[ 1077.291823][T15131] QAT: Invalid ioctl 1075883590
[ 1077.297688][T15131] QAT: Invalid ioctl 1075883590
[ 1077.303120][T15131] QAT: Invalid ioctl 1075883590
[ 1077.309097][T15131] QAT: Invalid ioctl 1075883590
[ 1077.314596][T15131] QAT: Invalid ioctl 1075883590
[ 1077.321532][    T8] usb 9-1: new full-speed USB device number 3 using dummy_hcd
[ 1077.332753][T15131] QAT: Invalid ioctl 1075883590
[ 1077.742508][T15130] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1078.115202][    T8] usb 9-1: device descriptor read/64, error -71
[ 1078.286236][    T8] usb usb9-port1: attempt power cycle
[ 1078.695370][    T8] usb 9-1: new full-speed USB device number 4 using dummy_hcd
[ 1079.075823][    T8] usb 9-1: device not accepting address 4, error -71
[ 1079.592381][ T7970] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[ 1079.764041][ T7970] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1079.803845][ T7970] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1079.869976][ T7970] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1079.899637][ T7970] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1079.939573][T15146] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1080.001538][ T7970] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 1080.463724][T15156] Bluetooth: hci1: Opcode 0x080f failed: -4
[ 1080.593346][ T5915] usb 6-1: USB disconnect, device number 16
[ 1081.565975][T15166] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1082.015264][ T5840] Bluetooth: hci1: command 0x080f tx timeout
[ 1084.223868][   T98] block nbd0: Possible stuck request ffff888025ed5080: control (read@0,4096B). Runtime 810 seconds
[ 1084.268669][T15186] netlink: 76 bytes leftover after parsing attributes in process `syz.8.2530'.
[ 1084.325600][T15183] netlink: 11 bytes leftover after parsing attributes in process `syz.7.2529'.
[ 1084.503512][T15185] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[ 1084.590113][T15193] netlink: 156 bytes leftover after parsing attributes in process `syz.5.2531'.
[ 1090.075331][T15228] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1091.787752][  T976] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[ 1092.263896][T15243] netlink: 156 bytes leftover after parsing attributes in process `syz.8.2544'.
[ 1093.205461][T15246] netlink: 'syz.1.2545': attribute type 3 has an invalid length.
[ 1093.213363][T15246] netlink: 'syz.1.2545': attribute type 1 has an invalid length.
[ 1093.221264][T15246] netlink: 199820 bytes leftover after parsing attributes in process `syz.1.2545'.
[ 1093.695417][  T976] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1093.711560][  T976] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1093.773055][  T976] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1093.845703][  T976] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1093.900352][  T976] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1093.912838][T15250] netlink: 48 bytes leftover after parsing attributes in process `syz.8.2547'.
[ 1094.006401][  T976] usb 8-1: config 0 descriptor??
[ 1094.017129][T15250] netlink: 'syz.8.2547': attribute type 29 has an invalid length.
[ 1094.085861][  T976] usb 8-1: can't set config #0, error -71
[ 1094.093194][T15251] netlink: 'syz.8.2547': attribute type 29 has an invalid length.
[ 1094.131309][  T976] usb 8-1: USB disconnect, device number 2
[ 1097.451502][ T1141] Bluetooth: hci6: Frame reassembly failed (-84)
[ 1097.617612][T15280] Bluetooth: hci6: Frame reassembly failed (-84)
[ 1098.045603][T15289] netlink: 16 bytes leftover after parsing attributes in process `syz.8.2557'.
[ 1098.784959][T15295] netlink: 'syz.7.2560': attribute type 10 has an invalid length.
[ 1098.837657][T15298] netlink: 14 bytes leftover after parsing attributes in process `syz.7.2560'.
[ 1098.925055][T15295] team0: Port device netdevsim0 added
[ 1099.788210][T13795] Bluetooth: hci6: command 0x1003 tx timeout
[ 1099.792994][ T5840] Bluetooth: hci6: Opcode 0x1003 failed: -110
[ 1102.692681][T15322] netdevsim netdevsim8: loading /lib/firmware/. failed with error -22
[ 1102.710750][T15322] netdevsim netdevsim8: Direct firmware load for . failed with error -22
[ 1102.720006][T15322] netdevsim netdevsim8: Falling back to sysfs fallback for: .
[ 1103.616407][T15335] IPVS: set_ctl: invalid protocol: 47 255.255.255.255:20001
[ 1104.205287][ T7970] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[ 1104.378817][ T7970] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[ 1104.499109][ T7970] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[ 1104.881935][ T7970] usb 3-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[ 1104.921621][ T7970] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1104.952181][ T7970] usb 3-1: Product: syz
[ 1104.962355][ T7970] usb 3-1: Manufacturer: syz
[ 1104.978156][ T7970] usb 3-1: SerialNumber: syz
[ 1105.007134][ T7970] usb 3-1: config 0 descriptor??
[ 1105.012839][T15339] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1105.020333][T15339] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1105.598909][ T7970] dm9601 3-1:0.0: probe with driver dm9601 failed with error -71
[ 1106.551449][ T7970] usb 3-1: USB disconnect, device number 52
[ 1108.588279][T15373] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1108.965484][ T5915] usb 8-1: new full-speed USB device number 3 using dummy_hcd
[ 1109.105294][ T5915] usb 8-1: device descriptor read/64, error -71
[ 1109.355450][ T5915] usb 8-1: new full-speed USB device number 4 using dummy_hcd
[ 1109.460254][T15393] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2586'.
[ 1109.505497][ T5915] usb 8-1: device descriptor read/64, error -71
[ 1109.564091][T15393] netlink: 'syz.5.2586': attribute type 29 has an invalid length.
[ 1109.617999][ T5915] usb usb8-port1: attempt power cycle
[ 1109.643828][T15393] netlink: 'syz.5.2586': attribute type 29 has an invalid length.
[ 1109.998993][ T5915] usb 8-1: new full-speed USB device number 5 using dummy_hcd
[ 1110.026991][T15398] sp0: Synchronizing with TNC
[ 1110.503595][ T5915] usb 8-1: device descriptor read/8, error -71
[ 1110.772826][ T5915] usb 8-1: new full-speed USB device number 6 using dummy_hcd
[ 1111.002814][ T5915] usb 8-1: device descriptor read/8, error -71
[ 1111.125383][ T5915] usb usb8-port1: unable to enumerate USB device
[ 1111.210135][T15409] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2588'.
[ 1111.555301][T15406] Bluetooth: hci1: Opcode 0x080f failed: -4
[ 1113.185192][ T5840] Bluetooth: hci1: command 0x080f tx timeout
[ 1113.617866][T15428] netlink: 156 bytes leftover after parsing attributes in process `syz.5.2593'.
[ 1114.286151][   T98] block nbd0: Possible stuck request ffff888025ed5080: control (read@0,4096B). Runtime 840 seconds
[ 1116.200346][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1117.466019][ T7970] usb 6-1: new full-speed USB device number 17 using dummy_hcd
[ 1117.743711][ T7970] usb 6-1: device descriptor read/64, error -71
[ 1117.871723][T15467] netlink: 48 bytes leftover after parsing attributes in process `syz.8.2605'.
[ 1117.914569][T15467] netlink: 'syz.8.2605': attribute type 29 has an invalid length.
[ 1117.954388][T15469] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2606'.
[ 1117.996757][T15470] netlink: 'syz.8.2605': attribute type 29 has an invalid length.
[ 1118.715231][ T7970] usb 6-1: new full-speed USB device number 18 using dummy_hcd
[ 1118.901738][T15477] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[ 1118.925646][ T7970] usb 6-1: device descriptor read/64, error -71
[ 1119.056526][ T7970] usb usb6-port1: attempt power cycle
[ 1120.367170][T15487] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2610'.
[ 1122.193686][T15500] FAULT_INJECTION: forcing a failure.
[ 1122.193686][T15500] name failslab, interval 1, probability 0, space 0, times 0
[ 1122.206410][T15500] CPU: 0 UID: 0 PID: 15500 Comm: syz.1.2615 Not tainted 6.14.0-rc3-syzkaller-00137-g27eddbf34490 #0
[ 1122.206425][T15500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1122.206432][T15500] Call Trace:
[ 1122.206436][T15500]  <TASK>
[ 1122.206440][T15500]  dump_stack_lvl+0x241/0x360
[ 1122.206459][T15500]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1122.206469][T15500]  ? __pfx__printk+0x10/0x10
[ 1122.206491][T15500]  should_fail_ex+0x40a/0x550
[ 1122.206508][T15500]  should_failslab+0xac/0x100
[ 1122.206523][T15500]  ? skb_clone+0x20c/0x390
[ 1122.206537][T15500]  kmem_cache_alloc_noprof+0x70/0x380
[ 1122.206567][T15500]  skb_clone+0x20c/0x390
[ 1122.206586][T15500]  __netlink_deliver_tap+0x3c4/0x7f0
[ 1122.206612][T15500]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1122.206628][T15500]  netlink_deliver_tap+0x19d/0x1b0
[ 1122.206646][T15500]  netlink_unicast+0x7c4/0x990
[ 1122.206668][T15500]  ? __pfx_netlink_unicast+0x10/0x10
[ 1122.206680][T15500]  ? __virt_addr_valid+0x45f/0x530
[ 1122.206696][T15500]  ? __phys_addr_symbol+0x2f/0x70
[ 1122.206709][T15500]  ? __check_object_size+0x47a/0x730
[ 1122.206727][T15500]  netlink_sendmsg+0x8de/0xcb0
[ 1122.206744][T15500]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1122.206760][T15500]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1122.206769][T15500]  __sock_sendmsg+0x221/0x270
[ 1122.206783][T15500]  ____sys_sendmsg+0x53a/0x860
[ 1122.206802][T15500]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1122.206815][T15500]  ? __fget_files+0x2a/0x410
[ 1122.206827][T15500]  ? __fget_files+0x2a/0x410
[ 1122.206842][T15500]  __sys_sendmsg+0x269/0x350
[ 1122.206858][T15500]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1122.206879][T15500]  ? do_sys_openat2+0x17a/0x1d0
[ 1122.206904][T15500]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1122.206919][T15500]  ? do_syscall_64+0x100/0x230
[ 1122.206933][T15500]  ? do_syscall_64+0xb6/0x230
[ 1122.206947][T15500]  do_syscall_64+0xf3/0x230
[ 1122.206959][T15500]  ? clear_bhb_loop+0x35/0x90
[ 1122.206974][T15500]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1122.206994][T15500] RIP: 0033:0x7f919fb8d0a9
[ 1122.207004][T15500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1122.207013][T15500] RSP: 002b:00007f91a0a5d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1122.207025][T15500] RAX: ffffffffffffffda RBX: 00007f919fda5fa0 RCX: 00007f919fb8d0a9
[ 1122.207032][T15500] RDX: 0000000000000000 RSI: 0000400000000000 RDI: 0000000000000004
[ 1122.207039][T15500] RBP: 00007f91a0a5d090 R08: 0000000000000000 R09: 0000000000000000
[ 1122.207045][T15500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1122.207051][T15500] R13: 0000000000000000 R14: 00007f919fda5fa0 R15: 00007ffdd47350d8
[ 1122.207067][T15500]  </TASK>
[ 1124.898343][T15521] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[ 1125.812012][T13795] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1126.776145][T13795] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1126.785401][T13795] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1126.796137][T13795] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1126.804024][T13795] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[ 1126.812063][T13795] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1127.105522][  T976] usb 6-1: new full-speed USB device number 20 using dummy_hcd
[ 1127.406068][  T976] usb 6-1: device descriptor read/64, error -71
[ 1127.785198][  T976] usb 6-1: new full-speed USB device number 21 using dummy_hcd
[ 1128.015277][  T976] usb 6-1: device descriptor read/64, error -71
[ 1128.354222][T15551] netlink: 11 bytes leftover after parsing attributes in process `syz.7.2628'.
[ 1128.411664][T15529] chnl_net:caif_netlink_parms(): no params data found
[ 1128.475538][  T976] usb usb6-port1: attempt power cycle
[ 1128.700937][T15529] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1129.053517][T15561] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2631'.
[ 1129.108516][T13795] Bluetooth: hci6: command tx timeout
[ 1129.207735][T15529] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1129.214984][T15529] bridge_slave_0: entered allmulticast mode
[ 1129.296518][T15529] bridge_slave_0: entered promiscuous mode
[ 1129.315476][T15567] netlink: 156 bytes leftover after parsing attributes in process `syz.5.2632'.
[ 1129.469492][T15529] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1129.599130][T15529] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1130.125596][T15529] bridge_slave_1: entered allmulticast mode
[ 1130.135510][T15529] bridge_slave_1: entered promiscuous mode
[ 1130.246992][T15529] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1130.344278][T15575] [U] W!TÁÍ—Ž}Ý©ÏS…L^Ï=ÍÝ
[ 1130.607144][T15529] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1130.979087][T15573] [U] '
[ 1131.063631][T15529] team0: Port device team_slave_0 added
[ 1131.195361][ T5840] Bluetooth: hci6: command tx timeout
[ 1131.452612][T15529] team0: Port device team_slave_1 added
[ 1131.639232][T15529] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1131.665374][T15529] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1131.716130][T15529] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1131.729520][T15529] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1131.736969][T15529] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1131.763539][T15529] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1132.275390][T15529] hsr_slave_0: entered promiscuous mode
[ 1132.305947][  T976] usb 6-1: new full-speed USB device number 23 using dummy_hcd
[ 1132.311785][T15529] hsr_slave_1: entered promiscuous mode
[ 1132.347371][T15529] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1132.354977][T15529] Cannot create hsr debugfs directory
[ 1132.455447][  T976] usb 6-1: device descriptor read/64, error -71
[ 1132.695553][  T976] usb 6-1: new full-speed USB device number 24 using dummy_hcd
[ 1132.750506][T15529] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1132.776098][T15529] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1132.817644][T15529] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1132.848108][T15529] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1132.865413][  T976] usb 6-1: device descriptor read/64, error -71
[ 1132.975789][  T976] usb usb6-port1: attempt power cycle
[ 1133.020863][T15529] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1133.070579][T15598] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2644'.
[ 1133.162221][T15529] 8021q: adding VLAN 0 to HW filter on device team0
[ 1133.190256][ T2986] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1133.197468][ T2986] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1133.226430][ T5840] Bluetooth: hci6: command tx timeout
[ 1133.233932][ T2986] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1133.241119][ T2986] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1133.335379][  T976] usb 6-1: new full-speed USB device number 25 using dummy_hcd
[ 1133.372424][T15598] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2644'.
[ 1133.393595][  T976] usb 6-1: device descriptor read/8, error -71
[ 1133.629835][T15608] netlink: 156 bytes leftover after parsing attributes in process `syz.8.2645'.
[ 1133.635472][T15529] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1133.648695][    T8] IPVS: starting estimator thread 0...
[ 1133.655509][  T976] usb 6-1: new full-speed USB device number 26 using dummy_hcd
[ 1133.693424][  T976] usb 6-1: device descriptor read/8, error -71
[ 1133.755286][T15609] IPVS: using max 22 ests per chain, 52800 per kthread
[ 1133.815560][  T976] usb usb6-port1: unable to enumerate USB device
[ 1135.232767][T15529] veth0_vlan: entered promiscuous mode
[ 1135.305971][ T5840] Bluetooth: hci6: command tx timeout
[ 1135.333416][T15529] veth1_vlan: entered promiscuous mode
[ 1135.434987][T15529] veth0_macvtap: entered promiscuous mode
[ 1135.486930][T15529] veth1_macvtap: entered promiscuous mode
[ 1135.527227][T15529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1136.208315][T15529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1136.219970][T15529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1136.230707][T15529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1136.240852][T15529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1136.251436][T15529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1136.271492][T15529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1136.285404][T15529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1136.301785][T15529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1136.321344][T15633] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2651'.
[ 1136.346931][T15529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1136.359931][T15529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1136.615205][T15529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1136.633103][T15529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1137.329662][T15529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1137.367023][T15529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1137.388914][T15529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1137.486242][T15529] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1137.510284][T15529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1137.541410][T15529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1137.575607][T15529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1137.587388][T15529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1137.601180][T15529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1137.732968][T15529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1137.743562][T15529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1137.755242][T15529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1137.765961][T15529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1137.779320][T15529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1137.790940][T15529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1137.825396][T15529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1138.563521][T15529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1138.578295][T15529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1138.588751][T15529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1138.600628][T15529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1138.619496][T15529] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1138.716397][T15529] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1138.754365][T15529] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1138.764649][T15529] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1138.774713][T15529] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1138.916478][T15658] netlink: 156 bytes leftover after parsing attributes in process `syz.8.2657'.
[ 1138.952829][ T1088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1138.971037][ T1088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1139.030900][   T29] kauditd_printk_skb: 19 callbacks suppressed
[ 1139.030917][   T29] audit: type=1326 audit(1740149511.824:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15659 comm="syz.1.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f919fb8d0a9 code=0x7ffc0000
[ 1139.116741][   T29] audit: type=1326 audit(1740149511.824:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15659 comm="syz.1.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f919fb8d0a9 code=0x7ffc0000
[ 1139.141947][T15662] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci6/hci6:200/input35
[ 1139.168280][T15494] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1139.187878][T15494] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1139.196252][   T29] audit: type=1326 audit(1740149511.844:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15659 comm="syz.1.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=327 compat=0 ip=0x7f919fb8d0a9 code=0x7ffc0000
[ 1139.365928][T15671] [U] W!TÁÍ—Ž}Ý©ÏS…L^Ï=ÍÝ
[ 1139.481709][   T29] audit: type=1326 audit(1740149511.844:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15659 comm="syz.1.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f919fb8d0a9 code=0x7ffc0000
[ 1139.954744][T15669] [U] '
[ 1140.114382][   T29] audit: type=1326 audit(1740149511.844:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15659 comm="syz.1.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f919fb8d0a9 code=0x7ffc0000
[ 1140.154267][   T29] audit: type=1326 audit(1740149511.844:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15659 comm="syz.1.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f919fb8d0a9 code=0x7ffc0000
[ 1140.184451][   T29] audit: type=1326 audit(1740149511.844:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15659 comm="syz.1.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f919fb8d0a9 code=0x7ffc0000
[ 1140.797609][   T29] audit: type=1326 audit(1740149511.844:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15659 comm="syz.1.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f919fb8d0a9 code=0x7ffc0000
[ 1140.820519][   T29] audit: type=1326 audit(1740149511.994:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15659 comm="syz.1.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f919fb8d0a9 code=0x7ffc0000
[ 1140.842442][   T29] audit: type=1326 audit(1740149511.994:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15659 comm="syz.1.2659" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f919fb8d0a9 code=0x7ffc0000
[ 1141.012167][T15678] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2663'.
[ 1141.075990][T15678] program syz.1.2663 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1141.181655][T15682] netlink: 76 bytes leftover after parsing attributes in process `syz.5.2665'.
[ 1141.311816][T15682] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[ 1143.451352][T15697] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2668'.
[ 1143.990286][T15706] netlink: 'syz.7.2671': attribute type 9 has an invalid length.
[ 1144.034531][T15706] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2671'.
[ 1144.225540][T15714] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1144.366442][   T98] block nbd0: Possible stuck request ffff888025ed5080: control (read@0,4096B). Runtime 870 seconds
[ 1146.307536][T15738] Smack: duplicate mount options
[ 1146.331964][T15739] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1146.506811][T15741] netlink: 11 bytes leftover after parsing attributes in process `syz.8.2681'.
[ 1146.605301][    T8] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[ 1146.702743][T15745] netlink: 76 bytes leftover after parsing attributes in process `syz.8.2683'.
[ 1146.713367][T15745] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[ 1146.758306][    T8] usb 10-1: config index 0 descriptor too short (expected 45, got 36)
[ 1146.773857][    T8] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1146.982456][    T8] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1147.019914][T15748] netdevsim netdevsim7: loading /lib/firmware/. failed with error -22
[ 1147.029677][T15748] netdevsim netdevsim7: Direct firmware load for . failed with error -22
[ 1147.039338][T15748] netdevsim netdevsim7: Falling back to sysfs fallback for: .
[ 1147.455183][    T8] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1147.505568][    T8] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1147.552962][    T8] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1147.587286][    T8] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1148.116794][    T8] usb 10-1: config 0 descriptor??
[ 1148.132268][    T8] usb 10-1: can't set config #0, error -71
[ 1148.156396][    T8] usb 10-1: USB disconnect, device number 2
[ 1149.125481][T13795] Bluetooth: hci4: command 0x0406 tx timeout
[ 1149.351545][T15762] nbd: must specify at least one socket
[ 1151.077080][T15784] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1151.256743][T15783] netlink: 76 bytes leftover after parsing attributes in process `syz.7.2695'.
[ 1151.451921][T15783] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[ 1151.913610][T15789] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[ 1151.950845][T15794] FAULT_INJECTION: forcing a failure.
[ 1151.950845][T15794] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1151.985333][T15794] CPU: 1 UID: 0 PID: 15794 Comm: syz.7.2700 Not tainted 6.14.0-rc3-syzkaller-00137-g27eddbf34490 #0
[ 1151.985361][T15794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1151.985372][T15794] Call Trace:
[ 1151.985378][T15794]  <TASK>
[ 1151.985386][T15794]  dump_stack_lvl+0x241/0x360
[ 1151.985413][T15794]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1151.985430][T15794]  ? __pfx__printk+0x10/0x10
[ 1151.985466][T15794]  should_fail_ex+0x40a/0x550
[ 1151.985494][T15794]  strncpy_from_user+0x36/0x270
[ 1151.985520][T15794]  getname_flags+0xf1/0x540
[ 1151.985543][T15794]  path_listxattrat+0xe8/0x410
[ 1151.985569][T15794]  ? __pfx_path_listxattrat+0x10/0x10
[ 1151.985591][T15794]  ? do_syscall_64+0x100/0x230
[ 1151.985615][T15794]  ? do_syscall_64+0xb6/0x230
[ 1151.985638][T15794]  do_syscall_64+0xf3/0x230
[ 1151.985659][T15794]  ? clear_bhb_loop+0x35/0x90
[ 1151.985683][T15794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1151.985705][T15794] RIP: 0033:0x7f5d8938d0a9
[ 1151.985721][T15794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1151.985736][T15794] RSP: 002b:00007f5d8a241038 EFLAGS: 00000246 ORIG_RAX: 00000000000000c2
[ 1151.985755][T15794] RAX: ffffffffffffffda RBX: 00007f5d895a5fa0 RCX: 00007f5d8938d0a9
[ 1151.985769][T15794] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000400000001e80
[ 1151.985780][T15794] RBP: 00007f5d8a241090 R08: 0000000000000000 R09: 0000000000000000
[ 1151.985791][T15794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1151.985802][T15794] R13: 0000000000000000 R14: 00007f5d895a5fa0 R15: 00007ffdb7eed588
[ 1151.985829][T15794]  </TASK>
[ 1153.020684][T15803] netlink: 'syz.8.2701': attribute type 6 has an invalid length.
[ 1153.252725][T15808] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2701'.
[ 1154.928987][T15821] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2706'.
[ 1158.295916][T15865] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2719'.
[ 1159.202599][T15872] xt_TCPMSS: Only works on TCP SYN packets
[ 1159.247452][T15873] netdevsim netdevsim8: loading /lib/firmware/. failed with error -22
[ 1159.256104][T15873] netdevsim netdevsim8: Direct firmware load for . failed with error -22
[ 1159.264613][T15873] netdevsim netdevsim8: Falling back to sysfs fallback for: .
[ 1162.328080][T15886] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2726'.
[ 1164.463681][T15905] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2732'.
[ 1164.653846][T15909] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2733'.
[ 1164.703900][T15909] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2733'.
[ 1164.917343][T15915] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[ 1164.926851][T15915] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[ 1164.935875][T15915] netdevsim netdevsim5: Falling back to sysfs fallback for: .
[ 1169.002998][T15947] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2744'.
[ 1169.144180][ T5840] Bluetooth: hci4: unexpected event for opcode 0x0c26
[ 1169.404022][T15956] netdevsim netdevsim9: loading /lib/firmware/. failed with error -22
[ 1169.413581][T15956] netdevsim netdevsim9: Direct firmware load for . failed with error -22
[ 1169.422446][T15956] netdevsim netdevsim9: Falling back to sysfs fallback for: .
[ 1169.554173][T15961] xt_time: invalid argument - start or stop time greater than 23:59:59
[ 1171.889067][   T30] INFO: task syz.0.2403:14672 blocked for more than 143 seconds.
[ 1171.920859][   T30]       Not tainted 6.14.0-rc3-syzkaller-00137-g27eddbf34490 #0
[ 1172.017074][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1172.045267][   T30] task:syz.0.2403      state:D stack:25664 pid:14672 tgid:14668 ppid:5835   task_flags:0x400040 flags:0x00004004
[ 1172.067540][   T30] Call Trace:
[ 1172.074175][   T30]  <TASK>
[ 1172.089705][   T30]  __schedule+0x18bc/0x4c40
[ 1172.094685][   T30]  ? __pfx___schedule+0x10/0x10
[ 1172.103443][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1172.112084][   T30]  ? _raw_spin_unlock_irqrestore+0x8f/0x140
[ 1172.120871][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1172.135282][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1172.140166][T15982] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2755'.
[ 1172.150733][   T30]  ? schedule+0x90/0x320
[ 1172.150766][   T30]  schedule+0x14b/0x320
[ 1172.150788][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1172.150810][   T30]  __mutex_lock+0x817/0x1010
[ 1172.150833][   T30]  ? __mutex_lock+0x602/0x1010
[ 1172.150860][   T30]  ? sync_bdevs+0x1ae/0x340
[ 1172.150888][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 1172.188443][   T30]  ? do_raw_spin_lock+0x14f/0x370
[ 1172.194297][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1172.200172][   T30]  ? _atomic_dec_and_lock+0x9a/0x130
[ 1172.206617][   T30]  ? iput+0x3be/0xa50
[ 1172.211407][   T30]  sync_bdevs+0x1ae/0x340
[ 1172.216430][   T30]  ksys_sync+0xe2/0x1c0
[ 1172.221986][T15982] openvswitch: netlink: Key 6 has unexpected len 4 expected 2
[ 1172.232218][   T30]  ? __pfx_ksys_sync+0x10/0x10
[ 1172.252043][   T30]  ? do_syscall_64+0xb6/0x230
[ 1172.263675][   T30]  __do_sys_sync+0xe/0x20
[ 1172.272683][   T30]  do_syscall_64+0xf3/0x230
[ 1172.277635][   T30]  ? clear_bhb_loop+0x35/0x90
[ 1172.282721][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1172.291293][   T30] RIP: 0033:0x7f85e5f8d0a9
[ 1172.296175][   T30] RSP: 002b:00007f85e6dc8038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
[ 1172.304997][   T30] RAX: ffffffffffffffda RBX: 00007f85e61a5fa0 RCX: 00007f85e5f8d0a9
[ 1172.313528][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1172.321992][   T30] RBP: 00007f85e61a5fa0 R08: 0000000000000000 R09: 0000000000000000
[ 1172.330221][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1172.339826][   T30] R13: 0000000000000001 R14: 00007f85e61a5fa0 R15: 00007ffcb053e0e8
[ 1172.350773][   T30]  </TASK>
[ 1172.354049][   T30] 
[ 1172.354049][   T30] Showing all locks held in the system:
[ 1172.376887][   T30] 1 lock held by rcu_exp_gp_kthr/19:
[ 1172.400566][   T30]  #0: ffff8880b863e7d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xb0/0x140
[ 1172.411748][   T30] 1 lock held by khungtaskd/30:
[ 1172.417955][   T30]  #0: ffffffff8eb38f60 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0
[ 1172.428847][   T30] 1 lock held by syslogd/5181:
[ 1172.434483][   T30]  #0: ffff8880b863e7d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xb0/0x140
[ 1172.444697][   T30] 2 locks held by getty/5580:
[ 1172.451821][   T30]  #0: ffff88814d33b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1172.463335][   T30]  #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x616/0x1770
[ 1172.474154][   T30] 1 lock held by udevd/5829:
[ 1172.479242][   T30]  #0: ffff888025d4f4c8 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xf0/0xc50
[ 1172.489093][   T30] 3 locks held by kworker/u8:11/6048:
[ 1172.494589][   T30]  #0: ffff8880b863e7d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xb0/0x140
[ 1172.508514][   T30]  #1: ffffffff8eb38f60 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run4+0x244/0x590
[ 1172.518335][   T30]  #2: ffffffff8eb38f60 (rcu_read_lock){....}-{1:3}, at: batadv_nc_worker+0xcb/0x610
[ 1172.528473][   T30] 1 lock held by syz.0.2403/14672:
[ 1172.533679][   T30]  #0: ffff888025d4f4c8 (&disk->open_mutex){+.+.}-{4:4}, at: sync_bdevs+0x1ae/0x340
[ 1172.543411][   T30] 1 lock held by syz.2.2585/15382:
[ 1172.548957][   T30]  #0: ffff888025d4f4c8 (&disk->open_mutex){+.+.}-{4:4}, at: sync_bdevs+0x1ae/0x340
[ 1172.558864][   T30] 1 lock held by syz.2.2585/15386:
[ 1172.564808][   T30]  #0: ffff888025d4f4c8 (&disk->open_mutex){+.+.}-{4:4}, at: sync_bdevs+0x1ae/0x340
[ 1172.574707][   T30] 1 lock held by syz.2.2585/15387:
[ 1172.580041][   T30]  #0: ffff888025d4f4c8 (&disk->open_mutex){+.+.}-{4:4}, at: sync_bdevs+0x1ae/0x340
[ 1172.590104][   T30] 1 lock held by syz.2.2585/15388:
[ 1172.595637][   T30]  #0: ffff888025d4f4c8 (&disk->open_mutex){+.+.}-{4:4}, at: sync_bdevs+0x1ae/0x340
[ 1172.605845][   T30] 1 lock held by syz.2.2585/15389:
[ 1172.611448][   T30]  #0: ffff888025d4f4c8 (&disk->open_mutex){+.+.}-{4:4}, at: sync_bdevs+0x1ae/0x340
[ 1172.621212][   T30] 1 lock held by syz.2.2585/15390:
[ 1172.627902][   T30]  #0: ffff888025d4f4c8 (&disk->open_mutex){+.+.}-{4:4}, at: sync_bdevs+0x1ae/0x340
[ 1172.637791][   T30] 1 lock held by syz.2.2585/15391:
[ 1172.643052][   T30]  #0: ffff888025d4f4c8 (&disk->open_mutex){+.+.}-{4:4}, at: sync_bdevs+0x1ae/0x340
[ 1172.652993][   T30] 1 lock held by syz.2.2585/15394:
[ 1172.658341][   T30]  #0: ffff888025d4f4c8 (&disk->open_mutex){+.+.}-{4:4}, at: sync_bdevs+0x1ae/0x340
[ 1172.669439][   T30] 3 locks held by kworker/u8:10/15494:
[ 1172.674996][   T30]  #0: ffff88801b089148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x98b/0x18e0
[ 1172.687133][   T30]  #1: ffffc90003827c60 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9c6/0x18e0
[ 1172.698291][   T30]  #2: ffffffff8fec2ac8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[ 1172.707851][   T30] 2 locks held by syz.5.2752/15965:
[ 1172.713136][   T30]  #0: ffffffff8fec2ac8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x3b/0x1b0
[ 1172.722379][   T30]  #1: ffffffff8eb3e438 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x381/0x820
[ 1172.733604][   T30] 2 locks held by syz.9.2757/15980:
[ 1172.739175][   T30]  #0: ffffffff903c2868 (&ops->srcu#2){.+.+}-{0:0}, at: rtnl_link_ops_get+0x22/0x250
[ 1172.749107][   T30]  #1: ffffffff8fec2ac8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0xc55/0x1d30
[ 1172.758520][   T30] 1 lock held by syz.8.2756/15981:
[ 1172.763763][   T30]  #0: ffffffff8fec2ac8 (rtnl_mutex){+.+.}-{4:4}, at: rtnetlink_rcv_msg+0x6e6/0xcf0
[ 1172.807829][   T30] 
[ 1172.810285][   T30] =============================================
[ 1172.810285][   T30] 
[ 1172.819575][   T30] NMI backtrace for cpu 0
[ 1172.819590][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.14.0-rc3-syzkaller-00137-g27eddbf34490 #0
[ 1172.819609][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1172.819619][   T30] Call Trace:
[ 1172.819626][   T30]  <TASK>
[ 1172.819633][   T30]  dump_stack_lvl+0x241/0x360
[ 1172.819658][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1172.819676][   T30]  ? __pfx__printk+0x10/0x10
[ 1172.819711][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[ 1172.819735][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1172.819750][   T30]  ? _printk+0xd5/0x120
[ 1172.819772][   T30]  ? __pfx__printk+0x10/0x10
[ 1172.819801][   T30]  ? __wake_up_klogd+0xcc/0x110
[ 1172.819822][   T30]  ? __pfx__printk+0x10/0x10
[ 1172.819846][   T30]  ? __rcu_read_unlock+0xa1/0x110
[ 1172.819869][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1172.819889][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[ 1172.819910][   T30]  watchdog+0x1058/0x10a0
[ 1172.819934][   T30]  ? watchdog+0x1ea/0x10a0
[ 1172.819961][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1172.819984][   T30]  kthread+0x7a9/0x920
[ 1172.820005][   T30]  ? __pfx_kthread+0x10/0x10
[ 1172.820033][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1172.820054][   T30]  ? __pfx_kthread+0x10/0x10
[ 1172.820074][   T30]  ? __pfx_kthread+0x10/0x10
[ 1172.820099][   T30]  ? __pfx_kthread+0x10/0x10
[ 1172.820119][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1172.820136][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[ 1172.820155][   T30]  ? __pfx_kthread+0x10/0x10
[ 1172.820178][   T30]  ret_from_fork+0x4b/0x80
[ 1172.820199][   T30]  ? __pfx_kthread+0x10/0x10
[ 1172.820221][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1172.820252][   T30]  </TASK>
[ 1172.820281][   T30] Sending NMI from CPU 0 to CPUs 1:
[ 1172.993302][    C1] NMI backtrace for cpu 1
[ 1172.993317][    C1] CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:1 Not tainted 6.14.0-rc3-syzkaller-00137-g27eddbf34490 #0
[ 1172.993334][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1172.993344][    C1] Workqueue: bat_events batadv_nc_worker
[ 1172.993369][    C1] RIP: 0010:__lock_acquire+0x57d/0x2100
[ 1172.993390][    C1] Code: 8c e8 07 c2 e4 ff 48 ba 00 00 00 00 00 fc ff df 90 0f 0b 90 90 90 31 db 48 81 c3 c4 00 00 00 48 89 d8 48 c1 e8 03 0f b6 04 10 <84> c0 0f 85 f8 12 00 00 0f b6 2b 41 0f b6 04 16 84 c0 0f 85 0c 13
[ 1172.993403][    C1] RSP: 0018:ffffc90000a18a30 EFLAGS: 00000807
[ 1172.993415][    C1] RAX: 0000000000000000 RBX: ffffffff93ead854 RCX: ffffffff819cb7fc
[ 1172.993426][    C1] RDX: dffffc0000000000 RSI: 0000000000000008 RDI: ffffffff94511898
[ 1172.993436][    C1] RBP: 00000000000c42e2 R08: ffffffff9451189f R09: 1ffffffff28a2313
[ 1172.993447][    C1] R10: dffffc0000000000 R11: fffffbfff28a2314 R12: ffff88801c6864d4
[ 1172.993458][    C1] R13: 0000000000000019 R14: 1ffff110038d0cbb R15: ffff88801c6865d8
[ 1172.993468][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[ 1172.993481][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1172.993491][    C1] CR2: 00007fca04f79178 CR3: 00000000789b6000 CR4: 00000000003526f0
[ 1172.993504][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1172.993513][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1172.993523][    C1] Call Trace:
[ 1172.993529][    C1]  <NMI>
[ 1172.993536][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 1172.993551][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1172.993570][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1172.993591][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1172.993607][    C1]  ? nmi_handle+0x14f/0x5a0
[ 1172.993625][    C1]  ? nmi_handle+0x2a/0x5a0
[ 1172.993643][    C1]  ? __lock_acquire+0x57d/0x2100
[ 1172.993660][    C1]  ? default_do_nmi+0x63/0x160
[ 1172.993679][    C1]  ? exc_nmi+0x123/0x1f0
[ 1172.993697][    C1]  ? end_repeat_nmi+0xf/0x53
[ 1172.993719][    C1]  ? __lock_acquire+0x4ac/0x2100
[ 1172.993737][    C1]  ? __lock_acquire+0x57d/0x2100
[ 1172.993754][    C1]  ? __lock_acquire+0x57d/0x2100
[ 1172.993782][    C1]  ? __lock_acquire+0x57d/0x2100
[ 1172.993799][    C1]  </NMI>
[ 1172.993804][    C1]  <IRQ>
[ 1172.993816][    C1]  lock_acquire+0x1ed/0x550
[ 1172.993833][    C1]  ? drm_handle_vblank+0xdc/0x510
[ 1172.993856][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1172.993874][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1172.993892][    C1]  ? _raw_spin_lock_irqsave+0xe1/0x120
[ 1172.993907][    C1]  ? __pfx__raw_spin_lock_irqsave+0x10/0x10
[ 1172.993925][    C1]  _raw_spin_lock+0x2e/0x40
[ 1172.993938][    C1]  ? drm_handle_vblank+0xdc/0x510
[ 1172.993956][    C1]  drm_handle_vblank+0xdc/0x510
[ 1172.993977][    C1]  vkms_vblank_simulate+0xd6/0x360
[ 1172.993998][    C1]  ? __pfx_vkms_vblank_simulate+0x10/0x10
[ 1172.994018][    C1]  __hrtimer_run_queues+0x59b/0xd30
[ 1172.994040][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1172.994053][    C1]  ? sched_clock+0x4a/0x70
[ 1172.994068][    C1]  ? read_tsc+0x9/0x20
[ 1172.994081][    C1]  ? ktime_get_update_offsets_now+0x38e/0x3b0
[ 1172.994102][    C1]  hrtimer_interrupt+0x403/0xa40
[ 1172.994124][    C1]  __sysvec_apic_timer_interrupt+0x110/0x420
[ 1172.994144][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[ 1172.994160][    C1]  </IRQ>
[ 1172.994165][    C1]  <TASK>
[ 1172.994171][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1172.994189][    C1] RIP: 0010:lock_acquire+0x264/0x550
[ 1172.994206][    C1] Code: 2b 00 74 08 4c 89 f7 e8 4a c1 89 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[ 1172.994218][    C1] RSP: 0018:ffffc900001178a0 EFLAGS: 00000206
[ 1172.994230][    C1] RAX: 0000000000000001 RBX: 1ffff92000022f20 RCX: ffff88801c6864e8
[ 1172.994240][    C1] RDX: dffffc0000000000 RSI: ffffffff8c2ab6a0 RDI: ffffffff8c8019c0
[ 1172.994250][    C1] RBP: ffffc900001179f0 R08: ffffffff9451192f R09: 1ffffffff28a2325
[ 1172.994261][    C1] R10: dffffc0000000000 R11: fffffbfff28a2326 R12: 1ffff92000022f1c
[ 1172.994271][    C1] R13: dffffc0000000000 R14: ffffc90000117900 R15: 0000000000000246
[ 1172.994291][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1172.994308][    C1]  ? __local_bh_disable_ip+0x187/0x220
[ 1172.994323][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1172.994339][    C1]  ? batadv_nc_purge_paths+0xe8/0x3b0
[ 1172.994357][    C1]  ? __pfx___local_bh_disable_ip+0x10/0x10
[ 1172.994371][    C1]  ? __local_bh_enable_ip+0x168/0x200
[ 1172.994386][    C1]  ? batadv_nc_purge_paths+0x312/0x3b0
[ 1172.994404][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1172.994419][    C1]  ? batadv_nc_purge_paths+0xe8/0x3b0
[ 1172.994438][    C1]  _raw_spin_lock_bh+0x35/0x50
[ 1172.994451][    C1]  ? batadv_nc_purge_paths+0xe8/0x3b0
[ 1172.994469][    C1]  ? __pfx_batadv_nc_to_purge_nc_path_decoding+0x10/0x10
[ 1172.994489][    C1]  batadv_nc_purge_paths+0xe8/0x3b0
[ 1172.994513][    C1]  batadv_nc_worker+0x365/0x610
[ 1172.994532][    C1]  ? process_scheduled_works+0x9c6/0x18e0
[ 1172.994548][    C1]  process_scheduled_works+0xabe/0x18e0
[ 1172.994575][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1172.994594][    C1]  ? assign_work+0x364/0x3d0
[ 1172.994611][    C1]  worker_thread+0x870/0xd30
[ 1172.994632][    C1]  ? __kthread_parkme+0x169/0x1d0
[ 1172.994650][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1172.994666][    C1]  kthread+0x7a9/0x920
[ 1172.994682][    C1]  ? __pfx_kthread+0x10/0x10
[ 1172.994701][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1172.994717][    C1]  ? __pfx_kthread+0x10/0x10
[ 1172.994733][    C1]  ? __pfx_kthread+0x10/0x10
[ 1172.994751][    C1]  ? __pfx_kthread+0x10/0x10
[ 1172.994773][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1172.994787][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[ 1172.994802][    C1]  ? __pfx_kthread+0x10/0x10
[ 1172.994820][    C1]  ret_from_fork+0x4b/0x80
[ 1172.994835][    C1]  ? __pfx_kthread+0x10/0x10
[ 1172.994852][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1172.994874][    C1]  </TASK>
[ 1172.998364][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[ 1172.998380][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.14.0-rc3-syzkaller-00137-g27eddbf34490 #0
[ 1172.998401][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1172.998412][   T30] Call Trace:
[ 1172.998420][   T30]  <TASK>
[ 1172.998428][   T30]  dump_stack_lvl+0x241/0x360
[ 1172.998454][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1172.998472][   T30]  ? __pfx__printk+0x10/0x10
[ 1172.998493][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1172.998523][   T30]  ? vscnprintf+0x5d/0x90
[ 1172.998543][   T30]  panic+0x349/0x880
[ 1172.998567][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 1172.998586][   T30]  ? __pfx_panic+0x10/0x10
[ 1172.998607][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[ 1172.998628][   T30]  ? __irq_work_queue_local+0x137/0x410
[ 1172.998652][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[ 1172.998675][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 1172.998692][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[ 1172.998712][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[ 1172.998734][   T30]  watchdog+0x1097/0x10a0
[ 1172.998757][   T30]  ? watchdog+0x1ea/0x10a0
[ 1172.998784][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1172.998806][   T30]  kthread+0x7a9/0x920
[ 1172.998828][   T30]  ? __pfx_kthread+0x10/0x10
[ 1172.998852][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1172.998874][   T30]  ? __pfx_kthread+0x10/0x10
[ 1172.998895][   T30]  ? __pfx_kthread+0x10/0x10
[ 1172.998920][   T30]  ? __pfx_kthread+0x10/0x10
[ 1172.998941][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1172.998959][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[ 1172.998978][   T30]  ? __pfx_kthread+0x10/0x10
[ 1172.999002][   T30]  ret_from_fork+0x4b/0x80
[ 1172.999028][   T30]  ? __pfx_kthread+0x10/0x10
[ 1172.999050][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1172.999082][   T30]  </TASK>
[ 1173.745460][   T30] Kernel Offset: disabled
[ 1173.749774][   T30] Rebooting in 86400 seconds..