last executing test programs:

2m55.007944842s ago: executing program 2 (id=1486):
socket$netlink(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="3800000003080104ec000000000000000700000a1400048068000140000000080000014000000e7706000240886300000500030011"], 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x20008800)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001500)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
syz_open_dev$ttys(0xc, 0x2, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
dup(r5)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0), 0x100}, 0x0)
r6 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe})
ioctl$SCSI_IOCTL_SEND_COMMAND(r6, 0x1, &(0x7f0000000100)=ANY=[])

2m52.916719985s ago: executing program 2 (id=1489):
write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000580)=ANY=[@ANYBLOB="300200007d04000005ef000000000000000000000000000000000000000000000000000000000000000000000000000000001b00046e6f6465767b65766f6f7e0539c60005000037"], 0x230)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r0, &(0x7f00000005c0)=ANY=[@ANYBLOB="0e00000002"], 0x8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x6}]})
r1 = socket$kcm(0x2b, 0x1, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000380)={'geneve1\x00', <r3=>0x0})
bind$packet(r2, &(0x7f0000000000)={0x11, 0x0, r3, 0x1, 0x8, 0x6, @broadcast}, 0x14)
syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x7079, 0x400, 0x3, 0x288}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r6, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
setsockopt$sock_attach_bpf(r1, 0x1, 0x2f, &(0x7f0000000080), 0x24)
r7 = socket(0x10, 0x4, 0x1)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000001080)=@newspdinfo={0x1c, 0x24, 0x1, 0x70bd2c, 0x0, 0x0, [@XFRMA_SPD_IPV6_HTHRESH={0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24000010}, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r7, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00032abd7000fedbdf2514000000080010000600000008000d00ffffffff"], 0x24}, 0x1, 0x0, 0x0, 0xc0}, 0x40800)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000fdffffff000000000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r10 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f00000003c0)='ext4_allocate_inode\x00', r9}, 0x10)
r11 = gettid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000580)={r11, r10, 0x0, 0xfffffffffffffc4b, &(0x7f00000001c0)='\x00'}, 0x11)

2m51.695135847s ago: executing program 2 (id=1494):
syz_emit_ethernet(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r3)
ptrace$cont(0x20, r3, 0x3, 0x3)
ptrace$cont(0x9, r3, 0x7fffffff, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000000), 0xffffffffffffffff)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='setgroups\x00')
getsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000180), &(0x7f0000000240)=0x4)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000080)={0x0, 0x1, 0x0, &(0x7f0000000300)=""/42, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f0000000180)=""/87, 0x0, 0x4000})
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000a40))
ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, 0x0)
ioctl$VHOST_SET_VRING_KICK(r5, 0x4008af04, &(0x7f0000000200))

2m50.38225665s ago: executing program 2 (id=1497):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='net\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, <r1=>0x0})
waitid(0x1, r1, &(0x7f00000000c0), 0x40000000, &(0x7f0000000140))
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
ioctl$KDSETKEYCODE(0xffffffffffffffff, 0x4b4d, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f00000011c0)=<r2=>0x0)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000001200)=<r3=>0x0)
r4 = socket(0x840000000002, 0x3, 0xff)
getsockopt$sock_cred(r4, 0x1, 0x11, 0x0, &(0x7f0000000140))
mount$9p_fd(0x0, &(0x7f0000001140)='./file0\x00', &(0x7f0000001340), 0x8a0400, &(0x7f0000001380)={'trans=fd,', {}, 0x2c, {}, 0x2c, {[{@access_uid={'access', 0x3d, r2}}, {@version_u}, {@dfltuid={'dfltuid', 0x3d, r3}}, {@access_user}, {@posixacl}], [{@smackfshat={'smackfshat', 0x3d, 'q\xf1\x9b\xb1\x9a\x97f\xc4\x89\x85\b\xbb\xae=F\xdc\xb7\xe446\xf8\x81 w\xc8\xa6\'\n\x86\x8c\xb4\xae\xebn\x84\x95\xee\x03\x10\xd1\xfc\xb3j0z\xbb\xd3:\xf3\t\xa6\xae\xddM\x0ee\x8e\xf7U\xbe\xb3\xad\xe9P%\xca*36\x80\xb8\x99\x1c\xefF\x1d\xf1\x03\xe8\xeb\xceklM\xfe\xf9\xf9h*p\xe0\xf7?R\xb6\xe2\xfe\xd3\xf4\x94\x03\xc9;}Z\xeam\xb1@\x16E'}}, {@fowner_eq}]}})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x0, 0x0, 0x0, 0x0, 0x690, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSKBENT(r5, 0x4b47, &(0x7f00000000c0)={0x3, 0x4, 0x200})
r6 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f0000000380)={0x1, @pix_mp={0x8000000, 0x0, 0x32525942, 0x9, 0x0, [{}, {0x0, 0xffffffff}, {}, {}, {}, {0x0, 0x6}, {0x6}], 0x0, 0x8, 0x16, 0x1, 0x7}})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
mlock(&(0x7f0000126000/0x2000)=nil, 0x2000)
r7 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r7, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff3b, 0x0, 0x0, 0x0)
recvfrom$inet6(r7, &(0x7f0000000000)=""/28, 0x1c, 0x20002140, 0x0, 0x0)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
socket$xdp(0x2c, 0x3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)

2m46.574106909s ago: executing program 2 (id=1506):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r1 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000001200)=[{{&(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000680)="f7c28fdca55faf61b3f8ec7e072d1ef69a25addf83357d9859a37904e77717035cefbb2326a4eb802932ffa6ed46fe8fe3dff8bda71f3ebfff0437f4415de4b4cfd8a5af2d09ddb76d3768d9579a8f1431ecd5da518f9a5b0a84d374087dac6b35c67d765937d21c311dbd99fd366ee94d62d4f2d5393eca7bd5345979ad8c11c2d0499754172359c3d232e2b23e62e13f0a9e8acf1097b1fe622980534edd568f72fedb45e6fdad61484c837eca04a6e558fe3ba9b588be329a02478fe55697", 0xc0}], 0x1, &(0x7f0000000800)=[@cred={{0x1c, 0x1, 0x2, {r1, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {r1}}}, @cred={{0x1c, 0x1, 0x2, {r1}}}, @cred={{0x1c, 0x1, 0x2, {r1}}}, @cred={{0x1c, 0x1, 0x2, {r1, 0x0, 0xee00}}}, @rights={{0x2c, 0x1, 0x1, [r2, r0, r2, r0, r2, r0, r3]}}], 0xd0, 0x24048100}}], 0x1, 0x0)

2m44.545395822s ago: executing program 2 (id=1510):
socket$rxrpc(0x21, 0x2, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
socket$tipc(0x1e, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r3, r2, &(0x7f0000002080)=0x3a, 0x23b)

2m29.415738296s ago: executing program 32 (id=1510):
socket$rxrpc(0x21, 0x2, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
socket$tipc(0x1e, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendfile(r3, r2, &(0x7f0000002080)=0x3a, 0x23b)

10.254962741s ago: executing program 1 (id=2088):
setxattr$trusted_overlay_opaque(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f0000000080), 0x2, 0x3)
unshare(0x400)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000300), 0x400, 0x0)
ioctl$SNDCTL_SEQ_RESET(r0, 0x5100)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="140000"], 0x18}, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x40000002, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0x2, 0x18, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f00000006c0)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000700)={@local})
r6 = syz_open_dev$video(&(0x7f00000004c0), 0x81, 0xa082)
creat(&(0x7f0000000100)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000240), 0x4, &(0x7f0000000bc0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r6, @ANYBLOB=',wfdno=', @ANYRESHEX=r5])
socket(0x10, 0x3, 0x0)

9.228676016s ago: executing program 0 (id=2090):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
pwritev(r2, &(0x7f0000002140)=[{&(0x7f0000002040)}], 0x1, 0x219, 0x10001)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r3 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r3, &(0x7f00000001c0)={0xa, 0x4, 0x3ff, @empty, 0x1}, 0x1c)
setsockopt$IP_VS_SO_SET_TIMEOUT(r3, 0x29, 0x48a, 0x0, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
r4 = syz_open_procfs(0x0, &(0x7f0000002700)='cmdline\x00')
read$FUSE(r4, &(0x7f0000000000)={0x2020}, 0xfffffc7a)

9.068120516s ago: executing program 1 (id=2091):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$packet(0x11, 0x2, 0x300)
r3 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000840)=@o_path={&(0x7f0000000800)='./file0\x00', 0x0, 0x8, r2}, 0x18)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000c80)={r3, 0x0, 0xd7, 0x97, &(0x7f0000000880)="90208f6e046be1df3a4dee968d1611f5f3757217da4288db14b101966799ec53aaa22a1e529bf3f45c2ed8f78129970318e3c418f0800625c73d895cf2c84ea3be8783a446438653091a0cf4c5303300bc337909baeb2671858001ca2cc19786fc9a3075ed337d529c176078734d65c2a8e2393246df89f8978c0a22ab4e32ea46d7627313e11314dace057d60854ec214c843b518bfa3debb4fec7eb1d28223e99bbb695d88c9ed0b7c7c528cc542d84ff24088c482d145ced4dd8f3cca8fc7f2099a6ef1540d9bcdd2695847dfe34dbf7189b8cc0b55", &(0x7f0000000a00)=""/151, 0x31, 0x0, 0x91, 0xcb, &(0x7f0000000ac0)="06c87c22a515fd705895ee121e7193d1ac03ade8f6d79cc362ec18b122e2d2bc54b824fc9a26e9a9f01a13090927c21a09e333a823d7f6b979bdadf52a13c3443dcdb5b2c823eea82eb6a7f49138decd5b6abd9d5cdd3addfeb1cb3872438e32ff533373543573f3ff184ada20eb05978b65fb576603ccf2854c0852b708ba2212ff982d5afb84690a9f0d527f002af455", &(0x7f0000000b80)="ab12356fd37574ab38b3c202123864770f265c62af9382ce8a9833067caa60a24e894ba3890125b4e45afeb2d13405b5e9e0cd2b47e3bb87e9d9325afc0e0c02f7a76c756df83205ffb2812b11decede040239c7934d3a2dbcf25b702a96c44788b5e402e349d4da49e77ac421b53e6d8ec369437b6d44012ed8bdc5770414897b6224b6e9fdb3d0c36f921a55121b856b7e44561d4a4254da691a30c16cf06b9559c6ff9784af4b5d52a85d1f913e13c5924f74070bd35735ba03f034aaeea9121613cd4378adf381dd3a", 0x5, 0x0, 0x1}, 0x50)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f0000000780)=[{{&(0x7f0000000000)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, 0x80, &(0x7f0000000300)=[{&(0x7f00000000c0)=""/108, 0x6c}, {&(0x7f0000000140)=""/231, 0xe7}, {&(0x7f0000000240)=""/41, 0x29}], 0x3, &(0x7f0000000380)=""/4, 0x4}, 0x8}, {{&(0x7f00000003c0)=@rc={0x1f, @fixed}, 0x80, &(0x7f0000000680)=[{&(0x7f0000000440)=""/129, 0x81}, {&(0x7f0000000500)=""/135, 0x87}, {&(0x7f00000005c0)=""/28, 0x1c}, {&(0x7f0000000600)=""/126, 0x7e}], 0x4, &(0x7f00000006c0)=""/169, 0xa9}, 0x3}], 0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_io_uring_setup(0x152d, &(0x7f0000000980)={0x0, 0x5885, 0x80}, &(0x7f0000000340)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd, 0x0, 0x0, 0xfffffffffffffec1, 0x11})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)

8.025442771s ago: executing program 3 (id=2092):
r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f0000000400), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, r0)
r2 = add_key(&(0x7f0000000240)='dns_resolver\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f0000000280)="dee7030022cf5c6c7bc31bd2599759fafa9e5e1dbac27b0426fc0299c41fb9b9dadd77c2dac894f365ae68edf335abf35ec53d6751467ebd2c187491bcab2c8d34fec505fc8a14622dba33ff9b054eb7e8a5bc4ab2719cb230328931deb95ef3fcafb1ce27743a93f4715976edec860ab49c3a4f51ab0124b50c3362201a307df03000", 0x83, r1)
keyctl$read(0xb, r2, 0x0, 0x0)

7.974009277s ago: executing program 3 (id=2093):
setxattr$trusted_overlay_opaque(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f0000000080), 0x2, 0x3)
unshare(0x400)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
ioctl$SNDCTL_SEQ_RESET(0xffffffffffffffff, 0x5100)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000080)="03", 0x1}], 0x1, &(0x7f0000000280)=ANY=[@ANYBLOB="140000"], 0x18}, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x40000002, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f0000000100)={0x40000000, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0x2, 0x18, 0x0, 0x0, 0x2}, 0x10}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x0, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f00000006c0)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000700)={@local})
r5 = syz_open_dev$video(&(0x7f00000004c0), 0x81, 0xa082)
creat(&(0x7f0000000100)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000240), 0x4, &(0x7f0000000bc0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r4])
socket(0x10, 0x3, 0x0)

7.921152559s ago: executing program 0 (id=2094):
r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)
r1 = add_key$keyring(&(0x7f0000000400), &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, r0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r2 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000040))
r3 = add_key(&(0x7f0000000240)='dns_resolver\x00', &(0x7f0000000080)={'syz', 0x1}, &(0x7f0000000280)="dee7030022cf5c6c7bc31bd2599759fafa9e5e1dbac27b0426fc0299c41fb9b9dadd77c2dac894f365ae68edf335abf35ec53d6751467ebd2c187491bcab2c8d34fec505fc8a14622dba33ff9b054eb7e8a5bc4ab2719cb230328931deb95ef3fcafb1ce27743a93f4715976edec860ab49c3a4f51ab0124b50c3362201a307df03000", 0x83, r1)
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000100)={0x6, 0x21, 0xfffffffd})
keyctl$read(0xb, r3, 0x0, 0x0)

7.855985234s ago: executing program 5 (id=2095):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000000c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40)
getdents64(r4, 0x0, 0x300) (fail_nth: 2)
syz_fuse_handle_req(r0, &(0x7f00000083c0)="cccac97079817bae9259a939cf68c31ca6bfffb9c940591fc092ae6504f4c913e79b7ad823e94d47d9bed4b4ee2cb7cb1397f9ad2d60664664e966e8975b599c1ff087f8ecde32a6911b98fee3f813bcea2358c099424ac9319af3220fcb602f675c880c38dd29290a61769ac23e0e6ce367dbd14fa78e3ca91d395576ab3ce0ded34465731a214187499edbad77649422ab97d7d713e60d9c1ae782777290518c4e9a4779d218335766e6e95fc3713f504966201f6bf946745a529dd94d5ab9c0cb1c326d715e772b60386544954be0b60bd4d93f66917f11a56fb7d1f900744164052d0766927e7bdc7a7a5e7f4a4c1a7e18684b564085a9469428c43e3eb2ba8919c6c076e8a5a5c7e4988905b5710fea96d395ce8a5bd4ee79eb71e0d6d4dcf432ae020a3343561dd865f97c02ea9ae49abeb20c913aaf0d53cd1b2b47f08a0b3a8ed0980b1f274b64d80382d4aac0aa699420863bf4d984f4266e874abfe347cb0cf59b950d4bc49db33a386bb4ed685ae0439952b921372d7dfe144ec2ce9854bd8ea8e50c252d65c7133d9511dc9f84b7eafcc739087196ecdd637b10e44ca9606dd74c9cf0207c7863f9cb26915d60c1ecec45aa25ffd14d71c4b5658f8b575b2471c9e1d929f3e97148678b730fad4634be241f02ac5e04da9dbdceb4d1232192192fa3909776affb073540ae899c936ca6f39293be769fd4a8161fe8482793d96e31af02749eb969077ba3d33c7303db2ea19c3689f4c88e3060c31bf50792db7669c869601a5238b7d179f254e6684d2cd50b13857869a65b28915cfaee62d98db3980ddca1b6bd2339895883882bbda08d43638735a69b4771a174891be3159b35ce4d83bdc38f31a4f07ee300944c4fbb56a0fa2aa1a7034c534f68417dca90e02c78f6eb1caab5df6159c846811df4ee4af58c15fd226cdab501639870951ca35955a16f79e5f11f66333d0c43a3b7a07e37e3428b44c32833821a69999e15154f0b9c99948c803099cd6b5ca602b2ad72ff137f6995ae29465fb87520615600ac68a0870b7b3f31e07a4ca8fa347826cbbe781aee218b58c18e48d1156685da4bf979a7d66345e866694e6947fed3b5a60954117807c3c03c6ff06ee1743aa5ccfd6fee385dda1016cff0cf47f86df67b6ed817eb4b382c12def782edcee0ab51e78d00d7e9f0a8430f746339b81a125ddea20466f5fcd5f312714949a1a546320b4720bfac50b9808b0a5db0b29ff709bcc76e2fa3650680e5b191039f80921173795f231daaeee737ea27f38a5ccb903accc30748f1a56a6d9357161a281416955964187ff7179a5f6bf7b8f7d1107ddd49c7dd012fb003adfe4902de39c5eb42d4977dc3af77169cdcfaac33f1cf3787391a97a8da42ff312228ea4ee7bed39f65da92a72abf05e5e46f601d2990091eff8c656ff750162c23ac15d2801517ec3af17de7edb2e91fef0abd01ab2f004acbc7199b18ab77f2c0a98db8c7b58ecffd3e83c16f4f334c1c36a3a09959a7785b73c9d61aa9c5e7f211616028118713e58812f38179da9c7a8bef94c2723e0f5d2dd47f0010908b37073da8e9c915d17d5c6e6d71a0a9308674257743417cbbff0fafef0c14d575929c38271b676069d619a6e774dff8d5cc19df30748ba697ebe3067f463b4ae1254c01813ef4d96ddb83812b817bfdedf6be14b7a86c779ecbffff60f0988b237b4e0d542c9f5e009b0d570fa5202fe6ae9396519a8f65e56c763e811003c77fdd5ac53d131d482e7255c54c883c9cc878a446df3d31b460b562fdfe81dfc1687d55057cc182e5ab8d7871568f5d8354396750cc72fe4dfb2ec53640102135048889a8d317fb3a9ce35f539acbb178e24f66ab3f663ab4a24e67d332eab5afebc13d98f9a046c2480067ee0808fa23128fed45da86f3cf002dd3a99e4b4308236d90f1746e0d6cb8b734901a676779def57e06105d8fd36ae2f563312ead0f999f68e85f1d103eeba9386d890022e3c545d995a61d96d63981c265df1387bdef58bae7bfdbc6723497c3ccf728894abf445f041b949bd37b7241787d01758e6f363f60b9fdda77bfbf8bab5019712396812b01ac4c355c256fcab0bc152606e078b13216e4ac02de459094e96ff73ab1a6d1e42108a45714f27a9db6f2f2aa301f8ebe6ff354c70dc5cde2f4151c3f2c60364cd68d3f602f726b7aa106920b829d3b4589915e412192ac89e6b826bd12fe34bc9aa34e8274b77a082edccbe39a0b39b593fe3ada197de00efef2ef9a945b225bc189aa64c1d465d6e6581e2647bfa5bfc6f09de009f1aaba97513562f72d2b929da36f57377fd0cfa9c5de5939888237cec6ec5fd0a866b6d28162f92bcf420882b9c5899a5e720e8832c60ad5d7a639bdb7a4aabbc194b5e659ee24387b474ea93119d5d0616c42cd08b81582c78107eee5a96c50d7e0afea1daaa514e35cb6a4fb7a9677cf6e7ab764efe7b633ba521c14ac9f323f16b1259b0dfbd2f957e1a7a18a43eec14c10da24bad85ffea7532215e111339873a51f32f0e0a0ef334667db6af2930dc42dd38ca13fba7b6d8b7976ec40fb3cc97b1fc23679b915338de018f744ae98d02d99e97fa69b6cc472d0b8ec7df5c97cc7906a79945b3e5118f3c5b29a8f7c7adf90ddb35818e9619e1c436f55f23a46bc6544dc735fae0f7232c53d980fcf28eacbb88639ea81d6ffa998de0b3b96d26a9b5a3ec1a8a034c29d097b8eae377b98a088314dbb69683ca9c87b0d89014d7b168355d89ac31c81c0b187a4d78e6b32012a611292c86dbbbdb79ed18d04f286aa3481970a00cd92657eb8134f463a12dd972d43457cccbbd4b43a6540af3cf87bda47b52c90c86070b3eae620f5a5f6c5ac59fd538ce116bc6d14bfdbb18e4438646f791dbf03c3e7bee95c837511f0a694c05f17df4fed4442532ab11eb9154644b037c1e67c19d7afd212afc5ed869045c816f16b484a718c1ad58a3f2cb99d9123314c6d51e57b7410006f706633b98315a9b3eafdc00c478dc05f5c5e6ef5ac1de0b84f36382c5ca39ec85eb4e8c2f84f5e109bf3980490065f2abb590ea2f17698381f3d71a2f81b52c3b69f0147663dd9cde256c8c1d8e4940b8f46798b9022c5a9ddc429c5542d3de2efd733d435aa9c973f83e3725d91909681490283378c593fbd5a0a5f2c0fd5505dd39c4c898ebb208d389c5851de89bcb5fc0d933f91581387854f75993dd4c4b3bec52a41e41d8cd3c98617155da5a7b4ab8c4fb4d091789bda8b48d643e42047f45b4cf17af1419fc7f2a8912a39346324fb0e5139d4437396f4e9bed8caf920997079362b666b7b39992e844e0552c67712229e419b10484defebfcd00996d64f07de576a832ff4c074fb5c854499e2158565a964b598e730649c773a20cd248a31fb97ecd85b26dbb0ae189c9fdb92d9d4abf97209744428d4b0fbd5b5f8fbe8f3f822981105fc910d298f75101c3f7d306bc1fa99181efb498d73727311856fd6573ee83baf0a7ce16c34a91f7829ab3d77b1a80a4ba6b1b5a8b0f6a060be6c14ba0a7077da16bd04a33e384a6c23c86ef78b4a375c5450d6a5d3df8dc0374e9d95c48d4dc27bc42f17f0a6c7d5122fd448801a7fe1a9548a389eb9353313e7acb6b0c66259e6579842e6a8d0e813ce9e8fcd8885f20f312c7061a5797f6f7501923b947f51102f6aa82324197a3618144bc1eb57f734dbaa4c186a6ffbf7bc3dbf7b9b9527f25f095d00bbabbb241a886b4dd1874333b7a832e4b908b9aad3bc1a26097b94e8d574a7efa1ec3f8639d175accfadbfd840b260812b4c65c8186a1a74106374bc8e9960cbd05ff424b585841b54e47e56e20c81398fe580837237b3816aae8315df07911a34d2d06ff46582751ea18be642a93d10d3717e2c116e35c70fb9a53e3fb546af10215cb9cd0f0630a2a997178760fdbe91fb010b2410d535641819b21c11ae8a68eb1c06b1d92eb889362b86a48983442e89b7ad45040af21db2be648cc7e8ca2f50b77c156ae343090620b4f1b7c452bbf92ebcaf1b271e89a8122aab8a7d4fea612f7c7c09412494a807d75fa403e6f7e9cc38fb435630df782ac1baf3bfaabd1223a6830bf18f0c1430027ea7e0a1e4dcf3af806779e53f12270a2560395c1eee6cdea5e10e54fa4cee2adcbe3380ba9b0cd8f7b307a0133a28f8716e37ae877d12dcda3b085b0f20acc1ac7a9631d56736442b93ddee9f83d93fcade69067d29c79608d8e018360396b37a7b7ecc3b01f75aa1effc6e4d7ac76696f1c2d9b0ae035701bd67a8d083fecd13efb01b64081c45acc5329e42a7a62824b1ef73cfad3a7f3c90d1d0ce7d3615fcaa8520fd7a708cdc091817f43941a86711be2c64a6b263ebbdb5b3fc68596f193577de6b900e2491d07454bae31cddb994f5fd9d281cf62aa6a67255e6fd6300515e5ddcaa997e1a12cdce725623cb067795aaaecdfbfc0d43c370afc0217f4bf39279e0f1260a533abbb7f266fa879ac08d8871cdf0c14e0f35026a3221583696c1dfd69e5de2df381da2d34c5d1d9485e1579934d124ec4374f3f80a6e03a2be86a21e8274ce1a99b6a4f136130bcb097b51dc908c50cc97e1ae76e2b790e7fdc3230f37d39b5322fee993cbec6b28226a1fb87a87302b179ccb1b0d520819f672ed2515771cc21c31780c45408d6774bb817a582cd1cb31e18682c1fe8835a6eb7f584f30adb6f0113c7e5193151c8ec5b9f3cee965f15f7e36b97f1f8451a522919ee2d3c4d12084c46ca1a7982560e487ffc74adc33970117fd51fba43eb65387f89e34410700dc0b8b6f981a74afdbc748f9b14b5849cb57059dddc85489bbc333657b40001836e1226d25ae4633bec2c9976e3b75367dc5bd131aeb3f5f1249819f8a9fdc762ebeab7d5dcde3b4e5ab40051bdaeb205db24bda23bcc2986bd940666dcd674373546b22cb29f7626844b54129f8d90b29c3b9213991b3abaa602dd03f0cb7467c21c09deddcf12159e1117c15787d6177f93682f6c92a5ba224bbc4537fe333b8af054306c47650a5fa6a38f25158cb784098b806ec08fea590e9b09c5865a820800a5b00c8679fad69a820e539869708484015050e919b5a01baea298b55edcdccb081e6b675137fd240a23ad58139c955486a6fba87d67b49901c0df7a1653544bea37a20562d2a2234331d70d1d8d0aa88c18495c4facfd941b9868e547060bf90464544da13b6206ae6c866feb5cb324a7cdd3ee3be122952d8bbff0cea8b38a8daf1d380345cb0719e96b54683e983a4a9e05e1e4111c256da8436ecb9efcf086ea52a33574319a73c627b112bb323148ca1161c89db4836db4c7c3394c21c29b4a9d45240341c2e1d918e1ced49e753e2f62372b20030806e5ef5b19a044a4693a08b4f0bb33b598ce940c25826b0b97347a982fdf3c37cdf060ceb0f6f6977acc4d2f6834f8220750169ef47569763c1ece7c62ac2bca07bbb395c85819b132c812d30fbbb137b421b55a2f1b8e9da0389ffade801a5e7b7bffdf1b2b1d59a88f8d72f4357f6a2bceed82882ecb705bc2cb0c641ac827265e1d460e3144ffb1cd7a1248ab3c3a82b1e77edd3a7193eb0ca97eafca555033daa9a87837a37d4f114039ec84612f19cb4ef960e01888aa47f2f8ad4bb554ea5df9db5228e74f23dc3550dfa085abc0825dc7fb710f46ce537f9b4ef1b777f227c6293470cd6913a3ae84adb4ba4e0a417c1b3b059803044a0e833658ab6bcb8bd6e044aabf565b1afd9d8575e41369b4849160e4c4f246a506223bbe5f4a2c75a508336ad91d2849c3e0beb42a805a5d7df1715d2298ab03e787ea1e37d526082b9b06b691734509ddd091f0cd338b6f4389ad37eb71d09f6ab89d22076d7cfc2ff885aa0be2ce0c7ff5052e26cddd90917c869f34a8ea17500d5d4d340a73f1454804903f6130585944f73aa54a2589e686b682c5564012a683c7f8b6eadd1b67365bba0589b25663fab69cfe6f73e122bd450d8c3a244ac9cd91a11d62efe935655cb52bf2c05c4d55cb4f6f0886c15b17685cd173576d3884fddd4491342967a4ce077a13ab22a110d6b10855d48887b185e7a56526e781ea65c049e7d9ba424ab3ee9025b2118201d9015fb54526d04f1edce509e450fce1bea1ab51bbad1350205dd55bec99483ba67d58c3004426b7c3759c21e749bb9c7e634788452220a74da32fcdd348590b9b2bd119be3ee9ea6f953bcf92b740f9009508c4297aba5d39e1dc54abe9545b73d0e7a03c00f8457ae0b5931738949fd44165f4be3e6f52638d26bf752736b832556f3b6a8a8039bd6e066b700ed4bbf12304bd05e91fbedec034082e52f5a64f89207b1c82759641ea47a5b24241328ac0eb79db63b04de8625724b9a1bdbdf3110b4931cd6bcd94183587c59b58a16093769566a4075958bd4c9330d18f81203a07c7532ba844ef4fab6510549140eb2c013c307e20ffe92964e48677217e6ec6ef63a318b3a32adc774a7da50a3f4d9e664a134f023278061c08e629a1cc92344d6bd409751ed13f94a3bf5c34973d5de54aead67d5b3880eeafc595de594138b141d9b13d5bbcd5b62407d1db9f6436879c95951f2e952efb86da9044c67ef4a86278be0c1b420ee412f9a20b8009c31b0415d1193ba0540deddceb294353fec1c0523c2fd0af8615d1b35cbf10d66a3a9533862596f04ee14b754def66bcbe66901c5972bcf6ca4214a7890b82c856f6ad673c7afb304dcd15a222475660a18eb91a7cd046dd2d1b313c19bf0b0b271b7f3a8705705dc37975d02ee05fec15edac1f5d2acdec1e039ca5e7655779d714e4e2ba61f40ee4c95dbb845f47edd98b752d633b760d6553992f5034b32f8c39cf5ce88e006856df4796bb0ad58ebca6fd0b7e566a8f597973761eaeaf99d6d581854bbe33264b434fc6507d0b4835b3b9c37287f332ddf60597477034199b108b0c1c0bf13a5d0b683589e3a490b3fbdcc375e43e0b7a38dfe7d77203681a46541f9c1e3c79175ac0bc41eda1fd52861b583c98dca13c75e527887797b69b8716e272e37d83cf43f91a1c684a3ca783e8d42d70952c3c1e8402b646effbc572800ac6b6acaec31eedfdfbd48f63bff722be6f81f5ebe5e0d45e46c21b97c6a64cf779cf43c3f3dc806872d1e1607a628609cab0c2ee543ef974b4dad172e0c2e3953f0bf99e201621ff9b8da4d09a4231675840a3de469a7ba00cb6da18d94366e8dda123d8549a1d3aed1e37c42ac56b9cb8b612189dde94d2ff6c7b68f5420d9112d7bf27dbecba54f59fced9a1ae28ad2d909d82c1a0639457a158374971f437f462612c97c28c8cb8c5ef0b08fec3a3bfcf26dda197791d4fb9214306fe0f1bd5a86c3427831ef989941437a5762a6d84baef6c0dbb0a2ce0d91b0fe2ad60e1c597d16d8fec3b8af5e1b8c067ed50d81fcea04339e35bcaf5abcc70c444198df34c05b417b2f924577cb5d4a427fb4e06e1f8ab82e60890097bee427eb41d03c79b2249f9c3cdbf778a261a6986f879275a7ed9e9c59fdd1783a85b9b0f960c2f51b111cfafa447542b978fd970df3d07fbf2c3d034bdaafb2e560bd737b96de25380f19b6c4cade753178b97925dd3b9247e40e395c636f9f8295eefaa0fe2a22903d59203bec3c34f488146a1615abbd0b3cd2b688291ba4d1995fe8680e31f119f824c2f6be7e3af9f31b2ce9f57736a6fc68020f1ecb17bf57b34d84bbc21c0278dace93e34282537ede9f3f98d624037b5bdaaf93d98393deb1d370b761bc7d13aaf5d716aa9fc1150b3ac60d379c8caaf639573830b39fb53e0f2f97cd41108fd5ea228e5ae9a4c706c91179f7221578fecf79ac0a65ae4c02b0837975c335b1ff653924a8dbb7940c89a0c59aca44c6ebfeefb46370f40b19170697b6c94de3e2dd2efac3551c05fdf83d3b37cb48ded2053a26a8e34275d02698b95f3a49ac5d2be32a98f7a8205f2f9e618efe83f76d27fba837002faee31e489c7a30cf8722d63fe3908db5893b175a3caa3651758148b8873ae94c239443a369066b56ed3e34d582e2f6f2da3e82ffde933b2ffe61cb7cf68aecdb8688519a77d08a732c4509d6bdf0af94010409065046243e8c56c31cc2d90939e3d2ff7851c552168039277fffedd6702df8945e42906b94aa2db12e1d91c02236ac2a7d45545dae56271f0122c48ea350442a496b93c0aeeba94d7bf689edfed437e7bacfd47de557f030bf12464ba929a464565cc423baf68cb0070832398bb6bee398bc1e17e11cc4afb69f137ffdfa8aef258894a0ce8082179add54801d284a3f901c70f827895a01977f9e73418cb84fda79287ec402dbbeb5e3c257dcd00ba100dbda41232294aa02f220d961d64652a6da12211d6d247bd4115ccb136e3935771d31c5476d707b8c2dc9f36149bba13773e8c69793f18a0f8534c757af4eb918de04cc4b48b425955a6cbb6595ffae2fd509186f8265a26c465c724483fca4073073d66197ad92b058f7ce914d4ee915240ed08ee837c2509ba4be70cf1561a28f34aa63b86c246fad578ab33e629520f57cfb5a1659373dcd3a83e6579dc9e50c87963889b93c30be79dd6bdc73777f91f3d7f84131a0c39896d9295afc141cb818413664eb64c6b2a7f44f97f084f1cf59abc2d8561ce7e652b2343b0ab986f2caa430a36aa4a5f5c7f84724f25bb9873e85702659d4aea1e54cc0443c3cc84f3c5e2fc46715e35dbe7aebe859ac669aa61f080f20845f656315e57aee4dea5ca35f05ff4b5375986778d010677771afe979a41a72aba134110b69316f535b96ae3272f5bfd4b5a87ddde8b7dfed1aa7dc87c3b96fafcdcd5b9b6948b3484baa05d89f9159a586fdd312fb809a57e1b267c44ce3df6519ea4143f22691f1531b9065bdcd1d0c4432929699ae51143f36cb63a8c483e91af99a32113c8ffc0cf17fef28a02030f42e7cce85ea60a31a2b30c5238f4cd6ff09c7b2c13edcebc844e409583268b19fb06f060621ef5b56ac23aceb64161a825772ca2afbc26dca462c0802e9f7573fac75f602796654241ab2798fd9f0e69b2fe2c6cc7f0cad2a8d0524dd615618e6f4ec8e7564a993988d73f654bc756f1d15974a30a9ccf16984b2873bcdbed72372e560106f6913d67efc71e08716e630c91885a11a50f893e2a81003ff1c0a2b40a85397218149cc841473354db375b878ff59adf458e0c8f5e900aa586372a2eea6bc71b09b59225dcb2246c40c2db7e2c8e78135b612741378ae32bc5e6c93e2dda38dadc8c8653ce228f9af582d9278fae946e7686af3430216ac5cea194386b5ffc710eabfd21509ef718d428d7651a0c151828f68d48e02925cd121fd2ff7d859000f27f110d71573f28ff4b94c446fdfd61c8291ea8b568665588885c8d9e226088c90e2634641871f5c203525792f5b4d9f434c61abb1eb02491621a5140d4ea33ff68b3f1e64fe660f0219b17ccd15e97278c54bb1cea95b40203b21c509e6e1202dbdc1c230745f92e9a5bd7624199c1a28f005a0232c154b2cbbdbf8c260a99476097fd26719365cd3caab108c6997d45d4a9909e244379c6396d377f2ea4206a0be7b6e15f110cbdcc2d805038b3760fe85b5c6bcd122911782c61f5b99f7e8ac27c15e8d1cc9a56700a1a4ee47d5fc01245f146e541db9830dd51055e2a026d48312cfcbc6d01c0cb7e69f221f487b583569d8eea980cb33c98b4a639b42ebd9701a3b534e753c373be7713aca7f91017a0ca03cd340109c38ecdfdb088d2831c2c8b5effe4be941a37f630cf36298899cd4e33669273f8c1563a247b545ae435d779171d47a4f20152b6cc6ce8d7f2bbed02328bc30cec0a2ca2083d437d8cdcf716f5dba0e715ba293949034e1a38ef804edca325e57ea2951326d2792036e4d0ab81ab3060632c8ebbebe8edfb541a09685f7457a8c75babf989e02ce4067f6d70c003600ad0c80ac6bc123930ff809432df651bfcfa30034bd6613faa173d404b2389c583877484cdfa4fcb448e040096a6e901be5af93404af786685746cea87487a3a2d02f3c85d46a03d6f8069d79fbd0761f348eafa68d5b94d0e3d47b9235fb346e8df8ebac5331e5d1f8fd4e8393ea850bd4a8ca1ec515c778485a67b6eec83682983d2eb1e6c821f0f6922406cbcc9c5b3503852a3563d4034c585bb2ddd2a8f769cd036703639838d41717ec7924cea69c4c4f0c03c6c6deb4703c95e5961a4c25870de639ff5af1ba6ab75bc8f5c31297f7237c75ba98c17286f23e4675e98e7e8c0fa2818ebac7d54fcff9bca31cfc1c27d7dcf80d61ced54181bffb835d547da626378dad87744605b2a7a6b65c7721e82e46b551a244c1cdb9cc73a156e3a975617659d7022e2391797528df4de785f453410e404d902a5160137183a5edefaf5aa3cdb38f5ac6a1e0d78ab8bf40056702b378bfac0a77b7820c8eede042fbf667b4aa1892f4ce688a414e061dc6850fbf0a07ed29cd7e1fbfac10afb32b73d5496f0c0ceac4796cba7b2543e6f005a6123f07c96948c479a5f4d1919db868edea244d54ab4f5c81c133a08752732b33584ecb9fa584114532533fc89a0addd733c047ce4658df2f7ddcd2b9d72be85e73ecc1428d82237d326d4ac741ac533a778788691c304a0e5ad575af9c291b94f0b1e937d3690b33c6616a911e6b1c325344a3c69ae1fa9412a4e7b8b42c151f7046ba61e55f421677210560c4ced2c37cc3d6e93346d3bad1a797a6ffadcdd2c794e38169059d709c318fdbe554194ddf11ff9d2003d2cbe8e50bb6fe3263a96ef241cf81cfc1bd79ecd8c1b96c4d86136d759c53bb0281fbaf02dfacb0e5fb2b241abe133368a26d3c7aeb5f553dcd5b9fae04a172aebe29291aa1cb98da061694669275420b47142e02c9e6b71f422ce7a90aa0624f61f2a0c548b1d1471794777fe1248e23d814f72fd4f5df6c16dfac80b0719d815fc8c53dc5d46eb3a7f5f8d50f468eb346e66ca5093b706817105ab5e33283154883fd3ae62377afd864acea5d6d6989a5c138a71da705f61efbf415826fa880231f40863837bbb86c3f560a6aa54e51362af83b0204dab42205aa461453a0c9f9713f17c8735bc6f640f27d6eaaa5ccc5f9171c81347e3adc7449229e493f546d6a58d5abd8017cf02ad81e616bf645538ae469690b7bd889e0fba0c944c8d574641fa33438da557cccc9bf18e11488bc4e6f5059c25525467285fc1dec36c5e118951bc7d2e44a910f69e0fc95cbc30fd29aacc08fba4835a9e347f6ec3ce3eb1f9fe7c20aec1e21f5a5a65515171ad16e808ea68aacc7aecc3e8f12d6f2f7ad1a62fd4c9a7bee2b20e699aa7eefbd410bd975f1f04744fd160204c0d3bffa6dc10cb08cf940167b5617231f2bf6fdba3d558fd79f8b6599fcb10195acc9eb4ad961bffa90d2384e6cc694bb0781edb2765f0920431493eb2d862550c2847ecf12fcb1122ded38270fc7ecd496771dfc67bc065975c7963e7dc95b9a9ff5b4269b6ec7b8aa4f132b8e5e80f5", 0x2000, &(0x7f0000000f80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x130, 0x0, 0x5, [{{0x3, 0x1, 0x8, 0x80006, 0x7, 0x9, {0x3, 0xffffffffffffffff, 0xfff7ffff, 0x10, 0x200, 0xc4, 0x1ff, 0xf4, 0x8d09, 0xa000, 0x14000000, r2, r3, 0x6}}, {0x8004, 0x6, 0x84, 0x2, 'f\xd3\x92\xd7\x10[a\xdc\x1af\x17\xc6\r\xf6\x19R!:\x10\xfa\x17\xfa\x11S&\xec\xe8X\xf2\xf2D\xb2Q\x8e\x81\x97R\xbf=J\xcd2[>\xc2\xf3\xdb]\x00\xcd\xdaB\xb1\xc1n\xfa\x96>+\x1d\xa5\x8b\xdf5:\xaf\xf6\t\xb8t\xb2\xa0\x19\x8d\x1f-\xf4\x86+E\x87=\xb5\x18w\x8d\x03\xfe\xda\xb7\xe1\x99\xf3\x04\x1f\xe1b\xa5\xca\xdf\x98\xe1<\xb9-\xd5H\xd2\xa5\xb9Dl\xa8\xb96\xa5\xb2j2\xde\x80k\xa5\xaf\x86\x80V\xf6\xd7\xb5c='}}]}, 0x0, 0x0, 0x0})

7.24892785s ago: executing program 0 (id=2097):
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_opts(r0, 0x0, 0xc, &(0x7f0000000000)="c1", 0x1)
socket$inet6(0xa, 0x3, 0x7)
r1 = socket$netlink(0x10, 0x3, 0x4)
socket$inet6(0xa, 0x3, 0x7)
writev(r1, &(0x7f0000000300)=[{&(0x7f0000000000)="580000001400192340834b80040d8c560aff820fffff5bab00070000002058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100030c100000000000224e0000", 0x58}], 0x1)
mremap(&(0x7f0000a01000/0x4000)=nil, 0x4000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
munlock(&(0x7f0000cb5000/0x3000)=nil, 0x3000)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000340), 0x5697c2, 0x0)
ioctl$BLKPG(r2, 0x1269, &(0x7f0000000000)={0x3, 0x0, 0x0, 0x0})
r3 = io_uring_setup(0x66bf, &(0x7f0000000080)={0x0, 0xa070, 0x20, 0x0, 0x377})
mmap$IORING_OFF_SQES(&(0x7f0000523000/0x4000)=nil, 0x4000, 0x1000008, 0x4000010, r3, 0x10000000)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_VFIO_IOMMU_MAP_DMA(r4, 0x3b71, 0x0)
munlock(&(0x7f0000dba000/0x4000)=nil, 0x4000)
munlock(&(0x7f00006d6000/0x2000)=nil, 0x2000)
mremap(&(0x7f00003ef000/0x3000)=nil, 0x3000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
munlockall()

7.038605978s ago: executing program 3 (id=2098):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_COALESCE(r1, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r2, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r3], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r2, {0xffe0}, {}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0) (fail_nth: 2)

6.230229348s ago: executing program 4 (id=2099):
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000b80), 0x2)
ioctl$UDMABUF_CREATE_LIST(r0, 0x40087543, &(0x7f0000000cc0)=ANY=[@ANYBLOB="0000000003000000", @ANYRES32, @ANYBLOB="00faffffff4000000000f2000020000000000000", @ANYRES32, @ANYBLOB="00000000000000000100000000f0ffffffffffff", @ANYRES32, @ANYBLOB="0000000000000000010000000080000000000000"])
ioperm(0x284, 0x7f, 0xe3)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pread64(0xffffffffffffffff, &(0x7f00000001c0)=""/73, 0x49, 0x400000000000000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0x13, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="66296c16b3dcffec5edb24880a36941acd260a00000000000061117200000000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f00000000c0)=0x198, 0x4)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'veth0_to_bond\x00', <r6=>0x0})
sendto$packet(r5, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x11, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)
recvfrom$packet(r5, 0x0, 0x0, 0x2000, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f00000003c0)={'ipvlan0\x00', &(0x7f0000000180)=@ethtool_sset_info={0x37, 0xffff, 0x0, [0xecd, 0xfffffffe, 0x3, 0xff, 0x8, 0x2, 0x6]}})
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x22806d, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

5.740211691s ago: executing program 0 (id=2100):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x28, r1, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x28}}, 0x0)

5.138173305s ago: executing program 5 (id=2101):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = fsopen(&(0x7f00000003c0)='tracefs\x00', 0x1)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)

4.788722652s ago: executing program 4 (id=2102):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'wpan1\x00', <r2=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wpan3\x00', <r3=>0x0})
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x30, r1, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x2}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000081}, 0x20000800)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000200)={'wpan1\x00', <r4=>0x0})
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000240)={'wpan3\x00', <r5=>0x0})
sendmsg$NL802154_CMD_GET_SEC_LEVEL(r0, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x6c, r1, 0x10, 0x70bd2c, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r4}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x300000003}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r5}]}, 0x6c}, 0x1, 0x0, 0x0, 0x4000}, 0x8040)
r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r6, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x24, r1, 0x200, 0x70bd27, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r3}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r3}]}, 0x24}, 0x1, 0x0, 0x0, 0xc0c5}, 0x20000010)
r7 = openat$smackfs_syslog(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
writev(r7, &(0x7f0000001780)=[{&(0x7f00000004c0)="01c7eb28b8642eb5cb777e5c76626dae984eeb53dc9c72b6d333034ecf01fdb6f2f16461166bfe3af81ad3d93f48e77b3bf6fb46a81ce232b4c20a5fe887b18391be639a77c587649637e8c6c729f9665e665c9d9199288ee69f4a2b10efc28889ffb746a8a48be180521fd2f87284c1fcb6d7f1851ca460d64ca412aff4c29260cc19519e2480df28cb0e96", 0x8c}, {&(0x7f0000000580)="734a1e0444b727c3d04b87c1f6bff3d6edd1a6e76b957d76e136ba7218ca52d6dfdae0a14604a811424c441c7af8a8e96a95236c4204857233a91f807ed899854aab9747be55507327f86f67044edac08c70b6356b6a14c92325fc5078a4928abf418d8265e4b575415ba1fbeae8f339aaedd4e14d1f21cfe3792585a0b4d223b4c100a779b986da8843ae7f37ae848e25ccac58e1a4a38f4c955ec1c10402b56ed08449d019f92fe92b4a399e07966bb30732282fea6f01a0c853111c62ac76b4efc1", 0xc3}, {&(0x7f0000000680)="19c03ca77576c8e051c3cbb1e3030ce460c5661786034e4326f4b824e70f26ebfe1a7afd8c4b77e83c74e4b6ee10981aa235de62939076758ce52f39b09001298d927d8dce03b1774196e70167a21f43b20779132f8ef34cd5a8468f1ab62658716609c79f73a1b5dd1b5657773308f2e79316ba0688cbcadd2a2ee6d83aaf6ddc", 0x81}, {&(0x7f0000000740)="8ee8a5b40f2b77c7429c236f8b73c8847c8044995465076a9825f8b3a9ccf9d7", 0x20}, {&(0x7f0000000780)="5dad5be78f01169e2fb91c57d648afa176a385996d9440466632f1b802d0818b50ec53745570d7246ddd3bd695e144e8542f74087adf849194bd004e079c0da33a0d31841a14c2b637b1c228a1f557765656cfcad6a3b5d57f90c16d75a05970589e39777bdae98274afcf8bb325d2ec2b4e005c1a9c37e0a95616999a1bd4d35040dde6aa88482691ea391294d1668ac0d0b7afdab134b9b5fcd5eaa06cf279fe271077ed9c4b07c6b1f229b57695cbda70a8f44d5d0533b96b40ee195e5a9ee20f5e324547605ecae353e65ce7726b133a9f180c2f69b92597486a635f1937c08c6f8afbff29d8d3edbb6c992f25f78577837696cb87534a335bbe4f45723f376f4236ad5204ba75298b02b3493f5e6b348d35c830481b4641fb699bf2c3a849600e1abcdad644ccd8669bd8834f5a24d637fe0c9c2e2d75e1053445fce592c314bce5bfb04aeea65ee0254a5814b236c4cc72119c7aa66cadf21dca9de03f699001bd9eb7f1d5f74e743a93fb400e437b52fb782254a2094e38133a335c8171ba74cd08727ddb8338a2acf85bdcd8d605aeae6bf358611fc1d3655dcd6f6d212b84bfe202e11e28b69c9d3eb288552674dcff38b7accc2186ed999f2b3e761d9e3c5ad8516ae9937ed257741cac9dc5d7c8821a556d4b5de55e5173a75f5ba8881e55061dc8835c5a75aafdf4d58fc3a5bba83b8b015366666b483b9de19c391c5e84dd38ebca0651ac6feedd39bf15e0b6d25064785d2cdb3353a226eaf53c868ae4adfb393a03da58b57024bd8d86748ef4f2f689442010a68629c0290369504dfe41a9c09eb8e8a989b0c6417ee7281c277ee4a9fe987257b74cde71726091ac5c74283baa608905c866793e56e3ef2a6e51defe5707e807770a148691fa96f0a86b4f47c1804424cdf47e1bb1b1e6c2eeac8d0412988387aa4805ff17e50789c9c32daa9012e1e9755bb544c6c4f0f55a6297d860afea24123d9823e0f35fec57da2239207cf012a1be72186ac41dfa57f60f31133faa186c7348f0fddea2bd720a627bff3597f8f222da321f2b6038f8073bd67d8031441617f06dd3b7d31da9458693c804589020bfd168bc0de211ace2e26ba4364740c5cd487c1cce7312fb19b1c343407fc28f3a1492fe2fdb9e961316b55ed14b45bc14895b7d1af5ff8af41ccf5d31db7d40b64eb8af7aedc7e3cac8fd0bd114a7f8cf220678ee295fca7a829f1e2824740a018c3ddca6edc7748cbc4382eb5cf2a1ba2a2288b7f109e6492823ca306d83dffa596eab673195fd45997dbda386796acad910dfc66dcb829ff77caa7079a8d2025db735dcb27a9b663dd4163e05ffb3123bf4ad57c5ae9411546ccfaf2425b70d7ea6665c465a647a2ec5436fb4044cd41bf3892438eb02c974ebb54ce25610c84f21c6028d50286663c49bc009fc56c09248534baf1f1afbe95aff341dcf82c9a046934893d35661f152b44ff2f12f4bfe47865a493ceafd4cccff23089fb4e279e641f397f52c5086fd21299ed136379a6f3b864d31a5b3db9911b847f643b0ea191f23d69d3a16f66f35c49c24b8de97eaf1cbd972a41cb592035d7e8395d608e21b58a4fbb02ef2dfcbfa5b771631ec81796330d17470c6f6475c441262c578b7a8fc45e6fcddd26d44dad7f4ada0245dd8fcb530d7a6053735a54d0f29300b58f707e395496648f5141dc831f5b174d017c7880eeec3a1e7349f44cd662d5092d89d8133ff7310ac74b7b79b2fcc940fa1fd4ceec5b4c1f046879482f8caf0cda56fe7279790ce878439d48c9f16c86606cd8c56135611f3d77daa7e570b04590c44410982b1d34a0ae959300c1aec813af234eaad789b12cea56293afa164680ca354a032f92f5f0ba93b7512fcd377c5e4b10a008fcc8532b82191f31069ba9a9bbe4639e089591a42fd5d0e331ebed0f3407fe3c0a9bf748e54bde38a4753f8d3dc855487885ac84b9d4450de5324b08e6ba01461f236204bbdebb22bc4eab05502c7e58a2624c892a10027ec21f6d29efbd0db19ad309e205718abfb58d3d7c5c399fb9fa31009494c45df4c3684462167ad0fcb06671d3992d33381ef5076048efd9bab0624d39192e5889050d849caa6687d2896dadce23b9795893b3f76d39349335f317f93cc00fe4cd2dbcf93133b69c78e0c79f8fde2a78ffdcefd42b94727bd512a2832dc7c5d909300b2b0d1f2d51bd61ea2f92e0e113d8ac153dd804d9965dc3ede8282a9ae68ca95ed8d448f576aa7e5e5aceeff4c3e611d99795235da70635367453cb477528658bc054abbd841223b898e37118026ae7ab10663c697e0d4135e0e667f8308e1d1cdae4110c683a053877dd1ea5126cac59518478498f09b5f135fbf1cf3224c9aff71fe87a87bc12437dd0f89e4b01106401aa83b36e6d188e3f43b4510f643e64a9fb13867b5b131a66d87cde21ce82e51ddeb1c17dc02abd16179b1a9041f0269b4a7d6036d61a14d8018a3f5aa0048f9d48fb0a3464f95dbb5b4d7e937bae6133b2c046aef38976724e1dc2a2e582ad3d776a884d00f842196c02fd75903cde6c5cbc836ea5f385fc876a9e38be025d84f3105f2482c839259b1c93eddd29a6250296e124d27cc85661604a17958973a5d746c26e7392e691e817b9f6306c8246706a9483082572ae4efba0c8356df640146533d8a146c4572e8671e9b1330b4a43b4e74107be7e10370fa2f256d4add7003e242c0b3005f30b947fc4df9418a79c9518428bd2092cb815010048c06359a2f44c189051b3e7adb6d9818cfcfd6345b271ef69090fc7148f8289b3d97de1e7c378cef3d0bfaf10acb1ec0700ddfe0498b3179ce38cb1d1f6463d4c809b3bfb76fbc8d93866ae02218cae2cbf71a97d05f8bbcf38034fb0dcc82e4908ebed9ffc5ff099349a0b17126bc7664dd70f43e24b750d677a15a28936259485444eb53c863e1f1830cf15a5b3174dcb96fa2f69a821bdf06607595485fc818121136e473a1727fa660516714517454282b4d98de33b5f3b2266701280a9c31040adeaf2d66995baa8a06614d4b9f83098f36f31c6f14a8b6667381f9a5a95c670d34f2d4b4514e5a6964ad1f62faba5ad722005a4deaa598ac4e3005855e6b93bbdcaea3c2e87b2466ce7ff8a3965d490c7f550886e3c48ea9768c5b94479380d63afbf208f30aee9f63f1cb010a6c0a45202e42ba2d43c488ccdc5bf2e88505252764e17cccd8e1988a3a1387b06fc77bb1465fea7db2cb637a6a07c9dce80c11c2d206465d45d6746f401ec2c5cbda2d7011677ab03b3ab6287e5343a4a5b6ba5b115600bafba8d81a0bd198815bb108ecc15636c5833f0424944f0632bdd58efe529ae0d2b1babc144c7e7f19af2c4e3d3a4e63da09e6cb412e9142aa9e27ffa2f61dae433a1448e796d9810d6917c9d5a6e518c6d2bb7200b045d92cc45b59c13be6649b973b10173dbfd67844bfb737a30521db1dd3c080694f98bb92f5b84c8f264286190fb72ec9d0688b2690fac186f7d4443fa60956888b7bfa75c24a52d393939a50090191deabf6a77747251189700284dbecf2105d21f06e554a7b480371036d2da2f54113d9a9ec2a0f7fef79e90939ed6bac19db4a1713b7a462abf607e8f098f1463ee7032098acbf416ceaf1fdd6ed4248bc6769b9005caaf9a9a79e56b8bb362cc1f49c14b3b1849603e643d0cef3c6c5f87f6fa5618b0f70c05b7de4c94bed20263d5f32d129d76c5e5ede56d352e5b6cae1cf6310a86e054d023958f624aa973c68ea08a7870e1c3ec6ad6e85badb6f717bf932c961ae031d9e0ac70a49deaccc5ce2bab5e534fd4f5cbe0144a2f8b1a6609d88ef8a55f59caa4577a0817e252794bbc3ede3be42502ac3dc36394076b856d36c9a90316ea9efed912fefc9ad6ba4d42bfe0305f83e6e43a73b51b67d828b8455520e847c17e53dc150de45509f2fbf1babc82c6d7ba3505ca906daf026479937157fe5ec2d923cd1855e53392c127ee1745cc324b7b37cebad7e4268d29a7b4ab31982f93c5ef2e507c58ca53a886874260aa2ca27ec62cb997d4402081de68599b9d6acfbe56210a9af8b51ff0b0620152807c0b71f46fb9695af678b2e073c1ade3a9a3f65a53b9caac655f7e8a4942fead5de17b47de99330dbd21590ac8eae5d416a2e95c668692d93f67a42137b8e7b6a9ac473d4d04a4a4d03401c6214778a733350ea3c90b2ff5e0cfd25dfb7371bd8922fea0d2080874dc053b9d7656115e360386ed906164b81270d91d7e1d6b25906148e08b363ea61ca5db07d00f05a5cc73424d3de3f7761cebb4261fc9912c6bb201c0718df249ec5b9efc77baea08078fda2e6d775b9bd08baf6b0255da57aa772256781112b67aac2b88d785736a616f84a46163cb77fd4467e9023c2fa3f9382ac6077c0f3b79c025b79d6c97186eacd99f0cff93c738616e1c6d3afa838c625e4ef9cfd145ca42c4a2219d7b98bb2b6bf08369388dbee4f8f4e9fe8d91fa78531627c29def383bc60a1a4f1d9e47f85b50a35a5ca5d9cc6b2a5604032f345517166955b30f38b75eae874079deb2af542589d1b386a7440a04e343e4ff7d2912e4010e398b529eecc88f05fa5202594694204442b1e8a283ec27eec70312127e6dc5fc1f2baf2a207c4a14384b576a51f5613fc42962e263f6a33e52457ac23f22618813728082e58ca5187ee0762666593a79a5d49c65975b2b45e6ce3d1a3c07f1c10b52f765f8d634ab58f1323975fb69670dad9d24e96e48c7b5d2fe5853bf28267f335025fcbd3e33246775678c06eb155064457ccc277249ff5de028e1df599d5d32d99ceaf18dc529495665861b674fa514e89b6aa2c97769bde426633aab5b5d6f0ae88cbd902b96ad35c0578166a41b5832d0c25d4c7af93a30c6be881a4b2eacd65baad373e1917dfef2ab4810f45e682f3967c0afd9d0e5ea24a3b3def33cba0f6a347dc691379e93637376adcbaaaedac119261b7da348438d91253d6351ffd341bd5cc70db2edb60b7ee4e468d54e93535b682521cad1f7aea79efa05d4a46d74b8954e1bd5957a7966083d817df44262d0e0f016c5f80364d7385142fe71e9d7f31da14c941cd1b407dc7966891dd3d07366f39fd0f9528b29f121981d1a43683cb96d4e6d8256409591932fac9c1f044c1c86cf5f902977380d94dd5f4cbfe46933e26c5206edba474f56a5293dce7907ed47681cc3c078bbfe2c7a062fb1042442383ce1db2d68dad49e66d35aa362c18ee9bfdf8fe560866efd75ef952868985fc9e38367e70a55cb77ae12571e3478080e6e751dd04d319507f24a28bae3eb996e2b728c015615372d1770eb9ef85f2e7c44332206f679ab393bbae2daa0db3375390bfb40aeee447f8a092bcc4e6c0350ca3cf732cd21d83aa7780e05e201d2a89ef08d814bd43170bd9c8bf86789abe9231b42be9d6d7706671cd0932f3b6fe6ea78d84159f9078ca404d7247db41afc785fb63f4021cdc888823848045cbd8b2beb2863b4808b20f5c1800cb76edff7cf83e8548562f719a6a22d2f0490e124f5afc5c68fc072874ab1fba2573f9489c92a8f2129c2391052082093b75f3c98a0595f0d367415653a179344aa626d19fe1fe023811802fb1d9a2370902fffc21e2744e7716761744dda2501e4901aa9c9317380c8e9bf58d4d0ebf3f935f5dd37b7cb735668a8e4bd0722b42596a510c7d966b26480c0927a767bc42bb5ff4a12f168e26e77e04f4493edb3ad0e27be6e734cb1ff2", 0x1000}], 0x5)
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
clock_gettime(0x0, &(0x7f0000001b40)={<r9=>0x0, <r10=>0x0})
recvmmsg(r8, &(0x7f0000001b00)=[{{&(0x7f0000001800)=@rc={0x1f, @fixed}, 0x80, &(0x7f0000001a40)=[{&(0x7f0000001880)=""/27, 0x1b}, {&(0x7f00000018c0)=""/77, 0x4d}, {&(0x7f0000001940)=""/80, 0x50}, {&(0x7f00000019c0)=""/74, 0x4a}], 0x4, &(0x7f0000001a80)=""/98, 0x62}, 0x1}], 0x1, 0x140, &(0x7f0000001b80)={r9, r10+10000000})
bind$bt_hci(r8, &(0x7f0000001bc0)={0x1f, 0x4, 0x2}, 0x6)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000001c00)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
r12 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001c80), r6)
sendmsg$IEEE802154_LLSEC_DEL_DEVKEY(r6, &(0x7f0000001d40)={&(0x7f0000001c40)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f0000001d00)={&(0x7f0000001cc0)={0x3c, r12, 0x8, 0x70bd2b, 0x25dfdbfd, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x3}, @IEEE802154_ATTR_PAN_ID={0x6}, @IEEE802154_ATTR_HW_ADDR={0xc}, @IEEE802154_ATTR_LLSEC_KEY_SOURCE_EXTENDED={0xc, 0x2d, {0xaaaaaaaaaaaa0102}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2}, 0x20048896)
nanosleep(&(0x7f0000001d80)={0x77359400}, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000001f40)={&(0x7f0000001dc0)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000001f00)={&(0x7f0000001e00)={0xc8, 0x0, 0x800, 0x70bd27, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e24}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x5, 0x8, 0x8}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @rand_addr=' \x01\x00'}]}, @IPVS_CMD_ATTR_DAEMON={0x34, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'sit0\x00'}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e22}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'bridge0\x00'}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x2}, @IPVS_CMD_ATTR_DAEMON={0x28, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @empty}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x6d}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x6, 0x7, 0x4e21}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x7fff}, @IPVS_CMD_ATTR_DAEMON={0x18, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'ip6gre0\x00'}]}]}, 0xc8}, 0x1, 0x0, 0x0, 0x48080}, 0x3404c041)
sendmsg$IEEE802154_LLSEC_LIST_DEVKEY(r6, &(0x7f0000002040)={&(0x7f0000001f80)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000002000)={&(0x7f0000001fc0)={0x14, r12, 0x200, 0x70bd29, 0x25dfdbfd, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x4000)
r13 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
r14 = syz_genetlink_get_family_id$nbd(&(0x7f00000020c0), r6)
sendmsg$NBD_CMD_CONNECT(r6, &(0x7f0000002180)={&(0x7f0000002080)={0x10, 0x0, 0x0, 0x8080000}, 0xc, &(0x7f0000002140)={&(0x7f0000002100)={0x38, r14, 0x100, 0x70bd2d, 0x25dfdbff, {}, [@NBD_ATTR_BLOCK_SIZE_BYTES={0xc, 0x3, 0x6}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x4}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000080}, 0xc080)
r15 = signalfd(r11, &(0x7f00000021c0)={[0x8]}, 0x8)
r16 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002240), 0xffffffffffffffff)
sendmsg$NL80211_CMD_DEL_NAN_FUNCTION(r15, &(0x7f0000002300)={&(0x7f0000002200)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000022c0)={&(0x7f0000002280)={0x2c, r16, 0x200, 0x70bd2c, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0xc, 0x77}}}}, [@NL80211_ATTR_COOKIE={0xc, 0x58, 0x1a}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x20000c1)
connect$inet6(r13, &(0x7f0000002340)={0xa, 0x4e20, 0x1fca, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)

4.684271086s ago: executing program 3 (id=2103):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r3)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB, @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c0001006272696467"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001240)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000001300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001380)=@newtfilter={0x30, 0x28, 0xd27, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r4, {0x3}, {0xffff, 0xffff}, {0x0, 0xb}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}}, 0x10) (fail_nth: 2)

4.675340342s ago: executing program 1 (id=2104):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000500)=[@in6={0xa, 0x0, 0x0, @private1}]}, &(0x7f0000000340)=0x10)
sendto$inet(r0, &(0x7f00000003c0)='@', 0x1, 0x0, &(0x7f0000000380)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x7b, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r3, @in={{0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, &(0x7f0000000180)=0x9c) (fail_nth: 2)

4.639007345s ago: executing program 0 (id=2105):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
pwritev(r2, &(0x7f0000002140)=[{&(0x7f0000002040)="bdfc670089bd5a7346539b24c87f089705b039682c5f1a7de85d55103e2823e92f47c87f69df1f03df2715b18153a0a2ff7f3b53c7bcefbb81371e0dc4b5dc5de22b7e26412fb67761919bf61f1e4373b72fefdf74e7fd0501d763a18a6e4fd2f58bb4085e8f09d9a0c2ce08", 0x6c}], 0x1, 0x219, 0x10001)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r3 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r3, &(0x7f00000001c0)={0xa, 0x4, 0x3ff, @empty, 0x1}, 0x1c)
setsockopt$IP_VS_SO_SET_TIMEOUT(r3, 0x29, 0x48a, 0x0, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
r4 = syz_open_procfs(0x0, &(0x7f0000002700)='cmdline\x00')
read$FUSE(r4, &(0x7f0000000000)={0x2020}, 0xfffffc7a)

4.320164313s ago: executing program 1 (id=2106):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
pwritev(r2, &(0x7f0000002140)=[{&(0x7f0000002040)}], 0x1, 0x219, 0x10001)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r3 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r3, &(0x7f00000001c0)={0xa, 0x4, 0x3ff, @empty, 0x1}, 0x1c)
setsockopt$IP_VS_SO_SET_TIMEOUT(r3, 0x29, 0x48a, 0x0, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
r4 = syz_open_procfs(0x0, &(0x7f0000002700)='cmdline\x00')
read$FUSE(r4, &(0x7f0000000000)={0x2020}, 0xfffffc7a)

3.62094337s ago: executing program 5 (id=2107):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$kcm(0x29, 0x2, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r2 = fsopen(&(0x7f0000000080)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
symlinkat(&(0x7f0000000140)='.\x00', r3, &(0x7f00000000c0)='./file0\x00')
openat(r3, &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x0)
newfstatat(0xffffffffffffff9c, &(0x7f0000000300)='\x00', &(0x7f0000000340), 0x1000)
r4 = accept4$unix(r3, &(0x7f0000000000)=@abs, &(0x7f0000000100)=0x6e, 0x40000)
connect$unix(r4, &(0x7f00000003c0)=@file={0x1, './file0\x00'}, 0x6e)

3.084427214s ago: executing program 4 (id=2108):
setrlimit(0x1, &(0x7f0000000000)={0x10001, 0xff})
setrlimit(0x3, &(0x7f0000000040)={0x3d, 0x7})
getrlimit(0x3, &(0x7f0000000080))
r0 = gettid()
prlimit64(r0, 0x6, &(0x7f00000000c0)={0x0, 0x8000000000000000}, 0xfffffffffffffffe)
read$FUSE(0xffffffffffffffff, &(0x7f0000000100)={0x2020, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x2020)
prlimit64(r1, 0x4, 0x0, &(0x7f0000002140))
getrlimit(0xd, &(0x7f0000002180))
openat$iommufd(0xffffffffffffff9c, &(0x7f00000021c0), 0x4000, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000002200), 0x200, 0x0)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
splice(r3, &(0x7f0000002240)=0x80000001, r2, &(0x7f0000002280)=0xe, 0x6, 0x4)
close_range(r2, r3, 0x2)
umount2(&(0x7f00000022c0)='./file0\x00', 0x4)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
prctl$PR_SET_IO_FLUSHER(0x39, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000002300)={0x1b, 0x0, 0x0, 0x8, 0x0, 0x1, 0x7fff, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x5, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000002580)={'syztnl1\x00', &(0x7f0000002500)={'ip6_vti0\x00', <r6=>0x0, 0x4, 0x5, 0x5, 0x7ff, 0x8, @loopback, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x1, 0x10, 0x6, 0x8}})
ioctl$AUTOFS_DEV_IOCTL_READY(r4, 0xc0189376, &(0x7f00000025c0)={{0x1, 0x1, 0x18, <r7=>r3, {0x6}}, './file0\x00'})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002940)={0xffffffffffffffff, 0xe0, &(0x7f0000002840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000002680)=[0x0, 0x0, 0x0], ""/16, <r8=>0x0, 0x0, 0x0, 0x0, 0x5, 0x2, &(0x7f00000026c0)=[0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000002700)=[0x0, 0x0], <r9=>0x0, 0xaa, &(0x7f0000002740)=[{}, {}, {}, {}], 0x20, 0x10, &(0x7f0000002780), &(0x7f00000027c0), 0x8, 0x9b, 0x8, 0x8, &(0x7f0000002800)}}, 0x10)
r10 = bpf$PROG_LOAD(0x5, &(0x7f0000002b40)={0x16, 0x6, &(0x7f0000002980)=@raw=[@alu={0x4, 0x1, 0xd, 0x3, 0x8, 0x50, 0x7ffffffffffffff6}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}], &(0x7f00000029c0)='syzkaller\x00', 0x8000, 0x40, &(0x7f0000002a00)=""/64, 0x100, 0x1, '\x00', 0x0, @flow_dissector=0x9cc10533f9c4e2ee, 0xffffffffffffffff, 0x8, &(0x7f0000002a40)={0x9, 0x1}, 0x8, 0x10, &(0x7f0000002a80)={0x3, 0x1, 0x5, 0x2}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x2, &(0x7f0000002ac0)=[0xffffffffffffffff, 0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f0000002b00)=[{0x2, 0x5, 0x10, 0x8}, {0x3, 0x1, 0x9, 0x7}], 0x10, 0xd, @void, @value}, 0x94)
r11 = syz_open_dev$audion(&(0x7f0000002c00), 0x9, 0x145400)
r12 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000002c40)='/sys/kernel/debug/binder/failed_transaction_log\x00', 0x0, 0x0)
r13 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000002c80)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x1, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000002dc0)={0x1a, 0x26, &(0x7f0000002380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [@btf_id={0x18, 0x2, 0x3, 0x0, 0x4}, @map_idx={0x18, 0x7, 0x5, 0x0, 0x10}, @printk={@p, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @printk={@li, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x4}}, @map_idx={0x18, 0x0, 0x5, 0x0, 0x10}, @func={0x85, 0x0, 0x1, 0x0, 0x3}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000024c0)='syzkaller\x00', 0xa, 0x0, 0x0, 0x41100, 0x0, '\x00', r6, @tracing=0x1c, r7, 0x8, &(0x7f0000002600)={0x6, 0x1}, 0x8, 0x10, &(0x7f0000002640)={0x5, 0x1, 0xa, 0xa}, 0x10, r9, r10, 0x6, &(0x7f0000002d00)=[r11, r12, r13], &(0x7f0000002d40)=[{0x4, 0x3, 0xa, 0x5}, {0x3, 0x4, 0x9, 0x2}, {0x3, 0x1, 0x4, 0x6}, {0x1, 0x3, 0x7, 0x7}, {0x1, 0x3, 0xd}, {0x5, 0x2, 0xb, 0x2}], 0x10, 0x9, @void, @value}, 0x94)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
lsm_list_modules(&(0x7f0000002e80), &(0x7f0000002ec0), 0x0)
setsockopt$inet6_opts(r11, 0x29, 0xf, &(0x7f0000002f00)=@hopopts={0x32, 0x1, '\x00', [@jumbo={0xc2, 0x4, 0x800}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @enc_lim={0x4, 0x1, 0x80}]}, 0x18)
accept4(r7, &(0x7f0000002f40)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @empty}}}, &(0x7f0000002fc0)=0x80, 0x43e32c87b19a1d00)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000003340)={0x11, 0x7, &(0x7f0000003000)=@raw=[@call={0x85, 0x0, 0x0, 0x43}, @map_idx={0x18, 0x5, 0x5, 0x0, 0xa}, @map_val={0x18, 0x5, 0x2, 0x0, r11, 0x0, 0x0, 0x0, 0xffff0001}, @btf_id={0x18, 0xb, 0x3, 0x0, 0x5}], &(0x7f0000003040)='syzkaller\x00', 0x2, 0xd8, &(0x7f0000003080)=""/216, 0x41100, 0x5b, '\x00', r8, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000031c0)={0xa, 0x1}, 0x8, 0x10, &(0x7f0000003200)={0x3, 0x9, 0x1, 0x7fff}, 0x10, 0x0, 0x0, 0x4, &(0x7f00000032c0)=[r7, r7, r7, r5, 0xffffffffffffffff, r7, r7, 0x1], &(0x7f0000003300)=[{0x4, 0x4, 0x0, 0x5}, {0x4, 0x2, 0x3, 0xc}, {0x1, 0x4, 0x5, 0x8}, {0x5, 0x2, 0xa, 0x2}], 0x10, 0x0, @void, @value}, 0x94)

2.87616114s ago: executing program 4 (id=2109):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x11, 0x4, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x9ccb}, [@call={0x85, 0x0, 0x0, 0xb0}]}, &(0x7f0000000200)='syzkaller\x00', 0x5, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, @void, @value}, 0x94)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r2)
sendmsg$DEVLINK_CMD_RATE_SET(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={0x44, r3, 0x1, 0x0, 0x0, {0x2a}, [@DEVLINK_ATTR_PORT_INDEX={0x8, 0x58}, @handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0x44}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
getsockopt$inet6_mptcp_buf(r1, 0x11c, 0x2, 0x0, 0x0)
move_pages(r0, 0x4, &(0x7f0000000040)=[&(0x7f000076a000/0x1000)=nil, &(0x7f000066f000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil], 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0], 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r6, 0x4b67, &(0x7f0000000080)={0x0, 0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="1800000024000103000000000000000001"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)

2.421325279s ago: executing program 5 (id=2110):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x1a1300)
r2 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r2, 0x10d, 0xf0, &(0x7f0000000000), &(0x7f0000000280)=0x4)
read$FUSE(r1, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x2f00, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="e3ff0000000000002400128009000100626f6e64000000001400028005001b00000000000500010006"], 0x44}}, 0x0)

2.363959035s ago: executing program 0 (id=2111):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xe, 0x4008032, 0xffffffffffffffff, 0x2000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440)={0x28, 0x0, 0x2710, @host}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
sendmmsg(r1, &(0x7f0000000e80)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000240)="7c220752098d1a03003fb4d50b17b9653538f559e8ca1a63dfa1a8f54135abe90913a7bb3930c14e8d1808268429578d92871b8681b42a7a264d4c578a7c26845616d98fc09729e3d8c0aa68e95af732c067f9dd1d9fdd4ee2008561e5a690de23248e60f4ab6390f520377d0a68cc822a17c773be19ee5b51b2428acd21725b17f5fadc10e18e574983e260010d619f74dd4c30", 0xc1}], 0x1, &(0x7f0000000480)=ANY=[], 0x170}}, {{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000f40)="f48f2d", 0x7313485bca3e9141}], 0x1}}], 0x2, 0x9840)

2.301254707s ago: executing program 3 (id=2112):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x213)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x800}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
pwritev(r2, &(0x7f0000002140)=[{0x0}], 0x1, 0x219, 0x10001)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
r3 = socket(0x2b, 0x80801, 0x1)
connect$inet6(r3, &(0x7f00000001c0)={0xa, 0x4, 0x3ff, @empty, 0x1}, 0x1c)
setsockopt$IP_VS_SO_SET_TIMEOUT(r3, 0x29, 0x48a, 0x0, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
r4 = syz_open_procfs(0x0, &(0x7f0000002700)='cmdline\x00')
read$FUSE(r4, &(0x7f0000000000)={0x2020}, 0xfffffc7a)

2.228633434s ago: executing program 1 (id=2113):
unshare(0x6020400)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = syz_io_uring_setup(0x231, &(0x7f0000000240)={0x0, 0x15d2, 0x30101}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_WRITE={0x17, 0x0, 0x4007, @fd=r0, 0xffffffffffffffff, 0x0, 0xffffffffffffffea, 0xc})
io_uring_enter(r1, 0x7a98, 0xd75a, 0x0, 0x0, 0x41)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x2c, 0x41, 0x107, 0x0, 0x7, {0x2, 0x7c}, [@nested={0x4, 0x31}, @nested={0x12, 0x1, 0x0, 0x1, [@generic="0d21a35edeab", @typed={0x8, 0x110, 0x0, 0x0, @fd=r4}]}]}, 0x2c}}, 0x4010)
r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
unshare(0xa050200)
sendto$inet6(0xffffffffffffffff, &(0x7f0000000000)="c5", 0x1, 0x41, &(0x7f00000000c0)={0xa, 0x4e23, 0xffffffff, @local, 0x13}, 0x1c)
r6 = socket$rds(0x15, 0x5, 0x0)
sendfile(r1, r6, 0x0, 0x4)
setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, 0x0, 0x0)
r7 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140), r4)
sendmsg$TIPC_NL_MEDIA_GET(r4, &(0x7f0000000500)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000200)={&(0x7f00000002c0)={0x210, r7, 0x800, 0x70bd26, 0x25dfdbfb, {}, [@TIPC_NLA_MON={0x3c, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xc}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}]}, @TIPC_NLA_BEARER={0x9c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_NAME={0xf, 0x1, @l2={'eth', 0x3a, 'dummy0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e24, @multicast2}}, {0x14, 0x2, @in={0x2, 0x4e21, @broadcast}}}}, @TIPC_NLA_BEARER_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_MTU={0x8}]}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'bridge0\x00'}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2}]}, @TIPC_NLA_BEARER={0xe8, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xf274}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0xff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0xff}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x9, @mcast2, 0x86}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8}]}, @TIPC_NLA_BEARER_PROP={0x24, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @multicast1}}, {0x14, 0x2, @in={0x2, 0x4e24, @broadcast}}}}]}, @TIPC_NLA_LINK={0x34, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}]}]}, @TIPC_NLA_SOCK={0x8, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}]}]}, 0x210}, 0x1, 0x0, 0x0, 0x4000000}, 0xc090)
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, &(0x7f0000000040), &(0x7f0000000080)=0x4)
unshare(0x40000000)
setsockopt$netrom_NETROM_T2(r5, 0x103, 0x2, 0x0, 0x0)

1.214166322s ago: executing program 4 (id=2114):
userfaultfd(0x801)
openat$vimc1(0xffffffffffffff9c, &(0x7f0000014f80), 0x2, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
pipe2$9p(&(0x7f0000000080), 0x80000)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000080), 0x62}, {&(0x7f0000000280)="06010000246837f73199aee6fdb9291b3091ec1a2d41d2271b00d8ec030f5919f397867997f9c0efa9c9092a31cdbb98ea272787afda0af59a320709c3a59ef05c6f40ceafec53f48d6186e7d8409e35306221caf67b370d875eff3191932728e5ab6c9a3acf6ccee3e352c898f5744abaedfb53f92c37acb126bd143f3e9cdfcf25a8d6129fcc3a141c3f5ab6db772f87c787817a9b699dd60732d952716b103bc1e91ac5b1ed92f35389580994bb0df9bce07e7a80921888f984139f488d256a67fec0cbb5c4e93d5c151d97f676ab93b1efbd46f600dc964231e3257bf358448fddf894c0cdfa9115adbe5b19bc912fcbc8aac7719b649b1ff1267491da", 0x682c}, {&(0x7f0000001480)="d1ffacd516de50ac9d15bc75316da4defa1e72f65a65cdd26dcc389aacf7856da9aecf3765d4c032e1960faf25bad906b7d3440b6e71a82f1d8f8b8db35b6091f3af94c6b46b9ab10fe3923f268771078d2668be7bd3eb941d4bb5baa8547e36283a065ce5766cbff3a8fc37fc4507643d3786bbf231d3ed88cb8b01eab14e4372cf4f89bd1b853caa5d9f07f523b9dfa8cc09053ff36fde08e96fb6b3acc196b1bd1e2d3a6c65f585df7e2b8b17439a7ab29a7dfe642c2f0ac7a81eca8073b559663f2daf7a0832b2b09557794a21bf114831f8e6db3922d0cd169e5a8b4adc95d7322ee75944de15f57780b88fef7f3d9b256705ccfa2125b43ce8e3aacaead963cdd7f792f14c9b24493f9f830f6de8da93bbd4357095631adec14224dd9bb049e826f3a49624393e6a031103faff0902ba88ae30af4a61caa77ff956214196fcf3c5536d823284306f367afcb46fb43231911cc53091671e7d853ebf015241b18e9fb6ac6d9a7a1b05dfd6d9e56a51567cd8837dd045abf6b85550f0dd8dded43147ab9bfadc18b9984699d5d875cb21a95a7f584d8c466d033df75193f9ae58b85cfacc54f6c6e12a0debe40ee361a839563bc2cb64271672a55370c2b035b482074ce2487ef8a3bc1c68856e6e09539276d961a0c647f1ee3237496fc99623e8fd33faf7797d86a88dcee152d15e10739bcbbd6077b76867e291f350d999024c12faf81f83792f48f7f6dd66aa6854e460ef7f8c755f3a6dd76509ea0d2db39057a5129185b2fb11546cd5d6cc59f640e9028ae6c7075fba5e5b5593d7f79ec387833f465d09bde464112821eaec5e6e8f2aee8d7358f9c14afe2018856f610848706c71cda62493aef2e39efb71b4a8e804847eda66b2b5b1d75b478f19208ee1ac43afb2dbbba5dd0f29f6946022e09fb853cb176ca3474ba2fa67cb245fe85ec61a095d6fd9ac2ac5685920201617342fe56072427b9bd3626a1a371e67041fcda781be0c234d6feb5ad500e8bc7074381fd0d04983a4a6cdb6c8e03d59dc50925e9e4b24e6f8e455f02818959f2927f0a2d9ff62ec3c5c399077048f7d3dad0830b2e6563693f2f9d48eca8c34804a7626282a4a214d13786993c011a88194dbf7b23e25f592e62186c9fb565fac7632de356153c89a6be0b6b26ba48c2427424769fcbd7ee072ed4bd4d0731d06c8537d616b1145a6c70edb13fb4dba3565221b3a2897a23861cd0e8e0060021cdd7de002d5e785e5d6d3d07f4e445ada9c8d9ba8b819d0b5c7b5d15a5192d3a83c125c8e117c823a9e33316b8c9154e7330d3a865048dbd9c14757691bfe56f10423f6ab717bec5eebeac6ba9ad1aeb6cde09d7fda8e475a71ac48d46b8d9a40879c9dec2db5c4799e5fc8e8b3d419031c1033fce88ae2c93d7ca62c9302e6b45ca8dfebe5b92724f035e8e9d7704efb23f445999fe08cfa28404874d8acc8d37870d394d9fcc8dbe763bc85c37f0f3bcc2cbea420cd073db598e7d89c14a31e5bf57cbefa301427c93091505f1f3e5cdf712958b2e8fc56684d3388107c1728f0e5a3be2164246071653e256ed3bf3000c17301da9a5a3d9ca475867c4f311a24e5ae909a62047a9e6bb71cbcb4f159c2ef0f66b4d0f9da51aba99cd9448443dd277362af18d32f111c48a952ef555b2c7c58b997ce61e74cc7551b57eaffe411219baddf490926d8e260dcd87c069e617195c352950f9b51ce88c12c4f7997ba515f77e68d44f831cdf4d7ee8b1b7cedcb4c4fc7e85ba288c8555d49d5b4b9bb70dc4b688bd12e6b38e37150f3ea457a76b23d5abe6551ea598e090aed87822b0954b8db1a7c605c925b7f9240b0e7a020f292a1fd4a37c74139bc6e7ff08373ebfc8feea371ae0b6c61c715f6f1f4b0b994c7e2e129f87db959aae6ff48664d824b29ba9f255890f9c537178db9c5302097891557f8175a46f308b1a2530aa726ea9d4cfce76db50637369724d0c5f51c97edb58ff5eb9b2434b3721b61688ba12471b97c6a65ba085e15406568ac852590701f2ef8451c5cf1191d70f51eaea9ddc4cbdd7428f627db5069111f65062d5cc34581826af3e670613dda99e31c42736aabd87be56e214ed606862a152455f91891b7430bae03284569c234588f495a5ecc4a23fad6ba34e2ee9ebde8c7f5f62c9344659375c2a1fe6fa6e4ef68712223b9471c513bb11429dbb8a45463c8882f462275ee0da567c60c2d8038843e0c20486676e9978f2aec9187820c94a6e7e519d06daf2ab198f5cafcab4d9c90a479800906192d66a3301a34fa6c5a931cea0a479a4d98d86d9de3e061323504b57186dd33df7a16ccb688c0de203666cb0a6b543a9d069dded44a3b432cbb71da921dcab6be1c2d7494d3b07841d9b4f9d659b5d3d3b2ed916f91588d589128e4b2d4448e6aab5a8160eddca0f6e022abb85e251a11cd6bae57a09b2c434ab5bdf6264afb20d5ab022d152e345bd32ba9283aa5b3cd9118bd271a8ac9083c98b8a83064e65428f7ad7b35bf1d60d4e703f22d2d316fc12bd68bcced82cf0962a3d5769c6a3d75d59f7a7b76454661fd3574b8c8e26d20c372407854505ea6c2406fbd8a1ba7bb017c565228aa6d03d18ed309a308ffb1ecec73c246413e7c70f25070eafed9e70d22e9e8b44125c44eceff37e65bf073bc6fad1ea2b72675af4bf70586a8f7e0f35700de94c802522897576ed115fa21b3d23a367844520b33f5b9aedc0245096765f4cb3b2ff4e54f39bd7346c2347875d75a931b17c6c424ddb4767e0e63cc7725a8fc4b1dbe7929b2f909cc5be8b09e63330341e6471dcac0f8b44693d01805a1467b71612260e2a273861b3697440a5f75497796bffcf79d62a4a50a6ed5ef2efe8c83374f2ecd08d8d628aa03b01a11caeb2bdecc0ab2abcecfa15627979d7c3f9dec5389fc6625e957f8075e23e636dd5514596189d568e14d33ae518e6e9978c6a36a74b49fdbd1260095c9abe447e618878039b75e305b1d2c9ddeb9e5cedb11802e0833739d8595d57d749c890c9290cca4aa96e6718747543796a187e54a66c2f71beefddf911a7a74b59c48ba642d5ecd4d415f48dfbde5baac8a4ba063c1b985d9f9f3180e8a1c8b2cf6a25c2ff17688cc858ac8b9c67960f09a1ca5f28f8e877159e00fe7fb10cca73b391508895e7e52c22f9b38d73dabd6ff7c55ebf4e1611daee8d52b4ceee49a6df7daeb81bf9d1c943a74c03d3dda52c5b99f3225c1b87074f5cef6187878bc5b665ec0561adcc9781280dd1c6592555d327afea78b21beeeb66a0af3eab3249245f41cdbca309d3fba5d4b345319dd0a26134c0c896f2c8d32fda28600013f6a4c95b4038faba70d6c480b360c55bdc0595f7ca636e85521ba505d894f9c5f0a90719bc9944f386ad7491422ff12f34a3c048708d51305a8cc5b2a502ac1575a14c75e9fb7219ede2f6d9c1b362230b6189e0d8cd8ccd11fd0325182c6e46c9977bf63aa02f7024aeb4389f989f5733a198b45e4329c4c1a538a009f216ad3ac09cac39547b4fd21a5d7146ea307ad9b9339f39d5161d17b59860a0aed38cd89d1b68c6438346d51a3a283074e34ee01d2eca527b1b3836ccdf7e807007152c79d14324e3d887c9551a9447527db4434810f5b0b73d855f32a0c89aa784e43f4c1657d408dd33f88aeae1e5186bbcc2a348b708e3cec9080e12ee3676beb5ee86a9b5cc4a3496c242b95a248906ed62f984b22373bdfd97515441f34e01006d8d1244aa88403f207cd8820ffe07634fc86d00f871c1e4c9e8fc1a00d295e36d98119599b62379cda10ada85efe7b50c5f38d8d010a2cd53db900939db1ffce14feffb7940d12842f4f2b507e1fa49e526752d1e3d80a0c2a75e870d85f77fd91fc46ac1b1288dd33338cdad154d6b80b5a925431868d62a3fb0036f28fe259a3f555f767526a9ea230c33843efc49ac3182a357845ea122d606ab22c9f937b2b905e02dd1cb07d380e3486be6167f00b6e6d90a3c1d6aee15da439a55542ce177e498998ba8ac69a848e63e4c7564e4dc04aad595fa1ab81275edafa0d352029c304200d2f2c5881cbf5a26b2141bdb117879cc11e7c13bd62f221ae1ac04dca3d8d58a13c130557ecf5f36184c7366d3852d0cbd6ca42f2a971d87c0bb204097af1a3abdab7b95d07fcdbf5f42607695dedcd26e30b8fc5cfd7b333a95f3ee69d5ba7911dadb1394285c437a0f26fc027737ba5ee7d63333f80acb59f1a7faf2ec3031c6533107502bffc92d8726a48ce00cdb5f1258d85ff8eb72bfb162e122022f1f3e8a72b41d2689d5228b1130fbc946384401f3bbe726314bb09d430333ad78de07b3cec5c18a4f4abb69507b6451ca4e610b8fc988c983426e0cc3b9d15393026eb75d3d08634b8a7495cef69aab83d27ea1b5b41f40b996dd10023d81f77d61192930ffc25cae1e149412322fcb0aa47bee3afc44ec3dda96c9294854e2cbaebfea6f9a90f0b3797d5f505824b4de964151569f881f87f9dd9d30a2a2f9ed01059a909cba157902903c77f2f3d056231e7c7483a3f35e04360e084f0d3f94a92c92c77b3f06479fbc417366d7fe87ddfcdfd86274f87a5f817b0f947924cbe2329f16f6b00c8a0ab96164f7b35fed38a388380af05c3600abc37a944c9e75a691728c26896ac3615297766f406aeb0f2fd147d68fad3fb3b032880280ebb4bf89252a36b0d9eb393daae72829b8da870b886676244897d5322b32703fcf138b66eedeb3024666a88fd99d8962f696ab7b34e19ced1bd27488aa2ffe5bfa11f8f9289bd8c052d4e88316cc33b0255ef1bfca4c17067d7f78175c56db481fe8dc6f73b1cbdf9d5823f115c9e03f2dfd07bc1ad88564d48b18cd9a30d83cbd5e6a3eedcb0ee86e5dd47f32820cb74dcf730b2052b31297b529e5e24f042335d13915e4048132fe1a101841e919c7870bb680eddead9a6111394bc12e274fbd88abaf2d254721c42e82abf4d1e319a631794ed6ce319ddd844ac5e9b1fc96dd9aaad42f2e087abe1b85430c4a00631970e3e74a6ed923f49e0df75685e044fae3fcea0af4dbfeebe0a9c2e73e8a89b89603a75f585e3ebba5453ae595da1469ea90ea3c9fb6a22411c56c58dfbf504caa629dbfc73ebbedc91669f2babf8b8215c525edf8feb366f104ffa9eb2bb79232660aece4730ef1ae8585c629ffe1390356a58e900da145b83ad177c7bb2d125e59d7ff4d3a8562efc620b4cf9b33c2305bbf1957e0f8b06f0fbe9c80db73b08fdd0be4a1ea4f91f52af47160040424aed8ac3c10251fb0b5d9be08247edf3dda5d1750d0597d60c8a0d9418a4e0c9325bb90f0886f9e5dda9e88ac1942ec1e53da0cf5ccad66b9cdfc2fdca784dd06a73713ef73785706d024873ddca5ccfcf0b91748a2c1fbd8c241934b5b473007b29d76aec5addf7b945a5f7abd6ddeccc8d0ccb26d69d4793b7224c27ba7bf45aac8a2be56086ab8c65ea69fdd593a01a29e2912378002d824bd98e6ed1c5dd5f33be529e640997f5f1bbde051fb2a669145966db4889bf32aa13777ac6c077c51bb8b2523954cea3adc307cfe53b8cbb00edf0c04c456392aea6613e8078a309dc538a6a24f80fc1b7f9fce3e3291ca6dab8090a634fcdb24e7a9de8aecd595b988f597cd623d148a8841b0a5203953166ea2e85316928f28dd2604d37c9ec80a49c0d91cbfe6d584b9b6a321b97bf99ae1d67985fd441976a828c97456003a7892c7c7f4a51bb49e3d3ea1e95ec29c89a2676", 0x69d}], 0x3)

340.260043ms ago: executing program 5 (id=2115):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x28, r1, 0x1, 0x70bd27, 0x25dfdbfb, {}, [@NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x2}]}, 0x28}}, 0x0)

153.517728ms ago: executing program 3 (id=2116):
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, &(0x7f00000000c0)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x98f907, 0x0, '\x00', @p_u8=&(0x7f0000000180)}})
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x8010, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, 0x0)
getpid()
r2 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000100))
r3 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r3, 0x80045017, 0x0)
r4 = syz_open_dev$sndpcmp(&(0x7f0000001200), 0x0, 0xa2c65)
write$snddsp(r4, &(0x7f0000000200)="a38d", 0x2)
ioctl$SNDRV_PCM_IOCTL_DRAIN(r4, 0x4144, 0x0)

100.56929ms ago: executing program 4 (id=2117):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x9c2, &(0x7f00000000c0)={0x0, 0x7079, 0x1, 0x3, 0x288}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x20, 0x4004, @fd_index=0x7, 0x1, 0x0, 0x0, 0x9, 0x1, {0x2}})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) (fail_nth: 2)

56.170451ms ago: executing program 5 (id=2118):
r0 = socket(0x2b, 0x1, 0x1)
setsockopt$MRT_DEL_MFC_PROXY(r0, 0x0, 0xd3, &(0x7f0000000000)={@multicast2, @multicast1, 0x0, "a74889901ba57680f0441c733dc06f7c1bd6c93592d841aa06c82e819e840683", 0x9, 0x4, 0x581}, 0x3c)

0s ago: executing program 1 (id=2119):
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x0, 0xfffffffffffffffd}, 0x0)
setitimer(0x2, &(0x7f0000000040)={{0x0, 0x2710}, {0x0, 0x2710}}, 0x0)
syz_open_dev$video4linux(&(0x7f0000000040), 0x3, 0x200)
unshare(0x2c020400)
r0 = syz_io_uring_setup(0x10a, &(0x7f0000000380)={0x0, 0x5f39, 0x0, 0x80, 0x1}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)

kernel console output (not intermixed with test programs):

.135595][T11988]  ? __fget_files+0x2a/0x420
[  717.135623][T11988]  ? __fget_files+0x2a/0x420
[  717.135657][T11988]  __sys_sendmsg+0x20a/0x360
[  717.135687][T11988]  ? __pfx___sys_sendmsg+0x10/0x10
[  717.135767][T11988]  ? do_syscall_64+0xb6/0x230
[  717.135798][T11988]  do_syscall_64+0xf3/0x230
[  717.135825][T11988]  ? clear_bhb_loop+0x45/0xa0
[  717.135851][T11988]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  717.135871][T11988] RIP: 0033:0x7f728a38d169
[  717.135890][T11988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  717.135908][T11988] RSP: 002b:00007f728b296038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  717.135932][T11988] RAX: ffffffffffffffda RBX: 00007f728a5a5fa0 RCX: 00007f728a38d169
[  717.135948][T11988] RDX: 000000000000ff00 RSI: 0000200000000000 RDI: 0000000000000004
[  717.135962][T11988] RBP: 00007f728b296090 R08: 0000000000000000 R09: 0000000000000000
[  717.135975][T11988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  717.135988][T11988] R13: 0000000000000000 R14: 00007f728a5a5fa0 R15: 00007ffe01827bd8
[  717.136019][T11988]  </TASK>
[  717.281276][T11825] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  717.644103][T11825] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  717.652283][T11995] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1609'.
[  717.828304][T11825] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  717.834307][T11998] netlink: zone id is out of range
[  717.841598][T11998] netlink: del zone limit has 4 unknown bytes
[  717.866669][T11825] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  718.071122][T12002] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1612'.
[  718.083782][   T30] audit: type=1326 audit(1744465249.550:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12001 comm="syz.1.1611" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f98fe78d169 code=0x0
[  718.182017][T11998] lo speed is unknown, defaulting to 1000
[  718.304596][T11825] 8021q: adding VLAN 0 to HW filter on device bond0
[  718.383877][T11825] 8021q: adding VLAN 0 to HW filter on device team0
[  718.475236][T11825] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  718.485739][T11825] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  718.511289][   T81] bridge0: port 1(bridge_slave_0) entered blocking state
[  718.518617][   T81] bridge0: port 1(bridge_slave_0) entered forwarding state
[  718.601581][   T81] bridge0: port 2(bridge_slave_1) entered blocking state
[  718.608849][   T81] bridge0: port 2(bridge_slave_1) entered forwarding state
[  718.856445][T12012] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1614'.
[  719.729498][T12017] FAULT_INJECTION: forcing a failure.
[  719.729498][T12017] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  719.766196][T12017] CPU: 1 UID: 0 PID: 12017 Comm: syz.3.1615 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  719.766231][T12017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  719.766245][T12017] Call Trace:
[  719.766255][T12017]  <TASK>
[  719.766265][T12017]  dump_stack_lvl+0x241/0x360
[  719.766302][T12017]  ? __pfx_dump_stack_lvl+0x10/0x10
[  719.766333][T12017]  ? __pfx__printk+0x10/0x10
[  719.766377][T12017]  should_fail_ex+0x424/0x570
[  719.766406][T12017]  _copy_from_iter+0x211/0x1c70
[  719.766444][T12017]  ? alloc_pages_mpol+0x4e6/0x690
[  719.766474][T12017]  ? __pfx__copy_from_iter+0x10/0x10
[  719.766509][T12017]  ? set_page_refcounted+0xa1/0x1e0
[  719.766534][T12017]  ? alloc_pages_noprof+0x136/0x190
[  719.766553][T12017]  ? page_copy_sane+0x46/0x260
[  719.766583][T12017]  copy_page_from_iter+0x7a/0x100
[  719.766616][T12017]  tun_get_user+0x1f6c/0x47c0
[  719.766641][T12017]  ? tun_get_user+0x852/0x47c0
[  719.766689][T12017]  ? kstrtouint+0xfc/0x190
[  719.766713][T12017]  ? __pfx_tun_get_user+0x10/0x10
[  719.766755][T12017]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  719.766798][T12017]  ? tun_get+0x1e/0x2f0
[  719.766820][T12017]  ? tun_get+0x1e/0x2f0
[  719.766837][T12017]  ? tun_get+0x27d/0x2f0
[  719.766860][T12017]  tun_chr_write_iter+0x10d/0x1f0
[  719.766897][T12017]  vfs_write+0x70f/0xd10
[  719.766941][T12017]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  719.766977][T12017]  ? __pfx_vfs_write+0x10/0x10
[  719.767011][T12017]  ? __fget_files+0x2a/0x420
[  719.767040][T12017]  ? __fget_files+0x2a/0x420
[  719.767075][T12017]  ksys_write+0x19d/0x2d0
[  719.767108][T12017]  ? __pfx_ksys_write+0x10/0x10
[  719.767145][T12017]  ? do_syscall_64+0xb6/0x230
[  719.767178][T12017]  do_syscall_64+0xf3/0x230
[  719.767205][T12017]  ? clear_bhb_loop+0x45/0xa0
[  719.767232][T12017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  719.767253][T12017] RIP: 0033:0x7fb7f4d8bc1f
[  719.767274][T12017] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  719.767293][T12017] RSP: 002b:00007fb7f5bcc000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  719.767316][T12017] RAX: ffffffffffffffda RBX: 00007fb7f4fa5fa0 RCX: 00007fb7f4d8bc1f
[  719.767331][T12017] RDX: 000000000000006e RSI: 0000200000003580 RDI: 00000000000000c8
[  719.767345][T12017] RBP: 00007fb7f5bcc090 R08: 0000000000000000 R09: 0000000000000000
[  719.767359][T12017] R10: 000000000000006e R11: 0000000000000293 R12: 0000000000000001
[  719.767372][T12017] R13: 0000000000000001 R14: 00007fb7f4fa5fa0 R15: 00007ffc04cab188
[  719.767405][T12017]  </TASK>
[  720.702677][T12029] FAULT_INJECTION: forcing a failure.
[  720.702677][T12029] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  720.718757][T12029] CPU: 0 UID: 0 PID: 12029 Comm: syz.3.1620 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  720.718790][T12029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  720.718804][T12029] Call Trace:
[  720.718812][T12029]  <TASK>
[  720.718822][T12029]  dump_stack_lvl+0x241/0x360
[  720.718868][T12029]  ? __pfx_dump_stack_lvl+0x10/0x10
[  720.718897][T12029]  ? __pfx__printk+0x10/0x10
[  720.718937][T12029]  should_fail_ex+0x424/0x570
[  720.718966][T12029]  _copy_to_user+0x31/0xb0
[  720.719000][T12029]  simple_read_from_buffer+0xc4/0x170
[  720.719028][T12029]  proc_fail_nth_read+0x1ef/0x260
[  720.719060][T12029]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  720.719092][T12029]  ? rw_verify_area+0x246/0x630
[  720.719121][T12029]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  720.719151][T12029]  vfs_read+0x21f/0xb90
[  720.719189][T12029]  ? __pfx_vfs_read+0x10/0x10
[  720.719215][T12029]  ? do_sys_openat2+0x165/0x1d0
[  720.719242][T12029]  ? do_sock_setsockopt+0x3ea/0x710
[  720.719272][T12029]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  720.719302][T12029]  ksys_read+0x19d/0x2d0
[  720.719333][T12029]  ? __pfx_ksys_read+0x10/0x10
[  720.719369][T12029]  ? do_syscall_64+0xb6/0x230
[  720.719399][T12029]  do_syscall_64+0xf3/0x230
[  720.719426][T12029]  ? clear_bhb_loop+0x45/0xa0
[  720.719452][T12029]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  720.719473][T12029] RIP: 0033:0x7fb7f4d8bb7c
[  720.719493][T12029] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  720.719510][T12029] RSP: 002b:00007fb7f5bcc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  720.719532][T12029] RAX: ffffffffffffffda RBX: 00007fb7f4fa5fa0 RCX: 00007fb7f4d8bb7c
[  720.719548][T12029] RDX: 000000000000000f RSI: 00007fb7f5bcc0a0 RDI: 0000000000000004
[  720.719561][T12029] RBP: 00007fb7f5bcc090 R08: 0000000000000000 R09: 0000000000000000
[  720.719574][T12029] R10: 00002000000007c0 R11: 0000000000000246 R12: 0000000000000001
[  720.719587][T12029] R13: 0000000000000000 R14: 00007fb7f4fa5fa0 R15: 00007ffc04cab188
[  720.719619][T12029]  </TASK>
[  721.051668][T11825] 8021q: adding VLAN 0 to HW filter on device batadv0
[  721.060686][T12035] mac80211_hwsim hwsim7 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  721.504211][T11825] veth0_vlan: entered promiscuous mode
[  721.541440][T11825] veth1_vlan: entered promiscuous mode
[  721.676471][T11825] veth0_macvtap: entered promiscuous mode
[  721.696356][T11825] veth1_macvtap: entered promiscuous mode
[  721.737081][T11825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  721.753141][   T30] audit: type=1326 audit(1744465253.220:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12051 comm="syz.4.1625" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f728a38d169 code=0x0
[  721.755691][T11825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  721.823444][T11825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  721.853320][T11825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  721.869887][T11825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  721.884685][T11825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  721.904369][T11825] batman_adv: batadv0: Interface activated: batadv_slave_0
[  722.043896][T12056] IPVS: set_ctl: invalid protocol: 103 100.1.1.0:20000
[  722.730029][T12056] dummy0: entered promiscuous mode
[  722.734266][T12064] FAULT_INJECTION: forcing a failure.
[  722.734266][T12064] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  722.749221][T12064] CPU: 0 UID: 0 PID: 12064 Comm: syz.4.1628 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  722.749253][T12064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  722.749266][T12064] Call Trace:
[  722.749275][T12064]  <TASK>
[  722.749284][T12064]  dump_stack_lvl+0x241/0x360
[  722.749322][T12064]  ? __pfx_dump_stack_lvl+0x10/0x10
[  722.749352][T12064]  ? __pfx__printk+0x10/0x10
[  722.749394][T12064]  should_fail_ex+0x424/0x570
[  722.749422][T12064]  _copy_from_user+0x2d/0xb0
[  722.749454][T12064]  move_addr_to_kernel+0x7f/0x170
[  722.749486][T12064]  copy_msghdr_from_user+0x477/0x580
[  722.749522][T12064]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  722.749549][T12064]  ? __fget_files+0x2a/0x420
[  722.749577][T12064]  ? __fget_files+0x2a/0x420
[  722.749611][T12064]  __sys_sendmmsg+0x361/0x7b0
[  722.749659][T12064]  ? __pfx___sys_sendmmsg+0x10/0x10
[  722.749722][T12064]  ? rcu_read_lock_any_held+0xbb/0x160
[  722.749750][T12064]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  722.749782][T12064]  ? vfs_write+0xb29/0xd10
[  722.749823][T12064]  ? ksys_write+0x24e/0x2d0
[  722.749856][T12064]  ? __mutex_unlock_slowpath+0x229/0x800
[  722.749917][T12064]  ? ksys_write+0x275/0x2d0
[  722.749960][T12064]  __x64_sys_sendmmsg+0xa0/0xb0
[  722.749986][T12064]  do_syscall_64+0xf3/0x230
[  722.750014][T12064]  ? clear_bhb_loop+0x45/0xa0
[  722.750040][T12064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  722.750061][T12064] RIP: 0033:0x7f728a38d169
[  722.750081][T12064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  722.750100][T12064] RSP: 002b:00007f728b296038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  722.750123][T12064] RAX: ffffffffffffffda RBX: 00007f728a5a5fa0 RCX: 00007f728a38d169
[  722.750138][T12064] RDX: 0000000000000001 RSI: 0000200000000280 RDI: 0000000000000003
[  722.750152][T12064] RBP: 00007f728b296090 R08: 0000000000000000 R09: 0000000000000000
[  722.750165][T12064] R10: 0000000000000804 R11: 0000000000000246 R12: 0000000000000001
[  722.750178][T12064] R13: 0000000000000000 R14: 00007f728a5a5fa0 R15: 00007ffe01827bd8
[  722.750211][T12064]  </TASK>
[  723.082841][T12056] dummy0: left promiscuous mode
[  723.230891][T11825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  723.258430][T11825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  723.283319][T11825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  723.308664][T11825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  723.327248][T11825] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  723.358021][T11825] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  723.380380][T11825] batman_adv: batadv0: Interface activated: batadv_slave_1
[  723.450865][T11825] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  723.477469][T11825] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  723.508452][T11825] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  723.523598][T11825] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  723.887155][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  723.904316][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  724.069187][ T5951] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  724.293457][ T5951] usb 4-1: Using ep0 maxpacket: 16
[  724.301109][ T5951] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  724.323065][ T3005] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  724.343618][T12083] lo speed is unknown, defaulting to 1000
[  724.343866][ T5951] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  724.367997][ T3005] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  724.393393][ T5951] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  724.419354][ T5951] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  724.451114][ T5951] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  724.467426][ T5951] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  724.488452][ T5951] usb 4-1: Product: syz
[  724.517013][ T5951] usb 4-1: Manufacturer: syz
[  724.544314][ T5951] usb 4-1: SerialNumber: syz
[  724.591466][   T30] audit: type=1326 audit(1744465256.050:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12091 comm="syz.4.1637" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f728a38d169 code=0x0
[  724.920965][   T81] wlan1: Trigger new scan to find an IBSS to join
[  725.823289][ T5951] usb 4-1: USB disconnect, device number 28
[  726.394530][T12103] 9pnet_fd: Insufficient options for proto=fd
[  727.082106][ T5938] kernel read not supported for file /video9 (pid: 5938 comm: kworker/1:7)
[  728.099697][ T1903] wlan1: Trigger new scan to find an IBSS to join
[  728.788602][   T30] audit: type=1326 audit(1744465260.250:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12127 comm="syz.4.1647" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f728a38d169 code=0x0
[  728.969495][ T5951] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  729.261635][ T5951] usb 6-1: Using ep0 maxpacket: 8
[  729.280060][ T5951] usb 6-1: unable to get BOS descriptor or descriptor too short
[  729.305922][ T5951] usb 6-1: config 5 has an invalid interface number: 215 but max is 0
[  729.316108][ T5951] usb 6-1: config 5 has no interface number 0
[  729.335424][ T5951] usb 6-1: config 5 interface 215 has no altsetting 0
[  729.435106][ T5951] usb 6-1: New USB device found, idVendor=1163, idProduct=0100, bcdDevice=dc.ba
[  729.508158][   T81] wlan1: Creating new IBSS network, BSSID 3a:9e:7e:ae:e8:36
[  730.443577][T12137] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1649'.
[  730.527627][ T5951] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  731.544112][ T5951] usb 6-1: Product: syz
[  731.548323][ T5951] usb 6-1: Manufacturer: syz
[  731.810012][T12143] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1650'.
[  731.948574][   T30] audit: type=1326 audit(1744465263.340:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12144 comm="syz.4.1651" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f728a38d169 code=0x0
[  732.508642][ T5951] usb 6-1: SerialNumber: syz
[  733.180900][ T5951] cypress_m8 6-1:5.215: DeLorme Earthmate USB converter detected
[  733.201883][ T5951] usb 6-1: DeLorme Earthmate USB converter now attached to ttyUSB0
[  733.219983][ T5951] usb 6-1: USB disconnect, device number 2
[  733.235435][ T5951] earthmate ttyUSB0: DeLorme Earthmate USB converter now disconnected from ttyUSB0
[  733.266143][ T5951] cypress_m8 6-1:5.215: device disconnected
[  734.405897][T12173] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  735.042119][T12184] lo speed is unknown, defaulting to 1000
[  736.316208][   T30] audit: type=1326 audit(1744465267.780:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12204 comm="syz.5.1666" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4125b8d169 code=0x0
[  736.929069][   T81] wlan1: Trigger new scan to find an IBSS to join
[  736.993315][   T30] audit: type=1400 audit(1744465268.460:213): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=12214 comm="syz.1.1669" dest=20002 netif=wpan0
[  737.089177][T12215] netlink: 6 bytes leftover after parsing attributes in process `syz.1.1669'.
[  737.346645][T12215] netlink: 6 bytes leftover after parsing attributes in process `syz.1.1669'.
[  738.563156][T12236] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1675'.
[  738.677452][T12242] FAULT_INJECTION: forcing a failure.
[  738.677452][T12242] name failslab, interval 1, probability 0, space 0, times 0
[  738.731165][T12242] CPU: 0 UID: 0 PID: 12242 Comm: syz.0.1676 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  738.731198][T12242] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  738.731212][T12242] Call Trace:
[  738.731221][T12242]  <TASK>
[  738.731230][T12242]  dump_stack_lvl+0x241/0x360
[  738.731267][T12242]  ? __pfx_dump_stack_lvl+0x10/0x10
[  738.731296][T12242]  ? __pfx__printk+0x10/0x10
[  738.731329][T12242]  ? __pfx___might_resched+0x10/0x10
[  738.731368][T12242]  should_fail_ex+0x424/0x570
[  738.731397][T12242]  should_failslab+0xac/0x100
[  738.731421][T12242]  __kmalloc_noprof+0xdf/0x4d0
[  738.731442][T12242]  ? tomoyo_encode+0x26f/0x540
[  738.731468][T12242]  tomoyo_encode+0x26f/0x540
[  738.731495][T12242]  tomoyo_realpath_from_path+0x59e/0x5e0
[  738.731532][T12242]  tomoyo_path_number_perm+0x245/0x790
[  738.731567][T12242]  ? tomoyo_path_number_perm+0x215/0x790
[  738.731599][T12242]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  738.731636][T12242]  ? ksys_write+0x24e/0x2d0
[  738.731674][T12242]  ? __lock_acquire+0xad5/0xd80
[  738.731717][T12242]  ? __fget_files+0x2a/0x420
[  738.731741][T12242]  ? __fget_files+0x2a/0x420
[  738.731769][T12242]  ? __fget_files+0x2a/0x420
[  738.731799][T12242]  security_file_ioctl+0xc6/0x2a0
[  738.731833][T12242]  __se_sys_ioctl+0x46/0x160
[  738.731867][T12242]  do_syscall_64+0xf3/0x230
[  738.731893][T12242]  ? clear_bhb_loop+0x45/0xa0
[  738.731920][T12242]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.731940][T12242] RIP: 0033:0x7ff65378d169
[  738.731959][T12242] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  738.731978][T12242] RSP: 002b:00007ff6545ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  738.732001][T12242] RAX: ffffffffffffffda RBX: 00007ff6539a5fa0 RCX: 00007ff65378d169
[  738.732018][T12242] RDX: 0000000000000000 RSI: 0000000080045005 RDI: 0000000000000003
[  738.732031][T12242] RBP: 00007ff6545ba090 R08: 0000000000000000 R09: 0000000000000000
[  738.732044][T12242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  738.732057][T12242] R13: 0000000000000000 R14: 00007ff6539a5fa0 R15: 00007fffb7eee1e8
[  738.732088][T12242]  </TASK>
[  738.732111][T12242] ERROR: Out of memory at tomoyo_realpath_from_path.
[  739.005262][ T2900] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  739.180183][T12251] netlink: zone id is out of range
[  739.209766][T12251] netlink: del zone limit has 4 unknown bytes
[  739.346205][T12251] lo speed is unknown, defaulting to 1000
[  739.799604][ T5930] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  740.048744][ T5930] usb 4-1: Using ep0 maxpacket: 32
[  740.092945][ T5930] usb 4-1: too many configurations: 195, using maximum allowed: 8
[  740.231801][ T5930] usb 4-1: unable to read config index 0 descriptor/start: -61
[  740.267922][ T5930] usb 4-1: can't read configurations, error -61
[  740.384276][T12263] netlink: zone id is out of range
[  740.396698][T12263] netlink: del zone limit has 4 unknown bytes
[  740.438827][ T5930] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  740.609491][ T5930] usb 4-1: Using ep0 maxpacket: 32
[  740.623140][ T5930] usb 4-1: too many configurations: 195, using maximum allowed: 8
[  740.642156][T12272] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1687'.
[  740.652644][T12263] lo speed is unknown, defaulting to 1000
[  740.660203][ T5930] usb 4-1: unable to read config index 0 descriptor/start: -61
[  740.668191][ T5930] usb 4-1: can't read configurations, error -61
[  740.676555][ T5930] usb usb4-port1: attempt power cycle
[  741.037774][T12280] netlink: 'syz.5.1690': attribute type 1 has an invalid length.
[  741.045646][T12280] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1690'.
[  741.058890][ T2989] wlan1: Trigger new scan to find an IBSS to join
[  741.108525][ T5930] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  741.120562][T12282] SET target dimension over the limit!
[  741.133532][ T5930] usb 4-1: Using ep0 maxpacket: 32
[  741.143873][ T5930] usb 4-1: too many configurations: 195, using maximum allowed: 8
[  741.154186][ T5930] usb 4-1: unable to read config index 0 descriptor/start: -61
[  741.165066][ T5930] usb 4-1: can't read configurations, error -61
[  741.246145][T12285] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1692'.
[  741.298496][ T5930] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  741.320375][ T5930] usb 4-1: Using ep0 maxpacket: 32
[  741.327724][ T5930] usb 4-1: too many configurations: 195, using maximum allowed: 8
[  741.353577][ T5930] usb 4-1: unable to read config index 0 descriptor/start: -61
[  741.365892][ T5930] usb 4-1: can't read configurations, error -61
[  741.373647][ T5930] usb usb4-port1: unable to enumerate USB device
[  741.658654][ T5930] usb 1-1: new full-speed USB device number 21 using dummy_hcd
[  741.813253][ T5930] usb 1-1: device descriptor read/64, error -71
[  741.922373][   T30] audit: type=1326 audit(1744465273.390:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12306 comm="syz.1.1701" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f98fe78d169 code=0x0
[  742.020506][ T2989] wlan1: Creating new IBSS network, BSSID 5e:84:9d:7e:9a:4b
[  742.088604][ T5930] usb 1-1: new full-speed USB device number 22 using dummy_hcd
[  742.182171][T12315] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1703'.
[  742.228766][ T5930] usb 1-1: device descriptor read/64, error -71
[  742.305530][T12317] 9pnet_fd: Insufficient options for proto=fd
[  742.364508][ T5930] usb usb1-port1: attempt power cycle
[  742.392790][T12321] FAULT_INJECTION: forcing a failure.
[  742.392790][T12321] name failslab, interval 1, probability 0, space 0, times 0
[  742.407882][T12321] CPU: 1 UID: 0 PID: 12321 Comm: syz.5.1706 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  742.407915][T12321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  742.407928][T12321] Call Trace:
[  742.407939][T12321]  <TASK>
[  742.407948][T12321]  dump_stack_lvl+0x241/0x360
[  742.407985][T12321]  ? __pfx_dump_stack_lvl+0x10/0x10
[  742.408015][T12321]  ? __pfx__printk+0x10/0x10
[  742.408043][T12321]  ? __pfx___might_resched+0x10/0x10
[  742.408067][T12321]  should_fail_ex+0x424/0x570
[  742.408091][T12321]  should_failslab+0xac/0x100
[  742.408111][T12321]  __kmalloc_noprof+0xdf/0x4d0
[  742.408129][T12321]  ? tomoyo_encode+0x26f/0x540
[  742.408150][T12321]  tomoyo_encode+0x26f/0x540
[  742.408173][T12321]  tomoyo_realpath_from_path+0x59e/0x5e0
[  742.408202][T12321]  tomoyo_path_number_perm+0x245/0x790
[  742.408230][T12321]  ? tomoyo_path_number_perm+0x215/0x790
[  742.408255][T12321]  ? __seccomp_filter+0x521/0x1f20
[  742.408276][T12321]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  742.408316][T12321]  ? __lock_acquire+0xad5/0xd80
[  742.408364][T12321]  ? __fget_files+0x2a/0x420
[  742.408389][T12321]  ? __fget_files+0x2a/0x420
[  742.408416][T12321]  ? __fget_files+0x2a/0x420
[  742.408446][T12321]  security_file_ioctl+0xc6/0x2a0
[  742.408479][T12321]  __se_sys_ioctl+0x46/0x160
[  742.408510][T12321]  do_syscall_64+0xf3/0x230
[  742.408534][T12321]  ? clear_bhb_loop+0x45/0xa0
[  742.408555][T12321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  742.408572][T12321] RIP: 0033:0x7f4125b8d169
[  742.408588][T12321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  742.408602][T12321] RSP: 002b:00007f4126951038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  742.408622][T12321] RAX: ffffffffffffffda RBX: 00007f4125da5fa0 RCX: 00007f4125b8d169
[  742.408635][T12321] RDX: 0000200000000180 RSI: 0000000040045731 RDI: 0000000000000004
[  742.408646][T12321] RBP: 00007f4126951090 R08: 0000000000000000 R09: 0000000000000000
[  742.408657][T12321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  742.408667][T12321] R13: 0000000000000000 R14: 00007f4125da5fa0 R15: 00007ffd0ab509a8
[  742.408694][T12321]  </TASK>
[  742.626361][    C1] vkms_vblank_simulate: vblank timer overrun
[  742.638843][T12321] ERROR: Out of memory at tomoyo_realpath_from_path.
[  742.730499][T12323] FAULT_INJECTION: forcing a failure.
[  742.730499][T12323] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  742.775439][   T24] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  742.869074][T12323] CPU: 1 UID: 0 PID: 12323 Comm: syz.3.1707 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  742.869109][T12323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  742.869125][T12323] Call Trace:
[  742.869134][T12323]  <TASK>
[  742.869145][T12323]  dump_stack_lvl+0x241/0x360
[  742.869184][T12323]  ? __pfx_dump_stack_lvl+0x10/0x10
[  742.869215][T12323]  ? __pfx__printk+0x10/0x10
[  742.869258][T12323]  should_fail_ex+0x424/0x570
[  742.869288][T12323]  _copy_to_user+0x31/0xb0
[  742.869334][T12323]  copy_siginfo_to_user+0x24/0xc0
[  742.869360][T12323]  x64_setup_rt_frame+0x7eb/0xda0
[  742.869392][T12323]  ? _raw_spin_unlock_irq+0x29/0x50
[  742.869440][T12323]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  742.869484][T12323]  arch_do_signal_or_restart+0x428/0x840
[  742.869521][T12323]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  742.869570][T12323]  ? syscall_exit_to_user_mode+0xa3/0x340
[  742.869602][T12323]  syscall_exit_to_user_mode+0xce/0x340
[  742.869633][T12323]  do_syscall_64+0x100/0x230
[  742.869660][T12323]  ? clear_bhb_loop+0x45/0xa0
[  742.869687][T12323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  742.869708][T12323] RIP: 0033:0x7fb7f4d8d167
[  742.869728][T12323] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  742.869747][T12323] RSP: 002b:00007fb7f5bcc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  742.869771][T12323] RAX: 0000000000000127 RBX: 00007fb7f4fa5fa0 RCX: 00007fb7f4d8d169
[  742.869786][T12323] RDX: 0000000000000001 RSI: 0000200000000000 RDI: 0000000000000003
[  742.869800][T12323] RBP: 00007fb7f5bcc090 R08: 0000000000000000 R09: 0000000000000000
[  742.869813][T12323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  742.869826][T12323] R13: 0000000000000000 R14: 00007fb7f4fa5fa0 R15: 00007ffc04cab188
[  742.869860][T12323]  </TASK>
[  743.056166][    C1] vkms_vblank_simulate: vblank timer overrun
[  743.101849][ T5930] usb 1-1: new full-speed USB device number 23 using dummy_hcd
[  743.132717][   T24] usb 5-1: Using ep0 maxpacket: 8
[  743.140412][   T24] usb 5-1: config 251 has an invalid interface number: 243 but max is 0
[  743.148980][   T24] usb 5-1: config 251 has no interface number 0
[  743.155741][   T24] usb 5-1: config 251 interface 243 has no altsetting 0
[  743.196050][   T24] usb 5-1: New USB device found, idVendor=0ab4, idProduct=0014, bcdDevice=28.9a
[  743.223021][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  743.231151][   T24] usb 5-1: Product: syz
[  743.235333][   T24] usb 5-1: Manufacturer: syz
[  743.240519][   T24] usb 5-1: SerialNumber: syz
[  743.281879][ T5930] usb 1-1: device descriptor read/8, error -71
[  743.500012][   T24] esd_usb 5-1:251.243: sending version message failed
[  743.536522][   T24] esd_usb 5-1:251.243: probe with driver esd_usb failed with error -22
[  743.545315][ T5930] usb 1-1: new full-speed USB device number 24 using dummy_hcd
[  743.629209][ T5930] usb 1-1: device descriptor read/8, error -71
[  743.640861][   T24] usb 5-1: USB disconnect, device number 26
[  743.996208][ T5930] usb usb1-port1: unable to enumerate USB device
[  744.026726][T12332] ipt_REJECT: ECHOREPLY no longer supported.
[  745.739083][T12373] overlayfs: failed to clone lowerpath
[  746.188786][   T10] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  746.240113][T12392] 9pnet_fd: Insufficient options for proto=fd
[  746.261560][T12392] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1730'.
[  746.540149][   T10] usb 6-1: Using ep0 maxpacket: 32
[  746.873440][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  746.911768][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  747.036997][   T10] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  747.046212][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  747.080338][T12398] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  747.091607][   T10] usb 6-1: config 0 descriptor??
[  747.121871][   T10] hub 6-1:0.0: USB hub found
[  747.195324][T12404] netlink: 'syz.1.1735': attribute type 21 has an invalid length.
[  747.218962][T12404] netlink: 'syz.1.1735': attribute type 1 has an invalid length.
[  747.226970][T12404] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1735'.
[  747.359296][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  747.365803][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  747.479332][   T10] hub 6-1:0.0: 1 port detected
[  747.768759][   T24] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  748.360894][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  748.378824][   T24] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  748.419049][   T10] hub 6-1:0.0: activate --> -90
[  748.426818][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  748.462660][   T24] usb 4-1: config 0 descriptor??
[  748.517937][T12416] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1740'.
[  749.509938][   T24] keytouch 0003:0926:3333.0006: fixing up Keytouch IEC report descriptor
[  749.530552][T12409] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  749.589911][T12409] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  749.604416][   T24] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0006/input/input17
[  749.694715][T12409] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  749.704519][T12409] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  749.778073][   T24] keytouch 0003:0926:3333.0006: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  749.814505][   T24] usb 4-1: USB disconnect, device number 33
[  750.010658][T12427] netlink: zone id is out of range
[  750.016004][T12427] netlink: del zone limit has 4 unknown bytes
[  750.036549][   T10] hub 6-1:0.0: hub_ext_port_status failed (err = -32)
[  750.044459][T12429] fuse: Bad value for 'user_id'
[  750.055007][   T10] usb 6-1-port1: config error
[  750.060565][T12429] fuse: Bad value for 'user_id'
[  750.070845][T12427] lo speed is unknown, defaulting to 1000
[  750.449539][T12447] FAULT_INJECTION: forcing a failure.
[  750.449539][T12447] name failslab, interval 1, probability 0, space 0, times 0
[  750.529671][T12447] CPU: 0 UID: 0 PID: 12447 Comm: syz.3.1747 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  750.529721][T12447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  750.529740][T12447] Call Trace:
[  750.529750][T12447]  <TASK>
[  750.529760][T12447]  dump_stack_lvl+0x241/0x360
[  750.529798][T12447]  ? __pfx_dump_stack_lvl+0x10/0x10
[  750.529828][T12447]  ? __pfx__printk+0x10/0x10
[  750.529863][T12447]  ? __pfx___might_resched+0x10/0x10
[  750.529893][T12447]  should_fail_ex+0x424/0x570
[  750.529924][T12447]  should_failslab+0xac/0x100
[  750.529949][T12447]  __kmalloc_noprof+0xdf/0x4d0
[  750.529971][T12447]  ? tomoyo_encode+0x26f/0x540
[  750.529998][T12447]  tomoyo_encode+0x26f/0x540
[  750.530027][T12447]  tomoyo_realpath_from_path+0x59e/0x5e0
[  750.530064][T12447]  tomoyo_path_number_perm+0x245/0x790
[  750.530101][T12447]  ? tomoyo_path_number_perm+0x215/0x790
[  750.530134][T12447]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  750.530173][T12447]  ? ksys_write+0x24e/0x2d0
[  750.530213][T12447]  ? __lock_acquire+0xad5/0xd80
[  750.530256][T12447]  ? __fget_files+0x2a/0x420
[  750.530281][T12447]  ? __fget_files+0x2a/0x420
[  750.530310][T12447]  ? __fget_files+0x2a/0x420
[  750.530341][T12447]  security_file_ioctl+0xc6/0x2a0
[  750.530376][T12447]  __se_sys_ioctl+0x46/0x160
[  750.530419][T12447]  do_syscall_64+0xf3/0x230
[  750.530447][T12447]  ? clear_bhb_loop+0x45/0xa0
[  750.530474][T12447]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  750.530495][T12447] RIP: 0033:0x7fb7f4d8d169
[  750.530515][T12447] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  750.530533][T12447] RSP: 002b:00007fb7f5bab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  750.530556][T12447] RAX: ffffffffffffffda RBX: 00007fb7f4fa6080 RCX: 00007fb7f4d8d169
[  750.530573][T12447] RDX: 0000000000000000 RSI: 0000000000005425 RDI: 0000000000000003
[  750.530587][T12447] RBP: 00007fb7f5bab090 R08: 0000000000000000 R09: 0000000000000000
[  750.530600][T12447] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  750.530613][T12447] R13: 0000000000000001 R14: 00007fb7f4fa6080 R15: 00007ffc04cab188
[  750.530648][T12447]  </TASK>
[  750.530673][T12447] ERROR: Out of memory at tomoyo_realpath_from_path.
[  751.678794][   T10] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  751.727127][ T5951] usb 6-1: USB disconnect, device number 3
[  751.948450][   T10] usb 5-1: device descriptor read/64, error -71
[  752.256128][T12467] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1754'.
[  753.084759][T12473] FAULT_INJECTION: forcing a failure.
[  753.084759][T12473] name failslab, interval 1, probability 0, space 0, times 0
[  753.118471][   T10] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  753.123256][T12473] CPU: 1 UID: 0 PID: 12473 Comm: syz.3.1756 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  753.123294][T12473] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  753.123309][T12473] Call Trace:
[  753.123320][T12473]  <TASK>
[  753.123330][T12473]  dump_stack_lvl+0x241/0x360
[  753.123373][T12473]  ? __pfx_dump_stack_lvl+0x10/0x10
[  753.123405][T12473]  ? __pfx__printk+0x10/0x10
[  753.123441][T12473]  ? __pfx___might_resched+0x10/0x10
[  753.123474][T12473]  should_fail_ex+0x424/0x570
[  753.123504][T12473]  should_failslab+0xac/0x100
[  753.123531][T12473]  __kmalloc_noprof+0xdf/0x4d0
[  753.123555][T12473]  ? tomoyo_encode+0x26f/0x540
[  753.123584][T12473]  tomoyo_encode+0x26f/0x540
[  753.123615][T12473]  tomoyo_realpath_from_path+0x59e/0x5e0
[  753.123654][T12473]  tomoyo_path_number_perm+0x245/0x790
[  753.123692][T12473]  ? tomoyo_path_number_perm+0x215/0x790
[  753.123728][T12473]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  753.123768][T12473]  ? ksys_write+0x24e/0x2d0
[  753.123810][T12473]  ? __lock_acquire+0xad5/0xd80
[  753.123855][T12473]  ? __fget_files+0x2a/0x420
[  753.123883][T12473]  ? __fget_files+0x2a/0x420
[  753.123913][T12473]  ? __fget_files+0x2a/0x420
[  753.123946][T12473]  security_file_ioctl+0xc6/0x2a0
[  753.123982][T12473]  __se_sys_ioctl+0x46/0x160
[  753.124019][T12473]  do_syscall_64+0xf3/0x230
[  753.124049][T12473]  ? clear_bhb_loop+0x45/0xa0
[  753.124078][T12473]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  753.124101][T12473] RIP: 0033:0x7fb7f4d8d169
[  753.124123][T12473] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  753.124144][T12473] RSP: 002b:00007fb7f5bcc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  753.124170][T12473] RAX: ffffffffffffffda RBX: 00007fb7f4fa5fa0 RCX: 00007fb7f4d8d169
[  753.124189][T12473] RDX: 0000200000000740 RSI: 00000000c0cc5615 RDI: 0000000000000003
[  753.124206][T12473] RBP: 00007fb7f5bcc090 R08: 0000000000000000 R09: 0000000000000000
[  753.124221][T12473] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  753.124236][T12473] R13: 0000000000000000 R14: 00007fb7f4fa5fa0 R15: 00007ffc04cab188
[  753.124284][T12473]  </TASK>
[  753.125504][T12473] ERROR: Out of memory at tomoyo_realpath_from_path.
[  753.488752][   T10] usb 5-1: device descriptor read/64, error -71
[  753.541591][T12484] program syz.5.1760 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  753.599046][   T10] usb usb5-port1: attempt power cycle
[  753.627876][T12469] trusted_key: encrypted_key: keylen parameter is missing
[  753.639406][   T55] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  753.641110][ T5846] Bluetooth: hci2: command 0x1003 tx timeout
[  753.709090][T12490] FAULT_INJECTION: forcing a failure.
[  753.709090][T12490] name failslab, interval 1, probability 0, space 0, times 0
[  753.738540][T12490] CPU: 1 UID: 0 PID: 12490 Comm: syz.3.1762 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  753.738574][T12490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  753.738589][T12490] Call Trace:
[  753.738598][T12490]  <TASK>
[  753.738608][T12490]  dump_stack_lvl+0x241/0x360
[  753.738647][T12490]  ? __pfx_dump_stack_lvl+0x10/0x10
[  753.738677][T12490]  ? __pfx__printk+0x10/0x10
[  753.738710][T12490]  ? __pfx___might_resched+0x10/0x10
[  753.738740][T12490]  should_fail_ex+0x424/0x570
[  753.738769][T12490]  should_failslab+0xac/0x100
[  753.738793][T12490]  kmem_cache_alloc_noprof+0x78/0x390
[  753.738815][T12490]  ? mas_alloc_nodes+0x267/0x7e0
[  753.738845][T12490]  mas_alloc_nodes+0x267/0x7e0
[  753.738881][T12490]  mas_preallocate+0x5ea/0x950
[  753.738915][T12490]  ? __pfx_mas_preallocate+0x10/0x10
[  753.738952][T12490]  ? __mas_set_range+0x133/0x3c0
[  753.738979][T12490]  __split_vma+0x2f2/0xb20
[  753.739003][T12490]  ? process_measurement+0x7c2/0x1fe0
[  753.739041][T12490]  ? __pfx___split_vma+0x10/0x10
[  753.739060][T12490]  ? up_write+0x1ab/0x590
[  753.739093][T12490]  ? __pfx_up_write+0x10/0x10
[  753.739117][T12490]  ? ima_get_action+0x75/0xb0
[  753.739145][T12490]  vms_gather_munmap_vmas+0x325/0x13d0
[  753.739200][T12490]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  753.739252][T12490]  ? mas_find+0x8c0/0xbb0
[  753.739284][T12490]  mmap_region+0xa13/0x2ea0
[  753.739344][T12490]  ? __pfx_mmap_region+0x10/0x10
[  753.739362][T12490]  ? is_bpf_text_address+0x26/0x2a0
[  753.739392][T12490]  ? is_bpf_text_address+0x26/0x2a0
[  753.739417][T12490]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  753.739528][T12490]  ? arch_get_unmapped_area_topdown+0x2b0/0xd50
[  753.739567][T12490]  ? __pfx_arch_get_unmapped_area_topdown+0x10/0x10
[  753.739608][T12490]  ? cap_mmap_addr+0xaa/0xf0
[  753.739639][T12490]  ? bpf_lsm_mmap_addr+0x9/0x10
[  753.739659][T12490]  ? security_mmap_addr+0x6f/0x250
[  753.739693][T12490]  ? shmem_mapping+0xd/0x50
[  753.739717][T12490]  do_mmap+0xd42/0x1420
[  753.739766][T12490]  ? __pfx_do_mmap+0x10/0x10
[  753.739785][T12490]  ? down_write_killable+0x1a0/0x260
[  753.739813][T12490]  ? vm_mmap_pgoff+0x214/0x530
[  753.739835][T12490]  ? __pfx_down_write_killable+0x10/0x10
[  753.739874][T12490]  vm_mmap_pgoff+0x2a2/0x530
[  753.739907][T12490]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  753.739932][T12490]  ? __fget_files+0x2a/0x420
[  753.739958][T12490]  ? __fget_files+0x39d/0x420
[  753.739979][T12490]  ? __fget_files+0x2a/0x420
[  753.740008][T12490]  ksys_mmap_pgoff+0x4ee/0x720
[  753.740032][T12490]  ? __x64_sys_mmap+0x7f/0x140
[  753.740058][T12490]  do_syscall_64+0xf3/0x230
[  753.740084][T12490]  ? clear_bhb_loop+0x45/0xa0
[  753.740110][T12490]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  753.740130][T12490] RIP: 0033:0x7fb7f4d8d169
[  753.740149][T12490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  753.740166][T12490] RSP: 002b:00007fb7f5bcc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  753.740188][T12490] RAX: ffffffffffffffda RBX: 00007fb7f4fa5fa0 RCX: 00007fb7f4d8d169
[  753.740204][T12490] RDX: 0000000000000005 RSI: 0000000000004000 RDI: 0000200000001000
[  753.740218][T12490] RBP: 00007fb7f5bcc090 R08: 0000000000000004 R09: 0000000000000000
[  753.740237][T12490] R10: 0000000000000012 R11: 0000000000000246 R12: 0000000000000001
[  753.740250][T12490] R13: 0000000000000000 R14: 00007fb7f4fa5fa0 R15: 00007ffc04cab188
[  753.740282][T12490]  </TASK>
[  754.234464][   T30] audit: type=1326 audit(1744465285.700:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12493 comm="syz.3.1767" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb7f4d8d169 code=0x0
[  754.349912][   T10] usb usb5-port1: Cannot enable. Maybe the USB cable is bad?
[  754.488674][   T10] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  754.521907][   T10] usb 5-1: unable to get BOS descriptor or descriptor too short
[  754.543759][   T10] usb 5-1: config 6 has an invalid interface number: 212 but max is 1
[  754.578265][   T10] usb 5-1: config 6 contains an unexpected descriptor of type 0x2, skipping
[  754.596308][   T10] usb 5-1: config 6 contains an unexpected descriptor of type 0x1, skipping
[  754.606094][   T10] usb 5-1: config 6 contains an unexpected descriptor of type 0x1, skipping
[  754.620317][   T10] usb 5-1: config 6 has an invalid descriptor of length 37, skipping remainder of the config
[  754.634125][   T10] usb 5-1: config 6 has 1 interface, different from the descriptor's value: 2
[  754.645800][   T10] usb 5-1: config 6 has no interface number 0
[  754.655007][   T10] usb 5-1: config 6 interface 212 altsetting 14 endpoint 0x3 has invalid maxpacket 9225, setting to 1024
[  754.672095][   T10] usb 5-1: config 6 interface 212 altsetting 14 has 1 endpoint descriptor, different from the interface descriptor's value: 14
[  754.694229][T12512] FAULT_INJECTION: forcing a failure.
[  754.694229][T12512] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  754.698995][   T10] usb 5-1: config 6 interface 212 has no altsetting 0
[  754.717807][T12512] CPU: 1 UID: 0 PID: 12512 Comm: syz.5.1764 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  754.717839][T12512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  754.717852][T12512] Call Trace:
[  754.717861][T12512]  <TASK>
[  754.717870][T12512]  dump_stack_lvl+0x241/0x360
[  754.717908][T12512]  ? __pfx_dump_stack_lvl+0x10/0x10
[  754.717937][T12512]  ? __pfx__printk+0x10/0x10
[  754.717978][T12512]  should_fail_ex+0x424/0x570
[  754.718007][T12512]  _copy_to_user+0x31/0xb0
[  754.718046][T12512]  simple_read_from_buffer+0xc4/0x170
[  754.718074][T12512]  proc_fail_nth_read+0x1ef/0x260
[  754.718106][T12512]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  754.718137][T12512]  ? rw_verify_area+0x246/0x630
[  754.718165][T12512]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  754.718193][T12512]  vfs_read+0x21f/0xb90
[  754.718229][T12512]  ? __pfx___mutex_lock+0x10/0x10
[  754.718257][T12512]  ? __pfx_vfs_read+0x10/0x10
[  754.718297][T12512]  ? __fget_files+0x2a/0x420
[  754.718323][T12512]  ? __fget_files+0x39d/0x420
[  754.718345][T12512]  ? __fget_files+0x2a/0x420
[  754.718378][T12512]  ksys_read+0x19d/0x2d0
[  754.718407][T12512]  ? __pfx_ksys_read+0x10/0x10
[  754.718440][T12512]  ? do_syscall_64+0xb6/0x230
[  754.718471][T12512]  do_syscall_64+0xf3/0x230
[  754.718498][T12512]  ? clear_bhb_loop+0x45/0xa0
[  754.718524][T12512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  754.718544][T12512] RIP: 0033:0x7f4125b8bb7c
[  754.718563][T12512] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  754.718580][T12512] RSP: 002b:00007f412690f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  754.718602][T12512] RAX: ffffffffffffffda RBX: 00007f4125da6160 RCX: 00007f4125b8bb7c
[  754.718618][T12512] RDX: 000000000000000f RSI: 00007f412690f0a0 RDI: 0000000000000006
[  754.718631][T12512] RBP: 00007f412690f090 R08: 0000000000000000 R09: 0000000000000000
[  754.718644][T12512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  754.718656][T12512] R13: 0000000000000000 R14: 00007f4125da6160 R15: 00007ffd0ab509a8
[  754.718689][T12512]  </TASK>
[  754.725574][   T10] usb 5-1: New USB device found, idVendor=12d1, idProduct=fda0, bcdDevice=aa.49
[  754.775408][T12513] program syz.0.1773 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  754.782943][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  754.961885][   T10] usb 5-1: Product: syz
[  754.966100][   T10] usb 5-1: Manufacturer: syz
[  754.970806][   T10] usb 5-1: SerialNumber: syz
[  754.993235][T12517] program syz.0.1774 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  755.036187][T12519] FAULT_INJECTION: forcing a failure.
[  755.036187][T12519] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  755.057491][T12519] CPU: 1 UID: 0 PID: 12519 Comm: syz.5.1775 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  755.057526][T12519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  755.057541][T12519] Call Trace:
[  755.057550][T12519]  <TASK>
[  755.057559][T12519]  dump_stack_lvl+0x241/0x360
[  755.057597][T12519]  ? __pfx_dump_stack_lvl+0x10/0x10
[  755.057627][T12519]  ? __pfx__printk+0x10/0x10
[  755.057669][T12519]  should_fail_ex+0x424/0x570
[  755.057698][T12519]  _copy_to_user+0x31/0xb0
[  755.057733][T12519]  simple_read_from_buffer+0xc4/0x170
[  755.057762][T12519]  proc_fail_nth_read+0x1ef/0x260
[  755.057795][T12519]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  755.057827][T12519]  ? rw_verify_area+0x246/0x630
[  755.057855][T12519]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  755.057884][T12519]  vfs_read+0x21f/0xb90
[  755.057919][T12519]  ? __pfx___mutex_lock+0x10/0x10
[  755.057949][T12519]  ? __pfx_vfs_read+0x10/0x10
[  755.057981][T12519]  ? __fget_files+0x2a/0x420
[  755.058008][T12519]  ? __fget_files+0x39d/0x420
[  755.058032][T12519]  ? __fget_files+0x2a/0x420
[  755.058067][T12519]  ksys_read+0x19d/0x2d0
[  755.058101][T12519]  ? __pfx_ksys_read+0x10/0x10
[  755.058140][T12519]  ? do_syscall_64+0xb6/0x230
[  755.058165][T12519]  do_syscall_64+0xf3/0x230
[  755.058187][T12519]  ? clear_bhb_loop+0x45/0xa0
[  755.058212][T12519]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  755.058230][T12519] RIP: 0033:0x7f4125b8bb7c
[  755.058246][T12519] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  755.058262][T12519] RSP: 002b:00007f4126951030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  755.058282][T12519] RAX: ffffffffffffffda RBX: 00007f4125da5fa0 RCX: 00007f4125b8bb7c
[  755.058295][T12519] RDX: 000000000000000f RSI: 00007f41269510a0 RDI: 0000000000000005
[  755.058306][T12519] RBP: 00007f4126951090 R08: 0000000000000000 R09: 0000000000000000
[  755.058317][T12519] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  755.058334][T12519] R13: 0000000000000000 R14: 00007f4125da5fa0 R15: 00007ffd0ab509a8
[  755.058367][T12519]  </TASK>
[  755.407179][T12515] overlayfs: failed to clone upperpath
[  755.659452][T12536] FAULT_INJECTION: forcing a failure.
[  755.659452][T12536] name failslab, interval 1, probability 0, space 0, times 0
[  755.682870][T12536] CPU: 0 UID: 0 PID: 12536 Comm: syz.0.1782 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  755.682903][T12536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  755.682921][T12536] Call Trace:
[  755.682931][T12536]  <TASK>
[  755.682940][T12536]  dump_stack_lvl+0x241/0x360
[  755.682989][T12536]  ? __pfx_dump_stack_lvl+0x10/0x10
[  755.683019][T12536]  ? __pfx__printk+0x10/0x10
[  755.683053][T12536]  ? __pfx___might_resched+0x10/0x10
[  755.683084][T12536]  should_fail_ex+0x424/0x570
[  755.683114][T12536]  should_failslab+0xac/0x100
[  755.683138][T12536]  __kmalloc_noprof+0xdf/0x4d0
[  755.683161][T12536]  ? tomoyo_encode+0x26f/0x540
[  755.683188][T12536]  tomoyo_encode+0x26f/0x540
[  755.683211][T12536]  ? __pfx_sockfs_dname+0x10/0x10
[  755.683243][T12536]  tomoyo_realpath_from_path+0x59e/0x5e0
[  755.683279][T12536]  tomoyo_path_number_perm+0x245/0x790
[  755.683314][T12536]  ? tomoyo_path_number_perm+0x215/0x790
[  755.683348][T12536]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  755.683386][T12536]  ? ksys_write+0x24e/0x2d0
[  755.683425][T12536]  ? __lock_acquire+0xad5/0xd80
[  755.683466][T12536]  ? __fget_files+0x2a/0x420
[  755.683491][T12536]  ? __fget_files+0x2a/0x420
[  755.683519][T12536]  ? __fget_files+0x2a/0x420
[  755.683549][T12536]  security_file_ioctl+0xc6/0x2a0
[  755.683585][T12536]  __se_sys_ioctl+0x46/0x160
[  755.683618][T12536]  do_syscall_64+0xf3/0x230
[  755.683648][T12536]  ? clear_bhb_loop+0x45/0xa0
[  755.683673][T12536]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  755.683695][T12536] RIP: 0033:0x7ff65378d169
[  755.683714][T12536] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  755.683732][T12536] RSP: 002b:00007ff6545ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  755.683755][T12536] RAX: ffffffffffffffda RBX: 00007ff6539a5fa0 RCX: 00007ff65378d169
[  755.683771][T12536] RDX: 0000200000001440 RSI: 00000000000089ff RDI: 0000000000000003
[  755.683785][T12536] RBP: 00007ff6545ba090 R08: 0000000000000000 R09: 0000000000000000
[  755.683798][T12536] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  755.683811][T12536] R13: 0000000000000000 R14: 00007ff6539a5fa0 R15: 00007fffb7eee1e8
[  755.683844][T12536]  </TASK>
[  755.683945][T12536] ERROR: Out of memory at tomoyo_realpath_from_path.
[  756.892252][   T30] audit: type=1326 audit(1744465288.360:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12546 comm="syz.1.1785" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f98fe78d169 code=0x0
[  756.968196][T12549] FAULT_INJECTION: forcing a failure.
[  756.968196][T12549] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  756.981970][T12549] CPU: 1 UID: 0 PID: 12549 Comm: syz.3.1787 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  756.982003][T12549] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  756.982017][T12549] Call Trace:
[  756.982027][T12549]  <TASK>
[  756.982036][T12549]  dump_stack_lvl+0x241/0x360
[  756.982073][T12549]  ? __pfx_dump_stack_lvl+0x10/0x10
[  756.982102][T12549]  ? __pfx__printk+0x10/0x10
[  756.982145][T12549]  should_fail_ex+0x424/0x570
[  756.982173][T12549]  _copy_from_user+0x2d/0xb0
[  756.982205][T12549]  copy_msghdr_from_user+0xb3/0x580
[  756.982241][T12549]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  756.982267][T12549]  ? __fget_files+0x2a/0x420
[  756.982297][T12549]  ? __fget_files+0x2a/0x420
[  756.982331][T12549]  __sys_recvmsg+0x210/0x3a0
[  756.982361][T12549]  ? __pfx___sys_recvmsg+0x10/0x10
[  756.982399][T12549]  ? __fget_files+0x2a/0x420
[  756.982450][T12549]  ? do_syscall_64+0xb6/0x230
[  756.982481][T12549]  do_syscall_64+0xf3/0x230
[  756.982508][T12549]  ? clear_bhb_loop+0x45/0xa0
[  756.982533][T12549]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  756.982555][T12549] RIP: 0033:0x7fb7f4d8d169
[  756.982574][T12549] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  756.982593][T12549] RSP: 002b:00007fb7f5bcc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  756.982616][T12549] RAX: ffffffffffffffda RBX: 00007fb7f4fa5fa0 RCX: 00007fb7f4d8d169
[  756.982631][T12549] RDX: 0000000040012022 RSI: 0000200000000080 RDI: 0000000000000003
[  756.982645][T12549] RBP: 00007fb7f5bcc090 R08: 0000000000000000 R09: 0000000000000000
[  756.982659][T12549] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  756.982671][T12549] R13: 0000000000000000 R14: 00007fb7f4fa5fa0 R15: 00007ffc04cab188
[  756.982704][T12549]  </TASK>
[  757.306054][   T10] option 5-1:6.212: GSM modem (1-port) converter detected
[  757.328295][   T10] usb 5-1: USB disconnect, device number 30
[  757.347451][   T10] option 5-1:6.212: device disconnected
[  757.418570][    T9] usb 1-1: new full-speed USB device number 25 using dummy_hcd
[  757.453968][T12561] program syz.5.1790 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  757.558695][ T9719] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  757.580323][    T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  757.590628][    T9] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  757.604952][    T9] usb 1-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  757.664016][    T9] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  757.675143][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  757.686490][    T9] usb 1-1: Product: syz
[  757.691297][    T9] usb 1-1: Manufacturer: syz
[  757.697410][    T9] usb 1-1: SerialNumber: syz
[  757.708485][ T9719] usb 4-1: Using ep0 maxpacket: 32
[  757.720554][ T9719] usb 4-1: config 240 has an invalid interface number: 0 but max is -1
[  757.735642][    T9] cdc_ncm 1-1:1.0: skipping garbage
[  757.742994][ T9719] usb 4-1: config 240 has an invalid descriptor of length 0, skipping remainder of the config
[  757.744770][T12564] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1793'.
[  757.766305][ T9719] usb 4-1: config 240 has 1 interface, different from the descriptor's value: 0
[  757.786258][ T9719] usb 4-1: config 240 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  757.813680][ T9719] usb 4-1: config 240 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  757.833791][ T9719] usb 4-1: config 240 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88
[  757.860043][ T9719] usb 4-1: config 240 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  757.878714][ T9719] usb 4-1: config 240 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4
[  757.901357][ T9719] usb 4-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=25.11
[  757.918520][ T9719] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=7
[  757.926612][ T9719] usb 4-1: Product: syz
[  757.934321][ T9719] usb 4-1: Manufacturer: syz
[  757.947858][ T9719] usb 4-1: SerialNumber: syz
[  757.962145][ T9719] usb 4-1: no audio or video endpoints found
[  758.060501][T12569] program syz.4.1795 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  758.502174][T12581] gfs2: gfs2 mount does not exist
[  759.144989][    T9] cdc_ncm 1-1:1.0: SET_CRC_MODE failed
[  759.151683][    T9] cdc_ncm 1-1:1.0: SET_NTB_FORMAT failed
[  759.178548][    T9] cdc_ncm 1-1:1.0: bind() failure
[  759.187546][    T9] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  759.208460][    T9] cdc_ncm 1-1:1.1: bind() failure
[  759.225749][    T9] usb 1-1: USB disconnect, device number 25
[  760.430676][T12577] overlayfs: failed to clone upperpath
[  760.455209][    T9] usb 4-1: USB disconnect, device number 34
[  763.351387][ T2900] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  763.557090][T12605] program syz.5.1807 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  763.870068][T12610] FAULT_INJECTION: forcing a failure.
[  763.870068][T12610] name failslab, interval 1, probability 0, space 0, times 0
[  763.908818][T12610] CPU: 0 UID: 0 PID: 12610 Comm: syz.5.1809 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  763.908851][T12610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  763.908864][T12610] Call Trace:
[  763.908873][T12610]  <TASK>
[  763.908882][T12610]  dump_stack_lvl+0x241/0x360
[  763.908919][T12610]  ? __pfx_dump_stack_lvl+0x10/0x10
[  763.908949][T12610]  ? __pfx__printk+0x10/0x10
[  763.908982][T12610]  ? __pfx___might_resched+0x10/0x10
[  763.909013][T12610]  should_fail_ex+0x424/0x570
[  763.909041][T12610]  should_failslab+0xac/0x100
[  763.909065][T12610]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  763.909090][T12610]  ? __alloc_skb+0x1c2/0x480
[  763.909115][T12610]  __alloc_skb+0x1c2/0x480
[  763.909142][T12610]  ? __pfx___alloc_skb+0x10/0x10
[  763.909164][T12610]  ? netlink_autobind+0xd6/0x2f0
[  763.909195][T12610]  ? netlink_autobind+0x2b0/0x2f0
[  763.909233][T12610]  netlink_sendmsg+0x638/0xcd0
[  763.909278][T12610]  ? __pfx_netlink_sendmsg+0x10/0x10
[  763.909324][T12610]  ? __pfx_netlink_sendmsg+0x10/0x10
[  763.909366][T12610]  __sock_sendmsg+0x221/0x270
[  763.909399][T12610]  ____sys_sendmsg+0x523/0x860
[  763.909433][T12610]  ? __pfx_____sys_sendmsg+0x10/0x10
[  763.909454][T12610]  ? __fget_files+0x2a/0x420
[  763.909483][T12610]  ? __fget_files+0x2a/0x420
[  763.909519][T12610]  __sys_sendmsg+0x271/0x360
[  763.909549][T12610]  ? __pfx___sys_sendmsg+0x10/0x10
[  763.909632][T12610]  ? do_syscall_64+0xb6/0x230
[  763.909663][T12610]  do_syscall_64+0xf3/0x230
[  763.909691][T12610]  ? clear_bhb_loop+0x45/0xa0
[  763.909717][T12610]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  763.909738][T12610] RIP: 0033:0x7f4125b8d169
[  763.909757][T12610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  763.909775][T12610] RSP: 002b:00007f4126951038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  763.909798][T12610] RAX: ffffffffffffffda RBX: 00007f4125da5fa0 RCX: 00007f4125b8d169
[  763.909813][T12610] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  763.909826][T12610] RBP: 00007f4126951090 R08: 0000000000000000 R09: 0000000000000000
[  763.909839][T12610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  763.909851][T12610] R13: 0000000000000000 R14: 00007f4125da5fa0 R15: 00007ffd0ab509a8
[  763.909884][T12610]  </TASK>
[  764.536227][T12622] gfs2: gfs2 mount does not exist
[  765.340796][ T5884] kernel read not supported for file /video9 (pid: 5884 comm: kworker/1:3)
[  765.830827][T12630] hsr0: entered promiscuous mode
[  765.890426][T12636] FAULT_INJECTION: forcing a failure.
[  765.890426][T12636] name failslab, interval 1, probability 0, space 0, times 0
[  765.904649][T12636] CPU: 0 UID: 0 PID: 12636 Comm: syz.5.1818 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  765.904682][T12636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  765.904696][T12636] Call Trace:
[  765.904706][T12636]  <TASK>
[  765.904716][T12636]  dump_stack_lvl+0x241/0x360
[  765.904753][T12636]  ? __pfx_dump_stack_lvl+0x10/0x10
[  765.904782][T12636]  ? __pfx__printk+0x10/0x10
[  765.904815][T12636]  ? __pfx___might_resched+0x10/0x10
[  765.904845][T12636]  should_fail_ex+0x424/0x570
[  765.904873][T12636]  should_failslab+0xac/0x100
[  765.904896][T12636]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  765.904920][T12636]  ? __alloc_skb+0x1c2/0x480
[  765.904944][T12636]  __alloc_skb+0x1c2/0x480
[  765.904971][T12636]  ? __pfx___alloc_skb+0x10/0x10
[  765.904994][T12636]  ? netlink_autobind+0xd6/0x2f0
[  765.905023][T12636]  ? netlink_autobind+0x2b0/0x2f0
[  765.905060][T12636]  netlink_sendmsg+0x638/0xcd0
[  765.905102][T12636]  ? __pfx_netlink_sendmsg+0x10/0x10
[  765.905147][T12636]  ? __pfx_netlink_sendmsg+0x10/0x10
[  765.905176][T12636]  __sock_sendmsg+0x221/0x270
[  765.905208][T12636]  ____sys_sendmsg+0x523/0x860
[  765.905241][T12636]  ? __pfx_____sys_sendmsg+0x10/0x10
[  765.905261][T12636]  ? __fget_files+0x2a/0x420
[  765.905290][T12636]  ? __fget_files+0x2a/0x420
[  765.905324][T12636]  __sys_sendmsg+0x271/0x360
[  765.905354][T12636]  ? __pfx___sys_sendmsg+0x10/0x10
[  765.905437][T12636]  ? do_syscall_64+0xb6/0x230
[  765.905479][T12636]  do_syscall_64+0xf3/0x230
[  765.905510][T12636]  ? clear_bhb_loop+0x45/0xa0
[  765.905536][T12636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  765.905556][T12636] RIP: 0033:0x7f4125b8d169
[  765.905576][T12636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  765.905592][T12636] RSP: 002b:00007f4126951038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  765.905616][T12636] RAX: ffffffffffffffda RBX: 00007f4125da5fa0 RCX: 00007f4125b8d169
[  765.905632][T12636] RDX: 0000000001000000 RSI: 0000200000000000 RDI: 0000000000000003
[  765.905645][T12636] RBP: 00007f4126951090 R08: 0000000000000000 R09: 0000000000000000
[  765.905658][T12636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  765.905671][T12636] R13: 0000000000000000 R14: 00007f4125da5fa0 R15: 00007ffd0ab509a8
[  765.905703][T12636]  </TASK>
[  766.450325][   T24] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  766.576864][T12653] lo speed is unknown, defaulting to 1000
[  766.611264][   T24] usb 4-1: config 0 has an invalid interface number: 199 but max is 1
[  766.685310][   T24] usb 4-1: config 0 has no interface number 1
[  766.692086][   T24] usb 4-1: config 0 interface 199 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  766.703272][   T24] usb 4-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  766.729861][   T24] usb 4-1: New USB device found, idVendor=0002, idProduct=0000, bcdDevice= 0.00
[  766.742674][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  766.768464][   T24] usb 4-1: SerialNumber: syz
[  766.783049][   T24] usb 4-1: config 0 descriptor??
[  766.806280][   T24] usb 4-1: Found UVC 0.00 device <unnamed> (0002:0000)
[  766.814698][   T24] usb 4-1: No valid video chain found.
[  766.898542][ T5951] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  767.558734][ T5884] usb 4-1: USB disconnect, device number 35
[  767.610283][ T5951] usb 5-1: Using ep0 maxpacket: 16
[  767.637453][ T5951] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  767.975009][ T5951] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xD7, changing to 0x87
[  767.988077][ T5951] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  767.999262][ T5951] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  768.031642][ T5951] usb 5-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  768.078711][ T5951] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  768.108456][T12673] cgroup2: Unknown parameter 'lowerdir'
[  768.117691][ T5951] usb 5-1: Product: syz
[  768.138174][ T5951] usb 5-1: Manufacturer: syz
[  768.320469][ T5951] usb 5-1: SerialNumber: syz
[  768.376837][ T5951] usb 5-1: config 0 descriptor??
[  768.699689][ T5951] appledisplay 5-1:0.0: Error while getting initial brightness: -110
[  769.152952][ T5951] appledisplay 5-1:0.0: probe with driver appledisplay failed with error -110
[  769.351485][T12691] program syz.3.1833 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  769.501780][ T5951] usb 5-1: USB disconnect, device number 31
[  770.785856][   T81] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  771.245201][T12715] 9pnet_fd: Insufficient options for proto=fd
[  771.540586][T12722] overlayfs: failed to clone lowerpath
[  771.730250][   T55] Bluetooth: hci1: unknown advertising packet type: 0x70
[  772.158470][ T9719] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  772.251862][T12738] program syz.3.1848 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  772.350831][ T9719] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  772.378270][ T9719] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  772.421700][ T9719] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  772.752905][T12748] overlayfs: failed to clone lowerpath
[  773.355687][ T9719] usb 1-1: Product: syz
[  773.360299][ T9719] usb 1-1: Manufacturer: syz
[  773.364941][ T9719] usb 1-1: SerialNumber: syz
[  773.437646][ T9719] usb 1-1: config 0 descriptor??
[  773.556488][T12756] overlayfs: overlapping lowerdir path
[  773.732708][T12764] FAULT_INJECTION: forcing a failure.
[  773.732708][T12764] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  773.752253][T12764] CPU: 0 UID: 0 PID: 12764 Comm: syz.3.1857 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  773.752287][T12764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  773.752301][T12764] Call Trace:
[  773.752311][T12764]  <TASK>
[  773.752320][T12764]  dump_stack_lvl+0x241/0x360
[  773.752357][T12764]  ? __pfx_dump_stack_lvl+0x10/0x10
[  773.752385][T12764]  ? __pfx__printk+0x10/0x10
[  773.752424][T12764]  should_fail_ex+0x424/0x570
[  773.752451][T12764]  prepare_alloc_pages+0x220/0x610
[  773.752488][T12764]  __alloc_frozen_pages_noprof+0x162/0x5b0
[  773.752520][T12764]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  773.752557][T12764]  ? process_measurement+0x1b33/0x1fe0
[  773.752599][T12764]  alloc_pages_mpol+0x339/0x690
[  773.752625][T12764]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  773.752645][T12764]  ? __pfx_smack_log+0x10/0x10
[  773.752669][T12764]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  773.752696][T12764]  ? smk_access+0x4ab/0x4e0
[  773.752720][T12764]  alloc_pages_noprof+0x121/0x190
[  773.752744][T12764]  pte_alloc_one+0x1e/0x160
[  773.752776][T12764]  handle_pte_fault+0x2ac2/0x61c0
[  773.752817][T12764]  ? __lock_acquire+0xad5/0xd80
[  773.752842][T12764]  ? __pfx_handle_pte_fault+0x10/0x10
[  773.752881][T12764]  ? is_bpf_text_address+0x26/0x2a0
[  773.752923][T12764]  ? 0xffffffffa0001fcc
[  773.752944][T12764]  ? is_bpf_text_address+0x288/0x2a0
[  773.752965][T12764]  ? is_bpf_text_address+0x26/0x2a0
[  773.752989][T12764]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  773.753034][T12764]  ? __thp_vma_allowable_orders+0x229/0x9b0
[  773.753066][T12764]  ? mtree_range_walk+0x700/0x8e0
[  773.753106][T12764]  handle_mm_fault+0x1030/0x1aa0
[  773.753156][T12764]  ? __pfx_handle_mm_fault+0x10/0x10
[  773.753205][T12764]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  773.753231][T12764]  exc_page_fault+0x2bb/0x920
[  773.753265][T12764]  asm_exc_page_fault+0x26/0x30
[  773.753285][T12764] RIP: 0010:strnlen_user+0x4e/0x180
[  773.753305][T12764] Code: de e8 66 17 8b fc 48 85 db 0f 8e 28 01 00 00 48 b8 00 f0 ff ff ff 7f 00 00 49 39 c4 4c 0f 47 e0 0f 01 cb 4c 89 e0 48 83 e0 f8 <48> 8b 28 45 89 e7 41 83 e7 07 42 8d 0c fd 00 00 00 00 48 c7 c0 ff
[  773.753324][T12764] RSP: 0018:ffffc9000ad2fd50 EFLAGS: 00050202
[  773.753344][T12764] RAX: 0000200000000080 RBX: 0000000000000100 RCX: ffff88805d46bc00
[  773.753359][T12764] RDX: 0000000000000000 RSI: 0000000000000100 RDI: 0000000000000001
[  773.753371][T12764] RBP: ffffc9000ad2ff00 R08: ffffffff853831ea R09: ffffffff824ee150
[  773.753386][T12764] R10: 0000000000000005 R11: ffff88805d46bc00 R12: 0000200000000080
[  773.753401][T12764] R13: 1ffff920015a5fc4 R14: 0000200000000080 R15: 0000000000000100
[  773.753423][T12764]  ? __se_sys_fsconfig+0x590/0xf40
[  773.753451][T12764]  ? strnlen_user+0x2a/0x180
[  773.753486][T12764]  strndup_user+0x1f/0xd0
[  773.753506][T12764]  __se_sys_fsconfig+0x541/0xf40
[  773.753547][T12764]  ? __pfx___se_sys_fsconfig+0x10/0x10
[  773.753574][T12764]  ? ksys_write+0x275/0x2d0
[  773.753617][T12764]  ? __x64_sys_fsconfig+0x20/0xc0
[  773.753648][T12764]  do_syscall_64+0xf3/0x230
[  773.753675][T12764]  ? clear_bhb_loop+0x45/0xa0
[  773.753701][T12764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  773.753721][T12764] RIP: 0033:0x7fb7f4d8d169
[  773.753738][T12764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  773.753756][T12764] RSP: 002b:00007fb7f5bcc038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  773.753784][T12764] RAX: ffffffffffffffda RBX: 00007fb7f4fa5fa0 RCX: 00007fb7f4d8d169
[  773.753799][T12764] RDX: 0000200000000080 RSI: 0000000000000001 RDI: 0000000000000003
[  773.753813][T12764] RBP: 00007fb7f5bcc090 R08: 0000000000000000 R09: 0000000000000000
[  773.753826][T12764] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000001
[  773.753839][T12764] R13: 0000000000000000 R14: 00007fb7f4fa5fa0 R15: 00007ffc04cab188
[  773.753873][T12764]  </TASK>
[  774.199062][   T81] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  774.277369][T12771] FAULT_INJECTION: forcing a failure.
[  774.277369][T12771] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  774.298174][T12771] CPU: 1 UID: 0 PID: 12771 Comm: syz.3.1860 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  774.298208][T12771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  774.298223][T12771] Call Trace:
[  774.298232][T12771]  <TASK>
[  774.298242][T12771]  dump_stack_lvl+0x241/0x360
[  774.298280][T12771]  ? __pfx_dump_stack_lvl+0x10/0x10
[  774.298315][T12771]  ? __pfx__printk+0x10/0x10
[  774.298357][T12771]  should_fail_ex+0x424/0x570
[  774.298385][T12771]  _copy_from_user+0x2d/0xb0
[  774.298417][T12771]  copy_msghdr_from_user+0xb3/0x580
[  774.298453][T12771]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  774.298512][T12771]  do_recvmmsg+0x3bf/0xab0
[  774.298550][T12771]  ? __pfx_do_recvmmsg+0x10/0x10
[  774.298593][T12771]  ? rcu_read_lock_any_held+0xbb/0x160
[  774.298621][T12771]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  774.298652][T12771]  ? vfs_write+0xb29/0xd10
[  774.298693][T12771]  ? ksys_write+0x24e/0x2d0
[  774.298727][T12771]  ? __mutex_unlock_slowpath+0x229/0x800
[  774.298765][T12771]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  774.298791][T12771]  ? __fget_files+0x2a/0x420
[  774.298834][T12771]  __x64_sys_recvmmsg+0x1ab/0x260
[  774.298862][T12771]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  774.298894][T12771]  ? do_syscall_64+0xb6/0x230
[  774.298925][T12771]  do_syscall_64+0xf3/0x230
[  774.298952][T12771]  ? clear_bhb_loop+0x45/0xa0
[  774.298979][T12771]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  774.299001][T12771] RIP: 0033:0x7fb7f4d8d169
[  774.299020][T12771] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  774.299039][T12771] RSP: 002b:00007fb7f5bcc038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  774.299073][T12771] RAX: ffffffffffffffda RBX: 00007fb7f4fa5fa0 RCX: 00007fb7f4d8d169
[  774.299088][T12771] RDX: 000000000000001e RSI: 0000200000000240 RDI: 0000000000000004
[  774.299101][T12771] RBP: 00007fb7f5bcc090 R08: 0000000000000000 R09: 0000000000000000
[  774.299115][T12771] R10: 0000000000002000 R11: 0000000000000246 R12: 0000000000000001
[  774.299127][T12771] R13: 0000000000000000 R14: 00007fb7f4fa5fa0 R15: 00007ffc04cab188
[  774.299159][T12771]  </TASK>
[  774.513595][    C1] vkms_vblank_simulate: vblank timer overrun
[  774.631236][T12774] input: syz1 as /devices/virtual/input/input18
[  774.678566][T12777] program syz.3.1861 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  774.788474][   T24] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  774.895547][T12783] cgroup2: Unknown parameter 'lowerdir'
[  774.970848][   T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  774.992290][   T24] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  775.017564][   T24] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  775.045161][   T24] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  775.055470][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  775.064139][   T24] usb 6-1: Product: syz
[  775.075401][   T24] usb 6-1: Manufacturer: syz
[  775.080219][   T24] usb 6-1: SerialNumber: syz
[  775.692143][T12769] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  775.741000][T12769] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  775.829250][ T5884] usb 1-1: USB disconnect, device number 26
[  775.836674][   T24] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  775.880402][T12796] overlayfs: failed to clone lowerpath
[  776.797594][ T9719] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  776.911000][T12815] 9pnet_fd: Insufficient options for proto=fd
[  777.028589][ T9719] usb 4-1: Using ep0 maxpacket: 16
[  777.042483][ T9719] usb 4-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[  777.058471][ T9719] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  777.066527][ T9719] usb 4-1: Product: syz
[  777.084111][ T9719] usb 4-1: Manufacturer: syz
[  777.098443][ T9719] usb 4-1: SerialNumber: syz
[  777.115082][T12819] FAULT_INJECTION: forcing a failure.
[  777.115082][T12819] name failslab, interval 1, probability 0, space 0, times 0
[  777.129806][T12817] cgroup2: Unknown parameter 'lowerdir'
[  777.136560][T12819] CPU: 1 UID: 0 PID: 12819 Comm: syz.4.1876 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  777.136592][T12819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  777.136607][T12819] Call Trace:
[  777.136617][T12819]  <TASK>
[  777.136626][T12819]  dump_stack_lvl+0x241/0x360
[  777.136665][T12819]  ? __pfx_dump_stack_lvl+0x10/0x10
[  777.136695][T12819]  ? __pfx__printk+0x10/0x10
[  777.136728][T12819]  ? __pfx___might_resched+0x10/0x10
[  777.136758][T12819]  should_fail_ex+0x424/0x570
[  777.136788][T12819]  should_failslab+0xac/0x100
[  777.136812][T12819]  __kmalloc_noprof+0xdf/0x4d0
[  777.136834][T12819]  ? tomoyo_encode+0x26f/0x540
[  777.136861][T12819]  tomoyo_encode+0x26f/0x540
[  777.136889][T12819]  tomoyo_realpath_from_path+0x59e/0x5e0
[  777.136926][T12819]  tomoyo_path_number_perm+0x245/0x790
[  777.136962][T12819]  ? tomoyo_path_number_perm+0x215/0x790
[  777.136995][T12819]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  777.137033][T12819]  ? ksys_write+0x24e/0x2d0
[  777.137071][T12819]  ? __lock_acquire+0xad5/0xd80
[  777.137113][T12819]  ? __fget_files+0x2a/0x420
[  777.137137][T12819]  ? __fget_files+0x2a/0x420
[  777.137165][T12819]  ? __fget_files+0x2a/0x420
[  777.137196][T12819]  security_file_ioctl+0xc6/0x2a0
[  777.137230][T12819]  __se_sys_ioctl+0x46/0x160
[  777.137262][T12819]  do_syscall_64+0xf3/0x230
[  777.137290][T12819]  ? clear_bhb_loop+0x45/0xa0
[  777.137315][T12819]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  777.137336][T12819] RIP: 0033:0x7f728a38d169
[  777.137355][T12819] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  777.137373][T12819] RSP: 002b:00007f728b296038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  777.137396][T12819] RAX: ffffffffffffffda RBX: 00007f728a5a5fa0 RCX: 00007f728a38d169
[  777.137411][T12819] RDX: 0000200000000000 RSI: 00000000c0585605 RDI: 0000000000000003
[  777.137424][T12819] RBP: 00007f728b296090 R08: 0000000000000000 R09: 0000000000000000
[  777.137437][T12819] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  777.137449][T12819] R13: 0000000000000000 R14: 00007f728a5a5fa0 R15: 00007ffe01827bd8
[  777.137486][T12819]  </TASK>
[  777.137583][T12819] ERROR: Out of memory at tomoyo_realpath_from_path.
[  777.146487][ T9719] usb 4-1: config 0 descriptor??
[  777.237538][T12822] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1878'.
[  777.294601][ T9719] ums-onetouch 4-1:0.0: USB Mass Storage device detected
[  777.535741][T12799] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  777.558202][T12799] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  777.602284][T12831] program syz.0.1879 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  777.674406][ T5884] usb 4-1: USB disconnect, device number 36
[  777.737481][ T9719] usb 6-1: USB disconnect, device number 4
[  777.746352][ T9719] usblp0: removed
[  778.183337][ T9719] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  778.341586][ T9719] usb 6-1: Using ep0 maxpacket: 32
[  778.358708][ T9719] usb 6-1: config 0 has an invalid interface number: 16 but max is 0
[  778.376707][ T9719] usb 6-1: config 0 has no interface number 0
[  778.514420][ T9719] usb 6-1: config 0 interface 16 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  778.539485][ T9719] usb 6-1: config 0 interface 16 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  779.299078][ T9719] usb 6-1: New USB device found, idVendor=0499, idProduct=102a, bcdDevice=85.2d
[  779.308202][ T9719] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  779.353300][T12867] overlayfs: overlapping lowerdir path
[  779.359213][ T9719] usb 6-1: Product: syz
[  779.367335][T12865] 9pnet_fd: Insufficient options for proto=fd
[  779.397370][ T9719] usb 6-1: Manufacturer: syz
[  779.432840][ T9719] usb 6-1: SerialNumber: syz
[  779.453531][ T9719] usb 6-1: config 0 descriptor??
[  779.476211][T12834] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  779.491072][T12834] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  779.527513][ T9719] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  779.585840][T12869] syzkaller0: entered promiscuous mode
[  779.613011][T12869] syzkaller0: entered allmulticast mode
[  780.079371][T12884] cgroup2: Unknown parameter 'lowerdir'
[  781.551087][T12903] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1900'.
[  781.857412][T12906] 9pnet_fd: Insufficient options for proto=fd
[  782.612210][T12923] gfs2: path_lookup on /dev/net/tun returned error -2
[  784.568115][ T9719] usb 6-1: USB disconnect, device number 5
[  785.004794][T12947] overlayfs: overlapping lowerdir path
[  785.098515][ T9719] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  786.098890][ T9719] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  786.110467][ T9719] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  786.140460][ T9719] usb 6-1: New USB device found, idVendor=057e, idProduct=2009, bcdDevice= 0.00
[  786.169117][ T9719] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  786.171953][T12960] netlink: 'syz.1.1919': attribute type 2 has an invalid length.
[  786.195651][ T9719] usb 6-1: config 0 descriptor??
[  786.570058][T12970] program syz.4.1924 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  786.736641][ T9719] nintendo 0003:057E:2009.0007: hidraw0: USB HID vff.fe Device [HID 057e:2009] on usb-dummy_hcd.5-1/input0
[  786.835744][T12974] overlayfs: overlapping lowerdir path
[  787.470080][ T9719] nintendo 0003:057E:2009.0007: Failed to get joycon info; ret=-38
[  787.479924][ T9719] nintendo 0003:057E:2009.0007: Failed to retrieve controller info; ret=-38
[  787.598566][T12978] gfs2: gfs2 mount does not exist
[  787.699378][ T9719] nintendo 0003:057E:2009.0007: Failed to initialize controller; ret=-38
[  787.740000][ T9719] nintendo 0003:057E:2009.0007: probe - fail = -38
[  787.768933][ T9719] nintendo 0003:057E:2009.0007: probe with driver nintendo failed with error -38
[  787.803077][ T9719] usb 6-1: USB disconnect, device number 6
[  789.233290][ T9719] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  789.820580][T13012] lo speed is unknown, defaulting to 1000
[  789.888455][T13014] gfs2: gfs2 mount does not exist
[  789.912397][T13011] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  789.993394][ T9719] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  790.052302][ T9719] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  790.099795][ T9719] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  790.137343][T13011] batman_adv: batadv0: Removing interface: batadv_slave_1
[  790.151192][ T9719] usb 1-1: New USB device found, idVendor=20d6, idProduct=cb17, bcdDevice= 0.00
[  790.161000][ T9719] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  790.173920][ T9719] usb 1-1: config 0 descriptor??
[  793.021041][ T9719] hid-udraw 0003:20D6:CB17.0008: item fetching failed at offset 5/7
[  793.055573][ T9719] hid-udraw 0003:20D6:CB17.0008: parse failed
[  793.055952][T13028] 9pnet: Could not find request transport: f��̳�՝d�s�V��{�i�}/�
[  793.098730][ T9719] hid-udraw 0003:20D6:CB17.0008: probe with driver hid-udraw failed with error -22
[  793.259119][T13041] netlink: 'syz.4.1945': attribute type 4 has an invalid length.
[  793.323293][T12996] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  793.363370][T12996] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  793.403982][ T9719] usb 1-1: USB disconnect, device number 27
[  795.968611][ T2900] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  797.165705][T13083] Cannot find add_set index 0 as target
[  797.939781][   T30] audit: type=1326 audit(1744465329.410:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13080 comm="syz.3.1957" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb7f4d8d169 code=0x0
[  798.382715][T13097] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1960'.
[  798.707749][T13107] program syz.3.1964 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  799.966278][T13133] overlayfs: failed to clone lowerpath
[  800.935830][T13140] program syz.3.1975 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  801.150217][T13145] FAULT_INJECTION: forcing a failure.
[  801.150217][T13145] name failslab, interval 1, probability 0, space 0, times 0
[  801.225281][T13145] CPU: 1 UID: 0 PID: 13145 Comm: syz.0.1977 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  801.225323][T13145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  801.225339][T13145] Call Trace:
[  801.225348][T13145]  <TASK>
[  801.225358][T13145]  dump_stack_lvl+0x241/0x360
[  801.225397][T13145]  ? __pfx_dump_stack_lvl+0x10/0x10
[  801.225427][T13145]  ? __pfx__printk+0x10/0x10
[  801.225462][T13145]  ? __pfx___might_resched+0x10/0x10
[  801.225493][T13145]  should_fail_ex+0x424/0x570
[  801.225523][T13145]  should_failslab+0xac/0x100
[  801.225548][T13145]  __kmalloc_noprof+0xdf/0x4d0
[  801.225571][T13145]  ? do_sys_poll+0x2ce/0x13f0
[  801.225599][T13145]  do_sys_poll+0x2ce/0x13f0
[  801.225632][T13145]  ? is_bpf_text_address+0x288/0x2a0
[  801.225655][T13145]  ? is_bpf_text_address+0x26/0x2a0
[  801.225679][T13145]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  801.225711][T13145]  ? kernel_text_address+0xa7/0xe0
[  801.225744][T13145]  ? __kernel_text_address+0xd/0x40
[  801.225774][T13145]  ? _parse_integer_limit+0x1b4/0x200
[  801.225800][T13145]  ? __pfx_do_sys_poll+0x10/0x10
[  801.225828][T13145]  ? kstrtoull+0x1d3/0x2f0
[  801.225921][T13145]  ? rcu_read_lock_any_held+0xbb/0x160
[  801.225951][T13145]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  801.225982][T13145]  ? vfs_write+0xb29/0xd10
[  801.226043][T13145]  ? __pfx_set_user_sigmask+0x10/0x10
[  801.226078][T13145]  __se_sys_ppoll+0x2a2/0x330
[  801.226107][T13145]  ? __pfx___se_sys_ppoll+0x10/0x10
[  801.226141][T13145]  ? __x64_sys_ppoll+0x20/0xc0
[  801.226166][T13145]  do_syscall_64+0xf3/0x230
[  801.226194][T13145]  ? clear_bhb_loop+0x45/0xa0
[  801.226221][T13145]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  801.226242][T13145] RIP: 0033:0x7ff65378d169
[  801.226262][T13145] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  801.226280][T13145] RSP: 002b:00007ff6545ba038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  801.226314][T13145] RAX: ffffffffffffffda RBX: 00007ff6539a5fa0 RCX: 00007ff65378d169
[  801.226330][T13145] RDX: 0000000000000000 RSI: 20000000000000dc RDI: 00002000000000c0
[  801.226345][T13145] RBP: 00007ff6545ba090 R08: 0000000000000000 R09: 0000000000000000
[  801.226359][T13145] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  801.226372][T13145] R13: 0000000000000000 R14: 00007ff6539a5fa0 R15: 00007fffb7eee1e8
[  801.226405][T13145]  </TASK>
[  801.525757][T13151] mac80211_hwsim hwsim5 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[  802.183416][T13152] program syz.3.1979 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  802.768180][T13163] 9pnet_fd: Insufficient options for proto=fd
[  802.788820][T13163] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1981'.
[  803.958525][T13166] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1983'.
[  803.988810][   T81] wlan1: Trigger new scan to find an IBSS to join
[  804.292259][   T81] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  804.824558][T13176] overlayfs: failed to clone lowerpath
[  806.817426][T13186] workqueue: Failed to create a rescuer kthread for wq "nbd0-recv": -EINTR
[  806.817516][T13186] block (null): Could not allocate knbd recv work queue.
[  806.833985][T13186] nbd: failed to add new device
[  808.505437][T13205] overlayfs: overlapping lowerdir path
[  808.789526][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  809.014705][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  810.048668][ T3005] wlan1: Trigger new scan to find an IBSS to join
[  810.091542][T13212] program syz.4.1994 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  811.074582][T13221] workqueue: Failed to create a rescuer kthread for wq "nbd0-recv": -EINTR
[  811.074692][T13221] block (null): Could not allocate knbd recv work queue.
[  811.091347][T13221] nbd: failed to add new device
[  812.130361][T13228] overlayfs: overlapping lowerdir path
[  812.193208][T13230] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2000'.
[  812.426229][T13234] overlayfs: failed to clone lowerpath
[  813.288409][   T30] audit: type=1326 audit(1744465344.730:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13239 comm="syz.5.2002" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4125b8d169 code=0x0
[  813.686914][   T36] wlan1: Creating new IBSS network, BSSID f2:91:d4:2c:4d:71
[  814.647892][T13256] 9pnet_fd: Insufficient options for proto=fd
[  814.694133][T13256] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2004'.
[  814.856559][T13255] FAULT_INJECTION: forcing a failure.
[  814.856559][T13255] name failslab, interval 1, probability 0, space 0, times 0
[  814.871437][T13255] CPU: 0 UID: 0 PID: 13255 Comm: syz.3.2005 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  814.871468][T13255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  814.871484][T13255] Call Trace:
[  814.871492][T13255]  <TASK>
[  814.871503][T13255]  dump_stack_lvl+0x241/0x360
[  814.871540][T13255]  ? __pfx_dump_stack_lvl+0x10/0x10
[  814.871569][T13255]  ? __pfx__printk+0x10/0x10
[  814.871603][T13255]  ? __pfx___might_resched+0x10/0x10
[  814.871635][T13255]  should_fail_ex+0x424/0x570
[  814.871663][T13255]  should_failslab+0xac/0x100
[  814.871686][T13255]  __kmalloc_cache_noprof+0x73/0x370
[  814.871708][T13255]  ? tcp_sendmsg_fastopen+0x1d8/0x5d0
[  814.871732][T13255]  ? ima_get_action+0x75/0xb0
[  814.871756][T13255]  tcp_sendmsg_fastopen+0x1d8/0x5d0
[  814.871788][T13255]  tcp_sendmsg_locked+0x4946/0x5030
[  814.871842][T13255]  ? __pfx_process_measurement+0x10/0x10
[  814.871874][T13255]  ? __pfx_smack_log+0x10/0x10
[  814.871912][T13255]  ? __lock_acquire+0xad5/0xd80
[  814.871946][T13255]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  814.871976][T13255]  ? tcp_sendmsg+0x22/0x50
[  814.871999][T13255]  ? do_raw_spin_unlock+0x13c/0x8b0
[  814.872037][T13255]  tcp_sendmsg+0x30/0x50
[  814.872062][T13255]  __sock_sendmsg+0x1a6/0x270
[  814.872093][T13255]  ____sys_sendmsg+0x523/0x860
[  814.872126][T13255]  ? __pfx_____sys_sendmsg+0x10/0x10
[  814.872145][T13255]  ? __fget_files+0x2a/0x420
[  814.872172][T13255]  ? __fget_files+0x2a/0x420
[  814.872206][T13255]  __sys_sendmmsg+0x3a0/0x7b0
[  814.872250][T13255]  ? __pfx___sys_sendmmsg+0x10/0x10
[  814.872317][T13255]  ? rcu_read_lock_any_held+0xbb/0x160
[  814.872342][T13255]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  814.872372][T13255]  ? vfs_write+0xb29/0xd10
[  814.872412][T13255]  ? ksys_write+0x24e/0x2d0
[  814.872445][T13255]  ? __mutex_unlock_slowpath+0x229/0x800
[  814.872504][T13255]  ? ksys_write+0x275/0x2d0
[  814.872547][T13255]  __x64_sys_sendmmsg+0xa0/0xb0
[  814.872572][T13255]  do_syscall_64+0xf3/0x230
[  814.872597][T13255]  ? clear_bhb_loop+0x45/0xa0
[  814.872622][T13255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  814.872642][T13255] RIP: 0033:0x7fb7f4d8d169
[  814.872661][T13255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  814.872678][T13255] RSP: 002b:00007fb7f5bcc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  814.872700][T13255] RAX: ffffffffffffffda RBX: 00007fb7f4fa5fa0 RCX: 00007fb7f4d8d169
[  814.872714][T13255] RDX: 0000000000000002 RSI: 00002000000010c0 RDI: 0000000000000003
[  814.872727][T13255] RBP: 00007fb7f5bcc090 R08: 0000000000000000 R09: 0000000000000000
[  814.872740][T13255] R10: 0000000020008000 R11: 0000000000000246 R12: 0000000000000001
[  814.872752][T13255] R13: 0000000000000000 R14: 00007fb7f4fa5fa0 R15: 00007ffc04cab188
[  814.872785][T13255]  </TASK>
[  816.010008][   T30] audit: type=1326 audit(1744465347.480:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13264 comm="syz.3.2009" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb7f4d8d169 code=0x0
[  816.128709][   T30] audit: type=1326 audit(1744465347.480:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13262 comm="syz.0.2008" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff65378d169 code=0x0
[  816.579244][T13278] overlayfs: failed to clone lowerpath
[  817.105123][T13277] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2012'.
[  819.327195][T13304] 9pnet_fd: Insufficient options for proto=fd
[  821.664710][T13324] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2026'.
[  821.805422][T13331] overlayfs: overlapping lowerdir path
[  822.124234][T13335] program syz.4.2029 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  822.217223][   T30] audit: type=1326 audit(1744465353.680:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13343 comm="syz.3.2032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f4d8d169 code=0x7ffc0000
[  822.261488][   T30] audit: type=1326 audit(1744465353.680:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13343 comm="syz.3.2032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f4d8d169 code=0x7ffc0000
[  822.263121][T13344] FAULT_INJECTION: forcing a failure.
[  822.263121][T13344] name failslab, interval 1, probability 0, space 0, times 0
[  822.324666][   T30] audit: type=1326 audit(1744465353.710:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13343 comm="syz.3.2032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb7f4d8bad0 code=0x7ffc0000
[  822.393669][   T30] audit: type=1326 audit(1744465353.730:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13343 comm="syz.3.2032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb7f4d8bc1f code=0x7ffc0000
[  822.408371][T13344] CPU: 1 UID: 0 PID: 13344 Comm: syz.3.2032 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  822.408409][T13344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  822.408425][T13344] Call Trace:
[  822.408434][T13344]  <TASK>
[  822.408444][T13344]  dump_stack_lvl+0x241/0x360
[  822.408486][T13344]  ? __pfx_dump_stack_lvl+0x10/0x10
[  822.408519][T13344]  ? __pfx__printk+0x10/0x10
[  822.408554][T13344]  ? __pfx___might_resched+0x10/0x10
[  822.408587][T13344]  should_fail_ex+0x424/0x570
[  822.408618][T13344]  should_failslab+0xac/0x100
[  822.408643][T13344]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  822.408670][T13344]  ? __alloc_skb+0x1c2/0x480
[  822.408696][T13344]  __alloc_skb+0x1c2/0x480
[  822.408726][T13344]  ? __pfx___alloc_skb+0x10/0x10
[  822.408745][T13344]  ? rcu_is_watching+0x15/0xb0
[  822.408773][T13344]  ? trace_kmem_cache_alloc+0x1f/0xc0
[  822.408795][T13344]  ? audit_log_start+0x41f/0xa20
[  822.408830][T13344]  audit_log_start+0x446/0xa20
[  822.408870][T13344]  ? __pfx_audit_log_start+0x10/0x10
[  822.408897][T13344]  ? migrate_enable+0x397/0x520
[  822.408933][T13344]  ? __pfx_migrate_enable+0x10/0x10
[  822.408969][T13344]  ? __pfx___cant_migrate+0x10/0x10
[  822.409002][T13344]  audit_seccomp+0x63/0x1f0
[  822.409035][T13344]  __seccomp_filter+0xaea/0x1f20
[  822.409085][T13344]  ? __pfx___seccomp_filter+0x10/0x10
[  822.409121][T13344]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  822.409152][T13344]  ? __fget_files+0x2a/0x420
[  822.409183][T13344]  ? __fget_files+0x2a/0x420
[  822.409230][T13344]  ? __secure_computing+0xef/0x2f0
[  822.409262][T13344]  syscall_trace_enter+0xa6/0x150
[  822.409290][T13344]  do_syscall_64+0xcc/0x230
[  822.409319][T13344]  ? clear_bhb_loop+0x45/0xa0
[  822.409347][T13344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  822.409369][T13344] RIP: 0033:0x7fb7f4d8d169
[  822.409392][T13344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  822.409411][T13344] RSP: 002b:00007fb7f5bcc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000104
[  822.409437][T13344] RAX: ffffffffffffffda RBX: 00007fb7f4fa5fa0 RCX: 00007fb7f4d8d169
[  822.409454][T13344] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffffffffffff
[  822.409469][T13344] RBP: 00007fb7f5bcc090 R08: 0000000000001000 R09: 0000000000000000
[  822.409484][T13344] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  822.409498][T13344] R13: 0000000000000000 R14: 00007fb7f4fa5fa0 R15: 00007ffc04cab188
[  822.409532][T13344]  </TASK>
[  822.409562][T13344] audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=64
[  822.685661][T13344] audit: out of memory in audit_log_start
[  822.701462][   T30] audit: type=1326 audit(1744465354.170:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13343 comm="syz.3.2032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fb7f4d8bb7c code=0x7ffc0000
[  822.793480][   T30] audit: type=1326 audit(1744465354.170:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13343 comm="syz.3.2032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fb7f4d8bc1f code=0x7ffc0000
[  822.839396][   T30] audit: type=1326 audit(1744465354.170:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13343 comm="syz.3.2032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb7f4d8bdca code=0x7ffc0000
[  822.893764][   T30] audit: type=1326 audit(1744465354.170:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13343 comm="syz.3.2032" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb7f4d8d169 code=0x7ffc0000
[  823.198399][ T5903] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  823.368818][ T5903] usb 4-1: Using ep0 maxpacket: 8
[  823.378843][ T5903] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  823.393912][ T5903] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  823.419482][ T5903] usb 4-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[  823.428709][ T5951] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  823.438263][ T5903] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  823.529342][ T5903] usb 4-1: config 0 descriptor??
[  823.591414][ T5951] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  823.619739][ T5951] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  823.648463][ T5951] usb 6-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00
[  823.678779][ T5951] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  823.698824][T13363] tunl0: entered allmulticast mode
[  823.704382][T13363] tunl0: left allmulticast mode
[  823.725207][T13366] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2039'.
[  823.726088][ T5951] usb 6-1: config 0 descriptor??
[  823.850245][ T5903] usbhid 4-1:0.0: can't add hid device: -71
[  823.856409][ T5903] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  823.872076][ T5903] usb 4-1: USB disconnect, device number 37
[  824.183930][ T5951] kye 0003:0458:0138.0009: unknown main item tag 0x0
[  824.409262][T13379] 9pnet_fd: Insufficient options for proto=fd
[  824.453859][ T5951] kye 0003:0458:0138.0009: unknown main item tag 0x0
[  824.605096][T13381] 9pnet_fd: Insufficient options for proto=fd
[  825.108641][ T5951] kye 0003:0458:0138.0009: unknown main item tag 0x0
[  825.115430][ T5951] kye 0003:0458:0138.0009: unknown main item tag 0x0
[  825.138412][ T5951] kye 0003:0458:0138.0009: unknown main item tag 0x0
[  825.145180][ T5951] kye 0003:0458:0138.0009: unknown main item tag 0x0
[  825.183467][ T5951] kye 0003:0458:0138.0009: unknown main item tag 0x0
[  825.248797][ T5951] kye 0003:0458:0138.0009: hidraw0: USB HID v0.00 Device [HID 0458:0138] on usb-dummy_hcd.5-1/input0
[  825.290692][ T5951] usb 6-1: USB disconnect, device number 7
[  825.359253][T13389] FAULT_INJECTION: forcing a failure.
[  825.359253][T13389] name failslab, interval 1, probability 0, space 0, times 0
[  825.390548][T13389] CPU: 1 UID: 0 PID: 13389 Comm: syz.3.2046 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  825.390583][T13389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  825.390597][T13389] Call Trace:
[  825.390606][T13389]  <TASK>
[  825.390616][T13389]  dump_stack_lvl+0x241/0x360
[  825.390655][T13389]  ? __pfx_dump_stack_lvl+0x10/0x10
[  825.390685][T13389]  ? __pfx__printk+0x10/0x10
[  825.390720][T13389]  ? __pfx___might_resched+0x10/0x10
[  825.390750][T13389]  should_fail_ex+0x424/0x570
[  825.390780][T13389]  should_failslab+0xac/0x100
[  825.390805][T13389]  __kmalloc_noprof+0xdf/0x4d0
[  825.390827][T13389]  ? io_cache_alloc_new+0x44/0x100
[  825.390858][T13389]  ? __lock_acquire+0xad5/0xd80
[  825.390884][T13389]  io_cache_alloc_new+0x44/0x100
[  825.390920][T13389]  __io_prep_rw+0x228/0xd30
[  825.390951][T13389]  ? __pfx___io_prep_rw+0x10/0x10
[  825.390972][T13389]  ? percpu_ref_get_many+0x1f/0x1d0
[  825.391012][T13389]  ? __asan_memset+0x23/0x50
[  825.391044][T13389]  io_prep_rwv+0x96/0x460
[  825.391070][T13389]  ? __pfx_io_prep_rwv+0x10/0x10
[  825.391098][T13389]  ? __asan_memset+0x23/0x50
[  825.391126][T13389]  ? blk_start_plug_nr_ios+0x7d/0x1b0
[  825.391158][T13389]  io_submit_sqes+0x94c/0x1ce0
[  825.391216][T13389]  __se_sys_io_uring_enter+0x2cd/0x3560
[  825.391248][T13389]  ? rcu_read_lock_any_held+0xbb/0x160
[  825.391277][T13389]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  825.391308][T13389]  ? vfs_write+0xb29/0xd10
[  825.391349][T13389]  ? ksys_write+0x24e/0x2d0
[  825.391386][T13389]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  825.391418][T13389]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  825.391451][T13389]  ? __fget_files+0x2a/0x420
[  825.391480][T13389]  ? __fget_files+0x2a/0x420
[  825.391513][T13389]  ? fput+0x9b/0xd0
[  825.391538][T13389]  ? ksys_write+0x275/0x2d0
[  825.391579][T13389]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  825.391608][T13389]  do_syscall_64+0xf3/0x230
[  825.391636][T13389]  ? clear_bhb_loop+0x45/0xa0
[  825.391662][T13389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  825.391684][T13389] RIP: 0033:0x7fb7f4d8d169
[  825.391705][T13389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  825.391724][T13389] RSP: 002b:00007fb7f5bcc038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  825.391748][T13389] RAX: ffffffffffffffda RBX: 00007fb7f4fa5fa0 RCX: 00007fb7f4d8d169
[  825.391764][T13389] RDX: 0000000000000000 RSI: 0000000000003516 RDI: 0000000000000005
[  825.391778][T13389] RBP: 00007fb7f5bcc090 R08: 0000000000000000 R09: 0000000000000000
[  825.391792][T13389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  825.391804][T13389] R13: 0000000000000000 R14: 00007fb7f4fa5fa0 R15: 00007ffc04cab188
[  825.391839][T13389]  </TASK>
[  825.998963][T13395] FAULT_INJECTION: forcing a failure.
[  825.998963][T13395] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  826.043334][T13395] CPU: 1 UID: 0 PID: 13395 Comm: syz.3.2049 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  826.043369][T13395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  826.043383][T13395] Call Trace:
[  826.043392][T13395]  <TASK>
[  826.043402][T13395]  dump_stack_lvl+0x241/0x360
[  826.043440][T13395]  ? __pfx_dump_stack_lvl+0x10/0x10
[  826.043472][T13395]  ? __pfx__printk+0x10/0x10
[  826.043514][T13395]  should_fail_ex+0x424/0x570
[  826.043544][T13395]  _copy_to_user+0x31/0xb0
[  826.043579][T13395]  simple_read_from_buffer+0xc4/0x170
[  826.043616][T13395]  proc_fail_nth_read+0x1ef/0x260
[  826.043650][T13395]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  826.043689][T13395]  ? rw_verify_area+0x246/0x630
[  826.043723][T13395]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  826.043754][T13395]  vfs_read+0x21f/0xb90
[  826.043789][T13395]  ? __pfx___mutex_lock+0x10/0x10
[  826.043822][T13395]  ? __pfx_vfs_read+0x10/0x10
[  826.043856][T13395]  ? __fget_files+0x2a/0x420
[  826.043884][T13395]  ? __fget_files+0x39d/0x420
[  826.043907][T13395]  ? __fget_files+0x2a/0x420
[  826.043942][T13395]  ksys_read+0x19d/0x2d0
[  826.043973][T13395]  ? __pfx_ksys_read+0x10/0x10
[  826.044007][T13395]  ? do_syscall_64+0xb6/0x230
[  826.044037][T13395]  do_syscall_64+0xf3/0x230
[  826.044063][T13395]  ? clear_bhb_loop+0x45/0xa0
[  826.044100][T13395]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  826.044120][T13395] RIP: 0033:0x7fb7f4d8bb7c
[  826.044138][T13395] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  826.044157][T13395] RSP: 002b:00007fb7f5bcc030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  826.044180][T13395] RAX: ffffffffffffffda RBX: 00007fb7f4fa5fa0 RCX: 00007fb7f4d8bb7c
[  826.044195][T13395] RDX: 000000000000000f RSI: 00007fb7f5bcc0a0 RDI: 000000000000001b
[  826.044209][T13395] RBP: 00007fb7f5bcc090 R08: 0000000000000000 R09: 0000000000000000
[  826.044222][T13395] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  826.044235][T13395] R13: 0000000000000000 R14: 00007fb7f4fa5fa0 R15: 00007ffc04cab188
[  826.044268][T13395]  </TASK>
[  826.359264][T13375] Bluetooth: hci5: command 0x0406 tx timeout
[  826.465471][ T5951] kernel read not supported for file /video9 (pid: 5951 comm: kworker/0:7)
[  827.117952][T13406] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2052'.
[  827.238498][ T5951] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  827.621950][T13421] 9pnet_fd: Insufficient options for proto=fd
[  827.639991][T13421] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2055'.
[  828.279041][ T5951] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  828.515695][ T5951] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  828.556765][ T5951] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  828.589722][ T5951] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  828.651257][ T5951] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  828.674112][ T5951] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  828.703803][ T5951] usb 1-1: Manufacturer: syz
[  828.748542][ T9719] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  828.782126][ T5951] usb 1-1: config 0 descriptor??
[  829.537220][ T2900] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  829.972670][ T9719] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE8, changing to 0x88
[  829.984666][ T9719] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  830.021413][ T9719] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has an invalid bInterval 0, changing to 7
[  830.093581][ T9719] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  830.111631][T13436] FAULT_INJECTION: forcing a failure.
[  830.111631][T13436] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  830.124980][T13436] CPU: 0 UID: 0 PID: 13436 Comm: syz.5.2059 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  830.125017][T13436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  830.125032][T13436] Call Trace:
[  830.125041][T13436]  <TASK>
[  830.125051][T13436]  dump_stack_lvl+0x241/0x360
[  830.125090][T13436]  ? __pfx_dump_stack_lvl+0x10/0x10
[  830.125120][T13436]  ? __pfx__printk+0x10/0x10
[  830.125163][T13436]  should_fail_ex+0x424/0x570
[  830.125192][T13436]  strncpy_from_user+0x36/0x280
[  830.125219][T13436]  getname_flags+0xf0/0x530
[  830.125250][T13436]  do_sys_openat2+0xbf/0x1d0
[  830.125281][T13436]  ? schedule+0x163/0x360
[  830.125308][T13436]  ? __pfx_do_sys_openat2+0x10/0x10
[  830.125337][T13436]  ? __fget_files+0x2a/0x420
[  830.125371][T13436]  __x64_sys_openat+0x249/0x2a0
[  830.125400][T13436]  ? __pfx___x64_sys_openat+0x10/0x10
[  830.125437][T13436]  ? do_syscall_64+0xb6/0x230
[  830.125468][T13436]  do_syscall_64+0xf3/0x230
[  830.125496][T13436]  ? clear_bhb_loop+0x45/0xa0
[  830.125523][T13436]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  830.125544][T13436] RIP: 0033:0x7f4125b8d169
[  830.125564][T13436] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  830.125582][T13436] RSP: 002b:00007f412690f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  830.125605][T13436] RAX: ffffffffffffffda RBX: 00007f4125da6160 RCX: 00007f4125b8d169
[  830.125621][T13436] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[  830.125636][T13436] RBP: 00007f412690f090 R08: 0000000000000000 R09: 0000000000000000
[  830.125650][T13436] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  830.125663][T13436] R13: 0000000000000000 R14: 00007f4125da6160 R15: 00007ffd0ab509a8
[  830.125697][T13436]  </TASK>
[  830.309371][    C0] vkms_vblank_simulate: vblank timer overrun
[  834.191476][ T9719] usb 4-1: string descriptor 0 read error: -71
[  834.198214][ T5951] usbhid 1-1:0.0: can't add hid device: -71
[  834.204373][ T5951] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  834.212291][ T9719] usb 4-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[  834.224080][ T9719] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  834.232906][ T5951] usb 1-1: USB disconnect, device number 28
[  834.247260][ T9719] usb 4-1: config 0 descriptor??
[  834.258672][ T9719] usb 4-1: can't set config #0, error -71
[  834.763728][ T9719] usb 4-1: USB disconnect, device number 38
[  834.950687][T13452] FAULT_INJECTION: forcing a failure.
[  834.950687][T13452] name failslab, interval 1, probability 0, space 0, times 0
[  834.987258][T13454] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2067'.
[  835.008458][T13452] CPU: 1 UID: 0 PID: 13452 Comm: syz.0.2065 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  835.008494][T13452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  835.008508][T13452] Call Trace:
[  835.008518][T13452]  <TASK>
[  835.008528][T13452]  dump_stack_lvl+0x241/0x360
[  835.008566][T13452]  ? __pfx_dump_stack_lvl+0x10/0x10
[  835.008596][T13452]  ? __pfx__printk+0x10/0x10
[  835.008631][T13452]  ? __pfx___might_resched+0x10/0x10
[  835.008662][T13452]  should_fail_ex+0x424/0x570
[  835.008692][T13452]  should_failslab+0xac/0x100
[  835.008717][T13452]  __kmalloc_noprof+0xdf/0x4d0
[  835.008739][T13452]  ? tomoyo_encode+0x26f/0x540
[  835.008766][T13452]  tomoyo_encode+0x26f/0x540
[  835.008789][T13452]  ? __pfx_anon_inodefs_dname+0x10/0x10
[  835.008818][T13452]  tomoyo_realpath_from_path+0x59e/0x5e0
[  835.008855][T13452]  tomoyo_path_number_perm+0x245/0x790
[  835.008899][T13452]  ? tomoyo_path_number_perm+0x215/0x790
[  835.008933][T13452]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  835.008971][T13452]  ? ksys_write+0x24e/0x2d0
[  835.009011][T13452]  ? __lock_acquire+0xad5/0xd80
[  835.009053][T13452]  ? __fget_files+0x2a/0x420
[  835.009078][T13452]  ? __fget_files+0x2a/0x420
[  835.009106][T13452]  ? __fget_files+0x2a/0x420
[  835.009137][T13452]  security_file_ioctl+0xc6/0x2a0
[  835.009171][T13452]  __se_sys_ioctl+0x46/0x160
[  835.009210][T13452]  do_syscall_64+0xf3/0x230
[  835.009238][T13452]  ? clear_bhb_loop+0x45/0xa0
[  835.009263][T13452]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  835.009284][T13452] RIP: 0033:0x7ff65378d169
[  835.009303][T13452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  835.009322][T13452] RSP: 002b:00007ff6545ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  835.009345][T13452] RAX: ffffffffffffffda RBX: 00007ff6539a5fa0 RCX: 00007ff65378d169
[  835.009361][T13452] RDX: 00002000000000c0 RSI: 000000004008ae89 RDI: 0000000000000007
[  835.009375][T13452] RBP: 00007ff6545ba090 R08: 0000000000000000 R09: 0000000000000000
[  835.009389][T13452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  835.009402][T13452] R13: 0000000000000000 R14: 00007ff6539a5fa0 R15: 00007fffb7eee1e8
[  835.009436][T13452]  </TASK>
[  835.009539][T13452] ERROR: Out of memory at tomoyo_realpath_from_path.
[  835.578516][ T5884] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  835.884917][ T5884] usb 6-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  835.896232][ T5884] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  836.067870][ T5884] usb 6-1: Product: syz
[  836.176016][ T5884] usb 6-1: Manufacturer: syz
[  836.337109][ T5884] usb 6-1: SerialNumber: syz
[  836.380091][ T5884] usb 6-1: config 0 descriptor??
[  836.617043][ T5951] kernel read not supported for file /video9 (pid: 5951 comm: kworker/0:7)
[  836.628735][ T5884] peak_usb 6-1:0.0: PEAK-System PCAN-USB FD v241 fw v219.179.4 (1 channels)
[  836.818064][T13491] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2080'.
[  836.980201][T13496] netlink: 'syz.5.2070': attribute type 11 has an invalid length.
[  836.980250][T13496] netlink: 224 bytes leftover after parsing attributes in process `syz.5.2070'.
[  837.006416][T13501] tmpfs: Unknown parameter 'nMsw
'
[  837.558890][   T53] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  837.787546][T13509] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2083'.
[  837.787657][T13509] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2083'.
[  838.325411][T13512] program syz.0.2084 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  838.401312][T13514] FAULT_INJECTION: forcing a failure.
[  838.401312][T13514] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  838.401377][T13514] CPU: 0 UID: 0 PID: 13514 Comm: syz.4.2085 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  838.401405][T13514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  838.401428][T13514] Call Trace:
[  838.401437][T13514]  <TASK>
[  838.401447][T13514]  dump_stack_lvl+0x241/0x360
[  838.401484][T13514]  ? __pfx_dump_stack_lvl+0x10/0x10
[  838.401518][T13514]  ? __pfx__printk+0x10/0x10
[  838.401562][T13514]  should_fail_ex+0x424/0x570
[  838.401590][T13514]  _copy_from_iter+0x211/0x1c70
[  838.401619][T13514]  ? __mutex_lock+0x380/0x10c0
[  838.401651][T13514]  ? __pfx_kstrtoull+0x10/0x10
[  838.401680][T13514]  ? alloc_pages_mpol+0x4e6/0x690
[  838.401701][T13514]  ? __pfx__copy_from_iter+0x10/0x10
[  838.401733][T13514]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  838.401751][T13514]  ? kstrtouint+0xfc/0x190
[  838.401780][T13514]  ? page_copy_sane+0x46/0x260
[  838.401811][T13514]  copy_page_from_iter+0x7a/0x100
[  838.401843][T13514]  anon_pipe_write+0x784/0x14f0
[  838.401893][T13514]  ? __pfx_anon_pipe_write+0x10/0x10
[  838.401914][T13514]  ? rcu_read_lock_any_held+0xbb/0x160
[  838.401941][T13514]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  838.401971][T13514]  ? bpf_lsm_file_permission+0x9/0x10
[  838.402002][T13514]  vfs_write+0x70f/0xd10
[  838.402039][T13514]  ? __pfx_anon_pipe_write+0x10/0x10
[  838.402066][T13514]  ? __pfx_vfs_write+0x10/0x10
[  838.402099][T13514]  ? __fget_files+0x2a/0x420
[  838.402128][T13514]  ? __fget_files+0x2a/0x420
[  838.402163][T13514]  ksys_write+0x19d/0x2d0
[  838.402196][T13514]  ? __pfx_ksys_write+0x10/0x10
[  838.402233][T13514]  ? do_syscall_64+0xb6/0x230
[  838.402263][T13514]  do_syscall_64+0xf3/0x230
[  838.402290][T13514]  ? clear_bhb_loop+0x45/0xa0
[  838.402316][T13514]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  838.402337][T13514] RIP: 0033:0x7f728a38d169
[  838.402356][T13514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  838.402373][T13514] RSP: 002b:00007f728b296038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  838.402395][T13514] RAX: ffffffffffffffda RBX: 00007f728a5a5fa0 RCX: 00007f728a38d169
[  838.402410][T13514] RDX: 000000000000fef0 RSI: 0000200000000100 RDI: 0000000000000005
[  838.402431][T13514] RBP: 00007f728b296090 R08: 0000000000000000 R09: 0000000000000000
[  838.402444][T13514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  838.402457][T13514] R13: 0000000000000000 R14: 00007f728a5a5fa0 R15: 00007ffe01827bd8
[  838.402492][T13514]  </TASK>
[  839.620782][T13521] 9pnet_fd: Insufficient options for proto=fd
[  840.900363][ T5884] peak_usb 6-1:0.0 can0: unable to request usb[type=2 value=5] err=-71
[  841.434169][ T5884] peak_usb 6-1:0.0: unable to tell PCAN-USB FD driver is loaded (err -71)
[  841.512993][ T5951] kernel read not supported for file /video9 (pid: 5951 comm: kworker/0:7)
[  841.532969][ T5884] peak_usb 6-1:0.0: probe with driver peak_usb failed with error -71
[  841.739903][ T5884] usb 6-1: USB disconnect, device number 8
[  842.621620][T13552] FAULT_INJECTION: forcing a failure.
[  842.621620][T13552] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  842.642520][T13552] CPU: 1 UID: 0 PID: 13552 Comm: syz.5.2095 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  842.642554][T13552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  842.642567][T13552] Call Trace:
[  842.642576][T13552]  <TASK>
[  842.642586][T13552]  dump_stack_lvl+0x241/0x360
[  842.642623][T13552]  ? __pfx_dump_stack_lvl+0x10/0x10
[  842.642653][T13552]  ? __pfx__printk+0x10/0x10
[  842.642697][T13552]  should_fail_ex+0x424/0x570
[  842.642726][T13552]  _copy_from_user+0x2d/0xb0
[  842.642759][T13552]  kstrtouint_from_user+0xce/0x1a0
[  842.642789][T13552]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  842.642819][T13552]  ? __lock_acquire+0xad5/0xd80
[  842.642853][T13552]  proc_fail_nth_write+0xac/0x2d0
[  842.642881][T13552]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  842.642910][T13552]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  842.642945][T13552]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  842.642974][T13552]  vfs_write+0x2bc/0xd10
[  842.643011][T13552]  ? fdget_pos+0x247/0x310
[  842.643040][T13552]  ? __pfx_vfs_write+0x10/0x10
[  842.643074][T13552]  ? __fget_files+0x2a/0x420
[  842.643100][T13552]  ? __fget_files+0x39d/0x420
[  842.643123][T13552]  ? __fget_files+0x2a/0x420
[  842.643158][T13552]  ksys_write+0x19d/0x2d0
[  842.643191][T13552]  ? __pfx_ksys_write+0x10/0x10
[  842.643235][T13552]  ? do_syscall_64+0xb6/0x230
[  842.643266][T13552]  do_syscall_64+0xf3/0x230
[  842.643292][T13552]  ? clear_bhb_loop+0x45/0xa0
[  842.643318][T13552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  842.643338][T13552] RIP: 0033:0x7f4125b8bc1f
[  842.643357][T13552] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  842.643375][T13552] RSP: 002b:00007f412690f030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  842.643397][T13552] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f4125b8bc1f
[  842.643412][T13552] RDX: 0000000000000001 RSI: 00007f412690f0a0 RDI: 0000000000000005
[  842.643426][T13552] RBP: 00007f412690f090 R08: 0000000000000000 R09: 0000000000000000
[  842.643439][T13552] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  842.643452][T13552] R13: 0000000000000001 R14: 00007f4125da6160 R15: 00007ffd0ab509a8
[  842.643486][T13552]  </TASK>
[  842.645804][T13553] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2098'.
[  843.038702][T13553] erspan0: entered promiscuous mode
[  843.048656][T13553] macvtap1: entered promiscuous mode
[  843.054169][T13553] macvtap1: entered allmulticast mode
[  843.068530][T13553] erspan0: entered allmulticast mode
[  843.261679][T13553] FAULT_INJECTION: forcing a failure.
[  843.261679][T13553] name failslab, interval 1, probability 0, space 0, times 0
[  843.700521][T13553] CPU: 0 UID: 0 PID: 13553 Comm: syz.3.2098 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  843.700546][T13553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  843.700557][T13553] Call Trace:
[  843.700563][T13553]  <TASK>
[  843.700570][T13553]  dump_stack_lvl+0x241/0x360
[  843.700598][T13553]  ? __pfx_dump_stack_lvl+0x10/0x10
[  843.700619][T13553]  ? __pfx__printk+0x10/0x10
[  843.700641][T13553]  ? ___ratelimit+0xc7/0x6a0
[  843.700664][T13553]  should_fail_ex+0x424/0x570
[  843.700685][T13553]  should_failslab+0xac/0x100
[  843.700702][T13553]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  843.700719][T13553]  ? __alloc_skb+0x1c2/0x480
[  843.700737][T13553]  __alloc_skb+0x1c2/0x480
[  843.700750][T13553]  ? netlink_autobind+0xd6/0x2f0
[  843.700777][T13553]  ? __pfx___alloc_skb+0x10/0x10
[  843.700792][T13553]  ? netlink_autobind+0xd6/0x2f0
[  843.700813][T13553]  ? netlink_autobind+0x2b0/0x2f0
[  843.700838][T13553]  netlink_sendmsg+0x638/0xcd0
[  843.700870][T13553]  ? __pfx_netlink_sendmsg+0x10/0x10
[  843.700902][T13553]  ? __pfx_netlink_sendmsg+0x10/0x10
[  843.700924][T13553]  __sock_sendmsg+0x221/0x270
[  843.700969][T13553]  ____sys_sendmsg+0x523/0x860
[  843.700993][T13553]  ? __pfx_____sys_sendmsg+0x10/0x10
[  843.701012][T13553]  ? __sys_sendmsg+0x256/0x360
[  843.701029][T13553]  ? ____sys_sendmsg+0x10/0x860
[  843.701048][T13553]  __sys_sendmsg+0x271/0x360
[  843.701068][T13553]  ? __pfx___sys_sendmsg+0x10/0x10
[  843.701125][T13553]  ? do_syscall_64+0xb6/0x230
[  843.701147][T13553]  do_syscall_64+0xf3/0x230
[  843.701166][T13553]  ? clear_bhb_loop+0x45/0xa0
[  843.701184][T13553]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  843.701199][T13553] RIP: 0033:0x7fb7f4d8d169
[  843.701213][T13553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  843.701226][T13553] RSP: 002b:00007fb7f5bcc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  843.701243][T13553] RAX: ffffffffffffffda RBX: 00007fb7f4fa5fa0 RCX: 00007fb7f4d8d169
[  843.701254][T13553] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  843.701264][T13553] RBP: 00007fb7f5bcc090 R08: 0000000000000000 R09: 0000000000000000
[  843.701273][T13553] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  843.701282][T13553] R13: 0000000000000000 R14: 00007fb7f4fa5fa0 R15: 00007ffc04cab188
[  843.701305][T13553]  </TASK>
[  844.335510][T13569] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2103'.
[  844.495751][T13569] FAULT_INJECTION: forcing a failure.
[  844.495751][T13569] name failslab, interval 1, probability 0, space 0, times 0
[  845.263626][T13569] CPU: 1 UID: 0 PID: 13569 Comm: syz.3.2103 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  845.263660][T13569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  845.263674][T13569] Call Trace:
[  845.263684][T13569]  <TASK>
[  845.263694][T13569]  dump_stack_lvl+0x241/0x360
[  845.263732][T13569]  ? __pfx_dump_stack_lvl+0x10/0x10
[  845.263763][T13569]  ? __pfx__printk+0x10/0x10
[  845.263796][T13569]  ? __pfx___might_resched+0x10/0x10
[  845.263827][T13569]  should_fail_ex+0x424/0x570
[  845.263857][T13569]  should_failslab+0xac/0x100
[  845.263881][T13569]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  845.263906][T13569]  ? __alloc_skb+0x1c2/0x480
[  845.263931][T13569]  __alloc_skb+0x1c2/0x480
[  845.263951][T13569]  ? netlink_autobind+0xd6/0x2f0
[  845.263990][T13569]  ? __pfx___alloc_skb+0x10/0x10
[  845.264014][T13569]  ? netlink_autobind+0xd6/0x2f0
[  845.264044][T13569]  ? netlink_autobind+0x2b0/0x2f0
[  845.264089][T13569]  netlink_sendmsg+0x638/0xcd0
[  845.264136][T13569]  ? __pfx_netlink_sendmsg+0x10/0x10
[  845.264182][T13569]  ? __pfx_netlink_sendmsg+0x10/0x10
[  845.264213][T13569]  __sock_sendmsg+0x221/0x270
[  845.264246][T13569]  ____sys_sendmsg+0x523/0x860
[  845.264281][T13569]  ? __pfx_____sys_sendmsg+0x10/0x10
[  845.264303][T13569]  ? __fget_files+0x2a/0x420
[  845.264332][T13569]  ? __fget_files+0x2a/0x420
[  845.264368][T13569]  __sys_sendmsg+0x271/0x360
[  845.264398][T13569]  ? __pfx___sys_sendmsg+0x10/0x10
[  845.264480][T13569]  ? do_syscall_64+0xb6/0x230
[  845.264513][T13569]  do_syscall_64+0xf3/0x230
[  845.264541][T13569]  ? clear_bhb_loop+0x45/0xa0
[  845.264567][T13569]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  845.264589][T13569] RIP: 0033:0x7fb7f4d8d169
[  845.264609][T13569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  845.264628][T13569] RSP: 002b:00007fb7f5bcc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  845.264651][T13569] RAX: ffffffffffffffda RBX: 00007fb7f4fa5fa0 RCX: 00007fb7f4d8d169
[  845.264668][T13569] RDX: 0000000000000010 RSI: 0000200000001300 RDI: 0000000000000003
[  845.264681][T13569] RBP: 00007fb7f5bcc090 R08: 0000000000000000 R09: 0000000000000000
[  845.264695][T13569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  845.264708][T13569] R13: 0000000000000000 R14: 00007fb7f4fa5fa0 R15: 00007ffc04cab188
[  845.264741][T13569]  </TASK>
[  845.504687][    C1] vkms_vblank_simulate: vblank timer overrun
[  846.519246][ T1903] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  847.190555][T13584] bond1: entered promiscuous mode
[  847.227887][T13584] bond1: entered allmulticast mode
[  847.306139][T13584] 8021q: adding VLAN 0 to HW filter on device bond1
[  847.452253][T13589] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2109'.
[  847.899725][T13595] netlink: zone id is out of range
[  847.952492][T13595] netlink: del zone limit has 4 unknown bytes
[  848.643956][T13596] lo speed is unknown, defaulting to 1000
[  848.837785][T13609] 
[  848.840183][T13609] ======================================================
[  848.847231][T13609] WARNING: possible circular locking dependency detected
[  848.854280][T13609] 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 Not tainted
[  848.861431][T13609] ------------------------------------------------------
[  848.868482][T13609] syz.5.2118/13609 is trying to acquire lock:
[  848.874589][T13609] ffffffff900eb1c8 (rtnl_mutex){+.+.}-{4:4}, at: ip_mroute_setsockopt+0x161/0x11f0
[  848.884008][T13609] 
[  848.884008][T13609] but task is already holding lock:
[  848.891410][T13609] ffff88807c4cdb28 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x1b2/0xd50
[  848.901858][T13609] 
[  848.901858][T13609] which lock already depends on the new lock.
[  848.901858][T13609] 
[  848.912304][T13609] 
[  848.912304][T13609] the existing dependency chain (in reverse order) is:
[  848.921356][T13609] 
[  848.921356][T13609] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}:
[  848.930021][T13609]        lock_acquire+0x116/0x2f0
[  848.935085][T13609]        __mutex_lock+0x1a5/0x10c0
[  848.940235][T13609]        smc_switch_to_fallback+0x35/0xda0
[  848.946080][T13609]        smc_sendmsg+0x11f/0x530
[  848.951053][T13609]        __sock_sendmsg+0x221/0x270
[  848.956290][T13609]        __sys_sendto+0x365/0x4c0
[  848.961345][T13609]        __x64_sys_sendto+0xde/0x100
[  848.966660][T13609]        do_syscall_64+0xf3/0x230
[  848.971720][T13609]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  848.978171][T13609] 
[  848.978171][T13609] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}:
[  848.985873][T13609]        lock_acquire+0x116/0x2f0
[  848.990929][T13609]        lock_sock_nested+0x48/0x100
[  848.996249][T13609]        do_ip_setsockopt+0x17e9/0x39c0
[  849.001826][T13609]        ip_setsockopt+0x63/0x100
[  849.006880][T13609]        do_sock_setsockopt+0x3b1/0x710
[  849.012454][T13609]        __x64_sys_setsockopt+0x1ee/0x280
[  849.018202][T13609]        do_syscall_64+0xf3/0x230
[  849.023261][T13609]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  849.029702][T13609] 
[  849.029702][T13609] -> #0 (rtnl_mutex){+.+.}-{4:4}:
[  849.036961][T13609]        validate_chain+0xa69/0x24e0
[  849.042279][T13609]        __lock_acquire+0xad5/0xd80
[  849.047500][T13609]        lock_acquire+0x116/0x2f0
[  849.052551][T13609]        __mutex_lock+0x1a5/0x10c0
[  849.057706][T13609]        ip_mroute_setsockopt+0x161/0x11f0
[  849.063553][T13609]        do_ip_setsockopt+0x1114/0x39c0
[  849.069127][T13609]        ip_setsockopt+0x63/0x100
[  849.074179][T13609]        smc_setsockopt+0x25c/0xd50
[  849.079407][T13609]        do_sock_setsockopt+0x3b1/0x710
[  849.084981][T13609]        __x64_sys_setsockopt+0x1ee/0x280
[  849.090728][T13609]        do_syscall_64+0xf3/0x230
[  849.095801][T13609]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  849.102239][T13609] 
[  849.102239][T13609] other info that might help us debug this:
[  849.102239][T13609] 
[  849.112485][T13609] Chain exists of:
[  849.112485][T13609]   rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock
[  849.112485][T13609] 
[  849.126100][T13609]  Possible unsafe locking scenario:
[  849.126100][T13609] 
[  849.133572][T13609]        CPU0                    CPU1
[  849.138959][T13609]        ----                    ----
[  849.144427][T13609]   lock(&smc->clcsock_release_lock);
[  849.149834][T13609]                                lock(sk_lock-AF_INET);
[  849.156804][T13609]                                lock(&smc->clcsock_release_lock);
[  849.164735][T13609]   lock(rtnl_mutex);
[  849.168754][T13609] 
[  849.168754][T13609]  *** DEADLOCK ***
[  849.168754][T13609] 
[  849.176912][T13609] 1 lock held by syz.5.2118/13609:
[  849.182136][T13609]  #0: ffff88807c4cdb28 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x1b2/0xd50
[  849.192741][T13609] 
[  849.192741][T13609] stack backtrace:
[  849.198656][T13609] CPU: 0 UID: 0 PID: 13609 Comm: syz.5.2118 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  849.198685][T13609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  849.198700][T13609] Call Trace:
[  849.198709][T13609]  <TASK>
[  849.198718][T13609]  dump_stack_lvl+0x241/0x360
[  849.198762][T13609]  ? __pfx_dump_stack_lvl+0x10/0x10
[  849.198793][T13609]  ? __pfx__printk+0x10/0x10
[  849.198824][T13609]  ? print_lock+0x171/0x1a0
[  849.198851][T13609]  print_circular_bug+0x2e1/0x300
[  849.198881][T13609]  check_noncircular+0x142/0x160
[  849.198914][T13609]  validate_chain+0xa69/0x24e0
[  849.198943][T13609]  ? __lock_acquire+0xad5/0xd80
[  849.198973][T13609]  __lock_acquire+0xad5/0xd80
[  849.198999][T13609]  lock_acquire+0x116/0x2f0
[  849.199019][T13609]  ? ip_mroute_setsockopt+0x161/0x11f0
[  849.199058][T13609]  __mutex_lock+0x1a5/0x10c0
[  849.199086][T13609]  ? ip_mroute_setsockopt+0x161/0x11f0
[  849.199121][T13609]  ? preempt_schedule_common+0x84/0xd0
[  849.199148][T13609]  ? ip_mroute_setsockopt+0x161/0x11f0
[  849.199180][T13609]  ? __pfx___mutex_lock+0x10/0x10
[  849.199218][T13609]  ip_mroute_setsockopt+0x161/0x11f0
[  849.199249][T13609]  ? preempt_schedule+0xe4/0xf0
[  849.199273][T13609]  ? preempt_schedule_common+0x84/0xd0
[  849.199301][T13609]  ? register_lock_class+0x54/0x330
[  849.199322][T13609]  ? __pfx_ip_mroute_setsockopt+0x10/0x10
[  849.199363][T13609]  ? __pfx___mutex_trylock_common+0x10/0x10
[  849.199393][T13609]  do_ip_setsockopt+0x1114/0x39c0
[  849.199425][T13609]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  849.199456][T13609]  ? smc_setsockopt+0x1b2/0xd50
[  849.199482][T13609]  ? __pfx___mutex_lock+0x10/0x10
[  849.199511][T13609]  ? futex_wake+0x525/0x5d0
[  849.199536][T13609]  ip_setsockopt+0x63/0x100
[  849.199563][T13609]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  849.199597][T13609]  smc_setsockopt+0x25c/0xd50
[  849.199627][T13609]  ? __pfx_smc_setsockopt+0x10/0x10
[  849.199653][T13609]  ? __lock_acquire+0xad5/0xd80
[  849.199678][T13609]  ? __pfx_smc_setsockopt+0x10/0x10
[  849.199703][T13609]  do_sock_setsockopt+0x3b1/0x710
[  849.199737][T13609]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  849.199760][T13609]  ? __fget_files+0x2a/0x420
[  849.199788][T13609]  ? __fget_files+0x39d/0x420
[  849.199813][T13609]  ? __fget_files+0x2a/0x420
[  849.199842][T13609]  __x64_sys_setsockopt+0x1ee/0x280
[  849.199869][T13609]  do_syscall_64+0xf3/0x230
[  849.199898][T13609]  ? clear_bhb_loop+0x45/0xa0
[  849.199924][T13609]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  849.199947][T13609] RIP: 0033:0x7f4125b8d169
[  849.199967][T13609] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  849.199988][T13609] RSP: 002b:00007f4126951038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  849.200013][T13609] RAX: ffffffffffffffda RBX: 00007f4125da5fa0 RCX: 00007f4125b8d169
[  849.200031][T13609] RDX: 00000000000000d3 RSI: 0000000000000000 RDI: 0000000000000003
[  849.200045][T13609] RBP: 00007f4125c0e990 R08: 000000000000003c R09: 0000000000000000
[  849.200060][T13609] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  849.200074][T13609] R13: 0000000000000000 R14: 00007f4125da5fa0 R15: 00007ffd0ab509a8
[  849.200098][T13609]  </TASK>
[  849.609830][T13610] FAULT_INJECTION: forcing a failure.
[  849.609830][T13610] name failslab, interval 1, probability 0, space 0, times 0
[  849.671029][T13610] CPU: 1 UID: 0 PID: 13610 Comm: syz.4.2117 Not tainted 6.15.0-rc1-syzkaller-00301-g3bde70a2c827 #0 PREEMPT(full) 
[  849.671062][T13610] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  849.671076][T13610] Call Trace:
[  849.671084][T13610]  <TASK>
[  849.671094][T13610]  dump_stack_lvl+0x241/0x360
[  849.671128][T13610]  ? __pfx_dump_stack_lvl+0x10/0x10
[  849.671156][T13610]  ? __pfx__printk+0x10/0x10
[  849.671182][T13610]  ? __pfx___might_resched+0x10/0x10
[  849.671205][T13610]  should_fail_ex+0x424/0x570
[  849.671224][T13610]  should_failslab+0xac/0x100
[  849.671242][T13610]  __kmalloc_noprof+0xdf/0x4d0
[  849.671262][T13610]  ? io_cache_alloc_new+0x44/0x100
[  849.671292][T13610]  io_cache_alloc_new+0x44/0x100
[  849.671320][T13610]  __io_prep_rw+0x228/0xd30
[  849.671339][T13610]  ? __pfx___io_prep_rw+0x10/0x10
[  849.671355][T13610]  ? lock_acquire+0x5e/0x2f0
[  849.671374][T13610]  ? __asan_memset+0x23/0x50
[  849.671397][T13610]  io_prep_read+0x20/0xd0
[  849.671413][T13610]  io_submit_sqes+0x94c/0x1ce0
[  849.671443][T13610]  __se_sys_io_uring_enter+0x2cd/0x3560
[  849.671462][T13610]  ? get_pid_task+0x23/0x1f0
[  849.671488][T13610]  ? lock_release+0x4e/0x3e0
[  849.671502][T13610]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  849.671524][T13610]  ? rcu_is_watching+0x15/0xb0
[  849.671543][T13610]  ? bpf_lsm_file_permission+0x9/0x10
[  849.671562][T13610]  ? ksys_write+0x24e/0x2d0
[  849.671586][T13610]  ? lock_release+0x4e/0x3e0
[  849.671600][T13610]  ? vfs_write+0xb29/0xd10
[  849.671626][T13610]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  849.671647][T13610]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  849.671674][T13610]  ? __fget_files+0x2a/0x420
[  849.671695][T13610]  ? __fget_files+0x2a/0x420
[  849.671717][T13610]  ? fput+0x9b/0xd0
[  849.671735][T13610]  ? ksys_write+0x275/0x2d0
[  849.671760][T13610]  ? rcu_is_watching+0x15/0xb0
[  849.671781][T13610]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  849.671800][T13610]  do_syscall_64+0xf3/0x230
[  849.671821][T13610]  ? clear_bhb_loop+0x45/0xa0
[  849.671841][T13610]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  849.671858][T13610] RIP: 0033:0x7f728a38d169
[  849.671873][T13610] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  849.671887][T13610] RSP: 002b:00007f728b275038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  849.671907][T13610] RAX: ffffffffffffffda RBX: 00007f728a5a6080 RCX: 00007f728a38d169
[  849.671920][T13610] RDX: 0000000000000000 RSI: 0000000000003516 RDI: 0000000000000005
[  849.671931][T13610] RBP: 00007f728b275090 R08: 0000000000000000 R09: 0000000000000000
[  849.671942][T13610] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  849.671952][T13610] R13: 0000000000000000 R14: 00007f728a5a6080 R15: 00007ffe01827bd8
[  849.671971][T13610]  </TASK>
[  856.338412][T11332] unregister_netdevice: waiting for batadv0 to become free. Usage count = 3