last executing test programs:

15m44.188992293s ago: executing program 32 (id=153):
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x80104592, &(0x7f0000000040)={0x0, 0x9, 0x0, 0xfffffffe, "00207d2000000000201b14700c1e0ac74f000000001200000000000900"})
ioctl$EVIOCGREP(r0, 0x80084523, 0x0)
eventfd2(0x0, 0x0) (async)
r1 = eventfd2(0x0, 0x0)
io_setup(0x3, &(0x7f0000000280)=<r2=>0x0)
io_submit(r2, 0x2, &(0x7f0000000080)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, r1}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x4, r1, 0x0, 0x0, 0x6, 0x0, 0x1, r1}]) (async)
io_submit(r2, 0x2, &(0x7f0000000080)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, r1}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x4, r1, 0x0, 0x0, 0x6, 0x0, 0x1, r1}])
r3 = openat$smackfs_load(0xffffffffffffff9c, &(0x7f0000000100)='/sys/fs/smackfs/load\x00', 0x2, 0x0)
writev(r3, &(0x7f00000025c0)=[{&(0x7f0000002480)="2eafca1c", 0x4}], 0x1)
socket$packet(0x11, 0x2, 0x300)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="620ac4ff00000000711042000000000095000000000000004ed7e32903090000000000000038b9383b4decc71d6dc46608400d74e7b5c3a704b2ed9eeb0bd57e5b796771265da7d13c6aabe9eaa855c26eef14223934258202"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0x9, &(0x7f00000000c0)={0x6, 0x90}, 0x0) (async)
prlimit64(0x0, 0x9, &(0x7f00000000c0)={0x6, 0x90}, 0x0)
sched_setscheduler(0xffffffffffffffff, 0x2, &(0x7f0000000180)=0x9) (async)
sched_setscheduler(0xffffffffffffffff, 0x2, &(0x7f0000000180)=0x9)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
memfd_create(0x0, 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
r7 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r7, 0x0) (async)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r7, 0x0)
fallocate(r7, 0x1, 0x5, 0x1000f4)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
write$UHID_INPUT(r6, &(0x7f0000001040)={0x7, {"a2e3ad21ed0d52f91b5d330987f70e06d038e7ff7fc6e5539b0d47078b089b34073b68090890e0878f0e1ac6e7049b334a959b669a240d5d67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07670936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70fe98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf1a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a97370614060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69b15c9f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaab1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106d26658b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c110000a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3f3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51090840517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4e004a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6ce1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c817e9177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d543902113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafcc009fc074bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5dc4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9f07b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e3ebb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4cddd5d0fc5a752f9000", 0x1000}}, 0x1006)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
write$cgroup_devices(r8, &(0x7f0000000000)=ANY=[@ANYRES8=r8, @ANYRES16=r8, @ANYRES32], 0xffdd)

9m40.857502345s ago: executing program 2 (id=1342):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
socket$igmp(0x2, 0x3, 0x2)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mount(&(0x7f0000000240)=@nullb, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='v7\x00', 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$CAN_RAW_ERR_FILTER(r1, 0x65, 0x7, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
syz_open_dev$tty1(0xc, 0x4, 0x1)

9m39.54839736s ago: executing program 2 (id=1349):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000080)=0xffff7b6e, 0x4) (async)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000200)="e3", 0x1}], 0x1) (async)
mmap(&(0x7f0000000000/0x12000)=nil, 0x12000, 0x1, 0x10012, r1, 0x0) (async)
getsockopt$inet6_buf(r0, 0x29, 0x6, &(0x7f0000000300)=""/223, &(0x7f0000000000)=0xdf) (async)
syz_usb_connect$uac1(0x2, 0x8e, &(0x7f0000000180)=ANY=[@ANYBLOB="12010003000000106b1d010140000102030109027c0003010e00030904000000010100000a240101000102010207240801d80c0509040100000102000009040101010102000007240105620000090501091f020a020107250182064a070904020000010200000904020101010200000824020100040647072401090907000905010003"], &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0})

9m36.484301459s ago: executing program 2 (id=1355):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = syz_open_dev$dri(0x0, 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdir(&(0x7f0000000080)='./file0\x00', 0x8)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
userfaultfd(0x800)
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff)
r6 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff})
ioctl$NBD_SET_SOCK(r6, 0xab00, r7)
r8 = dup3(r6, r3, 0x0)
ioctl$NBD_DO_IT(r8, 0xab03)
sendmsg$NBD_CMD_DISCONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x1c, r5, 0x1, 0x0, 0x0, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}}, 0x0)
listen(r0, 0x0)
syz_io_uring_setup(0x2edb, &(0x7f0000000380)={0x0, 0xaa73, 0x10100}, &(0x7f0000000100)=<r9=>0x0, &(0x7f0000000140)=<r10=>0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000040)=@IORING_OP_ACCEPT={0xd, 0x40, 0x0, r0, 0x0})
r11 = socket$can_bcm(0x1d, 0x2, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000840)=@raw={'raw\x00', 0x3c1, 0x3, 0x2b0, 0x1c0, 0x111, 0x4b4, 0x0, 0xd4feffff, 0x2d0, 0x20a, 0x278, 0x2d0, 0x278, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @empty, [], [], 'ipvlan0\x00', 'team_slave_0\x00', {}, {}, 0x6}, 0x0, 0xa8, 0xd0}, @common=@inet=@TCPMSS={0x28, 'TCPMSS\x00', 0x0, {0xffff}}}, {{@ipv6={@loopback, @dev, [], [], 'veth1_to_hsr\x00', 'pim6reg1\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x310)
r12 = socket$inet6(0xa, 0x2, 0x3a)
setsockopt$inet6_int(r12, 0x29, 0x31, &(0x7f0000000100)=0xffff, 0x4)
sendto$inet6(r12, &(0x7f0000000000)="800037bbfa9ba1ce", 0x8, 0x0, &(0x7f0000001100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
recvmmsg(r12, &(0x7f0000000380)=[{{&(0x7f0000000640)=@l2tp6={0xa, 0x0, 0x0, @mcast2}, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000140)=""/144}, {&(0x7f0000000200)=""/230}, {&(0x7f0000000300)=""/86, 0xfffffe94}, {&(0x7f00000003c0)=""/253}, {&(0x7f00000004c0)=""/208}]}, 0x3422a61a}], 0x4000000000003c9, 0x10102, 0x0)
connect$can_bcm(r11, &(0x7f0000000040), 0x10)
sendmsg$can_bcm(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="050000001b0800"/16, @ANYRES64=r11], 0x80}}, 0x0)

9m35.389861071s ago: executing program 2 (id=1365):
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, &(0x7f00000000c0)="17000000020001000003be8c5ee17688a2003308030300ecff3f0200000300000a0000000098fc5ad9485bbb6a880000d6c8db0000dba67e06000000e28900000200df018000000000f50607bdff59100a", 0x51)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x143082, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
writev(r0, &(0x7f0000000d00)=[{&(0x7f0000000100)="89e7ee2c7cdad9b4b47380c988ca", 0x280}], 0x1)

9m25.668083868s ago: executing program 2 (id=1384):
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000240), 0x208002, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fadvise64(r0, 0x5, 0xbf, 0x1)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8815}, 0x24000004)
openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3], 0x0, 0x41901})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, 0x0, 0x0)
setsockopt$sock_int(r4, 0x1, 0x28, &(0x7f0000000040)=0x8004, 0x4)
syz_open_dev$dri(0x0, 0x1ff, 0x0)
r5 = socket(0x10, 0x803, 0x0)
socket(0x1d, 0x2, 0x800)
getsockname$packet(r5, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
syz_usb_connect(0x5, 0x24, &(0x7f0000002040)=ANY=[], 0x0)
r6 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x535, 0x200)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r6, 0x80dc5521, &(0x7f0000000180)=""/135)
syz_emit_ethernet(0x83, &(0x7f00000000c0)=ANY=[@ANYRESOCT=r4], 0x0)
recvmmsg(r4, &(0x7f00000010c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)

9m22.128005714s ago: executing program 2 (id=1397):
io_setup(0xa, &(0x7f0000000000)=<r0=>0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, 0x0, &(0x7f0000000040))
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x140, 0x82)
r3 = fanotify_init(0x81, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r5 = dup(r4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r5, 0x0)
ioctl$BLKRRPART(r5, 0x125f, 0x0)
fanotify_mark(r3, 0x105, 0x40001032, r2, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_all\x00', 0x275a, 0x0)
read$FUSE(r3, &(0x7f00000057c0)={0x2020}, 0x2020)
r7 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000000c0), 0x10b200, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r7, 0xc0285700, &(0x7f0000000100)={0xfffffffa, "420600753785259249154c944122ad063ff47d3bd7a8a45d6bb4c78a0400", <r8=>0xffffffffffffffff})
io_submit(r0, 0x1, &(0x7f00000003c0)=[&(0x7f0000000340)={0x0, 0x0, 0x0, 0x5, 0x0, r8, 0x0}])
r9 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000180), 0x725801, 0x0)
r10 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
openat(r10, &(0x7f0000000280)='./file0\x00', 0x6a1c2, 0xc4)
faccessat(r10, &(0x7f0000000000)='./file0\x00', 0x5)
ioctl$SW_SYNC_IOC_INC(r9, 0x40045701, &(0x7f0000000140)=0x6)
ioctl$SYNC_IOC_MERGE(r6, 0xc0303e03, &(0x7f0000000080)={"b61e8880c44378092eabbe00cd67550f186721618f978fd182a59a7bd465b697", r3})

9m6.081211439s ago: executing program 33 (id=1397):
io_setup(0xa, &(0x7f0000000000)=<r0=>0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, 0x0, &(0x7f0000000040))
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x140, 0x82)
r3 = fanotify_init(0x81, 0x0)
r4 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r5 = dup(r4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r5, 0x0)
ioctl$BLKRRPART(r5, 0x125f, 0x0)
fanotify_mark(r3, 0x105, 0x40001032, r2, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_all\x00', 0x275a, 0x0)
read$FUSE(r3, &(0x7f00000057c0)={0x2020}, 0x2020)
r7 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000000c0), 0x10b200, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r7, 0xc0285700, &(0x7f0000000100)={0xfffffffa, "420600753785259249154c944122ad063ff47d3bd7a8a45d6bb4c78a0400", <r8=>0xffffffffffffffff})
io_submit(r0, 0x1, &(0x7f00000003c0)=[&(0x7f0000000340)={0x0, 0x0, 0x0, 0x5, 0x0, r8, 0x0}])
r9 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000180), 0x725801, 0x0)
r10 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0)
openat(r10, &(0x7f0000000280)='./file0\x00', 0x6a1c2, 0xc4)
faccessat(r10, &(0x7f0000000000)='./file0\x00', 0x5)
ioctl$SW_SYNC_IOC_INC(r9, 0x40045701, &(0x7f0000000140)=0x6)
ioctl$SYNC_IOC_MERGE(r6, 0xc0303e03, &(0x7f0000000080)={"b61e8880c44378092eabbe00cd67550f186721618f978fd182a59a7bd465b697", r3})

7m23.800339256s ago: executing program 4 (id=1765):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x48c})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f00000001c0)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r4 = dup2(r3, r3)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x1000, 0x0, &(0x7f00004c2000/0x1000)=nil)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
read(r4, &(0x7f0000003180)=""/4096, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
syz_open_dev$video4linux(0x0, 0x0, 0x0)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000000)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x8, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010100, @local, {[@cipso={0x86, 0xb, 0x3, [{0x7, 0x5, "e0f493"}]}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
sched_setscheduler(0x0, 0x5, &(0x7f0000000200)=0x4)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r7}, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r1, 0x0, 0xd7cc5d556c3ede87)
r8 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x2000000000, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r8, 0xc1485544, &(0x7f00000001c0))
r9 = socket$phonet_pipe(0x23, 0x5, 0x2)
connect$phonet_pipe(r9, &(0x7f0000002200), 0x10)
write$UHID_INPUT(r1, &(0x7f0000001980)={0x9, {"a2e3ad084fc752f91b2909094bf70e0dd038e7ff7fc6e5539b3272078b089b34373b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d316d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df0784c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3527138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d618e462071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aad66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af44863c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000510b00", 0x1000}}, 0x1006)

7m21.240993956s ago: executing program 4 (id=1769):
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x4e22}, 0x21)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(0xffffffffffffffff, 0x0, r1, 0x0, 0xaf4, 0x0)
syz_emit_ethernet(0xae, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$sock_int(r2, 0x1, 0x20, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
bind$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x800, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x14)
recvfrom(0xffffffffffffffff, &(0x7f0000000100)=""/40, 0x28, 0x40000120, &(0x7f00000002c0)=@can, 0x80)
sendmsg$TIPC_NL_LINK_RESET_STATS(0xffffffffffffffff, 0x0, 0x800)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)=ANY=[], 0x1c}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
shutdown(0xffffffffffffffff, 0x0)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f00000011c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x5c, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME={0x3f, 0x33, @beacon={{{}, {}, @device_b}, 0x0, @default, 0x0, @void, @void, @void, @void, @val={0x6, 0x0, 0x200}, @val={0x5, 0x3, {0x3, 0xef, 0xa}}, @void, @val={0x2a, 0x2, {0x1, 0x1, 0x1}}, @val={0x3c, 0x4, {0x0, 0x7, 0x38, 0x7}}, @void, @void, @val={0x71, 0x7, {0x0, 0x0, 0xffffffffffffffff, 0x1, 0x2, 0xf9}}, @void}}]}, 0x5c}}, 0x0)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x11a, 0x2, &(0x7f0000000140)=@gcm_128={{0x304}, "76fee537f412225f", "c1ca85d97d663ca495db1b2a268813bc", "9de2a9a7", "0872565912b28537"}, 0x28)

7m20.792592299s ago: executing program 4 (id=1773):
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(0xffffffffffffffff, 0xc02c564a, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
syz_fuse_handle_req(r1, 0x0, 0x0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$sock_int(r2, 0x1, 0x29, &(0x7f0000000140)=0x6, 0x4)

7m18.899889112s ago: executing program 4 (id=1776):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000009c0)={&(0x7f0000000380)={0x14, r1, 0x1}, 0x14}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000950000000000000019a2685b1ee008d70a5635725b55f86990b3c95d24d044f47893ad4a772aabe5a67619bf7f377fae691d467095000a380bf96539ba7de65ef263d9840265fbfb8adb44953f361418dec12eba4ab4bb483538acd7aa8a32cfd7a612f3072a58ea3a2fa5fd163fe6823f30bdf63a4e320720f4748f26a77f1be2dd5c5c0f74"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r3}, 0x10)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000580)='tracefs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000240), 0x0, &(0x7f0000000540)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@uuid_off}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file4/file6\x00', 0x1c0)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1/file4/file6\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file0\x00', 0x0)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r5, 0x4020aed2, &(0x7f0000000200)={0xdddd1000, 0x3000})
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x2000c811}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000eaff00000a58000000160a03020000000000000000020000000900020073797a30000000000900010073797a30000000002c0003800800014000001000080002"], 0x80}, 0x1, 0x0, 0x0, 0x4810}, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)

7m15.29172798s ago: executing program 4 (id=1781):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0x0)
r5 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, r4)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x1e, r4, 0x0, r5, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x0, 0x6, 0x9}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0x50}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x5, 0x0, 0xd, 0x0}, {0x18, 0x2, 0x2, 0x0, r7}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x5, 0x1, 0x5, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r9, 0x40045431, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, "7f12ddc1517600000000000000000000000002"})
r10 = syz_open_pts(r9, 0x0)
ioctl$TIOCVHANGUP(r10, 0x5437, 0x0)
close(r9)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000640)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040), 0x111, 0x9}}, 0x20)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]})
chdir(0x0)

7m11.138833559s ago: executing program 4 (id=1789):
r0 = syz_open_dev$sg(&(0x7f0000000040), 0x8, 0x780)
ioctl$SCSI_IOCTL_START_UNIT(r0, 0x5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r4, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r5, 0x0, 0x0, 0x0, <r6=>0x0})
ioctl$IOMMU_HWPT_ALLOC$NONE(r4, 0x3b89, &(0x7f0000000180)={0x28, 0x1, r6, r5, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)}) (fail_nth: 2)
close(r4)
openat$sndtimer(0xffffff9c, &(0x7f0000000000), 0x0)
socket$packet(0x11, 0x3, 0x300)
epoll_create1(0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x0, 0x0)
syz_io_uring_setup(0x304, &(0x7f0000000240)={0x0, 0x0, 0x10100, 0x2, 0xdf}, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, r8, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0xa, 0x0, 0x0, 0x1, 0x7})
write$UHID_CREATE2(r9, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000005, 0x1010, r9, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2001, 0x2})

7m9.868495282s ago: executing program 34 (id=1789):
r0 = syz_open_dev$sg(&(0x7f0000000040), 0x8, 0x780)
ioctl$SCSI_IOCTL_START_UNIT(r0, 0x5)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r4, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r5, 0x0, 0x0, 0x0, <r6=>0x0})
ioctl$IOMMU_HWPT_ALLOC$NONE(r4, 0x3b89, &(0x7f0000000180)={0x28, 0x1, r6, r5, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)}) (fail_nth: 2)
close(r4)
openat$sndtimer(0xffffff9c, &(0x7f0000000000), 0x0)
socket$packet(0x11, 0x3, 0x300)
epoll_create1(0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x0, 0x0)
syz_io_uring_setup(0x304, &(0x7f0000000240)={0x0, 0x0, 0x10100, 0x2, 0xdf}, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000140)=<r8=>0x0)
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, r8, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0xa, 0x0, 0x0, 0x1, 0x7})
write$UHID_CREATE2(r9, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000005, 0x1010, r9, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x2001, 0x2})

3m50.869903895s ago: executing program 6 (id=2352):
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x8, 0x4, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x301}, [@ldst={0x3, 0x0, 0x3, 0x1, 0x0, 0x9a}]}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

3m50.74409051s ago: executing program 6 (id=2353):
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000bcc000/0x4000)=nil, 0x4000}})
r0 = add_key$user(&(0x7f0000000200), &(0x7f0000000300)={'syz', 0x1}, &(0x7f0000000240)="01", 0x1, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r1, r0}, 0x0, 0x500, &(0x7f0000000340)={&(0x7f0000000280)={'crc32c-generic\x00'}})

3m50.458649784s ago: executing program 6 (id=2354):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_GET_PROG_INFO(0xa, &(0x7f0000000400)={r1, 0x0, 0x0}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = socket$kcm(0xa, 0x6, 0x0)
setsockopt$sock_attach_bpf(r3, 0x10d, 0xa, &(0x7f0000000000), 0x4)
bind$alg(r2, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x58)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r4, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000000041}, 0xc)
r5 = socket$inet6(0xa, 0x3, 0x1)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000440)={{{@in=@initdev={0xac, 0x1e, 0x0, 0x0}, @in=@dev={0xac, 0x14, 0x14, 0x11}, 0x0, 0x0, 0x4e20, 0x0, 0xa}, {0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x2}, 0x200, 0x0, 0x1}, {{@in6=@remote, 0x0, 0x3c}, 0x2, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x3501, 0x1, 0x2}}, 0xe8)
sendmmsg(r5, &(0x7f0000000480), 0x21, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = accept4(r2, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r6)
r7 = fsopen(&(0x7f0000000000)='tmpfs\x00', 0x0)
epoll_create1(0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = fsmount(r7, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r7, 0x7, 0x0, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000240)={@cgroup=r8, 0x1d, 0x0, 0x800, &(0x7f0000000080)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x8, 0x0, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0], &(0x7f0000000200)=[0x0]}, 0x40)
sendmsg$alg(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000b80)=[{&(0x7f0000000380)="65336adc3576b8376de6d80544179137", 0x10}], 0x1, &(0x7f0000000c00)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x94}, 0x4000)

3m47.979229692s ago: executing program 6 (id=2366):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$video4linux(&(0x7f0000000000), 0x3, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace$pokeuser(0x6, r2, 0x358, 0xffff8880b863d580)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r1, 0xc0305602, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="240000007e0021062abd70000000000007020000", @ANYRES32=0x0, @ANYBLOB="0c000d80080001006e000400"], 0x24}, 0x1, 0x5502000000000000, 0x0, 0x80}, 0x200080d4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
ioctl$VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000000300)=@multiplanar_userptr={0xd4, 0x1, 0x4, 0x400, 0xfa7, {0x77359400}, {0x4, 0x1, 0xf2, 0x0, 0xac, 0x30, "1ea03e50"}, 0x0, 0x2, {&(0x7f00000001c0)=[{0x7, 0x7, {&(0x7f0000000080)}, 0x6}, {0xdae, 0x2, {&(0x7f00000000c0)}, 0x3}]}, 0x5, 0x0, r3})
syz_usb_connect(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r5 = gettid()
readv(r4, &(0x7f00000004c0)=[{&(0x7f0000000140)=""/127, 0x7f}], 0x1)
tkill(r5, 0x7)
ioctl$sock_inet_SIOCSIFFLAGS(r3, 0x8914, &(0x7f0000000040)={'team0\x00', 0x2000})

3m43.775823776s ago: executing program 6 (id=2386):
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{0x0, 0x18}], 0x1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000025c0)=@delchain={0x1d0, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff2}}, [@filter_kind_options=@f_route={{0xa}, {0x1a0, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0xa, 0xe}}, @TCA_ROUTE4_ACT={0x194, 0x6, [@m_simple={0x190, 0x1f, 0x0, 0x0, {{0xb}, {0x84, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x401, 0x2, 0x1, 0x2, 0x8}}, @TCA_DEF_DATA={0x2d, 0x3, '@-^[\xa5&,.\x00pe\xe9\xb9\xf1Q+=\xdf\xacqd\xb4\xd3\rj6\xb4\xa6fz\x91\xa6\xe9\xdfy\xef\xbcY\xbb[a'}, @TCA_DEF_DATA={0x7, 0x3, 'lo\x00'}, @TCA_DEF_DATA={0xb, 0x3, 'simple\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x6, 0x1, 0x10000000, 0x4, 0x8}}, @TCA_DEF_DATA={0xb, 0x3, 'j\xbf!*{$\x00'}]}, {0xe1, 0x6, "bb56072c27c5e2984fb9b39740c7dea2e6372a168bf1fdb8ecb6019c9f5db834fcaca18620641b7aab2922f69d2f9b062f5ec4be8a5a603fe7236ffd67f60e9e007b34e0f9cb58fc8855dae5289e4e856559f64bc5a1c5683263937fdd088e5f34874e0d2d2273a7a09810d9042b32fb69223c74e88c41fda5268c22a3107d32ee49d3a99665178abfde24d27a872b23ece9d09c9560070a6e3cca383ccb4d1a6d7c302ab3ee820e67d26e78f72566a2f9765698d783e6c14d8da6156473bc39143eaba66c1921f94f19f65bc88b127c0eb8ac765b9220105c7c1060a0"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}}]}, 0x1d0}}, 0x0)
unshare(0x4c020600)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket(0x10, 0x3, 0x4)
socket(0x1000000010, 0x80002, 0x0)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, 0x0)
pipe(&(0x7f0000000400)={<r0=>0xffffffffffffffff})
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@map=r0, r0, 0x37, 0x0, 0x0, @void, @value=r0}, 0x20)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.current\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r2, 0xc004743e, 0x20001400)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1206"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x67000000, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_emit_ethernet(0x42, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0)
ioctl$TUNSETOFFLOAD(r2, 0x4010744d, 0x20000000)
unshare(0x20040600)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r3, 0x40045532, &(0x7f0000000040))
r4 = socket$rxrpc(0x21, 0x2, 0xa)
ioctl$SIOCGSTAMPNS(r4, 0x8907, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r5 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r5, 0x4112, 0x0)

3m40.355809845s ago: executing program 6 (id=2400):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x6000001, 0x13, r0, 0x14a62000)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r1 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x181103, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xc3)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0xffffffffffffff43}}, 0x0, 0x1a, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f00000001c0)='\x00', &(0x7f0000000240)='{}k%@\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
readv(r5, &(0x7f0000000200)=[{&(0x7f0000000080)=""/3, 0x3}], 0x1)
sendmsg$ETHTOOL_MSG_RINGS_SET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES32, @ANYBLOB="010000000000000040001200004018000180140002006e657464657673696d300000000000000800070000000000080008", @ANYRESHEX=r5], 0x3c}}, 0x0)
io_setup(0x3fe, &(0x7f0000000100)=<r6=>0x0)
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001980), 0x1)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r7, 0x5422, 0x0)
io_submit(r6, 0x1, &(0x7f0000000000)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f0000000080)='\f', 0x1}])
ioctl$AUTOFS_IOC_EXPIRE(r3, 0x810c9365, &(0x7f0000000100)={{0x40, 0x1}, 0x100, './file0\x00'})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001bc0)=@newlink={0x5c, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x35288}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @private0}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @remote}]}}}]}, 0x5c}}, 0x4000080)

3m25.25150971s ago: executing program 35 (id=2400):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x6000001, 0x13, r0, 0x14a62000)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r1 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0x181103, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0xc3)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0xffffffffffffff43}}, 0x0, 0x1a, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r4 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r5 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f00000001c0)='\x00', &(0x7f0000000240)='{}k%@\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r5, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
readv(r5, &(0x7f0000000200)=[{&(0x7f0000000080)=""/3, 0x3}], 0x1)
sendmsg$ETHTOOL_MSG_RINGS_SET(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES32, @ANYBLOB="010000000000000040001200004018000180140002006e657464657673696d300000000000000800070000000000080008", @ANYRESHEX=r5], 0x3c}}, 0x0)
io_setup(0x3fe, &(0x7f0000000100)=<r6=>0x0)
r7 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001980), 0x1)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r7, 0x5422, 0x0)
io_submit(r6, 0x1, &(0x7f0000000000)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r4, &(0x7f0000000080)='\f', 0x1}])
ioctl$AUTOFS_IOC_EXPIRE(r3, 0x810c9365, &(0x7f0000000100)={{0x40, 0x1}, 0x100, './file0\x00'})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001bc0)=@newlink={0x5c, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x35288}, [@IFLA_LINKINFO={0x3c, 0x12, 0x0, 0x1, @ipip6={{0xb}, {0x2c, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x14, 0x3, @private0}, @IFLA_IPTUN_LOCAL={0x14, 0x2, @remote}]}}}]}, 0x5c}}, 0x4000080)

2m49.101780365s ago: executing program 0 (id=2525):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x20008000)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback, 0x7ff}], 0x2c)
sendto$inet6(r0, &(0x7f00000000c0)='\x00', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x8, @loopback}, 0x1c)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4048aecb, &(0x7f00000001c0)={0x3, 0x0, [{0x0, 0x0, 0x0, 0x5}, {0x4, 0x5}, {0x1}]})
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000580)={0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xe)
recvmmsg(r0, &(0x7f00000013c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001100)=""/39, 0x27}, 0x3}], 0x1, 0x10002, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ustat(0xfffffffeffffffff, 0x0)

2m46.01599316s ago: executing program 0 (id=2531):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2m45.297460842s ago: executing program 0 (id=2535):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x800, 0x0, 0x0, 0x8a}, 0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0xff00, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

2m44.232076159s ago: executing program 0 (id=2539):
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x88)
setsockopt$inet6_udp_int(r1, 0x11, 0xa, &(0x7f00000000c0)=0x108001, 0x4)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r0, 0xc040564a, &(0x7f00000000c0)={0x0, 0x0, 0x100f, 0x4, 0x0, 0x0, 0x268})
r2 = open(&(0x7f0000000040)='./file0\x00', 0x88000, 0x5)
connect$unix(r2, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e23}, 0x6e)

2m43.540133555s ago: executing program 0 (id=2542):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000380))
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r1, 0x404c534a, &(0x7f0000000380)={0x0, 0x1f00})

2m43.347834048s ago: executing program 0 (id=2544):
r0 = socket$inet6(0xa, 0x3, 0x103c)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x20004090)
socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="380000002000010000000000000000000a800000040000000000000014000100ff020000000000000000000000000001080017"], 0x38}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x8040890)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
migrate_pages(0x0, 0xfc, &(0x7f0000000200)=0x8000000000000001, &(0x7f0000000240)=0x1)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0x0)
r4 = landlock_create_ruleset(&(0x7f0000000140)={0x2000}, 0x10, 0x0)
shutdown(r0, 0x1)
dup3(r0, r2, 0x80000)
socket$xdp(0x2c, 0x3, 0x0)
syz_open_dev$cec(0x0, 0x0, 0x141000)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$BLKZEROOUT(r5, 0x127f, &(0x7f0000000240)={0x0, 0x1000000})
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x42)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r4, 0x1, 0x0, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001b40)=ANY=[@ANYBLOB="04010000180001040000000000000000ac1e000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="200100000000000000000000000000000000000000000000ac141400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0015000000000000000000"], 0x104}}, 0x0)
landlock_restrict_self(r4, 0x0)

2m28.561045079s ago: executing program 8 (id=2567):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xc)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
ioperm(0x83, 0x6, 0x8)
arch_prctl$ARCH_GET_MAX_TAG_BITS(0x1001, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000000), 0x4)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x9007}, 0x4)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = dup(r5)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r5, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r7, 0xae9a)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r8, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$ETHTOOL_MSG_RINGS_SET(r2, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000100)={0x3c, r3, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}, @ETHTOOL_A_RINGS_RX_MINI={0x8, 0x7, 0x6000000}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x6}]}, 0x3c}}, 0x0)

2m27.97962961s ago: executing program 36 (id=2544):
r0 = socket$inet6(0xa, 0x3, 0x103c)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x20004090)
socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="380000002000010000000000000000000a800000040000000000000014000100ff020000000000000000000000000001080017"], 0x38}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x8040890)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
migrate_pages(0x0, 0xfc, &(0x7f0000000200)=0x8000000000000001, &(0x7f0000000240)=0x1)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002700)=""/102392, 0x18ff8)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1/file3\x00', 0x0)
r4 = landlock_create_ruleset(&(0x7f0000000140)={0x2000}, 0x10, 0x0)
shutdown(r0, 0x1)
dup3(r0, r2, 0x80000)
socket$xdp(0x2c, 0x3, 0x0)
syz_open_dev$cec(0x0, 0x0, 0x141000)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$BLKZEROOUT(r5, 0x127f, &(0x7f0000000240)={0x0, 0x1000000})
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x42)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r4, 0x1, 0x0, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001b40)=ANY=[@ANYBLOB="04010000180001040000000000000000ac1e000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="200100000000000000000000000000000000000000000000ac141400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0015000000000000000000"], 0x104}}, 0x0)
landlock_restrict_self(r4, 0x0)

2m26.91066829s ago: executing program 8 (id=2570):
pipe2$watch_queue(&(0x7f0000000300), 0x80)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x8000000000080001, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f00000001c0)={'filter\x00', 0x5, 0x4, 0x3f0, 0x0, 0x0, 0x0, 0x308, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac, @private, @empty}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @multicast2, @private, 0x0, 0x1}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
socket$kcm(0x29, 0x2, 0x0)
fsopen(&(0x7f0000000000)='devpts\x00', 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x166640, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
socket$key(0xf, 0x3, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x1, 0x84)
creat(&(0x7f00000001c0)='./file0\x00', 0x0)
fcntl$dupfd(r1, 0x406, r0)
socket$inet_udp(0x2, 0x2, 0x0)
socket(0x10, 0x2, 0x0)
r3 = syz_io_uring_setup(0x950, &(0x7f0000000600)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0))
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_WRITE_FIXED={0x5, 0x14, 0x4004, @fd_index=0x9, 0xffff, 0xf, 0x2, 0x61bb8bc12b344fa0})
io_uring_enter(r3, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

2m26.735921008s ago: executing program 8 (id=2571):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="580000000246010100000000000000000000000005000100070000000900020073797a30000000000c000780081b8981f0d94c573000059ba3a9deac000a000000050004000000000013000300686173683a6e65742c6966c66eb38223c88d1c988985aad2e82eb7a8c28d6dd6659a52eec8b81349b531260545e61325b2266f1d2c58d1af28831ec57a33601927e7065b75e309f714cf7795d73eae48e76f42e0ef8390485aa49a1ee4657f8a4c328414f4fcac49c0483e7a351fcf76c98b82487643d2bae433714d1a2e96587236c1a08dd10c938500fe7735846f7ec42626b67fc86d7c87685890950113875346e41ad7d67f"], 0x58}}, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r2 = dup(r1)
write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c)
open(0x0, 0x143042, 0x0)
lsetxattr$system_posix_acl(&(0x7f00000003c0)='.\x00', &(0x7f0000000540)='system.posix_acl_access\x00', &(0x7f0000000080)=ANY=[@ANYRESOCT=r1], 0x24, 0x0)
getxattr(&(0x7f0000000140)='./bus\x00', &(0x7f00000001c0)=@known='system.posix_acl_access\x00', 0x0, 0x15)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
r4 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r4, 0x8983, &(0x7f0000000340)={0x2, 'vlan0\x00', {0x6}, 0x5})
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = socket$packet(0x11, 0xa, 0x300)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000fbe000)={0x1, &(0x7f0000000100)=[{0x80000006}]}, 0x10)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_encap(r6, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4)
bind$inet6(r6, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x498, &(0x7f0000000d80)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaaaa86dd63b54e8704622fffff020000000000000000000000000001fe80000000000000000000000000000f00000000000000002e08000000000000000100050200b30730000000030a01050005000000000000000000000000000000500300000000000007000000000000000600000000000000010001060000000000000000000000332000000000000000010005a064d171ed0a81907efd735d430789b75be4ef2d218926ae737d0270758524737a1db82c6620dc1d6ab9bafebc72def640de24d0d7734473ad0a8a988f008e32357dae4f169457e797432a98e17c27a2567adcce41bfd6e6477c74584cf4dd981a88aec59924fbbcf8dad5d76e9e9ac36362632dfb967894cbe0d924c85db6defab9f2064d4a4110885275d11c9e4760eda2cc35203d2aac4e0b02f0650f0d1f20000100050200050740000000020e080000f7ffffffffffffff0000000001000000010000000100000004000000000000001362ffffffffffff08000000000000002c0000000000000007100000000102070700080000000000000084000108680000000c20880b00f700030f300e6c8715d37f943950ba872f89b840849b1e12bddb82cdae83ac08e8d07a641be26355a1e800d218a3b0f0711ceefc810f34cf65e4e7b334db12c4af008fbd0d7d1ae3dd019cd477bf9419e951ab8400f1bc5f3e97c37c55e39dd30aafe9d13997d54bb539683aedbd8d22000be2be2cc03966445321568153c23ea14bb84cb0ad4d875540c97a63b5517a0c924fcf084da09a5ebad7e41cca5d7a2476091b0ace72db957a6b466c70ecc7fd8b8f54debbb909d68db2aa0ed80251ba4e9c05038d34b23e4c963626c2641cb8ef0bd67c893c80117d73b81ee78bf3e08afb4f2ac89ceb15e079e8749f2381db9142b6d9e944f96559897e0500080085ac92581b29c7f8e8858d7bcb040086dd00060401725aeddc9a342fede47a31030ac68fb45511083d5a8a8542b170044231f09501952d02f453ddffd2a45067f6dee7fc3e63679af09a564add944779d2c8c90ac864897ecf45a424662aa4c43a536390e021226316573909bb15a305408e4668100305639e5f724a54e16abd6da21004fdc2e8d37a955f295afe9bd179c0ac6d948881b990ae81751a735cacf3261ba7aba2c2d2e73884505cbc3e021410ac55ab42e6c1055858b299cc132406c9cdc7c19d270753f87f30f16910080088be000000041507e4650100000000000007080022eb000000012103cf070200000000000010000973010800655800000004c836a22180351540542726d36f23c874c8d4563f281ce90a4ad2b1835a71246aacd87d2233785c9c00666aae2a024f9bc03e3db6176869d844d0d5684e0c62a6fdc26f071d60e1647165516c2c8d60facdf94326a977259b1508efb06298019575bc4a7756d36445e99c1b72a6642c81988144d2b173a4a7fa851a97366abe0d5225f5339b4c1b713308c750d15b015c4a3222f39ec61756321b47894de6e43a9f6a1f509db5b079d67d581ddc8a8e8cdf1297c2ad482b401826d612d4e803621ec9b6692fb7c669db64ce408df738f79bc9a88fb8e2fb0d52fae43c555228b4ceab1df65bd021c34adbbd91daa8a18cf7fb"], 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000300)="8a", 0x1}], 0x1, 0x451, 0x6)
socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x1, 0x0)
r7 = landlock_create_ruleset(&(0x7f0000000000)={0xe01, 0x2, 0x1}, 0x18, 0x0)
landlock_restrict_self(r7, 0x0)
r8 = landlock_create_ruleset(&(0x7f0000000080)={0x2812, 0x1}, 0x18, 0x0)
landlock_restrict_self(r8, 0x0)
landlock_create_ruleset(&(0x7f0000000040)={0x123}, 0x10, 0x0)

2m25.427759907s ago: executing program 8 (id=2573):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000071000000850000002a00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
close(0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407000000c00000001d440000000000006b0a00fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

2m23.351487044s ago: executing program 8 (id=2579):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r4=>0x0})
listen(r1, 0xfff)
sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0x28, r2, 0x1, 0x0, 0x0, {{}, {@void, @val={0x8, 0x3, r4}, @val={0xc}}}}, 0x28}}, 0x4045840)
r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), r0)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0x54, r5, 0x400, 0x70bd25, 0x25dfdbfb, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0xd240}, {0x6, 0x11, 0x7}, {0x8, 0x15, 0x3}}]}, 0x54}, 0x1, 0x0, 0x0, 0x20000080}, 0x40001)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={&(0x7f00000019c0)={0x38, r6, 0x1, 0x8000000, 0x0, {}, [@ETHTOOL_A_FEATURES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}]}, @ETHTOOL_A_FEATURES_WANTED={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0xffffffff}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x80)

2m23.06368147s ago: executing program 8 (id=2580):
socket$kcm(0xa, 0x922000000003, 0x11)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0)
ioctl$BLKRRPART(r1, 0x125f, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x15, 0x3, &(0x7f0000000900)=ANY=[@ANYBLOB="b700000000000000070000000000000095000000000000005b1953e7203b3833b487e3c4bd4540e4b6e87b7891e0f159182f542be18de00d9d95e1c4a6b62a3c065fc1a7b4c144cc2508eba2540e3425abc138dbaf9f6da59d9c77cbe2a8a9666a08ed1704c6bb2e422f01d64cae3050d7bd3c10b0e80d9483a2e36568cf0c6a1b78d9ca2f8065a1d7b4b0eeeecaa3c865de68042c9ab36e8a43b97955b04e5351f99c682a939832582c0dfd64028580c33fca4ca652f4c4e116c16e0f76fd9379599b54e06a8662f81fe375751e06007efabbd87b82d35367257d1bc15f92370261aace269013bc00b86daae71e253200000000b1467c86aff0ee8ff6c53939acb3866e8247eff7c10f000200000e6bd59e5b4dbc12ce8f0a5f816382fc66bcf14bb83ce2336b93b90594b78301e696503eea3404fe7dc3a8a5f9fde10f53e458e9efbe57fb52e85ea5346ed9f42418aefc6052afd588f8ae73eaab3af38936bfdadc91cda3983de6513ef3c2e58a54ffb1921aab1df971cdc2b2ab17bc9e421b5991b6036f845313a4a5f9d8a36472d7d758d73e9be967ca3fdae7d7ba03a8d9e5962c67ca30e5b6eb3c524c22632e47f18c879f0564361ef35aba5ed3f2d1b0bc6954e7e2dc49106ce8a49b48812ad3f5f8391c14ecde831be42d15bdc797c2b9ab30a8e90d7d53784e7add8e5bd5b6797a63e48efa0eb4d1df88ea8b388e94c6a15ac4e22447dad331244a38a5a2e294905611bfeadcac35f6ccf6af94191954c6b840a3092ef94d1e0e23019fbbdcd5b47e4a565ce42d0bbd7b14f9df1139c15ee4d687fe0861a8210071ebeb63606d28dcb5404e077400bd04453c49d0e2e0bb2700000046a4e564ba31c3d62f2d0fb6b7630f66f086e36885c3634a522888f1c4049361cfb8914f59073ba6a8a6ea283acfa3d3bc40e7a70f71b27686ac5307918ac06f1a396fe1accc74e9eabfea"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x17, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r3 = socket(0x10, 0x800000000080002, 0x2)
setsockopt$sock_attach_bpf(r3, 0x1, 0x34, &(0x7f00000000c0)=r2, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$BLKRRPART(r1, 0x125f, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r6, &(0x7f0000000280)={'#! ', '', [], 0xa, "a3135a445459a6d7ed86747a13862c"}, 0x13)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
preadv(r6, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000000000000000000000000000bb"], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000240)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000014000/0x2000)=nil})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x4080, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000001880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002540)=""/216, 0xd8}}, {{&(0x7f00000003c0)=@generic, 0x80, &(0x7f00000006c0)=[{&(0x7f0000001ac0)=""/200, 0xc8}, {&(0x7f0000000440)=""/126, 0x7e}, {&(0x7f0000002640)=""/4096, 0x1000}, {&(0x7f00000005c0)=""/242, 0xf2}], 0x4, &(0x7f0000000700)=""/178, 0xb2}, 0xffffff81}, {{&(0x7f00000007c0)=@hci, 0x80, &(0x7f0000001040)=[{&(0x7f0000000840)=""/130, 0x82}, {&(0x7f0000000bc0)=""/194, 0xc2}, {&(0x7f0000000cc0)=""/206, 0xce}, {&(0x7f0000000dc0)=""/152, 0x98}, {&(0x7f0000000e80)=""/142, 0x8e}, {&(0x7f0000000f40)=""/122, 0x7a}], 0x6, &(0x7f0000000500)=""/17, 0x11}, 0x1}, {{&(0x7f00000010c0), 0x80, &(0x7f0000001200)=[{&(0x7f0000001140)=""/149, 0x95}], 0x1, &(0x7f0000001240)=""/91, 0x5b}, 0x8}, {{&(0x7f00000012c0)=@xdp, 0x80, &(0x7f0000001600)=[{&(0x7f0000001340)=""/125, 0x7d}, {&(0x7f00000013c0)=""/79, 0x4f}, {&(0x7f0000001440)=""/32, 0x20}, {&(0x7f0000001480)=""/84, 0x54}, {&(0x7f0000001500)=""/49, 0x31}, {&(0x7f0000001540)=""/71, 0x47}], 0x6, &(0x7f0000001680)=""/47, 0x2f}}, {{&(0x7f00000016c0)=@in={0x2, 0x0, @initdev}, 0x80, &(0x7f0000001800)=[{&(0x7f0000001740)=""/130, 0x82}], 0x1, &(0x7f0000001840)}, 0x80000000}], 0x6, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

2m7.129853706s ago: executing program 37 (id=2580):
socket$kcm(0xa, 0x922000000003, 0x11)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x169802, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x13, r1, 0x0)
ioctl$BLKRRPART(r1, 0x125f, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x15, 0x3, &(0x7f0000000900)=ANY=[@ANYBLOB="b700000000000000070000000000000095000000000000005b1953e7203b3833b487e3c4bd4540e4b6e87b7891e0f159182f542be18de00d9d95e1c4a6b62a3c065fc1a7b4c144cc2508eba2540e3425abc138dbaf9f6da59d9c77cbe2a8a9666a08ed1704c6bb2e422f01d64cae3050d7bd3c10b0e80d9483a2e36568cf0c6a1b78d9ca2f8065a1d7b4b0eeeecaa3c865de68042c9ab36e8a43b97955b04e5351f99c682a939832582c0dfd64028580c33fca4ca652f4c4e116c16e0f76fd9379599b54e06a8662f81fe375751e06007efabbd87b82d35367257d1bc15f92370261aace269013bc00b86daae71e253200000000b1467c86aff0ee8ff6c53939acb3866e8247eff7c10f000200000e6bd59e5b4dbc12ce8f0a5f816382fc66bcf14bb83ce2336b93b90594b78301e696503eea3404fe7dc3a8a5f9fde10f53e458e9efbe57fb52e85ea5346ed9f42418aefc6052afd588f8ae73eaab3af38936bfdadc91cda3983de6513ef3c2e58a54ffb1921aab1df971cdc2b2ab17bc9e421b5991b6036f845313a4a5f9d8a36472d7d758d73e9be967ca3fdae7d7ba03a8d9e5962c67ca30e5b6eb3c524c22632e47f18c879f0564361ef35aba5ed3f2d1b0bc6954e7e2dc49106ce8a49b48812ad3f5f8391c14ecde831be42d15bdc797c2b9ab30a8e90d7d53784e7add8e5bd5b6797a63e48efa0eb4d1df88ea8b388e94c6a15ac4e22447dad331244a38a5a2e294905611bfeadcac35f6ccf6af94191954c6b840a3092ef94d1e0e23019fbbdcd5b47e4a565ce42d0bbd7b14f9df1139c15ee4d687fe0861a8210071ebeb63606d28dcb5404e077400bd04453c49d0e2e0bb2700000046a4e564ba31c3d62f2d0fb6b7630f66f086e36885c3634a522888f1c4049361cfb8914f59073ba6a8a6ea283acfa3d3bc40e7a70f71b27686ac5307918ac06f1a396fe1accc74e9eabfea"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x17, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r3 = socket(0x10, 0x800000000080002, 0x2)
setsockopt$sock_attach_bpf(r3, 0x1, 0x34, &(0x7f00000000c0)=r2, 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={0x0}, 0x18)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$BLKRRPART(r1, 0x125f, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r6, &(0x7f0000000280)={'#! ', '', [], 0xa, "a3135a445459a6d7ed86747a13862c"}, 0x13)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r6, 0x0)
preadv(r6, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd600a847500140600fe8000000000000000000000000000bb"], 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, &(0x7f0000000240)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000014000/0x2000)=nil})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000327000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f326635004000000f300f20e06635800000000f22e0f30fa6c8", 0x50}], 0x1, 0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f00000004c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x4080, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000001880)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002540)=""/216, 0xd8}}, {{&(0x7f00000003c0)=@generic, 0x80, &(0x7f00000006c0)=[{&(0x7f0000001ac0)=""/200, 0xc8}, {&(0x7f0000000440)=""/126, 0x7e}, {&(0x7f0000002640)=""/4096, 0x1000}, {&(0x7f00000005c0)=""/242, 0xf2}], 0x4, &(0x7f0000000700)=""/178, 0xb2}, 0xffffff81}, {{&(0x7f00000007c0)=@hci, 0x80, &(0x7f0000001040)=[{&(0x7f0000000840)=""/130, 0x82}, {&(0x7f0000000bc0)=""/194, 0xc2}, {&(0x7f0000000cc0)=""/206, 0xce}, {&(0x7f0000000dc0)=""/152, 0x98}, {&(0x7f0000000e80)=""/142, 0x8e}, {&(0x7f0000000f40)=""/122, 0x7a}], 0x6, &(0x7f0000000500)=""/17, 0x11}, 0x1}, {{&(0x7f00000010c0), 0x80, &(0x7f0000001200)=[{&(0x7f0000001140)=""/149, 0x95}], 0x1, &(0x7f0000001240)=""/91, 0x5b}, 0x8}, {{&(0x7f00000012c0)=@xdp, 0x80, &(0x7f0000001600)=[{&(0x7f0000001340)=""/125, 0x7d}, {&(0x7f00000013c0)=""/79, 0x4f}, {&(0x7f0000001440)=""/32, 0x20}, {&(0x7f0000001480)=""/84, 0x54}, {&(0x7f0000001500)=""/49, 0x31}, {&(0x7f0000001540)=""/71, 0x47}], 0x6, &(0x7f0000001680)=""/47, 0x2f}}, {{&(0x7f00000016c0)=@in={0x2, 0x0, @initdev}, 0x80, &(0x7f0000001800)=[{&(0x7f0000001740)=""/130, 0x82}], 0x1, &(0x7f0000001840)}, 0x80000000}], 0x6, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

34.715316671s ago: executing program 5 (id=2828):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x101a00, 0x0)
r0 = socket$kcm(0x2, 0x5, 0x0)
getresuid(&(0x7f0000000440), 0x0, &(0x7f0000000500)=<r1=>0x0)
quotactl_fd$Q_GETNEXTQUOTA(0xffffffffffffffff, 0xffffffff80000900, r1, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000100))
newfstatat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x2000)
lstat(&(0x7f0000000680)='./bus\x00', &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280)={0x0, <r3=>0x0, <r4=>0x0}, &(0x7f0000000380)=0xc)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f000000bd80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f000000bdc0)={'wlan1\x00'})
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
io_uring_setup(0x1694, &(0x7f0000000080))
mremap(&(0x7f00003eb000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000003000/0x1000)=nil)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x0, 0x0, 0x2)
r5 = syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_ep_write(r5, 0x1, 0x17, &(0x7f00000046c0)="4c2657baedf28a40b5cfe0f08be00e4d675c70914d8800")
syz_usb_control_io$hid(r5, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
read$msr(r6, &(0x7f000003f300)=""/102400, 0x19000)
epoll_create1(0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r7, &(0x7f0000000380)={0x2, 0x4e24, @rand_addr=0x64010100}, 0x10)
sendmmsg(r7, &(0x7f0000005e00)=[{{&(0x7f0000000200)=@hci={0x1f, 0xffffffffffffffff}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000040)="8436de5bd4dd98d6bbfd7b4ad1e12cfd5db86249058ad149f7b2886d0f9b90c0efa701ea7bd929", 0x27}, {&(0x7f00000002c0)="1141337984b9cd3c46fecda47ccf19165092a654d3f005797fec6c68b8cc028c44c0b14c9162fdefb26f39f0b326b75857bfac2ad984230fd4c56d1ae123f291168402cae57e2a60877680d3967a2a59c5b2d792c552c65b31624153ad83ebdb7fca5c31ac3f82dd5743aaab293ad76c", 0x70}, {&(0x7f0000000540)="f7014d254a58a0bda05fafcc90a80a9daed310fc880e79e67a4744d1705264d2262fadeb8cfe7ae48724295434d0f6687f5e7419269e69ded9d51def58bfeab8418fdf936db8124d84c3194b32d118a58577d15284f2540a77f7aceecc42eeb0301b35c4c7fc5aa48c12a52ddad962e3b1612255446a8191e83e2eb8d60e2da7238d5a80f9738ecf53daea03dc12ac70a96eb3fab1c5952cd2be6247bc1f9b2073e22f6af4ec8f251a155f430d0db10d4d84c0e077c1735243bc4a6e062e0bde530c8bca004e4aa05a52f766deebae0fe06e0337a930ccf059b9386dfc6c82c23a2cde523f317a90f8", 0xe9}, {&(0x7f00000007c0)="1f16f82f2e1e7617228a900435272e62c0fb42bd9dfe01107eb2f03132b65a4469fb2a0459043f8c6657ff09aa1d21c97a2ed678eba25aa90110aa0e1823e5e05f2bb219bb0a81baef725bee3567468e5ce6999951c8e9aa4366784a0a9adc8aabd5996ecdb86337809a9d173d51407fb91f106305c2ee4cae31cca82518cfd89b3445ba68a6616b22614d348c6df1f0cd50", 0x92}, {&(0x7f00000003c0)="761da9dac6f19eb093ba791a9dc560f289b78b020b6ac3f4b208f07e4a3fee5e523c36441a51013b45c90ffd72504e0f0f043b558c1894f25436b0338a74a9f77508f6bfd29550ea197847e95000ec0a5069442c4954d472a449a9ee4bfa4aa0a15dab3893aba6199c78a8", 0x6b}, {&(0x7f0000000880)="fb46f3fa1a983eff1f0dc8b96fe3b2bc4c021e24ef960ff6f9bc0229baa781ac8f4e00fbf0c2eeebe1e5596eb39b29a754dedd274f612cc519eace10b3e0ff31a05d6accbb3177917da5934e3fa6110345df0dd0ddeb52b3ae9bb952220d2642ca46904bc60186102474447248703ebe91701bddad9021573d76ed1ed127c4bcbf3616bf765a281746f069e9402b00066ce91692ed699d46d458b5c226c0c4b8", 0xa0}, {&(0x7f0000000940)="8f444743a5cb73ce831239045606efd11d24431559ee870dfe3bc196efc56530a5c1299924c8f8e8349652eb23806a44d3cc37af30a5a798811189956d250a1aca4c6141647d8e18d24f5517f8237a65d163b7ba19a7af5da726bc9abca3b8539b0f71cec07e657ce434c71a5f13dd755eef0727631a346c0bc67d95bf09d0c2ff9bb009613ab5067030e9b260009bdacafb3f0d8f4634ddbf4c9e4a3988c3e215d17f2e1c1ed3233c0d1f62c16bcd3cbc0cecac08891dfe256e559e4031645524f3687c56e9d6ca1c131d50e4dfc847a1c978f2b843dbcf89dc439a431795b0", 0xe0}], 0x7, &(0x7f0000000a40)=[{0x78, 0x6, 0x200, "90c0c0870536306ad64a496cdd19c1766bd08260c58b7c3c9f441e0c5a5d0a8ef38ad2aac08eaf6550582ee8d37323bf53099ebfe12c9640c88cb85ad2f9f587537d53f3f54249e1c7c1d0ca98a68c27cbb0f62e84e3bd1398884f62d040d89c27"}, {0x88, 0x107, 0xfffffc01, "eaad31f0d36f217e0d5ab84d2670fb881af6f58ae02ac2cffcc42f8be1a718696e23e2b1b37b1fbc566e6b1c3e50f13eb77ed9b9bf6e46594c532e4d5a81e99f6b51051ff74593e201eb7e86ad979894d929218d4d652bd436bb4bcbbb4bbf5d085fc757544aeccc1551d66e092012eb43508845bb025f"}, {0x78, 0x106, 0x3, "d49e9c49822405ebef22f5bdff0970caa815d06b4b9798319e9a122d4bf1381982dbc3b915f05b6f23f8cf4748bcd4147327368ec152454e25a39ad9b98c59bae403f4d798c86da664e43e9c0099bf161ea3835e99b47c16922f0b46cad77b0b3c32b3ca"}, {0xd0, 0x0, 0x7, "b91a9374593b73d5be49141b964ab82c6b0be8b81d53e3945ccbf1422267bcca5634e8c810061a58f30fbc5fc0ee4a9bb7b3794f8bc7e5f8c5ddcdcb99d3b2f7aee863acc463eef07ca6d4be1748d249251a00d2c4e864267da372790d19d02269d6b15e3b915e93a44247533c4d2dc431fe1c25a939b39f7f93d6abd33b7dbeb75e7cad0600815c9ceb9ee01cbc054f24f6c463992b195d306e76f5ca7c0da9c0787146ab087b5b95206e3e73b2040a8e7f378de97b380c786b"}], 0x248}}, {{&(0x7f00000006c0)=@isdn={0x22, 0x7, 0x1, 0x4, 0xd5}, 0x80, &(0x7f0000000f80)=[{&(0x7f0000000cc0)="dfa2292eeeeb3ca3327e11fdbfd27db3dc63b0bef994e6e00528ea187a3b3af799b2b8bef3c0cc0752ddb23ba708fd1474cae9927bfb733c19df1ff195dbb7f4caa37125253d43ff16cb776882a33cc3449e6566e1bac5681515155f50cea7114de2b5544742c8efaaa8bc986c8fa6c88f757357c09f63eedc6d4669d7fb773fdf761496b37095ed386cdfe8d531f71369bfea64ba4ac1f6d8f8306b9649acb9143e", 0xa2}, {&(0x7f0000000640)="43b7a45bc1eb226d693e8127ab3f19f71d2e72327e3804756c9e9beddddd989a95bf0e923d1eafed5967b7b15816601c812c", 0x32}, {&(0x7f0000002d40)="5348978602082db803179cd4", 0xc}, {&(0x7f0000000d80)="aa0cc3a4c704c8c42a5761fc342d2384256a56f47649f3477e7adff11093af3d10ae3ee949761737a9835c0eb224a05a9752b09a0854a2b8c852d2b4b693ef51cfd1ffe9e687d190ca5152d0210cbd3f6b5f8eff601eed6fe4ede162c3442f112d524627249c093a19c815bffff7cf58d0b07a5d5a3c0431ea0349a47ebb5f282b34b8e3af685c8d6374e5608e0da06bb5e5ee4b37979398607a04fa7b587d8151c782dcadbac054fa0c5f4fdfdba1d6f18a33cc6a8dc305ace1522085a1f5dfa1093686ef3cbc7674febeb9cefa6b1eab4db307652e1c4ef24513cceecc17d5de439bf265e9456fabf5256ae4bbd90f650106", 0xf3}, {&(0x7f0000000e80)="0a2a2b652f313eeb03526447e5a72a2b454f81f4514561059075195445764347989e6ffe93dfbbeb8ca0322b6bd750123492289a37e540348a74a0aad9574679e58e2d74ff69b8729c11a1425b2bf59e7411f73b04d7be451327deb84d38f55ff2cbe967bd299f5b455c800eff69e9878a7d0b86742f56fef6683c2b9b387ac77bac6348b600fca2294d6ace6f4cdb0d1968e1a9fddd8b5ec0881243aef41da6010f462268a62c955f7d1df18cf7494b0c5d81f2f6ff6db7725ca1425c5d93a28564c51f329d92def26d4d5a0cd7082dd2626b12c30d", 0xd6}], 0x5, &(0x7f0000001000)=[{0x40, 0x113, 0x1, "c9450081bea514da43ba42ae2ebd91c24a06b32fdca9841c481b976aa5c8bc8442a89500d1f446ef4ed638"}, {0x48, 0x3a, 0x8, "c3fb83d0dd2f53e440831fef2794fc066152603bc2afb5c46e44de89f6b10e2d1d0ad836a0d776ecff126fc035cda44fc7c79250"}, {0x98, 0x6, 0x5, "965978a864eadae22dfdcb2c140ed8d9691738bd33a25c143cbe231c224b63f256c3e06ac6d60275b2dccf08f8eb7784c3063b06167a15e5af91fe252fc05669259cfdc0a01a6878a07dc6e1bab45db4717ab09059122d947bef37cc6198f38ab2ead4cbdcacf0ec1637bbf14b6354b9449dc8a0aee76981fa9cdc9f2ddbdf3194"}, {0x1010, 0x107, 0x1, "b4b741c84515e23fade4096d8b8eee131129d40d21295bf9c98ff1da42c61e0cc644810bac5efa4c9e24c8522af9c2c9e4918871a1a7e5d0221a41c6ce2dedab66afa51be7136504ba57cd6c105ab481dda9f68f68240c9f134328ddd1136089f255e57d2602fc4d742906c1bb5bab07952a19887d5f2dc89964ab0ac92856a3d3bfcf6c99acddf04a91050d724c4c21655439defa8c52127919a05cd45c931bb62b1edde263139631ae5388e76ef7a22fd0b8b94d7bdcb0f0d25c5e941f2c9a2e2a0edcc1ad9e03fc455e16158ebd1cbf8c1bf984a18e49a74a22f36dbb20331fc292e5f84655d9dc15d974a1b4c777c093abb83a0505cb4a20e448764940e7e4dbdbd3beb0a2918d1492742d754065629242a088cd2826eda201b06f9ad4107cb756696c9e474c86c1d93de7a0481002c6b2387e09003ca8fcb86ad88fbfe1fb812467630ef540dcfa226f983198006f739593d2f208665ebf85cdf6af867dc7dd2ab4357cfe505956f2569b63d6aa8fa585c126ab1f44680c93ab8977e0edb02a2aeb7cc34e7c9fd270d34a933de5c44eb10330942fadce79e5e94df56c3c48fa503f404ced8dd428ce65ca183b1d1167394cfbec3b4a3709243f88f9ddb7d8fd740881150d2c4823905a8ad2c3ba2bafc068546a1288ddde735be141a3ccf598f5333142d431a6bc87e1178ade6c97111855c6630c2bdb51c7b644aaacb2ef4556b1f3411b7fe12fcf75479b78003d4d0177d07f50bcfa05b5103b0e2ff5c31603bd5019273a53821df1e73bfb6d04066a403e387bf33d72d710f9d8ebac65bc0b50011eb8e8a62af7554777bc9ac12c16869f262cbcf8430e30ce55964db8b13bdba8b431b54a672c105be4c398a79beb4cdd9076c7e04b30341db96f9def10b1312020f7be69315ebea54c40c47f399ccb9262937196e1993f01383fa395696999179599e9049be5f544027749e53e8ab9644cec01d1fc05a0782ba22d72f6e4604ef73aaf733dcae09b330172e2f185f267afdea791f42d5a83e1759779fa1c5914315a5c1ae2ece6a82e6209202f76efc084554d4a46185c3eaba69497b6eefbb8dafa3ed92fd9ae243b4ddc82a7fea42cd0f10b523d8e63957335a72a4c29c2256f834d02581cca9ff92bee81de0f885fdf62ce8576768bac076e1b2f96ec63879311570817e779c4c050ab3f1074465507ea02088a726d9e875ea1769cffd53641b8b9d18ab83ba50ebbf9dffa52c4a8d0da1f574c179cab30f53f50fd0458eb24ddfc88b98918d465ca7263a2492f3b215da0ba219c364e642d3c45a3a100da88a3706bb95031709938ae172bfc3c8b1ffbf7a98a69dba4cb803e2710f2bf35629c4657c352a0044fd631d2f7b80b0b6e3ca2bc07e954587b20b19d0cdc02b6b52b7e7a02c778edc1c63ae62bfd4ced44df28d5ffcc3adc146aab03716fb63cad12297619abe37579c8b7fbd102e9e8f4243148fd6e61a802f325d9f7b080ba3afd3a2fe2981835592e6057eab47e2d38f8602b75b4fe0c42c62186771241cb3411088b0c578e158a74062c48ecb2c693bfeda9d0cd2b2371723ff096c267877187cb32d700ba0817879cee7714cf5487fdb3bf869bf44ad5047e0fe3b8a3ded00b2da1753dfed7a79df945bb3e439066171a6f60c982f0bf112f2e6ff24b4ef30904cab276e3ad0bfeee685c2a402706459bb479e91e8706e7f1605306a5f0bdd5455fd69ac4bf676327da135cd04fac2a7d9288f86f5a74ecc5418329d92c022ca5d41ac68fa0993f9feb3ad86f654926c15f1341c9b02c645ca350c415e2872de3c4baf4103c535e4fe98d2ad30328afe3257bba240e17a63baee03151e122a4986f12de0995a975d5165fe9172f98e28e2e5c3d1bf9abf1a75b7343c9af87941243185b5d2c6f4be750fd66d2c520825c4fa4699539bb1f0bbc1b43a58cc0d2981c837ff266714ef5e7ef3aef37797dd909c13b962e3ebeb2e8183a393fd7d5000cdc513bed76c3865d1f6b1782409f90a31700ea0646c2cd90321ec5d6a1be203256da8e42416b5140a2b5485239f6118f3d1f156a0cac758b67316181e0bf16266db48f2d4300c6ecb218af76cadc2d91777246f5b5a6b325df6b47f42ca8b3361ba0ccd524e650688bb364fa8aa2e7c7705114f3cdd585438c3bb3f708ba917baf45b263e9db7c88a08c5035dd7ed76d2d9698dbbc928660dc4c6036a06f06a7781cbe74e449793367ec3cbf1ec5609f59663685b55b13e2f3619fcd5a165c91f5d52adcc0e6d7d359c0310d8eb06a110f523772971a4f59c0b4a280d849f875fb87de0e02731bddbf042b99b1f21b968ae427f45a9628ed976ff52a34b3acbca1da71ef5c9f159d9d96677137380075c1da5d7db4974afd7061364c94492a9cfaa516757a4dee157de4e559958e67f10081fe00b5815be7030a3cb9d90528e98ff7272cf2a89bec9f3785e97f937f9dc161ff6431c110a9a455f67f81f87da2cf754aed92aeec6e6322fbae0c471714009d918ce75414bf5bd60158038e6d993e53ff1ff2bc3de16ecc62b93ca36e0b64cdccb94adb3bcf8e467c0d0a23dead08f256003fe46c99bcac9c0c601d018f9fe8763260aa8afc5d41183febc3997b65e806cfc555474dbb62c6e9f31c7670d3bf8657411d8a27976ea2b83b72742505208e8bd0e604dd8393b8cb2fbb6f74301f95f6b53e22fb0e10e64d3e49622e74947ad16a2fad88d7af9f8d0dc3e109f9bdd41ce104fa89e16646ee06497b18d11e07cdc99be74863422756cef098ce0690dfd294860909582271a62c2eaaea70f2e86f4faa684a21f341b637b30eea24252666eaa591b326d9765dbe7fa05beefc4f7528b71f2f15bcd8361f119c95a3ba7c90af603f1e8d29f99d6c2d7a6eef8edfd2f73894b775a3293a4e151dabb853be0ccb6748a513cf4e427953c9dcc0f4fa10b910c7eee73ebc47e937b5551f4ee70ba7f30a4c0404a1c9b514541c306cbe9b19b01216afc23ba2e2d38b0acd7adbd4a44a99d3886e5acfa4859725b585227032bea52ab3e7a37f3712e0a2bb9efb4b1e5746e02ae4c9583a3663e790ee937a3f2e718ae74bd004139fe9bb94aa1a302d7d12a0e9777cf9a46954d7de23999503b8d753491273d59f715a8a6b09909ee719f4a7fd06c3ffa0c7669356e59ee246af63c80e84bc239847c435cf98e74305779800ba161d7669e46fafc49515820600422f4a8d4bae95bff561354c7a030c73b58f914c086c7f49ae963bb92ff7dd9e75bc0372828e2bd31e7af0ed8f9453521f97c1b25d034077feada3e080b1b56654e8dc98b9cdd5f9f08a3dbf582cd2c9ba6b43ddbe3d3f66da84cb6a3c7aba93626e6e00b2ad10cc2854b9c1f8a5ef2e706eecb11a3f31506cc95dcc99ce91e12c07a0eb2896721391fcf3823e6c4b6e8d34702ff4aea315bfe894119e3b308af0038cc6f12a763cc602d00721f424ca2acecb008bbcc8ac1a4fa49b7adf8575cacd02b06070161ada2896657bdbb28de06ec1eccbaf48149660aafa946185ecf6783bb5d1f2bb0f3b96b3ebdb532068ab71d9f4d2fb6dfb7539ca496a5173b3ff6faf59a42a3a4aed696c98b2f686008a2396907c52f711d8c67f3d19449ff4bc18d2b9a3d75d1818b4261b8bc47de7a8cedf7519aebcd6bd8f6dd85cde3fbc9d418a036894b64e6122d2c9476a56471a7ac153f6774d7554de878d3581e4f1f9cf281c14dd4edbfc7d3f47faebdaf9b2ef97679d1fdb8b3b17e29994efdd84e5e61115ec68554efb241d1cd86536da863fd7ef2da1e93bef51f1ee92f87d125c75722d76dde5586bdf377b1c452e3ad6f5082d8fa63fca59f66e8ea23aa537e0da9007a36d8f53b6e7c97f701e2a1e48533b5c7f05f6ae408fadb8d5ae9958b79356656c03c128b651ffa645b2b8cccc205d050e0c291ef7cb8546651b8292f393bda9f9e59a56b60ae4e47998ce8553e9e62b5349948f21cc8d062db5af5e54d4360a661bc3529c43d00fdb015e939cb91f95b9439ec3ab6e99c5fdd174e0b0b6529b98b2f5810c8d28551b6255d7bc5858a87ad17826fd25b8e84b4d6b987664080d028c3742d78a2b029041f499818b1b30899427fc7237366e3ed88a4fb6b66219f6c9f2fa062b05712ee842fd1ca7986f192ce053fb9e059dce8dcb8ac263d890bc039adac62c11491b64c1377da053316ab644c0dd364973f5d7d990a845f5badba073681e13b86733916815a5cd8bab47d4bdfb1d14b4634e02ff5626e93e64f3f21887ab3411ec25201c278c28c34b130f1981104a639de2763da8cf59e74e308548ef21c7d3a63b8ae5ad60be944865c192b4a65aa65ec4ff0d9952569a479c6a636eb7b83208e2e0428fcd16c002b9ae2f5ab3463d657160ed540cd86ff0887453d9595e5a75191e3a1f5289ab249705ad6abbd6d692a78e1555476cb1fcd3b41c668f6abe6adfd24df5bc0df5845ff99d0f0956c744462f36b0b25444be08e6ac40b19952c233bcc0321d952b7bc8b3a0b08a7303614f6da4e03fa7aa0003cf7a4176ce674c0824d4e50483b6ce080a79efb94db946caff56bb07a5bd670eb892403d1c7d445fcfd08c803fac93dab72bae8001ac4c5611154efbb7e377149c23b8203b318dc884dc8696fdd86c05dd2d07d99c22a4e4a332799cff553a28f968846047c57fe311b1149ed78676f56f4fa1e5905575e1e0c1c687f1c537b6f515499c70da167cee1d56ed8eb31a4c9218a4fe657107b67c38fa22237b2c057bd6e5abb2ed8318292dba7569dd7efdb2934ba5dea5c0909bb02db31033a509315c63759fbb502a7614693f2d98054667433e331c70eb1f8e31a1caf2175ba0234c3953d966a346a4c3d26ad1eafe02a7a957af4a5f5093a79d70e96f31c42dbe34ac3eb2c91fc4a5456138974f24d27cf678672eb7b39974bd4b4a0d91b95b3f4d5079e4504a88bf99d84623d646fc36b50478738bbc1de91e8642e359a35cccb231da8572da35990f31f59426fca4f4f01e5726d9ff1b940e9ee96e8d956fa0b7f334eae63d09a6dab01af030c0f06db946baaabbbb56bda1595a9392621669d86eb49df789074af66793139d0c0c73f0335d50d329197c45443f2cf2a60c6419c4d80f519628d2a3c522e66e8f3c1ffce7300e50d0fa55d2fc135db80e0346a1b5127885e04a754811ec475899679ce602be1bfd7f4f371067bfda75346fa9d6fbf6652452cb611dfeb78af5d10acf7d0080913ed70334f9cfaadac27272558102b609bf786ecec6f0fa9594c8cada29ef83144470aedafb8cceea9422d9eee385e225989686e76a7a583f91f1b2f84f56a64029967abe704b2c8ae2df2ca876679dcb36be78dd1c3c1c6e5e2156fc7d3ca5dde7c248da794ed8a0952acc1e3667edbe72e124f0791322a03d969fe8907141ee30b13d6061e256d7573f7982aef76338ef1a8a2749229907266c1a4118586f61ea4d9b1d98f21e768bb1a92f2c116f8fde9badf503db411898f8843a6cf260fbb436395a4c40c478209789a4a35d2ff68e33e1ab6a70d49ad3ad7d53e7874568ee66c10c3bd003b27e0e8e7de5827399327a6d6d8dfdf572f5c2c7884ed460676ddacf045b402233b6fb4ce0b529b26e15560130ee6f388859bf2406a026e15bc94f141ffc7a002d3b9ef9273e9e8f3f656ee6c2433bba66f0da8a1d2d16a15311b824b789346d709a3114ff32a3300de46f3b3d91da1d1688e486d50025b1fd1cc966154e06ac4d338cdf8ba9bbee6efdac688e3cb2e5"}], 0x1130}}, {{&(0x7f0000002140)=@x25, 0x80, &(0x7f0000002700)=[{&(0x7f00000021c0)="0c56e13bc320b45998d6ed3909559138b870d638a7062d1d53762e87276beef40c04a9ae8c05f3aa8339cc73f2dee23c1fe7aa4f8e8644732fa5994d8337488ef92fbc94ec4acfad07993c2ea0dd4639bedc140b6630f538110543ea5d08eab1e5f08305c40467fdea1655c19c253cf2f5b0", 0x72}, {&(0x7f0000002240)="e3a0be8b827fb143d346c24bf6b2b1cd29e8190126e04c26e4b2fe95ad72c97e2691c3f21a48c8e638033e0facd32d02ccf0965c05c6bbb39f663c14c55c30e8c159c7a23ae029fdb98dbeb4a6f72a0215309b5f846118237cc6a6dd1942b641be6241a5019200b2346fe5e7a4350c3cb5df89fb3a07d8b62f71758b982d06489c4116fd67087b2dd032deac86641b0a9d794b9e568a4879c32e3af9f4c05b9403b2a50c912543e04a7e28b277e0226532e80c49fcec9525f2a1ad6dea21e6cafa64140080b70818d0c5a584fa61f8", 0xcf}, {&(0x7f0000000340)="6e3f4edc013b42aa2ab2e9a9d0b78d87654df029ad6f8e0df7761e", 0x1b}, {&(0x7f0000002380)="3d8835b194b43a4d96f7053c0c3aa59ecb2bd4172b2eae31fe0f8a8d1249a991466e5168baae9020d2b1e27041fa8ef2e5c1e19d3c93d3ad2198e837f0f9b28ef647284c97bda5f7dcc6361fba1744029d9f9d14b0ed4d011c8dccfd20012c349a40", 0x62}, {&(0x7f0000002400)="1f629d96eb072c2234f41f750af262e7d235788ae9a175e17582d874755d8d", 0x1f}, {&(0x7f0000002440)="b32149c5e61893a444c40e9fae02db2eba12f9c189aa94a70676d7df1024a6a70a6c35a1c56fc99fd5718d53d6bb83a1e9ccd5e75fb07df4c9049ee4b90cc3c873ed2eee64f008bb407bbbcd921ffc1247220e6b1382382893182df1f48b2973f686cd710d133613dd50f3831502e57a97dfb4b78094256df16be7203b3a29330201c7c6684d57e5fd8f5adcabe01bdba53c8a0409e6bbc6ab9176ae0ee39f208c133a2f713761d730d6b99ef7020831c86860aa122cd5e6d8c193", 0xbb}, {&(0x7f0000002500)="6a33b1f35b56c54cfb60e3832f592e8f821bade18eab27a3bfdc496a9a8ab46a728a723d0e837db593d110d459cbebd4d06236e35936fedfd3011e088e0c194334f9192b887e4fe7aaf3a969386877d64e9df3b65f5872ba469571355b6ba574be8fcd214e0d87e6db7c68603d791af04ea460972bea48bc99ccb5060decd837d3a71db072b200a167beb32b4643e54b0c76fde3d2169299fc44701f05b6079af8b342b9979a03408880c4d42f2b59fd06574329657af8712e41b0579c91da9f4a5e3ec619aeab41f0b970a310f4b1607e0a7d812a7a3d496f", 0xd9}, {&(0x7f0000002600)="9ca4d8987641cd47eaf7ee2bcd86c010a6762ec5ecb7f052b8bf29d22f8a064c45f9ecd303437473931394bcfd8c745f26e0b9a486dac2beebd17503435e9d6bb9e1ede2c9cfb1a5e6cbb861485ea8743eb1b6e318a38982c89b95c65f25177f25c1869965f135e7c6c977f86dc6e7dfe92c49ac17e11bb213c06e499a38eaf19284ff357b457ab9ec7f1389ff493211d36f1b93c2bfab5bed4c2d88130f16a9c893993953eb3a4b9f580c7cb1b941c0f86fd4aa6c4c310751e79376243f332988d4c99c07bf9746a8b92f253e41097fbfb3b9e3c8b3c53b7a214497e88ff79bb33f4fffa4", 0xe5}], 0x8, &(0x7f00000048c0)=ANY=[@ANYBLOB="880000000000000011000000080000004c5e41342b13ad795f2835b9be0e87ca007529f2f7ac708e6a4604af38d3b22fc3e3abbe63dcb2fe7a2653609eee019b025739e33dbec4c6d260e60ddaf9d05bfbd14e9a22292a14a8b929eef85b80621be3d789db8a85541ecce940edf74764c209bd6f0c3ca9f0b27427f4f01e224d95550000000000003000000000000000130100005e710000c38ecb2e5a9592d8f64ddf45887aa96405b3dfc8d50700d90c6aa97dbc000000e80000000000000019010000070000006648b3cc9b87da8d1e35fcbade6b01c15923e36f74b3676a9c89cf94829d37e07ecfc1d0cd11b309a38677ba85a1cf3e69cea86b9100aa1739fa76f69f1b7376bbaf7664ea6527777295d414490107201451ef3515cd2f9ea305a8ef6314e8838ec60ac02b83a920055ee49dc5ae1ac6e7e9e405526d160deb27d5cac255fd5e71da1c19110228678a75cf3d89bac9bc88ed77fb76b53f03a71734cd195b9909af7c0da239bc3701a19765778baafb45308c603cd7d65598739a92095032c399ed550a0505c39d8e8901268a9c20fd384a45d6f633971c7ffae804000000000020000000000000000f010000ff0100000381a4dc41ca0af0c7d13fa1ed000000880000000000000038000000fffffffffb38a3dd5102ce0ed41e566b310ebcf17e516bf330a7b7c556743261e671a30931fa4dcd5bd171955dfa95a4a665afabfc16bdcaeabf39ffffffff000000003bf09135265db4b46276b3a572bfeec049d405f8ea361ef0c260768a1a2f2afab8c8ae07838ade5047477091993cd0860330ff2e166c000000"], 0x248}}, {{&(0x7f0000002a00)=@hci={0x1f, 0x0, 0x1}, 0x80, &(0x7f0000003080)=[{&(0x7f0000002a80)="f22866a894f48ff0429d916f4e29f11cbb4d27929eb3e80d695b3e1a72f5d9ce227e490554d510e9d7093c795ba00db536ff8b5132a91ad351a7ec8be5017a946f09a13ec1d5d8b960f5a8f7ae6868f4aebd6fe099d6063297a84b6549b4bb35563cf3115c9eac9dc5dc3f61f469cc0151e0bee1d2af26117647e016692c0c14664bc6", 0x83}, {&(0x7f0000002b40)="30dabd41604d5d3e78ff86939d5f212cde3e14a66f98e76a6aff296bd0f1e242c126f58919fbb567036e534775ea2edf581002c99d92bf354364885e93e8", 0x3e}, {&(0x7f0000002b80)="fb0313864f84bc1a7799", 0xa}, {&(0x7f0000002bc0)="72ba5cd0ae93161f33d8ce2d6238e43e139a6f6c3019a40c5972d3e57e500f69fea05414e308d29de3f2ecd755978e0cae87a36e8333431843790d99f668e4161ef8def418ba1027446372f324db617882d3c8b53d07ff43c36259edb6a60d0f1014019493f70e9b5ef965bcd0fce6743637fb87ea5e921461afc47dbcd794170efe5e93821c7e966ea9df1e33b165871467f061cca057c872eced786d57dd8b76d32957980b0ccbc23140a357e9545974db0058d40f3536216e", 0xba}, {&(0x7f0000002c80)="f5d4c8b640da51d7f68cec0354710f1b068d8664b8c12f5196b3649056ed460c2ded75cd240ccb17bc5a599da3112a034721c990dd3abc198f57401a807dc241d827dad1a86a429ee164881e939139ed05b819776439ad3ba1c3bdd6f82f435fc31e55e11dcc6ab9fd74767defd0cd7b23f67518a99c6ad2aef391d76f6de0c2c00ee2cce97735a3a990f7cda6efc13f6927d2d667cde4ed02f02f1706c3e97d3e0b8c723a9b77bdc091dd930aa9c97e4f", 0xb1}, {&(0x7f0000004700)="134401c2aa644501957fbfe00f020186a4101790072c1482df33b6a6227f280b9eefa130148ccdbf60c59a6b5b44033afc7459bc0abbcabe4bba10f7b65d316187bd0160d584686bd0e776a2e23b86028eaf51ffc19b1a379c02a1d95334969d8ff93a4680ed3a546c4920cd8ae7265d6beb59d89dfcfd184c8b4482003e4a137ac2d1a7561e4fc26aa5620bc229f478b6eeb003f9a5", 0x96}, {&(0x7f00000047c0)="94e30e0868dd1802832784ff2ec2c6969218cc8b65da4655247fd373940a06bc7d4e0d4492c8a34e54ab3aaa2840f859ae30b40197269a85235604c006165ca022577d7c6acde5e3eeb5d61650f939c8a200dfb49ea785777ac5ef9a712825c616d1c2da29b80c13e44458e1a27d63ca4fb7abfe4365b59be13eff3505dd9032d9494f33f9a9dea62580ad125ddb0b02685b8da7eafce479e28208b3c189d0c61c6d4f20cfac79358c7ac1e8be5b07000000000000000000000000000000000000000000000000000000000000c51a62ef700000", 0xd4}, {&(0x7f0000002e40)="f3d3f92add815e2414f00e245571b99f347041b2c61ad3f53f55a84151d6e57b4829f915b4e71d89474a239a8d32387b7703212308e6332621617d1f27e2a7cc9061cceb5067f028198db8e17dea28270a95484838ee6cd4576e1cb1892a12934ad4206f8d8f792a1f8b389e21ea93075b413bd0303253ea76cdd3c6d703b2b161bb4d7e2c173971b604c56e45621c50f96e71e361d18cb773885672befe1599af91d5fccafc1abf786e6a4395fc227c57c5165ce3338a7dd13211fb8e4dccb7fa", 0xc1}, {&(0x7f0000002f40)="e906c4f89b608bb51e3dd15bddb421e080020dfc4c601b9dd0780ec2c0382fc62f9ef746d9e3d11f1ef3545a1e10eb321738a6ad1f5a11c9920885f5e40710ca01168704869ca58226a36e5a7d4e2c97ceeeab616b36b99e02902dd22e8bb05b3243dd15cd67307aeabb19845cad", 0x6e}, {&(0x7f0000002fc0)="46210b8eff649affc6e0741d3bc1f81c372993ea40b75f3cf34c61c905d74ada21346b4b1003d18b1a54fad5fd261fb7a5ce2e946551e89b0060b53ddbcced167d50b893475d0f05eecf80094c7053d7f41cd12982594601737b6f72f299e189d6e1b7c099e15c828963dffb5db47378e0906cc6768add16ce15a6a1dba657dcfdb3c0e2f89676e1849e5391e492d6bca9cef6d815354cf802a789c1b5fa24baa416bbaef992ec3d", 0xa8}], 0xa, &(0x7f0000003140)=[{0x30, 0x29, 0x80000000, "2b7fca0d835b5367633240d19a0d796eae172e9ada0c4b3f9e60587338"}, {0x18, 0x1, 0x1, "28168c5a"}, {0xc8, 0x104, 0x1, "9b9dee017351b724952b3254f04031ccd34c1d82c727eb1d3644487d6de39d848b7079ae3a5eed96f3d9abf0a215352057e6e9391490d8c39f424e017fb43f34c330b5cb3845485b5934584244ba896b16afec3a8b9b0e843da7a3bf817ba8df36f080d534079803b7e1ea423e6a46832b6f783a0b1a3e33a6a18028a83f0bd13fddea4879fefb45797a5f47aab16d7443a6ec61e5b5e8dbe227130729625f7ac24b34e75528d24c1b96b761748bfa94cc"}], 0x110}}, {{&(0x7f0000003280)=@ieee802154={0x24, @short={0x2, 0x0, 0xaaa2}}, 0x80, &(0x7f0000004640)=[{&(0x7f0000003300)="273cf416ccc07467d84f592c38a1a1457d5e3c1fed3835faa51b4119799f59581d637df1b93f05500e6bd1948660f1682f7328", 0x33}, {&(0x7f0000003340)="4a020fbd01355c8df94fee2edb84f66a907a05f6ce4352cad27c1ef10e709d183f32fbab63b30169fc9a7bbc790e00ceee55623cd1c801ae6fbd88b255e87d48a8bd6cb47697fa3c3021e7ffc0191775692168f26fda328e605afea4779ab17f14f837e87017e8151b72e23017a06876b4b8925ed805d856914e98c6f63f95986852e1b123b3878244238caf639e047feb05dd74750a0911a889b80b7ce44a0b484b057a9ca5", 0xa6}, {&(0x7f0000003400)="625d9230144a4e2dcbc31467df9f3b46af61b1380ebb19a92a9ca630f4954605208cb625e2bdc61df2dd80ca1a27fbdff0bcfe1dabd766a1d1e962b23827965515bd5eefa8e563c312117331e7ba5545b0351b173ed3b2d67b32920a24256af2c724d9411fb53fdc97fa12648bf712881d0a93459733effc7db7e0350074b5e6602c866bbe4e25ff5d5e7b7570375dbc64fdaefd4ba90e485d047a6b6ca30dfaaf5be80bc92183c917f1ea16d42adb415938735aca1edc5c221d5068858bce2b4f5b72f52fbf46aa474c2829a1e4bc6139f4aa5703be9fbafd350042768963c70bfdd325e4d58872144283c758d3de682e5ca0403c62a3c139075d29b43ecc415e55f051c53fa440a08d4a3425109d1a879de82d3e9887f6d08a448f10bed62bc78596b8d01272fb946dda107778c0b67d5a97d1641663679e1b86bfd6ec66d8ca3835fd19f150e0011894131fad6a3c4276a214d784c88bd6193ad591627ca179978a43e98aee488ddca61e04b9f21fb5d0356d85e3611ce9e7a5c76dd10646af5afea91157a757d5cc110c6ea116fa64be68a558f78320a4789f94ef1090b6dac87a9fb68aae5f57c9d60ff1cc9576292284c6356f6b85d8d4f3207361232a2f8814f85034ae576119ec94bb505e4a4a406ae29347fe78a6f2afdb2a0ae057ddf56eb958d2adf51d3a07c84324f9214fbd52bca22c7d45dfc8b91bc19503004f2e1cb958b1ccc5292c76385b429e264002cc8b0245549c7789fd621d3a2c0ffdb7b48996b44d40882f634a67675025c48e7bd54e697ac4dc46918e97f9bde4422dbe36d5e3016845129090c8e894f090d5b51a4724399be67bb4399b8a47cd9ad5a6b75e26b1944fea811a75cca92c032bcf99ff033419e4340d9bb34bbe12ab6cf6182a4c0054f969b1c0ee68b1f702ad78aa8078f97940377f4a3404f72bb8c3ae118bbcba963217aa864f445641ebf6dfb97369602991ead4fa355bbf5c9a0263a47c754b0280eb387f1885e94135c2cdab2b3f312c0f424fec097036bf77d0ab2931b9465bd72167201388c745558bf3b962661a0af998a5736c511fa87c38c81bdd26f59437cadf8d459cd65c38c388e6d7340eeee37a95fcc32a6eee82b3f7fc4a49ef9be99fb29f46da9b6504a80eb847356f4b758871d9d4cb2e5c2297b35faad7db8f07600ee9617661eb40e36efa9979a43b70a23c44cf942af34581277b5aec64da2931b0d94938a5ce6a8303e54fe61c821e937a92d84bf770b199e4a0ab71ffc987bf44841374023c6c433d5a2e8db49f6f802888ad55407b2f38aa919bd158fa91d44b9ef79f413aa15bd78695544890b06ded3be8cce6d0d87539c84362b1ee063708d8b4277a742dd070e987de9134e926b2a6501ecb999b346bdf02d39606f8214fbd8d1f6b9b7edf750420b5d9ead476b65631a43ea10dd02aaa4310c572d4cfa8964001c748cb01fefe8b49abce692bea52ee69c705e44cbbd81b868c6f08cf0e514c2275b82eec958a4349c2968e997bdda92731795b7261678af42a8d857d51b5fecdec7d197553558c281dba58c17bcf7e6476b1195d9cc6ac653ece68e6da97876ebb6af5120d2ac0ae89dc632793cd147648a2861f0c999a9d26a5b182dde2f92971bbfe2d6e32092636dc10184edb7dd05845692a79133e2ff6f9b2ff11f0714245d151e553f2b5d46c3f75450ee6293f6cdb0f481235ac47e8977b3187630792f9e9fca80f39cc777c962213d2bc24723926e123e89a3588328b9d9be7a00e0215ce4613deec57fb4cd73e776b83c1854b235f2cf101c0da4b0b027efd069b87e52997ec899e13a43a565ca8caddf2005e624b2fa57b73d64b2cbaa2ab03d8d8abfcc8b2f8e7184db29cb157bb17c183e1ec89da16c74489a499b8f6ba8f65716c86044e2bc3cea5ff24262bf0be071d7669b6e291307c82bd5585374ec16b54c1af74a14474fbba542148fde39ec2f65c3d1ded0f5773b04a727b16c6daa7b0db4d4a95d754cf0ae99c2d225bb2ad28859353b28d190ae5b53e3c1e01af52debb9928d825128ce36a669cee44e0859b358b527861adde1aaf9670251f581fce0ed65e122d621cc9c9072af6c45faffe02ab83e049baaacb4103566697e53027aea6691e7e1628ea28a20cc62494f54e7d4507f1a479bdb0f6deac8a16632202bfed7e36b38655096bfb79efb9e6d38258be9fd1b5cc00c492408e64817e046d758b33bb182d59040a35526c48fb21a47146303491fbbbaf54aabd001449372c1f5fcbfede367d1d7479106e4deb33a31379572ff86fd49417d4f4cec131c0ce65426ab4e01c7928512680708a3d2b325aa6fc307a60fa872a5cf1574e30c137af8a2ab37752a13546d90cf7f37001d92936bfacfc6149f9976e197fd859809aa69f09a608194127a00dffb8ed8014c890d5f7c59ed277cbb1d24d7786cc4e40062a9e60a2215b68f612bd04f333ce687194f56babc7ff426e7a8908d8be8920ba01d8f11352e0e1a7511ca44214b6896c18d1e331bd461fe3daa11db795d63b20ce2b5ae35a4e29ef6b23ba703fa28fdece35906c60ce3da0e72d0052c078cc6b5467ae0a81447d5bb4546120a6f13e9356af1b564eb58c8fa8d1390d56fd3772b85a0f20e8f7088792222884d6ce83507e8cbd009f10c92976f70d75e97319cdaa66e0cd0b130eeb737cbeacb4311e31b171103053f2c5540bc82b736215d62f2258f41893adac23dcb3ac6f10b4a3243865407bbcdc45cfffcfc68659e16e602d84eb70ca07481ebe9a0a3edf76f6035c819ad7849bff7c25444d7a58d5d67704773c39998dcbedfad0311648c2ab7d2417adb716d2a6db712983de9be3a9b5bc29cdc07bd1e8de9c9de4bb86e60fb40db3650b1d38951fe46f1d5394f3722394f0f7f5bea1b18580c8e6fe3c310bc773468c07c274fdc0609142128f0eb1653de162f288299745cbddf26002bf7b77ee35b069b54c8680b11bec4751cda0e4fd742e327e38dd2e9b6ff6ce03a57b7d7aa9ff88dd98ede6331c388ca7d98d70ceb53f4355a97cc5a266b1f3486bcbd76d7c1badced0a54f79d7fe3db021a6aa646d8a3d8958fdfba67811279407871d5f57e9efd3420157e1ddc7f5a73cd303f0374476f8da50bfdf6d1cb1b9fdf4e8b75d7d5b445e1e1d128d5c3bfeaedc386e1161b751aced25fc95cf8ba68b2f7c7435f19c3321b727de511e61d7807235a7d88f00584b197fe7681cf4e0740ce07568262f09746957f81b753e3b208dafbdb3bc7f4c44d8a31f9c5c9e685d83471b598fc96d8a5283d3f74fb24d7d373666d3e9ae632b6a107d648576e1f880455ba98d2af2cb9712ced4b5b0e922797c50e048034997f4d79c565d00fddb39b9b6e0a6ec799d1cb8d0b9268ca43fc549a8d48d59d70788590aee8d782f36b75ca55e229f12934963f3a3b9726c15d61f3e1b869cf24c2b5aa3daf8a42eefb5fc5980c3d9f316e7a6cde0856725cc7940776f77d2e6dcc9947909619ec42a8c528fad37e487c203c7b7ece20524d2ca9f4e982b886e5349919ad139106c1cdf8eaa7e41b5a91700f8ee280832a17cba52d5684d8449df4593db8bc12e157ba4aa9be8534bdc9e1a184faeef75d54ed43a6460d9f136529328f1025a55b43124e930588b401b4bc1fee86c17b5733ed588bf5793295638784d53050d9875f8fa5b4e138aff810a06dc39014220598aad3c6f296908fcdbaa33afb38f3c97f9d68630b6eb663bdfb6d846baaaf2f46fffceaaadd6658d2a239c80b6b863bdb006389035dc50ced5c8e8ea4d011d87e09cf53d0851abc9a9d81541e503bb31e78dc554ef843ce978ccdd758f224a72cfd4b27188b34211d0448315c3af890ca049f4ea77f8556bd4c2fcb0b2960877519a5b07cff18c8d0487a62d68e02b70f0aa371b6a45f95814a2c369980fea3113c644fb34bbcb0da713a770ff509d39289a1aaabf5821c74b372671a381686be97e94e1df5f4c252d5ef9866c5fa873ca378c97e1bb1d50546fa5b54d3d5803916a92fa920fdced0871be94b7f7bd41a3bb49bdb1f4c64a0e60569f7267e518e72ea233dd14e34b9a8aee4556f52295656a23a59658727d6532a24f25f1ca5c24a8933aec3538ab1482d575a359124f78b71a28397643efe0aef793d06906e0f5e76c0b7ae3407b38e5454c70c3e2150726f89eca32437660bba7e9f796ecddab64dda69df2ced3dd4f6933d3901f26ac888a9317742ce02e88143d3c5053c8d2eaf2c977d0cf5df32dcceb3e2bc53f2ead3fba2a6e0320d6677a49e6db4c40470fe953a2063845846e469e623d3ed9e60f20c5bf0daee1f54ee088f666766ab369118922913ffd90dfb030d2414592f83b0d4119c3e60e29f415e66972847b3d6a8524c26a2a7099e60977ef5eaa74e31f14103c48b8f4ee005fe69ce9993afbf690b10b363ea68fa23be260a17c60bd91c98b8729f08266b3d99c34cccb716a9fcf847e878ec4108d24a5aa7ba6fc800ed9ebc62d50846c136a428c59cd5124007672bb62cd7b672d01fca168deffdb5035809679644a82141f478e901c6cc344952107d22e1e21946b5a79332ee6b332949391032ead8ab59624dec5858f257b3238697c025704cb09cbf69f0d04cf0b7b27a5c89fa425db1819ec5bb3a5db23ea480bd537acf9eba8604da10d34cd0d64d8d8dff0b11262e4d5c0adb00dae9980a879011f7f267863a4377f7317b3a753898178fc13bf8d9063c6dbb8972d5343dc32a551ea95d0217ec794e274257585ef6abcc33e125d50a286d98fbd3b281a49cc0755600795715f373a22c1d416a1500a2cfd89ddb513df63c90c66de5273a9ead34f1ee05f3945fcdc3f96a8f637b1409cd7e334b64372e3027f376712096cfaa31a58f52aa7223a499b710c6dbe276682addbdcbecc74638781c62d7e8412947ac4ffd47059753cb12582d7e6ea2c79794f9451c4e4914c4490538f476d81c9caaf4230602a3a7df014fd4740a46cafac6ce205fb5fd934fc7f02eb3b16f50be544d78a6b2788ddce71baccd3c2b57a4e4c9868a0d59ff6397eb898abb301cba6b2cd007c96b766e0d45c96392d981da5e24d083bb69ff48b474601a670cb5951d5f0408c78ce8e8b1be7446d0d6d4b36c62752101a075914d52a840fc828f6a30248ad59fbb3e0c5b376cd5bedda567be94aaee71e67c6ada4d62ae69fc3e149298e688ee6e520a85c05a1ec948c6dd1e27912f546a2b780587c002d1bf91c6a0d71ca3e2d32d08d7762567c2345b4b39708595511440cd38396689d1fc95ea4283c7d18a12d15e0e73f58f7090c3c85fd2bb2ad0c8e4108229021a76a69b3083e5f2276698e0cf2401061693333ae194e1b559ba3b7944a4238febeb25fce7c28d40f07f8004213fb5b5320bcad6e7030c6eca9b2b619f93b34ff62f4c987a96d6d2dd4fb4ed2252032eb2d3f4505f9543d8397a0747cec6ff9d7c87196151ffce6191206ac3f028f16517ccd1593f8f6fbcb59a6652a4131f60b2fb5194383e2bf13fb7067a96648a238e8e7a007e75414aa912ebc6190d262104e0467db76fa0fc3128c55e63ac4587d7e6f213bde5ce91cf9f2acc1d83f8959e5c8c732bebc784934740d379af57ef2861d86b5dfa920ce1be0b40c604bb28b71c5f04d09149e9ecab5487e2e9558ad09ed29f55b2d06f290f704f62247c691cba1f3e08ba3dd8aecf3086b819eca865958aa068aec721665e84c918b2aa8236ad52ed6c9724446fdbddd002fbc4fa6bde619", 0x1000}, {&(0x7f0000004400)="0593db7b5c87c4d929d9d8335028336f0436461fef673f7b121bea8e6e42d73dbf32126547926278af7a58ae080fb43b849eaed21e6590eab73a7b342043810101e178ec3ba8bf057b526871d9fbd7d08067f2e183339b", 0x57}, {&(0x7f0000004480)="cde42f688f1b4b60e99a66a1281fe14eebeab247bab555904048959c35ed689b3de7220cbdc4034a7ab281e02e80c6feed49c97311ce9d7695c78038dcbf84f6675314fdf9e60e88643ccd210cc57a8dbbae1429b7285679cacfc179c0d7190e794c1c6b3654c286bc317bf62205c03e4ccccf731fea9695d97617ad5227e9b226580ec4c204b6d3d18eab89c3fe9ff8a252741513fbb6b04398b9da08ee812447b08ae16ed1cb9a5741c9b184c624edc58644be0bb9d51d3409913d6f033120e2e46fd6255e22b242d4", 0xca}, {&(0x7f0000004580)="cf9db98554417780365f359ca0723ad373d918ad8c5d215ed0912041656668a7c9e875eddb039c6c561108da782e4ea41a589c0e16e0492c9ebd2a19a8fb7d6ed0fc5fbf966cd8d5fd491f5b376d8bc25b0a0e8d31efab9bf839ec31b4c5820c2fc4310cd4fc4209a4dd155126f1837045d242cc03ddc2690d99f71dfaf1c26ad3cbb4ab809697e0b8", 0x89}], 0x6, &(0x7f00000046c0)}}, {{&(0x7f0000005840)=@pppol2tpin6={0x18, 0x1, {0x0, r0, 0x4, 0x2, 0x0, 0x4, {0xa, 0x4e23, 0xc, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x80, &(0x7f0000005900)=[{&(0x7f00000058c0)="158254e52994b40192e30c9ecbd756e2777af3", 0x13}], 0x1, &(0x7f0000005940)=[{0xa8, 0x102, 0x1, "40480af3afb5ab6d79e1eadbdd37114582276691e75d8fc27847259f721672eed5a67bc0576032eb5f34deb11279fa39743fcfd4ab7169e5b824c7a28ef19750bf2cea374b30f7c91d878899bb8ab5d85e2eb7db0291849b82d05aac1d783521600e78b015fa2fac6ed3834a9254a79c5bb20d63e8ec509eda2e9bfd99c917ae0e8e048066394f6d3972503ed87ecbb791b5e49511"}, {0x80, 0x2b, 0x1, "d2e266c6c57cb5a8096fe39d896d03065dc3a216ff563cecc8ab3c1bde58643020aa45afd927a20e0178aed0e8daa694c3d9986ece8a115f75b14b22e44f8a8e611c08fba6fad5bd4fa89888b02665e98e716308ae32668672a064b4c30042553089a1ff6fd2d7850a5518f09b36"}, {0xc8, 0x118, 0x5, "2cb4a36f5ecd88b9a6ea7d88a3463ba32b571e40eda5a90dcdd2b74adbc5ccd6d49036adbf85facc6fa29ba26cdf970dee2cda8b3191162fc60f27d1299cd592218b50c6a4a3e94f8ec5fb7b85ee6ccf17866c96767cdc7d933decc68c6dc9f0a1a7a0365f46dd2d087ec202875b1a037f3bdf937aa9b789cfa722099532252e33a05354063b7f667159937d129e81ccea6c0da7348b556aa1f7698a498cc5c471d83b9d6eba220cf53ae9e2aea018e633e0607f1e8ac0b2"}, {0x108, 0x108, 0xe116, "5eb63c7808379ebfe4045b53aaf1d186380fff4f9e08255262ab16c9f2c6f5ee589b245fbf2f41d9b8ef733f8b63c2cad438312299a87c33ed292210cee7650643ae48237dc596cc542d9d56485771f1b1955872c1d46b1ac12e774e4745151d7e92eeeb741ddf1b0dd6ca8346e21b3866e5a74dd9ace7ef06fe9ed68a6a4ea9d83bcf39269abfff42505278ec82b204d8c800a03ef5b4f92e3ca4c2f7d57c2fa1a31f222e83164b9ab328edd897007cce65c6c30977dae589d1df81cc632efd791236ec1f582bf5409ede489b8200750f02b004ad3a1a6d518e30d2595e460fbaf1683bc08038581bc944d7128b0aa82c734a"}, {0xe8, 0x102, 0x2, "639ab5003642721fe13a9a3ffb7eee478b89d9e6072795677c08282f83e4df7f43f40bf165166485dbfb6c1afa667c33f8f4b65ec676bf867ec5819ab05b6abc26faf4e276d272cf1f42eea1d0e1b6c20b9b0787e1914b4fa72ccadee9782da6fc7f13b2616d67cf40d810d70fd7f76b7b070d0351f3224f45a280772f370ae35e8d976e494c487fbf741053b7c625a1bfba21f0dbbcdd6d97b86f04f5e84a503bbe7fb27e29e23cef9d5994c203e57a263d6e75d66c0a49e3226f445e9a971dfb483e076165765671f277feba0cfdf5442d40225e"}, {0x50, 0x108, 0x8, "26eac49dc7ac7f3229863d68159c69d0da228c4e2e55014ded0149bc71e50e71d1e7d534f10cd04110b444d4375cd819e28dec6a5d233fd7a4450f6d3b934f"}, {0x18, 0xe3, 0x849, "e9f148a824"}, {0x20, 0x118, 0x401, "e784e2c1de4b9133535b"}, {0x48, 0x10c, 0x6, "ab871e89db4ab3df0b7e63506992ba32ebefd9c9d6cde6c4162b6cc38135fc083516c00393fad4b796beba07f1c97b6ce9962121"}], 0x4b0}}], 0x6, 0xa1a)
sendmsg$NL80211_CMD_DEL_KEY(0xffffffffffffffff, &(0x7f000000bf00)={0x0, 0x0, &(0x7f000000bec0)={&(0x7f0000000000)=ANY=[@ANYRES8, @ANYRESHEX=r4, @ANYRES8=r3, @ANYRES32=r2, @ANYBLOB="0a0006000802110000000000"], 0x28}, 0x1, 0x0, 0x0, 0x4008000}, 0x840)

30.982209549s ago: executing program 5 (id=2839):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x2)
fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, 0x2)
r1 = dup(r0)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000300)={0x2, {0x2, 0x0, 0x0, 0x101}})

29.934308804s ago: executing program 5 (id=2843):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prlimit64(0x0, 0xf, &(0x7f0000000000)={0x9, 0xffffffffffff8c97}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x4, 0x6c, 0x0, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000005000000fd0900008400000005010000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r0}, 0x38)

29.586498054s ago: executing program 5 (id=2845):
ioctl$SNDCTL_SEQ_RESET(0xffffffffffffffff, 0x5100)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="150a0000000000007910480000000000610410000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000080)=@generic={&(0x7f0000000000)='./file0\x00'}, 0x18)

29.359915982s ago: executing program 5 (id=2846):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) (async, rerun: 64)
shutdown(r0, 0x1) (async, rerun: 64)
shutdown(r0, 0x1)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000040)={0x0, 0x2, 0x2, 0x2, 0x0, [@ipv4={'\x00', '\xff\xff', @local}]}, 0x18)
r1 = socket$inet_sctp(0x2, 0x5, 0x84) (async)
r2 = socket(0x2, 0x80805, 0x0) (async, rerun: 64)
r3 = openat$vimc1(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) (rerun: 64)
ioctl$VIDIOC_SUBDEV_S_FMT(r3, 0xc0585605, &(0x7f0000000200)={0x0, 0x0, {0x200, 0x5, 0x1007, 0x2, 0x5, 0x8, 0x0, 0x5}})
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0) (async, rerun: 64)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000002800), 0x2, 0x0) (rerun: 64)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r5, 0x4008af60, &(0x7f0000000040)={@host})
ioctl$VHOST_SET_VRING_BASE(r4, 0xaf01, 0x0) (async)
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000580)={0x0, 0x1, 0x0, 0xfffffffffffffffd, 0x0, 0x4000}) (async, rerun: 32)
ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000940)) (rerun: 32)
ioctl$VHOST_VSOCK_SET_RUNNING(r4, 0x4004af61, &(0x7f0000000080)=0xfffffffd)
ioctl$VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f00000003c0)={0xffff, 0x0, 0x4, {0x6, @vbi={0x37c6, 0x8, 0x9, 0x30314247, [0x2, 0xfffffff4], [0xacd, 0x6], 0x2}}, 0x3}) (async)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000080)={0x0, 0x68, &(0x7f0000000100)=[@in={0x2, 0x4e21, @loopback}, @in={0x2, 0x4e20, @private=0xa010100}, @in6={0xa, 0x4e24, 0x1, @mcast1, 0x8}, @in6={0xa, 0x4e22, 0x800, @loopback, 0x7}, @in={0x2, 0x4e22, @multicast1}]}, &(0x7f00000001c0)=0x10) (async)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000000)={0x0, 0x2}, 0x8)

29.161901304s ago: executing program 5 (id=2848):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x181})
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x3)

13.981883186s ago: executing program 38 (id=2848):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x181})
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x3)

12.999745763s ago: executing program 1 (id=2880):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r1, &(0x7f00000003c0)={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0202}}}, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000006b80)=[{{&(0x7f0000000040)={0xa, 0x4e24, 0x0, @local}, 0x1c, 0x0}}, {{&(0x7f0000000340)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f00000009c0)=ANY=[], 0x2e8}}], 0x2, 0x0)
recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x12020, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00'}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$EBT_SO_SET_ENTRIES(r5, 0x0, 0x80, &(0x7f0000000000)=@nat={'nat\x00', 0x19, 0x4, 0x590, [0x200001c0, 0x0, 0x0, 0x20000500, 0x20000530], 0x7, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000190000000a00000000156e727000000000000000000000000000626f6e643000000000000000000000007465616d5f736c6176655f310000000062637366300000000000000000000000ffffffffffffffff007f9992c1d7c2000000ffe2ffffffff0000e0000000500100008801000073747000000000000000000000000000000000000000000000000000000000004800000000000000020000000200006e8700ffffffffffffffffffbc00000000000000003b0a000002000900efb5b7053aba0fd6ffff00004e234e21040071ac0600ff7f38280300050007000004000000000000008e25f6ffffffffffffc86cb1cc1d400028000000000000000000001000000000000000d1f9c15dee9e0000ffffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0f00e0fdffffff00000000736e617400000000000000000000000100000000000000000000000000000000100000000000000028e7d65d441c13d7feffffff0000000003000000400000000011746e616d3000000000000000000000006772657461703000000000000000000076657468315f746f5f5b6f6e64000000626f6e6430000000000000000000000052a1927247eaffff470000006a72dd4b319d0000ff3400000000e8000000500100008801000069703600000000000000000000000000000000000003000000000000000000005000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa000000ff10000000ffffffff000000000700ffffff000000ffffffff00000000093b14044e204e234e214e24000000006172707265706c7900000000000000000000000000000000000000000000000010000000000000000180c20000010000feffffff0000000072656469726563740000000000000000000000000000000000000000000000000800000000000000fcffffff00000000646e6174000000000000000000000000000000000000000000000000000000101000000000000000aaaaaaaaaaaa0000ffffffff0000000000000000000000000000000000000000a30000000000000000000000d20000000000000002000000ffffffff0000000000000000000000000000000000000000000000000000000000001c00000000000000000002000000ffffffff02000000090000004a00000000020000000000000000000000000000000073797a5f74756e000000000000000000626f6e6430000000000000000000000069705f767469300000000000000000009f7f83bde3fa0000ffffffffffffffffffffff0000ffffff0000c0000000c00000000801000068656c70657200000000000000000000000000000000000000000000000000002800000000000000010000006664702d32303030300000000000000000000000000000000000000000000000000000004552524f520000000000000000000000000000000000000000000000000000002000000000000000c3331f141f48b36a6e8a93c4f2796fab65c75e2fdab6f98342ae6b68a6b900000500000002000000e90d69705f76746930000010000000000000627269646765300000004000000000006966623000000000000000000000000076657468345f746f5f626f6e64000000aaaaaaaaaa11ff0200ffffffffffffffffffffff00ffffff0000b0000000b0000000e800000071756f746100000008000000000000000000000000000000000000000000000018000000000000000000000000000000010000000000000007000000000000006165706c79000000000000000000000000000000000000000000000000aaaaaaaaaabb0000feffffff0000adcc00"/1424]}, 0x608)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000400)='percpu_alloc_percpu\x00', r4}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

12.460329222s ago: executing program 9 (id=2881):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0xc, 0xc, &(0x7f0000000880)=@framed={{0x18, 0x0, 0x0, 0x0, 0x31}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r0}, {}, {0x3, 0x3, 0x3, 0xa, 0x5}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x1e}}]}, &(0x7f0000000840)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
shmat(0x0, &(0x7f0000000000/0x4000)=nil, 0xffffffffffffcfff)
r1 = socket$packet(0x11, 0x3, 0x300)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r1, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f00000001c0)={'batadv_slave_1\x00'})
syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), r2)

12.287971759s ago: executing program 1 (id=2883):
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
r1 = socket$kcm(0x29, 0x2, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfecc)
sendmsg$NFC_CMD_DEP_LINK_UP(0xffffffffffffffff, 0x0, 0x40)
r2 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r2, 0x10c4}], 0x1, 0x0, 0x0, 0x0)
r3 = syz_open_dev$cec(&(0x7f0000000080), 0x0, 0x82a80)
ioctl$CEC_S_MODE(0xffffffffffffffff, 0x40046109, &(0x7f0000000040)=0xf0)
close_range(r3, 0xffffffffffffffff, 0x0)
acct(0x0)

11.71196148s ago: executing program 9 (id=2884):
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x6, &(0x7f0000000440), 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019640)=""/102400, 0x19000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
setsockopt$inet_dccp_int(r0, 0x10d, 0x4, 0x0, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r7, 0x84, 0x71, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r7, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x4}, 0x8)
sendmsg$inet6(r7, &(0x7f0000003940)={&(0x7f00000024c0)={0xa, 0x4e20, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7fff}, 0x1c, &(0x7f0000003700)=[{&(0x7f0000002500)="847b", 0x2}], 0x1}, 0x4040)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
ioctl$DRM_IOCTL_DROP_MASTER(r6, 0x641f)

10.415888153s ago: executing program 9 (id=2886):
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{0x0, 0x18}], 0x1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000025c0)=@delchain={0x1d0, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff2}}, [@filter_kind_options=@f_route={{0xa}, {0x1a0, 0x2, [@TCA_ROUTE4_CLASSID={0x8, 0x1, {0xa, 0xe}}, @TCA_ROUTE4_ACT={0x194, 0x6, [@m_simple={0x190, 0x1f, 0x0, 0x0, {{0xb}, {0x84, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x401, 0x2, 0x1, 0x2, 0x8}}, @TCA_DEF_DATA={0x2d, 0x3, '@-^[\xa5&,.\x00pe\xe9\xb9\xf1Q+=\xdf\xacqd\xb4\xd3\rj6\xb4\xa6fz\x91\xa6\xe9\xdfy\xef\xbcY\xbb[a'}, @TCA_DEF_DATA={0x7, 0x3, 'lo\x00'}, @TCA_DEF_DATA={0xb, 0x3, 'simple\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x6, 0x1, 0x10000000, 0x4, 0x8}}, @TCA_DEF_DATA={0xb, 0x3, 'j\xbf!*{$\x00'}]}, {0xe1, 0x6, "bb56072c27c5e2984fb9b39740c7dea2e6372a168bf1fdb8ecb6019c9f5db834fcaca18620641b7aab2922f69d2f9b062f5ec4be8a5a603fe7236ffd67f60e9e007b34e0f9cb58fc8855dae5289e4e856559f64bc5a1c5683263937fdd088e5f34874e0d2d2273a7a09810d9042b32fb69223c74e88c41fda5268c22a3107d32ee49d3a99665178abfde24d27a872b23ece9d09c9560070a6e3cca383ccb4d1a6d7c302ab3ee820e67d26e78f72566a2f9765698d783e6c14d8da6156473bc39143eaba66c1921f94f19f65bc88b127c0eb8ac765b9220105c7c1060a0"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}]}}]}, 0x1d0}}, 0x0)
unshare(0x4c020600)
socket$inet6(0xa, 0x800000000000002, 0x0)
unshare(0x20040600)
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
ioctl$SNDCTL_DSP_SETTRIGGER(r1, 0x40045010, &(0x7f0000000000)=0x801)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r2, 0x4112, 0x0)

10.228007417s ago: executing program 1 (id=2887):
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000340)=0x12)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040))
ioctl$UFFDIO_WRITEPROTECT(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2})
request_key(&(0x7f00000001c0)='rxrpc_s\x00', &(0x7f0000001ffb)={'syz', 0x1, 0x7}, &(0x7f0000001fee)='y\xa9rustV\x1eS=\xd4\x16\x95:e\x00\x00\x00', 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$UFFDIO_CONTINUE(r2, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f0000800000/0x800000)=nil, 0x800000}, 0x1})
syz_io_uring_setup(0x4aa, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x0, 0x3}, &(0x7f0000000000), &(0x7f00000001c0))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x37, 0x7fffffff}]})
close_range(r2, r1, 0x0)

9.393895613s ago: executing program 3 (id=2891):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r0, 0x0, 0x1}, 0x18)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000180)={0x4})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r2, 0x4010ae68, &(0x7f0000000500)={0x4, 0x1000}) (fail_nth: 1)

8.200030644s ago: executing program 1 (id=2893):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.events\x00', 0x275a, 0x0)
r1 = socket$kcm(0x29, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x89e1, &(0x7f00000003c0)={r0})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x15, 0x10, &(0x7f0000000040)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x8}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffff5}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000240)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @sk_reuseport, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

7.626173225s ago: executing program 1 (id=2895):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0303000000da0f000000130000000c0009"], 0x14}}, 0x0)

7.403731445s ago: executing program 1 (id=2896):
chdir(0x0)
openat(0xffffffffffffff9c, 0x0, 0x300, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, 0x0, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000280)={0xa, 0x0, 0x0, @dev, 0x4}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x20, &(0x7f0000000100), 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8000000000000008, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
capset(0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x2, 0xc, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="0500000008000000e27f00000100000000000000", @ANYRES32, @ANYBLOB="0000000000000000000017000000000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000007290000000000000000850000006d00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = memfd_create(&(0x7f0000000100)='\vem\xda\x99R@m\xfc\xfe\x9b#*\xff', 0x0)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r4}, 0x10)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r2, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount(&(0x7f0000000000)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080)='vxfs\x00', 0x18642, 0x0)

7.037113384s ago: executing program 3 (id=2897):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x101000, 0x0)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0xc)
setsockopt$inet_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
ioperm(0x83, 0x6, 0x8)
r2 = socket$netlink(0x10, 0x3, 0x10)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000000), 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x9007}, 0x4)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = dup(r6)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r6, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r6, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000})
ioctl$KVM_NMI(r8, 0xae9a)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r9 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r9, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
sendmsg$ETHTOOL_MSG_RINGS_SET(r3, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000100)={0x3c, r4, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_RINGS_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'wlan1\x00'}]}, @ETHTOOL_A_RINGS_RX_MINI={0x8, 0x7, 0x6000000}, @ETHTOOL_A_RINGS_RX_JUMBO={0x8, 0x8, 0x6}]}, 0x3c}}, 0x0)

5.165838396s ago: executing program 3 (id=2899):
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setsockopt$inet_opts(r0, 0x0, 0x6, &(0x7f0000000440), 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019640)=""/102400, 0x19000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x74, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
setsockopt$inet_dccp_int(r0, 0x10d, 0x4, 0x0, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r7, 0x84, 0x71, &(0x7f00000020c0), 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r7, 0x84, 0x75, 0x0, 0x0)
sendmsg$inet6(r7, &(0x7f0000003940)={&(0x7f00000024c0)={0xa, 0x4e20, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7fff}, 0x1c, &(0x7f0000003700)=[{&(0x7f0000002500)="847b", 0x2}], 0x1}, 0x4040)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
ioctl$DRM_IOCTL_DROP_MASTER(r6, 0x641f)

3.933986251s ago: executing program 3 (id=2900):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
userfaultfd(0x80001)
ioctl$FIBMAP(0xffffffffffffffff, 0x5385, &(0x7f0000000080))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000140)=@newqdisc={0x4c, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xa}, {0xffff, 0xffff}, {0x0, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x5a1f, 0x8, 0xa5, 0xffff, 0x6, 0xb1166a1}}}}]}, 0x4c}}, 0x44080)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=@newqdisc={0x34, 0x24, 0xd0f, 0x70bd26, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xfff2, 0x6}, {0x0, 0x7}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}]}, 0x34}}, 0x800)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'lo\x00', <r5=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x12, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x34, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r5, {}, {0xb, 0xa}, {0x1, 0xf}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x4}}]}, 0x34}}, 0x4000)

3.736088461s ago: executing program 7 (id=2901):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600000000000000", @ANYRES32=r3, @ANYBLOB="01000000020000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@newlink={0x4c, 0x10, 0xffffff1f, 0x0, 0x80, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_ERSPAN_INDEX={0x8, 0x15, 0x49774}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x4c}}, 0x4080)

3.431170951s ago: executing program 7 (id=2902):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prlimit64(0x0, 0xf, &(0x7f0000000000)={0x9, 0xffffffffffff8c97}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x4, 0x6c, &(0x7f0000000800)=ANY=[@ANYBLOB], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000005000000fd0900008400000005010000", @ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r0}, 0x38)

2.645251759s ago: executing program 7 (id=2903):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
r1 = fanotify_init(0xf00, 0x0)
fanotify_mark(r1, 0x105, 0x4800003a, 0xffffffffffffffff, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000300)={@in={{0x2, 0x4e22, @private=0xa010302}}, 0x0, 0x0, 0x47, 0x0, "0aaa8ff5a212a1bd3bbda613efd9c8b4965dca66db42f66a86e5781cf86717055a7c1d13e650a95a774ef95f2fc1b947e03d5c8379123f2561dec95dd367b54267cb9ff147a4d33a097d2269351b3ed3"}, 0xd8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KDGETLED(0xffffffffffffffff, 0x4b31, &(0x7f00000000c0))
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x4c, 0x0, 0x3a)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x10000, &(0x7f0000000600)={[{@subsystem='hugetlb'}, {@cpuset_v2_mode}, {@subsystem='cpuacct'}, {@name={'name', 0x3d, ' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, {@favordynmods}, {@favordynmods}, {@cpuset_v2_mode}, {@name={'name', 0x3d, 'afs\x00'}}, {@noprefix}, {@favordynmods}, {@release_agent={'release_agent', 0x3d, './file0'}}, {@release_agent={'release_agent', 0x3d, './file0'}}]})
bind$bt_sco(r0, &(0x7f0000000000)={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}}, 0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x10, 0x3, &(0x7f0000000000)=@framed={{0x62, 0xa, 0x0, 0xffc4, 0x0, 0x71, 0x10, 0x16}}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2.478646421s ago: executing program 9 (id=2904):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r1, &(0x7f00000003c0)={0x24, @long={0x3, 0x2, {0xaaaaaaaaaaaa0202}}}, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000006b80)=[{{&(0x7f0000000040)={0xa, 0x4e24, 0x0, @local}, 0x1c, 0x0}}, {{&(0x7f0000000340)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f00000009c0)=ANY=[], 0x2e8}}], 0x2, 0x0)
recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x12020, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00'}, 0x10)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$EBT_SO_SET_ENTRIES(r5, 0x0, 0x80, &(0x7f0000000000)=@nat={'nat\x00', 0x19, 0x4, 0x590, [0x200001c0, 0x0, 0x0, 0x20000500, 0x20000530], 0x7, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff02000000190000000a00000000156e727000000000000000000000000000626f6e643000000000000000000000007465616d5f736c6176655f310000000062637366300000000000000000000000ffffffffffffffff007f9992c1d7c2000000ffe2ffffffff0000e0000000500100008801000073747000000000000000000000000000000000000000000000000000000000004800000000000000020000000200006e8700ffffffffffffffffffbc00000000000000003b0a000002000900efb5b7053aba0fd6ffff00004e234e21040071ac0600ff7f38280300050007000004000000000000008e25f6ffffffffffffc86cb1cc1d400028000000000000000000001000000000000000d1f9c15dee9e0000ffffffff000000006172707265706c790000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa0f00e0fdffffff00000000736e617400000000000000000000000100000000000000000000000000000000100000000000000028e7d65d441c13d7feffffff0000000003000000400000000011746e616d3000000000000000000000006772657461703000000000000000000076657468315f746f5f5b6f6e64000000626f6e6430000000000000000000000052a1927247eaffff470000006a72dd4b319d0000ff3400000000e8000000500100008801000069703600000000000000000000000000000000000003000000000000000000005000000000000000fe8000000000000000000000000000bbfe8000000000000000000000000000aa000000ff10000000ffffffff000000000700ffffff000000ffffffff00000000093b14044e204e234e214e24000000006172707265706c7900000000000000000000000000000000000000000000000010000000000000000180c20000010000feffffff0000000072656469726563740000000000000000000000000000000000000000000000000800000000000000fcffffff00000000646e6174000000000000000000000000000000000000000000000000000000101000000000000000aaaaaaaaaaaa0000ffffffff0000000000000000000000000000000000000000a30000000000000000000000d20000000000000002000000ffffffff0000000000000000000000000000000000000000000000000000000000001c00000000000000000002000000ffffffff02000000090000004a00000000020000000000000000000000000000000073797a5f74756e000000000000000000626f6e6430000000000000000000000069705f767469300000000000000000009f7f83bde3fa0000ffffffffffffffffffffff0000ffffff0000c0000000c00000000801000068656c70657200000000000000000000000000000000000000000000000000002800000000000000010000006664702d32303030300000000000000000000000000000000000000000000000000000004552524f520000000000000000000000000000000000000000000000000000002000000000000000c3331f141f48b36a6e8a93c4f2796fab65c75e2fdab6f98342ae6b68a6b900000500000002000000e90d69705f76746930000010000000000000627269646765300000004000000000006966623000000000000000000000000076657468345f746f5f626f6e64000000aaaaaaaaaa11ff0200ffffffffffffffffffffff00ffffff0000b0000000b0000000e800000071756f746100000008000000000000000000000000000000000000000000000018000000000000000000000000000000010000000000000007000000000000006165706c79000000000000000000000000000000000000000000000000aaaaaaaaaabb0000feffffff0000adcc00"/1424]}, 0x608)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000400)='percpu_alloc_percpu\x00', r4}, 0x10)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b702000001000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

1.867244958s ago: executing program 9 (id=2905):
syz_emit_vhci(&(0x7f00000007c0)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x6, 0x1, 0x2019}}}, 0x7)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000540)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@ETHTOOL_A_FEATURES_WANTED={0x4}, @ETHTOOL_A_FEATURES_HEADER={0x4}]}, 0x1c}}, 0x0)
r2 = syz_open_dev$sg(0x0, 0x0, 0x0)
ioctl$SG_SET_TIMEOUT(r2, 0x2201, &(0x7f0000000000)=0xfffff800)

1.816545204s ago: executing program 7 (id=2906):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
r4 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x1}, 0x0, 0x0, 0x0)
r5 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, r4)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r5, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x1e, r4, 0x0, r5, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xe, 0x4, 0x4, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xb, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x0, 0x6, 0x9}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0x50}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x5, 0x0, 0xd, 0x0}, {0x18, 0x2, 0x2, 0x0, r7}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x5, 0x1, 0x5, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r10 = syz_open_pts(r9, 0x0)
ioctl$TIOCVHANGUP(r10, 0x5437, 0x0)
close(r9)
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000000640)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040), 0x111, 0x9}}, 0x20)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6}]})
chdir(0x0)

1.635587395s ago: executing program 3 (id=2907):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='contention_end\x00', r0, 0x0, 0x1}, 0x18)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r1 = syz_open_dev$media(&(0x7f0000000000), 0x0, 0x20200)
ioctl$MEDIA_IOC_ENUM_LINKS(r1, 0xc0287c02, &(0x7f0000000100)={0x80000000, &(0x7f0000000040), &(0x7f0000000080)})
io_setup(0x3, &(0x7f0000000180)=<r2=>0x0)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
io_submit(r2, 0x1, &(0x7f0000002340)=[&(0x7f0000000080)={0x0, 0x300, 0x0, 0x5, 0x0, r3, 0x0}])
linkat(r3, &(0x7f0000000200)='./file0\x00', r3, &(0x7f0000000240)='./file0\x00', 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'bridge_slave_0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="240000001d00070f000200000000000007000000", @ANYRES32=r5, @ANYBLOB='\x00\x00g\x00\b\x00\b\x00', @ANYRES64=r5], 0x24}}, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r7, 0x4010ae68, &(0x7f0000000500)={0x4, 0x1000})

387.152838ms ago: executing program 7 (id=2908):
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(r0, 0xc1205531, &(0x7f0000000080)={0x0, 0x5, 0x0, 0x0, '\x00', '\x00', '\x00', 0x0, 0x0, 0x0, 0x0, "57d4915b52cdfd588ea56ed6c1ca719a"})
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r0, 0x80dc5521, &(0x7f0000000000)=""/1)

302.397027ms ago: executing program 9 (id=2909):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00', <r0=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0x600351f121a6d982, &(0x7f0000000140)={0xb}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
close(r4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x64, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$sock_proto_private(0xffffffffffffffff, 0x89e0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000010c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="00001200000000000000", @ANYRES32, @ANYBLOB="0000f8ff0000ce24989fa804d8e300"/28, @ANYRES32=0x0, @ANYRES32, @ANYRESHEX=r1, @ANYRES64=r1], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000780)=ANY=[@ANYRES32=r7, @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
sendmsg$inet(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x22fe0}], 0x1}, 0x0)
recvmsg$unix(r5, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x2)
mkdir(0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000cc0)=@delchain={0x44, 0x65, 0x300, 0x70bd2a, 0x25dfdbfc, {0x0, 0x0, 0x0, r0, {0x9, 0xb}, {0x5, 0x1}, {0x0, 0xfff3}}, [@filter_kind_options=@f_route={{0xa}, {0x14, 0x2, [@TCA_ROUTE4_IIF={0x8, 0x4, r0}, @TCA_ROUTE4_IIF={0x8, 0x4, r0}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x20008840)
r8 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r8, &(0x7f0000000040)={0x1d, r0, 0x2, {0x1, 0x0, 0x4}, 0x2}, 0x18)
ioctl$BTRFS_IOC_BALANCE(r8, 0x5000940c, 0x0)

301.473674ms ago: executing program 7 (id=2910):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00'}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="120100006325a640402000498b4d000000010902240001000000000904000002214c6a0009050702000000da000905890e"], 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000280)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2}}}}}}}, 0x0)

0s ago: executing program 3 (id=2911):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x470f, 0x800008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$inet6(0xa, 0x3, 0x7)
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x6000, 0x0)
getsockopt$bt_hci(r0, 0x84, 0x82, &(0x7f0000000080)=""/4076, &(0x7f00000010c0)=0xfec)
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, &(0x7f0000001280)={0x2, 0x0, @ioapic={0x4000, 0x8, 0xfffffffa, 0x3, 0x0, [{0xb4, 0x9, 0x5, '\x00', 0x2}, {0xc8, 0x19, 0x80, '\x00', 0x6}, {0x48, 0x2, 0x3, '\x00', 0x7}, {0x3, 0x4c, 0x4, '\x00', 0x1}, {0x5, 0x3, 0x8, '\x00', 0xfd}, {0x0, 0x3, 0xff, '\x00', 0x81}, {0x5, 0x5, 0x96, '\x00', 0x1}, {0x2, 0x5, 0x35, '\x00', 0xff}, {0x3, 0x0, 0x4, '\x00', 0x10}, {0x3, 0x7, 0xff, '\x00', 0x80}, {0x6, 0x38, 0x1f, '\x00', 0x60}, {0x6, 0x0, 0x2, '\x00', 0x8}, {0x81, 0x2, 0xfe, '\x00', 0xf9}, {0x81, 0x8, 0x3, '\x00', 0xf}, {0x7, 0x4, 0x7}, {0x71, 0x6, 0x89}, {0x40, 0x80, 0x0, '\x00', 0x4}, {0x9, 0x1, 0x2, '\x00', 0x2}, {0x3, 0x6a, 0x5, '\x00', 0xa}, {0x40, 0xa6, 0x2, '\x00', 0x3}, {0x0, 0x5, 0xae, '\x00', 0x8}, {0x3, 0xff, 0x2, '\x00', 0x2e}, {0x1, 0x3, 0xff, '\x00', 0xb}, {0x2, 0x21, 0x80, '\x00', 0x7}]}})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
mount(0x0, &(0x7f0000001200)='./file0/file1\x00', &(0x7f00000014c0)='proc\x00', 0x100408, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000180)='maps\x00')
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r2, 0xc0502100, &(0x7f0000001180)={0x0, <r3=>0x0})
sched_setaffinity(r3, 0x0, 0x0)
r4 = openat$nci(0xffffffffffffff9c, &(0x7f0000001600), 0x2, 0x0)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0xffffffffffffffff, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r4, 0x0, &(0x7f00000000c0)=<r5=>0x0)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x85, &(0x7f0000000300)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x2000}, 0x90)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NFC_CMD_DEV_UP(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001500)=ANY=[@ANYRESOCT=r5, @ANYRESOCT=r7, @ANYBLOB="21020000000000000000080001000000a4a6", @ANYBLOB="8d2261015a058f49b8a88ad24199bafade9a92b144dbb2eaa811560c563f22ba7425960dd45ae850934a6193e270abab40e8532bfa401076f3a41b86893444e9a2d6bb969520671278a543ab1af110aa707168bfb75592a7dc93026d"], 0x1c}, 0x1, 0x0, 0x0, 0x4000004}, 0xc0c4)
write$nci(r4, &(0x7f0000001500)=ANY=[], 0x4)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$sysctl(0xffffffffffffffff, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r8 = accept4$ax25(r2, &(0x7f0000001640)={{0x3, @null}, [@rose, @null, @null, @null, @netrom, @null, @default, @null]}, &(0x7f00000015c0)=0x48, 0x80000)
ioctl$ifreq_SIOCGIFINDEX_vcan(r8, 0x8933, &(0x7f0000001080)={'vxcan0\x00'})

kernel console output (not intermixed with test programs):

mmy_hcd
[  831.773316][T14331] FAULT_INJECTION: forcing a failure.
[  831.773316][T14331] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  831.798373][T14331] CPU: 0 UID: 0 PID: 14331 Comm: syz.7.2310 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[  831.809174][T14331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  831.819245][T14331] Call Trace:
[  831.822531][T14331]  <TASK>
[  831.825476][T14331]  dump_stack_lvl+0x241/0x360
[  831.830176][T14331]  ? __pfx_dump_stack_lvl+0x10/0x10
[  831.835386][T14331]  ? __pfx__printk+0x10/0x10
[  831.839982][T14331]  ? snprintf+0xda/0x120
[  831.844229][T14331]  should_fail_ex+0x3b0/0x4e0
[  831.848914][T14331]  _copy_to_user+0x31/0xb0
[  831.853331][T14331]  simple_read_from_buffer+0xca/0x150
[  831.858706][T14331]  proc_fail_nth_read+0x1e9/0x250
[  831.863734][T14331]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  831.869280][T14331]  ? rw_verify_area+0x55e/0x6f0
[  831.874126][T14331]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  831.879678][T14331]  vfs_read+0x1fc/0xb70
[  831.883839][T14331]  ? __pfx___mutex_lock+0x10/0x10
[  831.888864][T14331]  ? __pfx_vfs_read+0x10/0x10
[  831.893541][T14331]  ? __fget_files+0x2a/0x410
[  831.898127][T14331]  ? __fget_files+0x395/0x410
[  831.902797][T14331]  ? __fget_files+0x2a/0x410
[  831.907392][T14331]  ksys_read+0x18f/0x2b0
[  831.911724][T14331]  ? __pfx_ksys_read+0x10/0x10
[  831.916489][T14331]  ? do_syscall_64+0x100/0x230
[  831.921257][T14331]  ? do_syscall_64+0xb6/0x230
[  831.925934][T14331]  do_syscall_64+0xf3/0x230
[  831.930438][T14331]  ? clear_bhb_loop+0x35/0x90
[  831.935115][T14331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  831.941018][T14331] RIP: 0033:0x7fe52158473c
[  831.945432][T14331] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  831.965037][T14331] RSP: 002b:00007fe522428030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  831.973450][T14331] RAX: ffffffffffffffda RBX: 00007fe521775fa0 RCX: 00007fe52158473c
[  831.981422][T14331] RDX: 000000000000000f RSI: 00007fe5224280a0 RDI: 0000000000000006
[  831.989393][T14331] RBP: 00007fe522428090 R08: 0000000000000000 R09: 0000000000000000
[  831.997363][T14331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  832.005329][T14331] R13: 0000000000000000 R14: 00007fe521775fa0 R15: 00007ffffba4e6d8
[  832.013312][T14331]  </TASK>
[  832.512317][ T5929] usb 4-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  832.526782][ T5929] usb 4-1: New USB device strings: Mfr=27, Product=227, SerialNumber=3
[  832.535313][ T5929] usb 4-1: Product: syz
[  832.544215][ T5929] usb 4-1: Manufacturer: syz
[  832.554035][ T5929] usb 4-1: SerialNumber: syz
[  832.736564][ T5929] usb 4-1: config 0 descriptor??
[  833.211612][T14339] netlink: 'syz.5.2311': attribute type 1 has an invalid length.
[  833.741595][ T5929] usb-storage 4-1:0.0: USB Mass Storage device detected
[  834.693129][ T1204] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  834.740935][T14353] pim6reg1: entered promiscuous mode
[  834.756959][T14353] pim6reg1: entered allmulticast mode
[  834.912929][   T29] audit: type=1800 audit(1735033136.256:219): pid=14319 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.2307" name="/" dev="9p" ino=2 res=0 errno=0
[  835.016391][ T1204] usb 1-1: Using ep0 maxpacket: 8
[  835.026415][ T1204] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  835.041534][T11840] usb 4-1: USB disconnect, device number 43
[  835.042198][ T1204] usb 1-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  835.067234][ T1204] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  835.998741][ T1204] usb 1-1: config 0 descriptor??
[  836.021213][ T1204] gspca_main: vc032x-2.14.0 probing 046d:0892
[  836.523100][ T1204] gspca_vc032x: reg_r err -32
[  836.528372][ T1204] vc032x 1-1:0.0: probe with driver vc032x failed with error -32
[  838.100172][T14389] FAULT_INJECTION: forcing a failure.
[  838.100172][T14389] name failslab, interval 1, probability 0, space 0, times 0
[  838.129214][T14389] CPU: 1 UID: 0 PID: 14389 Comm: syz.6.2325 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[  838.140017][T14389] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  838.150099][T14389] Call Trace:
[  838.153397][T14389]  <TASK>
[  838.156347][T14389]  dump_stack_lvl+0x241/0x360
[  838.161067][T14389]  ? __pfx_dump_stack_lvl+0x10/0x10
[  838.166292][T14389]  ? __pfx__printk+0x10/0x10
[  838.170905][T14389]  ? __kmalloc_cache_noprof+0x48/0x390
[  838.176385][T14389]  ? __pfx___might_resched+0x10/0x10
[  838.181701][T14389]  should_fail_ex+0x3b0/0x4e0
[  838.181739][T14389]  should_failslab+0xac/0x100
[  838.191170][T14389]  __kmalloc_cache_noprof+0x70/0x390
[  838.196457][T14389]  ? br_vlan_add+0x208/0x970
[  838.201049][T14389]  br_vlan_add+0x208/0x970
[  838.205468][T14389]  __br_vlan_set_default_pvid+0x395/0xfb0
[  838.211195][T14389]  ? __pfx___br_vlan_set_default_pvid+0x10/0x10
[  838.217434][T14389]  ? __pfx___mutex_trylock_common+0x10/0x10
[  838.223331][T14389]  br_changelink+0x458/0x1840
[  838.228005][T14389]  ? __mutex_lock+0x37f/0xee0
[  838.232702][T14389]  ? __pfx_br_changelink+0x10/0x10
[  838.237811][T14389]  ? __pfx_lock_acquire+0x10/0x10
[  838.242831][T14389]  ? rtnl_link_ops_get+0x22/0x250
[  838.247858][T14389]  ? rtnl_newlink+0xce2/0x2210
[  838.252620][T14389]  ? __pfx___mutex_lock+0x10/0x10
[  838.257648][T14389]  ? cap_capable+0x1b4/0x250
[  838.262238][T14389]  ? safesetid_security_capable+0xb2/0x1d0
[  838.268052][T14389]  ? ns_capable+0x8a/0xf0
[  838.272384][T14389]  ? rtnl_link_get_net_capable+0x168/0x340
[  838.278189][T14389]  rtnl_newlink+0x1c15/0x2210
[  838.282871][T14389]  ? __pfx_rtnl_newlink+0x10/0x10
[  838.287893][T14389]  ? __netlink_deliver_tap+0x56b/0x7f0
[  838.293353][T14389]  ? __pfx_validate_chain+0x10/0x10
[  838.298550][T14389]  ? __sock_sendmsg+0x221/0x270
[  838.303397][T14389]  ? ____sys_sendmsg+0x52a/0x7e0
[  838.308329][T14389]  ? __sys_sendmsg+0x269/0x350
[  838.313089][T14389]  ? do_syscall_64+0xf3/0x230
[  838.317764][T14389]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  838.323848][T14389]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  838.329828][T14389]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  838.336155][T14389]  ? mark_lock+0x9a/0x360
[  838.340485][T14389]  ? __lock_acquire+0x1397/0x2100
[  838.345527][T14389]  ? __pfx_lock_release+0x10/0x10
[  838.350547][T14389]  ? cap_capable+0x1b4/0x250
[  838.355147][T14389]  ? __pfx_rtnl_newlink+0x10/0x10
[  838.360173][T14389]  rtnetlink_rcv_msg+0x791/0xcf0
[  838.365108][T14389]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  838.370225][T14389]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  838.375691][T14389]  ? ref_tracker_free+0x643/0x7e0
[  838.380720][T14389]  netlink_rcv_skb+0x1e3/0x430
[  838.385486][T14389]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  838.390947][T14389]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  838.396256][T14389]  ? netlink_deliver_tap+0x2e/0x1b0
[  838.401540][T14389]  netlink_unicast+0x7f6/0x990
[  838.406313][T14389]  ? __pfx_netlink_unicast+0x10/0x10
[  838.411600][T14389]  ? __virt_addr_valid+0x45f/0x530
[  838.416709][T14389]  ? __phys_addr_symbol+0x2f/0x70
[  838.421728][T14389]  ? __check_object_size+0x47a/0x730
[  838.427025][T14389]  netlink_sendmsg+0x8e4/0xcb0
[  838.431799][T14389]  ? __pfx_netlink_sendmsg+0x10/0x10
[  838.437095][T14389]  ? __pfx_netlink_sendmsg+0x10/0x10
[  838.442373][T14389]  __sock_sendmsg+0x221/0x270
[  838.447053][T14389]  ____sys_sendmsg+0x52a/0x7e0
[  838.451818][T14389]  ? __pfx_____sys_sendmsg+0x10/0x10
[  838.457097][T14389]  ? __fget_files+0x2a/0x410
[  838.461688][T14389]  ? __fget_files+0x2a/0x410
[  838.466291][T14389]  __sys_sendmsg+0x269/0x350
[  838.470894][T14389]  ? __pfx_lock_release+0x10/0x10
[  838.475920][T14389]  ? __pfx___sys_sendmsg+0x10/0x10
[  838.481038][T14389]  ? __pfx_vfs_write+0x10/0x10
[  838.485821][T14389]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  838.492155][T14389]  ? do_syscall_64+0x100/0x230
[  838.496924][T14389]  ? do_syscall_64+0xb6/0x230
[  838.501625][T14389]  do_syscall_64+0xf3/0x230
[  838.506146][T14389]  ? clear_bhb_loop+0x35/0x90
[  838.510834][T14389]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  838.516743][T14389] RIP: 0033:0x7f05ccb85d29
[  838.521162][T14389] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  838.541132][T14389] RSP: 002b:00007f05cd99d038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  838.549549][T14389] RAX: ffffffffffffffda RBX: 00007f05ccd75fa0 RCX: 00007f05ccb85d29
[  838.557529][T14389] RDX: 0000000000000000 RSI: 00000000200006c0 RDI: 000000000000000b
[  838.565516][T14389] RBP: 00007f05cd99d090 R08: 0000000000000000 R09: 0000000000000000
[  838.573497][T14389] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  838.581472][T14389] R13: 0000000000000000 R14: 00007f05ccd75fa0 R15: 00007ffc4b139968
[  838.589466][T14389]  </TASK>
[  838.592506][    C1] vkms_vblank_simulate: vblank timer overrun
[  839.243643][ T1204] usb 1-1: USB disconnect, device number 40
[  839.523988][T14370] Process accounting resumed
[  839.656374][ T1204] usb 1-1: new full-speed USB device number 41 using dummy_hcd
[  840.900080][ T1204] usb 1-1: config index 0 descriptor too short (expected 9, got 0)
[  840.924941][ T1204] usb 1-1: can't read configurations, error -22
[  840.938963][T14415] overlay: ./bus is not a directory
[  840.962992][T14419] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  840.990515][T14420] overlay: ./bus is not a directory
[  841.062019][ T1204] usb 1-1: new full-speed USB device number 42 using dummy_hcd
[  841.378662][ T1204] usb 1-1: config index 0 descriptor too short (expected 9, got 0)
[  841.400127][ T1204] usb 1-1: can't read configurations, error -22
[  841.438333][ T1204] usb usb1-port1: attempt power cycle
[  841.455251][T14425] IPVS: length: 198 != 24
[  841.857991][ T1204] usb 1-1: new full-speed USB device number 43 using dummy_hcd
[  841.937104][ T1204] usb 1-1: config index 0 descriptor too short (expected 9, got 0)
[  841.976331][ T1204] usb 1-1: can't read configurations, error -22
[  842.083665][T14432] xt_hashlimit: size too large, truncated to 1048576
[  842.126375][ T1204] usb 1-1: new full-speed USB device number 44 using dummy_hcd
[  842.178406][ T1204] usb 1-1: config index 0 descriptor too short (expected 9, got 0)
[  842.186613][ T1204] usb 1-1: can't read configurations, error -22
[  842.216945][ T1204] usb usb1-port1: unable to enumerate USB device
[  842.740435][T14438] afs: Unknown parameter 'dyˆ'
[  842.826590][T14441] cgroup: Invalid name
[  842.877064][T14441] FAULT_INJECTION: forcing a failure.
[  842.877064][T14441] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  842.890805][T14441] CPU: 0 UID: 0 PID: 14441 Comm: syz.0.2341 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[  842.901598][T14441] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  842.911676][T14441] Call Trace:
[  842.914972][T14441]  <TASK>
[  842.917926][T14441]  dump_stack_lvl+0x241/0x360
[  842.922633][T14441]  ? __pfx_dump_stack_lvl+0x10/0x10
[  842.927861][T14441]  ? __pfx__printk+0x10/0x10
[  842.932482][T14441]  ? __pfx_lock_release+0x10/0x10
[  842.937525][T14441]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  842.943514][T14441]  should_fail_ex+0x3b0/0x4e0
[  842.948205][T14441]  _copy_from_user+0x2f/0xc0
[  842.952805][T14441]  __se_sys_sendfile64+0xcd/0x1e0
[  842.957845][T14441]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  842.963488][T14441]  do_syscall_64+0xf3/0x230
[  842.968084][T14441]  ? clear_bhb_loop+0x35/0x90
[  842.972768][T14441]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  842.978670][T14441] RIP: 0033:0x7f38acf85d29
[  842.983082][T14441] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  843.002775][T14441] RSP: 002b:00007f38addf7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  843.011202][T14441] RAX: ffffffffffffffda RBX: 00007f38ad176080 RCX: 00007f38acf85d29
[  843.019182][T14441] RDX: 0000000020002080 RSI: 0000000000000009 RDI: 000000000000000a
[  843.027156][T14441] RBP: 00007f38addf7090 R08: 0000000000000000 R09: 0000000000000000
[  843.035124][T14441] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[  843.043092][T14441] R13: 0000000000000000 R14: 00007f38ad176080 R15: 00007ffec2333ed8
[  843.051076][T14441]  </TASK>
[  844.804978][T14448] IPv6: NLM_F_CREATE should be specified when creating new route
[  845.032616][   T29] audit: type=1326 audit(1735033145.766:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14442 comm="syz.6.2339" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f05ccb85d29 code=0x0
[  846.238123][T14464] Process accounting resumed
[  848.399360][T14481] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  848.406475][T14481] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  848.420671][T14481] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  848.427827][T14481] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  848.651250][T14498] program syz.7.2356 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  849.644425][T14518] FAULT_INJECTION: forcing a failure.
[  849.644425][T14518] name failslab, interval 1, probability 0, space 0, times 0
[  849.690474][T14518] CPU: 0 UID: 0 PID: 14518 Comm: syz.5.2361 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[  849.701285][T14518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  849.711341][T14518] Call Trace:
[  849.714619][T14518]  <TASK>
[  849.717552][T14518]  dump_stack_lvl+0x241/0x360
[  849.722237][T14518]  ? __pfx_dump_stack_lvl+0x10/0x10
[  849.727440][T14518]  ? __pfx__printk+0x10/0x10
[  849.732045][T14518]  ? __kmalloc_noprof+0xb5/0x4c0
[  849.736981][T14518]  ? __pfx___might_resched+0x10/0x10
[  849.742280][T14518]  should_fail_ex+0x3b0/0x4e0
[  849.746966][T14518]  should_failslab+0xac/0x100
[  849.751649][T14518]  __kmalloc_noprof+0xdd/0x4c0
[  849.756409][T14518]  ? bpf_test_init+0xe1/0x180
[  849.761098][T14518]  bpf_test_init+0xe1/0x180
[  849.765599][T14518]  bpf_prog_test_run_skb+0x2bb/0x1820
[  849.770970][T14518]  ? __pfx_lock_release+0x10/0x10
[  849.775998][T14518]  ? __pfx___might_resched+0x10/0x10
[  849.781292][T14518]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  849.787099][T14518]  ? __fget_files+0x2a/0x410
[  849.791688][T14518]  ? fput+0x21b/0x290
[  849.795665][T14518]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  849.801472][T14518]  bpf_prog_test_run+0x2e4/0x360
[  849.806411][T14518]  __sys_bpf+0x48d/0x810
[  849.810651][T14518]  ? __pfx___sys_bpf+0x10/0x10
[  849.815423][T14518]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  849.821404][T14518]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  849.827821][T14518]  ? do_syscall_64+0x100/0x230
[  849.832594][T14518]  __x64_sys_bpf+0x7c/0x90
[  849.837015][T14518]  do_syscall_64+0xf3/0x230
[  849.841521][T14518]  ? clear_bhb_loop+0x35/0x90
[  849.846198][T14518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  849.852099][T14518] RIP: 0033:0x7f2392985d29
[  849.856519][T14518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  849.876125][T14518] RSP: 002b:00007f2393885038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  849.884545][T14518] RAX: ffffffffffffffda RBX: 00007f2392b75fa0 RCX: 00007f2392985d29
[  849.892515][T14518] RDX: 0000000000000050 RSI: 0000000020000080 RDI: 000000000000000a
[  849.900487][T14518] RBP: 00007f2393885090 R08: 0000000000000000 R09: 0000000000000000
[  849.908454][T14518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  849.916421][T14518] R13: 0000000000000000 R14: 00007f2392b75fa0 R15: 00007fff60d31ce8
[  849.924401][T14518]  </TASK>
[  850.777030][T14523] workqueue: Failed to create a rescuer kthread for wq "wg-crypt-wireguard%d": -EINTR
[  850.781490][ T5137] Bluetooth: hci5: command 0x0c1a tx timeout
[  850.797188][ T5137] Bluetooth: hci3: command 0x0405 tx timeout
[  850.803283][ T5137] Bluetooth: hci1: command 0x0c1a tx timeout
[  851.537108][T14538] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2365'.
[  851.566210][T14538] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2365'.
[  851.650466][T14545] netlink: 56 bytes leftover after parsing attributes in process `syz.3.2368'.
[  851.667962][T14545] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2368'.
[  851.705839][T14549] xt_socket: unknown flags 0x4
[  851.796391][ T1204] usb 7-1: new full-speed USB device number 16 using dummy_hcd
[  851.959829][ T1204] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  851.974464][ T1204] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  851.996317][ T1204] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  852.018412][ T1204] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  852.043634][ T1204] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  852.076818][ T1204] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  852.106355][ T1204] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  852.128956][ T1204] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  852.168928][ T1204] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  852.193081][T14563] syzkaller0: entered promiscuous mode
[  852.205467][ T1204] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  852.222493][T14563] syzkaller0: entered allmulticast mode
[  852.229788][ T1204] usb 7-1: config 168 descriptor has 1 excess byte, ignoring
[  852.239856][ T1204] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 64
[  852.256328][ T1204] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  852.276320][ T1204] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  852.302717][ T1204] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  852.324463][ T1204] usb 7-1: string descriptor 0 read error: -22
[  852.336458][ T1204] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  852.345525][ T1204] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  852.379377][ T1204] adutux 7-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  852.840619][T10728] Bluetooth: hci3: command 0x0405 tx timeout
[  854.910451][T14584] syz_tun: tun_net_xmit 54
[  854.925492][T10728] Bluetooth: hci3: command 0x0405 tx timeout
[  855.119255][T10719] usb 7-1: USB disconnect, device number 16
[  856.085645][T14602] netlink: 'syz.3.2389': attribute type 1 has an invalid length.
[  857.009291][T14621] xfs: Unknown parameter 'grpquota/tun'
[  858.664275][T14640] syz_tun: tun_net_xmit 86
[  858.679268][T14643] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[  858.702692][T14643] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  858.916331][ T1204] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  859.047526][ T1204] usb 4-1: device descriptor read/64, error -71
[  859.535505][ T1204] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  859.716494][    C1] syz_tun: tun_net_xmit 86
[  859.726408][ T1204] usb 4-1: device descriptor read/64, error -71
[  859.836696][ T1204] usb usb4-port1: attempt power cycle
[  860.186630][ T1204] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  860.241097][ T1204] usb 4-1: device descriptor read/8, error -71
[  860.486841][ T1204] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  860.551270][ T1204] usb 4-1: device descriptor read/8, error -71
[  860.667499][ T1204] usb usb4-port1: unable to enumerate USB device
[  860.756737][    C1] syz_tun: tun_net_xmit 86
[  860.896067][T14680] FAULT_INJECTION: forcing a failure.
[  860.896067][T14680] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  860.909306][T14680] CPU: 0 UID: 0 PID: 14680 Comm: syz.7.2410 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[  860.920086][T14680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  860.930153][T14680] Call Trace:
[  860.933439][T14680]  <TASK>
[  860.936384][T14680]  dump_stack_lvl+0x241/0x360
[  860.941081][T14680]  ? __pfx_dump_stack_lvl+0x10/0x10
[  860.946292][T14680]  ? __pfx__printk+0x10/0x10
[  860.950903][T14680]  ? __pfx_lock_release+0x10/0x10
[  860.955960][T14680]  should_fail_ex+0x3b0/0x4e0
[  860.960673][T14680]  _copy_from_user+0x2f/0xc0
[  860.965280][T14680]  copy_msghdr_from_user+0xae/0x680
[  860.970496][T14680]  ? __pfx___might_resched+0x10/0x10
[  860.975800][T14680]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  860.981623][T14680]  ? __fget_files+0x2a/0x410
[  860.986228][T14680]  ? __sys_sendmmsg+0x392/0x720
[  860.991098][T14680]  ? __might_fault+0xaa/0x120
[  860.995793][T14680]  __sys_sendmmsg+0x32b/0x720
[  861.000495][T14680]  ? __pfx___sys_sendmmsg+0x10/0x10
[  861.005712][T14680]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  861.011740][T14680]  ? irqentry_exit+0x63/0x90
[  861.016361][T14680]  ? lock_release+0x658/0xa30
[  861.021072][T14680]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  861.027007][T14680]  ? ksys_write+0x22a/0x2b0
[  861.031526][T14680]  ? preempt_schedule_thunk+0x1a/0x30
[  861.036921][T14680]  ? __pfx_lock_release+0x10/0x10
[  861.041975][T14680]  ? sb_start_write+0x107/0x1c0
[  861.046855][T14680]  ? vfs_write+0x730/0xd30
[  861.051296][T14680]  ? __mutex_unlock_slowpath+0x21e/0x790
[  861.056985][T14680]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  861.062987][T14680]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  861.069330][T14680]  ? do_syscall_64+0x100/0x230
[  861.074118][T14680]  __x64_sys_sendmmsg+0xa0/0xb0
[  861.078992][T14680]  do_syscall_64+0xf3/0x230
[  861.083514][T14680]  ? clear_bhb_loop+0x35/0x90
[  861.088203][T14680]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.094118][T14680] RIP: 0033:0x7fe521585d29
[  861.098550][T14680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  861.118174][T14680] RSP: 002b:00007fe5223e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  861.126610][T14680] RAX: ffffffffffffffda RBX: 00007fe521776160 RCX: 00007fe521585d29
[  861.134590][T14680] RDX: 00000000000002e9 RSI: 0000000020000480 RDI: 0000000000000005
[  861.142579][T14680] RBP: 00007fe5223e6090 R08: 0000000000000000 R09: 0000000000000000
[  861.150560][T14680] R10: 000000000000ffd8 R11: 0000000000000246 R12: 0000000000000001
[  861.158546][T14680] R13: 0000000000000000 R14: 00007fe521776160 R15: 00007ffffba4e6d8
[  861.166548][T14680]  </TASK>
[  861.238540][T14682] FAULT_INJECTION: forcing a failure.
[  861.238540][T14682] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  861.273516][T14682] CPU: 1 UID: 0 PID: 14682 Comm: syz.0.2411 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[  861.284519][T14682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  861.294605][T14682] Call Trace:
[  861.297911][T14682]  <TASK>
[  861.300863][T14682]  dump_stack_lvl+0x241/0x360
[  861.305570][T14682]  ? __pfx_dump_stack_lvl+0x10/0x10
[  861.310800][T14682]  ? __pfx__printk+0x10/0x10
[  861.315414][T14682]  ? __pfx_lock_release+0x10/0x10
[  861.320472][T14682]  should_fail_ex+0x3b0/0x4e0
[  861.325182][T14682]  _copy_from_iter+0x1e9/0x1c20
[  861.330060][T14682]  ? __virt_addr_valid+0x183/0x530
[  861.335202][T14682]  ? __pfx__copy_from_iter+0x10/0x10
[  861.340517][T14682]  ? __virt_addr_valid+0x183/0x530
[  861.345656][T14682]  ? __virt_addr_valid+0x183/0x530
[  861.350804][T14682]  ? __virt_addr_valid+0x45f/0x530
[  861.355940][T14682]  ? __phys_addr_symbol+0x2f/0x70
[  861.360987][T14682]  ? __check_object_size+0x47a/0x730
[  861.366315][T14682]  j1939_sk_sendmsg+0x8d6/0x14c0
[  861.371277][T14682]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  861.377041][T14682]  ? __pfx_j1939_sk_sendmsg+0x10/0x10
[  861.382441][T14682]  ? __import_iovec+0x590/0x870
[  861.387328][T14682]  ? __pfx_j1939_sk_sendmsg+0x10/0x10
[  861.392723][T14682]  __sock_sendmsg+0x221/0x270
[  861.397433][T14682]  ____sys_sendmsg+0x52a/0x7e0
[  861.402237][T14682]  ? __pfx_____sys_sendmsg+0x10/0x10
[  861.407550][T14682]  ? __fget_files+0x2a/0x410
[  861.412168][T14682]  ? __fget_files+0x2a/0x410
[  861.416790][T14682]  __sys_sendmsg+0x269/0x350
[  861.421404][T14682]  ? __pfx_lock_release+0x10/0x10
[  861.426636][T14682]  ? __pfx___sys_sendmsg+0x10/0x10
[  861.431794][T14682]  ? __pfx_vfs_write+0x10/0x10
[  861.436606][T14682]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  861.442960][T14682]  ? do_syscall_64+0x100/0x230
[  861.447754][T14682]  ? do_syscall_64+0xb6/0x230
[  861.452489][T14682]  do_syscall_64+0xf3/0x230
[  861.457024][T14682]  ? clear_bhb_loop+0x35/0x90
[  861.461723][T14682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.467642][T14682] RIP: 0033:0x7f38acf85d29
[  861.472180][T14682] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  861.491811][T14682] RSP: 002b:00007f38ade18038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  861.500253][T14682] RAX: ffffffffffffffda RBX: 00007f38ad175fa0 RCX: 00007f38acf85d29
[  861.508246][T14682] RDX: 00000000000000ee RSI: 00000000200001c0 RDI: 0000000000000004
[  861.516237][T14682] RBP: 00007f38ade18090 R08: 0000000000000000 R09: 0000000000000000
[  861.524234][T14682] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  861.532224][T14682] R13: 0000000000000000 R14: 00007f38ad175fa0 R15: 00007ffec2333ed8
[  861.540238][T14682]  </TASK>
[  861.543479][    C1] vkms_vblank_simulate: vblank timer overrun
[  862.012606][T14689] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  862.486186][    C0] vcan0: j1939_tp_rxtimer: 0xffff88807c6a8400: rx timeout, send abort
[  862.994513][    C0] vcan0: j1939_tp_rxtimer: 0xffff88807c6a8400: abort rx timeout. Force session deactivation
[  863.278825][T14702] serio: Serial port ptm0
[  863.392368][T14709] Process accounting resumed
[  865.201532][   T29] audit: type=1804 audit(1735033166.546:221): pid=14723 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.0.2422" name="/newroot/508/bus/bus" dev="overlay" ino=2710 res=1 errno=0
[  865.222963][T10719] syz_tun: tun_net_xmit 110
[  865.537221][T10719] syz_tun: tun_net_xmit 110
[  866.498444][T14741] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2425'.
[  866.566408][ T5904] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[  866.764275][ T5904] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  867.066265][ T5904] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  867.076017][ T5904] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  867.301962][T14750] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  868.059017][ T5904] usb 6-1: New USB device found, idVendor=20d6, idProduct=cb17, bcdDevice= 0.00
[  868.068262][ T5904] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  868.876750][ T5904] usb 6-1: config 0 descriptor??
[  869.136369][ T5876] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  869.405257][ T5904] hid-udraw 0003:20D6:CB17.000C: unbalanced delimiter at end of report description
[  869.415363][ T5904] hid-udraw 0003:20D6:CB17.000C: parse failed
[  869.421709][ T5904] hid-udraw 0003:20D6:CB17.000C: probe with driver hid-udraw failed with error -22
[  869.466317][ T5876] usb 1-1: device descriptor read/64, error -71
[  869.748954][ T5876] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  869.886480][ T5876] usb 1-1: device descriptor read/64, error -71
[  869.955954][T11840] usb 6-1: USB disconnect, device number 43
[  870.018061][T14766] cgroup: Bad value for 'name'
[  870.056626][ T5876] usb usb1-port1: attempt power cycle
[  870.284741][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  870.291367][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  872.828242][T14795] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  874.203397][ T5876] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  874.846328][ T5876] usb 4-1: Using ep0 maxpacket: 8
[  874.867372][ T5876] usb 4-1: unable to get BOS descriptor or descriptor too short
[  874.890041][ T5876] usb 4-1: config 7 has an invalid interface number: 67 but max is 0
[  874.910176][ T5876] usb 4-1: config 7 has no interface number 0
[  874.946760][ T5876] usb 4-1: string descriptor 0 read error: -22
[  874.958744][ T5876] usb 4-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=6b.16
[  874.968336][ T5876] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  875.020293][T14133] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  875.047317][T14133] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  875.062310][T14818] cgroup: Invalid name
[  875.068411][T14133] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  875.180911][T14133] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  875.211018][T14133] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  875.222984][T14133] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  875.224166][ T5876] usb 4-1: USB disconnect, device number 48
[  875.385210][T14823] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2449'.
[  875.456332][T14823] netlink: 16 bytes leftover after parsing attributes in process `syz.7.2449'.
[  876.134324][T14830] Process accounting resumed
[  876.458271][T14813] chnl_net:caif_netlink_parms(): no params data found
[  876.824806][T14844] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4102857745 (32822861960 ns) > initial count (10843324416 ns). Using initial count to start timer.
[  877.028274][T14813] bridge0: port 1(bridge_slave_0) entered blocking state
[  877.081668][T14813] bridge0: port 1(bridge_slave_0) entered disabled state
[  877.101065][T14813] bridge_slave_0: entered allmulticast mode
[  877.130931][T14813] bridge_slave_0: entered promiscuous mode
[  877.165956][T14813] bridge0: port 2(bridge_slave_1) entered blocking state
[  877.192714][T14813] bridge0: port 2(bridge_slave_1) entered disabled state
[  877.203467][T14813] bridge_slave_1: entered allmulticast mode
[  877.218396][T14813] bridge_slave_1: entered promiscuous mode
[  877.316498][T14133] Bluetooth: hci4: command tx timeout
[  877.358734][T14813] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  877.382407][T14813] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  878.035693][   T29] audit: type=1326 audit(1735033179.376:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14862 comm="syz.5.2460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2392985d29 code=0x7ffc0000
[  878.256287][   T29] audit: type=1326 audit(1735033179.406:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14862 comm="syz.5.2460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2392985d29 code=0x7ffc0000
[  878.278035][   T29] audit: type=1326 audit(1735033179.406:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14862 comm="syz.5.2460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2392985d29 code=0x7ffc0000
[  878.300214][   T29] audit: type=1326 audit(1735033179.406:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14862 comm="syz.5.2460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2392985d29 code=0x7ffc0000
[  878.326450][   T29] audit: type=1326 audit(1735033179.406:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14862 comm="syz.5.2460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2392985d29 code=0x7ffc0000
[  878.348502][   T29] audit: type=1326 audit(1735033179.406:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14862 comm="syz.5.2460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2392985d29 code=0x7ffc0000
[  878.377894][   T29] audit: type=1326 audit(1735033179.406:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14862 comm="syz.5.2460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2392985d29 code=0x7ffc0000
[  878.414698][   T29] audit: type=1326 audit(1735033179.406:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14862 comm="syz.5.2460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2392985d29 code=0x7ffc0000
[  878.452408][   T29] audit: type=1326 audit(1735033179.416:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14862 comm="syz.5.2460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f2392985d29 code=0x7ffc0000
[  878.506462][   T29] audit: type=1326 audit(1735033179.416:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14862 comm="syz.5.2460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2392985d29 code=0x7ffc0000
[  878.748299][T14876] netlink: 'syz.7.2461': attribute type 10 has an invalid length.
[  878.919531][T14813] team0: Port device team_slave_0 added
[  878.945146][T14876] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  878.988917][T14876] batman_adv: batadv0: Removing interface: batadv_slave_0
[  879.097276][T14876] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  879.123841][T14813] team0: Port device team_slave_1 added
[  879.166665][    C1] Illegal XDP return value 16128 on prog  (id 551) dev batadv_slave_0, expect packet loss!
[  879.246595][ T5873] usb 6-1: new high-speed USB device number 44 using dummy_hcd
[  879.369602][T14813] batman_adv: batadv0: Adding interface: batadv_slave_0
[  879.388950][T14813] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  879.414973][    C1] vkms_vblank_simulate: vblank timer overrun
[  879.416603][T14133] Bluetooth: hci4: command tx timeout
[  879.446660][ T5873] usb 6-1: Using ep0 maxpacket: 16
[  879.478615][ T5873] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  879.501814][ T5873] usb 6-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b5.89
[  879.515871][ T5873] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  879.524889][ T5873] usb 6-1: Product: syz
[  879.529250][ T5873] usb 6-1: Manufacturer: syz
[  879.533863][ T5873] usb 6-1: SerialNumber: syz
[  879.541970][ T5873] usb 6-1: config 0 descriptor??
[  879.559066][ T5873] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622
[  879.576383][T14813] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  879.622445][T14813] batman_adv: batadv0: Adding interface: batadv_slave_1
[  879.660943][T14813] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  879.705238][T14813] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  880.030353][ T5873] gspca_pac7302: reg_w() failed i: 78 v: 00 error -71
[  880.038528][ T5873] gspca_pac7302 6-1:0.0: probe with driver gspca_pac7302 failed with error -71
[  880.049391][ T5873] usb 6-1: USB disconnect, device number 44
[  881.061151][T14813] hsr_slave_0: entered promiscuous mode
[  881.258984][T14813] hsr_slave_1: entered promiscuous mode
[  881.513811][T14133] Bluetooth: hci4: command tx timeout
[  882.561165][T14813] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  882.580416][T14813] Cannot create hsr debugfs directory
[  883.185390][T14905] bridge0: port 2(bridge_slave_1) entered disabled state
[  883.194632][T14905] bridge0: port 1(bridge_slave_0) entered disabled state
[  883.410445][T11840] syz_tun: tun_net_xmit 110
[  883.556614][T14133] Bluetooth: hci4: command tx timeout
[  884.535140][ T5876] syz_tun: tun_net_xmit 110
[  884.695603][T14813] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  884.946864][T14813] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  885.105912][T14813] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  885.155799][T14938] cgroup: Invalid name
[  885.298112][T14813] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  886.173157][   T29] kauditd_printk_skb: 43 callbacks suppressed
[  886.186273][   T29] audit: type=1326 audit(1735033187.076:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14941 comm="syz.7.2479" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe521585d29 code=0x0
[  886.253268][T14950] syz_tun: tun_net_xmit 86
[  886.578182][T14813] 8021q: adding VLAN 0 to HW filter on device bond0
[  886.620362][T14813] 8021q: adding VLAN 0 to HW filter on device team0
[  886.644010][T12196] bridge0: port 1(bridge_slave_0) entered blocking state
[  886.651202][T12196] bridge0: port 1(bridge_slave_0) entered forwarding state
[  886.726449][ T5876] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  886.980899][ T5876] usb 4-1: config 0 has an invalid interface number: 83 but max is 0
[  887.016241][ T5876] usb 4-1: config 0 contains an unexpected descriptor of type 0x1, skipping
[  887.066316][ T5876] usb 4-1: config 0 has no interface number 0
[  887.072465][ T5876] usb 4-1: config 0 interface 83 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  887.103260][T12204] bridge0: port 2(bridge_slave_1) entered blocking state
[  887.110433][T12204] bridge0: port 2(bridge_slave_1) entered forwarding state
[  887.174051][ T5876] usb 4-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice=39.61
[  887.256421][ T5876] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  887.316596][    C1] syz_tun: tun_net_xmit 86
[  887.432098][ T5876] usb 4-1: config 0 descriptor??
[  887.471233][ T5876] ttusbir 4-1:0.83: cannot find expected altsetting
[  888.085143][T14959] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  888.356386][    C1] syz_tun: tun_net_xmit 86
[  888.412426][T14813] 8021q: adding VLAN 0 to HW filter on device batadv0
[  889.618657][T10719] usb 4-1: USB disconnect, device number 49
[  889.860500][T14991] cgroup: Invalid name
[  890.884390][T14997] 9pnet_fd: Insufficient options for proto=fd
[  891.161010][T15006] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2493'.
[  893.099969][T15033] IPVS: set_ctl: invalid protocol: 8 224.0.0.1:20002
[  893.411529][T14813] veth0_vlan: entered promiscuous mode
[  893.438134][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  893.462641][T14813] veth1_vlan: entered promiscuous mode
[  893.497140][T14813] veth0_macvtap: entered promiscuous mode
[  893.505998][T14813] veth1_macvtap: entered promiscuous mode
[  893.521158][T14813] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  893.531965][T14813] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  893.545595][T14813] batman_adv: batadv0: Interface activated: batadv_slave_0
[  893.556040][T14813] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  893.566874][T14813] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  893.576817][T14813] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  893.628608][T14813] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  893.639577][T14813] batman_adv: batadv0: Interface activated: batadv_slave_1
[  893.700197][T14813] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  893.711781][T14813] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  893.720829][T14813] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  893.755720][T11840] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[  893.826404][T14813] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  893.960589][T11840] usb 6-1: device descriptor read/64, error -71
[  894.000801][T15049] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  894.057943][T15049] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  894.206441][T11840] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[  894.336285][T11840] usb 6-1: device descriptor read/64, error -71
[  894.456608][T11840] usb usb6-port1: attempt power cycle
[  894.525731][T15053] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2504'.
[  894.605427][T12196] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  894.618308][T12196] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  894.770045][T12197] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  894.786003][T12197] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  894.836391][T11840] usb 6-1: new high-speed USB device number 47 using dummy_hcd
[  894.878862][T11840] usb 6-1: device descriptor read/8, error -71
[  895.142233][T11840] usb 6-1: new high-speed USB device number 48 using dummy_hcd
[  895.506263][T11840] usb 6-1: device descriptor read/8, error -71
[  895.660306][T11840] usb usb6-port1: unable to enumerate USB device
[  897.924101][   T29] audit: type=1326 audit(1735033198.706:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15065 comm="syz.8.2444" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2308b85d29 code=0x0
[  897.945186][    C1] vkms_vblank_simulate: vblank timer overrun
[  898.423343][T15098] cgroup: Bad value for 'name'
[  898.565347][T15085] syzkaller0: entered promiscuous mode
[  898.566359][T15054] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[  898.586369][T15085] syzkaller0: entered allmulticast mode
[  899.128981][T15116] IPVS: length: 60 != 8
[  899.424831][ T5904] hid-generic 0000:0003:0000.000D: unknown main item tag 0x0
[  899.455824][ T5904] hid-generic 0000:0003:0000.000D: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  909.778948][ T5881] syz_tun: tun_net_xmit 110
[  910.537453][T15153] FAULT_INJECTION: forcing a failure.
[  910.537453][T15153] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  910.553095][T15153] CPU: 0 UID: 0 PID: 15153 Comm: syz.7.2524 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[  910.564063][T15153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  910.574137][T15153] Call Trace:
[  910.577524][T15153]  <TASK>
[  910.580474][T15153]  dump_stack_lvl+0x241/0x360
[  910.585180][T15153]  ? __pfx_dump_stack_lvl+0x10/0x10
[  910.590402][T15153]  ? __pfx__printk+0x10/0x10
[  910.595013][T15153]  ? __pfx_lock_release+0x10/0x10
[  910.600065][T15153]  should_fail_ex+0x3b0/0x4e0
[  910.604780][T15153]  _copy_from_user+0x2f/0xc0
[  910.609390][T15153]  generic_map_update_batch+0x5ba/0x900
[  910.614970][T15153]  ? __pfx_generic_map_update_batch+0x10/0x10
[  910.621052][T15153]  ? __fget_files+0x395/0x410
[  910.625741][T15153]  ? __fget_files+0x2a/0x410
[  910.630351][T15153]  ? __pfx_generic_map_update_batch+0x10/0x10
[  910.636436][T15153]  bpf_map_do_batch+0x39a/0x660
[  910.641304][T15153]  __sys_bpf+0x377/0x810
[  910.645560][T15153]  ? __pfx___sys_bpf+0x10/0x10
[  910.650357][T15153]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  910.656358][T15153]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  910.662704][T15153]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  910.669040][T15153]  ? __irq_exit_rcu+0x105/0x220
[  910.673920][T15153]  __x64_sys_bpf+0x7c/0x90
[  910.678357][T15153]  do_syscall_64+0xf3/0x230
[  910.682881][T15153]  ? clear_bhb_loop+0x35/0x90
[  910.687669][T15153]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  910.693593][T15153] RIP: 0033:0x7fe521585d29
[  910.698025][T15153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  910.717651][T15153] RSP: 002b:00007fe5223e6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  910.726087][T15153] RAX: ffffffffffffffda RBX: 00007fe521776160 RCX: 00007fe521585d29
[  910.734071][T15153] RDX: 0000000000000038 RSI: 0000000020000780 RDI: 000000000000001a
[  910.742062][T15153] RBP: 00007fe5223e6090 R08: 0000000000000000 R09: 0000000000000000
[  910.750065][T15153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  910.758062][T15153] R13: 0000000000000000 R14: 00007fe521776160 R15: 00007ffffba4e6d8
[  910.766078][T15153]  </TASK>
[  911.023255][ T5881] syz_tun: tun_net_xmit 110
[  911.116153][T15157] netlink: 44 bytes leftover after parsing attributes in process `syz.3.2527'.
[  912.522007][T15170] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[  913.177499][T15189] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2530'.
[  913.313187][T15189] netlink: 64 bytes leftover after parsing attributes in process `syz.5.2530'.
[  913.407023][T15189] netlink: 688 bytes leftover after parsing attributes in process `syz.5.2530'.
[  913.446381][T15189] netlink: 64 bytes leftover after parsing attributes in process `syz.5.2530'.
[  913.762664][T15176] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  915.325904][ T5873] hid-generic 0000:0003:0000.000E: unknown main item tag 0x0
[  915.335491][ T5873] hid-generic 0000:0003:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  915.580036][T15217] syzkaller0: entered promiscuous mode
[  915.601240][T15217] syzkaller0: entered allmulticast mode
[  924.256917][T15241] bond0: (slave geneve2): Releasing active interface
[  924.264188][T11840] syz_tun: tun_net_xmit 110
[  924.448932][T15251] FAULT_INJECTION: forcing a failure.
[  924.448932][T15251] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  924.465983][T11840] syz_tun: tun_net_xmit 110
[  924.506349][T15251] CPU: 0 UID: 0 PID: 15251 Comm: syz.5.2550 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[  924.517152][T15251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  924.527204][T15251] Call Trace:
[  924.530485][T15251]  <TASK>
[  924.533415][T15251]  dump_stack_lvl+0x241/0x360
[  924.538100][T15251]  ? __pfx_dump_stack_lvl+0x10/0x10
[  924.543297][T15251]  ? __pfx__printk+0x10/0x10
[  924.547891][T15251]  ? snprintf+0xda/0x120
[  924.552134][T15251]  should_fail_ex+0x3b0/0x4e0
[  924.556820][T15251]  _copy_to_user+0x31/0xb0
[  924.561240][T15251]  simple_read_from_buffer+0xca/0x150
[  924.566623][T15251]  proc_fail_nth_read+0x1e9/0x250
[  924.571672][T15251]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  924.577239][T15251]  ? rw_verify_area+0x55e/0x6f0
[  924.582106][T15251]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  924.587665][T15251]  vfs_read+0x1fc/0xb70
[  924.591834][T15251]  ? __pfx___mutex_lock+0x10/0x10
[  924.596868][T15251]  ? __pfx_vfs_read+0x10/0x10
[  924.601551][T15251]  ? __fget_files+0x2a/0x410
[  924.606142][T15251]  ? __fget_files+0x395/0x410
[  924.610820][T15251]  ? __fget_files+0x2a/0x410
[  924.615435][T15251]  ksys_read+0x18f/0x2b0
[  924.620046][T15251]  ? __pfx_ksys_read+0x10/0x10
[  924.624816][T15251]  ? __secure_computing+0x125/0x370
[  924.630023][T15251]  do_syscall_64+0xf3/0x230
[  924.634533][T15251]  ? clear_bhb_loop+0x35/0x90
[  924.639217][T15251]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  924.645125][T15251] RIP: 0033:0x7f239298473c
[  924.649541][T15251] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  924.669147][T15251] RSP: 002b:00007f2393885030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  924.677568][T15251] RAX: ffffffffffffffda RBX: 00007f2392b75fa0 RCX: 00007f239298473c
[  924.685539][T15251] RDX: 000000000000000f RSI: 00007f23938850a0 RDI: 0000000000000004
[  924.693509][T15251] RBP: 00007f2393885090 R08: 0000000000000000 R09: 0000000000000000
[  924.701493][T15251] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  924.709470][T15251] R13: 0000000000000000 R14: 00007f2392b75fa0 R15: 00007fff60d31ce8
[  924.717459][T15251]  </TASK>
[  924.836812][T15256] cgroup: Bad value for 'name'
[  925.226322][ T5929] usb 6-1: new high-speed USB device number 49 using dummy_hcd
[  925.386390][ T5929] usb 6-1: Using ep0 maxpacket: 32
[  925.393515][ T5929] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  925.406534][ T5929] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  925.416502][ T5929] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  925.425855][ T5929] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  925.477180][ T5929] usb 6-1: config 0 descriptor??
[  925.518750][    C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  925.899479][ T5929] ft260 0003:0403:6030.000F: item fetching failed at offset 0/2
[  925.912877][ T5929] ft260 0003:0403:6030.000F: failed to parse HID
[  925.926398][ T5929] ft260 0003:0403:6030.000F: probe with driver ft260 failed with error -22
[  926.836644][   T29] audit: type=1326 audit(1735033228.176:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15269 comm="syz.3.2555" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1763185d29 code=0x0
[  927.424972][ T5874] usb 6-1: USB disconnect, device number 49
[  927.596316][T15284] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2559'.
[  927.605245][T15284] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2559'.
[  928.079019][T15292] netlink: 108 bytes leftover after parsing attributes in process `syz.7.2562'.
[  928.088296][T15292] netlink: 'syz.7.2562': attribute type 1 has an invalid length.
[  928.096749][T15292] netlink: 52 bytes leftover after parsing attributes in process `syz.7.2562'.
[  928.105980][T15292] FAULT_INJECTION: forcing a failure.
[  928.105980][T15292] name failslab, interval 1, probability 0, space 0, times 0
[  928.118981][T15292] CPU: 0 UID: 0 PID: 15292 Comm: syz.7.2562 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[  928.129776][T15292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  928.139856][T15292] Call Trace:
[  928.143161][T15292]  <TASK>
[  928.146112][T15292]  dump_stack_lvl+0x241/0x360
[  928.150832][T15292]  ? __pfx_dump_stack_lvl+0x10/0x10
[  928.156117][T15292]  should_fail_ex+0x3b0/0x4e0
[  928.160823][T15292]  should_failslab+0xac/0x100
[  928.165514][T15292]  kmem_cache_alloc_node_noprof+0x77/0x380
[  928.171325][T15292]  ? __alloc_skb+0x1c3/0x440
[  928.175917][T15292]  __alloc_skb+0x1c3/0x440
[  928.180336][T15292]  ? __pfx___alloc_skb+0x10/0x10
[  928.185273][T15292]  ? netlink_ack_tlv_len+0x6e/0x200
[  928.190469][T15292]  netlink_ack+0x145/0xa50
[  928.194885][T15292]  ? kasan_check_range+0xaa/0x290
[  928.199917][T15292]  netlink_rcv_skb+0x262/0x430
[  928.204676][T15292]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  928.210140][T15292]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  928.215426][T15292]  ? cap_capable+0x1b4/0x250
[  928.220013][T15292]  ? safesetid_security_capable+0xb2/0x1d0
[  928.225815][T15292]  ? bpf_lsm_capable+0x9/0x10
[  928.230491][T15292]  ? security_capable+0x7e/0x2d0
[  928.235430][T15292]  nfnetlink_rcv+0x297/0x2ab0
[  928.240108][T15292]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  928.245847][T15292]  ? __dev_queue_xmit+0x2f4/0x3f50
[  928.250962][T15292]  ? __dev_queue_xmit+0x1775/0x3f50
[  928.256159][T15292]  ? kasan_save_track+0x51/0x80
[  928.261026][T15292]  ? ____sys_sendmsg+0x52a/0x7e0
[  928.265965][T15292]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  928.271077][T15292]  ? __dev_queue_xmit+0x2f4/0x3f50
[  928.276196][T15292]  ? __pfx___dev_queue_xmit+0x10/0x10
[  928.281584][T15292]  ? ref_tracker_free+0x643/0x7e0
[  928.286608][T15292]  ? __pfx_ref_tracker_free+0x10/0x10
[  928.291987][T15292]  ? netlink_deliver_tap+0x2e/0x1b0
[  928.297184][T15292]  ? __pfx_lock_release+0x10/0x10
[  928.302206][T15292]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  928.307668][T15292]  ? netlink_deliver_tap+0x2e/0x1b0
[  928.312869][T15292]  netlink_unicast+0x7f6/0x990
[  928.317729][T15292]  ? __pfx_netlink_unicast+0x10/0x10
[  928.323054][T15292]  ? __virt_addr_valid+0x45f/0x530
[  928.328163][T15292]  ? __phys_addr_symbol+0x2f/0x70
[  928.333181][T15292]  ? __check_object_size+0x47a/0x730
[  928.338504][T15292]  netlink_sendmsg+0x8e4/0xcb0
[  928.343274][T15292]  ? __pfx_netlink_sendmsg+0x10/0x10
[  928.348563][T15292]  ? __pfx_netlink_sendmsg+0x10/0x10
[  928.353843][T15292]  __sock_sendmsg+0x221/0x270
[  928.358527][T15292]  ____sys_sendmsg+0x52a/0x7e0
[  928.363302][T15292]  ? __pfx_____sys_sendmsg+0x10/0x10
[  928.368585][T15292]  ? __fget_files+0x2a/0x410
[  928.373184][T15292]  ? __fget_files+0x2a/0x410
[  928.377779][T15292]  __sys_sendmsg+0x269/0x350
[  928.382377][T15292]  ? __pfx___sys_sendmsg+0x10/0x10
[  928.387503][T15292]  ? __pfx_sched_clock_cpu+0x10/0x10
[  928.392790][T15292]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  928.398688][T15292]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  928.405011][T15292]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  928.411330][T15292]  ? __irq_exit_rcu+0x105/0x220
[  928.416188][T15292]  ? do_syscall_64+0xb6/0x230
[  928.420871][T15292]  do_syscall_64+0xf3/0x230
[  928.425372][T15292]  ? clear_bhb_loop+0x35/0x90
[  928.430046][T15292]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  928.435938][T15292] RIP: 0033:0x7fe521585d29
[  928.440351][T15292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  928.459952][T15292] RSP: 002b:00007fe522386038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  928.468369][T15292] RAX: ffffffffffffffda RBX: 00007fe521776080 RCX: 00007fe521585d29
[  928.476341][T15292] RDX: 0000000004000000 RSI: 00000000200002c0 RDI: 0000000000000005
[  928.484310][T15292] RBP: 00007fe522386090 R08: 0000000000000000 R09: 0000000000000000
[  928.492278][T15292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  928.500247][T15292] R13: 0000000000000000 R14: 00007fe521776080 R15: 00007ffffba4e6d8
[  928.508227][T15292]  </TASK>
[  929.313678][T15301] input: syz0 as /devices/virtual/input/input24
[  931.209335][T11840] usb 6-1: new high-speed USB device number 50 using dummy_hcd
[  931.797256][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  931.803689][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  931.916248][T11840] usb 6-1: Using ep0 maxpacket: 32
[  931.928806][T11840] usb 6-1: config 0 has an invalid interface number: 51 but max is 0
[  931.959422][T11840] usb 6-1: config 0 has no interface number 0
[  931.988185][T11840] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  932.038410][T11840] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  932.079364][T11840] usb 6-1: Product: syz
[  932.083590][T11840] usb 6-1: Manufacturer: syz
[  932.107869][T11840] usb 6-1: SerialNumber: syz
[  932.123947][T11840] usb 6-1: config 0 descriptor??
[  932.164487][T11840] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  932.396439][T11840] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  932.400419][T10728] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  932.418418][T10728] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  932.430823][T10728] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  932.440359][T10728] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  932.446392][T11840] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  932.448068][T10728] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  932.481578][T10728] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  933.083325][ T5929] usb 6-1: USB disconnect, device number 50
[  933.086828][    C0] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71
[  933.104523][ T5929] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  933.292267][ T5929] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  933.363005][ T5929] quatech2 6-1:0.51: device disconnected
[  934.142079][T15341] cgroup: Invalid name
[  934.324070][T15347] input: syz0 as /devices/virtual/input/input25
[  934.768064][T11840] usb 6-1: new high-speed USB device number 51 using dummy_hcd
[  934.800345][T15324] chnl_net:caif_netlink_parms(): no params data found
[  934.926479][T11840] usb 6-1: Using ep0 maxpacket: 32
[  934.937880][T11840] usb 6-1: config index 0 descriptor too short (expected 156, got 27)
[  934.986293][T11840] usb 6-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  935.030069][T11840] usb 6-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  935.076487][T14133] Bluetooth: hci6: command tx timeout
[  935.084303][T11840] usb 6-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  935.196315][T11840] usb 6-1: config 0 interface 0 has no altsetting 0
[  935.486305][T11840] usb 6-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  935.495396][T11840] usb 6-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  935.503926][T11840] usb 6-1: Product: syz
[  935.508143][T11840] usb 6-1: Manufacturer: syz
[  935.512771][T11840] usb 6-1: SerialNumber: syz
[  935.540809][T11840] usb 6-1: config 0 descriptor??
[  935.597721][T11840] ldusb 6-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  935.608651][T11840] ldusb 6-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  935.722748][T15324] bridge0: port 1(bridge_slave_0) entered blocking state
[  935.730250][T15324] bridge0: port 1(bridge_slave_0) entered disabled state
[  935.738456][T15324] bridge_slave_0: entered allmulticast mode
[  935.746190][T15324] bridge_slave_0: entered promiscuous mode
[  935.753726][T15324] bridge0: port 2(bridge_slave_1) entered blocking state
[  935.760900][T15324] bridge0: port 2(bridge_slave_1) entered disabled state
[  935.768233][T15324] bridge_slave_1: entered allmulticast mode
[  935.775268][T15324] bridge_slave_1: entered promiscuous mode
[  935.875883][T11840] usb 6-1: USB disconnect, device number 51
[  935.883907][T11840] ldusb 6-1:0.0: LD USB Device #0 now disconnected
[  937.156257][T14133] Bluetooth: hci6: command tx timeout
[  938.082225][T15344] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2576'.
[  938.199571][T15364] cgroup: Bad value for 'name'
[  938.429949][T15324] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  938.494765][T15324] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  939.238569][T14133] Bluetooth: hci6: command tx timeout
[  939.452783][T15324] team0: Port device team_slave_0 added
[  939.495130][T15324] team0: Port device team_slave_1 added
[  939.518524][ T5873] hid-generic 0000:0003:0000.0010: unknown main item tag 0x0
[  939.536327][ T5873] hid-generic 0000:0003:0000.0010: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  939.676764][T15324] batman_adv: batadv0: Adding interface: batadv_slave_0
[  939.683771][T15324] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  939.745718][T15324] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  939.829616][T15324] batman_adv: batadv0: Adding interface: batadv_slave_1
[  939.869927][T15324] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  939.981939][T15324] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  940.958221][T15371] ip6gre1: entered promiscuous mode
[  941.299471][T15386] input: syz0 as /devices/virtual/input/input26
[  941.346369][T14133] Bluetooth: hci6: command tx timeout
[  942.323887][T15324] hsr_slave_0: entered promiscuous mode
[  942.357375][T15324] hsr_slave_1: entered promiscuous mode
[  942.406504][T15324] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  942.433930][T15324] Cannot create hsr debugfs directory
[  942.520072][T15395] loop2: detected capacity change from 0 to 7
[  942.550073][T15395] Dev loop2: unable to read RDB block 7
[  942.555736][T15395]  loop2: unable to read partition table
[  942.561840][T15395] loop2: partition table beyond EOD, truncated
[  942.568076][T15395] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  942.657072][T15398] netlink: 'GPL': attribute type 1 has an invalid length.
[  942.684486][T15398] netlink: 4 bytes leftover after parsing attributes in process `GPL'.
[  943.447986][T15324] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  943.677488][T15324] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  944.080823][T15324] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  944.540403][T15324] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  945.175794][T15418] netlink: 'syz.5.2596': attribute type 29 has an invalid length.
[  945.180337][T15413] syz_tun: tun_net_xmit 86
[  945.248159][T15420] netlink: 'syz.5.2596': attribute type 29 has an invalid length.
[  945.426274][T15413] /dev/nullb0: Can't open blockdev
[  945.483579][T15420] netlink: 76 bytes leftover after parsing attributes in process `syz.5.2596'.
[  945.496005][T15420] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2596'.
[  945.572389][T15420] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2596'.
[  945.623660][T15324] 8021q: adding VLAN 0 to HW filter on device bond0
[  945.909513][T15324] 8021q: adding VLAN 0 to HW filter on device team0
[  945.944178][ T3011] bridge0: port 1(bridge_slave_0) entered blocking state
[  945.951343][ T3011] bridge0: port 1(bridge_slave_0) entered forwarding state
[  946.044740][T12202] bridge0: port 2(bridge_slave_1) entered blocking state
[  946.051955][T12202] bridge0: port 2(bridge_slave_1) entered forwarding state
[  946.196328][    C0] syz_tun: tun_net_xmit 86
[  946.457610][T15434] /dev/nullb0: Can't open blockdev
[  947.236358][    C0] syz_tun: tun_net_xmit 86
[  947.887664][T15324] 8021q: adding VLAN 0 to HW filter on device batadv0
[  948.281500][T15324] veth0_vlan: entered promiscuous mode
[  948.291765][T15324] veth1_vlan: entered promiscuous mode
[  948.334433][T15324] veth0_macvtap: entered promiscuous mode
[  948.369922][T15324] veth1_macvtap: entered promiscuous mode
[  948.470487][T15324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  948.526716][T15324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  948.555429][T15324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  948.586863][T15324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  948.634030][T15324] batman_adv: batadv0: Interface activated: batadv_slave_0
[  948.655981][T15324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  948.726241][T15324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  948.736358][T15324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  948.748074][T15324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  948.758390][T15324] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  948.780669][T15324] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  948.797441][T15324] batman_adv: batadv0: Interface activated: batadv_slave_1
[  948.818108][T15475] FAULT_INJECTION: forcing a failure.
[  948.818108][T15475] name failslab, interval 1, probability 0, space 0, times 0
[  948.837273][T15324] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  948.846044][T15324] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  948.867343][T15475] CPU: 1 UID: 0 PID: 15475 Comm: syz.3.2612 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[  948.878154][T15475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  948.888230][T15475] Call Trace:
[  948.891523][T15475]  <TASK>
[  948.894468][T15475]  dump_stack_lvl+0x241/0x360
[  948.899186][T15475]  ? __pfx_dump_stack_lvl+0x10/0x10
[  948.904405][T15475]  ? __pfx__printk+0x10/0x10
[  948.909021][T15475]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  948.915021][T15475]  ? __pfx___might_resched+0x10/0x10
[  948.920334][T15475]  should_fail_ex+0x3b0/0x4e0
[  948.925040][T15475]  should_failslab+0xac/0x100
[  948.929744][T15475]  kmem_cache_alloc_node_noprof+0x77/0x380
[  948.935567][T15475]  ? __alloc_skb+0x1c3/0x440
[  948.940181][T15475]  __alloc_skb+0x1c3/0x440
[  948.944623][T15475]  ? __pfx___alloc_skb+0x10/0x10
[  948.949587][T15475]  ? netlink_ack_tlv_len+0x6e/0x200
[  948.954807][T15475]  netlink_ack+0x145/0xa50
[  948.959245][T15475]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  948.964638][T15475]  ? __pfx_nl80211_post_doit+0x10/0x10
[  948.970114][T15475]  ? __pfx___might_resched+0x10/0x10
[  948.975437][T15475]  netlink_rcv_skb+0x262/0x430
[  948.980223][T15475]  ? __pfx_genl_rcv_msg+0x10/0x10
[  948.985273][T15475]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  948.990586][T15475]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  948.996076][T15475]  genl_rcv+0x28/0x40
[  949.000081][T15475]  netlink_unicast+0x7f6/0x990
[  949.004885][T15475]  ? __pfx_netlink_unicast+0x10/0x10
[  949.010195][T15475]  ? __virt_addr_valid+0x45f/0x530
[  949.015334][T15475]  ? __phys_addr_symbol+0x2f/0x70
[  949.020376][T15475]  ? __check_object_size+0x47a/0x730
[  949.025694][T15475]  netlink_sendmsg+0x8e4/0xcb0
[  949.030489][T15475]  ? __pfx_netlink_sendmsg+0x10/0x10
[  949.035820][T15475]  ? __pfx_netlink_sendmsg+0x10/0x10
[  949.041129][T15475]  __sock_sendmsg+0x221/0x270
[  949.045832][T15475]  ____sys_sendmsg+0x52a/0x7e0
[  949.050634][T15475]  ? __pfx_____sys_sendmsg+0x10/0x10
[  949.055940][T15475]  ? __fget_files+0x2a/0x410
[  949.060551][T15475]  ? __fget_files+0x2a/0x410
[  949.065167][T15475]  __sys_sendmsg+0x269/0x350
[  949.069781][T15475]  ? __pfx_lock_release+0x10/0x10
[  949.074830][T15475]  ? __pfx___sys_sendmsg+0x10/0x10
[  949.079978][T15475]  ? __pfx_vfs_write+0x10/0x10
[  949.084789][T15475]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  949.091141][T15475]  ? do_syscall_64+0x100/0x230
[  949.095931][T15475]  ? do_syscall_64+0xb6/0x230
[  949.100637][T15475]  do_syscall_64+0xf3/0x230
[  949.105163][T15475]  ? clear_bhb_loop+0x35/0x90
[  949.109865][T15475]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  949.115799][T15475] RIP: 0033:0x7f1763185d29
[  949.120237][T15475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  949.139867][T15475] RSP: 002b:00007f1763f20038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  949.148311][T15475] RAX: ffffffffffffffda RBX: 00007f1763375fa0 RCX: 00007f1763185d29
[  949.156306][T15475] RDX: 0000000000000044 RSI: 0000000020000000 RDI: 0000000000000004
[  949.164299][T15475] RBP: 00007f1763f20090 R08: 0000000000000000 R09: 0000000000000000
[  949.172292][T15475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  949.180292][T15475] R13: 0000000000000000 R14: 00007f1763375fa0 R15: 00007ffe4a0c3428
[  949.188300][T15475]  </TASK>
[  949.191384][    C1] vkms_vblank_simulate: vblank timer overrun
[  949.199424][T15324] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  949.208931][T15324] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  950.220896][T12197] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  950.243600][T12197] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  950.306306][T12196] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  950.405003][T12196] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  950.747217][T15494] netlink: 96 bytes leftover after parsing attributes in process `syz.7.2616'.
[  950.963873][ T5904] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  951.130973][ T5904] usb 10-1: Using ep0 maxpacket: 32
[  951.157835][ T5904] usb 10-1: config 0 has an invalid interface number: 167 but max is 0
[  951.876553][ T5904] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  951.886820][ T5904] usb 10-1: config 0 has no interface number 0
[  951.893021][ T5904] usb 10-1: config 0 interface 167 altsetting 1 bulk endpoint 0xA has invalid maxpacket 1024
[  951.903261][ T5904] usb 10-1: config 0 interface 167 altsetting 1 endpoint 0x6 has invalid wMaxPacketSize 0
[  951.916293][ T5904] usb 10-1: config 0 interface 167 altsetting 1 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  951.930207][ T5904] usb 10-1: config 0 interface 167 has no altsetting 0
[  952.980862][   T29] audit: type=1326 audit(1735033254.326:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15502 comm="syz.7.2620" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe521585d29 code=0x0
[  953.397395][ T5904] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a4, bcdDevice=20.63
[  953.606200][ T5904] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  953.614333][ T5904] usb 10-1: Product: syz
[  953.618714][ T5904] usb 10-1: Manufacturer: syz
[  953.623481][ T5904] usb 10-1: SerialNumber: syz
[  953.633718][ T5904] usb 10-1: config 0 descriptor??
[  953.758006][T10728] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  953.785397][T10728] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  953.805494][T10728] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  953.868853][ T5904] usb 10-1: can't set config #0, error -71
[  953.909228][T10728] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  953.922581][T10728] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  953.923907][ T5904] usb 10-1: USB disconnect, device number 2
[  953.936408][T10728] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  954.420424][T15521] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  954.611984][T15524] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  954.639232][T15524] netlink: 28 bytes leftover after parsing attributes in process `syz.9.2625'.
[  956.117146][T10728] Bluetooth: hci7: command tx timeout
[  956.557301][T15539] Process accounting resumed
[  956.615905][T15509] chnl_net:caif_netlink_parms(): no params data found
[  958.196453][T10728] Bluetooth: hci7: command tx timeout
[  958.287730][T15509] bridge0: port 1(bridge_slave_0) entered blocking state
[  958.320809][T15509] bridge0: port 1(bridge_slave_0) entered disabled state
[  958.346466][T15509] bridge_slave_0: entered allmulticast mode
[  958.362265][T15509] bridge_slave_0: entered promiscuous mode
[  958.476472][T15509] bridge0: port 2(bridge_slave_1) entered blocking state
[  958.483604][T15509] bridge0: port 2(bridge_slave_1) entered disabled state
[  958.501896][T15509] bridge_slave_1: entered allmulticast mode
[  958.530956][T15509] bridge_slave_1: entered promiscuous mode
[  958.714586][T15509] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  958.757357][T15565] xt_CT: You must specify a L4 protocol and not use inversions on it
[  958.799703][T15509] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  959.070513][T15573] Bluetooth: hci8: Frame reassembly failed (-84)
[  960.288507][T14133] Bluetooth: hci7: command tx timeout
[  960.394424][T15509] team0: Port device team_slave_0 added
[  960.405555][T15509] team0: Port device team_slave_1 added
[  961.267646][T15509] batman_adv: batadv0: Adding interface: batadv_slave_0
[  961.274722][T15509] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  961.912144][T15509] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  961.927022][T15586] bond0: option lp_interval: invalid value (0)
[  961.933222][T15586] bond0: option lp_interval: allowed values 1 - 2147483647
[  961.956494][T10728] Bluetooth: hci8: Entering manufacturer mode failed (-110)
[  962.086779][T15509] batman_adv: batadv0: Adding interface: batadv_slave_1
[  962.093807][T15509] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  962.274473][T15509] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  962.634975][T14133] Bluetooth: hci7: command tx timeout
[  963.826370][   T29] audit: type=1326 audit(1735033265.146:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15590 comm="syz.9.2641" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5f51d85d29 code=0x0
[  964.972815][ T5904] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  965.349969][T15509] hsr_slave_0: entered promiscuous mode
[  965.379763][T15509] hsr_slave_1: entered promiscuous mode
[  965.394458][T15509] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  965.414457][T15509] Cannot create hsr debugfs directory
[  965.420269][ T5904] usb 10-1: Using ep0 maxpacket: 16
[  965.440524][ T5904] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  965.663569][ T5904] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  965.841461][ T5904] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  965.868175][ T5904] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  965.897918][ T5904] usb 10-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  966.017461][ T5904] usb 10-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  966.044282][ T5904] usb 10-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  966.064065][ T5904] usb 10-1: Manufacturer: syz
[  966.115542][ T5904] usb 10-1: config 0 descriptor??
[  967.447536][T15606] xt_hashlimit: max too large, truncated to 1048576
[  967.497215][T15643] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  967.676577][ T5904] rc_core: IR keymap rc-hauppauge not found
[  967.741238][ T5904] Registered IR keymap rc-empty
[  967.847627][ T5904] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  967.936444][ T5904] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  968.042231][ T5904] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/rc/rc0
[  968.143561][ T5904] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/rc/rc0/input28
[  968.446903][ T5904] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  968.518049][ T5904] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  969.586979][ T5904] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  970.246787][ T5904] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  970.266277][ T5904] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  970.286325][ T5904] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  970.306269][ T5904] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  970.348517][T15676] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  970.361285][T15676] FAULT_INJECTION: forcing a failure.
[  970.361285][T15676] name failslab, interval 1, probability 0, space 0, times 0
[  970.374303][T15676] CPU: 0 UID: 0 PID: 15676 Comm: syz.7.2656 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[  970.385099][T15676] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  970.395176][T15676] Call Trace:
[  970.398459][T15676]  <TASK>
[  970.401388][T15676]  dump_stack_lvl+0x241/0x360
[  970.406073][T15676]  ? __pfx_dump_stack_lvl+0x10/0x10
[  970.411273][T15676]  ? __pfx__printk+0x10/0x10
[  970.415873][T15676]  ? fs_reclaim_acquire+0x93/0x130
[  970.420986][T15676]  ? __pfx___might_resched+0x10/0x10
[  970.426273][T15676]  should_fail_ex+0x3b0/0x4e0
[  970.430956][T15676]  should_failslab+0xac/0x100
[  970.435637][T15676]  __kmalloc_noprof+0xdd/0x4c0
[  970.440394][T15676]  ? tomoyo_encode+0x26f/0x540
[  970.445157][T15676]  tomoyo_encode+0x26f/0x540
[  970.449751][T15676]  tomoyo_realpath_from_path+0x59e/0x5e0
[  970.455391][T15676]  tomoyo_path_number_perm+0x236/0x860
[  970.460854][T15676]  ? __lock_acquire+0x1397/0x2100
[  970.465881][T15676]  ? tomoyo_path_number_perm+0x206/0x860
[  970.471511][T15676]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  970.477512][T15676]  ? __fget_files+0x2a/0x410
[  970.482103][T15676]  ? __fget_files+0x2a/0x410
[  970.486691][T15676]  security_file_ioctl+0xc6/0x2a0
[  970.491718][T15676]  __se_sys_ioctl+0x46/0x170
[  970.496309][T15676]  do_syscall_64+0xf3/0x230
[  970.500812][T15676]  ? clear_bhb_loop+0x35/0x90
[  970.505488][T15676]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  970.511380][T15676] RIP: 0033:0x7fe521585d29
[  970.515791][T15676] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  970.535500][T15676] RSP: 002b:00007fe522407038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  970.543926][T15676] RAX: ffffffffffffffda RBX: 00007fe521776080 RCX: 00007fe521585d29
[  970.551900][T15676] RDX: 0000000020000100 RSI: 0000000000003b85 RDI: 0000000000000004
[  970.559874][T15676] RBP: 00007fe522407090 R08: 0000000000000000 R09: 0000000000000000
[  970.567851][T15676] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  970.575827][T15676] R13: 0000000000000000 R14: 00007fe521776080 R15: 00007ffffba4e6d8
[  970.583811][T15676]  </TASK>
[  970.596229][T15676] ERROR: Out of memory at tomoyo_realpath_from_path.
[  970.847529][ T5904] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  970.946558][ T5904] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  970.976526][ T5904] mceusb 10-1:0.0: Error: mce write submit urb error = -90
[  971.026444][ T5904] mceusb 10-1:0.0: Registered ꪪ with mce emulator interface version 1
[  971.038688][ T5904] mceusb 10-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  971.077663][ T5904] usb 10-1: USB disconnect, device number 3
[  971.312356][T15689] FAULT_INJECTION: forcing a failure.
[  971.312356][T15689] name failslab, interval 1, probability 0, space 0, times 0
[  971.330163][T15689] CPU: 1 UID: 0 PID: 15689 Comm: syz.9.2659 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[  971.340975][T15689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  971.351060][T15689] Call Trace:
[  971.354370][T15689]  <TASK>
[  971.357315][T15689]  dump_stack_lvl+0x241/0x360
[  971.362019][T15689]  ? __pfx_dump_stack_lvl+0x10/0x10
[  971.367237][T15689]  ? __pfx__printk+0x10/0x10
[  971.371844][T15689]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  971.377845][T15689]  ? __pfx___might_resched+0x10/0x10
[  971.383160][T15689]  should_fail_ex+0x3b0/0x4e0
[  971.387872][T15689]  should_failslab+0xac/0x100
[  971.392578][T15689]  kmem_cache_alloc_node_noprof+0x77/0x380
[  971.398396][T15689]  ? __alloc_skb+0x1c3/0x440
[  971.402987][T15689]  __alloc_skb+0x1c3/0x440
[  971.407407][T15689]  ? __pfx___alloc_skb+0x10/0x10
[  971.412336][T15689]  ? rcu_is_watching+0x15/0xb0
[  971.417111][T15689]  ? trace_kmalloc+0x1f/0xd0
[  971.421696][T15689]  ? tipc_nl_compat_doit+0x1aa/0x610
[  971.426983][T15689]  tipc_nl_compat_doit+0x1ce/0x610
[  971.432098][T15689]  ? __pfx_tipc_nl_compat_doit+0x10/0x10
[  971.437735][T15689]  ? __mutex_trylock_common+0x183/0x2e0
[  971.443285][T15689]  ? safesetid_security_capable+0xb2/0x1d0
[  971.449089][T15689]  ? bpf_lsm_capable+0x9/0x10
[  971.453756][T15689]  ? security_capable+0x7e/0x2d0
[  971.458699][T15689]  tipc_nl_compat_recv+0xe25/0x14c0
[  971.463898][T15689]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[  971.469530][T15689]  ? genl_rcv_msg+0x121/0xec0
[  971.474210][T15689]  ? __pfx___mutex_lock+0x10/0x10
[  971.479238][T15689]  ? __pfx___tipc_nl_bearer_enable+0x10/0x10
[  971.485215][T15689]  ? __pfx_tipc_nl_compat_bearer_enable+0x10/0x10
[  971.491631][T15689]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  971.497961][T15689]  ? genl_get_cmd+0x71c/0xbe0
[  971.502641][T15689]  genl_rcv_msg+0xb14/0xec0
[  971.507148][T15689]  ? __pfx_genl_rcv_msg+0x10/0x10
[  971.512187][T15689]  ? __pfx_lock_acquire+0x10/0x10
[  971.517205][T15689]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[  971.522839][T15689]  ? __pfx___might_resched+0x10/0x10
[  971.528132][T15689]  netlink_rcv_skb+0x1e3/0x430
[  971.532888][T15689]  ? __pfx_genl_rcv_msg+0x10/0x10
[  971.537915][T15689]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  971.543227][T15689]  ? __netlink_deliver_tap+0x7aa/0x7f0
[  971.548710][T15689]  genl_rcv+0x28/0x40
[  971.552697][T15689]  netlink_unicast+0x7f6/0x990
[  971.557498][T15689]  ? __pfx_netlink_unicast+0x10/0x10
[  971.562798][T15689]  ? __virt_addr_valid+0x45f/0x530
[  971.567911][T15689]  ? __phys_addr_symbol+0x2f/0x70
[  971.572934][T15689]  ? __check_object_size+0x47a/0x730
[  971.578226][T15689]  netlink_sendmsg+0x8e4/0xcb0
[  971.583002][T15689]  ? __pfx_netlink_sendmsg+0x10/0x10
[  971.588297][T15689]  ? __pfx_netlink_sendmsg+0x10/0x10
[  971.593580][T15689]  __sock_sendmsg+0x221/0x270
[  971.598262][T15689]  ____sys_sendmsg+0x52a/0x7e0
[  971.603028][T15689]  ? __pfx_____sys_sendmsg+0x10/0x10
[  971.608309][T15689]  ? __fget_files+0x2a/0x410
[  971.612897][T15689]  ? __fget_files+0x2a/0x410
[  971.617488][T15689]  __sys_sendmsg+0x269/0x350
[  971.622075][T15689]  ? __pfx_lock_release+0x10/0x10
[  971.627096][T15689]  ? __pfx___sys_sendmsg+0x10/0x10
[  971.632213][T15689]  ? __pfx_vfs_write+0x10/0x10
[  971.636995][T15689]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  971.643319][T15689]  ? do_syscall_64+0x100/0x230
[  971.648086][T15689]  ? do_syscall_64+0xb6/0x230
[  971.652762][T15689]  do_syscall_64+0xf3/0x230
[  971.657269][T15689]  ? clear_bhb_loop+0x35/0x90
[  971.661940][T15689]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  971.667833][T15689] RIP: 0033:0x7f5f51d85d29
[  971.672265][T15689] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  971.691887][T15689] RSP: 002b:00007f5f4fbd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  971.700309][T15689] RAX: ffffffffffffffda RBX: 00007f5f51f76080 RCX: 00007f5f51d85d29
[  971.708277][T15689] RDX: 0000000000000000 RSI: 00000000200002c0 RDI: 0000000000000004
[  971.716245][T15689] RBP: 00007f5f4fbd5090 R08: 0000000000000000 R09: 0000000000000000
[  971.724211][T15689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  971.732177][T15689] R13: 0000000000000000 R14: 00007f5f51f76080 R15: 00007ffc6240fca8
[  971.740175][T15689]  </TASK>
[  971.743329][    C1] vkms_vblank_simulate: vblank timer overrun
[  971.979808][T15705] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2662'.
[  972.577106][   T29] audit: type=1804 audit(1735033273.866:280): pid=15719 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.2665" name="/newroot/533/bus/file0" dev="overlay" ino=2845 res=1 errno=0
[  972.736589][ T5873] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  973.599788][ T5873] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  973.609969][ T5873] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  973.630970][ T5873] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  973.661752][ T5873] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  973.702715][ T5873] usb 10-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  973.732760][ T5873] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  973.760862][ T5873] usb 10-1: config 0 descriptor??
[  973.996415][ T5873] hdpvr 10-1:0.0: firmware version 0xd dated —jl;™S11´Ôø!ºvOp³
[  973.996415][ T5873] 4(r¥ý
[  973.996415][ T5873] d×Å2}±dæ~ýýŠÙ­^r¤
[  974.203943][ T5873] hdpvr 10-1:0.0: device init failed
[  974.221557][ T5873] hdpvr 10-1:0.0: probe with driver hdpvr failed with error -12
[  974.255746][ T5873] usb 10-1: USB disconnect, device number 4
[  976.692854][T15790] cgroup: Bad value for 'name'
[  976.876253][ T5873] usb 6-1: new high-speed USB device number 52 using dummy_hcd
[  977.222907][T15802] FAULT_INJECTION: forcing a failure.
[  977.222907][T15802] name failslab, interval 1, probability 0, space 0, times 0
[  977.235851][T15802] CPU: 1 UID: 0 PID: 15802 Comm: syz.3.2679 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[  977.246647][T15802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  977.256726][T15802] Call Trace:
[  977.260021][T15802]  <TASK>
[  977.262974][T15802]  dump_stack_lvl+0x241/0x360
[  977.267682][T15802]  ? __pfx_dump_stack_lvl+0x10/0x10
[  977.272920][T15802]  ? __pfx__printk+0x10/0x10
[  977.277538][T15802]  ? fs_reclaim_acquire+0x93/0x130
[  977.282669][T15802]  ? __pfx___might_resched+0x10/0x10
[  977.287980][T15802]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  977.293982][T15802]  should_fail_ex+0x3b0/0x4e0
[  977.298689][T15802]  should_failslab+0xac/0x100
[  977.303396][T15802]  __kmalloc_noprof+0xdd/0x4c0
[  977.308179][T15802]  ? tomoyo_encode+0x26f/0x540
[  977.312975][T15802]  tomoyo_encode+0x26f/0x540
[  977.317591][T15802]  tomoyo_realpath_from_path+0x59e/0x5e0
[  977.323273][T15802]  tomoyo_mount_permission+0x3bf/0xb80
[  977.328755][T15802]  ? tomoyo_mount_permission+0x298/0xb80
[  977.334414][T15802]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  977.340454][T15802]  ? hook_sb_mount+0x10b/0x420
[  977.345234][T15802]  ? security_sb_mount+0x22/0x2f0
[  977.350283][T15802]  security_sb_mount+0xe0/0x2f0
[  977.355158][T15802]  path_mount+0xb9/0xfa0
[  977.359421][T15802]  ? kmem_cache_free+0x195/0x410
[  977.364465][T15802]  ? user_path_at+0x44/0x60
[  977.368999][T15802]  __se_sys_mount+0x2d6/0x3c0
[  977.373694][T15802]  ? irqentry_exit+0x63/0x90
[  977.378309][T15802]  ? __pfx___se_sys_mount+0x10/0x10
[  977.383526][T15802]  ? __x64_sys_mount+0x20/0xc0
[  977.388309][T15802]  do_syscall_64+0xf3/0x230
[  977.392844][T15802]  ? clear_bhb_loop+0x35/0x90
[  977.397550][T15802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  977.403468][T15802] RIP: 0033:0x7f1763185d29
[  977.407897][T15802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  977.427535][T15802] RSP: 002b:00007f1763eff038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  977.435967][T15802] RAX: ffffffffffffffda RBX: 00007f1763376080 RCX: 00007f1763185d29
[  977.443958][T15802] RDX: 00000000200001c0 RSI: 0000000020000180 RDI: 0000000000000000
[  977.451948][T15802] RBP: 00007f1763eff090 R08: 0000000020000000 R09: 0000000000000000
[  977.459947][T15802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  977.467954][T15802] R13: 0000000000000000 R14: 00007f1763376080 R15: 00007ffe4a0c3428
[  977.475973][T15802]  </TASK>
[  977.479087][    C1] vkms_vblank_simulate: vblank timer overrun
[  977.486515][T15802] ERROR: Out of memory at tomoyo_realpath_from_path.
[  977.969518][ T5873] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  977.986579][ T5873] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  977.999842][ T5873] usb 6-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  978.009039][ T5873] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  978.105492][ T5873] usb 6-1: config 0 descriptor??
[  978.923276][T15797] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  979.090492][T15816] overlayfs: conflicting lowerdir path
[  979.120383][T15817] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2682'.
[  979.173251][T15509] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  979.351367][ T5873] usb 6-1: language id specifier not provided by device, defaulting to English
[  979.373166][T15509] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  979.387454][T15509] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  979.540843][T15823] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  979.549785][T15823] overlayfs: missing 'lowerdir'
[  979.580135][T15509] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  979.786778][ T5873] usbhid 6-1:0.0: can't add hid device: -71
[  979.792850][ T5873] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  979.802448][ T5873] usb 6-1: USB disconnect, device number 52
[  979.974525][T15509] 8021q: adding VLAN 0 to HW filter on device bond0
[  980.060780][T15509] 8021q: adding VLAN 0 to HW filter on device team0
[  980.130825][T12196] bridge0: port 1(bridge_slave_0) entered blocking state
[  980.138041][T12196] bridge0: port 1(bridge_slave_0) entered forwarding state
[  980.207724][T12196] bridge0: port 2(bridge_slave_1) entered blocking state
[  980.214903][T12196] bridge0: port 2(bridge_slave_1) entered forwarding state
[  980.434443][T15509] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  980.526000][T15844] FAULT_INJECTION: forcing a failure.
[  980.526000][T15844] name failslab, interval 1, probability 0, space 0, times 0
[  980.623557][T15844] CPU: 1 UID: 0 PID: 15844 Comm: syz.7.2686 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[  980.634376][T15844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  980.644462][T15844] Call Trace:
[  980.647761][T15844]  <TASK>
[  980.650704][T15844]  dump_stack_lvl+0x241/0x360
[  980.655412][T15844]  ? __pfx_dump_stack_lvl+0x10/0x10
[  980.660635][T15844]  ? __pfx__printk+0x10/0x10
[  980.665253][T15844]  ? fs_reclaim_acquire+0x93/0x130
[  980.670389][T15844]  ? __pfx___might_resched+0x10/0x10
[  980.675706][T15844]  should_fail_ex+0x3b0/0x4e0
[  980.680417][T15844]  should_failslab+0xac/0x100
[  980.685122][T15844]  __kmalloc_noprof+0xdd/0x4c0
[  980.689907][T15844]  ? tomoyo_encode+0x26f/0x540
[  980.694698][T15844]  tomoyo_encode+0x26f/0x540
[  980.699321][T15844]  tomoyo_realpath_from_path+0x59e/0x5e0
[  980.704985][T15844]  tomoyo_mount_permission+0x3bf/0xb80
[  980.710469][T15844]  ? stack_depot_save_flags+0x37/0x940
[  980.715945][T15844]  ? tomoyo_mount_permission+0x298/0xb80
[  980.721602][T15844]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  980.727674][T15844]  ? hook_sb_mount+0x10b/0x420
[  980.732458][T15844]  ? security_sb_mount+0x22/0x2f0
[  980.737512][T15844]  security_sb_mount+0xe0/0x2f0
[  980.742387][T15844]  path_mount+0xb9/0xfa0
[  980.746650][T15844]  ? kmem_cache_free+0x195/0x410
[  980.751604][T15844]  ? user_path_at+0x44/0x60
[  980.756130][T15844]  __se_sys_mount+0x2d6/0x3c0
[  980.760826][T15844]  ? __pfx___se_sys_mount+0x10/0x10
[  980.766050][T15844]  ? do_syscall_64+0x100/0x230
[  980.770841][T15844]  ? __x64_sys_mount+0x20/0xc0
[  980.775628][T15844]  do_syscall_64+0xf3/0x230
[  980.780159][T15844]  ? clear_bhb_loop+0x35/0x90
[  980.784863][T15844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  980.790782][T15844] RIP: 0033:0x7fe521585d29
[  980.795219][T15844] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  980.814850][T15844] RSP: 002b:00007fe522428038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  980.823274][T15844] RAX: ffffffffffffffda RBX: 00007fe521775fa0 RCX: 00007fe521585d29
[  980.831243][T15844] RDX: 0000000020000180 RSI: 0000000020000140 RDI: 0000000000000000
[  980.839298][T15844] RBP: 00007fe522428090 R08: 0000000020000000 R09: 0000000000000000
[  980.847261][T15844] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  980.855223][T15844] R13: 0000000000000000 R14: 00007fe521775fa0 R15: 00007ffffba4e6d8
[  980.863199][T15844]  </TASK>
[  980.866292][    C1] vkms_vblank_simulate: vblank timer overrun
[  980.976714][T15844] ERROR: Out of memory at tomoyo_realpath_from_path.
[  984.289253][T15509] 8021q: adding VLAN 0 to HW filter on device batadv0
[  984.561402][T15509] veth0_vlan: entered promiscuous mode
[  984.715086][T15509] veth1_vlan: entered promiscuous mode
[  984.745308][T15509] veth0_macvtap: entered promiscuous mode
[  984.754158][T15509] veth1_macvtap: entered promiscuous mode
[  984.778838][T15509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  984.789415][T15509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  984.800000][T15509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  984.811070][T15509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  984.835345][T15509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  984.867048][T15509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  984.893766][T15509] batman_adv: batadv0: Interface activated: batadv_slave_0
[  984.900187][T15887] cgroup: Bad value for 'name'
[  984.911666][   T29] audit: type=1326 audit(1735033286.176:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15878 comm="syz.3.2694" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1763185d29 code=0x0
[  985.118646][T15509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  985.131881][T15509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  985.195364][T15509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  985.407578][T15891] netlink: 'syz.5.2696': attribute type 33 has an invalid length.
[  985.415441][T15891] netlink: 152 bytes leftover after parsing attributes in process `syz.5.2696'.
[  985.520575][T15509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  985.570289][T15509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  985.591819][T15509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  985.606274][T15509] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  985.617573][T15509] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  985.629473][T15509] batman_adv: batadv0: Interface activated: batadv_slave_1
[  985.639652][T15509] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  985.648708][T15509] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  985.658041][T15509] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  985.686242][T15509] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  989.294232][   T29] audit: type=1326 audit(1735033289.976:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15907 comm="syz.5.2699" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2392985d29 code=0x0
[  989.336053][ T3011] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  989.337585][T12203] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  989.375485][ T3011] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  989.389318][T12203] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  991.397994][T15919] cgroup: Invalid name
[  991.628604][T15938] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2708'.
[  992.805700][   T29] audit: type=1326 audit(1735033294.146:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15954 comm="syz.9.2711" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5f51d85d29 code=0x0
[  993.176408][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  993.182750][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  993.471553][T15966] cgroup: Bad value for 'name'
[  994.904230][T15983] netlink: 40 bytes leftover after parsing attributes in process `syz.7.2713'.
[  995.114654][T15999] ip6gre1: entered promiscuous mode
[  996.921213][T16030] tmpfs: Unknown parameter 'usrquota·'
[  997.147865][T16037] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2723'.
[ 1000.620431][T10728] Bluetooth: hci4: command 0x0406 tx timeout
[ 1002.936252][   T29] audit: type=1326 audit(1735033304.026:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16073 comm="syz.5.2730" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2392985d29 code=0x0
[ 1002.957319][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1004.634098][T16094] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2734'.
[ 1004.643687][T16094] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2734'.
[ 1004.850731][T16094] 9pnet_fd: Insufficient options for proto=fd
[ 1006.114672][T16087] netlink: 6 bytes leftover after parsing attributes in process `syz.9.2732'.
[ 1007.621210][T16131] loop9: detected capacity change from 0 to 6
[ 1008.851420][ T1204] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[ 1009.071720][   T29] audit: type=1326 audit(1735033310.416:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16128 comm="syz.7.2739" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe521585d29 code=0x0
[ 1009.423501][ T1204] usb 10-1: Using ep0 maxpacket: 16
[ 1010.563596][   T29] audit: type=1326 audit(1735033311.876:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16153 comm="syz.1.2744" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb5bc185d29 code=0x0
[ 1011.296733][ T1204] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1011.308295][ T1204] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1011.323268][ T1204] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1011.336329][ T1204] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1011.346205][ T1204] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1011.370819][ T1204] usb 10-1: config 0 descriptor??
[ 1011.677619][T11840] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[ 1011.788455][T16148] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1011.810618][T16148] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1011.849583][T11840] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1011.902539][T11840] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 1011.955050][T11840] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1011.965261][T11840] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[ 1011.975535][T11840] usb 2-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[ 1011.984838][T11840] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1012.082035][ T1204] microsoft 0003:045E:07DA.0011: ignoring exceeding usage max
[ 1012.082512][T11840] usb 2-1: config 0 descriptor??
[ 1012.137919][ T1204] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0
[ 1012.196414][ T1204] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0
[ 1012.214264][ T1204] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0
[ 1012.266233][ T1204] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0
[ 1012.298904][T11840] hdpvr 2-1:0.0: firmware version 0xd dated —jl;™S11´Ôø!ºvOp³
[ 1012.298904][T11840] 4(r¥ý
[ 1012.298904][T11840] d×Å2}±dæ~ýýŠÙ­^r¤
[ 1012.323247][ T1204] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0
[ 1012.400628][ T1204] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0
[ 1012.419159][ T1204] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0
[ 1012.441942][ T1204] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0
[ 1012.469638][ T1204] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0
[ 1012.504143][T11840] hdpvr 2-1:0.0: device init failed
[ 1012.504233][ T1204] microsoft 0003:045E:07DA.0011: unknown main item tag 0x0
[ 1012.514095][T11840] hdpvr 2-1:0.0: probe with driver hdpvr failed with error -12
[ 1012.678409][T11840] usb 2-1: USB disconnect, device number 4
[ 1012.681140][ T1204] microsoft 0003:045E:07DA.0011: No inputs registered, leaving
[ 1012.945890][ T1204] microsoft 0003:045E:07DA.0011: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.9-1/input0
[ 1012.983543][T16201] netlink: 'syz.3.2751': attribute type 1 has an invalid length.
[ 1013.076004][ T1204] microsoft 0003:045E:07DA.0011: no inputs found
[ 1013.092014][ T1204] microsoft 0003:045E:07DA.0011: could not initialize ff, continuing anyway
[ 1013.136329][ T1204] usb 10-1: USB disconnect, device number 5
[ 1016.004972][T16240] cgroup: Bad value for 'name'
[ 1017.353658][T16265] input: syz0 as /devices/virtual/input/input30
[ 1021.968731][T16305] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[ 1022.255785][T16307] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2772'.
[ 1022.347623][T16307] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1028.997285][T16406] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2789'.
[ 1032.466318][   T29] audit: type=1326 audit(1735033333.806:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16416 comm="syz.1.2791" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb5bc185d29 code=0x0
[ 1035.053843][T16463] netlink: 36 bytes leftover after parsing attributes in process `syz.9.2801'.
[ 1035.062996][T16463] netlink: 16 bytes leftover after parsing attributes in process `syz.9.2801'.
[ 1035.072740][T16463] netlink: 36 bytes leftover after parsing attributes in process `syz.9.2801'.
[ 1035.082502][T16463] netlink: 36 bytes leftover after parsing attributes in process `syz.9.2801'.
[ 1036.758048][T16487] netlink: 'syz.3.2804': attribute type 1 has an invalid length.
[ 1036.765886][T16487] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2804'.
[ 1042.276469][T16517] netlink: 830 bytes leftover after parsing attributes in process `syz.9.2813'.
[ 1042.376600][T16540] netlink: 60 bytes leftover after parsing attributes in process `syz.3.2816'.
[ 1042.807803][T16555] FAULT_INJECTION: forcing a failure.
[ 1042.807803][T16555] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1042.886864][T16555] CPU: 0 UID: 0 PID: 16555 Comm: syz.3.2822 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[ 1042.897689][T16555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1042.907764][T16555] Call Trace:
[ 1042.911053][T16555]  <TASK>
[ 1042.913994][T16555]  dump_stack_lvl+0x241/0x360
[ 1042.918696][T16555]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1042.923994][T16555]  ? __pfx__printk+0x10/0x10
[ 1042.928646][T16555]  ? __pfx_lock_release+0x10/0x10
[ 1042.933689][T16555]  should_fail_ex+0x3b0/0x4e0
[ 1042.938396][T16555]  _copy_from_user+0x2f/0xc0
[ 1042.943006][T16555]  do_ipv6_setsockopt+0x2f5/0x3640
[ 1042.948139][T16555]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[ 1042.953701][T16555]  ? __pfx_validate_chain+0x10/0x10
[ 1042.958934][T16555]  ? __pfx_lock_acquire+0x10/0x10
[ 1042.963971][T16555]  ? get_pid_task+0x23/0x1f0
[ 1042.968580][T16555]  ? __pfx_lock_release+0x10/0x10
[ 1042.973614][T16555]  ? kstrtouint_from_user+0x128/0x190
[ 1042.979009][T16555]  ? mark_lock+0x9a/0x360
[ 1042.983359][T16555]  ? __lock_acquire+0x1397/0x2100
[ 1042.988407][T16555]  ipv6_setsockopt+0x5d/0x170
[ 1042.993108][T16555]  dccp_setsockopt+0x17c/0x12c0
[ 1042.997981][T16555]  ? __pfx_dccp_setsockopt+0x10/0x10
[ 1043.003281][T16555]  ? __pfx_lock_acquire+0x10/0x10
[ 1043.008324][T16555]  ? sock_common_setsockopt+0x37/0xc0
[ 1043.013717][T16555]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1043.019627][T16555]  do_sock_setsockopt+0x3af/0x720
[ 1043.024674][T16555]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 1043.030235][T16555]  ? __fget_files+0x395/0x410
[ 1043.034920][T16555]  ? __fget_files+0x2a/0x410
[ 1043.039536][T16555]  __x64_sys_setsockopt+0x1ee/0x280
[ 1043.044759][T16555]  do_syscall_64+0xf3/0x230
[ 1043.049282][T16555]  ? clear_bhb_loop+0x35/0x90
[ 1043.053976][T16555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1043.059889][T16555] RIP: 0033:0x7f1763185d29
[ 1043.064322][T16555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1043.083950][T16555] RSP: 002b:00007f1763f20038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1043.092385][T16555] RAX: ffffffffffffffda RBX: 00007f1763375fa0 RCX: 00007f1763185d29
[ 1043.100367][T16555] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[ 1043.108352][T16555] RBP: 00007f1763f20090 R08: 00000000000005f0 R09: 0000000000000000
[ 1043.116335][T16555] R10: 0000000020000b40 R11: 0000000000000246 R12: 0000000000000001
[ 1043.124315][T16555] R13: 0000000000000000 R14: 00007f1763375fa0 R15: 00007ffe4a0c3428
[ 1043.132318][T16555]  </TASK>
[ 1043.593144][T16575] syz_tun: tun_net_xmit 354
[ 1043.667677][T16561] ip6gre1: entered promiscuous mode
[ 1044.555616][T16592] sctp: [Deprecated]: syz.1.2829 (pid 16592) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1044.555616][T16592] Use struct sctp_sack_info instead
[ 1044.856364][ T5873] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[ 1044.936362][ T5929] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[ 1045.020513][ T5873] usb 4-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[ 1045.045772][ T5873] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1045.089833][ T5929] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1045.105998][ T5873] usb 4-1: Product: syz
[ 1045.128685][ T5873] usb 4-1: Manufacturer: syz
[ 1045.137819][ T5929] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 1045.168777][ T5873] usb 4-1: SerialNumber: syz
[ 1045.197006][ T5929] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1045.216673][ T5873] r8152-cfgselector 4-1: Unknown version 0x0000
[ 1045.245857][ T5873] r8152-cfgselector 4-1: config 0 descriptor??
[ 1045.265029][ T5929] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[ 1045.305383][ T5929] usb 10-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[ 1045.347990][ T5929] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1045.379426][ T5929] usb 10-1: config 0 descriptor??
[ 1045.504948][ T5873] r8152-cfgselector 4-1: Unknown version 0x0000
[ 1045.521771][ T5873] r8152-cfgselector 4-1: bad CDC descriptors
[ 1045.576259][ T5874] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[ 1045.592574][ T5929] hdpvr 10-1:0.0: unexpected answer of status request, len -71
[ 1045.614550][ T5873] r8152-cfgselector 4-1: USB disconnect, device number 50
[ 1045.668797][ T5929] hdpvr 10-1:0.0: device init failed
[ 1045.760214][ T5929] hdpvr 10-1:0.0: probe with driver hdpvr failed with error -12
[ 1045.786229][ T5874] usb 2-1: Using ep0 maxpacket: 32
[ 1045.797594][ T5874] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 219
[ 1045.950083][ T5874] usb 2-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[ 1045.986949][ T5929] usb 10-1: USB disconnect, device number 6
[ 1046.169767][ T5874] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1046.294653][ T5874] usb 2-1: Product: syz
[ 1046.299035][ T5874] usb 2-1: Manufacturer: syz
[ 1046.304084][ T5874] usb 2-1: SerialNumber: syz
[ 1046.328352][ T5874] usb 2-1: config 0 descriptor??
[ 1046.346546][T16608] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[ 1046.564084][ T5874] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[ 1046.996429][    C0] syz_tun: tun_net_xmit 354
[ 1047.361415][T16607] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1047.597561][T16607] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1048.528382][T16641] Process accounting resumed
[ 1048.663172][ T5874] usb 2-1: USB disconnect, device number 5
[ 1049.427226][ T5874] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[ 1049.606289][ T5874] usb 2-1: Using ep0 maxpacket: 16
[ 1049.649193][ T5874] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1049.699754][ T5874] usb 2-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b5.89
[ 1049.727693][ T5874] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1049.770624][ T5874] usb 2-1: Product: syz
[ 1049.781092][ T5874] usb 2-1: Manufacturer: syz
[ 1049.806483][ T5874] usb 2-1: SerialNumber: syz
[ 1049.914195][ T5874] usb 2-1: config 0 descriptor??
[ 1049.997984][ T5874] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622
[ 1050.806897][ T5874] gspca_pac7302: reg_w() failed i: ff v: 01 error -71
[ 1050.814127][ T5874] gspca_pac7302 2-1:0.0: probe with driver gspca_pac7302 failed with error -71
[ 1050.825419][ T5874] usb 2-1: USB disconnect, device number 6
[ 1051.109703][T16691] FAULT_INJECTION: forcing a failure.
[ 1051.109703][T16691] name failslab, interval 1, probability 0, space 0, times 0
[ 1051.153367][T16691] CPU: 0 UID: 0 PID: 16691 Comm: syz.7.2849 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[ 1051.164197][T16691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1051.174278][T16691] Call Trace:
[ 1051.177568][T16691]  <TASK>
[ 1051.180499][T16691]  dump_stack_lvl+0x241/0x360
[ 1051.185183][T16691]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1051.190378][T16691]  ? __pfx__printk+0x10/0x10
[ 1051.194968][T16691]  ? __kmalloc_cache_noprof+0x48/0x390
[ 1051.200424][T16691]  ? __pfx___might_resched+0x10/0x10
[ 1051.205721][T16691]  should_fail_ex+0x3b0/0x4e0
[ 1051.210406][T16691]  should_failslab+0xac/0x100
[ 1051.215089][T16691]  __kmalloc_cache_noprof+0x70/0x390
[ 1051.220366][T16691]  ? sctp_auth_asoc_copy_shkeys+0x13b/0x580
[ 1051.226270][T16691]  sctp_auth_asoc_copy_shkeys+0x13b/0x580
[ 1051.231998][T16691]  sctp_association_new+0x15aa/0x2400
[ 1051.237381][T16691]  sctp_connect_new_asoc+0x2d8/0x6c0
[ 1051.242664][T16691]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1051.248467][T16691]  ? sctp_sendmsg+0xbb9/0x3520
[ 1051.253234][T16691]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[ 1051.259038][T16691]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[ 1051.264582][T16691]  sctp_sendmsg+0x219a/0x3520
[ 1051.269266][T16691]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1051.274287][T16691]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[ 1051.281057][T16691]  ? inet_sendmsg+0x330/0x390
[ 1051.285734][T16691]  __sock_sendmsg+0x1a6/0x270
[ 1051.290414][T16691]  ____sys_sendmsg+0x52a/0x7e0
[ 1051.295186][T16691]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1051.300465][T16691]  ? __fget_files+0x2a/0x410
[ 1051.305052][T16691]  ? __fget_files+0x2a/0x410
[ 1051.309656][T16691]  __sys_sendmmsg+0x36a/0x720
[ 1051.314342][T16691]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1051.319546][T16691]  ? __pfx_lock_release+0x10/0x10
[ 1051.324563][T16691]  ? kstrtouint_from_user+0x128/0x190
[ 1051.329946][T16691]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1051.335837][T16691]  ? ksys_write+0x22a/0x2b0
[ 1051.340341][T16691]  ? __pfx_lock_release+0x10/0x10
[ 1051.345366][T16691]  ? vfs_write+0x730/0xd30
[ 1051.349813][T16691]  ? __mutex_unlock_slowpath+0x21e/0x790
[ 1051.355473][T16691]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1051.361457][T16691]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1051.367782][T16691]  ? do_syscall_64+0x100/0x230
[ 1051.372549][T16691]  __x64_sys_sendmmsg+0xa0/0xb0
[ 1051.377399][T16691]  do_syscall_64+0xf3/0x230
[ 1051.381910][T16691]  ? clear_bhb_loop+0x35/0x90
[ 1051.386589][T16691]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1051.392480][T16691] RIP: 0033:0x7fe521585d29
[ 1051.396897][T16691] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1051.416503][T16691] RSP: 002b:00007fe522428038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1051.425004][T16691] RAX: ffffffffffffffda RBX: 00007fe521775fa0 RCX: 00007fe521585d29
[ 1051.432972][T16691] RDX: 0000000000000001 RSI: 0000000020003a00 RDI: 0000000000000005
[ 1051.440943][T16691] RBP: 00007fe522428090 R08: 0000000000000000 R09: 0000000000000000
[ 1051.448910][T16691] R10: 000000000004c040 R11: 0000000000000246 R12: 0000000000000001
[ 1051.456881][T16691] R13: 0000000000000000 R14: 00007fe521775fa0 R15: 00007ffffba4e6d8
[ 1051.464862][T16691]  </TASK>
[ 1051.856009][T16711] netlink: 'syz.7.2852': attribute type 2 has an invalid length.
[ 1051.991224][ T5874] usb 4-1: new full-speed USB device number 51 using dummy_hcd
[ 1052.003504][T16711] ieee802154 phy0 wpan0: encryption failed: -22
[ 1052.981397][ T5874] usb 4-1: config 0 has an invalid interface number: 48 but max is 0
[ 1052.990232][ T5874] usb 4-1: config 0 has no interface number 0
[ 1052.997541][ T5874] usb 4-1: too many endpoints for config 0 interface 48 altsetting 49: 55, using maximum allowed: 30
[ 1053.016241][ T5874] usb 4-1: config 0 interface 48 altsetting 49 has 0 endpoint descriptors, different from the interface descriptor's value: 55
[ 1053.045423][ T5874] usb 4-1: config 0 interface 48 has no altsetting 0
[ 1053.071601][ T5874] usb 4-1: New USB device found, idVendor=055d, idProduct=9000, bcdDevice=31.44
[ 1053.272414][T16727] Process accounting resumed
[ 1053.300409][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1053.316546][    C0] syz_tun: tun_net_xmit 354
[ 1053.516673][ T5874] usb 4-1: config 0 descriptor??
[ 1054.225668][   T29] audit: type=1326 audit(1735033355.566:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16707 comm="syz.3.2851" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1763185d29 code=0x0
[ 1054.812154][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.828880][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1055.046571][ T5874] usb 4-1: string descriptor 0 read error: -71
[ 1055.151567][ T5874] usb 4-1: USB disconnect, device number 51
[ 1056.496317][T11840] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[ 1056.746380][T11840] usb 10-1: Using ep0 maxpacket: 32
[ 1056.767490][T11840] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1056.794144][T11840] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1056.829977][T11840] usb 10-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1056.876986][T11840] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1056.926740][T14133] Bluetooth: hci6: command 0x0406 tx timeout
[ 1056.992495][T11840] usb 10-1: config 0 descriptor??
[ 1057.007353][T11840] hub 10-1:0.0: USB hub found
[ 1057.211278][T11840] hub 10-1:0.0: 1 port detected
[ 1057.824171][T11840] hub 10-1:0.0: activate --> -90
[ 1058.066530][T15510] usb 10-1: USB disconnect, device number 7
[ 1058.503239][T16792] syz.3.2864 (16792): drop_caches: 2
[ 1060.440138][ T5873] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[ 1060.577057][T16812] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2869'.
[ 1060.586146][T16812] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2869'.
[ 1060.595204][T16812] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2869'.
[ 1060.604304][T16812] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2869'.
[ 1060.906541][T11840] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[ 1061.097656][T11840] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1061.131919][T11840] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1061.152375][T11840] usb 4-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00
[ 1061.181515][T11840] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1061.205486][T11840] usb 4-1: config 0 descriptor??
[ 1064.056942][T16838] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2877'.
[ 1064.125042][T16838] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2877'.
[ 1065.476192][    C0] syz_tun: tun_net_xmit 354
[ 1065.559823][T10728] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 1065.573817][T10728] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 1065.582956][T10728] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 1065.594438][T10728] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 1065.602075][T10728] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[ 1065.609397][T10728] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 1066.096356][T16759] sched: DL replenish lagged too much
[ 1066.494814][T11840] usbhid 4-1:0.0: can't add hid device: -71
[ 1066.511480][T11840] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1066.521401][T16844] chnl_net:caif_netlink_parms(): no params data found
[ 1066.541462][T11840] usb 4-1: USB disconnect, device number 52
[ 1066.626438][T16860] netlink: 76 bytes leftover after parsing attributes in process `syz.3.2882'.
[ 1067.332480][T16844] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1067.344437][T16844] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1067.864914][T16866] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[ 1068.289051][T16844] bridge_slave_0: entered allmulticast mode
[ 1068.305506][T16844] bridge_slave_0: entered promiscuous mode
[ 1068.313461][T16844] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1068.333221][T16844] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1068.341671][T16844] bridge_slave_1: entered allmulticast mode
[ 1068.371701][T16844] bridge_slave_1: entered promiscuous mode
[ 1068.403710][T10728] Bluetooth: hci8: command tx timeout
[ 1068.638048][T16844] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1068.729171][T16844] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1069.027587][T16844] team0: Port device team_slave_0 added
[ 1069.055650][T16844] team0: Port device team_slave_1 added
[ 1069.201381][T16844] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1069.224697][T16844] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1069.250680][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1069.306226][T16844] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1069.328938][T16844] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1069.376071][T16844] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1069.402002][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1069.508805][T16844] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1070.486224][T10728] Bluetooth: hci8: command tx timeout
[ 1070.697442][T16889] FAULT_INJECTION: forcing a failure.
[ 1070.697442][T16889] name failslab, interval 1, probability 0, space 0, times 0
[ 1070.733823][T16889] CPU: 1 UID: 0 PID: 16889 Comm: syz.3.2891 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[ 1070.744638][T16889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1070.754727][T16889] Call Trace:
[ 1070.758027][T16889]  <TASK>
[ 1070.760971][T16889]  dump_stack_lvl+0x241/0x360
[ 1070.765672][T16889]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1070.770901][T16889]  ? __pfx__printk+0x10/0x10
[ 1070.775520][T16889]  ? fs_reclaim_acquire+0x93/0x130
[ 1070.780661][T16889]  ? __pfx___might_resched+0x10/0x10
[ 1070.785978][T16889]  should_fail_ex+0x3b0/0x4e0
[ 1070.790689][T16889]  should_failslab+0xac/0x100
[ 1070.795420][T16889]  __kmalloc_noprof+0xdd/0x4c0
[ 1070.800211][T16889]  ? kstrtouint_from_user+0x128/0x190
[ 1070.805605][T16889]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[ 1070.811355][T16889]  tomoyo_realpath_from_path+0xcf/0x5e0
[ 1070.816934][T16889]  tomoyo_path_number_perm+0x236/0x860
[ 1070.822413][T16889]  ? __lock_acquire+0x1397/0x2100
[ 1070.827464][T16889]  ? tomoyo_path_number_perm+0x206/0x860
[ 1070.833128][T16889]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1070.839150][T16889]  ? __fget_files+0x2a/0x410
[ 1070.843741][T16889]  ? __fget_files+0x2a/0x410
[ 1070.848333][T16889]  security_file_ioctl+0xc6/0x2a0
[ 1070.853359][T16889]  __se_sys_ioctl+0x46/0x170
[ 1070.857957][T16889]  do_syscall_64+0xf3/0x230
[ 1070.862467][T16889]  ? clear_bhb_loop+0x35/0x90
[ 1070.867146][T16889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1070.873039][T16889] RIP: 0033:0x7f1763185d29
[ 1070.877452][T16889] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1070.897062][T16889] RSP: 002b:00007f1763f20038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1070.905474][T16889] RAX: ffffffffffffffda RBX: 00007f1763375fa0 RCX: 00007f1763185d29
[ 1070.913452][T16889] RDX: 0000000020000500 RSI: 000000004010ae68 RDI: 0000000000000006
[ 1070.921425][T16889] RBP: 00007f1763f20090 R08: 0000000000000000 R09: 0000000000000000
[ 1070.929397][T16889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1070.937363][T16889] R13: 0000000000000000 R14: 00007f1763375fa0 R15: 00007ffe4a0c3428
[ 1070.945344][T16889]  </TASK>
[ 1070.948482][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1071.171380][T16889] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1071.302241][T16844] hsr_slave_0: entered promiscuous mode
[ 1071.437463][T16901] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2894'.
[ 1071.483918][T16844] hsr_slave_1: entered promiscuous mode
[ 1071.503718][T16844] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1071.534067][T16844] Cannot create hsr debugfs directory
[ 1072.517641][T14133] Bluetooth: hci8: command tx timeout
[ 1073.158421][T16844] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1073.202806][T16844] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1073.618898][T16844] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1073.656259][T16844] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1074.342373][T16921] do_dccp_setsockopt: sockopt(CHANGE_L/R) is deprecated: fix your app
[ 1074.776461][T14133] Bluetooth: hci8: command tx timeout
[ 1074.940236][T16844] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1074.957170][T16844] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1075.269942][T16928] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2901'.
[ 1075.324192][T16844] netdevsim netdevsim2  (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1075.333885][T16844] netdevsim netdevsim2  (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1076.074186][T16844] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1076.269070][T16844] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1076.447382][T16937] cgroup: Invalid name
[ 1076.937844][T16844] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1077.126892][T16844] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1077.287096][T10728] Bluetooth: hci7: command 0x0406 tx timeout
[ 1078.052216][   T29] audit: type=1326 audit(1735033379.386:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16940 comm="syz.7.2906" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe521585d29 code=0x0
[ 1078.451948][T10728] Bluetooth: hci6: unexpected event for opcode 0x2019
[ 1078.650108][T16954] syz_tun: tun_net_xmit 86
[ 1078.784602][T16844] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1078.822737][T16844] 8021q: adding VLAN 0 to HW filter on device team0
[ 1078.843822][T12198] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1078.850951][T12198] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1078.919776][T12198] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1078.926948][T12198] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1079.469059][T16844] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1079.479635][T16844] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1079.566247][   T30] INFO: task syz.6.2400:14649 blocked for more than 143 seconds.
[ 1079.584283][   T30]       Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[ 1079.614872][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1079.646082][   T30] task:syz.6.2400      state:D stack:19440 pid:14649 tgid:14644 ppid:11050  flags:0x00004006
[ 1079.675467][   T30] Call Trace:
[ 1079.679124][   T30]  <TASK>
[ 1079.682088][   T30]  __schedule+0x17fb/0x4be0
[ 1079.686809][   T30]  ? __pfx___schedule+0x10/0x10
[ 1079.691788][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1079.696934][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1079.702982][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1079.709427][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[ 1079.715141][   T30]  ? schedule+0x90/0x320
[ 1079.719903][    C1] syz_tun: tun_net_xmit 86
[ 1079.724477][   T30]  schedule+0x14b/0x320
[ 1079.728727][   T30]  ? down_read+0x6a5/0xa40
[ 1079.733205][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1079.738787][   T30]  down_read+0x705/0xa40
[ 1079.743072][   T30]  ? __pfx_down_read+0x10/0x10
[ 1079.748022][   T30]  ? __filemap_get_folio+0x848/0x940
[ 1079.753370][   T30]  ? filemap_map_pages+0x231/0x1900
[ 1079.758709][   T30]  filemap_fault+0xb3e/0x1490
[ 1079.763427][   T30]  ? __pfx_filemap_fault+0x10/0x10
[ 1079.768620][   T30]  ? handle_pte_fault+0x295a/0x5ed0
[ 1079.773839][   T30]  ? pte_alloc_one+0x44e/0x510
[ 1079.778806][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1079.783897][   T30]  __do_fault+0x135/0x390
[ 1079.788321][   T30]  ? handle_pte_fault+0x295a/0x5ed0
[ 1079.793565][   T30]  handle_pte_fault+0x39eb/0x5ed0
[ 1079.798718][   T30]  ? mark_lock+0x9a/0x360
[ 1079.803105][   T30]  ? __pfx_handle_pte_fault+0x10/0x10
[ 1079.808557][   T30]  ? __lock_acquire+0x1397/0x2100
[ 1079.813635][   T30]  ? __thp_vma_allowable_orders+0x8ff/0x9c0
[ 1079.819972][   T30]  handle_mm_fault+0x1053/0x1ad0
[ 1079.824963][   T30]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1079.830607][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1079.837059][   T30]  ? lock_mm_and_find_vma+0x9c/0x2f0
[ 1079.842372][   T30]  exc_page_fault+0x2b9/0x8b0
[ 1079.847151][   T30]  asm_exc_page_fault+0x26/0x30
[ 1079.852059][   T30] RIP: 0010:strncpy_from_user+0xc8/0x270
[ 1079.857817][   T30] Code: bf 07 00 00 00 4c 89 f6 e8 b5 36 ad fc 49 83 fe 07 0f 86 8b 00 00 00 4c 89 34 24 49 c7 c5 f8 ff ff ff 45 31 e4 48 8b 44 24 08 <4e> 8b 34 20 48 b8 ff fe fe fe fe fe fe fe 49 8d 2c 06 4c 89 f3 48
[ 1079.877661][   T30] RSP: 0018:ffffc900032b7cb0 EFLAGS: 00050246
[ 1079.883789][   T30] RAX: 0000000020022ff6 RBX: 0000000020022ff6 RCX: ffff88802dabda00
[ 1079.891844][   T30] RDX: ffffc90011955000 RSI: 0000000000000fe0 RDI: 0000000000000007
[ 1079.900018][   T30] RBP: ffff888059b86620 R08: ffffffff84f2420b R09: 1ffffffff2030a4e
[ 1079.908068][   T30] R10: dffffc0000000000 R11: fffffbfff2030a4f R12: 0000000000000000
[ 1079.916144][   T30] R13: fffffffffffffff8 R14: 0000000000000fe0 R15: ffff888059b86620
[ 1079.924715][   T30]  ? strncpy_from_user+0xab/0x270
[ 1079.929881][   T30]  getname_flags+0xf1/0x540
[ 1079.934444][   T30]  do_sys_openat2+0xd2/0x1d0
[ 1079.939135][   T30]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1079.944371][   T30]  __x64_sys_open+0x225/0x270
[ 1079.949131][   T30]  ? __pfx___x64_sys_open+0x10/0x10
[ 1079.954352][   T30]  ? exc_page_fault+0x590/0x8b0
[ 1079.959361][   T30]  ? do_syscall_64+0xb6/0x230
[ 1079.964069][   T30]  do_syscall_64+0xf3/0x230
[ 1079.968687][   T30]  ? clear_bhb_loop+0x35/0x90
[ 1079.973388][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1079.986078][   T30] RIP: 0033:0x7f05ccb85d29
[ 1079.990541][   T30] RSP: 002b:00007f05cd97c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 1079.999495][   T30] RAX: ffffffffffffffda RBX: 00007f05ccd76080 RCX: 00007f05ccb85d29
[ 1080.007551][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020022ff6
[ 1080.015554][   T30] RBP: 00007f05ccc01aa8 R08: 0000000000000000 R09: 0000000000000000
[ 1080.023972][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1080.032273][   T30] R13: 0000000000000001 R14: 00007f05ccd76080 R15: 00007ffc4b139968
[ 1080.040527][   T30]  </TASK>
[ 1080.043578][   T30] INFO: task syz.0.2544:15233 blocked for more than 143 seconds.
[ 1080.051428][   T30]       Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[ 1080.059160][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1080.067945][   T30] task:syz.0.2544      state:D stack:25520 pid:15233 tgid:15227 ppid:5820   flags:0x00000004
[ 1080.078290][   T30] Call Trace:
[ 1080.081590][   T30]  <TASK>
[ 1080.084577][   T30]  __schedule+0x17fb/0x4be0
[ 1080.089409][   T30]  ? __pfx___schedule+0x10/0x10
[ 1080.094302][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1080.099728][   T30]  ? schedule+0x90/0x320
[ 1080.104011][   T30]  schedule+0x14b/0x320
[ 1080.108537][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1080.115188][   T30]  rwsem_down_write_slowpath+0xeee/0x13b0
[ 1080.121045][   T30]  ? rwsem_down_write_slowpath+0xa09/0x13b0
[ 1080.127335][   T30]  ? __pfx_rwsem_down_write_slowpath+0x10/0x10
[ 1080.133855][   T30]  ? __pfx_lock_acquire+0x10/0x10
[ 1080.139162][   T30]  ? __might_fault+0xaa/0x120
[ 1080.143877][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1080.149067][   T30]  down_write+0x1d7/0x220
[ 1080.153429][   T30]  ? __pfx_down_write+0x10/0x10
[ 1080.158662][   T30]  ? __might_fault+0xc6/0x120
[ 1080.163380][   T30]  blkdev_common_ioctl+0x14f3/0x2460
[ 1080.168805][   T30]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[ 1080.174467][   T30]  ? tomoyo_path_number_perm+0x206/0x860
[ 1080.180220][   T30]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1080.186331][   T30]  ? __asan_memset+0x23/0x50
[ 1080.190958][   T30]  ? smack_file_ioctl+0x29e/0x3a0
[ 1080.201331][   T30]  ? __pfx_smack_file_ioctl+0x10/0x10
[ 1080.208412][   T30]  ? file_to_blk_mode+0xcc/0x140
[ 1080.213387][   T30]  blkdev_ioctl+0x4ca/0x6a0
[ 1080.218020][   T30]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1080.223068][   T30]  ? __pfx_blkdev_ioctl+0x10/0x10
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1080.228500][   T30]  __se_sys_ioctl+0xf5/0x170
[ 1080.233435][   T30]  do_syscall_64+0xf3/0x230
[ 1080.247188][   T30]  ? clear_bhb_loop+0x35/0x90
[ 1080.251998][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1080.267267][   T30] RIP: 0033:0x7f38acf85d29
[ 1080.274143][   T30] RSP: 002b:00007f38addd6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1080.282849][   T30] RAX: ffffffffffffffda RBX: 00007f38ad176160 RCX: 00007f38acf85d29
[ 1080.291206][   T30] RDX: 0000000020000240 RSI: 000000000000127f RDI: 000000000000000a
[ 1080.299302][   T30] RBP: 00007f38ad001aa8 R08: 0000000000000000 R09: 0000000000000000
[ 1080.318298][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1080.364452][   T30] R13: 0000000000000000 R14: 00007f38ad176160 R15: 00007ffec2333ed8
[ 1080.376129][   T30]  </TASK>
[ 1080.379228][   T30] INFO: task syz.8.2580:15360 blocked for more than 144 seconds.
[ 1080.387066][   T30]       Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[ 1080.394715][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1080.403458][   T30] task:syz.8.2580      state:D stack:24128 pid:15360 tgid:15360 ppid:14813  flags:0x00000004
[ 1080.413767][   T30] Call Trace:
[ 1080.417099][   T30]  <TASK>
[ 1080.420045][   T30]  __schedule+0x17fb/0x4be0
[ 1080.424612][   T30]  ? __pfx___schedule+0x10/0x10
[ 1080.429874][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1080.436175][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1080.442194][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1080.448751][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[ 1080.453901][   T30]  ? schedule+0x90/0x320
[ 1080.458266][   T30]  schedule+0x14b/0x320
[ 1080.462473][   T30]  ? down_read+0x6a5/0xa40
[ 1080.467118][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1080.472610][   T30]  down_read+0x705/0xa40
[ 1080.476985][   T30]  ? __pfx_down_read+0x10/0x10
[ 1080.481782][   T30]  ? release_fault_lock+0x163/0x230
[ 1080.487081][   T30]  ? release_fault_lock+0xa6/0x230
[ 1080.492229][   T30]  page_cache_ra_unbounded+0x142/0x720
[ 1080.497828][   T30]  do_sync_mmap_readahead+0x499/0x970
[ 1080.503235][   T30]  ? __pfx_do_sync_mmap_readahead+0x10/0x10
[ 1080.509232][   T30]  ? count_memcg_event_mm+0x90/0x420
[ 1080.514543][   T30]  ? __filemap_get_folio+0x848/0x940
[ 1080.520128][   T30]  filemap_fault+0x8a9/0x1490
[ 1080.524837][   T30]  ? pte_alloc_one+0x3c7/0x510
[ 1080.529703][   T30]  ? __pfx_filemap_fault+0x10/0x10
[ 1080.536239][   T30]  ? __pfx_pte_alloc_one+0x10/0x10
[ 1080.541407][   T30]  ? __pfx_validate_chain+0x10/0x10
[ 1080.546738][   T30]  __do_fault+0x135/0x390
[ 1080.551102][   T30]  handle_pte_fault+0xfcf/0x5ed0
[ 1080.556122][   T30]  ? __free_object+0x548/0x760
[ 1080.560919][   T30]  ? mark_lock+0x9a/0x360
[ 1080.565272][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[ 1080.570552][   T30]  ? __pfx_handle_pte_fault+0x10/0x10
[ 1080.575955][   T30]  ? __lock_acquire+0x1397/0x2100
[ 1080.581141][   T30]  ? reacquire_held_locks+0x3eb/0x690
[ 1080.586633][   T30]  ? lock_vma_under_rcu+0x34b/0x790
[ 1080.591881][   T30]  ? __thp_vma_allowable_orders+0x8ff/0x9c0
[ 1080.597908][   T30]  handle_mm_fault+0x1053/0x1ad0
[ 1080.602902][   T30]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1080.608279][   T30]  ? lock_vma_under_rcu+0x602/0x790
[ 1080.613501][   T30]  ? lock_vma_under_rcu+0x1dd/0x790
[ 1080.618797][   T30]  ? exc_page_fault+0x113/0x8b0
[ 1080.623679][   T30]  exc_page_fault+0x459/0x8b0
[ 1080.628453][   T30]  asm_exc_page_fault+0x26/0x30
[ 1080.633329][   T30] RIP: 0033:0x7f2308a4cc41
[ 1080.638479][   T30] RSP: 002b:00007ffc9d98df30 EFLAGS: 00010246
[ 1080.644579][   T30] RAX: 0000000020008000 RBX: 0000000000000004 RCX: 0000000000000000
[ 1080.653355][   T30] RDX: 0000000000000015 RSI: 0000000000000000 RDI: 0000555594b193c8
[ 1080.661446][   T30] RBP: 00007ffc9d98e048 R08: 0000000000000000 R09: 0000000000000000
[ 1080.669528][   T30] R10: 0000000000000000 R11: 0000000000000000 R12: 00000000000e4823
[ 1080.677625][   T30] R13: 00007f2308d76080 R14: 0000000000000032 R15: fffffffffffffffe
[ 1080.685643][   T30]  </TASK>
[ 1080.688783][   T30] 
[ 1080.688783][   T30] Showing all locks held in the system:
[ 1080.696589][   T30] 1 lock held by khungtaskd/30:
[ 1080.701455][   T30]  #0: ffffffff8e937ae0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x55/0x2a0
[ 1080.711455][   T30] 2 locks held by getty/5579:
[ 1080.716352][   T30]  #0: ffff88803118b0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1080.726336][   T30]  #1: ffffc90002fde2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x6a6/0x1e00
[ 1080.736565][   T30] 1 lock held by syz-executor/5825:
[ 1080.743195][   T30] 3 locks held by kworker/1:4/5873:
[ 1080.748503][   T30]  #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[ 1080.759894][   T30]  #1: ffffc900041a7d00 ((fqdir_free_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[ 1080.766198][    C1] syz_tun: tun_net_xmit 86
[ 1080.771019][   T30]  #2: ffffffff8e93cec0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x530
[ 1080.785455][   T30] 2 locks held by kworker/u8:16/12198:
[ 1080.790997][   T30]  #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[ 1080.811364][   T30]  #1: ffffc9000341fd00 ((work_completion)(&sub_info->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[ 1080.823841][   T30] 5 locks held by kworker/u8:19/12201:
[ 1080.829577][   T30] 2 locks held by kworker/u8:21/12203:
[ 1080.835058][   T30] 2 locks held by syz.6.2400/14647:
[ 1080.840655][   T30] 1 lock held by syz.6.2400/14649:
[ 1080.848908][   T30]  #0: ffff888148dbce40 (mapping.invalidate_lock#2){++++}-{4:4}, at: filemap_fault+0xb3e/0x1490
[ 1080.859473][   T30] 1 lock held by syz.6.2400/14650:
[ 1080.864607][   T30]  #0: ffff888148dbce40 (mapping.invalidate_lock#2){++++}-{4:4}, at: filemap_fault+0xb3e/0x1490
[ 1080.875184][   T30] 1 lock held by syz.6.2400/14655:
[ 1080.880368][   T30] 1 lock held by syz.6.2400/14660:
[ 1080.885500][   T30] 1 lock held by syz.6.2400/14666:
[ 1080.890680][   T30] 1 lock held by syz.0.2544/15233:
[ 1080.895809][   T30]  #0: ffff888148dbce40 (mapping.invalidate_lock#2){++++}-{4:4}, at: blkdev_common_ioctl+0x14f3/0x2460
[ 1080.907114][   T30] 2 locks held by syz-executor/15313:
[ 1080.912509][   T30] 1 lock held by syz.8.2580/15360:
[ 1080.917733][   T30]  #0: ffff888148dbce40 (mapping.invalidate_lock#2){++++}-{4:4}, at: page_cache_ra_unbounded+0x142/0x720
[ 1080.929091][   T30] 1 lock held by syz-executor/15509:
[ 1080.934390][   T30] 3 locks held by kworker/0:2/15900:
[ 1080.939769][   T30] 1 lock held by syz.5.2848/16685:
[ 1080.946186][   T30]  #0: ffff888148dbce40 (mapping.invalidate_lock#2){++++}-{4:4}, at: page_cache_ra_unbounded+0x142/0x720
[ 1080.957559][   T30] 1 lock held by syz-executor/16844:
[ 1080.962861][   T30]  #0: ffffffff8e93cff8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x451/0x830
[ 1080.974345][   T30] 
[ 1080.976817][   T30] =============================================
[ 1080.976817][   T30] 
[ 1080.985250][   T30] NMI backtrace for cpu 0
[ 1080.989584][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[ 1081.000077][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1081.010126][   T30] Call Trace:
[ 1081.013398][   T30]  <TASK>
[ 1081.016327][   T30]  dump_stack_lvl+0x241/0x360
[ 1081.021007][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1081.026204][   T30]  ? __pfx__printk+0x10/0x10
[ 1081.030796][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[ 1081.035736][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1081.041190][   T30]  ? _printk+0xd5/0x120
[ 1081.045344][   T30]  ? __pfx__printk+0x10/0x10
[ 1081.049936][   T30]  ? __wake_up_klogd+0xcc/0x110
[ 1081.054793][   T30]  ? __pfx__printk+0x10/0x10
[ 1081.059384][   T30]  ? __rcu_read_unlock+0xa1/0x110
[ 1081.064405][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1081.070386][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[ 1081.076368][   T30]  watchdog+0xff6/0x1040
[ 1081.080606][   T30]  ? watchdog+0x1ea/0x1040
[ 1081.085022][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1081.089694][   T30]  kthread+0x2f0/0x390
[ 1081.093760][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1081.098430][   T30]  ? __pfx_kthread+0x10/0x10
[ 1081.103020][   T30]  ret_from_fork+0x4b/0x80
[ 1081.107431][   T30]  ? __pfx_kthread+0x10/0x10
[ 1081.112019][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1081.116792][   T30]  </TASK>
[ 1081.120997][   T30] Sending NMI from CPU 0 to CPUs 1:
[ 1081.126906][    C1] NMI backtrace for cpu 1
[ 1081.126920][    C1] CPU: 1 UID: 0 PID: 12203 Comm: kworker/u8:21 Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[ 1081.126940][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1081.126952][    C1] Workqueue: events_unbound nsim_dev_trap_report_work
[ 1081.126981][    C1] RIP: 0010:unwind_next_frame+0x5f/0x22d0
[ 1081.127001][    C1] Code: 20 00 74 08 48 89 df e8 bf a7 b7 00 48 89 5c 24 18 4d 8b 75 48 49 8d 6d 38 48 89 e8 48 c1 e8 03 48 89 44 24 58 42 80 3c 20 00 <74> 08 48 89 ef e8 97 a7 b7 00 49 8b 4d 38 4c 89 eb 48 c1 eb 03 42
[ 1081.127016][    C1] RSP: 0018:ffffc900033974f0 EFLAGS: 00000246
[ 1081.127031][    C1] RAX: 1ffff92000672ebf RBX: ffffc90003397608 RCX: ffffffff91774000
[ 1081.127044][    C1] RDX: dffffc0000000000 RSI: ffffffff81f7c389 RDI: ffffc900033975c0
[ 1081.127058][    C1] RBP: ffffc900033975f8 R08: 0000000000000002 R09: ffffc900033976b0
[ 1081.127071][    C1] R10: ffffc90003397610 R11: ffffffff818b39d0 R12: dffffc0000000000
[ 1081.127084][    C1] R13: ffffc900033975c0 R14: ffffffff81f7c389 R15: 0000000000000000
[ 1081.127096][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[ 1081.127111][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1081.127124][    C1] CR2: 00007fb21f5b4440 CR3: 000000000e736000 CR4: 00000000003526f0
[ 1081.127139][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1081.127150][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1081.127162][    C1] Call Trace:
[ 1081.127168][    C1]  <NMI>
[ 1081.127176][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 1081.127195][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1081.127215][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1081.127234][    C1]  ? nmi_handle+0x2a/0x5a0
[ 1081.127260][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1081.127283][    C1]  ? nmi_handle+0x14f/0x5a0
[ 1081.127301][    C1]  ? nmi_handle+0x2a/0x5a0
[ 1081.127320][    C1]  ? unwind_next_frame+0x5f/0x22d0
[ 1081.127336][    C1]  ? default_do_nmi+0x63/0x160
[ 1081.127355][    C1]  ? exc_nmi+0x123/0x1f0
[ 1081.127372][    C1]  ? end_repeat_nmi+0xf/0x53
[ 1081.127387][    C1]  ? kmem_cache_alloc_node_noprof+0x1d9/0x380
[ 1081.127407][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1081.127433][    C1]  ? __init_begin+0x41000/0x41000
[ 1081.127450][    C1]  ? kmem_cache_alloc_node_noprof+0x1d9/0x380
[ 1081.127467][    C1]  ? unwind_next_frame+0x5f/0x22d0
[ 1081.127485][    C1]  ? unwind_next_frame+0x5f/0x22d0
[ 1081.127503][    C1]  ? unwind_next_frame+0x5f/0x22d0
[ 1081.127520][    C1]  </NMI>
[ 1081.127526][    C1]  <TASK>
[ 1081.127537][    C1]  ? __kasan_slab_alloc+0x66/0x80
[ 1081.127559][    C1]  ? kmem_cache_alloc_node_noprof+0x1d9/0x380
[ 1081.127576][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1081.127600][    C1]  arch_stack_walk+0x11c/0x150
[ 1081.127622][    C1]  ? kmem_cache_alloc_node_noprof+0x1d9/0x380
[ 1081.127641][    C1]  stack_trace_save+0x118/0x1d0
[ 1081.127665][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1081.127688][    C1]  ? arch_stack_walk+0x11c/0x150
[ 1081.127708][    C1]  ? ret_from_fork_asm+0x1a/0x30
[ 1081.127740][    C1]  kasan_save_track+0x3f/0x80
[ 1081.127759][    C1]  ? kasan_save_track+0x3f/0x80
[ 1081.127778][    C1]  ? __kasan_slab_alloc+0x66/0x80
[ 1081.127799][    C1]  ? kmem_cache_alloc_node_noprof+0x1d9/0x380
[ 1081.127837][    C1]  ? kmem_cache_alloc_node_noprof+0x2a8/0x380
[ 1081.127855][    C1]  __kasan_slab_alloc+0x66/0x80
[ 1081.127877][    C1]  kmem_cache_alloc_node_noprof+0x1d9/0x380
[ 1081.127893][    C1]  ? __alloc_skb+0x1c3/0x440
[ 1081.127911][    C1]  __alloc_skb+0x1c3/0x440
[ 1081.127928][    C1]  ? kasan_quarantine_put+0xdc/0x230
[ 1081.127950][    C1]  ? __pfx___alloc_skb+0x10/0x10
[ 1081.127967][    C1]  ? kmem_cache_free+0x195/0x410
[ 1081.127983][    C1]  ? nsim_dev_trap_report_work+0x7cc/0xb50
[ 1081.128008][    C1]  nsim_dev_trap_report_work+0x261/0xb50
[ 1081.128038][    C1]  ? process_scheduled_works+0x976/0x1840
[ 1081.128063][    C1]  process_scheduled_works+0xa66/0x1840
[ 1081.128099][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1081.128127][    C1]  ? assign_work+0x364/0x3d0
[ 1081.128153][    C1]  worker_thread+0x870/0xd30
[ 1081.128175][    C1]  ? __kthread_parkme+0x169/0x1d0
[ 1081.128193][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1081.128209][    C1]  kthread+0x2f0/0x390
[ 1081.128226][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1081.128241][    C1]  ? __pfx_kthread+0x10/0x10
[ 1081.128259][    C1]  ret_from_fork+0x4b/0x80
[ 1081.128274][    C1]  ? __pfx_kthread+0x10/0x10
[ 1081.128292][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1081.128321][    C1]  </TASK>
[ 1081.128999][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[ 1081.569792][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.13.0-rc4-syzkaller-00004-gf07044dd0df0 #0
[ 1081.580295][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1081.590346][   T30] Call Trace:
[ 1081.593637][   T30]  <TASK>
[ 1081.596564][   T30]  dump_stack_lvl+0x241/0x360
[ 1081.601252][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1081.606446][   T30]  ? __pfx__printk+0x10/0x10
[ 1081.611029][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1081.617018][   T30]  ? vscnprintf+0x5d/0x90
[ 1081.621358][   T30]  panic+0x349/0x880
[ 1081.625250][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 1081.631405][   T30]  ? __pfx_panic+0x10/0x10
[ 1081.635812][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[ 1081.641186][   T30]  ? __irq_work_queue_local+0x137/0x410
[ 1081.646728][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[ 1081.652096][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 1081.658244][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[ 1081.664399][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[ 1081.670554][   T30]  watchdog+0x1035/0x1040
[ 1081.674906][   T30]  ? watchdog+0x1ea/0x1040
[ 1081.679343][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1081.684032][   T30]  kthread+0x2f0/0x390
[ 1081.688107][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1081.692870][   T30]  ? __pfx_kthread+0x10/0x10
[ 1081.697463][   T30]  ret_from_fork+0x4b/0x80
[ 1081.701873][   T30]  ? __pfx_kthread+0x10/0x10
[ 1081.706461][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1081.711236][   T30]  </TASK>
[ 1081.714497][   T30] Kernel Offset: disabled
[ 1081.718815][   T30] Rebooting in 86400 seconds..