last executing test programs:

22m35.353909599s ago: executing program 32 (id=812):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000040)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_DELRULE={0x1c, 0x8, 0xa, 0x101, 0x0, 0x0, {0x3, 0x0, 0x2}, [@NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x1}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x44}}, 0x20040000)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x6, 0x0, 0x8, {}, {}, {0x4, 0x1, 0x1}, 0x1, @can={{0x2}, 0x4, 0x2, 0x0, 0x0, "89234a8b7df73109"}}, 0x48}}, 0x40001)
r1 = syz_open_dev$MSR(&(0x7f0000000240), 0x80000000, 0x0) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000280), r2) (async)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000300), r2)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_SET(r2, &(0x7f0000000600)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000340)={0x248, r4, 0x20, 0x70bd2a, 0x25dfdbfc, {}, [{{@pci={{0x8}, {0x11}}, {0x8}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0xf43f}, {0x8, 0x15, 0x7fffffff}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x1}, {0x6, 0x11, 0x8}, {0x8, 0x15, 0x6d27a806}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x10000}, {0x6, 0x11, 0x9}, {0x8, 0x15, 0x9}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x4}, {0x6, 0x11, 0x1}, {0x8, 0x15, 0x4}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0xdc33}, {0x6, 0x11, 0x7}, {0x8, 0x15, 0x8}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x1}, {0x6, 0x11, 0x1}, {0x8, 0x15, 0x80000000}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x1}, {0x8}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x96}, {0x6, 0x11, 0x896}, {0x8, 0x15, 0x5}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x3}, {0x6, 0x11, 0x1000}, {0x8, 0x15, 0x6}}]}, 0x248}, 0x1, 0x0, 0x0, 0x4}, 0x4000000)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), r2)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000740)={&(0x7f0000000680)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000700)={&(0x7f00000006c0)=@newtfilter={0x2c, 0x2c, 0x200, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x3, 0xfff1}, {0xfff3, 0x9}, {0xb}}, [@TCA_RATE={0x6, 0x5, {0x8, 0x4}}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc085}, 0x2402c004)
read$msr(r1, &(0x7f0000000780)=""/153, 0x99) (async)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84) (async)
sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f0000000a00)={&(0x7f0000000840)={0x10, 0x0, 0x0, 0x402}, 0xc, &(0x7f00000009c0)={&(0x7f0000000880)={0x120, r5, 0x100, 0x70bd2d, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0xa49, 0xb}}}}, [@NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_DISABLE_HT={0x4}, @NL80211_ATTR_WANT_1X_4WAY_HS={0x4}, @crypto_settings=[@NL80211_ATTR_SAE_PASSWORD={0x66, 0x115, "9dd8eaf76d503dba08b6e6f5f6f8b00a7f1f0617774be9fbb381c160b08fcda4a3deb48114feb2a503ba46b80057b9ac7676f1dd1f98cc65426eac54cec539f2b59e814474cf9a24811feeacaae57e04531edf69c5ac4f7e0f50eb003e6aade51ec6"}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x8864}, @NL80211_ATTR_AKM_SUITES={0x18, 0x4c, [0xfac0e, 0xfac12, 0xfac0a, 0xfac07, 0xfac06]}, @NL80211_ATTR_WPA_VERSIONS={0x8}, @NL80211_ATTR_CONTROL_PORT_ETHERTYPE={0x6, 0x66, 0x888e}, @NL80211_ATTR_SOCKET_OWNER={0x4}], @NL80211_ATTR_VHT_CAPABILITY={0x10, 0x9d, {0x100000, {0x2, 0x9a, 0x67, 0x9}}}, @NL80211_ATTR_DISABLE_VHT={0x4}, @NL80211_ATTR_BSS_SELECT={0x38, 0xe3, 0x0, 0x1, {0x34, 0x0, [@NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0xad}, @NL80211_BSS_SELECT_ATTR_RSSI={0x4}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0x6}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0x6}, @NL80211_BSS_SELECT_ATTR_BAND_PREF={0x8, 0x2, 0x1}, @NL80211_BSS_SELECT_ATTR_RSSI_ADJUST={0x6, 0x3, {0x0, 0x1}}, @NL80211_BSS_SELECT_ATTR_RSSI={0x4}]}}, @NL80211_ATTR_DISABLE_VHT={0x4}, @NL80211_ATTR_AUTH_TYPE={0x8, 0x35, 0x6}]}, 0x120}, 0x1, 0x0, 0x0, 0x4006}, 0x4000)
madvise(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0xf) (async)
close(r7) (async)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x0)
ioctl$UFFDIO_CONTINUE(r2, 0xc020aa07, &(0x7f0000000a40)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x1}) (async)
r8 = epoll_create(0x4)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r1, &(0x7f0000000a80)={0x40000001}) (async)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r2, &(0x7f0000000b80)={&(0x7f0000000ac0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000b40)={&(0x7f0000000b00)={0x20, r5, 0x4, 0x70bd26, 0x25dfdbfc, {{}, {@void, @void, @val={0xc, 0x99, {0x2, 0x5b}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x4000040}, 0x20000010) (async)
r9 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000c00), r2)
sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000d80)={&(0x7f0000000bc0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000d40)={&(0x7f0000000c40)={0xe0, r9, 0x400, 0x70bd25, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DEST={0x34, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x9}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e21}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xffffff80}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x3}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x8}]}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x59}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x7}, @IPVS_SVC_ATTR_PROTOCOL={0x6, 0x2, 0x2c}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e22}, @IPVS_SVC_ATTR_PE_NAME={0x8}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x10000}, @IPVS_DEST_ATTR_FWD_METHOD={0x8}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e21}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@mcast2}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x10001}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x1}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_SERVICE={0x14, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x80000000}, @IPVS_SVC_ATTR_SCHED_NAME={0x7, 0x6, 'rr\x00'}]}]}, 0xe0}, 0x1, 0x0, 0x0, 0x80}, 0x20000005)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r6, 0x8933, &(0x7f0000000e00)={'wg1\x00', <r10=>0x0})
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f0000001200)={&(0x7f0000000dc0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000011c0)={&(0x7f0000000e40)={0x37c, r3, 0x901, 0x70bd27, 0x25dfdbff, {}, [@WGDEVICE_A_PEERS={0x360, 0x8, 0x0, 0x1, [{0x260, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x1e4, 0x9, 0x0, 0x1, [{0x88, 0x0, 0x0, 0x1, [@ipv6={{0x6}, {0x14, 0x2, @private0={0xfc, 0x0, '\x00', 0x1}}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x1a}}, {0x5, 0x3, 0x1}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}]}, {0xac, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv6={{0x6}, {0x14, 0x2, @empty}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @loopback}, {0x5}}, @ipv4={{0x6}, {0x8, 0x2, @remote}, {0x5, 0x3, 0x2}}]}, {0xac, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}, {0x5, 0x3, 0x32}}, @ipv6={{0x6}, {0x14, 0x2, @loopback}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @empty}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @broadcast}, {0x5, 0x3, 0x3}}, @ipv6={{0x6}, {0x14, 0x2, @remote}, {0x5, 0x3, 0x2}}]}]}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x2e}}}, @WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e20, @broadcast}}, @WGPEER_A_PUBLIC_KEY={0x24}]}, {0x30, 0x0, 0x0, 0x1, [@WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x8}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @c_g}]}, {0xcc, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x25}}}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0x94}, @WGPEER_A_PROTOCOL_VERSION={0x8}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e20, @multicast1}}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "87ff7168a7207ebcde3e14fd1c10ffcc93d221265c29710a9ab57f6017015fac"}, @WGPEER_A_ENDPOINT4={0x14, 0x4, {0x2, 0x4e22, @broadcast}}, @WGPEER_A_PERSISTENT_KEEPALIVE_INTERVAL={0x6, 0x5, 0xaaeb}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "5c6bf1b9563f3ab7b77535657275cd3d42e8ea3036587df2d6a35f56200faae6"}]}]}, @WGDEVICE_A_IFINDEX={0x8, 0x1, r10}]}, 0x37c}, 0x1, 0x0, 0x0, 0x80}, 0x81)
unshare(0x40000000) (async)
r11 = open$dir(&(0x7f0000001240)='./file0\x00', 0x400, 0x8b)
r12 = openat(r11, &(0x7f0000001280)='./file0\x00', 0x2, 0x10)
sendmsg$nl_route_sched(r12, &(0x7f0000001380)={&(0x7f00000012c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000001340)={&(0x7f0000001300)=@gettaction={0x20, 0x32, 0x400, 0x70bd28, 0x25dfdbfb, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x0, 0x1}}]}, 0x20}, 0x1, 0x0, 0x0, 0x24000840}, 0x8040) (async)
io_setup(0x2, &(0x7f00000013c0))

18m26.669283723s ago: executing program 33 (id=1566):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = socket$l2tp(0x2, 0x2, 0x73)
socket$inet6_udplite(0xa, 0x2, 0x88)
socket(0x1, 0x803, 0x0)
socket$netlink(0x10, 0x3, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0x14, &(0x7f0000000400)=0x1003, 0x3)
socketpair(0x8, 0x100000005, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
getpeername$packet(r6, &(0x7f0000000000)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r5, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r8}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
connect$unix(r9, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r10, &(0x7f00000006c0)=[{{&(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f00000005c0)=[{&(0x7f0000000240)="c20afee92f670a1099b34217910b8e0536a607b49577095ae34aa7eeed728a02931f1d961aac48521803802966b278bb70e15c1694d2a9705c9f0163ca62c2642c491a058cf0a673680df5bf9f00097a6d92b07335ea78497bc1a7f19e78be59e6eb1b72318d81c15218d3834c2e7c6261e55816c2bba38b8bb566ca9c9911e3a5edf23a99ace357b471a14c04c77a363ba4acfd2abd9b426e74709d9785d8fb6bd7752b59d220272e6f36132f2489f7c95ad03b3ce813c39853", 0xba}, {&(0x7f0000000780)="a133a94635c16b0673fd2f33a69d0eb86ce98806de0f215da10acb8bd17d920bf383d5225a6a08c6e8fd7a6601005ff6f2f17e4c37eedee5c1a30f62a5230e78f8d90eacc19d241a863ce3910a30f9262272659783845d37da7032167b2425a9459a0c145f42b00e70036f16f51aeed597e3293ff90eaa6639cbe1d2c56c6cca4ad339d2fbf57dab58bfc2ab18a2ce77848d86578757b9ad8893a883347bfdba83dc4922f275e24d871e5836b5ff13617a4a14c9c1feea15b4134bb919fe92ebf5d83571f34498b084dfafd51127928a0ca06fbe6f5c47a372a0085db0a62c9656b796efb1bbedf071fa9b304c36c5eadde2574651131752d9dc838cb36e376eed7a225f6a51b89c0a7cb5ec7f47e10ae452e9f2518ff62ce7dc9ad7f44f69e57d2c81e7e3bb76b8951392593f7f315cd238d9db4b3b15301117f8eb2e472d9530763e557e74cfd3ed810498d7cb816db3227b9e00b2e769511be1224695ee53373493a79d1311b6716a6193be91cf6fc9eea4caca35afa4947bee8498a31d26ed25647101945cb1c06a35be02f299eb9dec11c0b37ef0b8efbe34c670424d8c8f3f4f9155708720b7982d5bc64c0d08498813f02aa60a5956e202a2dea4ed85eb7ddd33e75818975e072b4e3a42654463b14917cd0ad86a59f53b4ed675f2f44d71ccb8d975e9374ae608155270462da0d125289f25f0d769ba755cd83ed43da936c84362c444a4d49b2e9c6037bb65ea4fdc08b78014744095076a5249e37b1bc7f8d6e58b29a2103f900c784153305fb4682694e0e63454d78206cadc16b634cda3b1517794e750394568224176521e283f9926b9b1b8e7b11a58c165d622a05c68b05f6cb85a66814e87bf544e5a3dbf3a71b6be70b2c03cf63311509cc2f29e11ff34d2fb98a20fe1f084f89910186c719c60e0791d54d0ccdbe1116b91c4ac98d25ed79977f4d3503ef76a696ffff4d7d315b3a76191eaafa87febf653a2569d7232dab57b5dc5f8f7bdcc79846814bdd64292be51623fd9f0bba60db0189d83440c4bb6302a1ca154f1a4ed7681d3c95410932371cbf3693d91502bc909e9f4179d817278f6c1f12b5ceb9f4f88bd008a414dd9f9b81f54489af223b13e20c0d04c50309853ef6a1991e4d4ef1c8a8668332c2f9b42199c41b2a4d8aae8f6a319e181d1572ef008cf3c8fc7f3998c14f5c468c96ec4d4c5f9d75aaf63cc4188aaebdf56bb349c9d999fa370ba758a4fb9405699a037005842d62839cb86bfa71e2d2d7706c6529535b243ad6ffbcb7a5c3a49020db09bfb0f37b28dca8756c2f0112fb4669f5868a4a6627e1eb33f4a99844541ea92d5f596d4e5bda0a4929b74e7266918cbf37e6d3a4f5bbf41472067a8e27f4af74b49919bdbf367aacd86bf6b9e437ebb97fedbe35491ab9c2a5e37c3fd03a5ef5ee212973f307cb6d1641ec597b4db09f84e2f8a9e5874521cda1ebda8dbc85af863cfcf49718acc66f0e8e25ae43800e36e8e8a0037876287388eda24bb8a8e8e3e418e83d82161e8435fdd1c647a824b2fefb1f9d2787b0d1e433ed2593a11a44de10d11cd702a62cf77ba090d9e09f270263092c09ab3a9493f2bff5397503c07efe3821e8b816d60354569f9aadfc70cd0842a58997fefe53bfe1361ccde49596012c8fae13d9e7dcbd3cf315346f5031d51ae04acf2c6f0e8aac2e79b18b9b0290a7c851e7b1cf0aa053da0a76be05db5eb223ffa60df04523357d92a54c22690bed7114d5e52465439a47a2259d83cce8934eb0bd41b69e6a0e4bc974f8872dfec4ee6555735fdbc0f5d74f779409dd97c00ae30708da479d26df945c5b9a1ce1b80f1fbcaef8f0cf97324398e53f0209b49ced99f8a3c327aa1ac4778d9d4293498b04f24e6cc44d99055e5a72fe330e57cfa5af52a3d54f2008e2f6dec88c03fdcc3db627024bcc5b14b50fb03d0aacdac60552d2aec11c49402c6be5e3a0b195444febb737996905c98a687bb5599d3b7713a1607d5946274053cc37c08bf755cd5408f2309c7bdd06b90bde61896efd9bc936e529441349d3ef5270cefda780112d1ee7a71dbc8007d1c38b5524fcc7a37fba9cbd530019fddd7a8c32334de25eec6ba07fd3280ab5da07ceaf7d8d36b460c19d8af809e3cb12bbd54e8748017fe7262970c7b15544b5bf0b72d19426a6d9995a2ce8102504706cd6ed771be39a153c20c028ca03b86c5384426dc1d76403342ea5638ee78bd1b85d8e48bfb8eb178a62549a8d1be2068de76b5b87ec6434d7a821d9041dc36444489417a6f16f8b12c594902eba6db9728bb1c135f985115f83c8ee264a179a5485fd29ff43e372dbb1e12cf6ca8cc03aa2decc50c50dba785f30153bb4be72635c5fce41dacd9d3235a67b3b0c6ee8787f26bbab947d4514eae664799160a7d340ac825a7bd4ae6f53ec94e4a423c47e89832206d389cc57a38ba9cdb1b97ce5840a436d1eb06b9680a001b9afb49bd9fb594a75e36be6eb59f43fb45e2773ce9d64a09a1ce4d84ab96a48250cf8ff821c172392285c4f139527fb63dfdf06314a0e13796c889e9b6854dd4bfa3f7b3e72a24c294fe340132c75f35e47a66db875fd5e4b32fc49e86893f90dc699a17f3c1a66dc0e7998594100be98c8d566ff15156a106641b9b82773f2cedb6d3af85e162be7a1e46693ed1d31b6fe5eca151ca8a379351941c058848875588da08f9397f6ee9c218d6b7f8518d7018ef44dd7f56215ebca0ff8d5138dae410318e5618f6e2601707cefd60ae5ab43ff65b7310b3ab977c2336c1726a2cf9e567068004b496d207127711e24f8ee24d08faa622a44b74b2365739f3ce4af973c11e8aadd978ed43261dc13e9e62909f370c39a775090434774e91be6600ccb1723422016c3ae35e61bbd740d8d9208ec5b705109cea3b3556b26bab2e47b7bb19281967f0aeb2cec332b48bb64f739d7ba0760a5e02e782c4ef092ff9dfe0421ae3c57f38a950fa3bde77350addcd8e94586bdb352785bf5afc1da08b213ed8e946271e6b990b74feb13e50f9427d34bca11e5c5321f71b710976405d7357f5aa25e677a6a8aed384d6075bc0370013a35fe0ddc57bfd9a3bbffc00a0224b9181cebb9237d4e8a2091a82abe17ab71b557518989266f859c83427476399008fd71f178f231244e8921b724f54cfcd738baf6553a4a8d40934ce9624b2bc36af51b22793e8b09c4f59bc4b3b478996e09af6e48691f625c616497728f14f297e27bfffa5612e51d885c5fcf8060017d62ea73feb2713f72d4557faa18f221b5cd6ad5038300a22d7fbd0ea264809634e897168be9ec19ab8872c3cb5a7504abd5a1a550bb2bd39a6f17a8e4d2b3fc2587e04b91088da779d7fe7741cb85aad5c87b519dd1558ac49b0934e9c57c91e2e3bfee708560161945db4368c24b8e574e8a4cc431ee71f2c1da3d0d57641eebdd03184bb5c59d873710b6046ec9ca19a2a9720864b85629720cfcf08ea2db0a200722011333d39043d8b92c1d8cf308bcbda567b560d843fc20705fb63d27fed3128e9a2c7b763d80597a4bbd7aa57a77b84e9e5c18d6bece0ebc7e7b123d426f32e317eb4466d3d4fe60d83162c99c76ef10fdb69f20e2d9514aa2583a58e20da9acfb250f9ab740f46386724ffe67eddafabf381f91b0aa5563a4a2f717024577cd0f584a4bc592e34c4b971417d256d131e42368b05c0d5486ada1837f081ca93c2ca14b6f1b1f48339f54df7f0348ca105254b6c38d85956274cf5d8e872148cc6b5c8508d03fb1c3f7de40e8438575566d8b708cf25c71140ecdb985661155eaf2a45056ae41b26d2c9b5578309a096b1bd64ac531451e9406a24b92a35f2967356aed044bd933d705b2929059ae827918baa3fb237b57cdc8b045504ed2cea36a99c4e28f5493848626fbbc82912189f8f4b768ae8af0cf364f2d7bdfb075b61ae60bf28a6abdcec670afdb456f5afc169539ce87757d192effdcd47ef3c8689a141624bd761bc5b0dbf8435653ff22af3c495e13d9082968c36f273712e4202509c56024fd93b7aec066521c2d77f0fb8a621f31515796f0c420721181c529ab0385c521b0a4d715c2a41b61740c93824f8668f7776f17b3ff665ce1fdbcb8c2d3943997d3053f7b66f1135be1f65c5f6bfeb2888d4e6428787485c0ea9c013049951c1575103c7e73d2555b07c6a6a62e87eab5c5faa74fd0877af010d5aa73997db4ad3fbc605f8c4d116b1eb0b7388ae5a19f451e1dac72548584198d02fe78d0cd40febeb080144eacaec91f82d5591bc7b4699190ebea45d79985b97d3fce923e9fcf30f53df009472e89228e2ad33c35649767be5d795ba9fb4c815c0f4a78ca12603e9936abe2e5812c99302e0aec5a10ddf66b8bfdf3e71678d2895f2aa286de7d4343d6e378e99eef51827c4de0742e23ba0232c10da8c14f009fdc3fe135e42fc23fd8538dccf90092b2d03a24789e830b472f401b86191b2107c891da4da9fbdaf58a03fdce4abce87bf0d26544d3fd46b9d2628e0368c3aef5a4a9b7b4456bd989fb4c8046dca22c80249909f11979fbcdedf1e2da71f443f357e19da2fa0df98a0c1f5f9ac3ca21380f2a6d0b4a4292313fbd1ad432a3eb2c13cd93b5d1510905ebfd5a981af96ffa8e7f05d329b212bd8e3999a4bdf4b4123725bfca1976d6be3c31628661a2f0c5538a93d373be5347978982bca657e067e907d7880e987e7d70e009a5488dc5aa16b3459c356a2df7597bfc21b84fc003c9e2fd7baea4627c9277aa867847f2db8e06935111cf4c8983045f589a14957c6888306aeeebf27082d29c43181c4b2725060e78bb5148e12fa537fcb0c1793cd6e66ed1eeaa48cc13178361ea083dd04411effe16a21543c8f92b24d13edd1d85b6429a4267b4e58a38c49a20d0c49a8006b8f915ad02da4e1bce91c891cbc793ba6e3ba1be411180820d544e8e97d632ee5a851a6925ad89627c31888072f40b936404de5f720da830c066b638f04a8802701c431fb5317e60732b72a70a9034238b2b5839fe8131508ee4ac749b5a30cf107580041e169eb3bc5297474d746ec14f3103301eb2c3d49aeddb571f28e2cea976cd1cb61aefc5758dced590c422f780868af42aae1b98189afad7d2a55ce5baa1e540454e66e84f441c31b5229a1045232042c47a799c4b8dd1cc92b04fa4bd950246aa4ff9de7c879fa9784a619dd020d8f9fa7f8d129ab92959f19747b3307fbfd515c4ba16fe99dabc918cfaf698ce6b69e5fc2731d2ca1432b1595b663a60bdfc69e7a687e185e9316090da714c9d28d7dcdb3ddbe8b7a26b449c01c822fcbebd0570519c18266f7f9650781d2bf480f55eafb17730b6ee710c73d670e837f2150954602634293a653e94e44fb6c5882ca9b07dfea74fcd9f372f394e14a4a54407dc83243b00e8e077f34bce721a73799e1a35ee5e801cc87f4caecbcc997395615e6feea8dd91c67322e686848ad7d612a2184a6d80872ec01f3328daaa48adb1a8d7a53cd68faeea09cb0cafc428bbfe718fc96eb0e70cf708bd2df3b8e1838a5bf3fc58e1d5c2247bb8273ccc3d70c41b3ff383c51555439f0db72a158b06f153fb89445308e96dcb8a353eef241251b83c649d76e1dd982f938e57aa9da7e37900868a7cdea9af29d19bd1195cb07cfcba42db09a2245895a6e8e9f7fe61b90c8065c8a9891b981b72609a11a707791887e50df23e9d4fda62581b32a6963927a8dcac11f5cb8e823a190b2aafa70a8", 0x1000}, {&(0x7f0000000300)="06509ff0fbe9b9d38cc628b06f7dc4c907fe19966cad99779c662e665886e8078898f70b6aad196538c739927178ca21fd7009fbc7ad002d0aae8f593198f30556f1692010b256692d7aa9d1", 0x4c}, {&(0x7f0000000480)="b75e03781bf0442ce5422d4373ee3096699e95b2af92ad8eb822fd836c29d354c1bf5f8248165d9f", 0x28}, {&(0x7f0000000500)="900365e309eea2448f4eb174a61ae09e8e39bb3e0a58142aaa61966868e3db509a5a50cec14143f2adb8ecab134e7142f7960b8908ba8a9a896f0223fd8b177fd52225d154c046c497169fede9f30d36ff6f066cb26da6aa32a7eca237709c2e1f8e1462f2b2ee1f37ab2efdeb2e05", 0x6f}, {&(0x7f0000000580)}], 0x6, &(0x7f0000000380)=ANY=[@ANYBLOB="20000000000000000100ebff00000000b6971a0af189", @ANYRES32, @ANYRES32=r1, @ANYRES32=r10, @ANYRES32=r4, @ANYBLOB="30000000000000000100000001000000", @ANYRES32, @ANYRES32=r3, @ANYRES32=r10, @ANYRES32=r4, @ANYRES32=r2, @ANYRES32, @ANYRES32=r4, @ANYRES32=r7], 0x50, 0xfcc967b1050f9780}}], 0x1, 0x0)
recvmmsg(r9, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0x5, 0x0, &(0x7f0000000580)='syzkaller\x00', 0x1000000, 0x0, 0x0, 0x41000, 0x30, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9419}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r11}, 0x10)
creat(&(0x7f00000001c0)='./file0\x00', 0x8)

10m36.053022615s ago: executing program 4 (id=2857):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$TEAM_CMD_OPTIONS_GET(0xffffffffffffffff, &(0x7f0000001200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000011c0)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="cc060000", @ANYRES16=0x0, @ANYBLOB="200028bd7000fcdbdf250200000008000100", @ANYRES32=0x0, @ANYBLOB="bc00028040000100000001006c625f706f72745f737461747300000000000000000000000000000000000000000003000b000000000004004206000000000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006d636173745f72656a6f696e5f696e74657276616c00000000000000000000000500030003000000080004000004000040000100000001007072696f72697479000000000000000000000000000000000000000000000000000003000e000000000004000800000000000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="1802028038000100240001006c625f73746174735f726566726573685f696e74657276616c00000000000000050003000300000008000400ffffff7f3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="4c000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b0000001c0004000d000246060000000004fa9207000000040000000000000038000100240001006e6f746966795f70656572735f636f756e7400000000000000000000000000000500030003000000080004000000000038000100240001006c625f73746174735f726566726573685f696e74657276616c00000000000000050003000300000008000400020000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="38000100240001006e6f746966795f70656572735f696e74657276616c00000000000000000000000500030003000000080004009f00000038000100240001006c625f73746174735f726566726573685f696e74657276616c000000000000000500030003000000080004000100000038000100240001006d636173745f72656a6f696e5f636f756e7400000000000000000000000000000500030003000000080004004000000008000100", @ANYRES32=0x0, @ANYBLOB="9800028054000100240001006270665f686173685f66756e6300000000000000000000000000000000000000050003000b00000024000400ff0708000900000002003101080000000d000107810000000010030903000000400001002400010071756575655f6964000000000000000000000000000000000000000000000000050003000300000008000400006e180008000600", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="6802028040000100240001006c625f706f72745f737461747300000000000000000000000000000000000000050003000b00000008000400af50684e08000600", @ANYRES32=0x0, @ANYBLOB="40000100240001007072696f72697479000000000000000000000000000000000000000000000000050003000e00000008000400d7ffffff08000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b0000000800040003000000080007000000000038000100240001006e6f746966795f70656572735f696e74657276616c0000000000000000000000290003000300000008000400060000003c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="400001002400010071756575655f69640000000000000000000000000000000000000000000000000500030003000000080004000600000008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100656e61626c65640000000000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0, @ANYBLOB="40000100240001006c625f686173685f737461747300000000000000000000000000000000000000050003000b000000080004008900000008000700000000003800010024000100616374697665706f727400000000000000000000000000000000000000000000050003000300000008000400", @ANYRES32=0x0, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB, @ANYRES32=0x0, @ANYBLOB="3c00010024000100757365725f6c696e6b757000000000000000000000000000000000000000000005000300060000000400040008000600", @ANYRES32=0x0], 0x6cc}}, 0x0)
setsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0, 0x9}, 0x8)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x8}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0x2}, 0x0, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r2, 0xffffffffffffffff, 0x0)

10m3.773802154s ago: executing program 2 (id=2925):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x18, 0x7, &(0x7f0000000180)=ANY=[@ANYBLOB="8510000004000000950000000000000018000000000000000000000000000000950000000000000085100000fcffffff95"], &(0x7f00000000c0)='GPL\x00'}, 0x94)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x90000)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r0, 0xe0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8, 0x0, 0x0}}, 0x10)

10m3.594418252s ago: executing program 2 (id=2927):
socket(0x10, 0x3, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x1a1300)
read$FUSE(r4, 0x0, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r6}, 0x10)
io_uring_register$IORING_REGISTER_PBUF_RING(0xffffffffffffffff, 0x16, &(0x7f0000000900)={&(0x7f0000003000)={[{0x0, 0x0, 0x1}]}, 0x1, 0x3}, 0x1)
io_uring_register$IORING_UNREGISTER_PBUF_RING(0xffffffffffffffff, 0x17, &(0x7f0000000f40)={0x0, 0x0, 0x3}, 0x1)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "02880dfb379332f5", "1fd33c81cf7995313c095e00fd6ded74", "62266bd8", "00000000000200"}, 0x28)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000500)={'#! ', './file1'}, 0xb)

9m58.801681528s ago: executing program 2 (id=2935):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xa0740, 0x0)
ioctl$TIOCSIG(r1, 0x40045436, 0x3)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000005c0)='syz_tun\x00', 0x10)
sendto$inet(r0, 0x0, 0x0, 0x24000840, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_extract_tcp_res(&(0x7f0000000000)={0x41424344, <r2=>0x41424344}, 0x34db, 0x8)
mknod$loop(&(0x7f0000000100)='./file0\x00', 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x403, 0x70bd23, 0x0, {0x0, 0x0, 0x0, 0x0, 0xd2656}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0xc}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000610}, 0x0)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/netstat\x00')
read$snapshot(r4, &(0x7f0000000180)=""/136, 0x88)
syz_emit_ethernet(0x3a, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004500002c0067000000069078ac1414bb6401010200004e22", @ANYRES32=0x41424344, @ANYRES32=r2, @ANYBLOB="6c1e000090789ff701000000"], 0x0)

9m56.958443405s ago: executing program 1 (id=2937):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000100)={0x4, <r2=>r0})
ioctl$DMA_BUF_IOCTL_SYNC(r2, 0xc0086202, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000006d000000850000000e"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socket(0x25, 0x5, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r4, 0x0, 0xd}, 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f00000001c0)={0x3000000, 0x388}, 0x0, &(0x7f00000002c0)={0x3ff}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x8}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0x2}, 0x0, 0x0)
setsockopt$packet_tx_ring(r3, 0x107, 0x5, &(0x7f0000000340)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, 0x0, 0x0)
r7 = accept4(r6, 0x0, 0x0, 0x800)
sendmmsg$alg(r7, &(0x7f0000000580)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20004080}], 0x1, 0x30000800)
recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000980)=""/146, 0x92}], 0x1}, 0x20)
futex_waitv(&(0x7f0000000180)=[{0x0, &(0x7f0000000000), 0x2}], 0x1, 0x0, 0x0, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002078316e00000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b7030000000000008500000006000000850000000500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
capset(0x0, 0x0)

9m56.910467532s ago: executing program 2 (id=2938):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149e82, 0x244)
write$cgroup_int(r0, &(0x7f0000000000)=0xfe8e, 0x12)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000040)='veth1_virt_wifi\x00', 0x10)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280), 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x6, 0xb}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000005000000b703000000000000850000000400000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r3}, 0xc)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
socket$unix(0x1, 0x1, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
socket$inet_sctp(0x2, 0x1, 0x84)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r6, 0x400448ca, 0x0)
fcntl$notify(r5, 0x402, 0x6)
syz_80211_inject_frame(&(0x7f00000000c0), &(0x7f0000000100)=ANY=[], 0x36)
bind$bt_hci(r6, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
sendmsg$NFT_BATCH(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000af0010000000a03000000000000000000070000020900010073797a300000000033000600f8790b9617ccc95f5dbd88daf541108690d72cd1c0ebc352ff68d42a8555659c51418d6459c9dfc75c2750b1f5114700f2000600b9ea912bf6ecab61b248579db47bf4a012517f231989e4645d440050b3146bcbcbce0b4035a033a9104f2dbe8e5ab27cd370fd6fe7f47a6ef8eb8e31a078fdcf6e6f7e69de81ba20038ed69af02394e656d3dfb4d4320b2b76fb3a36044e953d768846c39bf843318bc118fd424aba24ed9cfc2966fd249759048e8bac71ee8353e6f1d1e57a0f632498ddc2dddd87620993c8dfa2bb4aa8b39f528f15cc9e8c47358e1129b9744c4721facce7cbaeae3f72b4cb88de6a52624460c34317b75bbc4c3c281d0ccf4ad163e02524cee712354a264b349dff67baa4983398ec92f10da5ea789ba15683315426a00272000008000240000000018700060062a9fd3592c2131f4ddf73e9c1135aedcb47b859c783931d920a82e710b9a61370e4eb4cb4743959a557b049ca2a2df9b7d5ef21efdf4c4d0dbb018b5484a496bd50e5cc885eb013986841d47d43d0e00dfffb55a93bceb7580dd818650ec806cb63e7a80b18e4b1dfd44f7dfef03b978178eb696aa5b397"], 0x294}}, 0x0)
setsockopt$sock_int(r1, 0x1, 0x7, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)

9m56.516988788s ago: executing program 6 (id=2940):
r0 = socket$inet6(0xa, 0x80003, 0xff)
sendmmsg$inet6(r0, &(0x7f0000000640)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x2, @loopback, 0x3}, 0x1c, 0x0}}], 0x1, 0x3404c8d4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20020008008f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r4}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r5 = socket$l2tp(0x2, 0x2, 0x73)
sendto$l2tp(r5, &(0x7f0000000080)="e5786a0d000000000000c83b", 0xfedb, 0x80, &(0x7f0000000100)={0x2, 0x0, @local, 0x3}, 0x10)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2, 0xa}}, 0xffffffffffffffdf)
r6 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r6}, 0x38)
unshare(0x8000600)
r7 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$FUSE(r7, &(0x7f0000000180)={0x2020}, 0x2024)
r8 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="020a040007000000b6f1ffff0000854105001a"], 0x38}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e000000030000000000000405000600000000000a000000000000040000000000000000000000210000000000010000000000000200010001"], 0x70}}, 0x0)
sendmmsg(r8, &(0x7f0000000180), 0x3ef, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000000)=0x2, 0x4)

9m54.910374375s ago: executing program 6 (id=2941):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454c9, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0xc, 0x0, 0x3}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r4 = syz_open_procfs$pagemap(0x0, 0x0)
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, &(0x7f0000000040)=[{0x4, 0x0, 0x83}, {0x6, 0x0, 0xb187}], 0x2, 0x201, 0x0, 0x0, 0xa5, 0x5c})
socket$netlink(0x10, 0x3, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_SERVICE(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="01000000000000000000010000004000018007000600666f00000800080000000000060001000a00000008000500000000000c0007000000000000000000080009000000000008000b"], 0x54}, 0x1, 0x0, 0x0, 0x20044000}, 0x0)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x180000f, 0x13, r1, 0x2000)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r8 = dup(r7)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c0000001800dd8d00000000000000000200000000000005000000000600150001000000280016802400010000000000000000000004010020000020168f58010000000000000003000001"], 0x4c}}, 0x0)
r10 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
readv(r10, &(0x7f0000001100)=[{&(0x7f0000000880)=""/1, 0x1}, {0x0, 0x2}], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x8, 0x1d, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000004000000000000001700000018110000", @ANYRES32=0x1, @ANYBLOB="00000000e6ff00e1c62983ea901f5b8b365900b7020000140000deb6030000000000c878c6070cf273fa937dacd90085f1ff0083000000bf0900000000000055090100000000006938aa845802197db00df809fefbf8433e45e092e1389654ae1a3532a79a6bc39f2f537087c8ccbdb3cf3e36208f4f9404ffa3b778552d912589eb5e9622f3f93d079ad5a8cd1c27f3e6652659979a54eeaaa5cdf3028b6a007d3a926efa489b8df8cc2534c15626ad7e0bc9d362540f3619881adcb69764815bdb79c281a477c9bf18f2e61d1e9104095566b03a2de8a6275a02edf85d32cf60c1cc9257431804391c1ad99f1d9244e89abacffa0ae6603153bfde12b5e5cf38a3d4ce72c94f1bdfbb24fe3f27e0f9fb", @ANYRES32, @ANYBLOB="0000000000000000b70237e7a258fb577b949b6a9d5742000000180100002020732500000000002020207b1af800"/61, @ANYRES32], &(0x7f0000000040)='syzkaller\x00', 0x5, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb}, 0x94)

9m54.854901936s ago: executing program 1 (id=2942):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
r2 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r2, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4)
bind$inet6(r2, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c)
r3 = socket$inet6(0xa, 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000080)={0x0, <r5=>0x0}, &(0x7f00000000c0)=0x5)
setuid(r5)
setsockopt$sock_int(r3, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4)
bind$inet6(r3, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c)
r6 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r6, 0x1, 0xf, &(0x7f00000000c0)=0x4, 0x4)
bind$inet6(r6, &(0x7f0000000480)={0xa, 0x4e20, 0xfffffffd, @mcast2, 0x2}, 0x1c)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r7=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000300)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="844b7e2b0000000000000700000008000300", @ANYRES32=r7, @ANYBLOB="140004006e69637666300000000000000000000008000500020000001c00e7003b7dfc41a15654ade3ea08543464493a2a3a8131179a899b"], 0x54}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r10=>0x0})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000000)={0x30, r9, 0x1, 0x70bd2a, 0x0, {{}, {@val={0x8, 0x3, r10}, @val={0x9, 0x99, {0x3, 0x29}}}}, [@NL80211_ATTR_FRAME_TYPE={0x0, 0x65, 0x7}]}, 0x30}}, 0x14)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRESHEX=r7, @ANYBLOB="010000000005000000003a00000008000300", @ANYRES32=r10, @ANYBLOB="30dbfbb936f5fbe8f0ec4ff7daa0defc7c40e4168f75f5a7bafc4c28270407139b017f5edebaadbc4279e3d71ea15e884f0a2f6dbdb97676b141fdc624220a0aa9305b69a8f118b6b3ff4ec29d5512f4d61317d8a68b2a9b102532ca82da87f974b42d1e29b280f104c7881e81cbbc47c7c3c0a706"], 0x24}}, 0x0)
r11 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r11, 0x29, 0x23, &(0x7f00000004c0)={{{@in=@remote, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0xa}}, {{@in6=@mcast2, 0x0, 0x2b}, 0x0, @in=@empty}}, 0xe8)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
r13 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_FEATURES_SET(r12, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={&(0x7f0000000100)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r13, @ANYBLOB="0100fcffffff000800000c000000200003801c000380180001801200020074657468315f746f5f626f6e64000000180001801400020076657468315f746f5f626f6e00000000"], 0x4c}}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, 0x0, 0x0)

9m54.605008539s ago: executing program 1 (id=2943):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x80000, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r1 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r1, &(0x7f0000002700)=""/102392, 0x18ff8)
r2 = shmget$private(0x0, 0x4000, 0x800, &(0x7f0000007000/0x4000)=nil)
shmctl$SHM_STAT(r2, 0xd, &(0x7f0000000180)=""/166)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x12, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000000))
ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f0000000040)=0xc)
ioctl$TIOCGRS485(r0, 0x542e, &(0x7f00000001c0))
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
creat(&(0x7f0000000140)='./file0\x00', 0x71)
pipe2$9p(&(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r6, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r7 = dup(r6)
write$FUSE_BMAP(r7, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r7, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r7, &(0x7f0000000480)={0x18}, 0x18)
write$FUSE_INIT(r7, &(0x7f0000000600)={0x50, 0x0, 0x0, {0x7, 0x29, 0x3, 0x0, 0x4, 0x53b, 0x7, 0x0, 0x0, 0x0, 0xa0, 0x200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x80, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB="2c7566a16e6f723efd4c161257de7237e8303d8ace64f9cc9f507df4b4c29da5c49829792853c45de215f4a294141a2c00e9d725f6f430bd05854e33ca68a108eaa26d1e708710df55752a2f35d31de15086a9b2f2659e9144ec5ae35fa0df889fe3baa54209c5bff86f8673691b2be7ab1d00e93657d2aa89c14d52c237650c896b5c2a684562b43d37caa7808a02135222587e7239e17cf79ef1c59b8a327793480c724258800354b64e99f88894f9a567", @ANYRESHEX=r7, @ANYBLOB=',cache=readahead,\x00'])
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)

9m54.257608375s ago: executing program 1 (id=2944):
socket(0x10, 0x3, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x1a1300)
read$FUSE(r4, 0x0, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r6}, 0x10)
io_uring_register$IORING_REGISTER_PBUF_RING(0xffffffffffffffff, 0x16, &(0x7f0000000900)={&(0x7f0000003000)={[{0x0, 0x0, 0x1}]}, 0x1, 0x3}, 0x1)
io_uring_register$IORING_UNREGISTER_PBUF_RING(0xffffffffffffffff, 0x17, &(0x7f0000000f40)={0x0, 0x0, 0x3}, 0x1)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "02880dfb379332f5", "1fd33c81cf7995313c095e00fd6ded74", "62266bd8", "00000000000200"}, 0x28)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000500)={'#! ', './file1'}, 0xb)

9m53.435927413s ago: executing program 4 (id=2859):
ioctl$vim2m_VIDIOC_G_FMT(0xffffffffffffffff, 0xc0d05604, &(0x7f0000000180)={0x2, @pix_mp={0x8, 0x6, 0x75791717, 0x1, 0x8, [{0x6, 0xcf85}, {0x8, 0x6}, {0x2, 0x8}, {0x5, 0x7f}, {0x401, 0x7}, {0x3, 0x5}, {0x2b94, 0x6}, {0xffffffff, 0x9f}], 0x6, 0x4, 0x2, 0x0, 0x6}})
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r0)
sendmsg$NFC_CMD_START_POLL(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRES16=r1, @ANYBLOB="010023484af53b607cc707000000080001"], 0x2c}}, 0x0)

9m53.212385239s ago: executing program 4 (id=2945):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000000)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000000380)='source\xcf\x87\x86\x1bY\x0f\xde\xd6\xcd\xc0\x01\xd3\x19>K\x04\xfe\x86YG\xa5\x0f\xed\xa0\x9f\x1e\x14R\x9e\x04\xfa\xed\xd0TG&\x88\xeaz\x9aD\xf8Tt\x8c\x00{\x1fm\xfe\x9c\xf6_h\x9e\xfc\'', &(0x7f00000001c0)='sou\x01ce', 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'geneve0\x00'})
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
socket$igmp(0x2, 0x3, 0x2)
sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=ANY=[@ANYBLOB="18010000120001002ebd7000fedbdf256563622d6369706865725f6e756c6c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000004000000000000000000000800010000000000080001008f03000057fe0100420000002b000100e0850000080001003bc5730c08000100ff7f000008000100ffff0000"], 0x118}}, 0x4048850)
ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f0000000a80)={{0x2, 0x4e2a, @broadcast}, {0x0, @remote}, 0x4a, {}, 'veth1_to_bridge\x00'})
r6 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0xc1105511, &(0x7f0000000140)={0xa, 0x0, 0x1, 0x0, 'syz0\x00'})
madvise(&(0x7f0000cd0000/0x4000)=nil, 0xffffffffdf32ffff, 0x16)
ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, &(0x7f0000000200)={"6080d517", 0x3, 0x9, 0x1, 0x2, 0xfffffffc, "f9a927627a35987cb2070800", "ae6c49d8", "1c4391b3", "aa04df4e", ["e4e7d0b3748a08eb4117a58f", "a42a5eb8b97b66092e22038e", "00284dc8b857e17ccdef2efa", "d89c67314b6a13a76640b81a"]})
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x10, 0x4, 0x8, 0xda, 0x0, r1}, 0x50)
tkill(r6, 0x2d)
socket$netlink(0x10, 0x3, 0x400000000000004)

9m53.100675945s ago: executing program 6 (id=2946):
capset(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080)={0x0, 0x1, 0x0, 0x0, 0x20000005, 0x4a702ae6})
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
r0 = socket(0xa, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r1=>0x0}, &(0x7f0000cab000)=0xa)
setresgid(0x0, 0xffffffffffffffff, r1)
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace(0x11, r2)
r3 = landlock_create_ruleset(&(0x7f00000000c0)={0x1bc2, 0x2}, 0x18, 0x0)
landlock_restrict_self(r3, 0x0)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r2)
ptrace(0x10, r4)
ptrace(0x11, r4)
r5 = landlock_create_ruleset(&(0x7f0000000100)={0x190, 0x4}, 0x18, 0x0)
landlock_restrict_self(r5, 0x0)
ptrace(0x10, r2)
ptrace(0x11, r2)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000180)={'dummy0\x00', <r8=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000200)={'batadv0\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="48000000100001040000000000000000000000009375ab9d15780a14cf11c7297b66d20095d35c690000008000000000959bb64a9486f85662b6ae32984fb969dc3353ebd00b455ed5eda9a6ee7e0ec4826ffcb8832d68f7e656", @ANYRES32=0x0, @ANYBLOB="21000000000000002000128008000100687372001400028008000100", @ANYRES32=r8, @ANYBLOB="08000200", @ANYRES32=r9, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r9, @ANYBLOB], 0x48}}, 0x0)
ptrace(0x10, r4)
ptrace(0x11, r4)
ptrace(0xffffffffffffffff, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0xc0109428, 0x0)
socket$inet6(0xa, 0xa, 0x1a)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e751d"], 0x24)

9m53.091639765s ago: executing program 2 (id=2947):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2, 0x0, 0x100}, 0x30)
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000004000000b705000008000000850000006a00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$TCSETSW2(0xffffffffffffffff, 0x402c542c, &(0x7f0000000000)={0x7, 0x400, 0x2008000, 0x5, 0x2, "8a8eab67a6a300000005885059cf0a6aea2d6a", 0x46c8, 0x2})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x24040800}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xc)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x50, &(0x7f0000000000)={0x0, 0x0}, 0x10)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000001440)={0x1f, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000000000000000000000000000b70800000c000000638af8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018240000", @ANYRES32=r3], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r1}, &(0x7f0000000040), &(0x7f0000000080)}, 0x20)
r4 = pidfd_getfd(0xffffffffffffffff, r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x13, 0xb, &(0x7f0000000100)=ANY=[@ANYBLOB="18080000d0ff000000000000200000001854000002000000000000000000000018000000", @ANYRES32, @ANYBLOB="00000000000000100708000000000101181a0000", @ANYRES32=r0, @ANYBLOB="0000000000009500"/24], &(0x7f0000000000)='GPL\x00', 0x2, 0xcf, &(0x7f0000000340)=""/207, 0x0, 0x8, '\x00', 0x0, 0x0, r4, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)

9m52.588595312s ago: executing program 2 (id=2949):
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_io_uring_setup(0x10a, &(0x7f0000000140)={0x0, 0x5883, 0x8, 0x0, 0xce}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000400)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x85, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e20, 0x3, @private2, 0xffffffff}}, 0x4000}, 0x90)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
timer_settime(0x0, 0x0, 0x0, 0x0)

9m52.089143165s ago: executing program 1 (id=2951):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@cgroup=r0, 0xd, 0x1, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
syz_usb_connect(0x0, 0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="1201000009003940422c021664da010203010902120001000000040904"], 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@cgroup=r0, 0xd, 0x1, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) (async)
syz_usb_connect(0x0, 0x24, &(0x7f00000002c0)=ANY=[@ANYBLOB="1201000009003940422c021664da010203010902120001000000040904"], 0x0) (async)

9m51.978972343s ago: executing program 6 (id=2952):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @local}, 0xc)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
request_key(0x0, 0x0, 0x0, 0x0)
request_key(&(0x7f00000010c0)='syzkaller\x00', &(0x7f0000001100)={'syz', 0x2}, 0x0, 0x0)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder0\x00', 0x0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r6 = dup3(r5, r4, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000140)="d2ffb49ede31518d65a476b76e4a4e0b75db47c327ab5b7233ac3507e16db41df04709094056af33a6db1e301a74db81f27f6aa6a8ca9d22a565ff96d46e88fa99b284c26c46494072fc2e47da240c71"})
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000640)={0x8, 0x0, &(0x7f0000000000)=[@decrefs={0x40086315}], 0x0, 0x0, 0x0})
io_uring_setup(0x27fd, &(0x7f0000000380)={0x0, 0xffffff01, 0x0, 0x1, 0x17e})
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=@newlink={0x158, 0x10, 0x401, 0x70bd2b, 0x0, {0x0, 0x0, 0xffff, 0x0, 0x30000}, [@IFLA_LINKINFO={0x124, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x114, 0x2, 0x0, 0x1, [@IFLA_VLAN_INGRESS_QOS={0x7c, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xd, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xa425, 0xe}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x9, 0x41c}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x3}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3, 0x2}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xffffff81, 0x5}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3, 0x4}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x802, 0x72e}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3, 0x3}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x9, 0x95a}}]}, @IFLA_VLAN_INGRESS_QOS={0x4}, @IFLA_VLAN_EGRESS_QOS={0x1c, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3ff, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3, 0x8}}]}, @IFLA_VLAN_ID={0x6, 0x1, 0x3}, @IFLA_VLAN_INGRESS_QOS={0x64, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x6, 0xfffffff7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x5, 0x6}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x6}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x6, 0x81}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x1}}, @IFLA_VLAN_QOS_MAPPING={0x3c, 0x1, {0x3bb, 0x9de7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x3, 0x3}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x1, 0x9}}]}, @IFLA_VLAN_PROTOCOL={0x6, 0x5, 0x88a8}]}}}, @IFLA_IFNAME={0x14, 0x3, 'vlan0\x00'}]}, 0x158}}, 0x0)

9m50.673237061s ago: executing program 4 (id=2954):
mlock2(&(0x7f0000004000/0x3000)=nil, 0x3000, 0x1)
mlock2(&(0x7f0000006000/0x1000)=nil, 0x1000, 0x1)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000000)=0x4, 0x4)
socket(0x10, 0x803, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = dup(r2)
ioctl$SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f0000000040))
read$FUSE(r3, &(0x7f0000000a00)={0x2020}, 0x2020)

9m49.699927867s ago: executing program 6 (id=2956):
r0 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000080)={'bridge0\x00', &(0x7f00000000c0)=@ethtool_regs={0x4, 0x0, 0x1c, "f42a97b96d025891dd3f75fdda624457ad3d5c36389c308570204262"}})
r1 = socket$inet6(0xa, 0x80002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$sock_linger(r1, 0x1, 0x3c, &(0x7f0000000100)={0x200000000000001}, 0x8)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x400}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0)
syz_usb_connect$cdc_ncm(0x5, 0x73, &(0x7f0000000000)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x20, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x61, 0x2, 0x1, 0x1, 0x70, 0x3, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x983}, {0xd, 0x24, 0xf, 0x1, 0x2, 0x1, 0x7, 0x6}, {0x6, 0x24, 0x1a, 0x2a, 0x20}, [@obex={0x5}]}, {{0x9, 0x5, 0x81, 0x3, 0x40, 0x97, 0x0, 0xd}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x40, 0x5, 0x9, 0x8}}, {{0x9, 0x5, 0x3, 0x2, 0x20, 0x2, 0x3, 0x6}}}}}}}]}}, &(0x7f00000002c0)={0xa, &(0x7f0000000100)={0xa, 0x6, 0x110, 0x8, 0xb, 0x9, 0xff, 0x6}, 0x68, &(0x7f0000000140)={0x5, 0xf, 0x68, 0x5, [@wireless={0xb, 0x10, 0x1, 0xc, 0x4, 0x9, 0x7, 0x9, 0x2}, @ssp_cap={0x18, 0x10, 0xa, 0x3, 0x3, 0x7, 0xf000, 0x5, [0xbe18, 0xffc027, 0x0]}, @ss_container_id={0x14, 0x10, 0x4, 0x7, "3c121420ff131cbf4f9b1bb1eb50b689"}, @ss_container_id={0x14, 0x10, 0x4, 0x0, "24f2b8095231393f85a573ea80c0a01f"}, @ssp_cap={0x18, 0x10, 0xa, 0xc0, 0x3, 0x0, 0xf0f, 0x2, [0x60, 0xc0, 0xff30]}]}, 0x4, [{0x4, &(0x7f00000001c0)=@lang_id={0x4}}, {0x4, &(0x7f0000000200)=@lang_id={0x4, 0x3, 0x429}}, {0x29, &(0x7f0000000240)=@string={0x29, 0x3, "47772cc776cd87e7bcfcc8aa77f7c5c00643d9c845a326ba7af559e4ef6563004b21605112f2cb"}}, {0x4, &(0x7f0000000280)=@lang_id={0x4, 0x3, 0x4001}}]})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x80000000, 0x20000006, 0x4d, 0x6, 0x5d, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x3, 0x0, 0x5, 0x4, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0xd, 0x7, 0x0, 0xffffffff, 0xe661, 0x629, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x8c, 0x6, 0x10002, 0x0, 0x5, 0x4, 0x8008, 0x400, 0x80, 0x0, 0x5, 0x6, 0x8, 0x7, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x2008004, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2c0, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f2e, 0xd, 0x4e2, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x9, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x7c9d, 0x9, 0x8, 0x3, 0x3, 0x81, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x7, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xca, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x3c484551], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x93a, 0x5, 0x6, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x2000004, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x4, 0xc8, 0xfffffff9, 0xfffff000, 0x10000, 0x0, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x5, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0x1000]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

9m48.953954752s ago: executing program 4 (id=2958):
creat(&(0x7f0000001380)='./file0\x00', 0x4)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
getresuid(&(0x7f00000000c0), &(0x7f00000001c0)=<r1=>0x0, &(0x7f0000000200))
mount$fuseblk(&(0x7f0000000080), 0x0, &(0x7f0000000100), 0x0, &(0x7f0000000280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {}, 0x2c, {[{@allow_other}]}})
mount$fuseblk(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', &(0x7f0000000540), 0x1004040, 0x0)

9m48.55286351s ago: executing program 1 (id=2959):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = dup(r0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x78, 0x2, 0x6, 0x101, 0x0, 0x0, {0xa, 0x0, 0x9}, [@IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_PROTO={0x5, 0x7, 0xc7}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x2}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x80}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}]}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004000}, 0x84)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r3=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f00000003c0)={r3, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000180)={0x0, 0x0, r4})
syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000a8bc0f40ac050b034e7d010203010902240001000000000904fb000203d3020009050503"], 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_RANGE_OP={0x8}, @NFTA_RANGE_FROM_DATA={0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)

9m45.053921749s ago: executing program 4 (id=2960):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x4)
r1 = dup(r0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000300)={0xf0f002, 0x1})
socket$inet_smc(0x2b, 0x1, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000900)=0x19)
writev(r5, &(0x7f0000000040)=[{0x0}, {&(0x7f0000000180)="da", 0x1}], 0x2)
sendmsg$TIPC_CMD_GET_NODES(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={0x1c, 0x0, 0x20, 0x0, 0x25dfdbff, {{}, {0x0, 0x6}}}, 0x1c}}, 0x84)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
prlimit64(r6, 0xd, &(0x7f0000000000)={0x8, 0xfffffffffffffff8}, &(0x7f0000000040))
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000fdffffff0f0000003000078008000100050000000800020007"], 0x44}, 0x1, 0x0, 0x0, 0x44}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x400442c9, &(0x7f0000000080)={'macsec0\x00', @dev})

9m44.725089428s ago: executing program 6 (id=2961):
socket(0x10, 0x3, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x1a1300)
read$FUSE(r4, 0x0, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r6}, 0x10)
io_uring_register$IORING_REGISTER_PBUF_RING(0xffffffffffffffff, 0x16, &(0x7f0000000900)={&(0x7f0000003000)={[{0x0, 0x0, 0x1}]}, 0x1, 0x3}, 0x1)
io_uring_register$IORING_UNREGISTER_PBUF_RING(0xffffffffffffffff, 0x17, &(0x7f0000000f40)={0x0, 0x0, 0x3}, 0x1)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "02880dfb379332f5", "1fd33c81cf7995313c095e00fd6ded74", "62266bd8", "00000000000200"}, 0x28)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000500)={'#! ', './file1'}, 0xb)

9m31.67124956s ago: executing program 34 (id=2957):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454c9, 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0xc, 0x0, 0x3}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r4 = syz_open_procfs$pagemap(0x0, 0x0)
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000ffb000/0x4000)=nil, 0x0, &(0x7f0000000040)=[{0x4, 0x0, 0x83}, {0x6, 0x0, 0xb187}], 0x2, 0x201, 0x0, 0x0, 0xa5, 0x5c})
socket$netlink(0x10, 0x3, 0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_SERVICE(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYRES16=r6, @ANYBLOB="01000000000000000000010000004000018007000600666f00000800080000000000060001000a00000008000500000000000c0007000000000000000000080009000000000008000b"], 0x54}, 0x1, 0x0, 0x0, 0x20044000}, 0x0)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x180000f, 0x13, r1, 0x2000)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r8 = dup(r7)
write$6lowpan_enable(r8, &(0x7f0000000000)='0', 0xfffffd2c)
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c0000001800dd8d00000000000000000200000000000005000000000600150001000000280016802400010000000000000000000004010020000020168f58010000000000000003000001"], 0x4c}}, 0x0)
r10 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000480), 0x0, 0x0)
readv(r10, &(0x7f0000001100)=[{&(0x7f0000000880)=""/1, 0x1}, {0x0, 0x2}], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x8, 0x1d, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000004000000000000001700000018110000", @ANYRES32=0x1, @ANYBLOB="00000000e6ff00e1c62983ea901f5b8b365900b7020000140000deb6030000000000c878c6070cf273fa937dacd90085f1ff0083000000bf0900000000000055090100000000006938aa845802197db00df809fefbf8433e45e092e1389654ae1a3532a79a6bc39f2f537087c8ccbdb3cf3e36208f4f9404ffa3b778552d912589eb5e9622f3f93d079ad5a8cd1c27f3e6652659979a54eeaaa5cdf3028b6a007d3a926efa489b8df8cc2534c15626ad7e0bc9d362540f3619881adcb69764815bdb79c281a477c9bf18f2e61d1e9104095566b03a2de8a6275a02edf85d32cf60c1cc9257431804391c1ad99f1d9244e89abacffa0ae6603153bfde12b5e5cf38a3d4ce72c94f1bdfbb24fe3f27e0f9fb", @ANYRES32, @ANYBLOB="0000000000000000b70237e7a258fb577b949b6a9d5742000000180100002020732500000000002020207b1af800"/61, @ANYRES32], &(0x7f0000000040)='syzkaller\x00', 0x5, 0x99, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @cgroup_skb}, 0x94)

9m25.30645534s ago: executing program 35 (id=2959):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = dup(r0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x78, 0x2, 0x6, 0x101, 0x0, 0x0, {0xa, 0x0, 0x9}, [@IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_DATA={0x28, 0x7, 0x0, 0x1, [@IPSET_ATTR_PROTO={0x5, 0x7, 0xc7}, @IPSET_ATTR_BUCKETSIZE={0x5, 0x15, 0x2}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x80}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}]}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x78}, 0x1, 0x0, 0x0, 0x20004000}, 0x84)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r3=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r2, 0xc02064b6, &(0x7f00000003c0)={r3, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000180)={0x0, 0x0, r4})
syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000a8bc0f40ac050b034e7d010203010902240001000000000904fb000203d3020009050503"], 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @range={{0xa}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_RANGE_OP={0x8}, @NFTA_RANGE_FROM_DATA={0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)

9m21.121632653s ago: executing program 36 (id=2949):
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_io_uring_setup(0x10a, &(0x7f0000000140)={0x0, 0x5883, 0x8, 0x0, 0xce}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000400)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x85, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e20, 0x3, @private2, 0xffffffff}}, 0x4000}, 0x90)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
timer_settime(0x0, 0x0, 0x0, 0x0)

9m20.335097957s ago: executing program 37 (id=2961):
socket(0x10, 0x3, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x1a1300)
read$FUSE(r4, 0x0, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r6}, 0x10)
io_uring_register$IORING_REGISTER_PBUF_RING(0xffffffffffffffff, 0x16, &(0x7f0000000900)={&(0x7f0000003000)={[{0x0, 0x0, 0x1}]}, 0x1, 0x3}, 0x1)
io_uring_register$IORING_UNREGISTER_PBUF_RING(0xffffffffffffffff, 0x17, &(0x7f0000000f40)={0x0, 0x0, 0x3}, 0x1)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000080)=@gcm_128={{0x304}, "02880dfb379332f5", "1fd33c81cf7995313c095e00fd6ded74", "62266bd8", "00000000000200"}, 0x28)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000500)={'#! ', './file1'}, 0xb)

9m17.267794306s ago: executing program 38 (id=2960):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x4)
r1 = dup(r0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_sctp(0xa, 0x1, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, &(0x7f0000000300)={0xf0f002, 0x1})
socket$inet_smc(0x2b, 0x1, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000900)=0x19)
writev(r5, &(0x7f0000000040)=[{0x0}, {&(0x7f0000000180)="da", 0x1}], 0x2)
sendmsg$TIPC_CMD_GET_NODES(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)={0x1c, 0x0, 0x20, 0x0, 0x25dfdbff, {{}, {0x0, 0x6}}}, 0x1c}}, 0x84)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
prlimit64(r6, 0xd, &(0x7f0000000000)={0x8, 0xfffffffffffffff8}, &(0x7f0000000040))
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000380)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000fdffffff0f0000003000078008000100050000000800020007"], 0x44}, 0x1, 0x0, 0x0, 0x44}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x400442c9, &(0x7f0000000080)={'macsec0\x00', @dev})

4m8.644351475s ago: executing program 8 (id=3722):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x1c}]})

4m8.314069248s ago: executing program 8 (id=3724):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {0x20000, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x20000000, 0x3, 0xfffffffffffffffc, 0x0, 0x0, 0x2004cb, 0x3, 0x0, 0xfffffffffffffff8, 0x0, 0xfffffffffffff2a5, 0x2000000000003ff, 0x2], 0x0, 0x200306})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='freezer.self_freezing\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r3, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4m7.407875553s ago: executing program 8 (id=3727):
syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
lsetxattr$trusted_overlay_origin(&(0x7f0000000180)='./file1\x00', &(0x7f0000000040), &(0x7f0000000100), 0x40, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000002180)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r0, 0xffffffffffffffff, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="15000000100000000800"/20, @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000003b996134013b116a5f42853c5d8331cfa36024a0f5ff7df5eca562aaf8ad3397f378e1e324fe46e54223d4823baad52479"], 0x50)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b70200000000000085000000000000009500000000000004bf91000000000000b7020000030000008500000005000000b700000000000000950000000000000026a1aa1a008e020e3591b5df60add0fd928582c8a58f80948312d12018d83bca786a37f446fb6c7d4f588b3a0eeb67b23dcaacf3fe386cf86a2e42db693f56990d31c28e165fb9f7a83b9389bbc19485254f7ffbb64296181b832cf4651dcd472dce22d8ee0bf92de79796152b1055a87e4ba258ec78137756ee0ebe3a74372db0e57641252a5baf6cf951c89281629914dbabd0ba1bbd76a02aad482db03fe81c1a7832d1b3906ed830b2d4838a93ffb6143fb17809b423367690e6e4e327f1210c0000000000"], &(0x7f0000000000)='GPL\x00'}, 0x94)
bpf$BPF_GET_PROG_INFO(0x1c, &(0x7f00000003c0)={r2, 0x0, 0x0}, 0x10)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_qlen_max\x00', 0x2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0)
sendfile(r3, r4, 0x0, 0x106f)
socket$unix(0x1, 0x2, 0x0)
socket$unix(0x1, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$kcm(0x2, 0x3, 0x2)
socket$kcm(0x10, 0x2, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000003c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828bf209d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b4"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@cgroup=r5, r5, 0x2e}, 0x20)
syz_emit_ethernet(0x36, &(0x7f0000000300)=ANY=[], 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, &(0x7f0000000300)=0x43, &(0x7f00000001c0)=r3}, 0x20)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

4m6.998293434s ago: executing program 8 (id=3731):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000180)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r1, &(0x7f00000077c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000100)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x1295800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000015000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000001f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a10000000000000000000000000000000000000000000000000000000000000000000000000000000093160000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fffffff3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f40000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000058000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002cf8f6d700000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff0000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00", 0x2000, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = syz_io_uring_setup(0x3bdd, &(0x7f00000003c0)={0x0, 0x0, 0x10100, 0x3, 0x8000000}, &(0x7f0000000080)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r3, 0xa3d, 0x0, 0x6a, 0x0, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0xa1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(0xffffffffffffffff, 0x0, 0x4000854)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x40000)
r7 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000c80)={'ip6gre0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001240)=@newqdisc={0x45c, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x4000000, {0x0, 0x0, 0x0, r8, {0x0, 0x1}, {0xffff, 0xffff}, {0xc}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x430, 0x2, [@TCA_TBF_RTAB={0x404, 0x2, [0x1, 0x0, 0x1fc, 0x0, 0xfffffc80, 0x0, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x3f, 0x0, 0x0, 0x2, 0xffffffff, 0x2, 0xc00, 0x0, 0x0, 0x0, 0x100001ff, 0xfff, 0x0, 0x0, 0x0, 0x1000, 0xfffffffc, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x272, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2, 0x7, 0x4, 0x0, 0x0, 0x0, 0x81, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffc, 0x3, 0x0, 0x0, 0x0, 0xb97, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x5e, 0xfffffffc, 0x8, 0x0, 0x0, 0x400000, 0x7, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x4, 0xfffffffd, 0x0, 0x0, 0x80003, 0x0, 0x0, 0x1, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0xffffffff, 0xffff, 0x0, 0x0, 0xb3c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x2, 0x1, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0xd79, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x1, 0x0, 0x100, 0x0, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd]}, @TCA_TBF_PARMS={0x28, 0x1, {{0x1, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xff, 0x0, 0x0, 0x0, 0x0, 0x40000000}, 0x0, 0x7f}}]}}]}, 0x45c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
ioctl$TCSETS2(r6, 0x402c542b, &(0x7f0000000300)={0x2, 0x0, 0x8, 0x4, 0x4, "ecd2bf404b44e1aa7b4d43a89e9ee97395ac1a", 0x8004, 0x6})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$inet_udp(0x2, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6(0xa, 0x3, 0x8000000003c)

4m4.514766933s ago: executing program 8 (id=3741):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f0000002140)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r1, &(0x7f00000093c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000004200)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0x10096080}}, 0x50)
syz_fuse_handle_req(r1, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x0, {0x0, 0x14}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x40)
getdents64(r3, 0x0, 0x0)
openat$cgroup_ro(r3, &(0x7f0000000340)='blkio.bfq.group_wait_time\x00', 0x0, 0x0)
syz_fuse_handle_req(r1, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="10000000000000004000000000000000"], 0x0, 0x0, 0x0})
r4 = socket(0x400000000010, 0x3, 0x0)
syz_open_dev$video4linux(&(0x7f0000000ac0), 0x2, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/sockstat\x00')
fchdir(r5)
ioctl$TUNGETVNETBE(r5, 0x800454df, &(0x7f00000000c0))
ioctl$VIDIOC_SUBDEV_S_FMT(r3, 0xc0585605, &(0x7f0000000000)={0x0, 0x0, {0x6, 0x3, 0x1, 0x2, 0x5, 0x8}})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000005000002000000110000932a149298005f5fa30000"], 0x0, 0x29, 0x0, 0x0, 0x7}, 0x28)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
unshare(0xa000400)
r8 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
preadv(r8, &(0x7f0000001880)=[{&(0x7f00000018c0)=""/98, 0x62}], 0x1, 0x0, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000220edf104c05c10687c2010203010902"], 0x0)
close(r8)
r9 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r9, &(0x7f0000000980)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x36}}, 0x0, 0x2, 0x1, 0x2}}, 0x26)
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000140)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0xfff3, 0x7}, {}, {0xa, 0x1}}, [@filter_kind_options=@f_u32={{0x8}, {0x10, 0x2, [@TCA_U32_POLICE={0xc, 0x6, [@TCA_POLICE_AVRATE={0x8, 0x4, 0x1}]}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4080}, 0x40010)

4m1.464383794s ago: executing program 8 (id=3751):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r4, 0x114, 0x8, &(0x7f0000000380), 0x4)
setsockopt$RDS_FREE_MR(r4, 0x114, 0x3, &(0x7f00000007c0), 0x10)
recvmmsg(r0, &(0x7f0000000880)=[{{&(0x7f0000000900)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000400)=""/222, 0xde}], 0x1, &(0x7f0000000580)=""/146, 0x92}, 0x3}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000000)=""/74, 0x4a}, {&(0x7f00000006c0)=""/194, 0xc2}], 0x2, &(0x7f00000007c0)=""/137, 0x89}, 0x179}], 0x2, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r5}, 0x10)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r7 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000a80), 0x0, 0x0)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
fchdir(r8)
close(r8)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), r6)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r10, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r10, 0xc0182101, &(0x7f0000000200))
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000a40)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000680)={&(0x7f0000000980)={0xa0, r9, 0x400, 0x70bd2d, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x7, 0x63}}}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x7}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x29}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x9}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xbb}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xfffff026}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x2}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1707}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x6}]}, 0xa0}, 0x1, 0x0, 0x0, 0x8054}, 0x4050)
ioctl$IOCTL_GET_NUM_DEVICES(r7, 0x40046104, &(0x7f00000002c0))

4m0.506060672s ago: executing program 39 (id=3751):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r4, 0x114, 0x8, &(0x7f0000000380), 0x4)
setsockopt$RDS_FREE_MR(r4, 0x114, 0x3, &(0x7f00000007c0), 0x10)
recvmmsg(r0, &(0x7f0000000880)=[{{&(0x7f0000000900)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000400)=""/222, 0xde}], 0x1, &(0x7f0000000580)=""/146, 0x92}, 0x3}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000000)=""/74, 0x4a}, {&(0x7f00000006c0)=""/194, 0xc2}], 0x2, &(0x7f00000007c0)=""/137, 0x89}, 0x179}], 0x2, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r5}, 0x10)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
r7 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000a80), 0x0, 0x0)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
fchdir(r8)
close(r8)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), r6)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r10, 0xc0502100, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r10, 0xc0182101, &(0x7f0000000200))
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r8, &(0x7f0000000a40)={&(0x7f0000000500)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000680)={&(0x7f0000000980)={0xa0, r9, 0x400, 0x70bd2d, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x7, 0x63}}}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0x7}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x29}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x6}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x9}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xbb}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0xfffff026}, @NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x2}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x2}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1707}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x6}]}, 0xa0}, 0x1, 0x0, 0x0, 0x8054}, 0x4050)
ioctl$IOCTL_GET_NUM_DEVICES(r7, 0x40046104, &(0x7f00000002c0))

39.166556191s ago: executing program 3 (id=4313):
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7278, 0x0, 0x2, 0x156}, &(0x7f0000000000)=<r0=>0x0, &(0x7f0000000100))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f0000000040), 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000003c0)='rcu_utilization\x00', r2}, 0x18)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f0000003700)=[{{&(0x7f0000000300)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @multicast2}}, 0x80, &(0x7f00000017c0)=[{&(0x7f0000000400)=""/203, 0xcb}, {&(0x7f0000000500)=""/191, 0xbf}, {&(0x7f00000001c0)=""/35, 0x23}, {&(0x7f00000005c0)=""/4096, 0x1000}, {&(0x7f00000015c0)=""/211, 0xd3}, {&(0x7f0000000280)=""/42, 0x2a}, {&(0x7f00000016c0)=""/197, 0xc5}], 0x7, &(0x7f0000001840)=""/77, 0x4d}, 0x9}, {{&(0x7f00000018c0), 0x80, &(0x7f00000019c0)=[{&(0x7f0000001940)=""/73, 0x49}], 0x1, &(0x7f0000001a00)=""/81, 0x51}, 0x1c00}, {{&(0x7f0000001a80)=@x25, 0x80, &(0x7f0000001b80)=[{&(0x7f0000001b00)=""/117, 0x75}], 0x1, &(0x7f0000001bc0)=""/54, 0x36}, 0x9}, {{&(0x7f0000001c00)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x80, &(0x7f0000002380)=[{&(0x7f0000001c80)=""/232, 0xe8}, {&(0x7f0000001d80)=""/190, 0xbe}, {&(0x7f0000003840)=""/182, 0xb6}, {&(0x7f0000001f00)=""/52, 0x34}, {&(0x7f0000001f40)=""/205, 0xcd}, {&(0x7f0000002080)=""/74, 0x4a}, {&(0x7f0000002140)=""/90, 0x5a}, {&(0x7f00000021c0)=""/249, 0xf9}, {&(0x7f00000022c0)=""/170, 0xaa}], 0x9, &(0x7f0000002440)=""/118, 0x76}, 0xb4}, {{0x0, 0x0, &(0x7f0000003680)=[{&(0x7f00000024c0)=""/188, 0xbc}, {&(0x7f0000002580)=""/25, 0x19}, {&(0x7f00000025c0)=""/4096, 0x1000}, {&(0x7f00000035c0)=""/36, 0x24}, {&(0x7f0000003600)=""/103, 0x67}, {&(0x7f0000004800)=""/4096, 0x1000}], 0x6}, 0x8001}], 0x5, 0x2, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="1400000000020104000000000000005bbedd817335a12e696a6e2f18eddd"], 0x14}}, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r6 = syz_open_dev$vim2m(&(0x7f0000000240), 0x6, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r6, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r6, 0x40045612, &(0x7f0000000100)=0x1)

38.06440497s ago: executing program 3 (id=4314):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x8080, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random})
r2 = syz_io_uring_setup(0x88f, &(0x7f0000000300)={0x0, 0xaee2, 0x0, 0x6, 0xbfdffffc}, &(0x7f00000000c0)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0x10075fa, 0xe006, 0x0, 0x0, 0xfffffffffffffedb)
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x9, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b405000000000000791030000000000005001700000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000080)=""/204, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x4f}, 0x48)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000400)=ANY=[@ANYRES16=r3, @ANYRESOCT=r5, @ANYRES8=r3, @ANYRES64=r0], 0x2a, 0xfffffffffffffffc)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="300000004a00012225bd7000000000000a008000", @ANYRES32=0x0, @ANYBLOB="0000000014000100fc0100"/24], 0x30}}, 0x4040090)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
r7 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000413f5f201d0650c16fce0102030109021b00010000100009043300011870f500090582020002"], 0x0)
syz_usb_control_io$hid(r7, 0x0, 0x0)
r8 = socket$inet_tcp(0x2, 0x1, 0x0)
r9 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r10 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r11 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r11, &(0x7f0000000080)={0x1f, 0x1, 0x3}, 0x6)
r12 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x8000, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1f, 0x11, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6}, [@call={0x85, 0x0, 0x0, 0x7d}, @snprintf={{}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r12}, {}, {0x85, 0x0, 0x0, 0x6a}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x94)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r10, 0xc0285700, &(0x7f0000000040)={0x3, "5660359c3245d1c42317afad7d48ed5100000000000000010000000000000800", <r13=>0xffffffffffffffff})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r9, 0xc0285700, &(0x7f0000000000)={0x7, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27", <r14=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r14, 0xc0303e03, &(0x7f0000000080)={"9f5c42cc88f6799ad1de1af01588a3372784790284f3ab71b40a06522213abba", r13, <r15=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r15, 0xc0303e03, &(0x7f00000000c0)={"3c2486910284ed8b3431d4c5d5fbf514fd00", r14})
getsockopt$EBT_SO_GET_INIT_ENTRIES(r8, 0x0, 0x50, 0x0, &(0x7f0000000000)=0xff5f)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000285000000170000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7"], 0x0, 0xffffffff}, 0x94)

32.260877622s ago: executing program 3 (id=4325):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x2}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
close(0x3)
r5 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$tcp_congestion(r5, &(0x7f0000000100)='reno\x00', 0x5)
r6 = socket(0x10, 0x3, 0x0)
write(r6, &(0x7f00000000c0)="240000001e005f0214f6fffffffffff807b862117b00000000000000080009000d000000", 0x24)
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f00000007c0)={0x8, {"dc5d3b0169633d3eba3eabbc09167be55101d4af4b22a373236464d2dbfaa84399b77bd438a54364a7ebc5bdaab4f9decb7c044318cd59a0af8279bcab35dd7daf7a0ceb381df2c32eff45b13e2c8f40e1895355bf6f165200cb1ca41a155730ee2e9f83183f9fafe029d0401b0770618254a8b2dc87b630072b1e2de160d1afed51b74c14b71ec1b226a324482d14ad586b1a4ce80e458fe45244c01eddeddf3564af838d6d5324f8a77023d6eb7aa14397a0e1413ea1c3dfdf0e3a35b709e627f36fe403ee3117365be5017682f53595f28543062c740a94a794312f5cebc315044b8ea000a5d0f27812ab0ce149d11e6f6f7620c5f3e250bf67d13a1ca39dbb7b8b5a31e3d7ba7ebe5849a7a09b61fc9f2cfc54b89e9cd0105bca49483ce55e0187ce2ad692a18219d881057c838587b915337169ee054655f26a04df913a658fccbf4def6aad750ca4796b74d322c67e9d4ee6a530a22dcc35db850b424d6ec9f62495b9f9fd2b000feadd57d26dbd505798c208d91eb0aab0fd97537631b8bf81ce0e2241c4272be4ff69b390e4485d574146b76d1fdbf7fc5334906805534cdae1e47240af7761a18fc8bd0a694be47529da98bc0f98eb7db3fc4a74cbb6e486f4de90fbf2452e72c2e1dca44543ad9ad094b8bc861eef1e814662d0b350339e3a510d459c6f83aabd5fd3dcb38224056d761e7df9b482b9905f1e2135c1929be328ecdb69c007a3efd548502c83106f6df1ab1178fac499eda92ad4373155227ec2df150c919d322ecb3ea37e659285f18a3e2f79b59900ca438df3a1381380a12d3ad7678e0a8d3bdfb40651389b4ac8c66138d442d70eafdc2df8b080028006b1794146382c1d628fd2ebe5859b6c243824903d056d800975675bb1913142adbc039a9c68c2f146a0e8903447313f5e5549905f397a9b1f21a93b80c4d04a8ea7a29a50fbc5407a9305bba420edf898ea678d6879489c39692c99bb6dacf61f5f97637b94c1031d635b5423b38b9196fafaaf87b2796eadc21466af5a10281e6a808748969d29efb444c99a4cb2111732a792dbca4376a125a68f7cdac065cc6173dc21caafba48c742d9a7df2f771ff2f5725b22c247d4e0c6106f9f5f6929b69929ab37e9a9b326ce618bb702b883b12026f1300f21f2c7440cac8c5f1210a78aa067211d2827f5dcc7578252c2ccc3f67bab9d1bb6939b21b550788ef550acfed4bf50c0b4fb3ca4d2872ee64f95d611a317d9daaf373a10d868680b2226396c95fa2b0ab4d6fce06c3b42cb97d17a7b5089061537fdeb1a53040869f7befca330358fdba86754fc2e46c2113e1484cb37534af8f0408a7ee313778dab49f08229964298f847ea66c4ec319f64b6a12da585bc59e82e0263c507b397d3efee3b4066f4d25566aa1549f6185f6375f84b65fa8945148b90430c86a5b6fdf58d5c812b98d9dc621fd9a3d9f1a577495356516d1cbcf5e8bb8923b54b247225b9c3892b18a9e137f3620c734052af9dc8f1ea36f0d4592d5ee32e35676a84dc891f97456f2ac3a4ab58a42bcdc221a4ac8bb28d428add2fcbe5b110a8afd5d23b31e827bd16167b2d88cae024afc04a722ac0b4d45c52512e6b6f102aac4be21bc89ce246539048370553665b0a4336a6db99d0d19399be6437bf21419304331b4342b2c1db580f0c9bf681fdb8e9fa3e025454197bbc82ef93ee2f385660818ec5127080675a8013766469afe3b1e36e81bf2f04c3a26eaf4517551e734d21ba3bc90e48aea0891792970c39f3f528397e9b7ae190f1760fe5960dc763ee0a17939c60bfcac0a8914be82c749e4fe85d1ac5fa733413468fb8941085e8c4d6e0b6d1e62e20da58440facd640ddbb6c1f694b3ca48757a34c5a11668368711a1d4f3a81d31ac30d71277d7ae77882b6841cfa6289e6cce84a3ad57eeb328f831888ac7d3cfcd3a472a48d903f20cec8c8ae8d0bea04ebf7413ef7693f8ed876e49bd5f89d7e1078208ff62712e330fc0341b9ccf26845578d44b1e0c66d1bebc14742baedfabb8e9a2c8f42730360c72997efe0ce786ff330c2eb6e0ff20896f813c2a515ce76f826c11a1c1588eb369231ddeb4a2f9f9591ecdecc74d20aeb50047beb3ab89a9e4e1b805a20b645c79d0bc5d0247fab8ba46a97a07630b1f1cb69b42b568af746063d2c581f057873d64fe6e659b00b4a26745f5fba1fe7406a86b007936c7cfdac53a4c5b0ea9f6604863c8e3f174eddbb09175f6e13cda9a860cf400ef9ed02b895502ac6e6de6a658249c3c6e8a653517eae2231e56e0f120547923c6549ebc1ed14c623637ce3d96af5c93a32e58e2d9659d8b5b145888b52d9a5b5cb3cdf594eb137bcef2ba068cfd2c6ccf7ab6e5b4ec55e9197bfb91c9b8729f7b50cf0b0326f7ea3e712c77674d48545ca2a86744c3c38f149d69cf811beacf7e5f49c7bfba20f1dcf3d7bc0b9c796016820a46495d244c9606a06fe2e14233eda78d69ae4523ad7b708b0c7ead44d7fd376fed60e3cc2ee25e9600adfbe87ac7c8fb8269aec9459602af0f420becda6120ce7d9626c65ae7f860639e8bf664eb4301ec18add0e436c0356c12ab6b4ca35da2b43c4a8c239fd0b59a2ce94843cdfa1667053165053633b062844dbb0d00070fde74fa3178eb5f1f5fd02e2088d8690379f39ab22c080cdcb29d700bac74fabd8a356fe99afe83a5d99aa5024e9158a299eda6c99b6701e64f1d68e7e2c0c6e88396bb535a02d0948f0a250a6e090041c96d9c9acd6134d44d516fd1010c39e572b86b05bb1326a2a4f23f11181186f9c2a01dc7b58c0129f4b851ca9b1e3dc35db7364e29ef646211796b1651511e041345abce427fa5d6e48b8fb078c8432061a4cc518a8f2a2caf709a5c1473a62112a6650afc64eec12f8f9c08cff1b6fbf7a1209fc8661f62303b7c5d49c1d0b32a9f37e81ed9ab6193816d40995ed49c10b9f5752e04d57535a3d16f06c65d32846c31ec9787ec4a965679eb804e86b45d007f38d8104550770dc6f313bc846e43a14a8c21d0628c744e3e83cb998d1b7acfe996541a8c03852dadf9326444c582b481cae844e4f3fe3d638903b38f24633b63adbad841ac6c4c5169d781a0e271e8a967b1c7e986fcb3a66168e86e3559a44fcfa92452260491da9397659af60453f4cd4be2d15439445ec2b4366a79d3283da912d9d499df1242bd174edc235848caa21d2c997aff0e95c7e5cc0803c90fab84e7be7b37909d0e2f3bc9974e3388acb6800baba183ecc8eea8c71c0d65d669e41f99ceae523b7a6b772f3b8ebba1d2127ccc3ddb7ddcb4ec73cbdc26fc87c3848e258a0b5484d3a13e40ec4e4a65dd92f09e9fe1e3e2f8b96c4e363aa3683860dee62dfcf8823ee4a3593a092e0bd9c4cedacf44a272faa164447b01f46a7795642a40c61b0034a37f0e9b792428a0ddcd144fe8263088eaac8016f8f1cd30b55ac90a8f10d785b7570dd9e639a4a068d3fe98a420b9f72e79de817f676c2a224300d749571ad43f49d1fbe838f4566bc7b5f104c384ad87189213152b644d9fcbdf98bafeee569d640ce9045779f1d90024c023a7480a358dee276fba139c14b4fdb12885240903d0e61dc161659a68f62c92b899007e0f2b65bf0a069e9e57c9b6ae50a3b30dd1003fb0eead73ae2f6010b3b356b4060579a4f29935e1f00c01d12e5f44e8e3163d81dfef7ca8560604240c7e96e4454c6971614df306c768121abb3f628e3f1d2d026f58d1087334c5bdb74d7c949b0ee66a4531ba4e9b922aee3d0f802ed034734507a5913c52966f1f8bd4577840de0253aabc23299dced2a299859c07af9fb0f9c29b6533b9d84d471390d59ab315f5ddb226f6b8dd7889295f0fb1f7bd1adafe4cc520a1e84bf2a59d5b9795aeafc8d6fd66a8228aba8653b98622617ddfeb5d6795c9bd2f35d4a0c386e862675a50e3314c3fbb17aca151c13c7fc8b1d1b72ed0a958537b5ddc9e74bddc2b9571ec3f2b7775b125338d4852a75a60000564c65bb36dfb6bea4aab1ae7a4f285c2177aa98406eb2cc10934aa92d5a9612d4455c84ad200841d289b5c2d5deab0d8e2459598ef183d3dc47f6bad0b9513710600cfa4d69fcd5763cdcc4f2c2b7cd7d4491fd52f4aec82ce846c0988f6f0123e21e900d39c61085e68c9badc350b44004f6c042d64b0d0cbf91ad0592b198f1eeea1e52200bc8e6d62848d6884b10bdde72466039da488be6b340c23148f666f2fe6e032c07dac43586df182aca9116f4600313fa8375c76337ba86bdc391dae6450218f58f047ced64befc6bb5c2a60024669630a6279fedf2fe45e7e19ce582ad96ae0d023eb9b39f5f1e666e73bb038ae38157275be5eb3e7cbc8b05adf53e817646bdc2cfce98e5d162bf7faaca787db8717ab8b27b9e35609c5fb9de9def07f010df8b43cf5c96851eadfdeff0b7bc5826e7e15490ae9c3d14166ee81bef007070e7981235a673804ad89943ee6b51ac63364f7870e121e6ff23a0c7d179527cd58dd7a4ca37247c2bd9efc79b720bb1ee2d39862e98cb81e93cf5b48d5d02ee8ac737ab504c867a1c49e678300803c94fbe978dea918a1e71b9791ee1e4d30056e86c26a4675a8b090be2365c0b451a13ece52a89a7057fe2052e11c6666eb916d823ea66bf217c320acba3b714910734b2d27c2fa586bd7f7664b0d1422adabad2ce2afc10270057f11940fac1a51d023ce48bd04ea39b7f99381b239fd0ddeea0dce7863ec1f8f61775013b6414ecf86e686a340a3148f87a9d7d60a1f2da53436d16fc88d6a4e7c3d55e0dd004cbecc15a5558eb705d82aacb1862ddc251dd5d9cbf1d78f97900ce6e8dab0ea678cb823bd1e7bbd1e927841af08f5427878c19f4f322228f9b36287fc13e7c1293ea875ae73815e052d6c2ebc40df8f7b9d1f76e0b10e35aa160944983d8e6b790df0d9b13f3460657336d81f7d83c0350324b930ec9c7557ce12887f76372e126f504b0980fea27f31a780c05187b9b5353dafc6b101543b24332b96e15bc26b19062e52fa9f86d260ee3a3bc92a133e328407bb85357ee5c45cb87228f44888b14941b5911b050e9319fe88033f830a8490917a9c0572ebbc549000000000000000015a34abef947b5b9a950e780662de18873e55899c92db3ad00437e8407890afa6b0c04ef861b8bc85fbbe1bb67b3d9ef001409f84b8ec4f01d861cecc143a805b981ab5cf5b605057b63cb2c84ec358e510a69cd8c33a8a62fe4680d0c980145cc709157832bfaef261cb00800000000000000ce9affffd4b1dc7cc9511da0b34bffb9ac216fb8cf7c6572d95627787720d1ba67c6512fcdb16f6329e9668681c404efebad559f81f05971b5efb6b4cca97ad0346753cc0a40a877242d8a808c602b03dc962cee38e646cb18abb079c70d357c30738a70f55cd3c5956a83a1bfcd6649dd765f16bfe968066345df7380bbc0c16b3b5af513d6458c791343952f33a051c5d711c1f35af1b47f3db9bbfb5c040000002b52805d606479879be0b404a28ade5649a3185e0f85a85fc15cd824671c2befdd0da509597c87d869f0bd7ad163ad93ca28fc0c4025eccaafe385ec3fc06c54ebcd7b07b6c7e0197c5b9ef886159a1585ae45248f865be760db6f5bc8f868fc6aefd04e34ecb51159e4cdcc2214b42b1ca9caec13ba3e1b2e7a3c736977b226213d265c2873195122a9b448088c8b50edd549be41c38ab176807b75e7267f86e400", 0x1000}}, 0xfffffffffffffed8)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r7, 0xffffffffffffffff, 0x0)

30.221159092s ago: executing program 3 (id=4334):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[], 0x10}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000fc0)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x9590f6cc3ea35512)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r2, 0xc01064c8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)})
ioctl$DRM_IOCTL_MODE_GETPROPERTY(r2, 0xc04064aa, &(0x7f0000000d40)={0x0, 0x0})
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
r3 = gettid()
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r5 = openat$cgroup_devices(r4, &(0x7f0000000300)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r5, &(0x7f0000000240)=ANY=[@ANYBLOB='c 122'], 0xa)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xc)
lsm_set_self_attr(0x69, 0x0, 0x106, 0x0)
prlimit64(0x0, 0xa, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(r3, 0x0, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$sg(&(0x7f00000004c0), 0x30000000, 0x20c02)

29.754618436s ago: executing program 7 (id=4335):
r0 = syz_open_dev$vim2m(&(0x7f0000000240), 0x6, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000100)=0x1)

28.778171298s ago: executing program 3 (id=4338):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_GET(r1, 0x0, 0x10008840)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x9, 0x1b, 0x8, 0x40, 0x42, 0x1}, 0x50)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001180)=ANY=[@ANYBLOB="61154c000000000061138c0000000000bfa00000000000001503000008004e002d35010000000000950041000000000069163e0000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ff3d4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2739670b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc401000000cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be19637302f3b41eae50509fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524a3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18402cde8b0100010000000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d545ffffffff00000000a1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf857689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684ee54c0a263c806aabac2f66cb052f847c62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961ef4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fc0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bb000000000000000000000000000000884efcecca45ea4ab2ec097668456a6ff12854997f5aed737d5205ace5c0b64f87ef10784d0479cb44ca077e0c4ce6ff880e2ce3de63853a9740e9233683bfc8636bee293aeeb680b399a296e6f44c07b5fc5d9d359af007f23004a7acb6df23664ea209620b4fe0f4df81c33bd8ca2335cb4b50881937379b45a301175c3e8eb32970564ec8e25c46ee3bae079faedaad94276cfa251be8256c4c37fc84a25c3a2feb39e94a5266a10716d4a3cef499fa176018054e9149a1c9d20a809ce3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xf, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_device, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup\x00', 0x0, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000001080)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x7, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @initdev={0xac, 0x1e, 0x0, 0x0}, {[@timestamp={0x7, 0x8, 0x5, 0x0, 0x0, [0x0]}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000001c0)={r3, r4, 0x6, 0x0, @val=@iter={0x0}}, 0x20)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r2}, 0x38)

28.656135521s ago: executing program 7 (id=4339):
syz_usb_connect(0x0, 0x24, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x4b, 0x41, 0x46, 0x8, 0x1660, 0x932, 0x80ea, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x5, 0x10, 0xf}}]}}]}}, 0x0)
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f00000010c0), 0x802, 0x0)
write$uinput_user_dev(r5, &(0x7f0000000080)={'syz1\x00', {0x3}, 0x49, [0x0, 0x3, 0x403, 0x100000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x4, 0x1, 0xffffffff, 0x0, 0x0, 0x0, 0x3, 0x3, 0xffffffd, 0x8, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x4, 0x0, 0x1000000a, 0x0, 0x0, 0x80000007, 0x0, 0xffffdfff, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0x0, 0xffffffff], [0x0, 0xa82, 0x0, 0x0, 0x2, 0x733, 0x1, 0xedc0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffc, 0x1, 0x8, 0x0, 0x2000000, 0x0, 0x0, 0x9, 0x0, 0xfffffff8, 0x0, 0x0, 0x79, 0xfffffffd, 0x0, 0x0, 0x0, 0x2, 0x47, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x7fff0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x28220be6, 0x401, 0x0, 0x2, 0xfffffffc, 0x6, 0xfffffffd, 0x0, 0x0, 0x0, 0x20], [0x0, 0xfffffffc, 0x0, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3, 0x0, 0x4, 0x0, 0x6, 0x0, 0x0, 0x7, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0xcf6, 0x89, 0x0, 0x800, 0x0, 0xfffffffb, 0x4000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80008003, 0x0, 0xfffffffe, 0xfffffffc, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x351e, 0x0, 0x11, 0x0, 0x0, 0x6492, 0x8], [0xb, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffe, 0xd2a, 0x200000, 0x0, 0x0, 0x10, 0x0, 0x0, 0x804, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x2, 0xfffffffc, 0x4, 0x0, 0xfd31, 0x6, 0x0, 0x0, 0x0, 0x2, 0x5, 0x0, 0x3ff, 0x200000, 0x0, 0x0, 0x9, 0x0, 0x0, 0xfffffffc, 0x0, 0x8000006, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8000008, 0x4, 0x1, 0x0, 0x0, 0x100001]}, 0x45c)
ioctl$UI_SET_EVBIT(r5, 0x40045564, 0x5)
ioctl$UI_SET_SWBIT(r5, 0x4004556d, 0x3)
ioctl$UI_DEV_CREATE(r5, 0x5501)
ioctl$SIOCSIFHWADDR(r4, 0x8b04, &(0x7f0000000040)={'wlan1\x00', @multicast})
syz_usb_connect(0x0, 0x6b, &(0x7f0000000c80)=ANY=[@ANYBLOB="1201000385352608f20446b76e8e01020301090259000104e9000909049300000e0100ff0a240102000502010209240703040001a5301124060604050800040005000600f4ff040924030506030501f909240702020005cbad0924030601010303de092404"], &(0x7f0000001240)={0x0, 0x0, 0x0, 0x0})
mount$tmpfs(0x0, 0x0, 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
mount(&(0x7f0000000100)=@nullb, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000000)='ntfs3\x00', 0x0, &(0x7f0000000340))
syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)=ANY=[], &(0x7f0000000240)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x300, 0xfd, 0x0, 0x3, 0x20, 0x9}, 0x18c, &(0x7f0000000280)=ANY=[@ANYBLOB="050f8c010310100a77a1f1140011000d0030000000f41003cc32b90a5f9c3c914cf9baf519649b348b3bd37010b3aa84f4dc2b3c6df5f7bf1ed221efb71d6c9103908bd2d47fd52bad31388c1af3fb1f330eb94526e1176bdd2104916123c230b009dd3b1dc8e786e58ddc6869fbc9790c80924f91852c0adf61405c4e6c297add6fdf3e50f9f4f1d30eb6383d2896191112550a1cff7da882bd3dbf295d1a4f528a9b3ff1a3f5f83084a65ae107b2e684c1943d7ba854f808a0d04231cb251648e19d9512a73853dc9e3cb2099086f5dd499806942d11a151333e57e0cca18cbb297d3c405d4f2ecfb5364f421dd462ed43d53eff1544eb38700d99935f65f7b7006516a7b8962cfa751e39218310020c78036514c1218553ae3bcd72ab1ae202d826463515c3ad70c51a8809c6e8f5c2e09f1af725499334a81d87ba8d316b4f9baf8e012b328fc9ddc1cf925bf5f47068b4d6f90610ee121da35f8d6443d19f4f9381885467a193a5998ee930db096f67620a834da3ce5e599276843ef9b65b17cd2e571ab2feb8d171d69e02cc707c40166c55c8ffb3e13c186d4ef6bb295851bb7a3d21c82156265cde245a48c17ddcc34cdee1e77cc921e53cb2d57521472c0422a7d6edec526e05b55ed04f0e6f6180921cdee4cf735abadb752277234aeea1a2402955142b4b7d33a68dfa97470b447595626b83670c3b3687373322ee8e51dcb5688f7af590f9490f9457a276c1d6227fcde27d49b3594f06787649feaf823b9ba9e17146b0183a203f4fdbcf59ef383440141fe3a8cc667e5774a778ba73e33e86c9c507f69adfbad172556b26579d20995b9d0536cb7b7dd4c36480c6a5b7d8dfa2ce6a45200932d6e19884c22516398520a8888f4330065dfbffe125a49b3a5e76608a9ae7f8"]})
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
mount(&(0x7f0000000100)=@loop={'/dev/loop', 0x0}, &(0x7f0000000180)='./file0\x00', &(0x7f0000000280)='ntfs3\x00', 0x1a0c80, &(0x7f0000000300)='/dev/i2c-#\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r6, 0xc08c5332, &(0x7f0000000040)={0x0, 0x0, 0x0, 'queue0\x00'})
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="12000000050000000800000008"], 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000380)={0x0, r3}, 0x8)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c0099e77abf04c7cc750000000000"], 0x0, 0x26}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x3, &(0x7f0000000040)=@framed, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r8, 0x8, 0x0, 0x0, 0x30, &(0x7f00000001c0), 0x10}, 0x71)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x0, 0xc, &(0x7f00000003c0)=ANY=[@ANYRES32=r7, @ANYBLOB="2100000000000000000000000000000818110000", @ANYRESHEX=r2, @ANYRES64=r0, @ANYRESHEX=r8], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x4, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r9, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})
socket(0x1, 0x803, 0x0)
syz_open_dev$admmidi(&(0x7f0000000080), 0x2, 0x40000)

28.097959802s ago: executing program 3 (id=4341):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r1)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f0000000000)=<r4=>0x0)
sendmsg$NFC_CMD_SE_IO(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)={0x4c, r2, 0x105, 0x70bd2e, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x2}, @NFC_ATTR_SE_APDU={0x28, 0x19, "7312167dbebebffcf2b338994135a106a243f80274ca652729c0623461e82dcbf0731900"}]}, 0x4c}, 0x1, 0x0, 0x0, 0x200010d4}, 0x4000000)
getsockopt$inet_mptcp_buf(r0, 0x11c, 0x0, &(0x7f0000000400)=""/247, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='bic\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f0000000240)=0x1, 0x4)
sendto$inet(r0, &(0x7f0000000340)='\x00', 0x1, 0x0, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
r6 = accept$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000200)={<r7=>r0, 0x9, 0xffffffffffff0001, 0x6})
setsockopt$inet6_int(r6, 0x29, 0xc9, &(0x7f0000000100)=0x5, 0x4)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020002000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00"], 0x80}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x15, 0x14, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8}, {}, {}, [@map_val={0x18, 0x4, 0x2, 0x0, r7, 0x0, 0x0, 0x0, 0x7ff}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0x74}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, @sk_reuseport, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)

26.047570985s ago: executing program 7 (id=4350):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f0000000000)=r4, 0x4)
sendmsg$IPCTNL_MSG_CT_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)={0x1c, 0x1, 0x1, 0x201, 0x0, 0x0, {0x7}, [@CTA_MARK_MASK={0x8, 0x15, 0x1, 0x0, 0x4}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0xc044) (async)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="01000000eaffffff83000040", @ANYRESHEX=r0])

25.588450047s ago: executing program 7 (id=4352):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={0x0, 0xa4}}, 0x40000844)
socket(0x10, 0x3, 0x0)
close(0xffffffffffffffff)
r1 = socket(0x10, 0x3, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000100))
r3 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r3, 0x80045017, 0x0)
r4 = syz_open_dev$sndpcmp(&(0x7f0000001200), 0x0, 0xa2c65)
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r5, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffe, 0x6, 0x2, @scatter={0x1, 0xcc, &(0x7f0000000700)=[{&(0x7f0000000800)=""/215, 0xd7}]}, &(0x7f0000000080)="0000501ef663", 0x0, 0x800004, 0x10032, 0x0, 0x0})
mkdir(&(0x7f0000001c00)='./file0\x00', 0x0)
r6 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
chdir(&(0x7f00000001c0)='./file0\x00')
unlinkat(r6, &(0x7f0000000280)='./file0\x00', 0x200)
rename(&(0x7f0000000040)='./bus\x00', &(0x7f0000000600)='./file0\x00')
r7 = syz_usb_connect(0x0, 0x24, &(0x7f0000000340)=ANY=[@ANYRES16=r3, @ANYBLOB="53058968789995c13b945280ba3a9d84754cf88ca07da50b189e79b3cfedf6398b9c1fde8a99e0f04cc2f6cae7c71b84cf91fd717fbb99586ea1b2d2cd5ae1a85c7db1207547088ad5ad41def78bc58de8b7a197017b98d7e0a875ba1f04", @ANYRES32=r1], 0x0)
syz_usb_control_io$cdc_ecm(r7, 0x0, &(0x7f0000000540)={0x1c, &(0x7f0000000380)=ANY=[], 0x0, 0x0})
write$snddsp(r4, &(0x7f00000003c0)="3e5bfc5e293ca3c93b446e8f01040000f084edee00f72184c1c122949d787d33f1ccf9e68ce1bbb2711b6f3254d35892040000003336f9e35c1899ab6503a76ff2877771", 0x44)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0xe, 0x42031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r8, 0x89f1, &(0x7f0000001040)={'sit0\x00', 0x0})
syz_io_uring_setup(0x584e, &(0x7f0000000200)={0x0, 0x19fa, 0x4000, 0x2, 0x318, 0x0, r6}, &(0x7f00000002c0), &(0x7f0000000300))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r9 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r9, &(0x7f0000002000)=""/102400, 0x19000)

24.279447263s ago: executing program 5 (id=4354):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x5c, 0x2, 0x6, 0x111, 0x0, 0x0, {}, [@IPSET_ATTR_TYPENAME={0x10, 0x3, 'hash:ip,mac\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x0}, @IPSET_ATTR_MAXELEM={0x8}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}]}, 0x5c}}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa20000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NODES(r6, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r7, 0x1, 0x70bd2c, 0x25dfdbfb}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x840)

23.250141199s ago: executing program 5 (id=4355):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c9042, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000000000000000000000000000071123400000000009500000000000000aa45b763f2b4531577e9b9acc86920b2cf46c5055f01f35147c99b2241cfdfd4caaf1d2862d27c425578935beb434134b6f00b761ec2f1486583"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x80)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
set_mempolicy(0x8006, &(0x7f0000000280)=0xfff, 0x3)
r5 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r1}, 0x8)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000e8ff0000000000ff000044850000000e0000003f0000d30000000095"], &(0x7f0000000100)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41100, 0x27, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000640)='mm_page_alloc\x00', r6, 0x0, 0x2000000000000000}, 0x18)
r7 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r7, 0x107, 0xd, &(0x7f0000000000)=@req3={0x410000, 0x100000001, 0x210000, 0x1, 0xa, 0x0, 0x78}, 0x1c)
socket$unix(0x1, 0x1, 0x0)
unshare(0x22000600)
socket(0x10, 0x3, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0200000004000000010000003bd9082000840900000000000000", @ANYRES16=r6, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES8=r0, @ANYBLOB='\x00'/28], 0x50)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x3, 0x7, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018100000", @ANYRES32=r8, @ANYBLOB="000000000000000018100000", @ANYRES32=r9, @ANYBLOB="000000000000000095"], &(0x7f0000000a00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0a000000090000004200010008eea80000000000", @ANYRES64=r2, @ANYBLOB='\x00'/20, @ANYRESHEX=r5, @ANYRES8=r1, @ANYRES32=r8], 0x48)

21.621875946s ago: executing program 9 (id=4361):
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
bind$bt_l2cap(0xffffffffffffffff, &(0x7f0000000000)={0x1f, 0x3, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x6}, 0x5ad, 0x2}, 0xe)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd)
r1 = epoll_create1(0x0)
r2 = socket(0x1, 0x80802, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x80, 0x0, 0x0, 0xffbfffff}, 0x10)
sendmsg$nl_route(r3, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_udplite(0x2, 0x2, 0x88)
mknodat(0xffffffffffffffff, &(0x7f0000000080)='./file1\x00', 0x8000, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000640)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000803200000000000000000000000000000000000001000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffffffffffff0000000000000000000000000000000000000000000000000000000002000100af00000000000000"], 0x170}}, 0x0)
landlock_create_ruleset(0x0, 0x0, 0x0)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_DELETE(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[], 0x40}, 0x1, 0x0, 0x0, 0x4c894}, 0x0)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000000))
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r2, &(0x7f00000000c0))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x2, r2, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x2)
socket$unix(0x1, 0x2, 0x0)

21.53004512s ago: executing program 5 (id=4362):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$alg(0x26, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xf, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1e, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x32122)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4)
sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)

20.895525273s ago: executing program 7 (id=4363):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000040000000000000000000085"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x18)

20.830835625s ago: executing program 5 (id=4364):
syz_emit_vhci(&(0x7f00000002c0)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x1, 0x406}}}, 0x7)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x4a}, "e908d86d79ca620b2cfefd159e1a670b2267757090c6030377e2e530ddc5bad46df4e4cb9cfc3e0d1ab05c1bc6ddbb2b5a4bf2c06a702d5bce22182415ac9517ec907c9617360c3f01de"}, 0x4e)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0), 0x161440, 0x0)
r1 = openat$dsp(0xffffff9c, &(0x7f0000000080), 0x82040, 0x0)
ioctl$SOUND_MIXER_WRITE_RECSRC(r1, 0xc0044dff, &(0x7f0000000100)=0x9)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket(0x1e, 0x805, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x8}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0x2}, 0x0, 0x0)

20.704279044s ago: executing program 9 (id=4366):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080)=0x1, 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bf"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f00000003c0)={0xffffffffffffffff, 0x20, &(0x7f0000000180)={&(0x7f0000000240)=""/84, 0x54, <r2=>0x0, 0x0}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000480)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0xffffffff, 0x3}, 0x8, 0x10, 0x0, 0x0, r2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x18)
getrusage(0xffffffffffffffff, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
memfd_create(&(0x7f0000000b00)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9b5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xe4\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\\\xb0:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x19\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd\xa65`8\x83\xb1\x90\xc3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1exQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1.EaR5\xd6aC\x93\xe24\xf8\x88\x10\b1\xcb\xa2\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb0\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x80\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1$\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7f\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j', 0x2)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000078000000030a01030000000000000000050000000900010073797a300000000008000540000000001c0008800c00024000000000000000000c00014000000000000000000900030073797a3200000000280004800800024000000000140003007465616d5f736c6176655f3000000000080001400000000114000000020a090100000000000000000000000014000000110001"], 0xd4}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)

18.546016398s ago: executing program 0 (id=4367):
r0 = socket$rds(0x15, 0x5, 0x0)
sendmsg$rds(r0, &(0x7f00000002c0)={&(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8800}, 0x4000000) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0) (async)
prctl$PR_GET_DUMPABLE(0x3) (async, rerun: 32)
creat(&(0x7f00000002c0)='./file0\x00', 0x0) (rerun: 32)
pipe2$9p(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15) (async)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) (async)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r4, &(0x7f00000007c0)=ANY=[@ANYBLOB="b8000000000000e3f3e6b68d64c8223f554d1c8b00e7ac687f6254a9c38d"], 0xb8) (async)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r3]) (async, rerun: 32)
listxattr(&(0x7f0000000240)='./file0\x00', 0x0, 0x0) (rerun: 32)
r5 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x141341)
ioctl$USBDEVFS_CONTROL(r5, 0xc0185500, &(0x7f00000000c0)={0x80, 0x6, 0x302, 0x0, 0x2, 0x0, 0x0}) (async)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_IOAS_MAP(r6, 0x3b85, &(0x7f0000000440)={0x28, 0x6, r7, 0x0, &(0x7f0000000480)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0xfffffffffffffe72, 0x2})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="700000001000810500"/20, @ANYRES32=0x0, @ANYBLOB="0580040000000000500012800b00010067656e657665000040000280050008000000000005000d000100000005000d000200000008000b4000001e82060005004e210000140007"], 0x70}}, 0x0)

18.40708223s ago: executing program 9 (id=4368):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
ioctl$KVM_GET_MSR_INDEX_LIST(r2, 0xc004ae0a, &(0x7f0000000440)=ANY=[])
ioctl$SNDCTL_DSP_SETFMT(r1, 0xc0045005, &(0x7f00000000c0)=0x399)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x18, 0x52, 0x1, 0xfffffffc, 0x0, {0xa}, [@typed={0x4, 0x2, 0x0, 0x0, @binary}]}, 0x18}}, 0x0)
writev(r0, &(0x7f0000000000)=[{0x0}, {0x0}, {&(0x7f0000001480)}], 0x3)
r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
fcntl$setstatus(r4, 0x4, 0x42000)
readv(r4, &(0x7f0000000280)=[{&(0x7f0000000340)=""/127, 0x7f}], 0x1)
socket$inet6(0xa, 0xa, 0x6)
dup2(r0, r0)
ioctl$SG_GET_VERSION_NUM(r4, 0x2282, &(0x7f0000000040))
ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5393, &(0x7f0000000000))

18.325829677s ago: executing program 5 (id=4369):
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="1b00000000000010000000000080000000000000", @ANYRES32], 0x50)
r1 = syz_open_dev$loop(&(0x7f0000000480), 0xd76, 0x181400)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000400)=ANY=[], 0x1df)
write$binfmt_misc(r2, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000040)={@in6={{0xa, 0x4e22, 0x2, @remote, 0x7fff}}, 0x0, 0x0, 0x27, 0x0, "e05b51c1c817c51aa59c3ab5415ab8ebfeaddd69dc448e4627672de9223f9b0ca90026972dececdbe415ec97d7e88525f9822b92d3618edd9cbc454f0bef817590690c0db9f4e785eb6ef853b243e145"}, 0xd8)

18.250836072s ago: executing program 0 (id=4370):
lsm_list_modules(0x0, &(0x7f00000000c0), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socket$nl_sock_diag(0x10, 0x3, 0x4)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='sched_switch\x00', r1}, 0x18)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x42801, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000100)={0x3, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="0203f3021600000000000000000000000200090008000000e9000000000000000300060000000000020000000000000000000000000000000200010000000000000003fdff000020030005000000000002000000ac1414aa00000000000000000a00080008"], 0xb0}, 0x1, 0x7}, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout_data(r6, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000180)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x40}, {0x6}]}, 0x10)
r7 = signalfd4(r6, &(0x7f00000000c0)={[0xff]}, 0x8, 0x800)
io_uring_enter(r7, 0x43d0, 0x4add, 0x1, &(0x7f0000000140)={[0x8]}, 0x8)
socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket(0xa, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r8, 0x0, 0x80, &(0x7f0000000300)=@broute={'broute\x00', 0x20, 0x2, 0x2, [0x0, 0x204, 0x0, 0x1, 0xffffffffbffffffe, 0x200004c0], 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYRES16]}, 0x7a)

18.011719773s ago: executing program 9 (id=4371):
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000080)={'wlan1\x00', &(0x7f0000000000)=@ethtool_coalesce={0xf, 0x100007, 0x4, 0x2, 0x5, 0x94, 0xc1, 0x9, 0x20000005, 0x10000, 0xa, 0x80000001, 0xd, 0x4, 0x7, 0x7, 0xcc000000, 0x6, 0x4, 0xf, 0x2, 0xfffffff3, 0x3}})
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_int(r0, 0x0, 0x18, 0x0, &(0x7f00000000c0))
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$CAN_RAW_ERR_FILTER(0xffffffffffffffff, 0x65, 0x2, &(0x7f0000000000)=0xc00, 0x4)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(0xffffffffffffffff, &(0x7f0000000440)=@abs={0x1, 0x0, 0x4e23}, 0x6e)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$FOU_CMD_GET(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000003c0)={&(0x7f0000000240)=ANY=[@ANYRES16=0x0, @ANYBLOB="00002abd7000fedbdf250300000006000a004e23000005000300000000000800", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00'], 0x34}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
r3 = socket(0x8000000010, 0x2, 0x0)
write(r3, &(0x7f00000002c0)="fc0000001c000704ab5b2509b868030002ab087a0100000001481093210001c0f0030584050060100000000000039815fa2c53c28648000000b9d95662537a00bc000c00f0ff7f0000b400600033d44000040560916a0033f436313012dafd5a32e273fc83ab82d710f74cec184406f90d435ef8b29d3ef3d92c94170e5bba2e177312e081bea05d3a021e8ca062914a46ccfc510bb73c9455cdc8363ae4f5df77bc4cfd6239ec2a0f0d1bcae5fa0f5f9dcdd51af51af8502943283f4bb102b2b8f5566791cf190201ded815b2ccd243f395ed94e0ad91bd6433802e0784f2013cd1890058a10000c880ac801fe4af000049f0d4796f0000090548de", 0xfc)
r4 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r4, &(0x7f0000000400)={0x2, 0x4e20, @remote}, 0x10)
sendmmsg$inet(r4, &(0x7f0000005240)=[{{0x0, 0x0, 0x0}, 0xfffffdef}], 0x4000095, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f0000000180)={{0x2, 0x4e23, @loopback}, {0x20000010304, @local}, 0x4, {0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}})
bpf$MAP_CREATE(0x0, 0x0, 0x50)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000140)={<r6=>0x0, 0x9}, &(0x7f0000000280)=0x8)
getsockopt$inet_sctp_SCTP_RTOINFO(r3, 0x84, 0x0, &(0x7f00000004c0)={r6, 0x2, 0x1b8, 0x9}, &(0x7f0000000500)=0x10)

17.991704692s ago: executing program 5 (id=4372):
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$SOUND_PCM_READ_RATE(r0, 0x80045002, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x0)
syz_open_dev$sndpcmp(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x8080583a, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$alg(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x28000054)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000380)={'ip6tnl0\x00', &(0x7f0000000300)={'syztnl0\x00', <r4=>0x0, 0x2, 0x36, 0x5, 0x8, 0x12, @mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8, 0x40, 0x4, 0x7}})
accept4$rose(r2, &(0x7f0000000400)=@short={0xb, @dev, @rose, 0x1, @netrom}, &(0x7f0000000440)=0x1c, 0x0)
sendmsg$nl_route_sched_retired(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000008c0)=@newchain={0x24, 0x64, 0x8, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0xd, 0xb}, {0xa, 0xf}, {0x3, 0xe}}}, 0x24}}, 0x0)
recvmmsg(r2, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000500)=""/217, 0xd9}, {&(0x7f0000000600)=""/134, 0x86}, {&(0x7f00000006c0)=""/21, 0x15}], 0x3}, 0x4}], 0x2, 0x60, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'syzkaller0\x00'})
mmap$dsp(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x5, 0x11, r0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000140)=0x1000)
io_setup(0x3, &(0x7f00000003c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0b00000008000000040000000600000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000e5ffffff00aff86d081c66ca639f1933b251a4145b3d0000000000000000d64e5c7ae8c0824180f2000000000000000201269aa104132fcb9197ac8c62e5aef2e13713a6815d676e86b1eefca3eadde6fca539dddae603a7af"], 0x50)

17.270734845s ago: executing program 0 (id=4373):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in6={{0xa, 0x4e20, 0x6, @empty, 0x4}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x3000000, 0x0, 0x300, 0x0, 0x54}, 0x9c)

16.851092991s ago: executing program 9 (id=4374):
r0 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x8, 0x1, 0x0, "fbe237e7f30f000000df483200", 0x30314247})

16.805374915s ago: executing program 9 (id=4375):
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000000)=ANY=[@ANYRESDEC=0x0], 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000340)={@local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb763e", 0x10, 0x3a, 0xff, @dev={0xfe, 0x80, '\x00', 0x41}, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}}}}}, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(0x0, 0xffffffffffffffff)
r1 = syz_open_dev$midi(&(0x7f0000000080), 0x9, 0x410140)
cachestat(r1, &(0x7f00000000c0)={0x0, 0x8}, &(0x7f0000000100), 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xc38, &(0x7f00000000c0)=ANY=[])
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x12, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ba000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000003900000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @cgroup_sock_addr=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

16.64942575s ago: executing program 7 (id=4376):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000850000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='sys_exit\x00', r0, 0x0, 0xbe}, 0x18) (async)
eventfd(0xffffffff)
syz_usb_connect$uac1(0x0, 0xa6, &(0x7f00000000c0)=ANY=[@ANYBLOB="12011001000000406b1d01014000010203010902940003011010060904000000010100000a2401018000020102072408040100050c240703000000d8857005850904010000010200000904010101010200000c24020102030301635171cc072501017f0400090402001090f3bb5692162fe294d8e478a11b009637744a090402010101020000072401010502100f240202966801000078f4cd9535ca090582090800"], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0})

16.222972344s ago: executing program 0 (id=4377):
syz_emit_vhci(&(0x7f00000002c0)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x1, 0x406}}}, 0x7)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
syz_emit_vhci(&(0x7f00000000c0)=@HCI_SCODATA_PKT={0x3, {0xc9, 0x4a}, "e908d86d79ca620b2cfefd159e1a670b2267757090c6030377e2e530ddc5bad46df4e4cb9cfc3e0d1ab05c1bc6ddbb2b5a4bf2c06a702d5bce22182415ac9517ec907c9617360c3f01de"}, 0x4e)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0), 0x161440, 0x0)
r1 = openat$dsp(0xffffff9c, &(0x7f0000000080), 0x82040, 0x0)
ioctl$SOUND_MIXER_WRITE_RECSRC(r1, 0xc0044dff, &(0x7f0000000100)=0x9)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket(0x1e, 0x805, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x8}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff, 0x2}, 0x0, 0x0)

15.380198078s ago: executing program 0 (id=4378):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000040)={'gre0\x00', @link_local})
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}]})

15.310706685s ago: executing program 0 (id=4379):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
r1 = syz_usb_connect(0x5, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xc7, 0x3d, 0x8a, 0x8, 0x2770, 0x9120, 0x6c77, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x91, 0xb0, 0xe2}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, 0x0, &(0x7f0000000580)={0x2c, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000040)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
listen(r0, 0xfffffffc)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20080, 0x80e1}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
close(0x4)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r5, 0x7, 0x0, 0x242800, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)

13.015059531s ago: executing program 40 (id=4341):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r1)
r3 = openat$nci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r3, 0x0, &(0x7f0000000000)=<r4=>0x0)
sendmsg$NFC_CMD_SE_IO(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)={0x4c, r2, 0x105, 0x70bd2e, 0x25dfdbfe, {}, [@NFC_ATTR_DEVICE_INDEX={0x8, 0x1, r4}, @NFC_ATTR_SE_INDEX={0x8, 0x15, 0x2}, @NFC_ATTR_SE_APDU={0x28, 0x19, "7312167dbebebffcf2b338994135a106a243f80274ca652729c0623461e82dcbf0731900"}]}, 0x4c}, 0x1, 0x0, 0x0, 0x200010d4}, 0x4000000)
getsockopt$inet_mptcp_buf(r0, 0x11c, 0x0, &(0x7f0000000400)=""/247, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='bic\x00', 0x4)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f0000000240)=0x1, 0x4)
sendto$inet(r0, &(0x7f0000000340)='\x00', 0x1, 0x0, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)
r6 = accept$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000200)={<r7=>r0, 0x9, 0xffffffffffff0001, 0x6})
setsockopt$inet6_int(r6, 0x29, 0xc9, &(0x7f0000000100)=0x5, 0x4)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a58000000160a03020002000000000000020000000900020073797a30000000000900010073797a30000000002c00038008000140000000000800024000000000180003801400010073797a5f74756e00"], 0x80}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x15, 0x14, &(0x7f0000000500)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x8}, {}, {}, [@map_val={0x18, 0x4, 0x2, 0x0, r7, 0x0, 0x0, 0x0, 0x7ff}, @btf_id={0x18, 0x3, 0x3, 0x0, 0x3}, @call={0x85, 0x0, 0x0, 0x74}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x9, 0x0, 0x0, 0x0, 0x25, '\x00', 0x0, @sk_reuseport, 0x0, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)

2.503795602s ago: executing program 41 (id=4372):
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$SOUND_PCM_READ_RATE(r0, 0x80045002, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x0)
syz_open_dev$sndpcmp(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x8080583a, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmsg$alg(r2, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x28000054)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000380)={'ip6tnl0\x00', &(0x7f0000000300)={'syztnl0\x00', <r4=>0x0, 0x2, 0x36, 0x5, 0x8, 0x12, @mcast2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x8, 0x40, 0x4, 0x7}})
accept4$rose(r2, &(0x7f0000000400)=@short={0xb, @dev, @rose, 0x1, @netrom}, &(0x7f0000000440)=0x1c, 0x0)
sendmsg$nl_route_sched_retired(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000008c0)=@newchain={0x24, 0x64, 0x8, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0xd, 0xb}, {0xa, 0xf}, {0x3, 0xe}}}, 0x24}}, 0x0)
recvmmsg(r2, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000500)=""/217, 0xd9}, {&(0x7f0000000600)=""/134, 0x86}, {&(0x7f00000006c0)=""/21, 0x15}], 0x3}, 0x4}], 0x2, 0x60, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'syzkaller0\x00'})
mmap$dsp(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x5, 0x11, r0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000140)=0x1000)
io_setup(0x3, &(0x7f00000003c0))
bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0b00000008000000040000000600000001000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000e5ffffff00aff86d081c66ca639f1933b251a4145b3d0000000000000000d64e5c7ae8c0824180f2000000000000000201269aa104132fcb9197ac8c62e5aef2e13713a6815d676e86b1eefca3eadde6fca539dddae603a7af"], 0x50)

1.50402428s ago: executing program 42 (id=4376):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x5, &(0x7f00000027c0)=ANY=[@ANYBLOB="180000000000000000000000ff000000850000000f000000850000005000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000400)='sys_exit\x00', r0, 0x0, 0xbe}, 0x18) (async)
eventfd(0xffffffff)
syz_usb_connect$uac1(0x0, 0xa6, &(0x7f00000000c0)=ANY=[@ANYBLOB="12011001000000406b1d01014000010203010902940003011010060904000000010100000a2401018000020102072408040100050c240703000000d8857005850904010000010200000904010101010200000c24020102030301635171cc072501017f0400090402001090f3bb5692162fe294d8e478a11b009637744a090402010101020000072401010502100f240202966801000078f4cd9535ca090582090800"], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0})

1.463045463s ago: executing program 43 (id=4375):
r0 = syz_usb_connect(0x0, 0x4a, &(0x7f0000000000)=ANY=[@ANYRESDEC=0x0], 0x0)
syz_emit_ethernet(0x46, &(0x7f0000000340)={@local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "cb763e", 0x10, 0x3a, 0xff, @dev={0xfe, 0x80, '\x00', 0x41}, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}}}}}, 0x0)
syz_genetlink_get_family_id$netlbl_cipso(0x0, 0xffffffffffffffff)
r1 = syz_open_dev$midi(&(0x7f0000000080), 0x9, 0x410140)
cachestat(r1, &(0x7f00000000c0)={0x0, 0x8}, &(0x7f0000000100), 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0xc38, &(0x7f00000000c0)=ANY=[])
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x12, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ba000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000003900000095"], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x24, '\x00', 0x0, @cgroup_sock_addr=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

0s ago: executing program 44 (id=4379):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
r1 = syz_usb_connect(0x5, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xc7, 0x3d, 0x8a, 0x8, 0x2770, 0x9120, 0x6c77, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x91, 0xb0, 0xe2}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, 0x0, &(0x7f0000000580)={0x2c, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000040)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
listen(r0, 0xfffffffc)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20080, 0x80e1}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
close(0x4)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r5, 0x7, 0x0, 0x242800, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)

kernel console output (not intermixed with test programs):

T5933] usb 10-1: config 0 descriptor??
[ 1516.428073][T19024] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1516.478151][T19024] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3739'.
[ 1517.115899][ T5933] usb 10-1: USB disconnect, device number 20
[ 1518.425046][ T6773] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1518.454346][T17136] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[ 1519.013359][T17136] usb 8-1: Using ep0 maxpacket: 16
[ 1519.132548][T19053] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3747'.
[ 1519.773525][T17136] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1519.794987][T17136] usb 8-1: New USB device found, idVendor=045e, idProduct=0721, bcdDevice=9c.25
[ 1519.813349][T17136] usb 8-1: New USB device strings: Mfr=0, Product=251, SerialNumber=3
[ 1519.821611][T17136] usb 8-1: Product: syz
[ 1519.838569][T17136] usb 8-1: SerialNumber: syz
[ 1519.859189][T17136] usb 8-1: config 0 descriptor??
[ 1519.905570][T17136] usb 8-1: Found UVC 0.00 device syz (045e:0721)
[ 1519.912137][T17136] usb 8-1: No valid video chain found.
[ 1520.463220][ T6773] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1520.626766][ T6773] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1520.747568][ T6773] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1521.140404][ T6773] bridge_slave_1: left allmulticast mode
[ 1521.152288][ T6773] bridge_slave_1: left promiscuous mode
[ 1521.239708][T17136] usb 8-1: USB disconnect, device number 14
[ 1521.322171][ T6773] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1521.386461][ T6773] bridge_slave_0: left allmulticast mode
[ 1521.402254][ T6773] bridge_slave_0: left promiscuous mode
[ 1521.422019][ T6773] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1521.642439][T19071] binder: 19062:19071 ioctl c0306201 200000000640 returned -22
[ 1521.649324][T19069] syz.7.3755 (19069): drop_caches: 2
[ 1521.746014][T19071] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3754'.
[ 1522.443711][ T5839] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1522.462909][ T5839] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1522.473739][ T5839] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1522.484807][ T5839] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1522.524891][ T5839] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1522.556296][ T5840] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1522.566680][ T5840] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1522.574734][ T5840] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1522.582928][ T5840] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1522.592956][ T5840] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1524.043054][ T6773] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1524.089278][ T6773] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1524.109023][ T6773] bond0 (unregistering): Released all slaves
[ 1524.323473][ T6773] tipc: Disabling bearer <udp:syz0>
[ 1524.338241][ T6773] tipc: Left network mode
[ 1524.481597][T19090] zonefs (nullb0) ERROR: Not a zoned block device
[ 1524.678919][ T5839] Bluetooth: hci1: command tx timeout
[ 1525.660576][T19101] Cannot find add_set index 0 as target
[ 1525.707942][T19101] XFS (nullb0): Invalid superblock magic number
[ 1525.750946][ T6773] hsr_slave_0: left promiscuous mode
[ 1525.777600][ T6773] hsr_slave_1: left promiscuous mode
[ 1525.780879][T19108] Cannot find add_set index 0 as target
[ 1525.787773][ T6773] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1525.798136][ T6773] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1525.834680][ T6773] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1525.863440][ T6773] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1526.756146][ T5839] Bluetooth: hci1: command tx timeout
[ 1526.770374][ T6773] veth1_macvtap: left promiscuous mode
[ 1526.776427][ T6773] veth0_macvtap: left promiscuous mode
[ 1526.782144][ T6773] veth1_vlan: left promiscuous mode
[ 1526.787533][ T6773] veth0_vlan: left promiscuous mode
[ 1527.982865][ T6773] team0 (unregistering): Port device team_slave_1 removed
[ 1528.050174][ T6773] team0 (unregistering): Port device team_slave_0 removed
[ 1528.623995][T19109] netlink: 786 bytes leftover after parsing attributes in process `syz.9.3762'.
[ 1528.824561][ T5839] Bluetooth: hci1: command tx timeout
[ 1529.215031][T19077] chnl_net:caif_netlink_parms(): no params data found
[ 1530.894532][ T5839] Bluetooth: hci1: command tx timeout
[ 1530.925301][T19077] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1530.964297][T19077] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1530.991833][T19077] bridge_slave_0: entered allmulticast mode
[ 1531.022393][T19077] bridge_slave_0: entered promiscuous mode
[ 1531.169716][T19077] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1531.182627][T19077] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1531.191927][T19177] netlink: 'syz.9.3783': attribute type 7 has an invalid length.
[ 1531.192759][T19077] bridge_slave_1: entered allmulticast mode
[ 1531.212549][T19077] bridge_slave_1: entered promiscuous mode
[ 1531.220500][T19175] netlink: 786 bytes leftover after parsing attributes in process `syz.3.3781'.
[ 1531.256772][T19177] : entered promiscuous mode
[ 1531.407075][T19077] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1531.441569][T19077] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1531.592637][T19077] team0: Port device team_slave_0 added
[ 1531.627651][T19077] team0: Port device team_slave_1 added
[ 1531.827707][T19077] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1532.793055][T19077] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1532.841714][T19077] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1532.966138][T19077] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1533.090361][T19077] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1533.244213][T19077] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1534.769677][T19077] hsr_slave_0: entered promiscuous mode
[ 1535.043525][T19077] hsr_slave_1: entered promiscuous mode
[ 1535.354669][T19208] FAULT_INJECTION: forcing a failure.
[ 1535.354669][T19208] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1535.379995][T19208] CPU: 0 UID: 0 PID: 19208 Comm: syz.0.3790 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(full) 
[ 1535.380065][T19208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1535.380084][T19208] Call Trace:
[ 1535.380093][T19208]  <TASK>
[ 1535.380103][T19208]  dump_stack_lvl+0x189/0x250
[ 1535.380132][T19208]  ? __pfx____ratelimit+0x10/0x10
[ 1535.380180][T19208]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1535.380206][T19208]  ? __pfx__printk+0x10/0x10
[ 1535.380235][T19208]  ? __might_fault+0xb0/0x130
[ 1535.380285][T19208]  should_fail_ex+0x414/0x560
[ 1535.380324][T19208]  _copy_from_user+0x2d/0xb0
[ 1535.380353][T19208]  ___sys_sendmsg+0x158/0x2a0
[ 1535.380387][T19208]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1535.380458][T19208]  ? __fget_files+0x2a/0x420
[ 1535.380479][T19208]  ? __fget_files+0x3a0/0x420
[ 1535.380512][T19208]  __x64_sys_sendmsg+0x19b/0x260
[ 1535.380545][T19208]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1535.380586][T19208]  ? __pfx_ksys_write+0x10/0x10
[ 1535.380616][T19208]  ? rcu_is_watching+0x15/0xb0
[ 1535.380648][T19208]  ? do_syscall_64+0xbe/0x3b0
[ 1535.380676][T19208]  do_syscall_64+0xfa/0x3b0
[ 1535.380697][T19208]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1535.380731][T19208]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1535.380754][T19208]  ? clear_bhb_loop+0x60/0xb0
[ 1535.380782][T19208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1535.380805][T19208] RIP: 0033:0x7fc2e458e929
[ 1535.380825][T19208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1535.380845][T19208] RSP: 002b:00007fc2e23f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1535.380869][T19208] RAX: ffffffffffffffda RBX: 00007fc2e47b6080 RCX: 00007fc2e458e929
[ 1535.380886][T19208] RDX: 0000000000000044 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1535.380900][T19208] RBP: 00007fc2e23f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1535.380914][T19208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1535.380928][T19208] R13: 0000000000000000 R14: 00007fc2e47b6080 R15: 00007ffe51eebcb8
[ 1535.380962][T19208]  </TASK>
[ 1535.819310][T19212] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3791'.
[ 1535.864682][T19212] netlink: 'syz.9.3791': attribute type 11 has an invalid length.
[ 1536.655610][T19221] zonefs (nullb0) ERROR: Not a zoned block device
[ 1539.911606][T19077] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1539.977071][T19077] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1540.278622][T19077] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1541.048695][T19077] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1541.105481][T19261] netlink: 'syz.9.3804': attribute type 1 has an invalid length.
[ 1541.171049][T19261] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1541.251225][T19270] syz.7.3805 (19270): drop_caches: 2
[ 1541.270279][T19261] netlink: 72 bytes leftover after parsing attributes in process `syz.9.3804'.
[ 1541.820066][T19077] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1541.905166][T19077] 8021q: adding VLAN 0 to HW filter on device team0
[ 1541.944647][ T6780] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1541.951854][ T6780] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1542.097747][ T6780] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1542.105362][ T6780] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1546.098082][T19077] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1546.772368][T19314] Invalid ELF header magic: != ELF
[ 1549.421498][T19339] netlink: 36 bytes leftover after parsing attributes in process `syz.7.3823'.
[ 1549.774443][T19077] veth0_vlan: entered promiscuous mode
[ 1549.808692][T19077] veth1_vlan: entered promiscuous mode
[ 1550.087573][T19077] veth0_macvtap: entered promiscuous mode
[ 1550.099221][T19077] veth1_macvtap: entered promiscuous mode
[ 1550.149960][T19077] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1550.164643][T19077] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1550.177488][T19077] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1550.186672][T19077] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1550.195581][T19077] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1550.208306][T19077] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1550.333519][T16379] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[ 1550.387272][ T1139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1550.409381][ T1139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1550.493763][T16379] usb 8-1: Using ep0 maxpacket: 32
[ 1550.500946][T16379] usb 8-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1550.527188][ T1139] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1550.536282][T16379] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1550.554922][ T1139] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1550.565756][T16379] usb 8-1: config 0 descriptor??
[ 1550.587004][T16379] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1551.073366][T19362] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3828'.
[ 1551.309760][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1551.328107][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1551.349801][T16379] gspca_vc032x: reg_w err -110
[ 1551.366455][T16379] gspca_vc032x: I2c Bus Busy Wait 00
[ 1551.405174][T16379] gspca_vc032x: I2c Bus Busy Wait 00
[ 1551.410572][T16379] gspca_vc032x: I2c Bus Busy Wait 00
[ 1551.427012][T16379] gspca_vc032x: I2c Bus Busy Wait 00
[ 1551.432431][T16379] gspca_vc032x: I2c Bus Busy Wait 00
[ 1551.457414][T16379] gspca_vc032x: I2c Bus Busy Wait 00
[ 1551.477264][T16379] gspca_vc032x: I2c Bus Busy Wait 00
[ 1551.482695][T16379] gspca_vc032x: I2c Bus Busy Wait 00
[ 1551.505376][T16379] gspca_vc032x: I2c Bus Busy Wait 00
[ 1551.510764][T16379] gspca_vc032x: I2c Bus Busy Wait 00
[ 1551.559211][T16379] gspca_vc032x: I2c Bus Busy Wait 00
[ 1551.595998][T16379] gspca_vc032x: I2c Bus Busy Wait 00
[ 1551.716007][T16379] gspca_vc032x: I2c Bus Busy Wait 00
[ 1552.696474][T16379] gspca_vc032x: I2c Bus Busy Wait 00
[ 1552.701861][T16379] gspca_vc032x: I2c Bus Busy Wait 00
[ 1552.893042][T16379] gspca_vc032x: I2c Bus Busy Wait 00
[ 1552.909697][T16379] gspca_vc032x: I2c Bus Busy Wait 00
[ 1552.916104][T16379] gspca_vc032x: I2c Bus Busy Wait 00
[ 1552.921473][T16379] gspca_vc032x: Unknown sensor...
[ 1552.927807][T16379] vc032x 8-1:0.0: probe with driver vc032x failed with error -22
[ 1552.938454][T16379] usb 8-1: USB disconnect, device number 15
[ 1555.218908][T19379] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1555.224237][T19390] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3831'.
[ 1555.798584][T19398] [U] 
[ 1557.813740][T19400] netlink: 'syz.7.3839': attribute type 1 has an invalid length.
[ 1557.855001][T19400] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3839'.
[ 1557.896572][T19401] netlink: 104 bytes leftover after parsing attributes in process `syz.7.3839'.
[ 1559.705093][T16373] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[ 1559.722254][T19429] syz.9.3849 (19429): drop_caches: 2
[ 1559.827243][T19436] Falling back ldisc for ptm0.
[ 1559.840253][ T5896] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[ 1560.608208][T16373] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1560.629880][T16373] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1560.670514][T16373] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1560.724923][T16373] usb 8-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1560.733455][ T5896] usb 6-1: device descriptor read/64, error -71
[ 1560.804248][T19440] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3852'.
[ 1560.813432][T16373] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1560.816789][T16373] usb 8-1: config 0 descriptor??
[ 1561.516210][ T5896] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[ 1561.587542][T19451] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3854'.
[ 1561.663550][ T5896] usb 6-1: device descriptor read/64, error -71
[ 1561.869037][ T5896] usb usb6-port1: attempt power cycle
[ 1561.879796][T16373] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.7-1/input0
[ 1562.223476][ T5896] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[ 1562.354124][ T5896] usb 6-1: device descriptor read/8, error -71
[ 1562.599405][ T5896] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[ 1562.663764][T19462] block device autoloading is deprecated and will be removed.
[ 1562.843427][ T5896] usb 6-1: device not accepting address 33, error -71
[ 1562.907401][ T5896] usb usb6-port1: unable to enumerate USB device
[ 1563.040056][T19472] loop6: detected capacity change from 0 to 524287999
[ 1563.645337][T19479] syz.5.3862 (19479): drop_caches: 2
[ 1564.626060][T19485] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3864'.
[ 1565.066132][T16373] usb 8-1: USB disconnect, device number 16
[ 1568.306616][T19523] syz.0.3875 (19523): drop_caches: 2
[ 1568.343732][T19524] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3874'.
[ 1568.401898][T19521] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3874'.
[ 1568.881762][T19530] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3876'.
[ 1569.153679][T19533] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3878'.
[ 1569.363392][   T30] audit: type=1326 audit(2000002423.356:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19536 comm="syz.9.3879" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fd46118e929 code=0x7fc00000
[ 1570.341426][T19557] tipc: Started in network mode
[ 1570.346873][T19557] tipc: Node identity 4, cluster identity 4711
[ 1570.353088][T19557] tipc: Node number set to 4
[ 1571.334598][T19568] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3889'.
[ 1572.018995][T19573] FAULT_INJECTION: forcing a failure.
[ 1572.018995][T19573] name failslab, interval 1, probability 0, space 0, times 0
[ 1572.061291][T19573] CPU: 0 UID: 0 PID: 19573 Comm: syz.0.3891 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(full) 
[ 1572.061327][T19573] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1572.061342][T19573] Call Trace:
[ 1572.061352][T19573]  <TASK>
[ 1572.061363][T19573]  dump_stack_lvl+0x189/0x250
[ 1572.061396][T19573]  ? __pfx____ratelimit+0x10/0x10
[ 1572.061432][T19573]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1572.061464][T19573]  ? __pfx__printk+0x10/0x10
[ 1572.061505][T19573]  ? __pfx___might_resched+0x10/0x10
[ 1572.061531][T19573]  ? fs_reclaim_acquire+0x7d/0x100
[ 1572.061561][T19573]  should_fail_ex+0x414/0x560
[ 1572.061600][T19573]  should_failslab+0xa8/0x100
[ 1572.061625][T19573]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1572.061657][T19573]  ? io_submit_one+0x11f/0x1310
[ 1572.061685][T19573]  io_submit_one+0x11f/0x1310
[ 1572.061721][T19573]  ? __pfx_io_submit_one+0x10/0x10
[ 1572.061746][T19573]  ? __might_fault+0xb0/0x130
[ 1572.061792][T19573]  ? __might_fault+0xb0/0x130
[ 1572.061830][T19573]  __se_sys_io_submit+0x185/0x2f0
[ 1572.061868][T19573]  ? __pfx___se_sys_io_submit+0x10/0x10
[ 1572.061900][T19573]  ? ksys_write+0x22a/0x250
[ 1572.061944][T19573]  ? do_syscall_64+0xbe/0x3b0
[ 1572.061971][T19573]  do_syscall_64+0xfa/0x3b0
[ 1572.061993][T19573]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1572.062028][T19573]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1572.062051][T19573]  ? clear_bhb_loop+0x60/0xb0
[ 1572.062079][T19573]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1572.062101][T19573] RIP: 0033:0x7fc2e458e929
[ 1572.062122][T19573] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1572.062142][T19573] RSP: 002b:00007fc2e532a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[ 1572.062167][T19573] RAX: ffffffffffffffda RBX: 00007fc2e47b5fa0 RCX: 00007fc2e458e929
[ 1572.062184][T19573] RDX: 0000200000004540 RSI: 0000000000000001 RDI: 00007fc2e5309000
[ 1572.062199][T19573] RBP: 00007fc2e532a090 R08: 0000000000000000 R09: 0000000000000000
[ 1572.062214][T19573] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1572.062228][T19573] R13: 0000000000000000 R14: 00007fc2e47b5fa0 R15: 00007ffe51eebcb8
[ 1572.062263][T19573]  </TASK>
[ 1573.209855][T19585] netlink: 'syz.0.3894': attribute type 10 has an invalid length.
[ 1573.257558][T19585] team0: Port device veth0_virt_wifi added
[ 1573.369913][T19587] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1573.603736][T19587] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1574.661883][T19592] input: syz0 as /devices/virtual/input/input24
[ 1574.800608][T19587] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1574.965192][T19587] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1575.224883][T19587] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1575.244705][T19587] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1575.264007][T19587] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1575.287311][T19587] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1576.526195][T19619] bio_check_eod: 14 callbacks suppressed
[ 1576.526220][T19619] syz.5.3902: attempt to access beyond end of device
[ 1576.526220][T19619] loop5: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1576.584338][T19621] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3903'.
[ 1576.935255][T19621] netlink: 60 bytes leftover after parsing attributes in process `syz.0.3903'.
[ 1577.908454][T19622] [U] 
[ 1578.507215][T19631] FAULT_INJECTION: forcing a failure.
[ 1578.507215][T19631] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1578.573558][T19631] CPU: 0 UID: 0 PID: 19631 Comm: syz.9.3906 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(full) 
[ 1578.573592][T19631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1578.573607][T19631] Call Trace:
[ 1578.573616][T19631]  <TASK>
[ 1578.573625][T19631]  dump_stack_lvl+0x189/0x250
[ 1578.573658][T19631]  ? __pfx____ratelimit+0x10/0x10
[ 1578.573694][T19631]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1578.573720][T19631]  ? __pfx__printk+0x10/0x10
[ 1578.573763][T19631]  should_fail_ex+0x414/0x560
[ 1578.573803][T19631]  _copy_to_user+0x31/0xb0
[ 1578.573833][T19631]  simple_read_from_buffer+0xe1/0x170
[ 1578.573873][T19631]  proc_fail_nth_read+0x1df/0x250
[ 1578.573899][T19631]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1578.573926][T19631]  ? rw_verify_area+0x258/0x650
[ 1578.573957][T19631]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1578.573982][T19631]  vfs_read+0x1fd/0x980
[ 1578.574018][T19631]  ? __pfx___mutex_lock+0x10/0x10
[ 1578.574040][T19631]  ? __pfx_vfs_read+0x10/0x10
[ 1578.574072][T19631]  ? __fget_files+0x2a/0x420
[ 1578.574098][T19631]  ? __fget_files+0x3a0/0x420
[ 1578.574117][T19631]  ? __fget_files+0x2a/0x420
[ 1578.574146][T19631]  ksys_read+0x145/0x250
[ 1578.574179][T19631]  ? __pfx_ksys_read+0x10/0x10
[ 1578.574206][T19631]  ? rcu_is_watching+0x15/0xb0
[ 1578.574237][T19631]  ? do_syscall_64+0xbe/0x3b0
[ 1578.574263][T19631]  do_syscall_64+0xfa/0x3b0
[ 1578.574286][T19631]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1578.574309][T19631]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1578.574332][T19631]  ? clear_bhb_loop+0x60/0xb0
[ 1578.574359][T19631]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1578.574380][T19631] RIP: 0033:0x7fd46118d33c
[ 1578.574400][T19631] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1578.574418][T19631] RSP: 002b:00007fd461f10030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1578.574442][T19631] RAX: ffffffffffffffda RBX: 00007fd4613b6080 RCX: 00007fd46118d33c
[ 1578.574459][T19631] RDX: 000000000000000f RSI: 00007fd461f100a0 RDI: 0000000000000009
[ 1578.574471][T19631] RBP: 00007fd461f10090 R08: 0000000000000000 R09: 0000000000000000
[ 1578.574496][T19631] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[ 1578.574511][T19631] R13: 0000000000000000 R14: 00007fd4613b6080 R15: 00007ffeac0155d8
[ 1578.574545][T19631]  </TASK>
[ 1579.048981][T19640] FAULT_INJECTION: forcing a failure.
[ 1579.048981][T19640] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1579.105261][T19640] CPU: 1 UID: 0 PID: 19640 Comm: syz.9.3911 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(full) 
[ 1579.105297][T19640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1579.105312][T19640] Call Trace:
[ 1579.105321][T19640]  <TASK>
[ 1579.105332][T19640]  dump_stack_lvl+0x189/0x250
[ 1579.105365][T19640]  ? __pfx____ratelimit+0x10/0x10
[ 1579.105400][T19640]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1579.105424][T19640]  ? __pfx__printk+0x10/0x10
[ 1579.105468][T19640]  should_fail_ex+0x414/0x560
[ 1579.105507][T19640]  _copy_to_user+0x31/0xb0
[ 1579.105538][T19640]  simple_read_from_buffer+0xe1/0x170
[ 1579.105579][T19640]  proc_fail_nth_read+0x1df/0x250
[ 1579.105607][T19640]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1579.105636][T19640]  ? rw_verify_area+0x258/0x650
[ 1579.105666][T19640]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1579.105702][T19640]  vfs_read+0x1fd/0x980
[ 1579.105739][T19640]  ? __pfx___mutex_lock+0x10/0x10
[ 1579.105763][T19640]  ? __pfx_vfs_read+0x10/0x10
[ 1579.105795][T19640]  ? __fget_files+0x2a/0x420
[ 1579.105823][T19640]  ? __fget_files+0x3a0/0x420
[ 1579.105843][T19640]  ? __fget_files+0x2a/0x420
[ 1579.105875][T19640]  ksys_read+0x145/0x250
[ 1579.105909][T19640]  ? __pfx_ksys_read+0x10/0x10
[ 1579.105937][T19640]  ? rcu_is_watching+0x15/0xb0
[ 1579.105969][T19640]  ? do_syscall_64+0xbe/0x3b0
[ 1579.105995][T19640]  do_syscall_64+0xfa/0x3b0
[ 1579.106016][T19640]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1579.106050][T19640]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1579.106072][T19640]  ? clear_bhb_loop+0x60/0xb0
[ 1579.106100][T19640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1579.106123][T19640] RIP: 0033:0x7fd46118d33c
[ 1579.106143][T19640] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1579.106163][T19640] RSP: 002b:00007fd461f31030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1579.106187][T19640] RAX: ffffffffffffffda RBX: 00007fd4613b5fa0 RCX: 00007fd46118d33c
[ 1579.106204][T19640] RDX: 000000000000000f RSI: 00007fd461f310a0 RDI: 0000000000000006
[ 1579.106219][T19640] RBP: 00007fd461f31090 R08: 0000000000000000 R09: 0000000000000000
[ 1579.106234][T19640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1579.106248][T19640] R13: 0000000000000000 R14: 00007fd4613b5fa0 R15: 00007ffeac0155d8
[ 1579.106287][T19640]  </TASK>
[ 1579.469298][T17136] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[ 1579.477923][T19649] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3913'.
[ 1579.794188][T17136] usb 6-1: device descriptor read/64, error -71
[ 1580.033492][T17136] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[ 1580.516794][T17136] usb 6-1: device descriptor read/64, error -71
[ 1580.717326][T17136] usb usb6-port1: attempt power cycle
[ 1581.783421][T17136] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[ 1581.814836][T17136] usb 6-1: device descriptor read/8, error -71
[ 1582.357679][T17136] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[ 1582.626082][T17136] usb 6-1: device descriptor read/8, error -71
[ 1582.744736][T17136] usb usb6-port1: unable to enumerate USB device
[ 1582.774223][T19675] zonefs (nullb0) ERROR: Not a zoned block device
[ 1584.401852][T17136] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[ 1584.575697][T17136] usb 8-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[ 1584.603348][T17136] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1586.152787][T17136] usb 8-1: config 0 descriptor??
[ 1586.827020][T19684] netlink: 16 bytes leftover after parsing attributes in process `syz.5.3924'.
[ 1586.886977][T19684] netlink: 172 bytes leftover after parsing attributes in process `syz.5.3924'.
[ 1587.134079][T17136] ath6kl: Failed to read usb control message: -71
[ 1587.141348][T17136] ath6kl: Unable to read the bmi data from the device: -71
[ 1587.148823][T17136] ath6kl: unable to read target info byte count: -71
[ 1587.178214][T17136] ath6kl: Failed to init ath6kl core: -71
[ 1587.194122][T17136] ath6kl_usb 8-1:0.0: probe with driver ath6kl_usb failed with error -71
[ 1587.878376][T17136] usb 8-1: USB disconnect, device number 17
[ 1587.908414][T19712] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[ 1587.917912][T19712] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[ 1587.927609][T19712] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[ 1588.642558][T19721] tmpfs: Unknown parameter ''
[ 1588.654986][T19721] bond0: entered allmulticast mode
[ 1588.660267][T19721] bond_slave_0: entered allmulticast mode
[ 1588.667100][T19721] bond_slave_1: entered allmulticast mode
[ 1589.559693][T10229] usb 10-1: new high-speed USB device number 21 using dummy_hcd
[ 1589.713349][T10229] usb 10-1: Using ep0 maxpacket: 8
[ 1589.743138][T10229] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1589.773413][T10229] usb 10-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[ 1589.790460][T10229] usb 10-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[ 1589.800675][T10229] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1589.813322][ T5896] usb 6-1: new full-speed USB device number 38 using dummy_hcd
[ 1590.003555][T10229] usb 10-1: Product: syz
[ 1590.023645][T10229] usb 10-1: Manufacturer: syz
[ 1590.028766][T10229] usb 10-1: SerialNumber: syz
[ 1590.281201][T10229] usb 10-1: config 0 descriptor??
[ 1590.540398][ T5896] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[ 1590.549397][T10229] usb 10-1: USB disconnect, device number 21
[ 1590.563364][ T5896] usb 6-1: config 0 has no interface number 0
[ 1590.585768][ T5896] usb 6-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[ 1590.615219][ T5896] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1590.636971][ T5896] usb 6-1: config 0 descriptor??
[ 1590.656431][ T5896] usb 6-1: selecting invalid altsetting 1
[ 1590.662530][ T5896] dvb_ttusb_budget: ttusb_init_controller: error
[ 1590.684879][ T5896] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[ 1590.836496][ T5896] DVB: Unable to find symbol cx22700_attach()
[ 1590.951986][ T5896] DVB: Unable to find symbol tda10046_attach()
[ 1590.962742][ T5896] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[ 1591.302609][T17136] usb 6-1: USB disconnect, device number 38
[ 1594.274511][T19758] binder: 19755:19758 ioctl c0306201 0 returned -14
[ 1594.333450][T19761] binder: 19755:19761 ioctl c0306201 200000000640 returned -22
[ 1594.389022][T19758] netlink: 36 bytes leftover after parsing attributes in process `syz.3.3942'.
[ 1594.657835][T19768] syz.0.3944 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[ 1594.864122][T19768] netlink: 68 bytes leftover after parsing attributes in process `syz.0.3944'.
[ 1595.401498][T19776] zonefs (nullb0) ERROR: Not a zoned block device
[ 1596.403513][T19785] bond0: entered promiscuous mode
[ 1596.423466][T19785] bond_slave_0: entered promiscuous mode
[ 1596.439809][T19785] bond_slave_1: entered promiscuous mode
[ 1596.450858][T19785] bond0: entered allmulticast mode
[ 1596.493556][T19785] bond_slave_0: entered allmulticast mode
[ 1596.504305][T19787] xt_TCPMSS: Only works on TCP SYN packets
[ 1596.526523][T19785] bond_slave_1: entered allmulticast mode
[ 1596.587237][T19785] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3950'.
[ 1596.598049][T19785] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[ 1601.782290][T19826] x_tables: duplicate underflow at hook 2
[ 1601.977303][T19822] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[ 1602.324901][T19830] syz.5.3963: attempt to access beyond end of device
[ 1602.324901][T19830] nbd5: rw=0, sector=0, nr_sectors = 1 limit=0
[ 1605.005091][T16373] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[ 1605.273430][ T5896] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[ 1605.385667][T16373] usb 6-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1605.403380][ T5896] usb 8-1: device descriptor read/64, error -71
[ 1605.403851][T16373] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1605.428453][T16373] usb 6-1: config 0 descriptor??
[ 1606.476733][T19872] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1606.537046][T19872] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1606.675777][ T5896] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[ 1606.831617][ T5896] usb 8-1: device descriptor read/64, error -71
[ 1607.689728][T16373] udl 6-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1607.803854][ T5896] usb usb8-port1: attempt power cycle
[ 1607.945995][T16373] [drm:udl_init] *ERROR* Selecting channel failed
[ 1607.976514][T16373] [drm] Initialized udl 0.0.1 for 6-1:0.0 on minor 2
[ 1607.988086][T16373] [drm] Initialized udl on minor 2
[ 1607.998979][T16373] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1608.027281][T16373] udl 6-1:0.0: [drm] Cannot find any crtc or sizes
[ 1608.037670][T17136] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1608.066370][T17136] udl 6-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1608.083753][T16373] usb 6-1: USB disconnect, device number 39
[ 1608.114966][T17136] udl 6-1:0.0: [drm] Cannot find any crtc or sizes
[ 1608.160500][T19886] affs: No valid root block on device nullb0
[ 1608.195541][T19887] zonefs (nullb0) ERROR: Not a zoned block device
[ 1609.163880][ T5896] usb usb8-port1: Cannot enable. Maybe the USB cable is bad?
[ 1609.337955][ T5896] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[ 1609.545973][ T5896] usb 8-1: Using ep0 maxpacket: 8
[ 1609.556360][ T5896] usb 8-1: config 0 has an invalid interface number: 176 but max is 0
[ 1609.556598][T19892] nfs: Unknown parameter 'wT�%�X�����"�}��6�'
[ 1609.585629][ T5896] usb 8-1: config 0 has an invalid descriptor of length 250, skipping remainder of the config
[ 1609.604626][ T5896] usb 8-1: config 0 has no interface number 0
[ 1609.612396][ T5896] usb 8-1: config 0 interface 176 altsetting 0 bulk endpoint 0xB has invalid maxpacket 32
[ 1609.626905][ T5896] usb 8-1: config 0 interface 176 altsetting 0 endpoint 0xC has invalid maxpacket 1536, setting to 1024
[ 1609.643686][ T5896] usb 8-1: config 0 interface 176 altsetting 0 has a duplicate endpoint with address 0xB, skipping
[ 1609.669388][ T5896] usb 8-1: config 0 interface 176 altsetting 0 has an endpoint descriptor with address 0x96, changing to 0x86
[ 1609.684868][ T5896] usb 8-1: config 0 interface 176 altsetting 0 endpoint 0x86 has an invalid bInterval 77, changing to 7
[ 1609.698463][ T5896] usb 8-1: config 0 interface 176 altsetting 0 endpoint 0x86 has invalid maxpacket 41821, setting to 1024
[ 1609.714887][ T5896] usb 8-1: config 0 interface 176 altsetting 0 has 5 endpoint descriptors, different from the interface descriptor's value: 6
[ 1609.781567][ T5896] usb 8-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice=c1.ab
[ 1609.796460][ T5896] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1610.319813][ T5896] usb 8-1: Product: syz
[ 1610.326365][ T5896] usb 8-1: Manufacturer: syz
[ 1610.373423][ T5896] usb 8-1: SerialNumber: syz
[ 1610.388890][ T5896] usb 8-1: config 0 descriptor??
[ 1610.399775][T19889] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1610.643519][ T5896] pxrc 8-1:0.176: Could not find endpoint
[ 1610.790210][ T5896] usb 8-1: USB disconnect, device number 21
[ 1612.496748][T19911] ext2: Unknown parameter 'discarn'
[ 1612.896936][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1612.905846][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1613.421132][T19915] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1613.468397][T19915] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3988'.
[ 1613.941036][T19919] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3989'.
[ 1616.366008][T19931] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3993'.
[ 1620.687199][T19957] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4001'.
[ 1621.372806][T19973] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1621.430091][T19973] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4006'.
[ 1622.040710][T19980] netlink: 'syz.0.4008': attribute type 2 has an invalid length.
[ 1622.070191][T19980] netlink: 51 bytes leftover after parsing attributes in process `syz.0.4008'.
[ 1622.658320][T19984] tipc: Started in network mode
[ 1622.708690][T19984] tipc: Node identity 56b7387a7dbc, cluster identity 4711
[ 1622.760331][T19984] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1622.798146][T19990] syzkaller0: entered promiscuous mode
[ 1622.828653][T19990] syzkaller0: entered allmulticast mode
[ 1622.951016][T19984] tipc: Resetting bearer <eth:syzkaller0>
[ 1622.986697][T19983] tipc: Resetting bearer <eth:syzkaller0>
[ 1623.245976][T19983] tipc: Disabling bearer <eth:syzkaller0>
[ 1624.251714][T16373] tipc: Node number set to 722155642
[ 1624.388969][T19993] kvm: pic: non byte write
[ 1624.702764][T20010] netlink: 24 bytes leftover after parsing attributes in process `syz.7.4016'.
[ 1625.593645][ T5896] usb 10-1: new full-speed USB device number 22 using dummy_hcd
[ 1625.777212][T20026] zonefs (nullb0) ERROR: Not a zoned block device
[ 1626.751761][ T5896] usb 10-1: device descriptor read/all, error -71
[ 1627.060483][T20033] random: crng reseeded on system resumption
[ 1627.675520][T20032] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4023'.
[ 1628.741731][T20045] binder: 20038:20045 ioctl c0306201 200000000640 returned -22
[ 1628.778631][T20045] netlink: 36 bytes leftover after parsing attributes in process `syz.3.4025'.
[ 1629.694993][T20049] netlink: 786 bytes leftover after parsing attributes in process `syz.5.4027'.
[ 1629.814061][T20052] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[ 1630.653310][ T5933] usb 10-1: new high-speed USB device number 24 using dummy_hcd
[ 1630.873432][ T5933] usb 10-1: Using ep0 maxpacket: 8
[ 1630.887588][ T5933] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1630.923646][ T5933] usb 10-1: config 0 has no interfaces?
[ 1630.929620][ T5933] usb 10-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1630.981249][ T5933] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1631.133548][ T5933] usb 10-1: config 0 descriptor??
[ 1631.189262][T20073] FAULT_INJECTION: forcing a failure.
[ 1631.189262][T20073] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1631.223039][T20073] CPU: 0 UID: 0 PID: 20073 Comm: syz.0.4035 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(full) 
[ 1631.223073][T20073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1631.223089][T20073] Call Trace:
[ 1631.223099][T20073]  <TASK>
[ 1631.223110][T20073]  dump_stack_lvl+0x189/0x250
[ 1631.223141][T20073]  ? __pfx____ratelimit+0x10/0x10
[ 1631.223178][T20073]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1631.223202][T20073]  ? __pfx__printk+0x10/0x10
[ 1631.223245][T20073]  should_fail_ex+0x414/0x560
[ 1631.223285][T20073]  _copy_to_user+0x31/0xb0
[ 1631.223316][T20073]  simple_read_from_buffer+0xe1/0x170
[ 1631.223358][T20073]  proc_fail_nth_read+0x1df/0x250
[ 1631.223387][T20073]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1631.223416][T20073]  ? rw_verify_area+0x258/0x650
[ 1631.223447][T20073]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1631.223473][T20073]  vfs_read+0x1fd/0x980
[ 1631.223512][T20073]  ? __pfx___mutex_lock+0x10/0x10
[ 1631.223535][T20073]  ? __pfx_vfs_read+0x10/0x10
[ 1631.223569][T20073]  ? __fget_files+0x2a/0x420
[ 1631.223596][T20073]  ? __fget_files+0x3a0/0x420
[ 1631.223617][T20073]  ? __fget_files+0x2a/0x420
[ 1631.223651][T20073]  ksys_read+0x145/0x250
[ 1631.223686][T20073]  ? __pfx_ksys_read+0x10/0x10
[ 1631.223731][T20073]  do_syscall_64+0xfa/0x3b0
[ 1631.223753][T20073]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1631.223788][T20073]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1631.223811][T20073]  ? clear_bhb_loop+0x60/0xb0
[ 1631.223839][T20073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1631.223861][T20073] RIP: 0033:0x7fc2e458d33c
[ 1631.223890][T20073] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1631.223909][T20073] RSP: 002b:00007fc2e532a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1631.223934][T20073] RAX: ffffffffffffffda RBX: 00007fc2e47b5fa0 RCX: 00007fc2e458d33c
[ 1631.223951][T20073] RDX: 000000000000000f RSI: 00007fc2e532a0a0 RDI: 0000000000000004
[ 1631.223965][T20073] RBP: 00007fc2e532a090 R08: 0000000000000000 R09: 0000000000000000
[ 1631.223979][T20073] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1631.223993][T20073] R13: 0000000000000000 R14: 00007fc2e47b5fa0 R15: 00007ffe51eebcb8
[ 1631.224028][T20073]  </TASK>
[ 1631.966369][T17136] usb 10-1: USB disconnect, device number 24
[ 1632.023431][ T5896] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[ 1632.183522][ T5896] usb 4-1: Using ep0 maxpacket: 8
[ 1632.197411][ T5896] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1632.217734][ T5896] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[ 1632.230492][ T5896] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[ 1632.246378][ T5896] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 59391, setting to 1024
[ 1632.262238][ T5896] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1632.278076][ T5896] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1632.288685][ T5896] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1632.318043][ T5896] usb 4-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[ 1632.328940][ T5896] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1632.341253][ T5896] usb 4-1: Product: syz
[ 1632.344297][   T24] usb 8-1: new high-speed USB device number 22 using dummy_hcd
[ 1632.357416][ T5896] usb 4-1: Manufacturer: syz
[ 1632.370351][ T5896] usb 4-1: SerialNumber: syz
[ 1632.385871][ T5896] usb 4-1: config 0 descriptor??
[ 1632.392111][T20075] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1632.405731][ T5896] ati_remote 4-1:0.0: Initializing ati_remote hardware failed.
[ 1632.414974][ T5896] ati_remote 4-1:0.0: probe with driver ati_remote failed with error -5
[ 1632.536635][   T24] usb 8-1: config 0 has no interfaces?
[ 1632.579845][   T24] usb 8-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1632.659650][   T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1632.681447][ T5911] usb 4-1: USB disconnect, device number 29
[ 1632.696896][   T24] usb 8-1: Product: syz
[ 1632.701743][   T24] usb 8-1: Manufacturer: syz
[ 1632.706612][   T24] usb 8-1: SerialNumber: syz
[ 1632.719459][   T24] usb 8-1: config 0 descriptor??
[ 1632.788533][T20090] netlink: 786 bytes leftover after parsing attributes in process `syz.5.4040'.
[ 1633.066382][T20094] netlink: 'syz.5.4043': attribute type 11 has an invalid length.
[ 1633.113413][   T24] usb 10-1: new high-speed USB device number 25 using dummy_hcd
[ 1633.344435][   T24] usb 10-1: Using ep0 maxpacket: 8
[ 1633.351864][   T24] usb 10-1: config 0 has an invalid interface number: 55 but max is 0
[ 1633.374877][   T24] usb 10-1: config 0 has no interface number 0
[ 1633.392830][   T24] usb 10-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1633.423713][   T24] usb 10-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1633.435849][   T24] usb 10-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1633.449214][   T24] usb 10-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1633.460476][   T24] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1633.469097][ T5911] usb 6-1: new high-speed USB device number 40 using dummy_hcd
[ 1633.483816][   T24] usb 10-1: config 0 descriptor??
[ 1633.499201][   T24] ldusb 10-1:0.55: Interrupt in endpoint not found
[ 1633.623335][ T5911] usb 6-1: Using ep0 maxpacket: 16
[ 1633.652757][ T5911] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1633.682947][ T5911] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1633.695460][T20103] FAULT_INJECTION: forcing a failure.
[ 1633.695460][T20103] name failslab, interval 1, probability 0, space 0, times 0
[ 1633.711133][T20103] CPU: 0 UID: 0 PID: 20103 Comm: syz.3.4047 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(full) 
[ 1633.711154][ T5911] usb 6-1: Product: syz
[ 1633.711167][T20103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1633.711182][T20103] Call Trace:
[ 1633.711191][T20103]  <TASK>
[ 1633.711200][T20103]  dump_stack_lvl+0x189/0x250
[ 1633.711228][T20103]  ? __pfx____ratelimit+0x10/0x10
[ 1633.711267][T20103]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1633.711297][T20103]  ? __pfx__printk+0x10/0x10
[ 1633.711337][T20103]  ? __pfx___might_resched+0x10/0x10
[ 1633.711362][T20103]  ? fs_reclaim_acquire+0x7d/0x100
[ 1633.711396][T20103]  should_fail_ex+0x414/0x560
[ 1633.711439][T20103]  should_failslab+0xa8/0x100
[ 1633.711465][T20103]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1633.711504][T20103]  ? __alloc_skb+0x112/0x2d0
[ 1633.711536][T20103]  __alloc_skb+0x112/0x2d0
[ 1633.711589][T20103]  netlink_ack+0x146/0xa50
[ 1633.711618][T20103]  ? sock_diag_lock_handler+0x19/0x290
[ 1633.711644][T20103]  ? sock_diag_lock_handler+0x19/0x290
[ 1633.711694][T20103]  ? sock_diag_rcv_msg+0x4ed/0x600
[ 1633.711727][T20103]  netlink_rcv_skb+0x28c/0x470
[ 1633.711758][T20103]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[ 1633.711787][T20103]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1633.711831][T20103]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1633.711861][T20103]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1633.711899][T20103]  netlink_unicast+0x758/0x8d0
[ 1633.711939][T20103]  netlink_sendmsg+0x805/0xb30
[ 1633.711984][T20103]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1633.712030][T20103]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1633.712068][T20103]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1633.712102][T20103]  __sock_sendmsg+0x219/0x270
[ 1633.712131][T20103]  sock_write_iter+0x258/0x330
[ 1633.712171][T20103]  ? __pfx_sock_write_iter+0x10/0x10
[ 1633.712222][T20103]  ? __lock_acquire+0xab9/0xd20
[ 1633.712258][T20103]  do_iter_readv_writev+0x56e/0x7f0
[ 1633.712300][T20103]  ? __pfx_do_iter_readv_writev+0x10/0x10
[ 1633.712345][T20103]  ? bpf_lsm_file_permission+0x9/0x20
[ 1633.712370][T20103]  ? security_file_permission+0x75/0x290
[ 1633.712412][T20103]  ? rw_verify_area+0x258/0x650
[ 1633.712451][T20103]  vfs_writev+0x31a/0x960
[ 1633.712483][T20103]  ? __lock_acquire+0xab9/0xd20
[ 1633.712509][T20103]  ? __pfx_vfs_writev+0x10/0x10
[ 1633.712563][T20103]  ? __fget_files+0x2a/0x420
[ 1633.712593][T20103]  ? __fget_files+0x3a0/0x420
[ 1633.712617][T20103]  ? __fget_files+0x2a/0x420
[ 1633.712653][T20103]  do_writev+0x14d/0x2d0
[ 1633.712685][T20103]  ? __pfx_do_writev+0x10/0x10
[ 1633.712710][T20103]  ? rcu_is_watching+0x15/0xb0
[ 1633.712745][T20103]  ? do_syscall_64+0xbe/0x3b0
[ 1633.712776][T20103]  do_syscall_64+0xfa/0x3b0
[ 1633.712801][T20103]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1633.712826][T20103]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1633.712853][T20103]  ? clear_bhb_loop+0x60/0xb0
[ 1633.712883][T20103]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1633.712907][T20103] RIP: 0033:0x7f0a0078e929
[ 1633.712931][T20103] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1633.712953][T20103] RSP: 002b:00007f09fe5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1633.712979][T20103] RAX: ffffffffffffffda RBX: 00007f0a009b5fa0 RCX: 00007f0a0078e929
[ 1633.712998][T20103] RDX: 0000000000000001 RSI: 0000200000000180 RDI: 0000000000000004
[ 1633.713016][T20103] RBP: 00007f09fe5f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1633.713033][T20103] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1633.713047][T20103] R13: 0000000000000000 R14: 00007f0a009b5fa0 R15: 00007ffd1a0adcf8
[ 1633.713111][T20103]  </TASK>
[ 1633.756615][T20092] netlink: 28 bytes leftover after parsing attributes in process `syz.9.4042'.
[ 1634.100176][T20104] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1634.113106][T20104] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1634.372031][ T5911] usb 6-1: Manufacturer: syz
[ 1634.412700][   T24] usb 10-1: USB disconnect, device number 25
[ 1634.469462][ T5911] usb 6-1: SerialNumber: syz
[ 1634.487175][ T5911] r8152-cfgselector 6-1: Unknown version 0x0000
[ 1634.524260][ T5911] r8152-cfgselector 6-1: config 0 descriptor??
[ 1636.067383][ T5896] usb 8-1: USB disconnect, device number 22
[ 1636.243085][T20129] netlink: 24 bytes leftover after parsing attributes in process `syz.7.4053'.
[ 1636.277797][   T30] audit: type=1326 audit(2000002490.296:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20127 comm="syz.7.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae92f8e929 code=0x7ffc0000
[ 1636.322283][   T30] audit: type=1326 audit(2000002490.316:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20127 comm="syz.7.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=289 compat=0 ip=0x7fae92f8e929 code=0x7ffc0000
[ 1636.394695][   T30] audit: type=1326 audit(2000002490.316:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20127 comm="syz.7.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae92f8e929 code=0x7ffc0000
[ 1636.591641][T20138] syz_tun: entered allmulticast mode
[ 1636.597587][   T30] audit: type=1326 audit(2000002490.316:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20127 comm="syz.7.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fae92f8d33c code=0x7ffc0000
[ 1636.916523][T20141] binder: 20134:20141 ioctl c0306201 200000000640 returned -22
[ 1636.953051][T20141] netlink: 36 bytes leftover after parsing attributes in process `syz.9.4056'.
[ 1637.435587][   T30] audit: type=1326 audit(2000002490.376:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20127 comm="syz.7.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fae92f8d3df code=0x7ffc0000
[ 1637.484299][T20136] syz_tun: left allmulticast mode
[ 1637.488662][ T5911] r8152-cfgselector 6-1: USB disconnect, device number 40
[ 1637.537606][   T30] audit: type=1326 audit(2000002490.376:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20127 comm="syz.7.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae92f8e929 code=0x7ffc0000
[ 1637.603288][   T30] audit: type=1326 audit(2000002490.376:413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20127 comm="syz.7.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae92f8e929 code=0x7ffc0000
[ 1637.663524][   T30] audit: type=1326 audit(2000002490.376:414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20127 comm="syz.7.4053" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fae92f8e929 code=0x7ffc0000
[ 1637.813531][   T24] usb 10-1: new high-speed USB device number 26 using dummy_hcd
[ 1638.064490][   T24] usb 10-1: Using ep0 maxpacket: 32
[ 1638.443849][   T24] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1638.573290][   T24] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1638.613308][   T24] usb 10-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1638.653478][   T24] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1638.687718][   T24] usb 10-1: config 0 descriptor??
[ 1638.695427][T20161] FAULT_INJECTION: forcing a failure.
[ 1638.695427][T20161] name failslab, interval 1, probability 0, space 0, times 0
[ 1638.763749][T20161] CPU: 0 UID: 0 PID: 20161 Comm: syz.0.4060 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(full) 
[ 1638.763785][T20161] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1638.763801][T20161] Call Trace:
[ 1638.763811][T20161]  <TASK>
[ 1638.763821][T20161]  dump_stack_lvl+0x189/0x250
[ 1638.763853][T20161]  ? __pfx____ratelimit+0x10/0x10
[ 1638.763889][T20161]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1638.763915][T20161]  ? __pfx__printk+0x10/0x10
[ 1638.763960][T20161]  should_fail_ex+0x414/0x560
[ 1638.764000][T20161]  should_failslab+0xa8/0x100
[ 1638.764024][T20161]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1638.764059][T20161]  ? sctp_add_bind_addr+0x8c/0x370
[ 1638.764090][T20161]  sctp_add_bind_addr+0x8c/0x370
[ 1638.764119][T20161]  sctp_copy_local_addr_list+0x30b/0x4e0
[ 1638.764149][T20161]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[ 1638.764173][T20161]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[ 1638.764203][T20161]  ? sctp_v4_is_any+0x35/0x60
[ 1638.764227][T20161]  ? sctp_copy_one_addr+0x93/0x360
[ 1638.764256][T20161]  sctp_bind_addr_copy+0xb3/0x3c0
[ 1638.764282][T20161]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[ 1638.764330][T20161]  sctp_connect_new_asoc+0x2e0/0x690
[ 1638.764366][T20161]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1638.764394][T20161]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1638.764427][T20161]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[ 1638.764449][T20161]  ? security_sctp_bind_connect+0x7e/0x2e0
[ 1638.764487][T20161]  sctp_sendmsg+0x155c/0x2810
[ 1638.764544][T20161]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1638.764594][T20161]  ? sock_rps_record_flow+0x19/0x410
[ 1638.764621][T20161]  ? inet_sendmsg+0x2f4/0x370
[ 1638.764647][T20161]  __sock_sendmsg+0x19c/0x270
[ 1638.764674][T20161]  ____sys_sendmsg+0x52d/0x830
[ 1638.764710][T20161]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1638.764749][T20161]  ? import_iovec+0x74/0xa0
[ 1638.764780][T20161]  ___sys_sendmsg+0x21f/0x2a0
[ 1638.764813][T20161]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1638.764882][T20161]  ? __fget_files+0x2a/0x420
[ 1638.764921][T20161]  ? __fget_files+0x3a0/0x420
[ 1638.764956][T20161]  __sys_sendmmsg+0x227/0x430
[ 1638.764994][T20161]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1638.765022][T20161]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1638.765076][T20161]  ? ksys_write+0x22a/0x250
[ 1638.765112][T20161]  ? __pfx_ksys_write+0x10/0x10
[ 1638.765142][T20161]  ? rcu_is_watching+0x15/0xb0
[ 1638.765175][T20161]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1638.765208][T20161]  do_syscall_64+0xfa/0x3b0
[ 1638.765230][T20161]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1638.765265][T20161]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1638.765288][T20161]  ? clear_bhb_loop+0x60/0xb0
[ 1638.765324][T20161]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1638.765347][T20161] RIP: 0033:0x7fc2e458e929
[ 1638.765368][T20161] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1638.765390][T20161] RSP: 002b:00007fc2e532a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1638.765415][T20161] RAX: ffffffffffffffda RBX: 00007fc2e47b5fa0 RCX: 00007fc2e458e929
[ 1638.765432][T20161] RDX: 0000000000000002 RSI: 0000200000004f80 RDI: 0000000000000003
[ 1638.765447][T20161] RBP: 00007fc2e532a090 R08: 0000000000000000 R09: 0000000000000000
[ 1638.765461][T20161] R10: 0000000008008001 R11: 0000000000000246 R12: 0000000000000002
[ 1638.765476][T20161] R13: 0000000000000000 R14: 00007fc2e47b5fa0 R15: 00007ffe51eebcb8
[ 1638.765511][T20161]  </TASK>
[ 1639.338940][   T24] ft260 0003:0403:6030.000F: unknown main item tag 0x0
[ 1640.645505][   T24] ft260 0003:0403:6030.000F: failed to retrieve chip version
[ 1640.653376][   T24] ft260 0003:0403:6030.000F: probe with driver ft260 failed with error -71
[ 1640.929413][T20174] overlayfs: failed to resolve './file0': -2
[ 1641.998832][T20181] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4066'.
[ 1642.086669][   T24] usb 10-1: USB disconnect, device number 26
[ 1642.939500][T20197] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4068'.
[ 1643.561999][   T30] audit: type=1326 audit(2000002497.576:415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20199 comm="syz.7.4072" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fae92f8e929 code=0x0
[ 1643.645316][T20204] netlink: 68 bytes leftover after parsing attributes in process `syz.7.4072'.
[ 1643.951480][ T5896] usb 8-1: new full-speed USB device number 23 using dummy_hcd
[ 1645.072386][ T5896] usb 8-1: config 0 has an invalid interface number: 50 but max is 0
[ 1645.147905][ T5896] usb 8-1: config 0 has no interface number 0
[ 1645.176077][ T5896] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[ 1645.193374][ T5896] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1645.369644][ T5896] usb 8-1: Product: syz
[ 1645.374630][ T5896] usb 8-1: Manufacturer: syz
[ 1645.379289][ T5896] usb 8-1: SerialNumber: syz
[ 1645.411047][ T5896] usb 8-1: config 0 descriptor??
[ 1645.438738][ T5896] yurex 8-1:0.50: Could not find endpoints
[ 1645.537103][ T5840] Bluetooth: hci1: command 0x0405 tx timeout
[ 1646.927782][T20229] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4079'.
[ 1646.945315][T20229] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4079'.
[ 1647.873601][ T5896] usb 8-1: USB disconnect, device number 23
[ 1648.123633][ T5911] usb 6-1: new low-speed USB device number 41 using dummy_hcd
[ 1648.510241][T20241] tmpfs: Bad value for 'mpol'
[ 1648.515611][ T5911] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1648.554195][ T5911] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1648.563666][T10229] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[ 1648.588843][ T5911] usb 6-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1648.643847][ T5911] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1648.669296][ T5911] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[ 1648.683041][ T5911] usb 6-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1648.708420][ T5911] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1648.720301][T10229] usb 4-1: Using ep0 maxpacket: 16
[ 1648.735675][T20237] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1648.744952][ T5911] hub 6-1:1.0: bad descriptor, ignoring hub
[ 1648.754577][ T5911] hub 6-1:1.0: probe with driver hub failed with error -5
[ 1648.767103][T10229] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1648.781008][ T5911] cdc_wdm 6-1:1.0: skipping garbage
[ 1648.799537][ T5911] cdc_wdm 6-1:1.0: skipping garbage
[ 1648.853228][T10229] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1648.866548][ T5911] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[ 1648.874877][T10229] usb 4-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[ 1648.885860][ T5911] cdc_wdm 6-1:1.0: Unknown control protocol
[ 1649.050470][T10229] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1649.074377][T10229] usb 4-1: config 0 descriptor??
[ 1649.400063][ T5840] Bluetooth: hci1: command 0x0405 tx timeout
[ 1650.074367][T20259] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4086'.
[ 1650.097430][ T5911] usb 6-1: USB disconnect, device number 41
[ 1650.424813][T10229] usbhid 4-1:0.0: can't add hid device: -71
[ 1650.430920][T10229] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1650.493435][T10229] usb 4-1: USB disconnect, device number 30
[ 1650.881224][ T5911] usb 6-1: new high-speed USB device number 42 using dummy_hcd
[ 1651.473364][ T5839] Bluetooth: hci1: command 0x0405 tx timeout
[ 1652.151116][T20270] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[ 1652.377397][ T5911] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1652.415178][ T5911] usb 6-1: unable to read config index 0 descriptor/start: -71
[ 1652.422846][ T5911] usb 6-1: can't read configurations, error -71
[ 1653.611997][T20285] netlink: 24 bytes leftover after parsing attributes in process `syz.7.4092'.
[ 1655.722302][   T30] audit: type=1326 audit(2000002509.726:416): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20290 comm="syz.5.4096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda9c38e929 code=0x7ffc0000
[ 1655.861930][   T30] audit: type=1326 audit(2000002509.726:417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20290 comm="syz.5.4096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7fda9c38e929 code=0x7ffc0000
[ 1655.958380][   T30] audit: type=1326 audit(2000002509.726:418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20290 comm="syz.5.4096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda9c38e929 code=0x7ffc0000
[ 1656.043289][   T30] audit: type=1326 audit(2000002509.726:419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20290 comm="syz.5.4096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda9c38e929 code=0x7ffc0000
[ 1656.102170][   T30] audit: type=1326 audit(2000002509.856:420): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20290 comm="syz.5.4096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=101 compat=0 ip=0x7fda9c38e929 code=0x7ffc0000
[ 1656.293297][   T30] audit: type=1326 audit(2000002509.856:421): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20290 comm="syz.5.4096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda9c38e929 code=0x7ffc0000
[ 1656.314891][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1656.321124][   T30] audit: type=1326 audit(2000002509.856:422): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20290 comm="syz.5.4096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda9c38e929 code=0x7ffc0000
[ 1656.342973][   T30] audit: type=1326 audit(2000002509.876:423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20290 comm="syz.5.4096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=80 compat=0 ip=0x7fda9c38e929 code=0x7ffc0000
[ 1656.364548][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1656.449513][   T30] audit: type=1326 audit(2000002509.876:424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20290 comm="syz.5.4096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda9c38e929 code=0x7ffc0000
[ 1656.502253][   T30] audit: type=1326 audit(2000002509.876:425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20290 comm="syz.5.4096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda9c38e929 code=0x7ffc0000
[ 1656.692477][T20310] FAULT_INJECTION: forcing a failure.
[ 1656.692477][T20310] name failslab, interval 1, probability 0, space 0, times 0
[ 1656.777005][T20310] CPU: 1 UID: 0 PID: 20310 Comm: syz.0.4098 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(full) 
[ 1656.777040][T20310] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1656.777056][T20310] Call Trace:
[ 1656.777066][T20310]  <TASK>
[ 1656.777077][T20310]  dump_stack_lvl+0x189/0x250
[ 1656.777120][T20310]  ? __pfx____ratelimit+0x10/0x10
[ 1656.777154][T20310]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1656.777179][T20310]  ? __pfx__printk+0x10/0x10
[ 1656.777211][T20310]  ? __pfx___might_resched+0x10/0x10
[ 1656.777242][T20310]  should_fail_ex+0x414/0x560
[ 1656.777296][T20310]  should_failslab+0xa8/0x100
[ 1656.777329][T20310]  __kmalloc_noprof+0xcb/0x4f0
[ 1656.777360][T20310]  ? tomoyo_encode+0x28b/0x550
[ 1656.777391][T20310]  tomoyo_encode+0x28b/0x550
[ 1656.777421][T20310]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1656.777459][T20310]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1656.777504][T20310]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1656.777538][T20310]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1656.777574][T20310]  ? __pfx___schedule+0x10/0x10
[ 1656.777643][T20310]  ? __pfx_from_kuid+0x10/0x10
[ 1656.777676][T20310]  ? down_write_killable+0x178/0x230
[ 1656.777702][T20310]  ? __pfx_down_write_killable+0x10/0x10
[ 1656.777746][T20310]  tomoyo_path_chown+0x46/0xc0
[ 1656.777794][T20310]  security_path_chown+0x13d/0x360
[ 1656.777828][T20310]  chown_common+0x3bd/0x5c0
[ 1656.777860][T20310]  ? __pfx_chown_common+0x10/0x10
[ 1656.777894][T20310]  ? mnt_get_write_access+0x223/0x2a0
[ 1656.777934][T20310]  do_fchownat+0x161/0x270
[ 1656.777961][T20310]  ? __pfx_do_fchownat+0x10/0x10
[ 1656.777998][T20310]  __x64_sys_lchown+0x85/0xa0
[ 1656.778024][T20310]  do_syscall_64+0xfa/0x3b0
[ 1656.778049][T20310]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1656.778071][T20310]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1656.778092][T20310]  ? clear_bhb_loop+0x60/0xb0
[ 1656.778119][T20310]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1656.778141][T20310] RIP: 0033:0x7fc2e458e929
[ 1656.778162][T20310] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1656.778182][T20310] RSP: 002b:00007fc2e532a038 EFLAGS: 00000246 ORIG_RAX: 000000000000005e
[ 1656.778205][T20310] RAX: ffffffffffffffda RBX: 00007fc2e47b5fa0 RCX: 00007fc2e458e929
[ 1656.778221][T20310] RDX: 000000000000ee01 RSI: 0000000000000000 RDI: 00002000000006c0
[ 1656.778234][T20310] RBP: 00007fc2e532a090 R08: 0000000000000000 R09: 0000000000000000
[ 1656.778247][T20310] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1656.778260][T20310] R13: 0000000000000000 R14: 00007fc2e47b5fa0 R15: 00007ffe51eebcb8
[ 1656.778293][T20310]  </TASK>
[ 1656.778328][T20310] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1657.668511][T20333] netlink: 24 bytes leftover after parsing attributes in process `syz.9.4106'.
[ 1659.742557][T20343] dummy0: entered promiscuous mode
[ 1659.758028][T20343] macsec1: entered promiscuous mode
[ 1659.830446][T20343] dummy0: left promiscuous mode
[ 1661.510624][T20370] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1662.669753][T20386] /dev/nullb0: Can't open blockdev
[ 1663.624522][T20390] netlink: 24 bytes leftover after parsing attributes in process `syz.9.4121'.
[ 1664.563430][T10229] usb 6-1: new full-speed USB device number 44 using dummy_hcd
[ 1665.316811][T10229] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1665.329192][T20401] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1665.339430][T20401] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1665.343333][T10229] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1665.396709][T10229] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[ 1665.433353][T10229] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1665.470540][T10229] usb 6-1: config 0 descriptor??
[ 1665.478626][T10229] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[ 1665.488470][T10229] dvb-usb: bulk message failed: -22 (3/0)
[ 1665.498513][T10229] dvb-usb: will use the device's hardware PID filter (table count: 16).
[ 1665.514024][T10229] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[ 1665.539844][T10229] usb 6-1: media controller created
[ 1665.547360][T10229] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1665.608208][T10229] dvb-usb: bulk message failed: -22 (6/0)
[ 1665.631726][T10229] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[ 1665.645635][T10229] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input26
[ 1665.665305][T10229] dvb-usb: schedule remote query interval to 150 msecs.
[ 1665.672349][T10229] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[ 1665.685630][T20392] dvb-usb: bulk message failed: -22 (2/0)
[ 1665.718787][T10229] usb 6-1: USB disconnect, device number 44
[ 1665.769414][T10229] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[ 1665.983335][ T5933] usb 8-1: new full-speed USB device number 24 using dummy_hcd
[ 1666.167030][ T5933] usb 8-1: config 0 has an invalid interface number: 133 but max is 0
[ 1666.202769][ T5933] usb 8-1: config 0 has no interface number 0
[ 1666.229854][ T5933] usb 8-1: config 0 interface 133 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1666.289939][ T5933] usb 8-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d
[ 1666.325590][ T5933] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1666.373679][ T5933] usb 8-1: Product: syz
[ 1666.377998][ T5933] usb 8-1: Manufacturer: syz
[ 1666.403414][ T5933] usb 8-1: SerialNumber: syz
[ 1666.438629][ T5933] usb 8-1: config 0 descriptor??
[ 1666.579027][T20414] loop4: detected capacity change from 0 to 524255232
[ 1666.619927][   T30] audit: type=1326 audit(2000002778.635:426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20419 comm="syz.9.4132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46118e929 code=0x7ffc0000
[ 1666.624372][T20414] loop4: detected capacity change from 524255232 to 524287936
[ 1666.678408][   T30] audit: type=1326 audit(2000002778.635:427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20419 comm="syz.9.4132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46118e929 code=0x7ffc0000
[ 1666.700016][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1666.723304][T10229] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[ 1666.796861][   T30] audit: type=1326 audit(2000002778.665:428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20419 comm="syz.9.4132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fd46118e929 code=0x7ffc0000
[ 1666.818508][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1666.919903][ T5933] keyspan 8-1:0.133: Keyspan 1 port adapter converter detected
[ 1666.927857][T10229] usb 4-1: Using ep0 maxpacket: 32
[ 1666.933639][   T30] audit: type=1326 audit(2000002778.665:429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20419 comm="syz.9.4132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46118e929 code=0x7ffc0000
[ 1666.968941][ T5933] keyspan 8-1:0.133: found no endpoint descriptor for endpoint 82
[ 1666.993760][T10229] usb 4-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=88.ea
[ 1667.004940][ T5933] keyspan 8-1:0.133: found no endpoint descriptor for endpoint 81
[ 1667.023298][T10229] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1667.031367][T10229] usb 4-1: Product: syz
[ 1667.033339][   T30] audit: type=1326 audit(2000002778.665:430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20419 comm="syz.9.4132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7fd46118e929 code=0x7ffc0000
[ 1667.041865][ T5933] keyspan 8-1:0.133: found no endpoint descriptor for endpoint 1
[ 1667.076991][T10229] usb 4-1: Manufacturer: syz
[ 1667.081677][T10229] usb 4-1: SerialNumber: syz
[ 1667.090002][T10229] usb 4-1: config 0 descriptor??
[ 1667.102732][ T5933] keyspan 8-1:0.133: found no endpoint descriptor for endpoint 2
[ 1667.121914][T10229] ati_remote 4-1:0.0: ati_remote_probe: Unexpected desc.bNumEndpoints
[ 1667.139499][   T30] audit: type=1326 audit(2000002778.665:431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20419 comm="syz.9.4132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46118e929 code=0x7ffc0000
[ 1667.160427][ T5933] usb 8-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[ 1667.187743][   T30] audit: type=1326 audit(2000002778.665:432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20419 comm="syz.9.4132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd46118e929 code=0x7ffc0000
[ 1667.191569][ T5933] usb 8-1: USB disconnect, device number 24
[ 1667.220305][   T30] audit: type=1326 audit(2000002778.665:433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20419 comm="syz.9.4132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46118e929 code=0x7ffc0000
[ 1667.243854][   T30] audit: type=1326 audit(2000002778.665:434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20419 comm="syz.9.4132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fd46118e929 code=0x7ffc0000
[ 1667.260029][ T5933] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[ 1667.278613][T20433] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4134'.
[ 1667.293894][T20432] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1667.301944][   T30] audit: type=1326 audit(2000002778.675:435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20419 comm="syz.9.4132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd46118e929 code=0x7ffc0000
[ 1667.332750][T20413] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1667.357282][T20413] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1667.371824][ T5933] keyspan 8-1:0.133: device disconnected
[ 1667.384078][   T24] usb 4-1: USB disconnect, device number 31
[ 1667.426224][T20435] block nbd9: NBD_DISCONNECT
[ 1669.689139][T20441] overlay: Unknown parameter '/'
[ 1669.887479][T20451] netlink: 'syz.7.4140': attribute type 1 has an invalid length.
[ 1669.907391][T20451] netlink: 224 bytes leftover after parsing attributes in process `syz.7.4140'.
[ 1672.120974][T20472] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1672.919430][T20476] netlink: 'syz.3.4148': attribute type 10 has an invalid length.
[ 1673.019016][T20476] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1673.847015][   T30] kauditd_printk_skb: 18 callbacks suppressed
[ 1673.847040][   T30] audit: type=1326 audit(2000002785.855:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20485 comm="syz.3.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a0078e929 code=0x7ffc0000
[ 1673.877874][T20492] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4152'.
[ 1673.978552][   T30] audit: type=1326 audit(2000002785.855:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20485 comm="syz.3.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a0078e929 code=0x7ffc0000
[ 1674.058523][   T30] audit: type=1326 audit(2000002785.865:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20485 comm="syz.3.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f0a0078e929 code=0x7ffc0000
[ 1674.084426][   T30] audit: type=1326 audit(2000002785.865:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20485 comm="syz.3.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a0078e929 code=0x7ffc0000
[ 1674.111967][   T30] audit: type=1326 audit(2000002785.865:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20485 comm="syz.3.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a0078e929 code=0x7ffc0000
[ 1674.172768][   T30] audit: type=1326 audit(2000002785.865:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20485 comm="syz.3.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0a0078e929 code=0x7ffc0000
[ 1674.200320][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1674.206980][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1674.223463][   T30] audit: type=1326 audit(2000002785.865:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20485 comm="syz.3.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a0078e929 code=0x7ffc0000
[ 1674.246373][   T30] audit: type=1326 audit(2000002785.865:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20485 comm="syz.3.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a0078e929 code=0x7ffc0000
[ 1674.280471][   T30] audit: type=1326 audit(2000002785.865:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20485 comm="syz.3.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0a0078e929 code=0x7ffc0000
[ 1674.357020][   T30] audit: type=1326 audit(2000002785.865:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20485 comm="syz.3.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0a0078e929 code=0x7ffc0000
[ 1676.410838][T20514] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4160'.
[ 1676.474835][T20514] pim6reg: entered allmulticast mode
[ 1676.675085][T20527] FAULT_INJECTION: forcing a failure.
[ 1676.675085][T20527] name failslab, interval 1, probability 0, space 0, times 0
[ 1676.694421][T20527] CPU: 1 UID: 0 PID: 20527 Comm: syz.3.4165 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(full) 
[ 1676.694457][T20527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1676.694478][T20527] Call Trace:
[ 1676.694488][T20527]  <TASK>
[ 1676.694499][T20527]  dump_stack_lvl+0x189/0x250
[ 1676.694531][T20527]  ? __pfx____ratelimit+0x10/0x10
[ 1676.694566][T20527]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1676.694593][T20527]  ? __pfx__printk+0x10/0x10
[ 1676.694624][T20527]  ? __pfx___might_resched+0x10/0x10
[ 1676.694650][T20527]  ? fs_reclaim_acquire+0x7d/0x100
[ 1676.694680][T20527]  should_fail_ex+0x414/0x560
[ 1676.694719][T20527]  should_failslab+0xa8/0x100
[ 1676.694743][T20527]  __kmalloc_noprof+0xcb/0x4f0
[ 1676.694776][T20527]  ? tomoyo_encode+0x28b/0x550
[ 1676.694806][T20527]  tomoyo_encode+0x28b/0x550
[ 1676.694838][T20527]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1676.694877][T20527]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1676.694925][T20527]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1676.694963][T20527]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1676.695016][T20527]  ? __lock_acquire+0xab9/0xd20
[ 1676.695061][T20527]  ? __fget_files+0x2a/0x420
[ 1676.695087][T20527]  ? __fget_files+0x2a/0x420
[ 1676.695108][T20527]  ? __fget_files+0x3a0/0x420
[ 1676.695129][T20527]  ? __fget_files+0x2a/0x420
[ 1676.695155][T20527]  security_file_ioctl+0xcb/0x2d0
[ 1676.695194][T20527]  __se_sys_ioctl+0x47/0x170
[ 1676.695227][T20527]  do_syscall_64+0xfa/0x3b0
[ 1676.695249][T20527]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1676.695284][T20527]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1676.695307][T20527]  ? clear_bhb_loop+0x60/0xb0
[ 1676.695336][T20527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1676.695358][T20527] RIP: 0033:0x7f0a0078e929
[ 1676.695378][T20527] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1676.695399][T20527] RSP: 002b:00007f09fe5f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1676.695423][T20527] RAX: ffffffffffffffda RBX: 00007f0a009b5fa0 RCX: 00007f0a0078e929
[ 1676.695440][T20527] RDX: 0000200000000040 RSI: 0000000000004b44 RDI: 0000000000000003
[ 1676.695455][T20527] RBP: 00007f09fe5f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1676.695469][T20527] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1676.695484][T20527] R13: 0000000000000000 R14: 00007f0a009b5fa0 R15: 00007ffd1a0adcf8
[ 1676.695518][T20527]  </TASK>
[ 1676.695542][T20527] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1680.063274][ T5933] usb 8-1: new high-speed USB device number 25 using dummy_hcd
[ 1681.357099][ T5933] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1681.373248][ T5933] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1681.400484][ T5933] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1681.673765][ T5911] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[ 1681.720731][ T5933] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1681.732508][ T5933] usb 8-1: SerialNumber: syz
[ 1681.779346][T20570] netlink: 'syz.9.4178': attribute type 1 has an invalid length.
[ 1681.847761][ T5911] usb 4-1: config index 0 descriptor too short (expected 65183, got 72)
[ 1681.871881][ T5911] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1681.892126][ T5911] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1681.906818][ T5911] usb 4-1: Product: syz
[ 1681.911079][ T5911] usb 4-1: Manufacturer: syz
[ 1681.916028][ T5911] usb 4-1: SerialNumber: syz
[ 1681.935636][ T5911] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1681.956724][   T24] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1681.970064][ T5933] usb 8-1: 0:2 : does not exist
[ 1682.019827][ T5933] usb 8-1: unit 5: unexpected type 0x0c
[ 1682.039790][T20572] bond2: (slave ip6gretap1): Enslaving as a backup interface with an up link
[ 1682.092703][ T5933] usb 8-1: USB disconnect, device number 25
[ 1682.116570][ T6773] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[ 1682.130281][T20573] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1682.278878][T15629] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[ 1683.064730][   T24] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[ 1683.792112][   T24] ath9k_htc: Failed to initialize the device
[ 1684.205760][T17136] usb 4-1: USB disconnect, device number 32
[ 1684.227670][T17136] usb 4-1: ath9k_htc: USB layer deinitialized
[ 1684.790303][T20608] binder: 20595:20608 ioctl c0306201 200000000640 returned -22
[ 1684.826761][T20608] netlink: 36 bytes leftover after parsing attributes in process `syz.9.4187'.
[ 1686.199705][T20605] [U] 
[ 1686.673864][T20621] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4191'.
[ 1689.619322][T20649] FAULT_INJECTION: forcing a failure.
[ 1689.619322][T20649] name failslab, interval 1, probability 0, space 0, times 0
[ 1689.674504][T20649] CPU: 0 UID: 0 PID: 20649 Comm: syz.9.4201 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(full) 
[ 1689.674549][T20649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1689.674563][T20649] Call Trace:
[ 1689.674573][T20649]  <TASK>
[ 1689.674583][T20649]  dump_stack_lvl+0x189/0x250
[ 1689.674614][T20649]  ? __pfx____ratelimit+0x10/0x10
[ 1689.674648][T20649]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1689.674674][T20649]  ? __pfx__printk+0x10/0x10
[ 1689.674705][T20649]  ? __pfx___might_resched+0x10/0x10
[ 1689.674729][T20649]  ? fs_reclaim_acquire+0x7d/0x100
[ 1689.674757][T20649]  should_fail_ex+0x414/0x560
[ 1689.674795][T20649]  should_failslab+0xa8/0x100
[ 1689.674817][T20649]  __kmalloc_noprof+0xcb/0x4f0
[ 1689.674849][T20649]  ? tomoyo_encode+0x28b/0x550
[ 1689.674878][T20649]  tomoyo_encode+0x28b/0x550
[ 1689.674910][T20649]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1689.674947][T20649]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1689.674980][T20649]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1689.675018][T20649]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1689.675072][T20649]  ? __lock_acquire+0xab9/0xd20
[ 1689.675125][T20649]  ? __fget_files+0x2a/0x420
[ 1689.675151][T20649]  ? __fget_files+0x2a/0x420
[ 1689.675171][T20649]  ? __fget_files+0x3a0/0x420
[ 1689.675190][T20649]  ? __fget_files+0x2a/0x420
[ 1689.675218][T20649]  security_file_ioctl+0xcb/0x2d0
[ 1689.675258][T20649]  __se_sys_ioctl+0x47/0x170
[ 1689.675292][T20649]  do_syscall_64+0xfa/0x3b0
[ 1689.675314][T20649]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1689.675348][T20649]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1689.675371][T20649]  ? clear_bhb_loop+0x60/0xb0
[ 1689.675399][T20649]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1689.675421][T20649] RIP: 0033:0x7fd46118e929
[ 1689.675445][T20649] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1689.675465][T20649] RSP: 002b:00007fd461f31038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1689.675490][T20649] RAX: ffffffffffffffda RBX: 00007fd4613b5fa0 RCX: 00007fd46118e929
[ 1689.675506][T20649] RDX: 0000200000000040 RSI: 0000000000004b44 RDI: 0000000000000003
[ 1689.675531][T20649] RBP: 00007fd461f31090 R08: 0000000000000000 R09: 0000000000000000
[ 1689.675546][T20649] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1689.675560][T20649] R13: 0000000000000000 R14: 00007fd4613b5fa0 R15: 00007ffeac0155d8
[ 1689.675595][T20649]  </TASK>
[ 1689.678016][T20649] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1689.993395][T10229] usb 8-1: new full-speed USB device number 26 using dummy_hcd
[ 1690.155991][T10229] usb 8-1: config 0 has an invalid interface number: 133 but max is 0
[ 1691.006503][T20658] binder: 20654:20658 ioctl c0306201 200000000640 returned -22
[ 1691.134069][T20659] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4203'.
[ 1692.255708][T10229] usb 8-1: config 0 has no interface number 0
[ 1692.261931][T10229] usb 8-1: config 0 interface 133 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1692.271057][T20651] [U] 
[ 1692.280994][T10229] usb 8-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d
[ 1692.290326][T10229] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1692.300034][T10229] usb 8-1: Product: syz
[ 1692.304401][T10229] usb 8-1: Manufacturer: syz
[ 1692.309120][T10229] usb 8-1: SerialNumber: syz
[ 1692.316947][T10229] usb 8-1: config 0 descriptor??
[ 1692.570921][T20663] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4205'.
[ 1692.599656][T10229] keyspan 8-1:0.133: Keyspan 1 port adapter converter detected
[ 1692.608010][T20663] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4205'.
[ 1692.624675][T10229] keyspan 8-1:0.133: found no endpoint descriptor for endpoint 82
[ 1692.646136][T10229] keyspan 8-1:0.133: found no endpoint descriptor for endpoint 81
[ 1692.686036][T10229] keyspan 8-1:0.133: found no endpoint descriptor for endpoint 1
[ 1692.697095][T10229] keyspan 8-1:0.133: found no endpoint descriptor for endpoint 2
[ 1692.780074][T10229] usb 8-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[ 1693.020296][T10229] usb 8-1: USB disconnect, device number 26
[ 1693.064257][T10229] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[ 1693.087032][T10229] keyspan 8-1:0.133: device disconnected
[ 1693.286244][T20678] netlink: 'syz.7.4210': attribute type 1 has an invalid length.
[ 1693.620412][T20682] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[ 1693.639305][T20685] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4212'.
[ 1693.760566][T20688] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4213'.
[ 1694.204001][T17136] usb 4-1: new full-speed USB device number 33 using dummy_hcd
[ 1694.376380][T17136] usb 4-1: config 0 has an invalid interface number: 133 but max is 0
[ 1694.392036][T17136] usb 4-1: config 0 has no interface number 0
[ 1694.408861][T17136] usb 4-1: config 0 interface 133 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1694.492300][T17136] usb 4-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d
[ 1694.510033][T17136] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1694.522696][T17136] usb 4-1: Product: syz
[ 1694.531447][T17136] usb 4-1: Manufacturer: syz
[ 1694.537070][T17136] usb 4-1: SerialNumber: syz
[ 1694.584735][T17136] usb 4-1: config 0 descriptor??
[ 1695.408455][T20705] binder: 20698:20705 ioctl c0306201 200000000640 returned -22
[ 1695.471478][T20701] netlink: 36 bytes leftover after parsing attributes in process `syz.9.4216'.
[ 1695.574498][T20708] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4218'.
[ 1695.645469][T20710] netlink: 830 bytes leftover after parsing attributes in process `syz.0.4219'.
[ 1696.194158][T20721] random: crng reseeded on system resumption
[ 1696.962018][T17136] keyspan 4-1:0.133: Keyspan 1 port adapter converter detected
[ 1696.971086][T17136] keyspan 4-1:0.133: found no endpoint descriptor for endpoint 82
[ 1696.987642][T17136] keyspan 4-1:0.133: found no endpoint descriptor for endpoint 81
[ 1696.995829][T17136] keyspan 4-1:0.133: found no endpoint descriptor for endpoint 1
[ 1697.012095][T17136] keyspan 4-1:0.133: found no endpoint descriptor for endpoint 2
[ 1697.047462][T17136] usb 4-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[ 1697.079905][T17136] usb 4-1: USB disconnect, device number 33
[ 1697.139237][   T30] kauditd_printk_skb: 4 callbacks suppressed
[ 1697.139531][   T30] audit: type=1326 audit(2000002809.135:468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20727 comm="syz.7.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae92f8e929 code=0x7ffc0000
[ 1697.186792][T17136] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[ 1697.235912][T17136] keyspan 4-1:0.133: device disconnected
[ 1697.303351][   T30] audit: type=1326 audit(2000002809.135:469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20727 comm="syz.7.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae92f8e929 code=0x7ffc0000
[ 1697.487120][   T30] audit: type=1326 audit(2000002809.185:470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20727 comm="syz.7.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=37 compat=0 ip=0x7fae92f8e929 code=0x7ffc0000
[ 1697.773924][   T30] audit: type=1326 audit(2000002809.205:471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20727 comm="syz.7.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae92f8e929 code=0x7ffc0000
[ 1697.795928][   T30] audit: type=1326 audit(2000002809.205:472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20727 comm="syz.7.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae92f8e929 code=0x7ffc0000
[ 1697.823299][   T30] audit: type=1326 audit(2000002809.205:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20727 comm="syz.7.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fae92f8e929 code=0x7ffc0000
[ 1697.861033][   T30] audit: type=1326 audit(2000002809.215:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20727 comm="syz.7.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae92f8e929 code=0x7ffc0000
[ 1697.982654][   T30] audit: type=1326 audit(2000002809.295:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20727 comm="syz.7.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=323 compat=0 ip=0x7fae92f8e929 code=0x7ffc0000
[ 1698.026046][   T30] audit: type=1326 audit(2000002809.295:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20727 comm="syz.7.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae92f8e929 code=0x7ffc0000
[ 1698.065652][   T30] audit: type=1326 audit(2000002809.315:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20727 comm="syz.7.4224" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fae92f8e929 code=0x7ffc0000
[ 1698.552329][T20747] netlink: 830 bytes leftover after parsing attributes in process `syz.3.4231'.
[ 1699.101326][T20756] binder: 20743:20756 ioctl c0306201 200000000640 returned -22
[ 1699.136093][T20756] netlink: 36 bytes leftover after parsing attributes in process `syz.0.4230'.
[ 1699.462732][T20749] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1699.802879][T20764] random: crng reseeded on system resumption
[ 1700.337875][T20749] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1700.443921][T20768] netlink: 40 bytes leftover after parsing attributes in process `syz.9.4234'.
[ 1700.467926][T20768] netlink: 40 bytes leftover after parsing attributes in process `syz.9.4234'.
[ 1700.703993][T20749] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1700.772124][T20780] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4241'.
[ 1701.254910][T20784] binder: 20775:20784 ioctl c0306201 200000000640 returned -22
[ 1701.357639][T20784] netlink: 36 bytes leftover after parsing attributes in process `syz.7.4239'.
[ 1702.288604][T20749] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1702.329808][T20788] netlink: 830 bytes leftover after parsing attributes in process `syz.3.4243'.
[ 1702.457809][T20749] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1702.696445][T20749] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1702.746218][T20749] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1702.801327][T20797] loop6: detected capacity change from 0 to 524287999
[ 1702.822038][T20749] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1702.888136][T20799] cgroup: Unknown subsys name 'cpuset'
[ 1703.603280][T17136] usb 6-1: new full-speed USB device number 45 using dummy_hcd
[ 1703.795733][T17136] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1703.821541][T17136] usb 6-1: not running at top speed; connect to a high speed hub
[ 1703.920175][T17136] usb 6-1: config 11 has an invalid interface number: 16 but max is 1
[ 1703.935778][T17136] usb 6-1: config 11 has an invalid interface number: 3 but max is 1
[ 1704.008404][T17136] usb 6-1: config 11 has no interface number 0
[ 1704.378692][T17136] usb 6-1: config 11 has no interface number 1
[ 1704.435330][T17136] usb 6-1: config 11 interface 16 has no altsetting 0
[ 1704.497604][T17136] usb 6-1: config 11 interface 3 has no altsetting 0
[ 1704.594665][T17136] usb 6-1: New USB device found, idVendor=0582, idProduct=0120, bcdDevice=9c.cd
[ 1704.654270][T20818] [U] 
[ 1704.665010][T17136] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1704.738698][T17136] usb 6-1: Product: syz
[ 1704.774892][T17136] usb 6-1: Manufacturer: syz
[ 1704.829124][T17136] usb 6-1: SerialNumber: syz
[ 1705.063402][   T30] kauditd_printk_skb: 50 callbacks suppressed
[ 1705.063424][   T30] audit: type=1326 audit(2000002817.075:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20822 comm="syz.0.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2e458e929 code=0x7ffc0000
[ 1705.258600][T20829] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1705.284207][   T30] audit: type=1326 audit(2000002817.095:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20822 comm="syz.0.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fc2e458e929 code=0x7ffc0000
[ 1705.293750][T20828] program syz.9.4253 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1705.310827][   T30] audit: type=1326 audit(2000002817.095:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20822 comm="syz.0.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2e458e929 code=0x7ffc0000
[ 1705.371214][T20828] program syz.9.4253 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1705.384447][T20828] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1705.410356][T20828] netlink: 'syz.9.4253': attribute type 1 has an invalid length.
[ 1705.618300][   T30] audit: type=1326 audit(2000002817.095:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20822 comm="syz.0.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2e458e929 code=0x7ffc0000
[ 1705.751495][   T30] audit: type=1326 audit(2000002817.115:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20822 comm="syz.0.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=19 compat=0 ip=0x7fc2e458e929 code=0x7ffc0000
[ 1705.890405][   T30] audit: type=1326 audit(2000002817.125:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20822 comm="syz.0.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2e458e929 code=0x7ffc0000
[ 1706.003271][   T30] audit: type=1326 audit(2000002817.125:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20822 comm="syz.0.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2e458e929 code=0x7ffc0000
[ 1706.034974][   T30] audit: type=1326 audit(2000002817.125:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20822 comm="syz.0.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc2e458e929 code=0x7ffc0000
[ 1706.163414][   T30] audit: type=1326 audit(2000002817.125:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20822 comm="syz.0.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2e458e929 code=0x7ffc0000
[ 1706.237424][   T30] audit: type=1326 audit(2000002817.125:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20822 comm="syz.0.4254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc2e458e929 code=0x7ffc0000
[ 1706.695658][ T5896] usb 10-1: new high-speed USB device number 27 using dummy_hcd
[ 1706.942710][ T5896] usb 10-1: Using ep0 maxpacket: 8
[ 1706.997865][ T5896] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1707.008442][ T5896] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1707.229794][ T5896] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1707.428493][ T5896] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1707.446312][ T5896] usb 10-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b
[ 1707.452605][T17136] usb 6-1: USB disconnect, device number 45
[ 1707.458270][ T5896] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1707.501580][ T5896] usb 10-1: config 0 descriptor??
[ 1707.519849][ T5896] hso 10-1:0.0: Can't find BULK IN endpoint
[ 1708.727137][T20857] comedi comedi4: bad chanlist[0]=0x00400003 chan=3 range length=2
[ 1708.852521][   T24] usb 10-1: USB disconnect, device number 27
[ 1709.289683][T20876] loop6: detected capacity change from 0 to 2560
[ 1709.306243][T20876] buffer_io_error: 6 callbacks suppressed
[ 1709.306262][T20876] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1709.322838][T20876] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1709.332556][T20876] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1709.343531][T20876] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1709.351832][T20876] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1709.363306][T20876] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1709.371528][T20876] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1709.386212][T20876] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1709.395002][T20876] ldm_validate_partition_table(): Disk read failed.
[ 1709.401854][T20876] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1709.414643][T20876] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1709.423054][T20876] Dev loop6: unable to read RDB block 0
[ 1709.429452][T20876]  loop6: unable to read partition table
[ 1709.435664][T20876] loop_reread_partitions: partition scan of loop6 (3�����) failed (rc=-5)
[ 1709.533586][   T24] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[ 1710.003326][   T24] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1710.012079][   T24] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1710.033517][   T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1710.042703][   T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1710.066901][   T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1710.123967][   T24] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1710.161649][   T24] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1710.216035][   T24] usb 6-1: Product: syz
[ 1710.362858][   T24] usb 6-1: Manufacturer: syz
[ 1710.374458][   T24] cdc_wdm 6-1:1.0: skipping garbage
[ 1710.379895][   T24] cdc_wdm 6-1:1.0: skipping garbage
[ 1710.387000][   T24] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[ 1710.392968][   T24] cdc_wdm 6-1:1.0: Unknown control protocol
[ 1710.991563][T20878] input: syz1 as /devices/virtual/input/input27
[ 1711.057118][T20902] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1711.062307][T20878] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4268'.
[ 1711.066930][T20902] block nbd0: shutting down sockets
[ 1711.127486][ T5896] usb 6-1: USB disconnect, device number 46
[ 1711.513298][   T24] usb 10-1: new high-speed USB device number 28 using dummy_hcd
[ 1711.686278][ T5896] usb 8-1: new full-speed USB device number 27 using dummy_hcd
[ 1711.693056][   T24] usb 10-1: Using ep0 maxpacket: 32
[ 1711.728816][   T24] usb 10-1: config index 0 descriptor too short (expected 156, got 27)
[ 1711.746936][   T24] usb 10-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[ 1711.780531][   T24] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 1711.814530][   T24] usb 10-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid wMaxPacketSize 0
[ 1711.847207][   T24] usb 10-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[ 1711.867475][ T5896] usb 8-1: config 0 has an invalid interface number: 216 but max is 0
[ 1711.880265][   T24] usb 10-1: config 0 interface 0 has no altsetting 0
[ 1711.891256][   T24] usb 10-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[ 1711.902125][   T24] usb 10-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[ 1711.912197][   T24] usb 10-1: Product: syz
[ 1711.917188][   T24] usb 10-1: Manufacturer: syz
[ 1711.918105][ T5896] usb 8-1: config 0 has no interface number 0
[ 1711.922331][   T24] usb 10-1: SerialNumber: syz
[ 1711.931353][ T5896] usb 8-1: config 0 interface 216 altsetting 0 endpoint 0x7 has invalid maxpacket 528, setting to 64
[ 1712.363052][ T5896] usb 8-1: New USB device found, idVendor=05da, idProduct=0094, bcdDevice=f6.f7
[ 1712.409557][ T5896] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1712.421170][ T5896] usb 8-1: Product: syz
[ 1712.427803][ T5896] usb 8-1: Manufacturer: syz
[ 1712.428317][   T24] usb 10-1: config 0 descriptor??
[ 1712.432618][ T5896] usb 8-1: SerialNumber: syz
[ 1712.457708][ T5896] usb 8-1: config 0 descriptor??
[ 1712.489360][   T24] ldusb 10-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1712.507543][ T5896] microtek usb (rev 0.4.3): can only deal with bulk endpoints; endpoint 7 is not bulk.
[ 1712.546687][ T5896] microtek usb (rev 0.4.3): can only deal with bulk endpoints; endpoint 3 is not bulk.
[ 1712.547711][   T24] ldusb 10-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1712.572849][ T5896] microtek usb (rev 0.4.3): couldn't find two input bulk endpoints. Bailing out.
[ 1712.588542][T20923] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4281'.
[ 1712.750023][   T24] usb 10-1: USB disconnect, device number 28
[ 1712.913473][T17136] usb 6-1: new high-speed USB device number 47 using dummy_hcd
[ 1712.935325][   T24] ldusb 10-1:0.0: LD USB Device #0 now disconnected
[ 1713.062235][T20913] netlink: 'syz.7.4277': attribute type 2 has an invalid length.
[ 1713.087425][T17136] usb 6-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1713.120043][T17136] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1713.141874][T17136] usb 6-1: config 0 descriptor??
[ 1713.929681][    C0] vxcan0: j1939_tp_rxtimer: 0xffff8880332d3800: rx timeout, send abort
[ 1713.943450][    C0] vxcan0: j1939_xtp_rx_abort_one: 0xffff8880332d3800: 0x0f000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1714.382855][T20935] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1714.452882][ T5911] usb 8-1: USB disconnect, device number 27
[ 1714.772613][T17136] usb 6-1: Cannot set autoneg
[ 1714.780703][T17136] MOSCHIP usb-ethernet driver 6-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[ 1714.797619][T17136] usb 6-1: USB disconnect, device number 47
[ 1714.889867][T20943] netlink: 32 bytes leftover after parsing attributes in process `syz.7.4286'.
[ 1715.713257][ T5933] usb 10-1: new high-speed USB device number 29 using dummy_hcd
[ 1715.733280][T17136] usb 6-1: new high-speed USB device number 48 using dummy_hcd
[ 1715.916001][ T5933] usb 10-1: config 8 has an invalid interface number: 190 but max is 2
[ 1715.931465][ T5933] usb 10-1: config 8 contains an unexpected descriptor of type 0x1, skipping
[ 1715.960120][ T5933] usb 10-1: config 8 has an invalid interface number: 123 but max is 2
[ 1715.969965][ T5933] usb 10-1: config 8 has an invalid interface number: 223 but max is 2
[ 1715.982720][ T5933] usb 10-1: config 8 has an invalid interface number: 128 but max is 2
[ 1715.991491][ T5933] usb 10-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[ 1716.006144][ T5933] usb 10-1: config 8 has 4 interfaces, different from the descriptor's value: 3
[ 1716.030883][ T5933] usb 10-1: config 8 has no interface number 0
[ 1716.048453][ T5933] usb 10-1: config 8 has no interface number 1
[ 1716.063288][T17136] usb 6-1: Using ep0 maxpacket: 16
[ 1716.075521][ T5933] usb 10-1: config 8 has no interface number 2
[ 1716.078426][T17136] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1716.085194][ T5933] usb 10-1: config 8 has no interface number 3
[ 1716.097273][T17136] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1716.097304][T17136] usb 6-1: Product: syz
[ 1716.097322][T17136] usb 6-1: Manufacturer: syz
[ 1716.097340][T17136] usb 6-1: SerialNumber: syz
[ 1716.116060][T17136] r8152-cfgselector 6-1: Unknown version 0x0000
[ 1716.122159][ T5933] usb 10-1: config 8 interface 190 altsetting 4 bulk endpoint 0xC has invalid maxpacket 16
[ 1716.476838][ T5933] usb 10-1: config 8 interface 190 altsetting 4 has a duplicate endpoint with address 0xC, skipping
[ 1716.630828][ T5933] usb 10-1: config 8 interface 123 altsetting 6 endpoint 0x8 has invalid maxpacket 1024, setting to 64
[ 1716.673697][T17136] r8152-cfgselector 6-1: config 0 descriptor??
[ 1716.722128][ T5933] usb 10-1: config 8 interface 123 altsetting 6 endpoint 0xB has invalid maxpacket 1024, setting to 64
[ 1716.739425][ T5933] usb 10-1: config 8 interface 123 altsetting 6 has a duplicate endpoint with address 0xC, skipping
[ 1716.754952][ T5933] usb 10-1: config 8 interface 123 altsetting 6 endpoint 0xD has an invalid bInterval 205, changing to 11
[ 1716.767202][ T5933] usb 10-1: config 8 interface 123 altsetting 6 has a duplicate endpoint with address 0xC, skipping
[ 1716.779056][ T5933] usb 10-1: config 8 interface 123 altsetting 6 has a duplicate endpoint with address 0x8, skipping
[ 1716.790336][ T5933] usb 10-1: config 8 interface 123 altsetting 6 has an invalid descriptor for endpoint zero, skipping
[ 1716.801548][ T5933] usb 10-1: config 8 interface 223 altsetting 0 has a duplicate endpoint with address 0x7, skipping
[ 1716.812451][ T5933] usb 10-1: config 8 interface 223 altsetting 0 has a duplicate endpoint with address 0x9, skipping
[ 1716.824119][ T5933] usb 10-1: config 8 interface 223 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 8
[ 1716.853202][ T5933] usb 10-1: too many endpoints for config 8 interface 128 altsetting 212: 90, using maximum allowed: 30
[ 1716.875037][ T5933] usb 10-1: config 8 interface 128 altsetting 212 endpoint 0x4 has invalid maxpacket 41865, setting to 64
[ 1716.903245][ T5933] usb 10-1: config 8 interface 128 altsetting 212 has a duplicate endpoint with address 0xF, skipping
[ 1716.934982][ T5933] usb 10-1: config 8 interface 128 altsetting 212 has 2 endpoint descriptors, different from the interface descriptor's value: 90
[ 1716.977358][T17136] r8152-cfgselector 6-1: Needed 1 retries to read version
[ 1716.993538][T17136] r8152-cfgselector 6-1: Unknown version 0x0000
[ 1717.000160][T17136] r8152-cfgselector 6-1: bad CDC descriptors
[ 1717.011831][ T5933] usb 10-1: config 8 interface 190 has no altsetting 0
[ 1717.031961][ T5933] usb 10-1: config 8 interface 123 has no altsetting 0
[ 1717.065757][ T5933] usb 10-1: config 8 interface 128 has no altsetting 0
[ 1717.086999][ T5933] usb 10-1: New USB device found, idVendor=1b80, idProduct=d393, bcdDevice=a8.a5
[ 1717.096725][ T5933] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1717.113197][ T5933] usb 10-1: Product: 쭚©͜ᘣᆔ塴쎠낌ꢖ聪嗞ឩ謴깐驨庎㍼탍껔᪁㏃轝旨딥딛ㆍ᬴ﴆ许馼
[ 1717.133171][ T5933] usb 10-1: Manufacturer: с
[ 1717.146615][ T5933] usb 10-1: SerialNumber: 㐆
[ 1717.157298][T20950] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1717.208838][T17136] r8152-cfgselector 6-1: USB disconnect, device number 48
[ 1717.310524][T20965] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4293'.
[ 1717.602196][T20971] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1718.225334][T20977] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1718.226220][T20978] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4297'.
[ 1718.353476][ T5911] usb 8-1: new high-speed USB device number 28 using dummy_hcd
[ 1718.459672][T20983] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4300'.
[ 1718.534824][ T5911] usb 8-1: Using ep0 maxpacket: 16
[ 1718.564342][ T5911] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1718.583263][ T5911] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1718.621697][ T5933] usb 10-1: USB disconnect, device number 29
[ 1718.636316][ T5911] usb 8-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1718.652882][ T5911] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1718.699142][ T5911] usb 8-1: Product: syz
[ 1718.719407][ T5911] usb 8-1: Manufacturer: syz
[ 1718.724253][ T5911] usb 8-1: SerialNumber: syz
[ 1718.758775][T20986] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4295'.
[ 1718.759746][ T5911] usb 8-1: config 0 descriptor??
[ 1718.825514][ T5911] em28xx 8-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1718.841301][ T5911] em28xx 8-1:0.0: Audio interface 0 found (Vendor Class)
[ 1719.231529][T20993] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4303'.
[ 1719.450269][ T5911] em28xx 8-1:0.0: unknown em28xx chip ID (0)
[ 1719.473840][ T5911] em28xx 8-1:0.0: Config register raw data: 0xfffffffb
[ 1720.052101][T21004] random: crng reseeded on system resumption
[ 1720.641991][ T5911] em28xx 8-1:0.0: Unknown AC97 audio processor detected!
[ 1720.755030][ T5911] em28xx 8-1:0.0: couldn't setup AC97 register 2
[ 1720.777447][T21003] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4307'.
[ 1720.787837][ T5911] em28xx 8-1:0.0: couldn't setup AC97 register 4
[ 1720.913502][T21010] netlink: 12 bytes leftover after parsing attributes in process `syz.9.4308'.
[ 1720.989263][T21010] pim6reg: entered allmulticast mode
[ 1721.439039][T21016] FAULT_INJECTION: forcing a failure.
[ 1721.439039][T21016] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1721.452340][T21016] CPU: 0 UID: 0 PID: 21016 Comm: syz.3.4309 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(full) 
[ 1721.452373][T21016] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1721.452388][T21016] Call Trace:
[ 1721.452400][T21016]  <TASK>
[ 1721.452411][T21016]  dump_stack_lvl+0x189/0x250
[ 1721.452443][T21016]  ? __pfx____ratelimit+0x10/0x10
[ 1721.452480][T21016]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1721.452507][T21016]  ? __pfx__printk+0x10/0x10
[ 1721.452551][T21016]  should_fail_ex+0x414/0x560
[ 1721.452589][T21016]  _copy_to_user+0x31/0xb0
[ 1721.452621][T21016]  __se_sys_times+0x178/0x220
[ 1721.452649][T21016]  ? __pfx___se_sys_times+0x10/0x10
[ 1721.452693][T21016]  ? do_syscall_64+0xbe/0x3b0
[ 1721.452720][T21016]  do_syscall_64+0xfa/0x3b0
[ 1721.452745][T21016]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1721.452767][T21016]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1721.452790][T21016]  ? clear_bhb_loop+0x60/0xb0
[ 1721.452818][T21016]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1721.452841][T21016] RIP: 0033:0x7f0a0078e929
[ 1721.452863][T21016] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1721.452883][T21016] RSP: 002b:00007f09fe5b4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000064
[ 1721.452908][T21016] RAX: ffffffffffffffda RBX: 00007f0a009b6160 RCX: 00007f0a0078e929
[ 1721.452925][T21016] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000000
[ 1721.452940][T21016] RBP: 00007f09fe5b4090 R08: 0000000000000000 R09: 0000000000000000
[ 1721.452955][T21016] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1721.452968][T21016] R13: 0000000000000000 R14: 00007f0a009b6160 R15: 00007ffd1a0adcf8
[ 1721.453003][T21016]  </TASK>
[ 1722.101064][ T5911] em28xx 8-1:0.0: couldn't setup AC97 register 54
[ 1722.112996][ T5911] em28xx 8-1:0.0: couldn't setup AC97 register 56
[ 1722.135178][ T5911] usb 8-1: USB disconnect, device number 28
[ 1722.473246][T21025] vimc link validate: Scaler:src:4096x16 (0x33424752, 6, 0, 6, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1723.977730][T21043] trusted_key: encrypted_key: insufficient parameters specified
[ 1724.247491][T21047] random: crng reseeded on system resumption
[ 1725.123776][ T5933] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[ 1729.275183][T21064] fuse: Bad value for 'fd'
[ 1730.913247][   T24] usb 6-1: new high-speed USB device number 49 using dummy_hcd
[ 1731.104475][   T24] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1731.123174][   T24] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1731.157138][   T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1731.172522][T21076] FAULT_INJECTION: forcing a failure.
[ 1731.172522][T21076] name failslab, interval 1, probability 0, space 0, times 0
[ 1731.185375][T21076] CPU: 0 UID: 0 PID: 21076 Comm: syz.0.4331 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(full) 
[ 1731.185421][T21076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1731.185446][T21076] Call Trace:
[ 1731.185462][T21076]  <TASK>
[ 1731.185480][T21076]  dump_stack_lvl+0x189/0x250
[ 1731.185527][T21076]  ? __pfx____ratelimit+0x10/0x10
[ 1731.185584][T21076]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1731.185629][T21076]  ? __pfx__printk+0x10/0x10
[ 1731.185692][T21076]  ? __pfx___might_resched+0x10/0x10
[ 1731.185733][T21076]  ? fs_reclaim_acquire+0x7d/0x100
[ 1731.185780][T21076]  should_fail_ex+0x414/0x560
[ 1731.185819][T21076]  should_failslab+0xa8/0x100
[ 1731.185843][T21076]  __kmalloc_noprof+0xcb/0x4f0
[ 1731.185875][T21076]  ? kfree+0x4d/0x440
[ 1731.185902][T21076]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1731.185935][T21076]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1731.185963][T21076]  ? tomoyo_domain+0xda/0x130
[ 1731.185995][T21076]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1731.186029][T21076]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1731.186067][T21076]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1731.186118][T21076]  ? __lock_acquire+0xab9/0xd20
[ 1731.186159][T21076]  ? __fget_files+0x2a/0x420
[ 1731.186184][T21076]  ? __fget_files+0x2a/0x420
[ 1731.186204][T21076]  ? __fget_files+0x3a0/0x420
[ 1731.186223][T21076]  ? __fget_files+0x2a/0x420
[ 1731.186248][T21076]  security_file_ioctl+0xcb/0x2d0
[ 1731.186294][T21076]  __se_sys_ioctl+0x47/0x170
[ 1731.186328][T21076]  do_syscall_64+0xfa/0x3b0
[ 1731.186350][T21076]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1731.186390][T21076]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1731.186419][T21076]  ? clear_bhb_loop+0x60/0xb0
[ 1731.186447][T21076]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1731.186469][T21076] RIP: 0033:0x7fc2e458e929
[ 1731.186490][T21076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1731.186510][T21076] RSP: 002b:00007fc2e23f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1731.186534][T21076] RAX: ffffffffffffffda RBX: 00007fc2e47b6080 RCX: 00007fc2e458e929
[ 1731.186551][T21076] RDX: 0000000000000000 RSI: 0000000040044583 RDI: 0000000000000008
[ 1731.186565][T21076] RBP: 00007fc2e23f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1731.186594][T21076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1731.186608][T21076] R13: 0000000000000000 R14: 00007fc2e47b6080 R15: 00007ffe51eebcb8
[ 1731.186643][T21076]  </TASK>
[ 1731.186653][T21076] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1731.191267][   T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1731.522358][   T24] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1731.613931][T21085] random: crng reseeded on system resumption
[ 1732.333039][   T24] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1732.446250][   T24] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1732.473473][   T24] usb 6-1: Product: syz
[ 1732.488675][   T24] usb 6-1: Manufacturer: syz
[ 1732.499419][   T24] cdc_wdm 6-1:1.0: skipping garbage
[ 1732.515042][   T24] cdc_wdm 6-1:1.0: skipping garbage
[ 1732.536554][   T24] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[ 1732.538906][T21087] vimc link validate: Scaler:src:4096x16 (0x33424752, 6, 0, 6, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1732.544918][   T24] cdc_wdm 6-1:1.0: Unknown control protocol
[ 1732.571827][T21089] overlayfs: missing 'workdir'
[ 1732.582674][T21089] FAULT_INJECTION: forcing a failure.
[ 1732.582674][T21089] name failslab, interval 1, probability 0, space 0, times 0
[ 1732.597016][T21089] CPU: 1 UID: 0 PID: 21089 Comm: syz.0.4337 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(full) 
[ 1732.597049][T21089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1732.597064][T21089] Call Trace:
[ 1732.597074][T21089]  <TASK>
[ 1732.597084][T21089]  dump_stack_lvl+0x189/0x250
[ 1732.597115][T21089]  ? __pfx____ratelimit+0x10/0x10
[ 1732.597151][T21089]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1732.597177][T21089]  ? __pfx__printk+0x10/0x10
[ 1732.597221][T21089]  ? ref_tracker_alloc+0x318/0x460
[ 1732.597260][T21089]  should_fail_ex+0x414/0x560
[ 1732.597298][T21089]  should_failslab+0xa8/0x100
[ 1732.597323][T21089]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1732.597355][T21089]  ? skb_clone+0x212/0x3a0
[ 1732.597391][T21089]  skb_clone+0x212/0x3a0
[ 1732.597426][T21089]  __netlink_deliver_tap+0x404/0x850
[ 1732.597461][T21089]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1732.597485][T21089]  netlink_deliver_tap+0x19c/0x1b0
[ 1732.597510][T21089]  netlink_unicast+0x72f/0x8d0
[ 1732.597540][T21089]  netlink_sendmsg+0x805/0xb30
[ 1732.597577][T21089]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1732.597615][T21089]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1732.597647][T21089]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1732.597676][T21089]  __sock_sendmsg+0x219/0x270
[ 1732.597702][T21089]  ____sys_sendmsg+0x505/0x830
[ 1732.597739][T21089]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1732.597780][T21089]  ? import_iovec+0x74/0xa0
[ 1732.597812][T21089]  ___sys_sendmsg+0x21f/0x2a0
[ 1732.597845][T21089]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1732.597918][T21089]  ? __fget_files+0x2a/0x420
[ 1732.597939][T21089]  ? __fget_files+0x3a0/0x420
[ 1732.597974][T21089]  __x64_sys_sendmsg+0x19b/0x260
[ 1732.598008][T21089]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1732.598050][T21089]  ? __pfx_ksys_write+0x10/0x10
[ 1732.598079][T21089]  ? rcu_is_watching+0x15/0xb0
[ 1732.598110][T21089]  ? do_syscall_64+0xbe/0x3b0
[ 1732.598137][T21089]  do_syscall_64+0xfa/0x3b0
[ 1732.598158][T21089]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1732.598201][T21089]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1732.598224][T21089]  ? clear_bhb_loop+0x60/0xb0
[ 1732.598251][T21089]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1732.598273][T21089] RIP: 0033:0x7fc2e458e929
[ 1732.598295][T21089] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1732.598315][T21089] RSP: 002b:00007fc2e532a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1732.598338][T21089] RAX: ffffffffffffffda RBX: 00007fc2e47b5fa0 RCX: 00007fc2e458e929
[ 1732.598356][T21089] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000004
[ 1732.598370][T21089] RBP: 00007fc2e532a090 R08: 0000000000000000 R09: 0000000000000000
[ 1732.598385][T21089] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1732.598398][T21089] R13: 0000000000000000 R14: 00007fc2e47b5fa0 R15: 00007ffe51eebcb8
[ 1732.598433][T21089]  </TASK>
[ 1732.601431][T21089] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4337'.
[ 1732.903732][ T5933] usb 6-1: USB disconnect, device number 49
[ 1732.923520][T21050] usb 8-1: new high-speed USB device number 29 using dummy_hcd
[ 1733.057387][T21089] netlink: 32 bytes leftover after parsing attributes in process `syz.0.4337'.
[ 1733.081338][T21089] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4337'.
[ 1733.133308][T21050] usb 8-1: Using ep0 maxpacket: 8
[ 1733.145928][T21050] usb 8-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[ 1733.160936][T21050] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1733.216070][T21050] usb 8-1: Product: syz
[ 1733.220400][T21050] usb 8-1: Manufacturer: syz
[ 1733.227026][T21050] usb 8-1: SerialNumber: syz
[ 1733.237366][T21050] usb 8-1: config 0 descriptor??
[ 1733.256607][T21050] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[ 1733.284254][T21050] usb 8-1: setting power ON
[ 1733.290305][T21050] dvb-usb: bulk message failed: -22 (2/0)
[ 1733.307549][T21050] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1733.335800][T21050] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[ 1733.353979][T21050] usb 8-1: media controller created
[ 1733.436281][T21112] overlayfs: missing 'workdir'
[ 1733.442427][T21050] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1733.465088][T21112] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4342'.
[ 1733.488354][T21096] input: syz1 as /devices/virtual/input/input28
[ 1733.514815][T21096] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1733.567466][T21096] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1733.604998][T21050] usb 8-1: selecting invalid altsetting 6
[ 1733.611536][T21050] usb 8-1: digital interface selection failed (-22)
[ 1733.634821][T21120] netlink: 48 bytes leftover after parsing attributes in process `syz.5.4345'.
[ 1733.642143][T21050] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[ 1733.645435][T21096] ntfs3(nullb0): Primary boot signature is not NTFS.
[ 1733.661812][T21050] usb 8-1: setting power OFF
[ 1733.677356][T21050] dvb-usb: bulk message failed: -22 (2/0)
[ 1733.704212][T21050] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[ 1733.720542][T21050] (NULL device *): no alternate interface
[ 1733.734825][T21124] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1733.811687][T21124] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1733.831463][T21096] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[ 1734.102054][T21050] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[ 1734.137800][T21050] usb 8-1: USB disconnect, device number 29
[ 1734.415366][T21134] random: crng reseeded on system resumption
[ 1735.207915][T21139] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4348'.
[ 1735.631611][ T5933] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[ 1735.639054][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1735.645889][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1735.668388][ T5933] Bluetooth: hci1: Error when powering off device on rfkill (-110)
[ 1735.671038][ T5839] Bluetooth: hci1: command 0x0405 tx timeout
[ 1737.013259][   T24] usb 8-1: new high-speed USB device number 30 using dummy_hcd
[ 1737.325542][   T24] usb 8-1: device descriptor read/64, error -71
[ 1738.103252][   T24] usb 8-1: new high-speed USB device number 31 using dummy_hcd
[ 1738.874006][T21173] random: crng reseeded on system resumption
[ 1739.383523][   T24] usb 8-1: device descriptor read/64, error -71
[ 1739.644104][   T24] usb usb8-port1: attempt power cycle
[ 1740.063578][   T24] usb 8-1: new high-speed USB device number 32 using dummy_hcd
[ 1740.386630][   T24] usb 8-1: device descriptor read/8, error -71
[ 1743.088973][T21210] loop6: detected capacity change from 0 to 7
[ 1743.144760][T21210] Dev loop6: unable to read RDB block 7
[ 1743.156830][T21210]  loop6: unable to read partition table
[ 1743.170383][T21210] loop6: partition table beyond EOD, truncated
[ 1743.193249][T21210] loop_reread_partitions: partition scan of loop6 (�被x������ ) failed (rc=-5)
[ 1743.401513][T21216] random: crng reseeded on system resumption
[ 1744.042275][T21215] netlink: 'syz.9.4371': attribute type 12 has an invalid length.
[ 1745.965036][T21235] overlay: filesystem on ./bus not supported as upperdir
[ 1797.067388][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1797.074023][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1858.498118][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1858.505030][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1891.136325][   T31] INFO: task kworker/0:7:5933 blocked for more than 143 seconds.
[ 1891.144219][   T31]       Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0
[ 1891.151964][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1891.160953][   T31] task:kworker/0:7     state:D stack:20280 pid:5933  tgid:5933  ppid:2      task_flags:0x4208060 flags:0x00004000
[ 1891.173371][   T31] Workqueue: events rfkill_op_handler
[ 1891.178941][   T31] Call Trace:
[ 1891.182363][   T31]  <TASK>
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1891.185455][   T31]  __schedule+0x16a2/0x4cb0
[ 1891.190044][   T31]  ? schedule+0x165/0x360
[ 1891.194847][   T31]  ? __pfx___schedule+0x10/0x10
[ 1891.199797][   T31]  ? schedule+0x91/0x360
[ 1891.204352][   T31]  schedule+0x165/0x360
[ 1891.208569][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1891.214241][   T31]  __mutex_lock+0x724/0xe80
[ 1891.218814][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1891.223825][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1891.228555][   T31]  ? nfc_rfkill_set_block+0x50/0x2e0
[ 1891.234078][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1891.239264][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1891.244647][   T31]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1891.250607][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1891.257089][   T31]  ? kobject_uevent_env+0x36b/0x8c0
[ 1891.262342][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 1891.268191][   T31]  nfc_rfkill_set_block+0x50/0x2e0
[ 1891.273406][   T31]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 1891.279174][   T31]  rfkill_set_block+0x1cf/0x440
[ 1891.293099][   T31]  rfkill_epo+0x7e/0x180
[ 1891.297469][   T31]  rfkill_op_handler+0x84/0x240
[ 1891.302455][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1891.353074][   T31]  process_scheduled_works+0xae1/0x17b0
[ 1891.358765][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1891.368847][   T31]  worker_thread+0x8a0/0xda0
[ 1891.378500][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1891.385064][   T31]  ? __kthread_parkme+0x7b/0x200
[ 1891.390079][   T31]  kthread+0x711/0x8a0
[ 1891.394389][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1891.399543][   T31]  ? __pfx_kthread+0x10/0x10
[ 1891.404243][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1891.409495][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1891.414824][   T31]  ? __pfx_kthread+0x10/0x10
[ 1891.419456][   T31]  ret_from_fork+0x3fc/0x770
[ 1891.424088][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1891.429213][   T31]  ? __switch_to_asm+0x39/0x70
[ 1891.435682][   T31]  ? __switch_to_asm+0x33/0x70
[ 1891.440509][   T31]  ? __pfx_kthread+0x10/0x10
[ 1891.445165][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1891.449960][   T31]  </TASK>
[ 1891.453082][   T31] INFO: task kworker/0:3:10229 blocked for more than 143 seconds.
[ 1891.460910][   T31]       Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0
[ 1891.468867][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1891.477637][   T31] task:kworker/0:3     state:D stack:20600 pid:10229 tgid:10229 ppid:2      task_flags:0x4208060 flags:0x00004000
[ 1891.489930][   T31] Workqueue: events rfkill_global_led_trigger_worker
[ 1891.496737][   T31] Call Trace:
[ 1891.500047][   T31]  <TASK>
[ 1891.503035][   T31]  __schedule+0x16a2/0x4cb0
[ 1891.507588][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1891.512975][   T31]  ? schedule+0x165/0x360
[ 1891.517446][   T31]  ? __pfx___schedule+0x10/0x10
[ 1891.522350][   T31]  ? schedule+0x91/0x360
[ 1891.526681][   T31]  schedule+0x165/0x360
[ 1891.530864][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1891.536410][   T31]  __mutex_lock+0x724/0xe80
[ 1891.540943][   T31]  ? look_up_lock_class+0x74/0x170
[ 1891.546724][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1891.551477][   T31]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[ 1891.557834][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1891.562904][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1891.568688][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1891.574501][   T31]  rfkill_global_led_trigger_worker+0x27/0xd0
[ 1891.580610][   T31]  ? process_scheduled_works+0x9ef/0x17b0
[ 1891.586402][   T31]  process_scheduled_works+0xae1/0x17b0
[ 1891.591985][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1891.598133][   T31]  worker_thread+0x8a0/0xda0
[ 1891.602844][   T31]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1891.609389][   T31]  ? __kthread_parkme+0x7b/0x200
[ 1891.614898][   T31]  kthread+0x711/0x8a0
[ 1891.619077][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1891.624305][   T31]  ? __pfx_kthread+0x10/0x10
[ 1891.629015][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1891.634288][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1891.639520][   T31]  ? __pfx_kthread+0x10/0x10
[ 1891.644356][   T31]  ret_from_fork+0x3fc/0x770
[ 1891.649174][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1891.654781][   T31]  ? __switch_to_asm+0x39/0x70
[ 1891.659594][   T31]  ? __switch_to_asm+0x33/0x70
[ 1891.664442][   T31]  ? __pfx_kthread+0x10/0x10
[ 1891.669076][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1891.674066][   T31]  </TASK>
[ 1891.677207][   T31] INFO: task syz.3.4341:21107 blocked for more than 143 seconds.
[ 1891.685007][   T31]       Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0
[ 1891.692687][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1891.702041][   T31] task:syz.3.4341      state:D stack:25096 pid:21107 tgid:21107 ppid:16512  task_flags:0x400040 flags:0x00004006
[ 1891.714588][   T31] Call Trace:
[ 1891.717912][   T31]  <TASK>
[ 1891.720881][   T31]  __schedule+0x16a2/0x4cb0
[ 1891.725467][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1891.730334][   T31]  ? schedule+0x165/0x360
[ 1891.734755][   T31]  ? __pfx___schedule+0x10/0x10
[ 1891.739664][   T31]  ? schedule+0x91/0x360
[ 1891.743967][   T31]  schedule+0x165/0x360
[ 1891.748146][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1891.753684][   T31]  __mutex_lock+0x724/0xe80
[ 1891.758219][   T31]  ? kobject_put+0x43f/0x480
[ 1891.762830][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1891.767824][   T31]  ? rfkill_unregister+0xc8/0x220
[ 1891.772875][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1891.777991][   T31]  ? __pfx_device_del+0x10/0x10
[ 1891.782887][   T31]  rfkill_unregister+0xc8/0x220
[ 1891.787794][   T31]  nfc_unregister_device+0x96/0x2a0
[ 1891.793051][   T31]  ? __pfx_virtual_ncidev_close+0x10/0x10
[ 1891.798847][   T31]  virtual_ncidev_close+0x56/0x90
[ 1891.804010][   T31]  __fput+0x44c/0xa70
[ 1891.808040][   T31]  task_work_run+0x1d4/0x260
[ 1891.812703][   T31]  ? __pfx_task_work_run+0x10/0x10
[ 1891.817891][   T31]  ? exit_to_user_mode_loop+0x40/0x110
[ 1891.823439][   T31]  exit_to_user_mode_loop+0xec/0x110
[ 1891.828773][   T31]  do_syscall_64+0x2bd/0x3b0
[ 1891.833433][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1891.838676][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1891.844800][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1891.849556][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1891.858502][   T31] RIP: 0033:0x7f0a0078e929
[ 1891.862957][   T31] RSP: 002b:00007ffd1a0ade58 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1891.871468][   T31] RAX: 0000000000000000 RBX: 00007f0a009b7ba0 RCX: 00007f0a0078e929
[ 1891.879798][   T31] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1891.887847][   T31] RBP: 00007f0a009b7ba0 R08: 000000000001cebc R09: 0000001c1a0ae14f
[ 1891.895905][   T31] R10: 00007f0a009b7ac0 R11: 0000000000000246 R12: 00000000001a75ef
[ 1891.903950][   T31] R13: 00007f0a009b6160 R14: ffffffffffffffff R15: 00007ffd1a0adf70
[ 1891.911957][   T31]  </TASK>
[ 1891.915059][   T31] INFO: task syz.5.4372:21220 blocked for more than 144 seconds.
[ 1891.922908][   T31]       Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0
[ 1891.937009][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1891.947182][   T31] task:syz.5.4372      state:D stack:28328 pid:21220 tgid:21218 ppid:19077  task_flags:0x400040 flags:0x00004004
[ 1891.960731][   T31] Call Trace:
[ 1891.964134][   T31]  <TASK>
[ 1891.967097][   T31]  __schedule+0x16a2/0x4cb0
[ 1891.971675][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1891.976631][   T31]  ? schedule+0x165/0x360
[ 1891.981004][   T31]  ? __pfx___schedule+0x10/0x10
[ 1891.987238][   T31]  ? schedule+0x91/0x360
[ 1891.991553][   T31]  schedule+0x165/0x360
[ 1891.996174][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1892.001689][   T31]  __mutex_lock+0x724/0xe80
[ 1892.006344][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1892.011260][   T31]  ? rfkill_fop_open+0x12d/0x820
[ 1892.016290][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1892.021367][   T31]  ? __raw_spin_lock_init+0x45/0x100
[ 1892.026728][   T31]  ? __init_waitqueue_head+0xa9/0x150
[ 1892.032127][   T31]  rfkill_fop_open+0x12d/0x820
[ 1892.036971][   T31]  ? __pfx_rfkill_fop_open+0x10/0x10
[ 1892.042279][   T31]  misc_open+0x2b9/0x330
[ 1892.046621][   T31]  chrdev_open+0x4cc/0x5e0
[ 1892.051234][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1892.056277][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1892.061264][   T31]  do_dentry_open+0xdf3/0x1970
[ 1892.066162][   T31]  vfs_open+0x3b/0x340
[ 1892.070440][   T31]  ? path_openat+0x2ecd/0x3830
[ 1892.075288][   T31]  path_openat+0x2ee5/0x3830
[ 1892.079932][   T31]  ? arch_stack_walk+0xfc/0x150
[ 1892.084885][   T31]  ? __pfx_path_openat+0x10/0x10
[ 1892.089859][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1892.096207][   T31]  do_filp_open+0x1fa/0x410
[ 1892.100760][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1892.105974][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 1892.111098][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 1892.116250][   T31]  ? alloc_fd+0x64c/0x6c0
[ 1892.120704][   T31]  do_sys_openat2+0x121/0x1c0
[ 1892.125581][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1892.130829][   T31]  ? exc_page_fault+0x76/0xf0
[ 1892.135807][   T31]  ? do_user_addr_fault+0xc8a/0x1390
[ 1892.141153][   T31]  __x64_sys_openat+0x138/0x170
[ 1892.146085][   T31]  do_syscall_64+0xfa/0x3b0
[ 1892.150604][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1892.156035][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1892.162139][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1892.166968][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1892.172899][   T31] RIP: 0033:0x7fda9c38e929
[ 1892.179657][   T31] RSP: 002b:00007fda9d231038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1892.189626][   T31] RAX: ffffffffffffffda RBX: 00007fda9c5b5fa0 RCX: 00007fda9c38e929
[ 1892.197791][   T31] RDX: 0000000000040900 RSI: 0000200000000280 RDI: ffffffffffffff9c
[ 1892.205948][   T31] RBP: 00007fda9c410b39 R08: 0000000000000000 R09: 0000000000000000
[ 1892.214279][   T31] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1892.222282][   T31] R13: 0000000000000001 R14: 00007fda9c5b5fa0 R15: 00007fff63d5c9f8
[ 1892.230546][   T31]  </TASK>
[ 1892.233787][   T31] INFO: task syz.9.4375:21228 blocked for more than 144 seconds.
[ 1892.241548][   T31]       Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0
[ 1892.249509][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1892.258575][   T31] task:syz.9.4375      state:D stack:27528 pid:21228 tgid:21227 ppid:16484  task_flags:0x400040 flags:0x00004004
[ 1892.270626][   T31] Call Trace:
[ 1892.273991][   T31]  <TASK>
[ 1892.276953][   T31]  __schedule+0x16a2/0x4cb0
[ 1892.281506][   T31]  ? __kasan_slab_free+0x62/0x70
[ 1892.286539][   T31]  ? security_file_open+0xb1/0x270
[ 1892.291725][   T31]  ? __lock_acquire+0xa61/0xd20
[ 1892.296651][   T31]  ? schedule+0x165/0x360
[ 1892.301202][   T31]  ? __pfx___schedule+0x10/0x10
[ 1892.306175][   T31]  ? schedule+0x91/0x360
[ 1892.310480][   T31]  schedule+0x165/0x360
[ 1892.314978][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1892.320489][   T31]  __mutex_lock+0x724/0xe80
[ 1892.325203][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1892.329940][   T31]  ? misc_open+0x51/0x330
[ 1892.334536][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1892.339607][   T31]  misc_open+0x51/0x330
[ 1892.343865][   T31]  chrdev_open+0x4cc/0x5e0
[ 1892.348308][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1892.353964][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1892.358962][   T31]  do_dentry_open+0xdf3/0x1970
[ 1892.365883][   T31]  vfs_open+0x3b/0x340
[ 1892.370004][   T31]  ? path_openat+0x2ecd/0x3830
[ 1892.374930][   T31]  path_openat+0x2ee5/0x3830
[ 1892.379569][   T31]  ? arch_stack_walk+0xfc/0x150
[ 1892.385601][   T31]  ? __pfx_path_openat+0x10/0x10
[ 1892.390612][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1892.396789][   T31]  do_filp_open+0x1fa/0x410
[ 1892.401311][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1892.406293][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 1892.411368][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 1892.416298][   T31]  ? alloc_fd+0x64c/0x6c0
[ 1892.420668][   T31]  do_sys_openat2+0x121/0x1c0
[ 1892.426715][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1892.431944][   T31]  ? exc_page_fault+0x76/0xf0
[ 1892.436745][   T31]  ? do_user_addr_fault+0xc8a/0x1390
[ 1892.442089][   T31]  __x64_sys_openat+0x138/0x170
[ 1892.447094][   T31]  do_syscall_64+0xfa/0x3b0
[ 1892.451637][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1892.457127][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1892.463258][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1892.467970][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1892.474086][   T31] RIP: 0033:0x7fd46118d290
[ 1892.478547][   T31] RSP: 002b:00007fd461f2eef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1892.487020][   T31] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fd46118d290
[ 1892.495131][   T31] RDX: 0000000000000002 RSI: 00007fd461210814 RDI: 00000000ffffff9c
[ 1892.503189][   T31] RBP: 00007fd461210814 R08: 0000000000000000 R09: 0000000000000000
[ 1892.511203][   T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1892.519220][   T31] R13: 000000000000004a R14: 0000200000000000 R15: 00007ffeac0155d8
[ 1892.527285][   T31]  </TASK>
[ 1892.530357][   T31] INFO: task syz.7.4376:21230 blocked for more than 144 seconds.
[ 1892.538182][   T31]       Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0
[ 1892.545883][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1892.554665][   T31] task:syz.7.4376      state:D stack:25352 pid:21230 tgid:21229 ppid:16458  task_flags:0x400140 flags:0x00004004
[ 1892.566930][   T31] Call Trace:
[ 1892.570231][   T31]  <TASK>
[ 1892.573242][   T31]  __schedule+0x16a2/0x4cb0
[ 1892.577805][   T31]  ? __kasan_slab_free+0x62/0x70
[ 1892.582799][   T31]  ? security_file_open+0xb1/0x270
[ 1892.588033][   T31]  ? __lock_acquire+0xa60/0xd20
[ 1892.592917][   T31]  ? schedule+0x165/0x360
[ 1892.597329][   T31]  ? __pfx___schedule+0x10/0x10
[ 1892.602218][   T31]  ? schedule+0x91/0x360
[ 1892.606571][   T31]  schedule+0x165/0x360
[ 1892.610777][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1892.616394][   T31]  __mutex_lock+0x724/0xe80
[ 1892.620977][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1892.625741][   T31]  ? misc_open+0x51/0x330
[ 1892.630106][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1892.635246][   T31]  misc_open+0x51/0x330
[ 1892.639460][   T31]  chrdev_open+0x4cc/0x5e0
[ 1892.643963][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1892.648945][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1892.654462][   T31]  do_dentry_open+0xdf3/0x1970
[ 1892.659315][   T31]  vfs_open+0x3b/0x340
[ 1892.663613][   T31]  ? path_openat+0x2ecd/0x3830
[ 1892.668424][   T31]  path_openat+0x2ee5/0x3830
[ 1892.673096][   T31]  ? arch_stack_walk+0xfc/0x150
[ 1892.678022][   T31]  ? __pfx_path_openat+0x10/0x10
[ 1892.682979][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1892.689550][   T31]  do_filp_open+0x1fa/0x410
[ 1892.694133][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1892.699026][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 1892.704144][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 1892.709223][   T31]  ? alloc_fd+0x64c/0x6c0
[ 1892.713689][   T31]  do_sys_openat2+0x121/0x1c0
[ 1892.718428][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1892.723730][   T31]  __x64_sys_openat+0x138/0x170
[ 1892.728622][   T31]  do_syscall_64+0xfa/0x3b0
[ 1892.733853][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1892.739122][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1892.745315][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1892.750042][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1892.756000][   T31] RIP: 0033:0x7fae92f8d290
[ 1892.760424][   T31] RSP: 002b:00007fae93d6cef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1892.768876][   T31] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fae92f8d290
[ 1892.776898][   T31] RDX: 0000000000000002 RSI: 00007fae93010814 RDI: 00000000ffffff9c
[ 1892.784938][   T31] RBP: 00007fae93010814 R08: 0000000000000000 R09: 0000000000000000
[ 1892.792941][   T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[ 1892.801229][   T31] R13: 00000000000000a6 R14: 00002000000000c0 R15: 00007fff22480c98
[ 1892.809282][   T31]  </TASK>
[ 1892.812331][   T31] INFO: task syz.0.4379:21239 blocked for more than 145 seconds.
[ 1892.820236][   T31]       Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0
[ 1892.827935][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1892.836717][   T31] task:syz.0.4379      state:D stack:28120 pid:21239 tgid:21238 ppid:16487  task_flags:0x400040 flags:0x00004004
[ 1892.848712][   T31] Call Trace:
[ 1892.852018][   T31]  <TASK>
[ 1892.855100][   T31]  __schedule+0x16a2/0x4cb0
[ 1892.859647][   T31]  ? __kasan_slab_free+0x62/0x70
[ 1892.864693][   T31]  ? security_file_open+0xb1/0x270
[ 1892.869858][   T31]  ? __lock_acquire+0xa61/0xd20
[ 1892.874779][   T31]  ? schedule+0x165/0x360
[ 1892.879191][   T31]  ? __pfx___schedule+0x10/0x10
[ 1892.884199][   T31]  ? schedule+0x91/0x360
[ 1892.888489][   T31]  schedule+0x165/0x360
[ 1892.892669][   T31]  schedule_preempt_disabled+0x13/0x30
[ 1892.900449][   T31]  __mutex_lock+0x724/0xe80
[ 1892.905378][   T31]  ? __mutex_lock+0x51b/0xe80
[ 1892.910095][   T31]  ? misc_open+0x51/0x330
[ 1892.914503][   T31]  ? __pfx___mutex_lock+0x10/0x10
[ 1892.919562][   T31]  misc_open+0x51/0x330
[ 1892.923845][   T31]  chrdev_open+0x4cc/0x5e0
[ 1892.928338][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1892.933390][   T31]  ? __pfx_chrdev_open+0x10/0x10
[ 1892.938373][   T31]  do_dentry_open+0xdf3/0x1970
[ 1892.943270][   T31]  vfs_open+0x3b/0x340
[ 1892.947385][   T31]  ? path_openat+0x2ecd/0x3830
[ 1892.952172][   T31]  path_openat+0x2ee5/0x3830
[ 1892.956828][   T31]  ? arch_stack_walk+0xfc/0x150
[ 1892.961748][   T31]  ? __pfx_path_openat+0x10/0x10
[ 1892.966798][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1892.972947][   T31]  do_filp_open+0x1fa/0x410
[ 1892.977672][   T31]  ? __lock_acquire+0xab9/0xd20
[ 1892.982546][   T31]  ? __pfx_do_filp_open+0x10/0x10
[ 1892.987687][   T31]  ? _raw_spin_unlock+0x28/0x50
[ 1892.992566][   T31]  ? alloc_fd+0x64c/0x6c0
[ 1892.996949][   T31]  do_sys_openat2+0x121/0x1c0
[ 1893.001645][   T31]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1893.006941][   T31]  __x64_sys_openat+0x138/0x170
[ 1893.012096][   T31]  do_syscall_64+0xfa/0x3b0
[ 1893.016908][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1893.022131][   T31]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1893.028266][   T31]  ? clear_bhb_loop+0x60/0xb0
[ 1893.032963][   T31]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1893.038903][   T31] RIP: 0033:0x7fc2e458d290
[ 1893.043430][   T31] RSP: 002b:00007fc2e5327ef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1893.051897][   T31] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007fc2e458d290
[ 1893.060104][   T31] RDX: 0000000000000002 RSI: 00007fc2e4610814 RDI: 00000000ffffff9c
[ 1893.068177][   T31] RBP: 00007fc2e4610814 R08: 0000000000000000 R09: 0000000000000000
[ 1893.076205][   T31] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000005
[ 1893.084254][   T31] R13: 0000000000000024 R14: 0000200000000000 R15: 00007ffe51eebcb8
[ 1893.092317][   T31]  </TASK>
[ 1893.095448][   T31] 
[ 1893.095448][   T31] Showing all locks held in the system:
[ 1893.103268][   T31] 1 lock held by khungtaskd/31:
[ 1893.108187][   T31]  #0: ffffffff8e13ee20 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1893.118154][   T31] 2 locks held by getty/5593:
[ 1893.122840][   T31]  #0: ffff88814c7fd0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1893.132947][   T31]  #1: ffffc9000333b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[ 1893.143949][   T31] 4 locks held by kworker/0:4/5896:
[ 1893.149188][   T31]  #0: ffff8880b8639e18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xad/0x140
[ 1893.160546][   T31]  #1: ffff8880b8623f08 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x318/0x6d0
[ 1893.172207][   T31]  #2: ffffffff99ceeb60 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_deactivate+0x9a/0x250
[ 1893.182950][   T31]  #3: ffffffff99d4caa8 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0xbb/0x420
[ 1893.194560][   T31] 4 locks held by kworker/0:7/5933:
[ 1893.199777][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1893.211131][   T31]  #1: ffffc90004837bc0 ((rfkill_op_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1893.225327][   T31]  #2: ffffffff8f7e5fa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_epo+0x4c/0x180
[ 1893.235003][   T31]  #3: ffff888079a28100 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0
[ 1893.244956][   T31] 2 locks held by kworker/u8:15/6773:
[ 1893.250370][   T31]  #0: ffff8880b8639e18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xad/0x140
[ 1893.260391][   T31]  #1: ffff8880b8623f08 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x39e/0x6d0
[ 1893.271974][   T31] 3 locks held by kworker/0:3/10229:
[ 1893.277350][   T31]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1893.288465][   T31]  #1: ffffc90003a6fbc0 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1893.302247][   T31]  #2: ffffffff8f7e5fa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[ 1893.313937][   T31] 3 locks held by kworker/u8:8/15629:
[ 1893.319348][   T31]  #0: ffff8880b8639e18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xad/0x140
[ 1893.329358][   T31]  #1: ffff8880b8623f08 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x318/0x6d0
[ 1893.340845][   T31]  #2: ffffffff99ceeb60 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_deactivate+0x9a/0x250
[ 1893.351396][   T31] 2 locks held by syz.3.4341/21107:
[ 1893.356669][   T31]  #0: ffff888079a28100 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0
[ 1893.366599][   T31]  #1: ffffffff8f7e5fa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xc8/0x220
[ 1893.376911][   T31] 2 locks held by syz.5.4372/21220:
[ 1893.382137][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.390702][   T31]  #1: ffffffff8f7e5fa8 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_open+0x12d/0x820
[ 1893.400854][   T31] 1 lock held by syz.9.4375/21228:
[ 1893.406080][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.414706][   T31] 1 lock held by syz.7.4376/21230:
[ 1893.419841][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.428379][   T31] 1 lock held by syz.0.4379/21239:
[ 1893.433588][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.442116][   T31] 1 lock held by syz-executor/21242:
[ 1893.447476][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.456050][   T31] 1 lock held by syz-executor/21244:
[ 1893.461366][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.469914][   T31] 1 lock held by syz-executor/21247:
[ 1893.475265][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.483805][   T31] 1 lock held by syz-executor/21248:
[ 1893.489111][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.498031][   T31] 1 lock held by syz-executor/21250:
[ 1893.503355][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.511834][   T31] 1 lock held by syz-executor/21252:
[ 1893.517189][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.525766][   T31] 1 lock held by syz-executor/21255:
[ 1893.531054][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.539637][   T31] 1 lock held by syz-executor/21258:
[ 1893.544980][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.553615][   T31] 1 lock held by syz-executor/21259:
[ 1893.558937][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.567525][   T31] 1 lock held by syz-executor/21261:
[ 1893.572813][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.581376][   T31] 1 lock held by syz-executor/21263:
[ 1893.586741][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.595428][   T31] 1 lock held by syz-executor/21265:
[ 1893.600741][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.609279][   T31] 1 lock held by syz-executor/21268:
[ 1893.614661][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.623219][   T31] 1 lock held by syz-executor/21269:
[ 1893.628580][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.637134][   T31] 1 lock held by syz-executor/21271:
[ 1893.642441][   T31]  #0: ffffffff8e9b0a08 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x330
[ 1893.651026][   T31] 
[ 1893.653462][   T31] =============================================
[ 1893.653462][   T31] 
[ 1893.661921][   T31] NMI backtrace for cpu 1
[ 1893.661937][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(full) 
[ 1893.661956][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1893.661966][   T31] Call Trace:
[ 1893.661974][   T31]  <TASK>
[ 1893.661983][   T31]  dump_stack_lvl+0x189/0x250
[ 1893.662004][   T31]  ? __wake_up_klogd+0xd9/0x110
[ 1893.662029][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1893.662047][   T31]  ? __pfx__printk+0x10/0x10
[ 1893.662078][   T31]  nmi_cpu_backtrace+0x39e/0x3d0
[ 1893.662103][   T31]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1893.662122][   T31]  ? _printk+0xcf/0x120
[ 1893.662146][   T31]  ? __pfx__printk+0x10/0x10
[ 1893.662168][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1893.662195][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1893.662219][   T31]  watchdog+0xfee/0x1030
[ 1893.662246][   T31]  ? watchdog+0x1de/0x1030
[ 1893.662277][   T31]  kthread+0x711/0x8a0
[ 1893.662301][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1893.662325][   T31]  ? __pfx_kthread+0x10/0x10
[ 1893.662347][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1893.662370][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1893.662394][   T31]  ? __pfx_kthread+0x10/0x10
[ 1893.662416][   T31]  ret_from_fork+0x3fc/0x770
[ 1893.662434][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1893.662496][   T31]  ? __switch_to_asm+0x39/0x70
[ 1893.662515][   T31]  ? __switch_to_asm+0x33/0x70
[ 1893.662534][   T31]  ? __pfx_kthread+0x10/0x10
[ 1893.662556][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1893.662589][   T31]  </TASK>
[ 1893.662595][   T31] Sending NMI from CPU 1 to CPUs 0:
[ 1893.821538][    C0] NMI backtrace for cpu 0
[ 1893.821558][    C0] CPU: 0 UID: 0 PID: 15639 Comm: kworker/u8:10 Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(full) 
[ 1893.821582][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1893.821596][    C0] Workqueue: events_unbound toggle_allocation_gate
[ 1893.821631][    C0] RIP: 0010:lock_is_held_type+0x0/0x190
[ 1893.821662][    C0] Code: da 1b f6 90 0f 0b 90 90 90 eb b5 e8 1a fc ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 55 41 57 41 56 41 55 41 54 53 48 83 ec 10 65 48 8b 05
[ 1893.821680][    C0] RSP: 0018:ffffc9000d7d7838 EFLAGS: 00000202
[ 1893.821696][    C0] RAX: ffffffff81675456 RBX: 0000000000000006 RCX: 0000000000000000
[ 1893.821709][    C0] RDX: ffff88802d5eda00 RSI: 00000000ffffffff RDI: ffffffff8dfea608
[ 1893.821728][    C0] RBP: ffffc9000d7d7950 R08: ffff88801a47b063 R09: 1ffff1100348f60c
[ 1893.821742][    C0] R10: dffffc0000000000 R11: ffffed100348f60d R12: 0000000000000001
[ 1893.821756][    C0] R13: 000000000116e643 R14: 0000000000000006 R15: 0000000000000006
[ 1893.821768][    C0] FS:  0000000000000000(0000) GS:ffff888125c50000(0000) knlGS:0000000000000000
[ 1893.821783][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1893.821797][    C0] CR2: 000055d5282d9fb0 CR3: 000000000df38000 CR4: 00000000003526f0
[ 1893.821813][    C0] Call Trace:
[ 1893.821821][    C0]  <TASK>
[ 1893.821829][    C0]  smp_text_poke_batch_finish+0xcaf/0x1100
[ 1893.821862][    C0]  ? __pfx_smp_text_poke_batch_finish+0x10/0x10
[ 1893.821891][    C0]  ? arch_jump_label_transform_queue+0x97/0x110
[ 1893.821926][    C0]  arch_jump_label_transform_apply+0x1c/0x30
[ 1893.821955][    C0]  static_key_enable_cpuslocked+0x128/0x250
[ 1893.821981][    C0]  static_key_enable+0x1a/0x20
[ 1893.822002][    C0]  toggle_allocation_gate+0xad/0x240
[ 1893.822031][    C0]  ? __pfx_toggle_allocation_gate+0x10/0x10
[ 1893.822060][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[ 1893.822085][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[ 1893.822105][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[ 1893.822125][    C0]  process_scheduled_works+0xae1/0x17b0
[ 1893.822162][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1893.822192][    C0]  worker_thread+0x8a0/0xda0
[ 1893.822228][    C0]  kthread+0x711/0x8a0
[ 1893.822255][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1893.822275][    C0]  ? __pfx_kthread+0x10/0x10
[ 1893.822300][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1893.822326][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1893.822354][    C0]  ? __pfx_kthread+0x10/0x10
[ 1893.822378][    C0]  ret_from_fork+0x3fc/0x770
[ 1893.822398][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1893.822420][    C0]  ? __switch_to_asm+0x39/0x70
[ 1893.822443][    C0]  ? __switch_to_asm+0x33/0x70
[ 1893.822465][    C0]  ? __pfx_kthread+0x10/0x10
[ 1893.822491][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1893.822536][    C0]  </TASK>
[ 1893.830285][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1893.830318][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Not tainted 6.16.0-rc4-syzkaller-00319-g05df91921da6 #0 PREEMPT(full) 
[ 1893.830351][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1893.830368][   T31] Call Trace:
[ 1893.830380][   T31]  <TASK>
[ 1893.830392][   T31]  dump_stack_lvl+0x99/0x250
[ 1893.830428][   T31]  ? __asan_memcpy+0x40/0x70
[ 1893.830471][   T31]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1893.830501][   T31]  ? __pfx__printk+0x10/0x10
[ 1893.830548][   T31]  panic+0x2db/0x790
[ 1893.830584][   T31]  ? __pfx_panic+0x10/0x10
[ 1893.830610][   T31]  ? __pfx_delay_tsc+0x10/0x10
[ 1893.830642][   T31]  ? nmi_backtrace_stall_check+0x433/0x440
[ 1893.830679][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1893.830719][   T31]  ? nmi_trigger_cpumask_backtrace+0x2b6/0x300
[ 1893.830764][   T31]  watchdog+0x102d/0x1030
[ 1893.830808][   T31]  ? watchdog+0x1de/0x1030
[ 1893.830857][   T31]  kthread+0x711/0x8a0
[ 1893.830897][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1893.830935][   T31]  ? __pfx_kthread+0x10/0x10
[ 1893.830972][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1893.831009][   T31]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1893.831047][   T31]  ? __pfx_kthread+0x10/0x10
[ 1893.831083][   T31]  ret_from_fork+0x3fc/0x770
[ 1893.831112][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1893.831146][   T31]  ? __switch_to_asm+0x39/0x70
[ 1893.831176][   T31]  ? __switch_to_asm+0x33/0x70
[ 1893.831208][   T31]  ? __pfx_kthread+0x10/0x10
[ 1893.831244][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1893.831294][   T31]  </TASK>
[ 1894.249787][   T31] Kernel Offset: disabled
[ 1894.254127][   T31] Rebooting in 86400 seconds..