last executing test programs:

16m30.397467914s ago: executing program 2 (id=282):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x18e)
r0 = syz_open_dev$vcsu(&(0x7f0000000100), 0x8, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000140)={{0x1, 0x1, 0x18, r0, {0x84e}}, './bus\x00'})
mkdir(&(0x7f0000000300)='./bus\x00', 0x120)
lsetxattr(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)=@known='trusted.overlay.impure\x00', &(0x7f0000000400)='\x00\xd1\xd3\xe8\x1a\x82\x0e\xee\x8a\x94Ae\x92\xa55m\xa9m\xb4\x81P\xea\xe0\x84W\xfb\xc3\x0e\xce^~~1\x8c\xb2\xb4\xb2\xf8\xbd\xdbs\xe6\\#\x9a@\x94/', 0x30, 0x0)
mount$overlay(0x0, &(0x7f00000001c0)='./file2\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@volatile}, {@metacopy_off}, {@volatile}]})

16m29.944403362s ago: executing program 2 (id=284):
openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi0\x00', 0x80, 0x0)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000300)="d8000000190081054e81f782db4cb9040a1d080006007c02e8fe55a10a0015000900142603600e1208000f4f1b000401a8001600200005400400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0)
sendmsg$inet_sctp(r0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x80000000000001, 0x0, 0x2, 0x0)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
write(r2, &(0x7f0000000000)="14000000140005b7ffccca38b9000000010860eb", 0x14)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
io_uring_setup(0x6ed1, &(0x7f0000000140)={0x0, 0xf844, 0x10003, 0x0, 0xee})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1}, @jmp={0x5, 0x0, 0x9, 0x0, 0x4, 0xfffffffffffffe88, 0xfffffffffffffffc}], &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r4 = openat$comedi(0xffffffffffffff9c, &(0x7f0000001080)='/dev/comedi4\x00', 0x100400, 0x0)
ioctl$COMEDI_CMD(r4, 0x80506409, &(0x7f0000001140)={0x0, 0x20, 0x10, 0x3, 0xffffffff, 0x3ff, 0x2, 0x1ff, 0x100, 0xa, 0x10, 0xffffffff, &(0x7f00000010c0)=[0x1], 0x1, 0x0})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x24, 0x1, 0x4, 0x101, 0x0, 0x0, {0x5, 0x0, 0x1}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}, @NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x240c0081}, 0x20000000)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)

16m28.452276429s ago: executing program 2 (id=287):
openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi0\x00', 0x80, 0x0)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000300)="d8000000190081054e81f782db4cb9040a1d080006007c02e8fe55a10a0015000900142603600e1208000f4f1b000401a8001600200005400400027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1}, 0x0)
sendmsg$inet_sctp(r0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x80000000000001, 0x0, 0x2, 0x0)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
write(r2, &(0x7f0000000000)="14000000140005b7ffccca38b9000000010860eb", 0x14)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
io_uring_setup(0x6ed1, &(0x7f0000000140)={0x0, 0xf844, 0x10003, 0x0, 0xee})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1}, @jmp={0x5, 0x0, 0x9, 0x0, 0x4, 0xfffffffffffffe88, 0xfffffffffffffffc}], &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r4 = openat$comedi(0xffffffffffffff9c, &(0x7f0000001080)='/dev/comedi4\x00', 0x100400, 0x0)
ioctl$COMEDI_CMD(r4, 0x80506409, &(0x7f0000001140)={0x0, 0x20, 0x10, 0x3, 0xffffffff, 0x3ff, 0x2, 0x1ff, 0x100, 0xa, 0x10, 0xffffffff, &(0x7f00000010c0)=[0x1], 0x1, 0x0})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r6, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x24, 0x1, 0x4, 0x101, 0x0, 0x0, {0x5, 0x0, 0x1}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}, @NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x240c0081}, 0x20000000)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)

16m25.131813701s ago: executing program 2 (id=293):
r0 = socket$kcm(0x2, 0x1000000000000002, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000080)={'syz1\x00', {0x3fe, 0x3, 0x4}, 0x51, [0xd4, 0x25, 0xb, 0x8a4, 0x2, 0x2, 0x7fffffff, 0x80000001, 0x5, 0x1, 0x105, 0x3ca, 0xa, 0x6, 0xf6f, 0x3, 0xe7, 0x7, 0x401, 0xbc5e, 0x0, 0x1, 0x4, 0xffff, 0x300, 0xb, 0x10, 0x20000000, 0x15098855, 0x6, 0x2, 0xfffffffb, 0x477c2b8a, 0xc, 0xfffffff7, 0x4, 0xe79, 0x7, 0x1ff4, 0x1, 0x1, 0x80000000, 0x401, 0x9, 0xbdc7, 0xb, 0xb1, 0x9, 0x2, 0x1, 0xa, 0x2, 0x7fffffff, 0x9, 0x5, 0x1, 0x0, 0x3a26, 0x1000, 0x57f2, 0x2, 0x6, 0x7ff, 0xb8547353], [0x80000000, 0xffffffff, 0x5, 0x5, 0xffffffff, 0xfffffffd, 0x557, 0x7, 0x2, 0xfffffffc, 0x8, 0xc, 0x36, 0xa, 0xa, 0x1, 0x9, 0x98, 0x8, 0xe56d, 0xa4, 0x4, 0x99d, 0x8, 0x5, 0xd, 0x5, 0x0, 0x6e38, 0x8000, 0xa, 0x2, 0x3, 0x800000, 0x2, 0x7, 0x4, 0xd, 0x80000009, 0xfff, 0x4, 0x0, 0x40, 0x10001, 0xc, 0x6, 0x8, 0x0, 0x34f1, 0x1ff, 0x4, 0x1b2c5a17, 0x0, 0x9, 0x7, 0x0, 0xffffffff, 0x1, 0x9, 0x6, 0xac, 0x0, 0x54, 0xcfb9], [0x6, 0xdb8, 0x9, 0x4, 0x2, 0x6, 0x5, 0x5, 0x3, 0x5, 0xfffffffd, 0xc8d3, 0x33, 0x9a45, 0x0, 0xee40000, 0x1, 0x1, 0x4ef, 0x69d, 0x8, 0xffff, 0x0, 0x0, 0x9, 0x7, 0x4, 0x800, 0x7, 0x9, 0x0, 0x0, 0x1, 0xfffffffe, 0x7, 0x0, 0x9, 0x8c0, 0x9, 0x8000002, 0x9, 0x7, 0x6, 0x5, 0x81, 0xf7b4, 0xffffff20, 0x55f2, 0xdf46, 0xfffffffd, 0x7f, 0x9, 0x7ffc, 0x40, 0x3, 0x2, 0x8, 0x6, 0x2, 0xffffff00, 0xda15, 0x82, 0x3, 0x10], [0x0, 0x896, 0x8, 0x246d, 0x6, 0xfe, 0xfffff410, 0xd, 0x7ff, 0x606, 0x4, 0x800009, 0x80000001, 0x2, 0x8000000b, 0x2, 0x7, 0xfffffffd, 0x80000001, 0x2, 0x7ff, 0x3ff, 0x0, 0x2, 0x9, 0x100, 0x2, 0xec9b, 0x61c8, 0x6, 0x0, 0x1ff, 0xff, 0x7, 0x9, 0x5, 0x7, 0x101, 0x9, 0x3000000, 0xe, 0x4000006, 0x7, 0x1, 0xc, 0x1, 0x4, 0x100009, 0x100, 0x5, 0x3c, 0xfffffffe, 0x1000, 0xfffffffe, 0x4, 0x8002, 0x7, 0xffffffff, 0x5, 0x7, 0xfffffffc, 0x4, 0x86, 0xeff]}, 0x45c)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, 0x0, 0x32)
syz_open_dev$tty1(0xc, 0x4, 0x1)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
mkdirat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x22)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
bind$bt_l2cap(r4, &(0x7f0000000980)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
ioctl$FITHAW(r4, 0xc0045878)
setsockopt$bt_BT_DEFER_SETUP(r4, 0x112, 0x7, 0x0, 0x0)
r5 = creat(&(0x7f0000000440)='./file0\x00', 0x0)
open_by_handle_at(r5, &(0x7f0000000140)=ANY=[@ANYBLOB="18000000fb00030000fb"], 0x830200)
sendmsg$inet(r0, &(0x7f0000000380)={&(0x7f00000001c0)={0x2, 0x4e1d, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x35}, @multicast2}}}], 0x20}, 0x4000004)

16m22.889923472s ago: executing program 2 (id=295):
r0 = socket$packet(0x11, 0x3, 0x300)
dup(r0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$int_in(r1, 0x40000000af01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x4100, 0x0)
r3 = userfaultfd(0x801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0))
munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000)
ioctl$UFFDIO_ZEROPAGE(r3, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00004bd000/0x3000)=nil, 0x3000}, 0x1})
r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r4, 0x10c, 0x1, &(0x7f0000000000)=0x64, 0x4)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x40000, 0x0)
r5 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r6 = dup(r5)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000080)={0x1, 0x1, 0x0, &(0x7f0000000040)=""/51, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000340))
ioctl$VHOST_NET_SET_BACKEND(r1, 0x4008af30, &(0x7f0000000000)={0x1})
r7 = syz_open_procfs$pagemap(0x0, &(0x7f0000001080))
ioctl$PAGEMAP_SCAN(r7, 0xc0606610, &(0x7f00000001c0)={0x60, 0x0, &(0x7f0000001000/0x3000)=nil, &(0x7f0000f57000/0x1000)=nil, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x40})
ioctl$VHOST_NET_SET_BACKEND(r1, 0xaf02, 0x0)

16m22.501155752s ago: executing program 2 (id=298):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x248}}, 0x0)
r0 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000180)={0xeffffb, 0x0, 0xfffffffd, 0x1}, 0x10)
write(r1, &(0x7f0000000100)="1c0000001a005f0214f9f407000904001f000000ff00000000000000", 0x1c)
recvmmsg(r1, &(0x7f0000003bc0)=[{{0x0, 0x0, 0x0}, 0x4}], 0x40002c1, 0x2000a002, 0x0)
r2 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
r3 = add_key$user(&(0x7f0000000200), &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000280)="e270019462d41b13d6b60f458ca84825eedb4f6635ba8f9d52642f824dc40c6579c5d9a3886a5c5100d05fa76823ae5ae8006b644b22c68d182e8ccf10455568e33f693126f5ddb057fbbbb92c058286c07811f1e6b3b91de2cbba8e83d92f2060f5afa545919012cb9a9c0f4c43cdf6c69bf1858f47d868c64689fd31597ac70b9149657aa642cd9c90392a", 0x8c, r2)
r4 = add_key$user(&(0x7f0000000340), &(0x7f0000006c00)={'syz', 0x0}, &(0x7f00000004c0)="3e12d23d346cfdeb1716f738274bc1c03bee4423fa20837e6e86b86592e9be8351aabbd6e24f37d5095f839fa4a3507df4f7526f2440e7988da94ccd868dd8741d1e43eba0b67b516be14a8b51a75bfd611b2d7ae6a21d056c2c5116a416a76b1a03dc55ea62d43c809e0ed6e56163fdab317afd5c34d614367e4425bb9a97e38b8beb84ef6d549eed5aaa86dbe646fc95b4b88e2afb55ae6f1229bcf13ecff7a597f452bed6b6fb4c812df9be8e35d8d15086609c033a5d2a42d5dcb0d103098fa302c5b1d48f913f8b22a30a47d9ae02000000e2b855845f39806305f56d918cc5b4023fdbe9cae4147c84583ec9dd375031ba5ae65e31f0", 0xf9, r2)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r3, r4}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha256\x00'}})

16m7.040698856s ago: executing program 32 (id=298):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x248}}, 0x0)
r0 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000180)={0xeffffb, 0x0, 0xfffffffd, 0x1}, 0x10)
write(r1, &(0x7f0000000100)="1c0000001a005f0214f9f407000904001f000000ff00000000000000", 0x1c)
recvmmsg(r1, &(0x7f0000003bc0)=[{{0x0, 0x0, 0x0}, 0x4}], 0x40002c1, 0x2000a002, 0x0)
r2 = add_key$keyring(&(0x7f00000001c0), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
r3 = add_key$user(&(0x7f0000000200), &(0x7f0000000080)={'syz', 0x3}, &(0x7f0000000280)="e270019462d41b13d6b60f458ca84825eedb4f6635ba8f9d52642f824dc40c6579c5d9a3886a5c5100d05fa76823ae5ae8006b644b22c68d182e8ccf10455568e33f693126f5ddb057fbbbb92c058286c07811f1e6b3b91de2cbba8e83d92f2060f5afa545919012cb9a9c0f4c43cdf6c69bf1858f47d868c64689fd31597ac70b9149657aa642cd9c90392a", 0x8c, r2)
r4 = add_key$user(&(0x7f0000000340), &(0x7f0000006c00)={'syz', 0x0}, &(0x7f00000004c0)="3e12d23d346cfdeb1716f738274bc1c03bee4423fa20837e6e86b86592e9be8351aabbd6e24f37d5095f839fa4a3507df4f7526f2440e7988da94ccd868dd8741d1e43eba0b67b516be14a8b51a75bfd611b2d7ae6a21d056c2c5116a416a76b1a03dc55ea62d43c809e0ed6e56163fdab317afd5c34d614367e4425bb9a97e38b8beb84ef6d549eed5aaa86dbe646fc95b4b88e2afb55ae6f1229bcf13ecff7a597f452bed6b6fb4c812df9be8e35d8d15086609c033a5d2a42d5dcb0d103098fa302c5b1d48f913f8b22a30a47d9ae02000000e2b855845f39806305f56d918cc5b4023fdbe9cae4147c84583ec9dd375031ba5ae65e31f0", 0xf9, r2)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r0, r3, r4}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha256\x00'}})

7m0.271743174s ago: executing program 3 (id=1589):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2682, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r1 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$read(0xb, r1, &(0x7f00000007c0)=""/160, 0xa0)
writev(r0, &(0x7f0000000840)=[{0x0}, {0x0}], 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000980)={0x24, &(0x7f0000000880)={0x20, 0x1, 0x11, {0x11, 0xf, "8af6767a359c83968ce610c1b536aa"}}, &(0x7f00000008c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x44c}}, &(0x7f0000000580)=ANY=[@ANYBLOB="00221e0000009b48be9ddf16ee1625ea97199eed400bdeb6ecc73a105faab3839afb27a0da994ef577b806ec8b910d68467c88f74355a5835fe199a22e446ddb9cf9007c17b5d39652971e59aa3d1c5e61b844a897884656526444ef7699d5a02d6828f13ea24efeddd5c0f1539e8fb35570348dd7ddb301d43c8d2cb3c98f697ee71cc4e84321826de341c1dd99b874c8fe8df12aff28822c4b9b2fbebd86244359c347c43d2751"], &(0x7f0000000940)={0x0, 0x21, 0x9, {0x9, 0x21, 0xff, 0x0, 0x1, {0x22, 0xe14}}}}, &(0x7f0000000c00)={0x2c, &(0x7f00000009c0)={0x0, 0x0, 0xaf, "dc7b9a7879907af889a4aff4edd878cf7b343db1997cb629db03308c03e0135a3c8c62f44542c42a173af927de04de2be223eb66ed9f0a71ea88cc795f4f59bc4f0a86b173c232fa8b362a31526ccd5abf7ab157977d72c371c25492637dec17946926c419816cb920172837b486291febbab8278ae7447bdbff00683ddb4e00d3ea7594f0e36cecdc88b538d015629dc0479241395333e72eaa39b3bc62114ff11451e134d927322cc5978bf6680c"}, &(0x7f0000000a80)={0x0, 0xa, 0x1, 0xd}, &(0x7f0000000ac0)={0x0, 0x8, 0x1, 0xf8}, &(0x7f0000000b00)={0x20, 0x1, 0x8b, "026bb75841d455191862d60326650a1812237715b5e0af168c4ee89dd805ee82f749c055129de02a8499db7889ed331f745deae002b2f6318267f969d27da58d23d4c9910fc7e0c73f9386cde0722c281965762d8baa0f9d637fb51be0e404e81a34bdf9a262515bcb845c558cb610f315684b2b6cb26244b3d807a47113ff46c3857394be63eae4aad040"}, &(0x7f0000000bc0)={0x20, 0x3, 0x1, 0x10}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r5}, 0x10)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000400)='/proc/key-users\x00', 0x0, 0x0)
preadv(r6, &(0x7f0000003780)=[{&(0x7f0000001300)=""/170, 0xaa}], 0x1, 0xffff, 0x0)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, 0x0, &(0x7f00000000c0), 0x0)
recvfrom$inet_nvme(r6, 0x0, 0x0, 0x2, 0x0, 0x0)
r7 = syz_io_uring_setup(0x109, &(0x7f0000000140)={0x0, 0x114df, 0x0, 0xffffffff, 0x288}, &(0x7f00000001c0)=<r8=>0x0, &(0x7f0000000440)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x1, 0x0, @fd, 0x6, 0x0, 0x4, 0x1})
io_uring_enter(r7, 0x3516, 0xaddf, 0x2, 0x0, 0x1517f)
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)

6m58.670216637s ago: executing program 3 (id=1592):
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
close(0xffffffffffffffff)
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0xfffffffd, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

6m58.123920458s ago: executing program 3 (id=1596):
syz_io_uring_setup(0xb7f, &(0x7f0000000180)={0x0, 0x38ab, 0x1000, 0x0, 0x1e6}, &(0x7f0000000380)=<r0=>0x0, &(0x7f0000000600))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0xffffffffffffff5b, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
setrlimit(0x8, 0x0)
r3 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2d, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @private2}}}, 0x108)
pipe2$9p(&(0x7f0000001900)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r5, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r6 = dup(r5)
write$FUSE_BMAP(r6, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r6, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [], 0x6b}})
truncate(&(0x7f0000000240)='./file0\x00', 0x206b12)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xa2f00, 0xa3)
socket$nl_route(0x10, 0x3, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = syz_open_procfs(0x0, &(0x7f0000000580)='net/fib_trie\x00')
pread64(r7, &(0x7f0000019180)=""/102355, 0x18fd3, 0xc2a)

6m57.06052642s ago: executing program 3 (id=1601):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac9", 0x3}], 0x1}}], 0x1, 0x4000000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800008080b63428e900"/20, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r0, &(0x7f0000000040), 0xe09)
r1 = syz_open_dev$loop(&(0x7f0000000140), 0x9, 0x40000)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r0, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd00000080190000000000000800", [0x0, 0x2000000000001]}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
setrlimit(0x8, 0x0)
r2 = syz_clone(0x100800, &(0x7f00000005c0)="308186fd914df84ab7dd34776bacdd221470c77a27bbd140885c416ccba7edd1e01a3cd0506b923f92fd4e4ace80c982cdea19260f9a7d37c7d924fb598c7187dcf565134f6b19424b4cb101098b100ce80ae2be5cda67288e13cf7c59502c4236d0ab41c33d5b59a4a4433ff7fa67", 0x6f, &(0x7f0000000040), &(0x7f00000000c0), &(0x7f0000000240))
sched_setaffinity(r2, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x12, 0x4, &(0x7f0000000700)=@framed={{}, [@generic={0x91, 0x1, 0x1, 0x19}]}, &(0x7f0000000c40)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff9}, 0x94)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x5, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000140)="d8000000180081084e81f782db44b904021d080006007c06e8fe55a10a0015400600142603600e120800060000000201a80016000800014003e01100036010fab94dcf5c0461c1d67f6f9400e08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef409001b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffec62070000cbee5de6ccd44a677575a62cef352a92954b43370e9701ee1b6ed95a526c5d5b5701cf8773", 0xd8}], 0x1}, 0x400c0)

6m56.244127449s ago: executing program 3 (id=1604):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c0003"], 0x528}}, 0xc000)

6m56.062958588s ago: executing program 3 (id=1606):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x2010042, 0x0)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
mount(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x2086421, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r2 = dup(r0)
write$UHID_INPUT(r2, &(0x7f0000000a00)={0xf, {"a2e3ad21ed0d1bf91b28090955f70e06d038e7ff7fc6e5539b0d650e8b089b3f36076d090890e0878f0e1ac6e7049b3360959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07450936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0xfffffffffffffd6a}}, 0x1006)
write$UHID_DESTROY(r2, &(0x7f0000000000), 0x4)
r3 = bpf$MAP_CREATE(0x4400000000000000, &(0x7f00000000c0)=@base={0xa, 0x8, 0x9, 0x7f, 0x0, 0x1}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000240)={r3, <r4=>0xffffffffffffffff}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000004000000000000000300000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400005b6dbe5385000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x22}, 0x94)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x16, 0xc, &(0x7f0000000080)=ANY=[], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x22}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r5, 0x0, 0xe, 0x0, &(0x7f0000000000)="4010fe61e8624b86d1fdb36d7804", 0x0, 0xf90e, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
rseq(&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
timerfd_create(0x6, 0x80000)

6m40.817581156s ago: executing program 33 (id=1606):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x2010042, 0x0)
symlink(&(0x7f0000001780)='./file0/../file0\x00', &(0x7f00000017c0)='./file0\x00')
mount(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x2086421, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000600)={0x0, 0xc, &(0x7f0000000000)=[{&(0x7f0000000080)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)
r2 = dup(r0)
write$UHID_INPUT(r2, &(0x7f0000000a00)={0xf, {"a2e3ad21ed0d1bf91b28090955f70e06d038e7ff7fc6e5539b0d650e8b089b3f36076d090890e0878f0e1ac6e7049b3360959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07450936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0xfffffffffffffd6a}}, 0x1006)
write$UHID_DESTROY(r2, &(0x7f0000000000), 0x4)
r3 = bpf$MAP_CREATE(0x4400000000000000, &(0x7f00000000c0)=@base={0xa, 0x8, 0x9, 0x7f, 0x0, 0x1}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000240)={r3, <r4=>0xffffffffffffffff}, 0x20)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000004000000000000000300000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400005b6dbe5385000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x22}, 0x94)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x16, 0xc, &(0x7f0000000080)=ANY=[], &(0x7f0000000540)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x22}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={r5, 0x0, 0xe, 0x0, &(0x7f0000000000)="4010fe61e8624b86d1fdb36d7804", 0x0, 0xf90e, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
rseq(&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x4}, 0x20, 0x0, 0x0)
timerfd_create(0x6, 0x80000)

6m23.175816123s ago: executing program 0 (id=1673):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x3b, 0x0, &(0x7f0000000000))
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
accept$packet(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r4)
sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000340)={0x44, r5, 0x607, 0x70bd2a, 0x0, {}, [@IEEE802154_ATTR_LLSEC_KEY_MODE={0x5, 0x2b, 0x1}, @IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x460769a9}, @IEEE802154_ATTR_LLSEC_KEY_ID={0x5, 0x2e, 0x7}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}, @IEEE802154_ATTR_HW_ADDR={0xc}]}, 0x44}}, 0x0)

6m20.803794031s ago: executing program 0 (id=1675):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
fstatfs(r0, &(0x7f0000000140)=""/159)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newtaction={0x6c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x1}}}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_TCINDEX={0x6}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r6, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce851400040002000000ac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}}, 0x0)
ptrace$ARCH_SHSTK_UNLOCK(0x1e, r2, 0x1, 0x5004)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181)
r7 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
close(r7)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000d80)={0x1, &(0x7f0000000d40)=[{0x6, 0x6, 0x38, 0x7fffffff}]})
listen(0xffffffffffffffff, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000000)=0x9)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x10044, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r7}})
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000000514210626bd7000800000000800010000000000d9fe030003000000"], 0x20}}, 0x20000000)

6m17.238561216s ago: executing program 0 (id=1681):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
fstatfs(r0, &(0x7f0000000140)=""/159)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newtaction={0x6c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x1}}}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_TCINDEX={0x6}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181)
r6 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
close(r6)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000d80)={0x1, &(0x7f0000000d40)=[{0x6, 0x6, 0x38, 0x7fffffff}]})
r7 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r7, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
listen(r7, 0x0)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x10044, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r6}, 0x2c, {'wfdno', 0x3d, r7}})

6m15.377146252s ago: executing program 0 (id=1685):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
fstatfs(r0, &(0x7f0000000140)=""/159)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newtaction={0x6c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x1}}}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_TCINDEX={0x6}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0xc)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r7, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce851400040002000000ac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}}, 0x0)
ptrace$ARCH_SHSTK_UNLOCK(0x1e, r2, 0x1, 0x5004)
r8 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
close(r8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000d80)={0x1, &(0x7f0000000d40)=[{0x6, 0x6, 0x38, 0x7fffffff}]})
r9 = socket$unix(0x1, 0x5, 0x0)
bind$unix(r9, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
listen(r9, 0x0)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x10044, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r9}})
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000000514210626bd7000800000000800010000000000d9fe030003000000"], 0x20}}, 0x20000000)

6m12.770362805s ago: executing program 0 (id=1689):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/stat\x00', 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0x6, 0x0, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180), 0x1ce97bbf60ae786d, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
r3 = getpid()
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000440)={0x14, 0x0, &(0x7f0000000340)=[@acquire={0x40046305, 0x3}, @free_buffer], 0x3c, 0x0, &(0x7f0000000400)="49db2abaecafa972fe58aa0a97f2d6d2d320d8c01e6503d235682062d8951a5574befa5a269b32cc4bae8c1dbe18e872211865055f5aa4837dce2643"})
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$TUNSETVNETLE(0xffffffffffffffff, 0x400454dc, 0x0)
sendmsg$TIPC_CMD_SET_LINK_WINDOW(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000001300)={0x0}, 0x1, 0x0, 0x0, 0x20000000}, 0x4000044)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="9feb01001800000000000000340000003400000006000000040000000000000e0300000000000000000000000000000d03000000000000000000000204000000000000000000000b020000000000000061"], 0x0, 0x52}, 0x20)
sendmsg$IPCTNL_MSG_CT_DELETE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, 0x2, 0x1, 0x401, 0x0, 0x0, {0x2, 0x0, 0x9}, [@CTA_MARK_MASK={0x8}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x8c0}, 0x48000)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x4000, 0x0)
pread64(r0, &(0x7f00000024c0)=""/209, 0xfd36, 0x698)

6m11.018176106s ago: executing program 0 (id=1693):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x5, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0x5}, @call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
pipe(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0)
r3 = syz_io_uring_setup(0xbdc, &(0x7f0000000080)={0x0, 0xec21, 0x80, 0x1, 0x40000333}, &(0x7f0000000040)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x2, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r3, 0x847ba, 0x2000, 0xe, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000240)="c4e1e97505bd000000b8044fdc87efed660f388059e0b805000000b91e4200000f01c10f20c035000000200f22c0f20fa20f01cb36263e660f381efc660f7c150c000000b8330500000000210000000f01c1c4e17929d8", 0x45}], 0x1, 0x41, 0x0, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
write$binfmt_aout(r6, &(0x7f0000000000)=ANY=[], 0xff2e)
ioctl$TCSETS(r6, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0000fa00ea8000"})
r7 = syz_open_pts(r6, 0x0)
dup3(r7, r6, 0x0)
syz_open_dev$usbfs(0x0, 0x77, 0x600)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r8, 0x40bc5311, &(0x7f0000000100)={0x80})
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r9 = getpid()
sched_setscheduler(r9, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r10=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r10, &(0x7f000057eff8)=@abs, 0x6e)

5m55.885076503s ago: executing program 34 (id=1693):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x5, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x9}, [@call={0x85, 0x0, 0x0, 0x5}, @call={0x85, 0x0, 0x0, 0x11}]}, &(0x7f0000000000)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x0, 0xe40, 0xe40, &(0x7f00000002c0)='\x00\x00\x00\x00\x00\x00\x00\x00', &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
pipe(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sysfs(0xffffff9c, &(0x7f00000037c0)='/sys/kernel/notes', 0x0, 0x0)
r3 = syz_io_uring_setup(0xbdc, &(0x7f0000000080)={0x0, 0xec21, 0x80, 0x1, 0x40000333}, &(0x7f0000000040)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x2, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r3, 0x847ba, 0x2000, 0xe, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000240)="c4e1e97505bd000000b8044fdc87efed660f388059e0b805000000b91e4200000f01c10f20c035000000200f22c0f20fa20f01cb36263e660f381efc660f7c150c000000b8330500000000210000000f01c1c4e17929d8", 0x45}], 0x1, 0x41, 0x0, 0x0)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
write$binfmt_aout(r6, &(0x7f0000000000)=ANY=[], 0xff2e)
ioctl$TCSETS(r6, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0000fa00ea8000"})
r7 = syz_open_pts(r6, 0x0)
dup3(r7, r6, 0x0)
syz_open_dev$usbfs(0x0, 0x77, 0x600)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r8, 0x40bc5311, &(0x7f0000000100)={0x80})
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r9 = getpid()
sched_setscheduler(r9, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r10=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r10, &(0x7f000057eff8)=@abs, 0x6e)

2m8.695417543s ago: executing program 6 (id=2255):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sysfs$2(0x2, 0x80000001, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
r1 = fanotify_init(0x200, 0x0)
dup2(r1, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_GET_FPEXC(0x45, 0x0)
r5 = socket$inet(0x2, 0x2, 0x1)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f00000002c0)='veth1_virt_wifi\x00', 0x10)
sendmsg$inet(r5, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0x4000, @broadcast}, 0x10, &(0x7f0000000100)=[{&(0x7f00000001c0)="08001efb3e6f0000", 0x8}], 0x1, 0x0, 0x0, 0xe0000000}, 0x0)
ioctl$mixer_OSS_GETVERSION(0xffffffffffffffff, 0x80086303, &(0x7f0000000000))
lseek(0xffffffffffffffff, 0x0, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x1e, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4000}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6], 0x0}, 0x94)

2m7.43487861s ago: executing program 6 (id=2259):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000000000000001600", @ANYRES32=r2, @ANYBLOB="000000020000000028001200"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=@delchain={0x3c, 0x2c, 0xf31, 0x0, 0x2000, {0x0, 0x0, 0x0, r5, {}, {0xfff2, 0xffff}, {0xffff, 0x1}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x2}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008854}, 0x4010)

2m7.093478316s ago: executing program 6 (id=2261):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
read$FUSE(r1, &(0x7f0000003980)={0x2020}, 0x2020)

2m6.861042657s ago: executing program 6 (id=2263):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001480)=[{0x0}], 0x1}, 0x0)
sendmsg$inet_sctp(r0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x80000000000001, 0x0, 0x2, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
io_uring_setup(0x6ed1, &(0x7f0000000140)={0x0, 0xf844, 0x10003, 0x0, 0xee})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x2, &(0x7f0000000100)=@raw=[@ldst={0x1, 0x2, 0x4, 0x0, 0x1}, @jmp={0x5, 0x0, 0x9, 0x0, 0x4, 0xfffffffffffffe88, 0xfffffffffffffffc}], &(0x7f0000000000)='GPL\x00', 0x6, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r3 = openat$comedi(0xffffffffffffff9c, &(0x7f0000001080)='/dev/comedi4\x00', 0x100400, 0x0)
ioctl$COMEDI_CMD(r3, 0x80506409, &(0x7f0000001140)={0x0, 0x20, 0x10, 0x3, 0xffffffff, 0x3ff, 0x2, 0x1ff, 0x100, 0xa, 0x10, 0xffffffff, &(0x7f00000010c0), 0x0, 0x0})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x24, 0x1, 0x4, 0x101, 0x0, 0x0, {0x5, 0x0, 0x1}, [@NFULA_CFG_CMD={0x5, 0x1, 0x1}, @NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x240c0081}, 0x20000000)
writev(r4, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)

2m4.80435384s ago: executing program 6 (id=2266):
r0 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000040)=0x10)
setns(r0, 0x20000000)
write$binfmt_aout(r0, &(0x7f0000000900)={{0xcc, 0xd, 0xb, 0x10c, 0x328, 0x2, 0x333}, "b9ce89515421c816b6078177db2502562f239feabd685b3aff4c708ebc3aa069d9765491b0c5b38b054961c60a051ab9974818f04d59a95b32cd01e50d848c12efddb31b4d9955e5642fcb334a150db93c8ea8df07b04b39e3f626e754fc49c09fffb734dceb54526a7081d2c679f993b3092249759eb7c1b9f55f9994a3a308ca0c8e14fd16dc05175e4521a5aae6a9c66cf072794496fdc4697c26f24e8f0e8107434648a9b5cec1d4d7fc90cf3605da79261f2735149b0e0a359a7dd18c6c86e2086e9f8daeb90e30a23003aba50fc0b72749f572aa97d12bc42c074c127840b4a2d6259a91724060d09e226c419ca88188b08d832363dd6be6093bf30baad477bd6451b21329710bac5a769106dcaeb44cac50bc7e405371a6fb4b387ec95b029297904fa782bfb5f2bea92e917ee94120472ed61c168ccee76c9944e692ba79dc10369d77c16989a05f7359f63ed10e852e3b8394dcf02fa8269872dad61e6925733e52523d7937b572f0c7e9e0c102f39283119fc843aecd8e0883162383fbe2e8122b81f1d51e7fa55276ed791bf7438079308128f049b6898d2862ca7c685b2e60f59eb2f8561aff04d99db9786dc28854dfd0cbe82e3d9bea2065f53e32023b08ebf4f5708173297bf6ed9b8482416b45263fe90a1130ab7078f4ff7ca08c47e86261f0931db05fa54a0b63d1ae546d7635526006df3d7b7a55b08839f38bca2f974fac4fb97c65106c0b1b06361ba90e8690cbcf86c8d150d5b3e9ba5c5389401582ac4ed07029e594d28c922d034f7bb7040fa42f4d230a1e0cd651b7ece6609d746b5b5f21c0fcbfc66532541eb765d886e2e5fbe0e7842e02af0c5b60d95004994ae471a7844c9ac80afabd54e2dc998d518ae9c572ac9130c3561594a358379ca411a474d793223cad6b9cec3041bb86b3bed7048c29df88dd56ce129119cf15e657bb7c009e9ae19e59244763deab2f81a91e3d6ffc4d993db830a19e74a9313a3b69000414e4b319ff607c78d9c0acaeebd01a07cc1ffeb7a812973f81222b57475033d5555721ba6c6d13058b7f60265a1044a3ad35588d6a14f59d172c031434dddccd4bb05b8b026012b3ff43325eb78453f9369dd891fd0fa4ba36bc409ffb71b7cc7cf5e473a0e2a549fbebac54d813fd7876f80d1341350329e90c2a446f74cd6f904cbbb457d9687969830052d742695db307699bdcefb96f6a7801f8ed925656798a0ab0645908b096ce44edbc8a6cf3bcca64230d8c55e431831c4d077ca86ea13d0f1905765cc27a744e2873f9110d1b7ab5f72748ad22cdb87cf03c5f3777e61f1d5aebdbfd4e14aeab051600e21573797000087e9786b531e9a9b85f912e37e52d5b40abc325af147175e809f809872a073715e1498ea35ab181cc6a756d7dba981aaeec93106f034a1ba0fdd9c0feb8229d22c79c73fb2932587c750f497c4beed0fa2c9d4a7de7f7ec427278c7eeb1a599be059b1b9ef439a3df2badcff023395d143f7aeae176a54ab12b1c284470f461142c298dab5ddc40718873a3c2825cdec296a2795e3c6d3024acf048c540d5f5a8e3a49710b8304f0c53a77acabf2370d2f798c7f6fa43d07fb663a62b2c74c50cb8e248c6197b93bd2db452878f57f65111dbd19c3693c07c54a0b38dad1461d1f15cbd5fefe0a98894b90ecde2dfe74c450012fa549b62ec1c47bba6e9cf2ab54cb54d52aef98f77bd842eb03c846bbd5c61741f428273937ed13dbf68a88470d44f1b5d4cb9821a5de08c2cc3d772d301118a492a0e7058d0f79f4c0697efe9c17daddf85e9a2d71dfe785ae0577bc16a2b7b1f2babdc77bae40b961688a7019ccb12f3af21335543768daba1caa5fa3a7d75db4ba22473fa337aeeefdae170ab7efb0c0ccded9ae401727f652b60ce2832b40d0b843651b62b21d81b0fc7f3b733b9a66250a10e017a3bf820cbd755bb97a3db4216e8d3604ddd17a251218077b2cf8336993f413782e09b10a014a7b201de34736d53a6bba52b4b94a3982b543ac5dec77b033449c4300049626c3a3a6ac6405f42b8ebf2f26d16377dbbd705b56a8bfc4c89f44273c045b0993383bdfc4c1c979bb51ae4b041f9146091f7134192f83c8f89f03bec737bce82adfbcd97ca90ab752c7c2c6bfc06e1bbfebb8124de43c61a4bcf9048debe6a6183cbe60f925b8b8bffa2ba3272f2cbe05ffa59f0e0ac08d4633b09e81cf1c471c852c4c17b2665250a3c4d4cfdb7b2d8df8643c820d08dcc6f8fe867b035860989cd03bbeeff57286eeb74a4002ba1034e286b9c2ede3f6401ab60ffa86cc7ec0af49001b1a09d4e921487c968ec9eb989dcf0d6359815e6f613812f3e0150006560fa61944629814a6b5e5fc6519071b541d040ad3c10b4dfdb1a5e68ada772652fcece98014bf7a0b025918971d53e0a4fded27b7f71af4e0b936cbc2d39a850b36fccab64cfcccc3f58e89fecba75a6eb6606c365972a59e2ce3637d0510bb1a2d3e4ddc98bfc0bde90ef7a20902f549e588af6b97154fec0363a38dee5c90744bb931f33de290667164beec78d9416cf81346141551b02bd27e9e2ae76369ebc5bce10232f7b67e20d46a8849948e29da2e01ec8dfe73f681dd978c18f25ace198cd124bdefd253f8788b4b7cc76f34a4ab19b73e9f9008be9ecffe0821dc5b953e6bb59891bdcbb906c96bef56eeda6bfa2f560c2d0a3d68a14740ab743b3c45965b2803a3a59f046fc1d2ddc327010dff66ea114161b2e6cd1df2c7cf040dd73854db8c0470595073b3683bd6f661d638774fa52ed06a22a608aaa3cad93c5e782adbe965982ae5970845f7e5b28c7663f50e2fe0e0e03c23884af8dce1d59ec453a36d2ebd11488fa82cc73ea3606dd99c3a4458f3155a3c1efc382fc6a8e091ecb56fb2940f0b2a4516f5ca1a00cfa251f1b7f671d48dbd6919f61c118d4ccce51f8dd0a36e66d68e3f60e082eb1fdeec64cb3b86ba3ce80c277074744b0346c70ca3e0b646cd319e05a7c8ee02d057710d86529ccb58865461e185041d959dd0d27fee89cbbbe5bdfcac1e2171fa93492c32dec57e5a4ac5d5b30bec1b2673bc95a85cd0df12287cb27e296caf68c7a353f4da9c94257f731a43765ff74cccdf5c5c9820290d36cfc8130cb19ab7aa1638d1dc1f26595afa7fe6fc863f71e14281248e5018e6b934d2863c689849b1c1ac3a48c6d04dd9771d55fe3bc2229fa85796348796d6289891420420fee9999814beab1c7eb73f0a82a3fd91905d4759b0e9ce53f56e72c32c5028c4c4960849e3c054a35d35d6fd18b17ac5410d9a68aeee84ba776317ac34b1408ac7eda8f33e82236ed041da4393401bfab0296dbb75249be97fc9249a052a75be59c3b2b26e11e3ccc9aa70bf7c52384d29bc124aaef016b91e201762dd4b32f1fc30ebb1e624200a6c3a4a00956015f9e72edba58c13f95cf642c4d31f6a4125b63928604a842c5352acb9b495b4c8e7763c49fc5143d73e950ca0caffe1a2ab04a256841dfbfca0deb7dd34d7f9ef5846d9136fbeca9fa7d83d12c6e9d6c5d6e23991375ebe2ecbb8ba2df9d046c178ae3ea4e9d55fdfd7cb300fac54d07d0f49c19979b99907f77e63e42b5060460208373e6524192ef47ce26aa746699a5f67c8d4970edfba3886ab771d66f72955133cc0e42349588f88e44e2ce4fe64073ba4f298888fdf74e69afb5295019326199c315c506d4f44b75ff9f70ad1e38c5889b597ffde17b143abd820d224e12e9efba0682220a5f2d7f3ef87b5366c390cdc1e0402a571fb46cb992158e96cb03eb915fb4fb6d78e7132b8897185e30119b61b4070b7aaa389de4eec4383de8c38fd0025042b4a6310843abf5c5e92dbc7ddad4782b3d092971b6112ac74e5c040a27338f3fc85b85cb475c9e0e61b6152ea124fa28d900df22302e879e5b2e0fd65e636efbb8f0dedd136e07809b370d175e208eebffc63fd4ab329efcb30744c06a0f5d651c920f4b533bc3e6d21e0b9b24d77470038555dd7ecea8e42efc9c1590b55bb9d2fc31f3fd059a3a36fc19ed50e7d1e6c1038dd626b6b82d33a3629cb5d5a3ebd17664b1f239c949932920fa334561b0b89bdfbf66a7c9af86383e9afe36681ce320d2fb67f0480faf9b5b4a735942886c40338bee0f8393ffbbd46a734bcf2976fe96e5e67cdd2a964249de7bc448d7325a7d04b865bd99d80932a877180651ca12a7cbe784406b932384febaf7e46f7e8140d8143a711849bcc97da285c47a97cfec2ae8e3e5def76d1f12c54595d2406e1e2a6c51b29f6d002902e9f9e639bda8640c6f61252bb1b691a25d620bb0c0ee1aaa785cc9540f139ad2b72434cb5ee9170ae15a30b92763526a28abee1d2f297e8c1ea0ba62dc578b9dd11fc41d6a81092709ec6b14429c1f362906a03da68d88d4d39b090751c1e0043ced3dcfe43db68dd0eb03c0fd273f7c34516f336b495da3f4a840ceaab3ac94e18687f49fff6a0669db0d62557cb4cbe36e2463c06b8b8a6d3e5fbba401ce2859b68dd81065ce776ebc5f6ad373762394fbd3cc20c568459b10cdf65df8dc0df440cb1ccb7dd07da32812dcd29d91cd02f716e8ccde4c644ef4a78f7e7d133f043c1aefcfac007ed08f8ed8dcda898a5ee3af1b9a4b3ca5bcfe727ba9fb59b0727941024b27814ab2046911cf7f9c8ab6f00461e4f64649fa34996314744562a5aea5c056f2f65d566d22b281cb9075a62f4f72d5885ace1b0c217e162b6d799eb8ebb678b5f5c5e9bcaf1b18f1852cc2cb489e1e4aa33956908bc74252737e999701592e846b9b42da1ca53e5fd83e24cad93c95231261c06fe7b7c742e7a98b92b68bc67a94b0deb78f12ecb64ed06c55f68a79f5dce9d511bf3c5ff19145813e28f760f15e898f077896b7beef1e0f2b9d4edb9e3bf52d26ea920d36102bf937e7a54285765b7e645a601f7ef20f5356f083b8ab3c36246dd89814103890046a13f9099fdab3559603572ad9c7879847c4872f0237ef8e54228d93b044fcd52d0c251a30312322992808bef3d9d475ba50735dc92c39af709e411a022713a3bd41cf738bc12ece3ba02d879872005a891e244197ca0b98c7866c6f4a4933fa6baae641c2b343b100ea19ec353e33bf338a2b2497e062179b5c1d1c41f46e26a80506468356139a7bbc3c7dd4f4d0e1a547c147482fe4f80c2e2bb8d831906358953825ad2df3bcf0290e1b1aad105479afe6b54407b35099196b69775420f03073610c821ce5d6412601d87e27ba4b227cce85e8c63124990eca5798c22b0c4cfa818c922c0ce031e6e8b94cb2447c696b52ee9f286a04bf330414cc12d395da4a908323b1a51132d02e14c8dc1bfe29ced464942947f2b551a858f902203d2620d5ecfe7aa5acedbef50109d4d9f8a9f92cea8276cc33f09086009a01ce1541d71cf12d46d062c14c70dfacd0290ab9a50eadbff0102275ca1eaa9ad7773d7479edd042159b9a26a06247f8d4a816a98644327d686f41237c931445e6b0ac0036d653a5e1926681ad2c9cb8cbaa5f2b09eafc8dcc514834dfd0b1c337997e86659eb43ea685521abfb0f7494dd8bfb2cb6bc0807b4900de6f3f3a88944bc83f2f279bab0af06fffb4325cefa416ec38ce92abb0bb7276610869534cfdc1514c7baa53f184080c403e4d292fd6e7f5e58990a59ff4ec7cc8e8ae2ba1f53dd733f532cd8250072293d11fba629c7f298c65c3855f0c87b7d16e2f1fa60d5d5a26202ec6c31db84f6a4b09674817", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x1720)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
openat$dsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000000300)=""/102392, 0x18ff8)
futex(&(0x7f000000cffc)=0x1, 0x800000000006, 0x0, 0x0, 0x0, 0x0)
socket$inet(0x2, 0x2, 0x1)
r2 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi2\x00', 0xa400, 0x0)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f0000000140)={'dt2814\x00', [0xb000, 0x5, 0x0, 0x2, 0x88d7, 0x8f, 0x1007, 0x10, 0x1002, 0xffffffff, 0x200, 0x7, 0x10000009, 0x1, 0x5, 0x1, 0x8, 0x3, 0x9, 0x8e, 0x108, 0x3, 0x7, 0xa, 0x5, 0x1, 0xb0c4, 0xc, 0x8, 0x400002, 0x2]})
ioctl$TCSETSF(0xffffffffffffffff, 0x5404, 0x0)
r3 = socket$inet6_icmp(0xa, 0x2, 0x3a)
r4 = socket$inet6(0xa, 0x2, 0x3a)
sendmmsg$inet6(r4, &(0x7f0000000e40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[], 0x18}}], 0x1, 0x4000880)
bind$inet6(r3, &(0x7f0000000240)={0xa, 0x4e23, 0x1, @empty, 0x3}, 0x1c)
fgetxattr(r3, &(0x7f0000000000)=@random={'btrfs.', '/dev/comedi2\x00'}, &(0x7f0000019300)=""/237, 0xed)
read$FUSE(0xffffffffffffffff, &(0x7f00000002c0)={0x2020}, 0xfecf)
read$FUSE(0xffffffffffffffff, &(0x7f0000002680)={0x2020}, 0x2020)
r5 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
preadv(r5, 0x0, 0x0, 0x111, 0x0)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)

2m2.875860173s ago: executing program 6 (id=2269):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sysfs$2(0x2, 0x80000001, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
r1 = fanotify_init(0x200, 0x0)
dup2(r1, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_GET_FPEXC(0x45, 0x0)
r5 = socket$inet(0x2, 0x2, 0x1)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f00000002c0)='veth1_virt_wifi\x00', 0x10)
sendmsg$inet(r5, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0x4000, @broadcast}, 0x10, &(0x7f0000000100)=[{&(0x7f00000001c0)="08001efb3e6f0000", 0x8}], 0x1, 0x0, 0x0, 0xe0000000}, 0x0)
ioctl$mixer_OSS_GETVERSION(0xffffffffffffffff, 0x80086303, &(0x7f0000000000))
lseek(0xffffffffffffffff, 0x0, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x1e, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4000}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6], 0x0}, 0x94)

1m47.148482399s ago: executing program 35 (id=2269):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
sysfs$2(0x2, 0x80000001, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
r1 = fanotify_init(0x200, 0x0)
dup2(r1, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000400)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_GET_FPEXC(0x45, 0x0)
r5 = socket$inet(0x2, 0x2, 0x1)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f00000002c0)='veth1_virt_wifi\x00', 0x10)
sendmsg$inet(r5, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0x4000, @broadcast}, 0x10, &(0x7f0000000100)=[{&(0x7f00000001c0)="08001efb3e6f0000", 0x8}], 0x1, 0x0, 0x0, 0xe0000000}, 0x0)
ioctl$mixer_OSS_GETVERSION(0xffffffffffffffff, 0x80086303, &(0x7f0000000000))
lseek(0xffffffffffffffff, 0x0, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0}, 0x94)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x1e, 0x0, 0x4, 0x1, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x4000}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r6], 0x0}, 0x94)

12.669465259s ago: executing program 5 (id=2535):
r0 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_macvtap\x00'})
sendmmsg$sock(0xffffffffffffffff, 0x0, 0x0, 0x20004874)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xc, 0x13, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000055a60701000000000100000018110000", @ANYRES32=r1, @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000030000008500000086000000bf91000000000000b702000000deffff8400000085000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0xfca804a0, 0x6, 0x8, &(0x7f00000002c0)="b80000050000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$caif_seqpacket(0x25, 0x5, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x40, 0x1})
io_uring_enter(0xffffffffffffffff, 0x47f9, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000000)={0x3, {{0xa, 0x4e24, 0x2, @mcast1, 0xff7ffffd}}, {{0xa, 0x4e21, 0x4a3, @local, 0x4ef}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000002c0)=ANY=[@ANYBLOB="03000000000000000a004e230000000cff010000000000000000000000000001f8ffffff00000000000000000000000000000000000000002000"/106], 0x210)

12.532067563s ago: executing program 1 (id=2536):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0xfff0, &(0x7f0000000080)={&(0x7f0000000180)=@gettfilter={0x24, 0x2e, 0x301, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x24}, 0x1, 0x0, 0x400000000000000}, 0x0)

12.355908244s ago: executing program 1 (id=2539):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
syz_open_dev$sndpcmp(0x0, 0x3, 0x5f3100)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
read$msr(r1, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x0, 0x80b, 0x6)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x6, 0x0, 0x6, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0xffffffffffffff9e)
ioctl$COMEDI_INSNLIST(0xffffffffffffffff, 0x8010640b, &(0x7f0000000000)={0x1, &(0x7f0000104d40)=[{0x8000000, 0x0, 0x0, 0xffffffff, 0x1}]})
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/wakeup_count', 0x101a02, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000150001030000000000"], 0x14}}, 0x0)
read(r2, 0x0, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
fchown(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

11.759919967s ago: executing program 7 (id=2540):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000000340)={0x0, 0xcc}, 0x8)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb08004500001c0020000000119078ac1e0001ac14142200000e2100089078"], 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
pread64(r1, &(0x7f0000000000)=""/3, 0x3, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mount$9p_fd(0x0, 0x0, 0x0, 0x112080c, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f0000001640)={0x0, 0x0, &(0x7f0000001600)={&(0x7f0000001580)=ANY=[@ANYBLOB="28000000020301010000000000a3063432df0002000000054e"], 0x28}, 0x1, 0x0, 0x0, 0x40041}, 0x40010)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x84, 0x0, &(0x7f0000000240))
quotactl$Q_QUOTAON(0xffffffff80000200, 0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000007c0)=@flushsa={0x170, 0x1c, 0x0, 0x70bd27, 0x25dfdbfe, {0xa1}, [@policy={0xac, 0x7, {{@in=@broadcast, @in6=@mcast1, 0x4e21, 0x9, 0x4e21, 0x0, 0xa, 0xa0, 0xa0, 0x1}, {0x3, 0x8, 0x9, 0x538d, 0x3, 0x1cf7, 0x5, 0x1}, {0x5, 0x6, 0x7, 0x6}, 0x4, 0x6e6bb2, 0x0, 0x0, 0x2}}, @algo_crypt={0x50, 0x2, {{'fpu(pcbc(aes-aesni))\x00'}, 0x40, "858bb4cddb49c78c"}}, @offload={0xc, 0x1c, {0x0, 0x2}}, @algo_aead={0x4c, 0x12, {{'pcrypt(gcm_base(lrw-serpent-sse2,sha512-arm))\x00'}, 0x0, 0x80}}, @extra_flags={0x8, 0x18, 0x6}]}, 0x170}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=ANY=[@ANYBLOB="50000000100003040000000200000000f2000000", @ANYRES32=0x0, @ANYBLOB="7fff0000000000002800128009000100766c616e000000001800028006000100010000000c000200540a00001800000008000500", @ANYRES32=r6], 0x50}, 0x1, 0xba01}, 0x0)

11.566586201s ago: executing program 1 (id=2541):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
fstatfs(r0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newtaction={0x6c, 0x30, 0xffff, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ife={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x1}}}, @TCA_IFE_METALST={0xc, 0x6, [@IFE_META_TCINDEX={0x6}]}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0xc)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000380), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r7, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce851400040002000000ac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}}, 0x0)
ptrace$ARCH_SHSTK_UNLOCK(0x1e, r2, 0x1, 0x5004)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181)
r8 = openat(0xffffffffffffff9c, &(0x7f00000013c0)='./file0/file0\x00', 0x42, 0x0)
close(r8)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000d80)={0x1, &(0x7f0000000d40)=[{0x6, 0x6, 0x38, 0x7fffffff}]})
listen(0xffffffffffffffff, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000000)=0x9)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x10044, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r8}})
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB="200000000514210626bd7000800000000800010000000000d9fe030003000000"], 0x20}}, 0x20000000)

10.938541132s ago: executing program 4 (id=2543):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r0, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000000020000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)

10.763875649s ago: executing program 8 (id=2544):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='syscall\x00')
r1 = userfaultfd(0x80001)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000540)={0xaa, 0x110})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
syz_open_dev$evdev(&(0x7f0000001a80), 0x910, 0x200)
read$FUSE(r0, &(0x7f0000006a40)={0x2020}, 0x2020)

10.411934188s ago: executing program 7 (id=2545):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
getpid()
socket(0x400000000010, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$6lowpan_control(0xffffffffffffffff, &(0x7f0000000180)='connect aa:aa:aa:aa:aa:11 0', 0x1b)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[], 0x50)
r4 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r4, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r4, 0x40946400, &(0x7f00000000c0)={'pcmmio\x00', [0x4f27, 0x0, 0x4, 0x4, 0x5, 0x5, 0x4, 0x7, 0x54c6cff3, 0xfd, 0x2, 0x1, 0x1, 0x1, 0x6, 0x101, 0x0, 0x7f, 0x3, 0x40000003, 0x89, 0xcaa3, 0x0, 0x20001e5b, 0x3, 0xe66, 0x3, 0x8, 0x4086, 0x2f00, 0xfffffff8]})

10.400377721s ago: executing program 4 (id=2546):
syz_io_uring_setup(0xb7f, &(0x7f0000000180)={0x0, 0x38ab, 0x1000, 0x0, 0x1e6}, &(0x7f0000000380)=<r0=>0x0, &(0x7f0000000600))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
setrlimit(0x8, 0x0)
r3 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2d, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @private2}}}, 0x108)
pipe2$9p(&(0x7f0000001900)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r5, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r6 = dup(r5)
write$FUSE_BMAP(r6, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r6, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [], 0x6b}})
truncate(&(0x7f0000000240)='./file0\x00', 0x206b12)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xa2f00, 0xa3)
socket$nl_route(0x10, 0x3, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r7 = syz_open_procfs(0x0, &(0x7f0000000580)='net/fib_trie\x00')
pread64(r7, &(0x7f0000019180)=""/102355, 0x18fd3, 0xc2a)

9.348712933s ago: executing program 7 (id=2547):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800", @ANYRES32=0x1, @ANYBLOB="0000002200fe0001000000000830580000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
r0 = socket(0x6, 0x5, 0x8)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
write(r0, &(0x7f0000000000)="240000001a005f0214f9f4070009040081000000000100000000000008001f0001000000", 0x24)
ioctl$SIOCAX25GETINFOOLD(r0, 0x89e9, &(0x7f0000000040))
timer_create(0x8, &(0x7f00000002c0)={0x0, 0xb, 0x0, @thr={&(0x7f0000000380)="8b656e79225e02c72263e51a2589fac1f4face52064abb2529f85818dd8a5edb4dba5fdedb7d2bd7060e0eb4805ac8e9a23f675f", &(0x7f00000001c0)="c0568f000b11bf98730a2e2a3f491c148a124cd685acddcb24740b96633f32fc2854b4c3888059988e4fa88d342c7f803872"}}, &(0x7f0000000000))
openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x9, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x41000, 0x1b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000037}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x4)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x64}, 0x1, 0x0, 0x0, 0x200040c0}, 0x800)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2002000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f0000000600), 0x1c96ad6f, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54d24f15655595860608d70566e425a6c36af37b33fac9d31c8a9c7044410d324b03e044e454d2092a62fea8f13441431ce248bfc73a6726ee61ba491d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d15ea05e97ed3dcad452db6e08a991e2c78b057f55de7fdeba7411ce65700c0a1ad7946ff7c355db87566e3e5abb7a37a06731ed19ddfa970bb58a27fd9fa194c092730319"})
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
unshare(0x4000280)
landlock_create_ruleset(0x0, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r6=>0x0})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f00000000c0)={'erspan0\x00', &(0x7f0000000680)={'ip_vti0\x00', r6, 0x80, 0x8, 0x2, 0x2, {{0xa, 0x4, 0x0, 0x4, 0x28, 0x66, 0x0, 0x80, 0x29, 0x0, @broadcast, @dev={0xac, 0x14, 0x14, 0x3e}, {[@noop, @generic={0x88, 0xc, "bce248d30693c7feba9d"}, @noop, @ra={0x94, 0x4}]}}}}})
socket$kcm(0x10, 0x7, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r2, 0x8982, &(0x7f0000000500)={0x0, 'virt_wifi0\x00', {0x2}, 0x803})

7.649720941s ago: executing program 7 (id=2548):
socket$netlink(0x10, 0x3, 0x0)
socket(0x80000000000000a, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$kcm(0x2, 0x3, 0x84)
sendmsg$inet(r1, &(0x7f0000001000)={&(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10, &(0x7f0000000080)=[{&(0x7f0000001040)="5346f7f875528ef24043c68e04180a332e94ee4784fffee263c06f2d924e8699b6af71aa257b5a316af31628e5148c7012f4d55ce4c29fea9e5b0b61fdf0b2dc866fa81b4e775e235eaebe330e16114548f147b8a966bf1f1fc6c24b9d47d349c87c3f789d2ba608cd25b17b6c80a7f0ceb4a06ff270ff8c9f0d3a19133f1fdfd51b767b8cef1f36e5490c5df5fcb378a6fb6eb5d8aaf7791ce81f61a05e1ebdd1789eb70ac1f3dfed378f6f3e237120052113a75ab977796117f7e7b2d6ee499f51dc070c820d10a0eaef4fc94ddc648bafae070caf70c465267497b3de963df649e113e2060c82b057abfae0798d424c81aeb42796189eb0936a2c547a5c4d6351ed786c75beb926118fb7af49ecc00b545fe2563bd4294a982980afed3f9cf390f304611db4c6d7b64d64f38db5fde5cf7cadb29c697013b710e0218660671d0051ddd7fb7f5eb72a34f469b2e20600000091817eb5b952af43d1a40f4770e7220fcdfe25d3e9747e2af76ece5922724840afdba6f6f9e1d11db8561e8e836413ee04d6e084700ec1ac0e00569f0e4d4844f4710299aabbef615c33e276544669ce074528938ec0cc6d2af1ce7a47a64ad676f08507aa08d4210f979ef4aacfa4d524c9952d4743d65c3c527302942a8880116ce7ebc6c84778346f02c806bb466db7d313d7ebc7ea87823d4a8de0b697929fb3277012327827801f75ca3c5776d1a81acb160007f73148dfaf05ab7eed5a0e603ac468eb2bcd9de5f140758e74c20a9931187e0cbc857aa62a4cec8a62f7e31af3a78cdb8608551cdd68e83aebb3c9e05519184ff996c336553fa6bf16865cd6c4eacf1e360b029cdae41070f5fd183ea0eaae427505d56994ccfd0737aae3abbc45f56710d2e3f2662bf4514044f7fa03cde28fa1783970d3c676cb23cb1923a9feb233267ef663936ccf25f7597a2270724527bf468d22786d0548b25582180b72c51742c4e5c373a1008dd4cfba508e8f3f8ec35e6f1375a11b1fbe2dc09e9fe609e80112c8f5c895c922cd547def707b7252d7afa0030d008b1dd10fd4a56e30237a6e0229fb4562cb8df3d4e64b28e15c075e59554e9d61a6065d49c1e765a49195cf5d6b1e2b6192447817fedfe41fcdf9a4fc5af567906e4b6453da7b97eac255cc253d7bceba09f67da4815438583c6843366b76d9e9277558e48681e9cfa920b47aea0e5c46ef86ea7f1ef534cf7565b24b833ba2cbfe60e6271614850dd68f2a8a6be4f315b83abb8e2699ed8e2a4b3506f9dacbb180c4deeef7489f49faf34cdf4e91a402956564f854d71c892e4aada1c91647ce45d4834d000e8d5be1773ecae388e511228977a69d4cc67fbab60ee1555a219e41eebc31807a87d9cbe88a8b05959e1a988f6ea6ed73a6ac1ec2f3d74d73eaa91a39308e008b7fa1ecc2a020f495750f9936d9c07130d950a777c0d8d131416ef55a4ec041113df65ba4aea92fcb3e2268510f316bd17f04993b6473338fe7c08fd9874e743a31582162232c7d6c614e7b3513abcc0feb99b2c9111300004fe291f5bd682c039183e61c1fdac90b2a015939a8d10b07a05e99e5772b4b9329275cef8de2b066d4e4d421e4a0a69cdd8f674b12f5b3fa764e4b1e9f4d767e252e37477813a03f18da16d598fddcf4be590d9f65f64c647cb2f330a614fe688d3d80182ed8aa59905a1cb0d3f034d927e070d71f56ee8e5c5bdf23c4f85c7a17834467bd6cf58218868fe53e3675c130bbe44bea271fa67999a0dc3dbf7c40dbba6e7d6cc0936bd8d466a1f041883c093a3a60743d0549b1a989a2fa41ff978388014434909053e279a21e7866bd4efb4a9f46b7a8b0d1d84d83020e9e68936ca3de030269784aa29a3e25146cd5b03d21ca82f961be925c9ad487fb24b1e35c2d043ee4b6a4aaf811c4308a6ced6b4c45e7513a3f0e1421cb3b0fd8571a7085c9a4b454e4ee8b44767428666cd108b78369b871ab32f36943e24976f4bb6bd4068cc19585a2de791e3f950d220b28f4ba268d8c9dbccc1a705b1b1c30881babdbc8cc4cf97b801e4d410fd7c61b34b1f126e6df1b0e9c676d1ab5", 0x5c9}, {&(0x7f0000000600)="3001fb90647586f4601659c5ad2644b99bfd65452e947b394c96c29278d097c5f170d77283a744139d2ce2a2f4bb5bb37e7396e7bac14056f25d17145e73bc2461b20ea3fce771f1b32d1585e8a456763cfafcf7189145a6e261af6232014cbf8a0f898bf6d14136874b6a1fd7caf8ec9966b0419be0420dc6e247d1a44f038ae29eb4bc67d6a04e80dfb7715ebafaa20fcbc57ade23cba05da1fbe4bba675b742472eebaabf356adc99866930e146125a272cef5baf5dfad4a28a01208d9908183ab2085a781e531f1bed4ac9c245ec19be383047656a7d857d364e6f69eccea5aca3964f", 0xe5}, {&(0x7f0000000b00)="79dfe4263f037de282e588f3c773eca5f0c383e7425d1573aa90a44223bfeced3ff85afe9d0c0b3b5a7ed7fcdb96a3934fe7af73ee25d5d36ba42e2a858c3d134299abc0393e031db435b2156e55eb2b2b2e2300e0706dfc5c4ec73ba929ffe8a7bb7ce55d95fb6e58560c45d96a58a13aa944b98c481a82927ec071b272b4592616116116527fd2dbc0dfd540810275770aa531098c572f714f6852063afc8358fb33cc7ef5c52565d58643e6805bb8a95460b32b4e26bea604e534d8983790b5e2a180fed88108b0f5a499d5f80b4e4047d9ecc03d21856a4ec0d0d41496d99dddfa9098d327d9559e82fceb2b1b1c7be309200691488d6616780cd4e9020865ef41a22175dc52d35dac1232ae1164d7fee64a50651978436207fca4a9026a8a903e7857324458b7e8a143e6fdac0823c8d1a3ac864ad2d0402344aee2511247e716436fe118e65455da74ef25627785638dfa4bf365840fe12fbf73f0d42bcc66efc8693855156f6151e49471e1b7cccbfb01344f76cca177551c73147c32615b53f74a0b7c7ac25b86a01ce3", 0x18e}, {&(0x7f0000000cc0)="f2a0f0f863621b483b19e7ecfce0d34e53fbf295927214684f4d69e90f0ec506442d2126c3f5ab0cdfd79dc1815274c3ee57068b3793c25fab48eb353478689f452328afb023f75f93229060bc2c82dd05d1e8c3a549a06e280ca4eaf77b4aed57a0c5f6120d25a3d5121895638ec5e2e600000000f5be12a64e075c60dd63e0b00e8f42bfb7671a56925477029cec7e7f16b358404edfb5e7a055fdeb2ba044d0d54e341d1d1ef1eb2c317f587f591626ceed08555ca0b2f31a3e7bf5ba7541db275e6a6b6501b87cc74c4804f6da7d3de93327287204cc97f9cb747576d2ab23a6e35c6da6b3240c92ae18b31cb6e7bc60066994e2cb401c76b1840d3e231621355f10ff35ea91ffd463228d000000000000000e454d3c36efee949f6311c6ad78b5a8f091d2ebb008925107e4a4584dab83f7f0cb5ad94266e71e2b7aaa01cf4f9f5e1d52e1e5086e9633cbee8126a200"/349, 0x15d}, {&(0x7f0000000700)="15c84609b06c6d85a5ca6f3a9a242f214aee4e7093161b717090c0c852a05393abd8992d91576f57bbd3488e85d8456d6c6c09de5c5228ee18819665861f01a2823a7cfa8e9260a5fe3921638db2dc5156149f86916810f913a944e1c8cd7fccb63f37900c5b287016e512b050ca214125b2217260c9ce3019e88b80985402ff7ca34be17e0dbda4f028cec9973a2b9eed83eee86f35f2c0adf50a04296e99c0f709fb3990aa5d0e74a125", 0xab}], 0x5, &(0x7f0000000580)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @loopback}}}], 0x20}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1b, 0x5, &(0x7f0000000580)=ANY=[@ANYRES8=r2], 0x0, 0x5b4230ff, 0x0, 0x0, 0x41100, 0x4e, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xf739}, 0x94)
r3 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @empty, 0xc7ec}, 0x1c)
r4 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000004c0)=ANY=[@ANYBLOB="581b0800", @ANYRES16, @ANYBLOB="04002dbd7000f2dbdf254f0000000c00839ced540000680000004c007a8008000400000000181c000200134ecc4d908540c3c8630b918a29360800040004005111335ced5fd94e0800040009000000080004000300000048007a801400010003d869f47d8c428eaa74b31794b4b314b5000400000000000c0003004180081ee4f88f1a080004000c0000000c0003007858754e3c504054080004000800000004007a8020007a800800040005000000140002002929590c"], 0xd8}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
sendmsg(r3, &(0x7f00000000c0)={0x0, 0x9521, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0x5dc}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

7.310761144s ago: executing program 4 (id=2549):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f00000001c0))
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, 0x0)
read$dsp(r0, &(0x7f00000000c0)=""/108, 0x6c)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(0xffffffffffffffff, 0x89f7, &(0x7f0000000040)={'sit0\x00', 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x80000001}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
socket$isdn(0x22, 0x3, 0x26)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = syz_io_uring_setup(0x3f58, &(0x7f0000000380)={0x0, 0xa8b6, 0x400, 0x3, 0x325}, &(0x7f0000000200), &(0x7f0000000300))
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000580)=""/2, 0x2}], 0x1)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f0000000240)={0x400, 0x30, 0xf0, 0x0, 0x0, 0x1f, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x100, 0x0, 0x7, 0x0, 0x5, 0x0, 0x0, 0x4000, 0x0, 0x0, 0x0, 0x16, 0x0, 0x3, 0xb})
r4 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
r5 = openat$proc_mixer(0xffffffffffffff9c, 0x0, 0x2c02c0, 0x0)
copy_file_range(r5, 0x0, r5, 0x0, 0x1, 0x0)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="a321ba1005f6523660ce0bed417c4a7d5c450d53a73fe3a7ce259ac0c3ec610936dcd60932442b613638f6f164f6e18c1ed259928e1f3c2b979b520717bc0da44c9a0616434a85456a01c6679b43a4f4e2ab7ccd072b6d8ecea865436481c57ffd1839aa13b5a8c8056047138eb1fc944d19ce571c29718c55687e4a458b2f53e03d5a836cc7b62e97af3046a11ad509538bb75ca6c929cd9314407c1b233a62532e4946f1fed9f893838bfd6ff5c8693dd80852cd904481620dab16b3230c60e7c110bb45fdf4681a2a0b3c7e61806d8f64b1a8171e78252e1b54350c64183fdc5b963db7afc61a68b991c8eb4d6ae75fbd2c3c23fb713c5cc6529552abd920549bb0ebe50b41f4f11c2f6f58904b38e86bc3af4bb8b10b661fe44cd6870736a598a17befeb6cfa93507a95dbfdc1eef1cacedaf8e9573c1b545e2bc9def4b7291cee4f485a65997ae3196170aa709ffb3fac59c09c259a0b545e5246c90cd008760d88ded79f5831d5ff0ad18011bcc072358cbc24c7302334994bf49bcebec85a0d08272eaa7b6a24e9786d028e9280746dcde1fdec0d3919ba51e2319f39e895a03a4640ca424b9a4593e6fefcbeeb2493809b5225d8a0eab9678339b2ea77205e70e8dd7fd919c3f5d398cc4f95c689aba4c2c8c367eca0832d5e69aec6d364284655f59fd0753d59eb5f6f6fa0d1eec8b66f087931db8c5bf020fb8b7b482ecc80766a011f8fc0cfff674035c5b0fe17c3b7dbf57e7afd4cda0fea12312e9462421e5bc33be70b3ef93d284dece7f8186bb6816955b0a42a2b3cc682b406b11af786380cc3c5067874a5e154a3ccefb1418483bb3178afc6877115e413c0b550b25013d3866916429fcf9146681515c9b5c7c17f6d7ecb96c3f6328a4799977b68d1e886fe681a25fd41d528ed9022ec9c2763594117bc2c00347aa7da2c868bb0186643560f00815695872682e46562a765b4ce98eab1ddaa14ab7df9d624cfa735441a2a39e7fd481880ce000345787a9a5969d542980d3b5ec81f30d3210d186b79f75b161ce72448347202518bc0cf107fc332e5b5b9740f9ad1c3cf1b35bab548010cb4678acae6e865c95351809a10bbec632d3bd7832373a01d87c0ba5dc0ac430fa9863aca3b8f58a196e03d79619781f1563c404a5e566829477e35cf1a7d9cd20f426c1579a6ade27232ed3df2f8746989179bca207f02a83e7cdb974cc577ad4ea71e1f18bc4ecc7f84659b6b011f39a54d631826d6c7ec01b791b9a034bc13bef86071c0b7217b11687273522824a152c745eedc358c52097e7135f68cfdd424301e9caba41aa219d9e04b4d3d014eab6d52c71fa1572ff8f2ed417f050cff6eeabcae2b26683e6b0cb18bccfd743e5ed232f2e3e73f965a114e9fa844d5d4f92b107a3ded5a9fa440efee1558873075d16eca56e86d5b97f2c5070fdac10fcd2b48a0730c58bce8629bd00cdb21a1f76ece0d0498d2dceab1c2697790950526220e7050720867a732647c2684132fb02cb49834ea552b06bf27926f0168f62faf28a0bacef639171035a5d894ae775e6a338c110422f6103fb264a7f418042a5817020b5645b2a6553f92734144f2aa9a822d092aee7d61e2c783f72e3c0645e447a14174c3afe41a23483a0a8a6cb7e8239c37436c272c2b5ff8ac5febe9a7cb3bebd030d95941bbc0f5b8b2be7683ebb88fb290b8da586a8b305f21c36b65ed0d2258660a6d44c1a8b402ff728acb04adb2e0b56d02d5e774827452fbdc5884d074c70bd4d0b847ad75030285ec91262c44f5e4c7872630f1075559ae9731f62704517c6a52c0f99a2bbbde73abc0aad65d4bf1052ee1b70ad11526055a88f5b6e68ed298d622622c5cc3e065d79d345e6d3870a3db88b44ad0f61ddf2a4b9750fccca7eca7b6c68e371232344eace924373b8b91c5544ccaeaeed9a063dfe835197576ce754791d9c3209458453f01dc3a75ac74cc7361b2ff3fb650ed78e465bebc62cc845e9f5b281b79209342862fa6f7a99d0a2d1ae93dc5d7dc99af23fd9d43e525df591a6952f021c8740142965c6bd3d917d51d530cbb30600c1ea10ad04c005d385ebd05f7327e5a69b9c80634f820530c24d57b48e8be1230822b756d6a01307e6a475ac7ab98f44ea49e72aca9545edd4e297da40201d6aa1dafc2d7e90f87e160077b3e4557a8590584bd47a5a8ab6245ae3a1930c7dee1957d580183b430713a9243d6ce8964642cbbe79acecd68f3e77002d4a098b55f03adaf9b5a9210471c77a360287e4e54fbba61a6e43a0283997ccd9e11d3420179f589984393487a28f01dd6c50f7a97d2adf639b24753b82709fa5153b5997f684d722dad7e131bfed8ded98452e5001a2c7d9aa8128dd2448532cb2a84704f426a27e974ede3b51b62c0c1d2744f3b04e2b00fa266db361e0c7f10470825f2cd1845a1b2b0857f6d15b0c64dff220ba7a0ce14fb3a7ebe1a2641fd256e84a04e006947a8bbcf3726471eb653722bca", @ANYRESOCT=r5], 0x102)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x22803)

7.060381492s ago: executing program 8 (id=2550):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20020008008f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x9, 0xb, &(0x7f0000000380)=ANY=[], 0x0, 0x10000, 0x0, 0x0, 0x40f00, 0xb, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000002240)={0x0, 0x18, 0xfa00, {0x10000, 0x0, 0x2, 0xa}}, 0x20)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/timer_list\x00', 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r5}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={&(0x7f0000000180), &(0x7f0000000440)=""/179, &(0x7f0000000500), &(0x7f00000006c0), 0x3, r5}, 0x38)
ioctl$SIOCSIFHWADDR(r4, 0x8924, &(0x7f0000002200)={'wg0\x00', @multicast})
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/mdstat\x00', 0x0, 0x0)
read$FUSE(r6, &(0x7f0000000180)={0x2020}, 0x2020)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r7, 0x117, 0x5, 0x0, 0x8)
r8 = accept4(r7, 0x0, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r8, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000740)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
recvmmsg(r8, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000500)=""/229, 0xe5}], 0x1}}], 0x2, 0x60, 0x0)
socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f00000021c0)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x80)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x38}}, 0x0)

6.985912518s ago: executing program 5 (id=2551):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20020008008f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x9, 0xb, &(0x7f0000000380)=ANY=[], 0x0, 0x10000, 0x0, 0x0, 0x40f00, 0xb, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2, 0xa}}, 0xffffffffffffffdf)
openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/timer_list\x00', 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={&(0x7f0000000180), &(0x7f0000000440)=""/179, &(0x7f0000000500), &(0x7f00000006c0), 0x3, r4}, 0x38)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/mdstat\x00', 0x0, 0x0)
read$FUSE(r5, &(0x7f0000000180)={0x2020}, 0x2020)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r6, 0x117, 0x5, 0x0, 0x8)
r7 = accept4(r6, 0x0, 0x0, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r7, &(0x7f0000001700)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000740)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
recvmmsg(r7, &(0x7f0000000180)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000500)=""/229, 0xe5}], 0x1}}], 0x2, 0x60, 0x0) (fail_nth: 2)
socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f00000021c0)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x80)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x38}}, 0x0)

6.332501963s ago: executing program 5 (id=2552):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
mq_timedreceive(r0, &(0x7f0000000340)=""/224, 0xe0, 0x1, 0x0)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
write$binfmt_format(r0, &(0x7f0000000100)='0\x00', 0x2)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
accept4(r1, 0x0, 0x0, 0x80000)
mprotect(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000003)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r0, &(0x7f0000000300)="ca0e808bb35b", 0x6)
r3 = memfd_create(&(0x7f0000000300)='\x00\xac=W[[\x87\x12\x04\xd5\xbc\x80K\x06\xcd]4(\xa2\xee2A7:n\x8c\xa7P\x1a\x87\xd9c\xecR\xd6\xe8\xf3Y\x12\"p^\xc1\x0f\x00\x00\x00\x00\x00\x00\x00t\x00\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x19M\xc2N%\x93t[\xf3\xee\xa4\xb4\xfbf\x8dz7\\\x8e\xac\x18\x00\xfd\x89\xe1d\xfa\xcfb\xf3\xdc\xd4CY\x9a\xef\xa3\\\xa7\xa9^\xafL:[\x8e\x83U\xff\xfd\xff\xfa\xdaL\xa99\x9b\xcfA\xe4n\xa0^\n\x1c\x84\x04\xc5a\xdf\xe5\xd4Hyn\xba:/\xa5\xf4\xaa\xfa\xcd\xc7T\x83\xf5N^\xf2n\xd0=\xb9\t\xdd-F\xacb\xac \xd3\xccj\x13\xa2\x9fLu\'\xed\x91\x867\xaa\xf5\xa0]\xb6\xaa\xea\xfd\xde\xa6\xec\b\x16\x86l:;\xf9\xdb\xcf\x88\"\xca\xe0E\xdb\xec\xf9\xb3\xed\a\x00\x00\x00\x00\x00\x00\x00\xd6.\xf7\x92\xc42\xdf\xefE\xce}\x1b\xda\xdd?\n6\xe1\xb1\xd8Y\x960\xd1\x00\x00\x00\x00\x00\x00MW\x8f\xc6\x82\xe4\x15\xf7\xe9\xd8\xc5b\x0e\x91\xc5\xc76$\x18\xa4\xbe\xe8V\x8d-\xe3\x8fC\xd5\xf5\xd6L\xe3\xce\xa1\x8dz\xce\xa7\xa5\xc8\xcbhM\x1b\xf8\x98\xc4\xfbD6\x88\xfd\xe5i\x8a\xd8\xcfm\x81Z\x19\xf0\xef\xc15\xe8\xcb\xf5\t\t\x00\x17\xfa\x1fqb\xe7\"\xcb4\xb8\xe5/\xd52\x17\x12\x1d\xd8\x87\xb9|\x8d\x83\xea\xcc\x94\xebZ\xae\xaf\x19\xa4\xb2\xc6\xe1\x926B\xb6\x89Z\xa9\xb5/\xbb\x9d&\xeeO\xb3\xb3\xd4\bB\xa9f\x84\xad\t\x1a\xc2\xd5\x88\xbfo\x80V\x93\x9fl\xd7\xff\x03\xb7J\xed\x183\xe3\x7f\xfaq,\xca\x06\xb0\xc9\x92\x93\xa5I\x89\xb7\x85\x90\xb7\x1b0\xce\xd7!\x8fD\x96\xe1 ^>\x9f\x04\x89<\xb7S\x7f\x1a\x88\xab$\xd3y\xc2\xe1\x99\xbch\xd3\x83\xcd\x7f\xc5n\xb1\xc1X \x90\xbb\x1f\x01\x90\xb1O\x8d\x7f\xa8\xd4\xdbO\xef\x99\xf3\xd3M\x0f\t\x7f\n,\x84\x1f\xfa\xe2\xc8\x99\x97Oq\xae\x9b\x86h\xfa3\xb9\xfd\xbb\xd4^\xc0t\xa7]Y\xe9\x7f[\x11\xb1\xf3m\x17F\x9d\x18\xe2\xe1\x01\xb6f=-?\xbcI\xf2\xd9\xc4>-\xc0E\x9a\x82\xcc7S\xd4\xb6\'\xd2DY\xa5\x83,\xd1\xbc\xc7\xf6\xe0\x1f o\x06\xc2t\x14\xc2\xe0\x92\xc1\x8a\x85>@\xc9\xb0% \xc7\x13l\x8bJ\xe5\xec\x1dE\xf5\xc5\xe2\xe3\x10G7r#\xbc\x95&\x14\x1e\x97\xce\x83>Q@\xfb\xeb=\x1e\xb3\xd5H\x02\x86\xc6\xf3\xe1i\\\x1d\xf4\xc1\xacJC+\xc8}\x1b{\x86\x17\x00\n\"\xec\xa5x\xe6\xb1i\xeb\xb3\xb7I\x90\x9eai\xde\x01\xdc\xfeA\x05Sn\xe6\xe8^\xdf\x8c`\x17\xca\xbd\\QG\xb15\x82*=\xbd\xe9\xaf\x12<\xd7\xe1$\xa4\xdaU\xfb^\xd8!\xacxy\xd5X\xef\x03\xa7\x10\xa1C#S~\x0f\x17\t>X\\mv0\x9eZ\x89\xf4\xae\a\xc8\x16\xd2o\x16\xf3X%Q\xbd\xe9\x86V\xf2\x99^0\xe8xI(\xde-\x04s\x15\x06#2\xef\xef@\xa3t0d^^\xad\xf6\xad\xe0\x16\xf6\xa8\x99!\x0e\x9d+;D&\xebN\x94\x12\x04\x95o\xd6\x9fl\xcb\x16gc\xf5(\xaa_\xec\x9aiE\f\xd4\xc6\xf2\xae\x85n\x995\xcd\xa7\xbb\xf0pz\xff\x0f\x00\x00\x00\x00\x00\x00Li\r\x95Z\x89\"_\xe4\xba\xd4\x93\xab\xe1\xb9\xd8E[\xbb\xc9.M+\xbe\x81<z\xf2\xe8\xf4\x93\xe6h\x97\x7f\xaf\xc5\x06g\fI\xa5\xed\x05\x12\x0f\x0eu\xe5 \xfe\xcdMX\xb5X\x838\xf5\x18x\xc9\xb9\x03\t\x06\x96g\x8a5\xb0\xc8\x86\x14\xe2\x01\x1f\x80\xe7Ol\xba\x93\xaa\x15\x87I7W\x87\xc4;p\xc5\x1e\"K5r\xec6\xac\xf0\x1f\xf8 \xad\xc9\xf0\x16\xce\x17\xa1%f\x12\x80\x03N[qz\xf0q\xbd\xb8s\xe5>N\xd2\xae\xf4\x18\xd0\xe7\x98\x90,\xce\ft\xc4\xc7\x02\xaa\xc7\xeb1;\x86b)\x12{k#c\x1d@\xc31\x00\xd2}f\x8cX\xce\xed\xa4\xe4\xca\x00\x00\x00\x00\x00\x03\xfcWZ!<\x16a5ZL.\xe6\x15]\xebY\xaa\xbea\x8e\xdc\xc52r\"\xea\x9e\x03\x11&\xc3JU\xa7\xd6\x8a\xf8\xae>S\xde', 0x0)
write(r3, &(0x7f0000000140)='/', 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x300000e, 0x11, r3, 0x0)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(0xffffffffffffffff, 0x7a5, 0x0)
ioctl$FIOCLEX(0xffffffffffffffff, 0x5451)
r4 = openat2(0xffffffffffffffff, &(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000002fc0)={0x0, 0x0, 0x21}, 0x18)
process_vm_readv(0x0, 0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x0)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0x7, 0x5], &(0x7f0000000240), 0x0, 0x2}}, 0x40)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f00000004c0)={0x2, 0x0, &(0x7f0000000280)=""/35, &(0x7f0000000600)=""/4096, &(0x7f0000000440)=""/122, 0x2000})
lsetxattr$trusted_overlay_nlink(&(0x7f0000000500)='./file0\x00', &(0x7f0000000540), &(0x7f0000000580)={'U+', 0xf}, 0x16, 0x2)
syz_clone(0x7388280, 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = syz_io_uring_setup(0x239, &(0x7f0000001240)={0x0, 0x0, 0x10100}, &(0x7f0000001140)=<r7=>0x0, &(0x7f0000001200)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f0000000380)=@IORING_OP_CONNECT={0x10, 0x49, 0x0, r4, 0x80, &(0x7f00000026c0)=@generic={0x5, "71b8ad948580ff086ab88891fc14d7116593133a73087bfd65eab6b3364448c0bcf3b7ec38b100fe1f69712b0256c0306467caf40b2629ca48c644a9337034b119d4eab420b4cd89f56d41c7b9065b93eed8c628aee88a9abd59f72f96f50223f62c4f96c52f035186d4f09cf06d9386259302103c388a883d5ae588ce8c"}})
io_uring_enter(r6, 0x2def, 0xf98d, 0x0, 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r10, 0x0, 0x4)
syz_kvm_setup_cpu$x86(r9, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)

5.956082863s ago: executing program 8 (id=2553):
syz_emit_ethernet(0x7e, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, '\x00', 0x48, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x2c}, @private2, {[@routing={0x2f, 0x8, 0x1, 0x43, 0x0, [@private0, @remote, @private1, @empty]}]}}}}}, 0x0)

5.892973675s ago: executing program 5 (id=2554):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000200)={0x2, 0x4e21, @empty}, 0x10)
openat(0xffffffffffffffff, &(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2440, 0x21)
fchdir(0xffffffffffffffff)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/12], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
sendmsg$inet_sctp(r1, &(0x7f0000000140)={&(0x7f0000000340)=@in={0x2, 0x4e22, @local}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)='\x00', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x4000891) (fail_nth: 21)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f00000000c0)={0x2, 0x0, 0x807, 0xfffffff8}, 0x10)

5.782883217s ago: executing program 8 (id=2555):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
r0 = gettid()
pselect6(0x40, &(0x7f0000000040)={0x1}, 0x0, 0x0, 0x0, 0x0)
rt_sigqueueinfo(r0, 0x21, &(0x7f0000000040)={0x0, 0x0, 0xfffffffb})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
unshare(0x2040400)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000), 0x4)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000001700)=ANY=[@ANYBLOB="160000000000000061b1000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r3}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$MAP_LOOKUP_ELEM(0x15, &(0x7f0000000200)={r3, 0x0, &(0x7f0000002740)=""/4096}, 0x20)

5.726999692s ago: executing program 4 (id=2556):
syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x893, &(0x7f0000000140)={0x0, 0x6184, 0x800, 0x2, 0x92}, &(0x7f00000000c0)=<r4=>0x0, &(0x7f0000000380)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x85c3}})
io_uring_enter(r3, 0x7323, 0x0, 0x5, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000001280)={'wpan1\x00'})
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x4000)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, 0x0, 0xc000)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/devices.allow\x00', 0x2, 0x48)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/softlockup_count', 0x880, 0x0)
io_setup(0x3, &(0x7f0000000400)=<r8=>0x0)
pipe(&(0x7f00000045c0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
vmsplice(r10, &(0x7f00000001c0)=[{&(0x7f0000000180)="27a8a7", 0x3}, {&(0x7f0000000240)="704475afa9", 0x5}], 0x2, 0x1)
r11 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r11, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts(cbc(aes))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r11, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18)
r12 = accept4(r11, 0x0, 0x0, 0x0)
splice(r9, 0x0, r12, 0x0, 0x66, 0xc)
r13 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r13}, 0x10)
io_submit(r8, 0x1, &(0x7f0000000340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0xe11, r7, 0x0, 0x0, 0x6, 0x0, 0x0, r7}])

5.596270478s ago: executing program 1 (id=2557):
semget(0x3, 0x1, 0x28f)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
write$vhost_msg_v2(0xffffffffffffffff, 0x0, 0x0)
write$vhost_msg_v2(0xffffffffffffffff, &(0x7f0000000640)={0x2, 0x0, {&(0x7f0000000280)=""/110, 0x6e, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg_v2(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x0, {&(0x7f0000000280)=""/184, 0xb8, 0x0, 0x2, 0x3}}, 0x48)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB="8000000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c00028005000100000000000800074000000000080003400000100e1400"], 0x80}}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x8e, 0x88, 0x5, 0x20, 0x8086, 0x9500, 0xb6d8, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x1, 0x0, 0x0, 0x15, 0xcc, 0x1c}}]}}]}}, 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f00000000c0)={&(0x7f00000002c0)=[{0x6, 0x10, 0x0, 0x0}, {0x3, 0x4011, 0x0, 0x0}, {0x2, 0x1610, 0x0, 0x0}], 0x3})
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r4 = dup3(r3, r2, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r5, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r5, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0x4})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000280)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000100)={@flat=@weak_binder={0x77622a85, 0x1000, 0x2}, @fd={0x66642a85, 0x0, r2}, @flat=@binder={0x73622a85, 0x1000}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000680)={0x44, 0x0, &(0x7f00000004c0)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})
syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
lseek(r6, 0x851, 0x400000000000000)

5.487924621s ago: executing program 7 (id=2558):
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x48082)
ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(r0, 0xc0305615, &(0x7f0000000040)={0x0, {0xfffffc00, 0x7}})
write$vhost_msg_v2(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, {0x0, 0x0, 0x0, 0x3, 0x4}}, 0x48)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x5, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x48055}, 0x44040)
io_setup(0x8, &(0x7f0000000540)=<r1=>0x0)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
io_submit(r1, 0x1, &(0x7f0000000340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x8, 0x4, r2, &(0x7f0000000080)="01fd0000fe", 0x5, 0x2a25}])

4.729640188s ago: executing program 5 (id=2559):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000940), 0x81000, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdir(&(0x7f0000000140)='./file1\x00', 0x89)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
quotactl_fd$Q_SETQUOTA(r5, 0xffffffff80000800, 0x0, 0x0)
ioctl$PTP_SYS_OFFSET(r0, 0x43403d05, 0x0)

4.279245821s ago: executing program 8 (id=2560):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d4", 0x5)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendmsg$alg(r2, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x40010}, 0x14000012)
sendmsg$nl_route_sched_retired(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001140)=@deltfilter={0x7c, 0x2d, 0x20, 0x70bd2d, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x5, 0x5}, {0x1d9ba4b37f621188, 0xfff3}, {0x1, 0xa}}, [@f_tcindex={{0xc}, {0x4c, 0x2, [@TCA_TCINDEX_SHIFT={0x8}, @TCA_TCINDEX_FALL_THROUGH={0x8, 0x4, 0x1}, @TCA_TCINDEX_ACT={0x38, 0x7, [@m_ctinfo={0x34, 0x11, 0x0, 0x0, {{0xb}, {0x4}, {0x5, 0x6, "f5"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x4}, 0x80)
recvmmsg$unix(r2, &(0x7f0000003680)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)=""/18, 0x12}, {&(0x7f00000000c0)=""/104, 0x68}], 0x2}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f00000005c0)=""/180, 0xb4}], 0x1}}], 0x2, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = syz_open_dev$MSR(&(0x7f0000000040), 0x547, 0x0)
read$msr(r4, &(0x7f0000000500)=""/119, 0x77)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
r5 = syz_io_uring_setup(0x117, &(0x7f0000000100)={0x0, 0x0, 0x80, 0x2000000, 0x3a6}, &(0x7f00000001c0)=<r6=>0x0, &(0x7f0000000200)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000240)=0xffff7c00, 0x0, 0x4)
r8 = io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
syz_io_uring_submit(r6, r7, &(0x7f00000000c0)=@IORING_OP_ASYNC_CANCEL={0xe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, {0x0, r8}})
io_uring_enter(r5, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0)

4.028058477s ago: executing program 4 (id=2561):
r0 = socket(0xa, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'veth0_macvtap\x00'})
sendmmsg$sock(0xffffffffffffffff, 0x0, 0x0, 0x20004874)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xc, 0x13, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000055a60701000000000100000018110000", @ANYRES32=r1, @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000030000008500000086000000bf91000000000000b702000000deffff8400000085000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0xfca804a0, 0x6, 0x8, &(0x7f00000002c0)="b80000050000", &(0x7f0000000300)=""/8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$caif_seqpacket(0x25, 0x5, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r4, 0x0, 0x0, 0x0, 0x40, 0x1})
io_uring_enter(0xffffffffffffffff, 0x47f9, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000000)={0x3, {{0xa, 0x4e24, 0x2, @mcast1, 0xff7ffffd}}, {{0xa, 0x4e21, 0x4a3, @local, 0x4ef}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000002c0)=ANY=[@ANYBLOB="03000000000000000a004e230000000cff010000000000000000000000000001f8ffffff00000000000000000000000000000000000000002000"/106], 0x210)

1.662696931s ago: executing program 5 (id=2562):
r0 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r2, 0xc0884113, &(0x7f0000000240)={0x1, 0x80, 0x200, 0x10001, 0x7fe, 0x8, 0x40009, 0x6, 0x4, 0x2c, 0x1})
syz_usb_connect(0x2, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0xca, 0x20, 0x5c, 0x40, 0x525, 0xa4a0, 0xc866, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x1, 0x0, 0x0, [{{0x9, 0x4, 0x8a, 0x0, 0x0, 0xc2, 0x88, 0x2b}}]}}]}}, 0x0)
ioctl$SNDRV_PCM_IOCTL_REWIND(r2, 0x40084146, 0x0)

1.603048837s ago: executing program 1 (id=2563):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000002800)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x6c, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r2, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
socket$inet_tcp(0x2, 0x1, 0x0)
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_NAME_TYPE_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000340)={0x6, 'veth0_vlan\x00', {0x1}})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r3 = gettid()
timer_create(0x6, &(0x7f0000533fa0)={0x0, 0x25, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
prlimit64(r3, 0xe, &(0x7f0000000140)={0xa, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="020000000400000008"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000002010000000b7080000000000007b8af8ff00000000b7080000080000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r7, @ANYBLOB], 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/mem_sleep', 0x101a02, 0x0)
copy_file_range(r8, &(0x7f0000000000)=0x7, r8, 0x0, 0x7, 0x0)

1.06723358s ago: executing program 7 (id=2564):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000040}, 0x80)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r0, {}, 0xa}}, 0x26)
getsockopt$sock_buf(r1, 0x1, 0x1c, 0x0, &(0x7f00000001c0))
socket$kcm(0x2, 0x5, 0x84)
sched_setscheduler(0x0, 0x2, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r5, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r6, 0x400455c8, 0x5000000)

929.738465ms ago: executing program 8 (id=2565):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f00000001c0)={'filter\x00', 0x7, 0x4, 0x3f0, 0x110, 0x1f8, 0x2, 0x110, 0x308, 0x308, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local, @empty, @multicast2, @empty}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@multicast, @multicast2, @dev}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
r1 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000007200)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @remote, @val={@void, {0x8100, 0x0, 0x0, 0x2}}, {@ipv6={0x86dd, @dccp_packet={0x9, 0x6, "0ef3b1", 0x10, 0x21, 0x0, @mcast1, @empty, {[], {{0x4e24, 0x4e21, 0x4, 0x1, 0x0, 0x0, 0x0, 0x3, 0x0, "704ad0", 0xb, "cd88b9"}}}}}}}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000072000000850000000f00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='sys_enter\x00', r2}, 0x18)
sendmsg$nl_route(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000000200025a729bd7000fddbdf250a0000cdff00000102000100b30f82e39029031abfc230cac75d8d90e021bec4000413886941cb8d3ab2e96b8968bef9d631a525bdfea162b2dc1b6bf710b4bd8b8bff8548865933e47f6325fc9bcd"], 0x1c}, 0x1, 0x0, 0x0, 0x20008081}, 0x0)

213.452831ms ago: executing program 4 (id=2566):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='map_files\x00')
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1, 0x0, 0xfffffffffffffffc}, 0x18) (async, rerun: 32)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) (async, rerun: 32)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7) (async)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
openat$kvm(0x0, 0x0, 0x2382, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000380)=@o_path={&(0x7f00000000c0)='./file0\x00', 0x0, 0x20, r0}, 0x12)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000240)={0x1, @pix={0x7fffffff, 0xcf28, 0x584e4f53, 0x2, 0x3, 0x7fff, 0x2, 0xffff2816, 0x0, 0x6, 0x1, 0x3}})
bpf$PROG_LOAD(0x5, 0x0, 0x0) (async)
fspick(0xffffffffffffffff, &(0x7f0000000180)='./file1\x00', 0x1) (async)
r6 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0) (async)
r7 = syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
r8 = dup3(r6, r7, 0x0)
ioctl$MON_IOCG_STATS(r8, 0x40189206, &(0x7f0000000180))
syz_io_uring_setup(0x1e1e, 0x0, &(0x7f0000000440)=<r9=>0x0, 0x0) (async)
r10 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000004c0), 0x2000, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r10, 0x40085112, &(0x7f0000000000)=@n={0x3, 0x6c, @SEQ_NOTEON=@special, 0x3})
syz_io_uring_submit(r9, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0xc040) (async, rerun: 32)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) (rerun: 32)

0s ago: executing program 1 (id=2567):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$IPVS_CMD_ZERO(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)={0x44, r2, 0x1, 0x0, 0x0, {}, [@IPVS_CMD_ATTR_SERVICE={0x30, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_ADDR={0x13, 0x3, @ipv6=@ipv4={'\x00', '\xff\xff', @multicast1}}, @IPVS_SVC_ATTR_PROTOCOL={0x6}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_PORT={0x6}]}]}, 0x44}}, 0x0) (fail_nth: 12)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x1, 0x803, 0x0)
r6 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r6, 0x4068aea3, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r6, 0x4008ae6a, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000000)={0x0, 0x408c})
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[], 0x48)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0xe4, &(0x7f0000000000)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300, 0x1003200}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x44}}, 0x0)

kernel console output (not intermixed with test programs):

kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  866.060581][ T8772] team0 (unregistering): Port device team_slave_1 removed
[  866.966198][ T8772] team0 (unregistering): Port device team_slave_0 removed
[  869.369758][ T5840] lo speed is unknown, defaulting to 1000
[  869.375727][ T5840] infiniband syz0: ib_query_port failed (-19)
[  869.471275][T12731] overlayfs: failed to resolve './file0': -2
[  870.069915][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  870.667149][T12737] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1793'.
[  870.979655][T12518] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  871.110454][T12518] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  871.145306][T12518] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  871.304485][T12518] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  871.321517][ T8772] IPVS: stop unused estimator thread 0...
[  872.255829][T12753] sctp: failed to load transform for md5: -2
[  872.342944][   T24] usb 6-1: new low-speed USB device number 13 using dummy_hcd
[  872.548333][   T24] usb 6-1: device descriptor read/64, error -71
[  872.872329][   T24] usb 6-1: new low-speed USB device number 14 using dummy_hcd
[  873.140734][   T24] usb 6-1: device descriptor read/64, error -71
[  873.952347][T12772] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1799'.
[  874.123784][   T24] usb usb6-port1: attempt power cycle
[  875.110943][T12518] 8021q: adding VLAN 0 to HW filter on device bond0
[  875.158802][T12518] 8021q: adding VLAN 0 to HW filter on device team0
[  875.187024][T10672] bridge0: port 1(bridge_slave_0) entered blocking state
[  875.194217][T10672] bridge0: port 1(bridge_slave_0) entered forwarding state
[  875.251240][T12783] 9pnet_fd: Insufficient options for proto=fd
[  875.260329][T10672] bridge0: port 2(bridge_slave_1) entered blocking state
[  875.267621][T10672] bridge0: port 2(bridge_slave_1) entered forwarding state
[  876.226720][   T24] usb 6-1: new full-speed USB device number 15 using dummy_hcd
[  876.330358][   T24] usb 6-1: config 0 has an invalid interface number: 138 but max is 0
[  876.401801][   T24] usb 6-1: config 0 has no interface number 0
[  876.482780][   T24] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=c8.66
[  876.563288][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  876.742846][   T24] usb 6-1: config 0 descriptor??
[  877.058201][   T24] usb 6-1: string descriptor 0 read error: -71
[  877.067143][   T24] usbtest 6-1:0.138: couldn't get endpoints, -22
[  877.073604][   T24] usbtest 6-1:0.138: probe with driver usbtest failed with error -22
[  877.084251][   T24] usb 6-1: USB disconnect, device number 15
[  877.408602][T12518] 8021q: adding VLAN 0 to HW filter on device batadv0
[  877.852279][ T5960] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  878.553198][ T5960] usb 5-1: Using ep0 maxpacket: 8
[  878.712089][ T5960] usb 5-1: config 0 has an invalid interface number: 112 but max is 1
[  878.845742][ T5960] usb 5-1: config 0 has an invalid interface number: 17 but max is 1
[  878.858240][ T5960] usb 5-1: config 0 has no interface number 0
[  878.865203][ T5960] usb 5-1: config 0 has no interface number 1
[  879.218773][ T5960] usb 5-1: New USB device found, idVendor=04c1, idProduct=009d, bcdDevice=1f.14
[  879.236804][ T5960] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  879.340955][ T5960] usb 5-1: Product: syz
[  879.374650][ T5960] usb 5-1: Manufacturer: syz
[  879.383129][ T5960] usb 5-1: SerialNumber: syz
[  879.415152][ T5960] usb 5-1: config 0 descriptor??
[  879.850973][T12828] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1812'.
[  880.460740][   T24] usb 5-1: USB disconnect, device number 31
[  881.550162][T12518] veth0_vlan: entered promiscuous mode
[  881.595585][T12518] veth1_vlan: entered promiscuous mode
[  883.100123][T12518] veth0_macvtap: entered promiscuous mode
[  883.144980][T12518] veth1_macvtap: entered promiscuous mode
[  883.196155][T12518] batman_adv: batadv0: Interface activated: batadv_slave_0
[  883.322917][T12852] FAULT_INJECTION: forcing a failure.
[  883.322917][T12852] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  883.336110][T12852] CPU: 0 UID: 0 PID: 12852 Comm: syz.1.1817 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  883.336137][T12852] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  883.336150][T12852] Call Trace:
[  883.336158][T12852]  <TASK>
[  883.336168][T12852]  dump_stack_lvl+0x189/0x250
[  883.336197][T12852]  ? __pfx____ratelimit+0x10/0x10
[  883.336220][T12852]  ? __pfx_dump_stack_lvl+0x10/0x10
[  883.336245][T12852]  ? __pfx__printk+0x10/0x10
[  883.336272][T12852]  ? __might_fault+0xb0/0x130
[  883.336306][T12852]  should_fail_ex+0x414/0x560
[  883.336334][T12852]  _copy_from_user+0x2d/0xb0
[  883.336363][T12852]  __sys_bpf+0x1ed/0x860
[  883.336398][T12852]  ? __pfx___sys_bpf+0x10/0x10
[  883.336442][T12852]  ? ksys_write+0x22a/0x250
[  883.336462][T12852]  ? __pfx_ksys_write+0x10/0x10
[  883.336475][T12852]  ? rcu_is_watching+0x15/0xb0
[  883.336500][T12852]  __x64_sys_bpf+0x7c/0x90
[  883.336532][T12852]  do_syscall_64+0xfa/0x3b0
[  883.336549][T12852]  ? lockdep_hardirqs_on+0x9c/0x150
[  883.336567][T12852]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  883.336584][T12852]  ? clear_bhb_loop+0x60/0xb0
[  883.336604][T12852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  883.336620][T12852] RIP: 0033:0x7fc00e58eb69
[  883.336635][T12852] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  883.336649][T12852] RSP: 002b:00007fc00f485038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  883.336666][T12852] RAX: ffffffffffffffda RBX: 00007fc00e7b6160 RCX: 00007fc00e58eb69
[  883.336679][T12852] RDX: 0000000000000038 RSI: 0000200000000200 RDI: 0000000000000018
[  883.336689][T12852] RBP: 00007fc00f485090 R08: 0000000000000000 R09: 0000000000000000
[  883.336700][T12852] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  883.336710][T12852] R13: 0000000000000000 R14: 00007fc00e7b6160 R15: 00007fffe61d55c8
[  883.336734][T12852]  </TASK>
[  883.742673][T12518] batman_adv: batadv0: Interface activated: batadv_slave_1
[  883.765037][T12518] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  883.780814][T12853] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  883.938841][T12518] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  883.974911][T12518] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  884.005320][T12518] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  884.382349][ T8772] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  884.410916][ T8772] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  885.381651][ T5960] usb 2-1: new full-speed USB device number 28 using dummy_hcd
[  886.698001][ T5960] usb 2-1: config 0 has an invalid interface number: 138 but max is 0
[  886.706241][ T5960] usb 2-1: config 0 has no interface number 0
[  886.706753][ T8778] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  886.731978][ T5960] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=c8.66
[  886.756878][ T5960] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  886.759648][ T8778] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  886.772530][ T5960] usb 2-1: config 0 descriptor??
[  887.353562][ T5960] usb 2-1: string descriptor 0 read error: -71
[  887.379106][ T5960] usbtest 2-1:0.138: couldn't get endpoints, -22
[  887.410398][ T5960] usbtest 2-1:0.138: probe with driver usbtest failed with error -22
[  887.436981][ T5960] usb 2-1: USB disconnect, device number 28
[  888.831380][T12889] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1828'.
[  888.836970][T12887] binder: 12886:12887 ioctl c018620c 200000000640 returned -22
[  889.439406][T12899] vivid-000: disconnect
[  889.925142][T12899] vivid-000: reconnect
[  890.087235][   T24] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  890.317117][   T24] usb 7-1: Using ep0 maxpacket: 32
[  890.362904][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[  891.086644][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  891.101920][   T24] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  891.124087][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  891.135795][   T24] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  891.358114][   T24] usb 7-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[  891.371634][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  891.379886][   T24] usb 7-1: Product: syz
[  891.384082][   T24] usb 7-1: Manufacturer: syz
[  891.388847][   T24] usb 7-1: SerialNumber: syz
[  891.398468][   T24] usb 7-1: config 0 descriptor??
[  891.406172][T12892] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  891.424650][   T24] input: Generic X-Box pad as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input32
[  891.445208][ T5190] xpad 7-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  891.452017][T12906] xt_connbytes: Forcing CT accounting to be enabled
[  891.482916][T12906] set match dimension is over the limit!
[  891.496993][ T5190] xpad 7-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  891.546200][ T5190] xpad 7-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  891.583892][ T5190] xpad 7-1:0.0: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  892.717023][   T30] kauditd_printk_skb: 44 callbacks suppressed
[  892.717296][   T30] audit: type=1326 audit(1754375956.554:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12891 comm="syz.6.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dad38eb69 code=0x7ffc0000
[  892.779337][   T30] audit: type=1326 audit(1754375956.554:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12891 comm="syz.6.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dad38eb69 code=0x7ffc0000
[  892.803940][   T30] audit: type=1326 audit(1754375956.554:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12891 comm="syz.6.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dad38eb69 code=0x7ffc0000
[  892.832369][   T30] audit: type=1326 audit(1754375956.594:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12891 comm="syz.6.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dad38eb69 code=0x7ffc0000
[  892.858040][   T30] audit: type=1326 audit(1754375956.594:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12891 comm="syz.6.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=228 compat=0 ip=0x7f7dad38eb69 code=0x7ffc0000
[  892.930001][   T30] audit: type=1326 audit(1754375956.594:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12891 comm="syz.6.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dad38eb69 code=0x7ffc0000
[  893.847102][   T30] audit: type=1326 audit(1754375956.594:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12891 comm="syz.6.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dad38eb69 code=0x7ffc0000
[  893.870317][   T30] audit: type=1326 audit(1754375956.594:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12891 comm="syz.6.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dad38eb69 code=0x7ffc0000
[  893.892814][   T30] audit: type=1326 audit(1754375956.594:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12891 comm="syz.6.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dad38eb69 code=0x7ffc0000
[  894.029526][   T30] audit: type=1326 audit(1754375956.594:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12891 comm="syz.6.1830" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f7dad38eb69 code=0x7ffc0000
[  894.309682][ T5931] usb 7-1: USB disconnect, device number 3
[  895.454230][T12938] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1845'.
[  896.556317][T12969] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1853'.
[  899.302826][T12991] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1860'.
[  899.609834][T13000] netlink: 'syz.4.1863': attribute type 21 has an invalid length.
[  899.634068][T13000] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1863'.
[  899.645311][T13000] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1863'.
[  904.259044][T13039] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1871'.
[  904.771662][T13041] netlink: 48 bytes leftover after parsing attributes in process `syz.7.1872'.
[  905.317719][T13054] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1877'.
[  905.357554][T13054] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  905.381428][T13054] 9pnet_fd: Insufficient options for proto=fd
[  905.640368][T13059] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1878'.
[  905.649715][T13059] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1878'.
[  905.951387][   T24] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  906.137557][   T24] usb 2-1: Using ep0 maxpacket: 16
[  906.184805][   T24] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  906.246115][   T24] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  906.280129][   T24] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  906.816583][   T24] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  906.825693][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  906.911575][   T24] usb 2-1: Product: syz
[  906.915829][   T24] usb 2-1: Manufacturer: syz
[  906.933997][   T24] usb 2-1: SerialNumber: syz
[  907.941110][   T24] usb 2-1: 0:2 : does not exist
[  907.961618][   T24] usb 2-1: 1:0: failed to get current value for ch 0 (-22)
[  908.006137][   T24] usb 2-1: USB disconnect, device number 29
[  908.248475][T13085] Bluetooth: (null): Invalid header checksum
[  908.367808][T13089] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1888'.
[  908.454952][T13093] FAULT_INJECTION: forcing a failure.
[  908.454952][T13093] name failslab, interval 1, probability 0, space 0, times 0
[  908.469830][T13093] CPU: 0 UID: 0 PID: 13093 Comm: syz.7.1890 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  908.469858][T13093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  908.469880][T13093] Call Trace:
[  908.469888][T13093]  <TASK>
[  908.469897][T13093]  dump_stack_lvl+0x189/0x250
[  908.469925][T13093]  ? __pfx____ratelimit+0x10/0x10
[  908.469948][T13093]  ? __pfx_dump_stack_lvl+0x10/0x10
[  908.469972][T13093]  ? __pfx__printk+0x10/0x10
[  908.470005][T13093]  ? __pfx___might_resched+0x10/0x10
[  908.470034][T13093]  should_fail_ex+0x414/0x560
[  908.470062][T13093]  should_failslab+0xa8/0x100
[  908.470086][T13093]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  908.470108][T13093]  ? __alloc_skb+0x112/0x2d0
[  908.470142][T13093]  __alloc_skb+0x112/0x2d0
[  908.470175][T13093]  netlink_sendmsg+0x5c6/0xb30
[  908.470216][T13093]  ? __pfx_netlink_sendmsg+0x10/0x10
[  908.470256][T13093]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  908.470276][T13093]  ? __pfx_netlink_sendmsg+0x10/0x10
[  908.470307][T13093]  __sock_sendmsg+0x21c/0x270
[  908.470336][T13093]  ____sys_sendmsg+0x505/0x830
[  908.470374][T13093]  ? __pfx_____sys_sendmsg+0x10/0x10
[  908.470417][T13093]  ? import_iovec+0x74/0xa0
[  908.470450][T13093]  ___sys_sendmsg+0x21f/0x2a0
[  908.470485][T13093]  ? __pfx____sys_sendmsg+0x10/0x10
[  908.470558][T13093]  ? __fget_files+0x2a/0x420
[  908.470580][T13093]  ? __fget_files+0x3a0/0x420
[  908.470615][T13093]  __x64_sys_sendmsg+0x19b/0x260
[  908.470650][T13093]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  908.470698][T13093]  ? __pfx_ksys_write+0x10/0x10
[  908.470716][T13093]  ? rcu_is_watching+0x15/0xb0
[  908.470745][T13093]  ? do_syscall_64+0xbe/0x3b0
[  908.470773][T13093]  do_syscall_64+0xfa/0x3b0
[  908.470794][T13093]  ? lockdep_hardirqs_on+0x9c/0x150
[  908.470816][T13093]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  908.470837][T13093]  ? clear_bhb_loop+0x60/0xb0
[  908.470863][T13093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  908.470889][T13093] RIP: 0033:0x7fba7338eb69
[  908.470907][T13093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  908.470925][T13093] RSP: 002b:00007fba74132038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  908.470947][T13093] RAX: ffffffffffffffda RBX: 00007fba735b5fa0 RCX: 00007fba7338eb69
[  908.470963][T13093] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  908.470976][T13093] RBP: 00007fba74132090 R08: 0000000000000000 R09: 0000000000000000
[  908.470989][T13093] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  908.471001][T13093] R13: 0000000000000000 R14: 00007fba735b5fa0 R15: 00007ffc9f60eff8
[  908.471034][T13093]  </TASK>
[  910.150124][T13102] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  911.107749][T13119] netlink: 64985 bytes leftover after parsing attributes in process `syz.1.1897'.
[  911.187424][T13121] tipc: Started in network mode
[  911.192370][T13121] tipc: Node identity a6b516146517, cluster identity 4711
[  911.220041][T13121] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  911.377007][T13121] syzkaller0: entered promiscuous mode
[  911.399442][T13121] syzkaller0: entered allmulticast mode
[  912.236932][   T24] tipc: Node number set to 3282179604
[  912.340299][T13120] tipc: Resetting bearer <eth:syzkaller0>
[  912.412325][T13120] tipc: Disabling bearer <eth:syzkaller0>
[  914.260463][T13154] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request
[  915.095147][T13168] smk_cipso_doi:679 remove rc = -2
[  915.100705][T13168] smk_cipso_doi:692 cipso add rc = -17
[  916.751021][T13176] netlink: 64985 bytes leftover after parsing attributes in process `syz.1.1913'.
[  916.948471][T13180] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  916.962549][T13180] syzkaller0: entered promiscuous mode
[  917.927750][T13180] syzkaller0: entered allmulticast mode
[  918.061078][T13179] tipc: Resetting bearer <eth:syzkaller0>
[  918.315909][T13191] openvswitch: netlink: Key type 30 is not supported
[  918.630475][T13179] tipc: Disabling bearer <eth:syzkaller0>
[  919.304859][T13203] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1918'.
[  919.808783][T13201] kthread_run failed with err -4
[  921.566589][T13222] smk_cipso_doi:679 remove rc = -2
[  921.572930][T13222] smk_cipso_doi:692 cipso add rc = -17
[  921.908784][T13218] loop7: detected capacity change from 0 to 7
[  921.941074][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  921.950515][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  921.966992][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  921.976229][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  922.003699][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  922.012992][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  922.074219][T13221] Invalid logical block size (6)
[  922.093483][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  922.102741][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  922.117513][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  922.126843][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  922.151009][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  922.160284][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  922.182157][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  922.191405][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  922.201161][T13218] ldm_validate_partition_table(): Disk read failed.
[  922.221684][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  922.230996][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  922.267539][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  922.276787][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  922.341415][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  922.350771][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  922.393074][T13218] Dev loop7: unable to read RDB block 0
[  922.494880][T13218]  loop7: unable to read partition table
[  922.565755][T13232] netlink: 64985 bytes leftover after parsing attributes in process `syz.4.1927'.
[  922.591395][T13218] loop7: partition table beyond EOD, truncated
[  922.651856][T13218] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  924.937535][T13254] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1930'.
[  925.563953][T13249] openvswitch: netlink: Key type 30 is not supported
[  925.743177][T13255] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1932'.
[  926.161623][T13260] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1933'.
[  928.473108][ T5833] Bluetooth: hci2: command 0x0406 tx timeout
[  931.940969][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  933.975115][T13308] netlink: 4280 bytes leftover after parsing attributes in process `syz.7.1946'.
[  933.984510][T13308] netlink: 4280 bytes leftover after parsing attributes in process `syz.7.1946'.
[  937.961268][T13354] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1959'.
[  937.971609][T13354] netlink: 'syz.1.1959': attribute type 15 has an invalid length.
[  938.290345][T13354] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  938.300194][T13354] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  938.309501][T13354] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  938.318335][T13354] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  938.677487][T13357] sp0: Synchronizing with TNC
[  938.772962][T13354] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1959'.
[  939.174457][T13354] netlink: 'syz.1.1959': attribute type 15 has an invalid length.
[  939.397756][T13361] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1960'.
[  941.681535][T13383] FAULT_INJECTION: forcing a failure.
[  941.681535][T13383] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  941.706977][T13381] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1965'.
[  941.716399][T13383] CPU: 0 UID: 0 PID: 13383 Comm: syz.6.1967 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  941.716428][T13383] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  941.716442][T13383] Call Trace:
[  941.716450][T13383]  <TASK>
[  941.716460][T13383]  dump_stack_lvl+0x189/0x250
[  941.716495][T13383]  ? __pfx____ratelimit+0x10/0x10
[  941.716517][T13383]  ? __pfx_dump_stack_lvl+0x10/0x10
[  941.716542][T13383]  ? __pfx__printk+0x10/0x10
[  941.716584][T13383]  should_fail_ex+0x414/0x560
[  941.716612][T13383]  _copy_to_user+0x31/0xb0
[  941.716646][T13383]  simple_read_from_buffer+0xe1/0x170
[  941.716674][T13383]  proc_fail_nth_read+0x1df/0x250
[  941.716705][T13383]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  941.716735][T13383]  ? rw_verify_area+0x258/0x650
[  941.716769][T13383]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  941.716796][T13383]  vfs_read+0x200/0x980
[  941.716837][T13383]  ? __pfx___mutex_lock+0x10/0x10
[  941.716861][T13383]  ? __pfx_vfs_read+0x10/0x10
[  941.716897][T13383]  ? __fget_files+0x2a/0x420
[  941.716927][T13383]  ? __fget_files+0x3a0/0x420
[  941.716950][T13383]  ? __fget_files+0x2a/0x420
[  941.716983][T13383]  ksys_read+0x145/0x250
[  941.717006][T13383]  ? __pfx_ksys_read+0x10/0x10
[  941.717023][T13383]  ? rcu_is_watching+0x15/0xb0
[  941.717061][T13383]  ? do_syscall_64+0xbe/0x3b0
[  941.717089][T13383]  do_syscall_64+0xfa/0x3b0
[  941.717112][T13383]  ? lockdep_hardirqs_on+0x9c/0x150
[  941.717134][T13383]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  941.717155][T13383]  ? clear_bhb_loop+0x60/0xb0
[  941.717181][T13383]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  941.717202][T13383] RIP: 0033:0x7f7dad38d57c
[  941.717222][T13383] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  941.717242][T13383] RSP: 002b:00007f7dae173030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  941.717265][T13383] RAX: ffffffffffffffda RBX: 00007f7dad5b5fa0 RCX: 00007f7dad38d57c
[  941.717282][T13383] RDX: 000000000000000f RSI: 00007f7dae1730a0 RDI: 0000000000000003
[  941.717295][T13383] RBP: 00007f7dae173090 R08: 0000000000000000 R09: 0000000000000000
[  941.717309][T13383] R10: 0000000000004080 R11: 0000000000000246 R12: 0000000000000001
[  941.717322][T13383] R13: 0000000000000000 R14: 00007f7dad5b5fa0 R15: 00007ffd9275c268
[  941.717356][T13383]  </TASK>
[  942.712258][T13393] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1970'.
[  942.823599][ T5911] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  942.991763][ T5911] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  946.811214][T13416] mkiss: ax0: crc mode is auto.
[  947.807573][T13435] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1982'.
[  953.136452][T13466] capability: warning: `syz.6.1990' uses 32-bit capabilities (legacy support in use)
[  954.125114][T13475] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1992'.
[  955.216468][T13483] netlink: 'syz.6.1995': attribute type 10 has an invalid length.
[  955.374389][T13483] FAULT_INJECTION: forcing a failure.
[  955.374389][T13483] name failslab, interval 1, probability 0, space 0, times 0
[  955.423478][T13483] CPU: 0 UID: 0 PID: 13483 Comm: syz.6.1995 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  955.423509][T13483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  955.423521][T13483] Call Trace:
[  955.423530][T13483]  <TASK>
[  955.423538][T13483]  dump_stack_lvl+0x189/0x250
[  955.423564][T13483]  ? __pfx____ratelimit+0x10/0x10
[  955.423584][T13483]  ? __pfx_dump_stack_lvl+0x10/0x10
[  955.423605][T13483]  ? __pfx__printk+0x10/0x10
[  955.423632][T13483]  should_fail_ex+0x414/0x560
[  955.423656][T13483]  should_failslab+0xa8/0x100
[  955.423680][T13483]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  955.423700][T13483]  ? rtnl_prop_list_size+0x1ba/0x1e0
[  955.423722][T13483]  ? __alloc_skb+0x112/0x2d0
[  955.423753][T13483]  __alloc_skb+0x112/0x2d0
[  955.423776][T13483]  rtmsg_ifinfo_build_skb+0x84/0x260
[  955.423791][T13483]  ? netpoll_poll_enable+0xce/0xe0
[  955.423814][T13483]  rtmsg_ifinfo+0x8c/0x1a0
[  955.423835][T13483]  __dev_notify_flags+0xf4/0x2e0
[  955.423858][T13483]  ? __pfx___dev_notify_flags+0x10/0x10
[  955.423877][T13483]  ? __dev_change_flags+0x4cc/0x6d0
[  955.423902][T13483]  ? __pfx___dev_change_flags+0x10/0x10
[  955.423926][T13483]  ? rcu_is_watching+0x15/0xb0
[  955.423946][T13483]  netif_change_flags+0xe8/0x1a0
[  955.423971][T13483]  do_setlink+0xc55/0x41c0
[  955.423997][T13483]  ? preempt_schedule_common+0x83/0xd0
[  955.424015][T13483]  ? __pfx_do_setlink+0x10/0x10
[  955.424033][T13483]  ? bpf_trace_run2+0x322/0x4b0
[  955.424062][T13483]  ? __bpf_trace_contention_begin+0xcd/0x130
[  955.424080][T13483]  ? preempt_schedule+0xae/0xc0
[  955.424101][T13483]  ? preempt_schedule_common+0x83/0xd0
[  955.424115][T13483]  ? preempt_schedule+0xae/0xc0
[  955.424128][T13483]  ? __pfx_preempt_schedule+0x10/0x10
[  955.424140][T13483]  ? __mutex_trylock_common+0x153/0x260
[  955.424159][T13483]  ? __pfx___mutex_trylock_common+0x10/0x10
[  955.424179][T13483]  ? preempt_schedule_thunk+0x16/0x30
[  955.424204][T13483]  ? __mutex_lock+0x344/0xe80
[  955.424227][T13483]  ? rtnl_newlink+0x8db/0x1c70
[  955.424244][T13483]  ? rcu_is_watching+0x15/0xb0
[  955.424260][T13483]  ? __pfx___mutex_lock+0x10/0x10
[  955.424283][T13483]  ? ns_capable+0x8a/0xf0
[  955.424298][T13483]  ? rtnl_link_get_net_capable+0x16a/0x350
[  955.424322][T13483]  rtnl_newlink+0x160b/0x1c70
[  955.424340][T13483]  ? netlink_sendmsg+0x805/0xb30
[  955.424370][T13483]  ? __pfx_rtnl_newlink+0x10/0x10
[  955.424388][T13483]  ? __pfx___schedule+0x10/0x10
[  955.424414][T13483]  ? preempt_schedule+0xae/0xc0
[  955.424425][T13483]  ? __dev_queue_xmit+0x27e/0x3a70
[  955.424441][T13483]  ? preempt_schedule_common+0x83/0xd0
[  955.424455][T13483]  ? preempt_schedule+0xae/0xc0
[  955.424468][T13483]  ? __pfx_preempt_schedule+0x10/0x10
[  955.424483][T13483]  ? preempt_schedule_notrace_thunk+0x16/0x30
[  955.424507][T13483]  ? preempt_schedule_thunk+0x16/0x30
[  955.424532][T13483]  ? __local_bh_enable_ip+0x13e/0x1c0
[  955.424546][T13483]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  955.424564][T13483]  ? __dev_queue_xmit+0x27e/0x3a70
[  955.424578][T13483]  ? __dev_queue_xmit+0x27e/0x3a70
[  955.424591][T13483]  ? __dev_queue_xmit+0x27e/0x3a70
[  955.424606][T13483]  ? __dev_queue_xmit+0x1cd7/0x3a70
[  955.424624][T13483]  ? __lock_acquire+0xab9/0xd20
[  955.424691][T13483]  ? __pfx_rtnl_newlink+0x10/0x10
[  955.424712][T13483]  rtnetlink_rcv_msg+0x7cc/0xb70
[  955.424735][T13483]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[  955.424754][T13483]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  955.424778][T13483]  ? __pfx_rcu_preempt_deferred_qs_irqrestore+0x10/0x10
[  955.424808][T13483]  netlink_rcv_skb+0x205/0x470
[  955.424827][T13483]  ? rcu_is_watching+0x15/0xb0
[  955.424844][T13483]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  955.424865][T13483]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  955.424907][T13483]  ? netlink_deliver_tap+0x2e/0x1b0
[  955.424932][T13483]  netlink_unicast+0x75c/0x8e0
[  955.424958][T13483]  netlink_sendmsg+0x805/0xb30
[  955.424985][T13483]  ? __pfx_netlink_sendmsg+0x10/0x10
[  955.425011][T13483]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  955.425025][T13483]  ? __pfx_netlink_sendmsg+0x10/0x10
[  955.425046][T13483]  __sock_sendmsg+0x21c/0x270
[  955.425065][T13483]  ____sys_sendmsg+0x505/0x830
[  955.425096][T13483]  ? __pfx_____sys_sendmsg+0x10/0x10
[  955.425124][T13483]  ? import_iovec+0x74/0xa0
[  955.425147][T13483]  ___sys_sendmsg+0x21f/0x2a0
[  955.425170][T13483]  ? __pfx____sys_sendmsg+0x10/0x10
[  955.425218][T13483]  ? __fget_files+0x2a/0x420
[  955.425234][T13483]  ? __fget_files+0x3a0/0x420
[  955.425257][T13483]  __x64_sys_sendmsg+0x19b/0x260
[  955.425281][T13483]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  955.425320][T13483]  do_syscall_64+0xfa/0x3b0
[  955.425337][T13483]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  955.425352][T13483]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  955.425365][T13483]  ? clear_bhb_loop+0x60/0xb0
[  955.425382][T13483]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  955.425396][T13483] RIP: 0033:0x7f7dad38eb69
[  955.425409][T13483] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  955.425422][T13483] RSP: 002b:00007f7dae152038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  955.425436][T13483] RAX: ffffffffffffffda RBX: 00007f7dad5b6080 RCX: 00007f7dad38eb69
[  955.425447][T13483] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000008
[  955.425456][T13483] RBP: 00007f7dae152090 R08: 0000000000000000 R09: 0000000000000000
[  955.425464][T13483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  955.425472][T13483] R13: 0000000000000000 R14: 00007f7dad5b6080 R15: 00007ffd9275c268
[  955.425511][T13483]  </TASK>
[  956.149753][T13483] 8021q: adding VLAN 0 to HW filter on device team0
[  956.168141][T13483] bond0: (slave team0): Enslaving as an active interface with an up link
[  956.601681][T13495] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  958.220332][T13505] sp0: Synchronizing with TNC
[  960.908620][ T5960] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  961.476642][T13527] sctp: failed to load transform for md5: -2
[  961.866814][ T5960] usb 6-1: Using ep0 maxpacket: 8
[  961.873966][ T5960] usb 6-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  961.888402][ T5960] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  961.900677][ T5960] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  961.911482][T13536] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2006'.
[  961.918516][ T5960] usb 6-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  961.944140][ T5960] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  961.957869][ T5960] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  961.977427][ T5960] usbtmc 6-1:16.0: bulk endpoints not found
[  962.167850][ T5940] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  963.140427][   T10] usb 6-1: USB disconnect, device number 16
[  963.212563][ T5940] usb 7-1: Using ep0 maxpacket: 8
[  963.225508][ T5940] usb 7-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[  963.244291][ T5940] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  963.274643][ T5940] usb 7-1: Product: syz
[  963.296706][ T5940] usb 7-1: Manufacturer: syz
[  963.315557][ T5940] usb 7-1: SerialNumber: syz
[  963.341279][ T5940] usb 7-1: config 0 descriptor??
[  963.886630][ T5940] usb 7-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[  966.331017][T13558] FAULT_INJECTION: forcing a failure.
[  966.331017][T13558] name failslab, interval 1, probability 0, space 0, times 0
[  966.344855][T13558] CPU: 0 UID: 0 PID: 13558 Comm: syz.7.2013 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[  966.344888][T13558] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  966.344902][T13558] Call Trace:
[  966.344911][T13558]  <TASK>
[  966.344921][T13558]  dump_stack_lvl+0x189/0x250
[  966.344951][T13558]  ? __pfx____ratelimit+0x10/0x10
[  966.344975][T13558]  ? __pfx_dump_stack_lvl+0x10/0x10
[  966.345000][T13558]  ? __pfx__printk+0x10/0x10
[  966.345036][T13558]  ? __pfx___might_resched+0x10/0x10
[  966.345059][T13558]  ? fs_reclaim_acquire+0x7d/0x100
[  966.345092][T13558]  should_fail_ex+0x414/0x560
[  966.345120][T13558]  should_failslab+0xa8/0x100
[  966.345146][T13558]  __kmalloc_cache_noprof+0x70/0x3d0
[  966.345168][T13558]  ? vhost_task_create+0xf6/0x290
[  966.345199][T13558]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  966.345235][T13558]  vhost_task_create+0xf6/0x290
[  966.345263][T13558]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  966.345300][T13558]  ? __pfx_vhost_task_create+0x10/0x10
[  966.345338][T13558]  ? __pfx_vhost_task_fn+0x10/0x10
[  966.345379][T13558]  ? kasan_save_track+0x4f/0x80
[  966.345410][T13558]  ? kasan_save_track+0x3e/0x80
[  966.345448][T13558]  kvm_mmu_post_init_vm+0x147/0x2b0
[  966.345477][T13558]  kvm_arch_vcpu_ioctl_run+0xdc/0x1940
[  966.345514][T13558]  ? __mutex_trylock_common+0x153/0x260
[  966.345545][T13558]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  966.345579][T13558]  ? rcu_is_watching+0x15/0xb0
[  966.345602][T13558]  ? look_up_lock_class+0x74/0x170
[  966.345628][T13558]  ? register_lock_class+0x51/0x320
[  966.345669][T13558]  ? __lock_acquire+0xab9/0xd20
[  966.345734][T13558]  kvm_vcpu_ioctl+0x95c/0xe90
[  966.345769][T13558]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  966.345793][T13558]  ? __lock_acquire+0xab9/0xd20
[  966.345817][T13558]  ? __asan_memset+0x22/0x50
[  966.345847][T13558]  ? smack_file_ioctl+0x302/0x340
[  966.345872][T13558]  ? __pfx_smack_file_ioctl+0x10/0x10
[  966.345906][T13558]  ? __fget_files+0x2a/0x420
[  966.345929][T13558]  ? __fget_files+0x3a0/0x420
[  966.345952][T13558]  ? __fget_files+0x2a/0x420
[  966.345980][T13558]  ? bpf_lsm_file_ioctl+0x9/0x20
[  966.346006][T13558]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  966.346033][T13558]  __se_sys_ioctl+0xfc/0x170
[  966.346068][T13558]  do_syscall_64+0xfa/0x3b0
[  966.346094][T13558]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  966.346114][T13558]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  966.346136][T13558]  ? clear_bhb_loop+0x60/0xb0
[  966.346163][T13558]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  966.346184][T13558] RIP: 0033:0x7fba7338eb69
[  966.346203][T13558] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  966.346222][T13558] RSP: 002b:00007fba74111038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  966.346245][T13558] RAX: ffffffffffffffda RBX: 00007fba735b6080 RCX: 00007fba7338eb69
[  966.346261][T13558] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  966.346275][T13558] RBP: 00007fba74111090 R08: 0000000000000000 R09: 0000000000000000
[  966.346288][T13558] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  966.346301][T13558] R13: 0000000000000000 R14: 00007fba735b6080 R15: 00007ffc9f60eff8
[  966.346336][T13558]  </TASK>
[  966.674878][ T5940] usb write operation failed. (-71)
[  966.707655][ T5940] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  966.718505][ T5940] dvbdev: DVB: registering new adapter (Terratec H7)
[  966.725379][ T5940] usb 7-1: media controller created
[  966.731402][ T5940] usb read operation failed. (-71)
[  966.737196][ T5940] usb write operation failed. (-71)
[  966.745014][ T5940] dvb_usb_az6007 7-1:0.0: probe with driver dvb_usb_az6007 failed with error -5
[  966.776909][ T5940] usb 7-1: USB disconnect, device number 4
[  967.854399][T13570] sctp: failed to load transform for md5: -2
[  968.303830][T13578] sp0: Synchronizing with TNC
[  973.286263][T13625] sch_tbf: burst 0 is lower than device veth0_to_bridge mtu (1514) !
[  973.317003][T13625] sch_tbf: burst 0 is lower than device veth0_to_bridge mtu (1514) !
[  974.943954][T13640] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2035'.
[  975.082781][ T5833] Bluetooth: hci1: command 0x0406 tx timeout
[  976.182070][ T5940] usb 6-1: new full-speed USB device number 17 using dummy_hcd
[  976.418730][ T5940] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  976.441994][ T5940] usb 6-1: New USB device found, idVendor=0b05, idProduct=17e0, bcdDevice= 0.00
[  976.451578][ T5940] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  976.465532][ T5940] usb 6-1: config 0 descriptor??
[  976.717845][T13656] fuse: Bad value for 'fd'
[  976.725838][   T30] kauditd_printk_skb: 60 callbacks suppressed
[  976.725851][   T30] audit: type=1326 audit(1754376040.564:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13654 comm="syz.4.2040" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f62fa18eb69 code=0x0
[  976.811419][T13655] kthread_run failed with err -4
[  976.930248][ T5940] asus 0003:0B05:17E0.000A: item fetching failed at offset 2/5
[  976.957378][ T5940] asus 0003:0B05:17E0.000A: Asus hid parse failed: -22
[  976.966034][ T5940] asus 0003:0B05:17E0.000A: probe with driver asus failed with error -22
[  977.141615][ T5940] usb 6-1: USB disconnect, device number 17
[  977.350885][T13669] smk_cipso_doi:679 remove rc = -2
[  977.360710][T13669] smk_cipso_doi:692 cipso add rc = -17
[  981.448032][   T10] usb 2-1: new full-speed USB device number 30 using dummy_hcd
[  981.629458][   T10] usb 2-1: config 0 has an invalid interface number: 138 but max is 0
[  981.647019][   T10] usb 2-1: config 0 has no interface number 0
[  981.659016][   T10] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=c8.66
[  981.706705][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  981.720166][   T10] usb 2-1: config 0 descriptor??
[  984.135908][   T10] usb 2-1: string descriptor 0 read error: -71
[  984.630545][   T10] usbtest 2-1:0.138: couldn't get endpoints, -22
[  984.962642][   T10] usbtest 2-1:0.138: probe with driver usbtest failed with error -22
[  984.987073][   T10] usb 2-1: USB disconnect, device number 30
[  985.411037][T13743] batadv_slave_1: entered promiscuous mode
[  986.342082][T13741] batadv_slave_1: left promiscuous mode
[  989.224851][ T5931] hid-generic 0000:0004:0034.000B: unknown main item tag 0x0
[  989.246679][T12759] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  989.343019][ T5931] hid-generic 0000:0004:0034.000B: unknown main item tag 0x0
[  989.352559][ T5931] hid-generic 0000:0004:0034.000B: unknown main item tag 0x0
[  989.367302][ T5931] hid-generic 0000:0004:0034.000B: hidraw0: <UNKNOWN> HID v0.0e Device [syz0] on syz1
[  989.638542][T12759] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  990.576998][T12759] usb 2-1: config 1 has no interface number 0
[  990.583243][T12759] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  990.597617][T12759] usb 2-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  990.607129][T12759] usb 2-1: config 1 interface 1 altsetting 1 has an endpoint descriptor with address 0x61, changing to 0x1
[  990.626695][T12759] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  990.870807][T12759] usb 2-1: string descriptor 0 read error: -71
[  990.878915][T12759] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  990.894120][T12759] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  991.414240][T12759] usb 2-1: can't set config #1, error -71
[  992.168165][T12759] usb 2-1: USB disconnect, device number 31
[  992.957415][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  993.776094][T13802] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2082'.
[  993.785577][T13802] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2082'.
[  994.675180][T13806] fuse: Bad value for 'rootmode'
[  996.856851][T12759] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  997.049037][T12759] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[  997.068465][T12759] usb 2-1: config 0 has no interface number 0
[  997.094563][T12759] usb 2-1: New USB device found, idVendor=0403, idProduct=da71, bcdDevice=a2.95
[  997.113496][T12759] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  997.126955][   T10] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  997.173199][T12759] usb 2-1: Product: syz
[  997.193412][T12759] usb 2-1: Manufacturer: syz
[  997.206884][T12759] usb 2-1: SerialNumber: syz
[  997.219666][T12759] usb 2-1: config 0 descriptor??
[  997.252432][T12759] usb 2-1: NDI device with a latency value of 1
[  997.296637][   T24] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  997.319820][   T10] usb 7-1: Using ep0 maxpacket: 16
[  997.345263][   T10] usb 7-1: unable to get BOS descriptor or descriptor too short
[  997.386360][   T10] usb 7-1: config index 0 descriptor too short (expected 11827, got 108)
[  997.386391][   T10] usb 7-1: config 161 has too many interfaces: 245, using maximum allowed: 32
[  997.386412][   T10] usb 7-1: config 161 has an invalid descriptor of length 139, skipping remainder of the config
[  997.386433][   T10] usb 7-1: config 161 has 0 interfaces, different from the descriptor's value: 245
[  997.439264][   T10] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  997.448565][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  997.456822][   T10] usb 7-1: Product: syz
[  997.461096][   T10] usb 7-1: Manufacturer: syz
[  997.465722][   T10] usb 7-1: SerialNumber: syz
[  997.491236][   T24] usb 6-1: device descriptor read/64, error -71
[  997.697090][   T10] usb 7-1: USB disconnect, device number 5
[  997.766683][   T24] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  998.076624][   T24] usb 6-1: device descriptor read/64, error -71
[  998.788893][ T5840] IPVS: starting estimator thread 0...
[  998.811312][T13820] IPVS: sed: UDP 224.0.0.2:0 - no destination available
[  998.851300][T13844] netlink: 11 bytes leftover after parsing attributes in process `syz.1.2087'.
[  998.876810][T13842] IPVS: using max 37 ests per chain, 88800 per kthread
[  998.916657][   T24] usb usb6-port1: attempt power cycle
[  999.104167][T12759] ftdi_sio 2-1:0.8: FTDI USB Serial Device converter detected
[  999.126323][T12759] ftdi_sio ttyUSB0: unknown device type: 0xa295
[  999.154530][T12759] usb 2-1: USB disconnect, device number 32
[  999.169312][T12759] ftdi_sio 2-1:0.8: device disconnected
[ 1000.007882][   T24] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[ 1000.063945][   T24] usb 6-1: device descriptor read/8, error -71
[ 1000.810807][T13865] dlm: non-version read from control device 0
[ 1004.050508][T13902] netlink: 'syz.5.2111': attribute type 1 has an invalid length.
[ 1004.114060][T13905] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2112'.
[ 1004.140579][T13903] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[ 1004.186566][T13903] overlayfs: missing 'lowerdir'
[ 1005.720084][T13898] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[ 1005.878764][T13924] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2117'.
[ 1005.955020][T13924] program syz.6.2117 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1007.507605][   T24] usb 6-1: new low-speed USB device number 22 using dummy_hcd
[ 1007.525093][ T5960] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[ 1007.896636][T13940] sctp: failed to load transform for md5: -2
[ 1007.946763][ T5960] usb 2-1: New USB device found, idVendor=046d, idProduct=08b6, bcdDevice= e.32
[ 1007.998509][ T5960] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1008.041613][ T5960] usb 2-1: Product: syz
[ 1008.061135][ T5960] usb 2-1: Manufacturer: syz
[ 1008.094272][ T5960] usb 2-1: SerialNumber: syz
[ 1008.357184][ T5960] usb 2-1: config 0 descriptor??
[ 1008.381824][ T5960] pwc: Logitech/Cisco VT Camera webcam detected.
[ 1008.983683][T13928] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1009.020566][T13928] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1009.266673][ T1209] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 1009.496683][ T1209] usb 7-1: Using ep0 maxpacket: 32
[ 1009.520287][ T1209] usb 7-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1010.189496][ T5960] pwc: Failed to set LED on/off time (-71)
[ 1010.206650][ T5960] pwc: send_video_command error -71
[ 1010.211913][ T5960] pwc: Failed to set video mode VGA@30 fps; return code = -71
[ 1010.219639][ T1209] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1010.246816][ T5960] Philips webcam 2-1:0.0: probe with driver Philips webcam failed with error -71
[ 1010.258002][ T1209] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1010.386081][ T1209] usb 7-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1010.406266][ T5960] usb 2-1: USB disconnect, device number 33
[ 1010.431683][ T1209] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1010.487147][ T1209] usb 7-1: config 0 descriptor??
[ 1010.512185][T13951] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1010.569428][ T1209] hub 7-1:0.0: USB hub found
[ 1010.649447][T13968] fuse: Unknown parameter '�d�0x0000000000000003'
[ 1010.916837][   T24] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[ 1011.286940][ T1209] hub 7-1:0.0: config failed, can't read hub descriptor (err -22)
[ 1011.336982][ T1209] usbhid 7-1:0.0: can't add hid device: -71
[ 1011.346953][ T1209] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1011.376692][   T24] usb 6-1: Using ep0 maxpacket: 32
[ 1011.399383][ T1209] usb 7-1: USB disconnect, device number 6
[ 1011.400383][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1011.476976][   T24] usb 6-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[ 1011.488359][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1011.504756][   T24] usb 6-1: config 0 descriptor??
[ 1011.741965][T13968] fuse: Unknown parameter '�d�0x0000000000000003'
[ 1011.888144][T13983] FAULT_INJECTION: forcing a failure.
[ 1011.888144][T13983] name failslab, interval 1, probability 0, space 0, times 0
[ 1011.919919][T13983] CPU: 0 UID: 0 PID: 13983 Comm: syz.1.2133 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1011.919945][   T24] usbhid 6-1:0.0: can't add hid device: -71
[ 1011.919948][T13983] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1011.919961][T13983] Call Trace:
[ 1011.919970][T13983]  <TASK>
[ 1011.919980][T13983]  dump_stack_lvl+0x189/0x250
[ 1011.920018][T13983]  ? __pfx____ratelimit+0x10/0x10
[ 1011.920045][T13983]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1011.920073][T13983]  ? __pfx__printk+0x10/0x10
[ 1011.920112][T13983]  ? __pfx___might_resched+0x10/0x10
[ 1011.920138][T13983]  ? fs_reclaim_acquire+0x7d/0x100
[ 1011.920172][T13983]  should_fail_ex+0x414/0x560
[ 1011.920204][T13983]  should_failslab+0xa8/0x100
[ 1011.920232][T13983]  __kmalloc_noprof+0xcb/0x4f0
[ 1011.920252][T13983]  ? kfree+0x4d/0x440
[ 1011.920284][T13983]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1011.920321][T13983]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1011.920355][T13983]  ? tomoyo_domain+0xda/0x130
[ 1011.920394][T13983]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1011.920419][T13983]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1011.920449][T13983]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1011.920495][T13983]  ? __lock_acquire+0xab9/0xd20
[ 1011.920542][T13983]  ? __fget_files+0x2a/0x420
[ 1011.920573][T13983]  ? __fget_files+0x2a/0x420
[ 1011.920596][T13983]  ? __fget_files+0x3a0/0x420
[ 1011.920621][T13983]  ? __fget_files+0x2a/0x420
[ 1011.920653][T13983]  security_file_ioctl+0xcb/0x2d0
[ 1011.920682][T13983]  __se_sys_ioctl+0x47/0x170
[ 1011.920721][T13983]  do_syscall_64+0xfa/0x3b0
[ 1011.920744][T13983]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1011.920770][T13983]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1011.920794][T13983]  ? clear_bhb_loop+0x60/0xb0
[ 1011.920822][T13983]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1011.920845][T13983] RIP: 0033:0x7fc00e58eb69
[ 1011.920866][T13983] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1011.920887][T13983] RSP: 002b:00007fc00f4c7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1011.920912][T13983] RAX: ffffffffffffffda RBX: 00007fc00e7b5fa0 RCX: 00007fc00e58eb69
[ 1011.920929][T13983] RDX: 0000200000000000 RSI: 0000000000001269 RDI: 0000000000000003
[ 1011.920945][T13983] RBP: 00007fc00f4c7090 R08: 0000000000000000 R09: 0000000000000000
[ 1011.920960][T13983] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1011.920973][T13983] R13: 0000000000000000 R14: 00007fc00e7b5fa0 R15: 00007fffe61d55c8
[ 1011.921017][T13983]  </TASK>
[ 1011.921027][T13983] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1012.282401][   T24] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1012.324567][   T24] usb 6-1: USB disconnect, device number 23
[ 1013.243776][T13996] sctp: failed to load transform for md5: -2
[ 1015.030543][T14016] sp0: Synchronizing with TNC
[ 1017.032489][T14017] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1017.076848][T14017] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1017.132900][T14017] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1017.162471][T14017] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1017.192987][T14017] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1017.913622][T14017] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1019.747565][ T5846] Bluetooth: hci4: command 0x0406 tx timeout
[ 1019.753667][ T5846] Bluetooth: hci2: command 0x0406 tx timeout
[ 1019.759777][ T5833] Bluetooth: hci1: command 0x0406 tx timeout
[ 1019.954454][T14059] 9pnet_fd: Insufficient options for proto=fd
[ 1020.012423][T14059] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2148'.
[ 1020.869888][T14067] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1020.999988][T14072] netlink: 'syz.5.2154': attribute type 10 has an invalid length.
[ 1021.270534][T14072] veth0_vlan: left promiscuous mode
[ 1021.280006][T14072] veth0_vlan: entered promiscuous mode
[ 1021.291797][T14072] team0: Device veth0_vlan failed to register rx_handler
[ 1021.818360][T14072] netlink: 160 bytes leftover after parsing attributes in process `syz.5.2154'.
[ 1021.846727][ T5846] Bluetooth: hci2: command 0x0406 tx timeout
[ 1021.853264][ T5846] Bluetooth: hci1: command 0x0406 tx timeout
[ 1021.861034][ T5846] Bluetooth: hci4: command 0x0406 tx timeout
[ 1023.036565][ T5972] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[ 1023.059847][T14066] tipc: Disabling bearer <eth:syzkaller0>
[ 1023.306976][ T5972] usb 6-1: config 0 has an invalid interface number: 41 but max is 0
[ 1023.315116][ T5972] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1023.358764][ T5972] usb 6-1: config 0 has no interface number 0
[ 1023.684650][ T5972] usb 6-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[ 1023.694181][ T5972] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1023.703279][ T5972] usb 6-1: Product: syz
[ 1023.716645][ T5972] usb 6-1: Manufacturer: syz
[ 1023.737309][ T5972] usb 6-1: SerialNumber: syz
[ 1023.757686][ T5972] usb 6-1: config 0 descriptor??
[ 1023.819757][ T5972] usb 6-1: can't set config #0, error -71
[ 1023.857142][ T5972] usb 6-1: USB disconnect, device number 24
[ 1029.787103][ T5846] Bluetooth: hci0: Opcode 0x1003 failed: -110
[ 1029.967830][T14125] netlink: 76 bytes leftover after parsing attributes in process `syz.1.2164'.
[ 1030.029036][T14113] sctp: failed to load transform for md5: -2
[ 1030.672889][T14130] sctp: failed to load transform for md5: -2
[ 1034.946811][ T5972] usb 6-1: new full-speed USB device number 25 using dummy_hcd
[ 1035.156639][ T5972] usb 6-1: device descriptor read/64, error -71
[ 1035.225740][T14157] 9pnet_fd: Insufficient options for proto=fd
[ 1035.346600][ T1209] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[ 1035.397039][ T5972] usb 6-1: new full-speed USB device number 26 using dummy_hcd
[ 1035.498544][ T1209] usb 2-1: Using ep0 maxpacket: 8
[ 1035.522796][ T1209] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[ 1035.536621][ T5972] usb 6-1: device descriptor read/64, error -71
[ 1035.567408][ T1209] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1035.597128][T14161] 9pnet_fd: Insufficient options for proto=fd
[ 1035.604070][T14161] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2173'.
[ 1035.661863][ T1209] usb 2-1: Product: syz
[ 1036.425566][ T5972] usb usb6-port1: attempt power cycle
[ 1036.431532][ T1209] usb 2-1: Manufacturer: syz
[ 1036.445599][ T1209] usb 2-1: SerialNumber: syz
[ 1036.455734][ T1209] usb 2-1: config 0 descriptor??
[ 1036.679474][ T1209] usb 2-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[ 1036.776776][ T5972] usb 6-1: new full-speed USB device number 27 using dummy_hcd
[ 1036.808187][ T5972] usb 6-1: device descriptor read/8, error -71
[ 1038.557949][ T1209] usb write operation failed. (-71)
[ 1038.565338][ T1209] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1038.622204][ T1209] dvbdev: DVB: registering new adapter (Terratec H7)
[ 1038.648888][ T1209] usb 2-1: media controller created
[ 1038.677862][ T1209] usb read operation failed. (-71)
[ 1038.692538][ T1209] usb write operation failed. (-71)
[ 1038.742593][ T1209] dvb_usb_az6007 2-1:0.0: probe with driver dvb_usb_az6007 failed with error -5
[ 1038.781986][ T1209] usb 2-1: USB disconnect, device number 34
[ 1039.664496][T14188] sctp: failed to load transform for md5: -2
[ 1039.941074][T14198] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2187'.
[ 1039.950193][T14198] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (511)
[ 1039.959453][T14198] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255
[ 1044.182382][T14223] netlink: 'syz.6.2192': attribute type 1 has an invalid length.
[ 1044.501002][T14226] netdevsim netdevsim6: Direct firmware load for ./file0 failed with error -2
[ 1044.510579][T14226] netdevsim netdevsim6: Falling back to sysfs fallback for: ./file0
[ 1045.193291][T14233] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2194'.
[ 1047.375547][T14251] sp0: Synchronizing with TNC
[ 1047.996658][T14247] sctp: failed to load transform for md5: -2
[ 1050.825929][T14269] netlink: 64985 bytes leftover after parsing attributes in process `syz.7.2205'.
[ 1051.075826][T14269] dummy0 speed is unknown, defaulting to 1000
[ 1051.126550][ T5960] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 1051.376838][ T5960] usb 7-1: Using ep0 maxpacket: 8
[ 1051.493211][T14284] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2207'.
[ 1051.569979][ T5960] usb 7-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[ 1051.581887][ T5960] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1051.674668][ T5960] usb 7-1: Product: syz
[ 1051.886538][ T5960] usb 7-1: Manufacturer: syz
[ 1052.016829][ T5960] usb 7-1: SerialNumber: syz
[ 1052.055017][ T5960] usb 7-1: config 0 descriptor??
[ 1052.481111][ T5960] usb 7-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[ 1053.681148][T14298] FAULT_INJECTION: forcing a failure.
[ 1053.681148][T14298] name failslab, interval 1, probability 0, space 0, times 0
[ 1053.693938][T14298] CPU: 0 UID: 0 PID: 14298 Comm: syz.7.2211 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1053.693965][T14298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1053.693979][T14298] Call Trace:
[ 1053.693988][T14298]  <TASK>
[ 1053.693997][T14298]  dump_stack_lvl+0x189/0x250
[ 1053.694027][T14298]  ? __pfx____ratelimit+0x10/0x10
[ 1053.694050][T14298]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1053.694075][T14298]  ? __pfx__printk+0x10/0x10
[ 1053.694106][T14298]  ? __pfx___might_resched+0x10/0x10
[ 1053.694129][T14298]  ? fs_reclaim_acquire+0x7d/0x100
[ 1053.694160][T14298]  should_fail_ex+0x414/0x560
[ 1053.694188][T14298]  should_failslab+0xa8/0x100
[ 1053.694214][T14298]  __kmalloc_noprof+0xcb/0x4f0
[ 1053.694234][T14298]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[ 1053.694265][T14298]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[ 1053.694297][T14298]  genl_family_rcv_msg_doit+0xb8/0x300
[ 1053.694327][T14298]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1053.694354][T14298]  ? rcu_is_watching+0x15/0xb0
[ 1053.694378][T14298]  ? cap_capable+0x11f/0x460
[ 1053.694401][T14298]  ? safesetid_security_capable+0xa9/0x1a0
[ 1053.694427][T14298]  ? bpf_lsm_capable+0x9/0x20
[ 1053.694453][T14298]  ? security_capable+0x7e/0x2e0
[ 1053.694487][T14298]  genl_rcv_msg+0x60e/0x790
[ 1053.694518][T14298]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1053.694539][T14298]  ? __pfx_smc_pnet_add+0x10/0x10
[ 1053.694585][T14298]  netlink_rcv_skb+0x205/0x470
[ 1053.694616][T14298]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1053.694641][T14298]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1053.694690][T14298]  ? down_read+0x1ad/0x2e0
[ 1053.694720][T14298]  genl_rcv+0x28/0x40
[ 1053.694740][T14298]  netlink_unicast+0x75c/0x8e0
[ 1053.694780][T14298]  netlink_sendmsg+0x805/0xb30
[ 1053.694823][T14298]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1053.694863][T14298]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1053.694884][T14298]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1053.694916][T14298]  __sock_sendmsg+0x21c/0x270
[ 1053.694953][T14298]  ____sys_sendmsg+0x505/0x830
[ 1053.694992][T14298]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1053.695037][T14298]  ? import_iovec+0x74/0xa0
[ 1053.695071][T14298]  ___sys_sendmsg+0x21f/0x2a0
[ 1053.695107][T14298]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1053.695182][T14298]  ? __fget_files+0x2a/0x420
[ 1053.695205][T14298]  ? __fget_files+0x3a0/0x420
[ 1053.695242][T14298]  __x64_sys_sendmsg+0x19b/0x260
[ 1053.695279][T14298]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1053.695324][T14298]  ? __pfx_ksys_write+0x10/0x10
[ 1053.695351][T14298]  ? do_syscall_64+0xbe/0x3b0
[ 1053.695380][T14298]  do_syscall_64+0xfa/0x3b0
[ 1053.695402][T14298]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1053.695424][T14298]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1053.695446][T14298]  ? clear_bhb_loop+0x60/0xb0
[ 1053.695473][T14298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1053.695494][T14298] RIP: 0033:0x7fba7338eb69
[ 1053.695512][T14298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1053.695531][T14298] RSP: 002b:00007fba74111038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1053.695553][T14298] RAX: ffffffffffffffda RBX: 00007fba735b6080 RCX: 00007fba7338eb69
[ 1053.695569][T14298] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000006
[ 1053.695582][T14298] RBP: 00007fba74111090 R08: 0000000000000000 R09: 0000000000000000
[ 1053.695595][T14298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1053.695607][T14298] R13: 0000000000000000 R14: 00007fba735b6080 R15: 00007ffc9f60eff8
[ 1053.695642][T14298]  </TASK>
[ 1054.457570][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.457694][   T24] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[ 1054.484873][ T5960] usb write operation failed. (-71)
[ 1054.497511][ T5960] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1055.329651][T14310] sp0: Synchronizing with TNC
[ 1055.477813][ T5960] dvbdev: DVB: registering new adapter (Terratec H7)
[ 1055.484870][ T5960] usb 7-1: media controller created
[ 1055.495387][ T5960] usb read operation failed. (-71)
[ 1055.502139][ T5960] usb write operation failed. (-71)
[ 1056.453358][ T5960] dvb_usb_az6007 7-1:0.0: probe with driver dvb_usb_az6007 failed with error -5
[ 1056.465477][ T5960] usb 7-1: USB disconnect, device number 7
[ 1056.509675][   T24] usb 5-1: config 0 has more interface descriptors, than it declares in bNumInterfaces, ignoring interface number: 0
[ 1057.241237][   T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1057.256603][   T24] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[ 1057.429967][   T24] usb 5-1: string descriptor 0 read error: -71
[ 1057.437361][   T24] usb 5-1: New USB device found, idVendor=1908, idProduct=1315, bcdDevice= 0.00
[ 1057.446529][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1057.458363][   T24] usb 5-1: config 0 descriptor??
[ 1057.463943][   T24] usb 5-1: can't set config #0, error -71
[ 1057.474826][   T24] usb 5-1: USB disconnect, device number 32
[ 1057.876818][ T5972] usb 7-1: new full-speed USB device number 8 using dummy_hcd
[ 1058.199206][ T5972] usb 7-1: config 0 has an invalid interface number: 138 but max is 0
[ 1058.216493][ T5972] usb 7-1: config 0 has no interface number 0
[ 1058.222665][ T5972] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=c8.66
[ 1058.256530][ T5972] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1058.276041][ T5972] usb 7-1: config 0 descriptor??
[ 1058.485910][ T5972] usb 7-1: string descriptor 0 read error: -71
[ 1058.500759][ T5972] usbtest 7-1:0.138: couldn't get endpoints, -22
[ 1058.526711][ T5972] usbtest 7-1:0.138: probe with driver usbtest failed with error -22
[ 1058.826239][T14342] netlink: 'syz.1.2222': attribute type 1 has an invalid length.
[ 1058.834175][T14342] netlink: 'syz.1.2222': attribute type 2 has an invalid length.
[ 1058.842740][T14342] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2222'.
[ 1058.896010][ T5972] usb 7-1: USB disconnect, device number 8
[ 1062.782794][T14377] sp0: Synchronizing with TNC
[ 1063.773414][   T30] audit: type=1800 audit(1754376127.604:322): pid=14370 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.2228" name="/" dev="9p" ino=2 res=0 errno=0
[ 1066.817084][ T5960] usb 6-1: new full-speed USB device number 29 using dummy_hcd
[ 1066.983563][ T5960] usb 6-1: config 0 has an invalid interface number: 138 but max is 0
[ 1066.992861][ T5960] usb 6-1: config 0 has no interface number 0
[ 1067.007777][ T5960] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=c8.66
[ 1067.956650][ T5960] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1067.991351][ T5960] usb 6-1: config 0 descriptor??
[ 1068.053124][T14416] netlink: 5 bytes leftover after parsing attributes in process `syz.1.2243'.
[ 1068.066182][T14416] netlink: 5 bytes leftover after parsing attributes in process `syz.1.2243'.
[ 1068.206605][ T5960] usb 6-1: string descriptor 0 read error: -71
[ 1068.214214][ T5960] usbtest 6-1:0.138: couldn't get endpoints, -22
[ 1068.239667][ T5960] usbtest 6-1:0.138: probe with driver usbtest failed with error -22
[ 1068.276175][ T5960] usb 6-1: USB disconnect, device number 29
[ 1070.384797][T14432] FAULT_INJECTION: forcing a failure.
[ 1070.384797][T14432] name failslab, interval 1, probability 0, space 0, times 0
[ 1070.399225][T14432] CPU: 0 UID: 0 PID: 14432 Comm: syz.6.2248 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1070.399256][T14432] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1070.399269][T14432] Call Trace:
[ 1070.399279][T14432]  <TASK>
[ 1070.399288][T14432]  dump_stack_lvl+0x189/0x250
[ 1070.399319][T14432]  ? __pfx____ratelimit+0x10/0x10
[ 1070.399343][T14432]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1070.399369][T14432]  ? __pfx__printk+0x10/0x10
[ 1070.399406][T14432]  ? __pfx___might_resched+0x10/0x10
[ 1070.399430][T14432]  ? fs_reclaim_acquire+0x7d/0x100
[ 1070.399462][T14432]  should_fail_ex+0x414/0x560
[ 1070.399491][T14432]  should_failslab+0xa8/0x100
[ 1070.399518][T14432]  __kmalloc_noprof+0xcb/0x4f0
[ 1070.399539][T14432]  ? fuse_set_acl+0x2bf/0x5c0
[ 1070.399577][T14432]  fuse_set_acl+0x2bf/0x5c0
[ 1070.399619][T14432]  vfs_set_acl+0x884/0xb00
[ 1070.399665][T14432]  do_set_acl+0xf6/0x190
[ 1070.399702][T14432]  filename_setxattr+0x2e0/0x600
[ 1070.399740][T14432]  ? __pfx_filename_setxattr+0x10/0x10
[ 1070.399779][T14432]  ? getname_flags+0x1e5/0x540
[ 1070.399811][T14432]  path_setxattrat+0x364/0x3a0
[ 1070.399854][T14432]  ? __pfx_path_setxattrat+0x10/0x10
[ 1070.399883][T14432]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1070.399940][T14432]  ? ksys_write+0x22a/0x250
[ 1070.399965][T14432]  ? __pfx_ksys_write+0x10/0x10
[ 1070.399983][T14432]  ? rcu_is_watching+0x15/0xb0
[ 1070.400014][T14432]  __x64_sys_setxattr+0xbc/0xe0
[ 1070.400046][T14432]  do_syscall_64+0xfa/0x3b0
[ 1070.400069][T14432]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1070.400092][T14432]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1070.400114][T14432]  ? clear_bhb_loop+0x60/0xb0
[ 1070.400142][T14432]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1070.400164][T14432] RIP: 0033:0x7f7dad38eb69
[ 1070.400184][T14432] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1070.400203][T14432] RSP: 002b:00007f7dae152038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[ 1070.400226][T14432] RAX: ffffffffffffffda RBX: 00007f7dad5b6080 RCX: 00007f7dad38eb69
[ 1070.400242][T14432] RDX: 0000200000000500 RSI: 0000200000000080 RDI: 0000200000000000
[ 1070.400258][T14432] RBP: 00007f7dae152090 R08: 0000000000000002 R09: 0000000000000000
[ 1070.400273][T14432] R10: 0000000000000024 R11: 0000000000000246 R12: 0000000000000001
[ 1070.400286][T14432] R13: 0000000000000000 R14: 00007f7dad5b6080 R15: 00007ffd9275c268
[ 1070.400322][T14432]  </TASK>
[ 1073.008159][T14495] sp0: Synchronizing with TNC
[ 1073.870175][T14496] hsr0: entered allmulticast mode
[ 1073.904011][T14496] hsr_slave_0: entered allmulticast mode
[ 1073.941884][T14496] hsr_slave_1: entered allmulticast mode
[ 1074.020831][T14498] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1075.422558][T14515] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2259'.
[ 1075.497585][T14508] syz.1.2257 (14508): attempted to duplicate a private mapping with mremap.  This is not supported.
[ 1075.951860][T12759] usb 5-1: new full-speed USB device number 33 using dummy_hcd
[ 1076.751422][T12759] usb 5-1: config 0 has an invalid interface number: 138 but max is 0
[ 1076.761056][T12759] usb 5-1: config 0 has no interface number 0
[ 1076.767757][T12759] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=c8.66
[ 1076.777989][T12759] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1076.819558][T12759] usb 5-1: config 0 descriptor??
[ 1079.260227][T12759] usb 5-1: string descriptor 0 read error: -71
[ 1079.420621][T12759] usbtest 5-1:0.138: couldn't get endpoints, -22
[ 1079.682174][T12759] usbtest 5-1:0.138: probe with driver usbtest failed with error -22
[ 1079.750687][T12759] usb 5-1: USB disconnect, device number 33
[ 1079.937275][T14551] x_tables: duplicate underflow at hook 3
[ 1080.277024][T14558] (syz.7.2271,14558,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[ 1080.286820][T14558] (syz.7.2271,14558,1):ocfs2_fill_super:1177 ERROR: status = -22
[ 1080.718519][T14557] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2272'.
[ 1080.842750][T14557] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[ 1081.323350][T14569] fuse: Bad value for 'fd'
[ 1081.334875][   T30] audit: type=1326 audit(1754376145.174:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14568 comm="syz.5.2276" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0d1df8eb69 code=0x0
[ 1081.514904][T14573] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2276'.
[ 1081.539706][T14573] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2276'.
[ 1081.880068][T14572] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2276'.
[ 1082.408068][T14572] 9pnet_fd: p9_fd_create_tcp (14572): problem binding to privport
[ 1084.329892][T14593] fuse: Unknown parameter 'fd0x0000000000000007'
[ 1084.353343][T14593] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1084.363086][T14593] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1084.536201][T14595] netlink: 68 bytes leftover after parsing attributes in process `syz.1.2283'.
[ 1084.829172][T12759] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[ 1084.987644][T14599] sp0: Synchronizing with TNC
[ 1085.876634][T12759] usb 2-1: Using ep0 maxpacket: 16
[ 1085.891793][T12759] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1086.128379][T12759] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1086.139040][T12759] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1086.157321][T12759] usb 2-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[ 1086.167363][T12759] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1086.178466][T12759] usb 2-1: config 0 descriptor??
[ 1086.199602][T12759] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input35
[ 1086.931725][ T5190] pxrc 2-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[ 1087.025200][ T5190] pxrc 2-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[ 1087.105541][ T5190] pxrc 2-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[ 1087.108917][T12759] usb 2-1: USB disconnect, device number 35
[ 1088.413828][T14624] 9pnet_fd: Insufficient options for proto=fd
[ 1089.003622][T14628] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2285'.
[ 1090.977185][T12759] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[ 1091.158435][T12759] usb 2-1: Using ep0 maxpacket: 32
[ 1091.175876][T12759] usb 2-1: config 0 has an invalid interface number: 183 but max is 0
[ 1091.188707][T12759] usb 2-1: config 0 has no interface number 0
[ 1091.195837][T12759] usb 2-1: config 0 interface 183 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 528
[ 1091.209197][T12759] usb 2-1: New USB device found, idVendor=06d0, idProduct=0622, bcdDevice=70.f8
[ 1091.222207][T12759] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1091.230597][T12759] usb 2-1: Product: syz
[ 1091.234938][T12759] usb 2-1: Manufacturer: syz
[ 1091.240589][T12759] usb 2-1: SerialNumber: syz
[ 1091.343382][T12759] usb 2-1: config 0 descriptor??
[ 1091.349332][T14649] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1091.654658][T14661] sp0: Synchronizing with TNC
[ 1091.760167][T14647] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1092.404584][T12759] net1080 2-1:0.183 usb0: register 'net1080' at usb-dummy_hcd.1-1, NetChip TurboCONNECT, e2:24:9d:e8:eb:08
[ 1092.638069][T12759] usb 2-1: USB disconnect, device number 36
[ 1092.646261][T12759] net1080 2-1:0.183 usb0: unregister 'net1080' usb-dummy_hcd.1-1, NetChip TurboCONNECT
[ 1094.046413][T14676] netlink: 'syz.1.2301': attribute type 10 has an invalid length.
[ 1094.073164][T14672] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2300'.
[ 1095.806589][ T5960] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[ 1095.966563][ T5960] usb 2-1: device descriptor read/64, error -71
[ 1096.168732][T14696] dummy0 speed is unknown, defaulting to 1000
[ 1096.243903][ T5846] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1096.261732][ T5846] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1096.270312][ T5960] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[ 1096.319937][ T5846] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1096.330055][ T5846] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1096.340541][ T5846] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1096.434253][T14699] dummy0 speed is unknown, defaulting to 1000
[ 1096.466815][ T5960] usb 2-1: device descriptor read/64, error -71
[ 1096.579889][ T5960] usb usb2-port1: attempt power cycle
[ 1096.641041][T14702] QAT: Device 244 not found
[ 1096.870584][T14699] chnl_net:caif_netlink_parms(): no params data found
[ 1097.113987][T14699] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1097.128651][T14699] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1097.136892][ T5960] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[ 1097.145003][T14699] bridge_slave_0: entered allmulticast mode
[ 1097.153159][T14699] bridge_slave_0: entered promiscuous mode
[ 1097.159759][ T5960] usb 2-1: device descriptor read/8, error -71
[ 1097.170928][T14699] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1097.179392][T14699] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1097.186753][T14699] bridge_slave_1: entered allmulticast mode
[ 1097.195845][T14699] bridge_slave_1: entered promiscuous mode
[ 1097.293046][T14699] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1097.328768][T14699] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1097.417028][ T5960] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[ 1097.448251][ T5960] usb 2-1: device descriptor read/8, error -71
[ 1097.462243][T14699] team0: Port device team_slave_0 added
[ 1097.482978][T14699] team0: Port device team_slave_1 added
[ 1097.567168][ T5960] usb usb2-port1: unable to enumerate USB device
[ 1097.596075][T14699] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1097.611266][T14699] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1097.666840][T14699] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1097.696231][T14699] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1097.714681][T14699] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1097.755455][T14699] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1097.892987][T14699] hsr_slave_0: entered promiscuous mode
[ 1097.900639][T14699] hsr_slave_1: entered promiscuous mode
[ 1098.090376][T14723] 9pnet_fd: Insufficient options for proto=fd
[ 1098.099320][T14723] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2309'.
[ 1098.472371][ T5833] Bluetooth: hci0: command tx timeout
[ 1099.466659][ T1209] usb 6-1: new full-speed USB device number 30 using dummy_hcd
[ 1099.486999][T14699] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1099.501124][T14699] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1099.513847][T14699] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1099.571021][T14699] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1099.635752][ T1209] usb 6-1: config 0 has an invalid interface number: 138 but max is 0
[ 1099.693169][ T1209] usb 6-1: config 0 has no interface number 0
[ 1099.724837][ T1209] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=c8.66
[ 1099.768525][ T1209] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1099.887425][ T1209] usb 6-1: config 0 descriptor??
[ 1100.206126][ T1209] usb 6-1: string descriptor 0 read error: -71
[ 1100.232873][ T1209] usbtest 6-1:0.138: couldn't get endpoints, -22
[ 1100.247080][ T1209] usbtest 6-1:0.138: probe with driver usbtest failed with error -22
[ 1100.266297][ T1209] usb 6-1: USB disconnect, device number 30
[ 1100.536756][ T5833] Bluetooth: hci0: command tx timeout
[ 1100.566353][T14699] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1100.589852][T14699] 8021q: adding VLAN 0 to HW filter on device team0
[ 1100.604203][ T8778] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1100.611478][ T8778] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1100.632705][T14476] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1100.639948][T14476] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1100.747608][   T24] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[ 1100.816831][ T5840] usb 5-1: new low-speed USB device number 34 using dummy_hcd
[ 1100.898520][T14699] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1100.911194][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1100.929006][   T24] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 79
[ 1100.940179][   T24] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1100.954290][   T24] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.de
[ 1100.964723][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1100.985846][   T24] usb 2-1: config 0 descriptor??
[ 1100.993320][ T5840] usb 5-1: descriptor type invalid, skip
[ 1100.999490][ T5840] usb 5-1: No LPM exit latency info found, disabling LPM.
[ 1101.011851][T14746] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1101.030636][ T5840] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1101.043074][ T5840] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1101.062254][ T5840] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1101.073398][T12759] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[ 1101.092057][ T5840] usb 5-1: string descriptor 0 read error: -22
[ 1101.103152][ T5840] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1101.115829][ T5840] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1101.141884][ T5840] usb 5-1: 0:2 : does not exist
[ 1101.232546][   T24] ath6kl: Failed to submit usb control message: -71
[ 1101.241354][T12759] usb 6-1: Using ep0 maxpacket: 16
[ 1101.252951][   T24] ath6kl: unable to send the bmi data to the device: -71
[ 1101.286404][   T24] ath6kl: Unable to send get target info: -71
[ 1101.291104][T14699] veth0_vlan: entered promiscuous mode
[ 1101.308786][T12759] usb 6-1: New USB device found, idVendor=0413, idProduct=6026, bcdDevice=18.aa
[ 1101.318460][T14699] veth1_vlan: entered promiscuous mode
[ 1101.323606][T12759] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1101.332460][   T24] ath6kl: Failed to init ath6kl core: -71
[ 1101.343939][   T24] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -71
[ 1101.352599][T12759] usb 6-1: Product: syz
[ 1101.365026][ T5960] usb 5-1: USB disconnect, device number 34
[ 1101.367805][T12759] usb 6-1: Manufacturer: syz
[ 1101.375605][T12759] usb 6-1: SerialNumber: syz
[ 1101.410149][   T24] usb 2-1: USB disconnect, device number 41
[ 1101.417499][T12759] usb 6-1: config 0 descriptor??
[ 1101.430095][T14699] veth0_macvtap: entered promiscuous mode
[ 1101.441547][T12759] dvb-usb: found a 'Leadtek - USB2.0 Winfast DTV dongle' in warm state.
[ 1101.450424][T14699] veth1_macvtap: entered promiscuous mode
[ 1101.467490][T12759] dvb-usb: bulk message failed: -22 (3/0)
[ 1101.482163][T12759] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1101.492715][T12759] dvbdev: DVB: registering new adapter (Leadtek - USB2.0 Winfast DTV dongle)
[ 1101.493838][T14699] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1101.503402][T12759] usb 6-1: media controller created
[ 1101.534270][T14699] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1101.541444][T12759] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1101.551140][T14699] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1101.569392][T14699] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1101.569828][T12759] dvb-usb: bulk message failed: -22 (6/0)
[ 1101.581125][T14699] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1101.587969][T12759] dvb-usb: bulk message failed: -22 (6/0)
[ 1101.594146][T14699] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1101.603194][T12759] dvb-usb: no frontend was attached by 'Leadtek - USB2.0 Winfast DTV dongle'
[ 1101.621058][T12759] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input36
[ 1101.642130][T12759] dvb-usb: schedule remote query interval to 150 msecs.
[ 1101.652767][T12759] dvb-usb: Leadtek - USB2.0 Winfast DTV dongle successfully initialized and connected.
[ 1101.670873][T12759] usb 6-1: USB disconnect, device number 31
[ 1101.731365][T12759] dvb-usb: Leadtek - USB2.0 Winfast DTV dongle successfully deinitialized and disconnected.
[ 1101.757395][ T8778] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1101.772735][ T8778] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1101.798696][T10669] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1101.807295][T10669] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1102.698228][T14772] 9pnet_fd: Insufficient options for proto=fd
[ 1102.705804][T14772] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2319'.
[ 1103.097735][ T5833] Bluetooth: hci0: command tx timeout
[ 1105.382916][ T5833] Bluetooth: hci0: command tx timeout
[ 1109.181341][T14812] netlink: 'syz.1.2332': attribute type 3 has an invalid length.
[ 1109.189366][T14812] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.2332'.
[ 1109.968523][ T5940] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[ 1110.596940][ T5940] usb 6-1: Using ep0 maxpacket: 8
[ 1110.614515][ T5940] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1110.664352][ T5940] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1110.924661][ T5940] usb 6-1: New USB device found, idVendor=046d, idProduct=c343, bcdDevice= 0.00
[ 1110.934531][ T5940] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1110.969852][ T5940] usb 6-1: config 0 descriptor??
[ 1111.556946][ T5940] usbhid 6-1:0.0: can't add hid device: -71
[ 1111.640136][ T5940] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1111.989708][ T5940] usb 6-1: USB disconnect, device number 32
[ 1112.081496][T14854] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2340'.
[ 1112.326528][ T5960] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[ 1113.378712][ T5960] usb 9-1: config 0 has an invalid interface number: 138 but max is 0
[ 1113.387501][ T5960] usb 9-1: config 0 has no interface number 0
[ 1113.397491][ T5960] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=c8.66
[ 1113.412799][ T5960] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1113.432824][ T5960] usb 9-1: config 0 descriptor??
[ 1113.645141][ T5960] usb 9-1: string descriptor 0 read error: -71
[ 1113.658570][ T5960] usbtest 9-1:0.138: couldn't get endpoints, -22
[ 1113.835594][ T5960] usbtest 9-1:0.138: probe with driver usbtest failed with error -22
[ 1113.846879][ T5960] usb 9-1: USB disconnect, device number 2
[ 1116.109308][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1117.779000][ T5833] Bluetooth: hci4: unexpected event for opcode 0x2031
[ 1117.842474][T14914] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2357'.
[ 1117.873633][T14913] Bluetooth: (null): Out-of-order packet arrived (4 != 0)
[ 1117.988846][   T30] audit: type=1326 audit(1754376181.834:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14910 comm="syz.5.2358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1df8eb69 code=0x7ffc0000
[ 1118.062480][   T30] audit: type=1326 audit(1754376181.864:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14910 comm="syz.5.2358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0d1df8eb69 code=0x7ffc0000
[ 1118.231081][   T30] audit: type=1326 audit(1754376181.864:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14910 comm="syz.5.2358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1df8eb69 code=0x7ffc0000
[ 1118.281848][   T30] audit: type=1326 audit(1754376181.864:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14910 comm="syz.5.2358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f0d1df8eb69 code=0x7ffc0000
[ 1118.514722][T14921] bio_check_eod: 2 callbacks suppressed
[ 1118.514745][T14921] syz.4.2359: attempt to access beyond end of device
[ 1118.514745][T14921] nbd4: rw=0, sector=64, nr_sectors = 8 limit=0
[ 1118.535257][T14921] syz.4.2359: attempt to access beyond end of device
[ 1118.535257][T14921] nbd4: rw=0, sector=120, nr_sectors = 8 limit=0
[ 1118.549123][T14921] Mount JFS Failure: -5
[ 1119.262659][   T30] audit: type=1326 audit(1754376181.864:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14910 comm="syz.5.2358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1df8eb69 code=0x7ffc0000
[ 1119.284585][   T30] audit: type=1326 audit(1754376181.864:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14910 comm="syz.5.2358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=59 compat=0 ip=0x7f0d1df8eb69 code=0x7ffc0000
[ 1119.662131][   T30] audit: type=1326 audit(1754376181.864:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14910 comm="syz.5.2358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1df8eb69 code=0x7ffc0000
[ 1119.887612][   T30] audit: type=1326 audit(1754376181.864:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14910 comm="syz.5.2358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f0d1df8eb69 code=0x7ffc0000
[ 1119.909315][   T30] audit: type=1326 audit(1754376181.864:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14910 comm="syz.5.2358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1df8eb69 code=0x7ffc0000
[ 1119.930961][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1120.142623][   T30] audit: type=1326 audit(1754376181.864:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14910 comm="syz.5.2358" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d1df8eb69 code=0x7ffc0000
[ 1120.164230][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1124.957308][T14979] gretap0: entered promiscuous mode
[ 1124.966148][T14979] gretap0: left promiscuous mode
[ 1125.032884][T14981] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1125.043104][T14981] batadv_slave_1: entered promiscuous mode
[ 1125.064665][T14981] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1126.814643][T15001] netlink: 5224 bytes leftover after parsing attributes in process `syz.5.2383'.
[ 1127.594171][T15007] netlink: 209840 bytes leftover after parsing attributes in process `syz.4.2387'.
[ 1127.645601][T15009] netlink: 'syz.5.2386': attribute type 10 has an invalid length.
[ 1127.897277][T15018] overlayfs: missing 'lowerdir'
[ 1130.382007][T15031] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[ 1133.229068][T15038] netlink: 64985 bytes leftover after parsing attributes in process `syz.4.2395'.
[ 1133.677147][T15038] dummy0 speed is unknown, defaulting to 1000
[ 1134.986489][ T5840] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[ 1135.171151][ T5840] usb 6-1: New USB device found, idVendor=0471, idProduct=0329, bcdDevice=db.da
[ 1135.558672][ T5840] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1135.604299][ T5840] usb 6-1: config 0 descriptor??
[ 1135.640183][ T5840] pwc: Philips SPC 900NC USB webcam detected.
[ 1137.513470][T15072] sp0: Synchronizing with TNC
[ 1139.314878][ T5840] pwc: send_video_command error -71
[ 1139.324844][ T5840] pwc: Failed to set video mode VGA@30 fps; return code = -71
[ 1139.343649][ T5840] Philips webcam 6-1:0.0: probe with driver Philips webcam failed with error -71
[ 1139.368680][ T5840] usb 6-1: USB disconnect, device number 33
[ 1140.270806][T15090] workqueue: Failed to create a rescuer kthread for wq "xfs-buf/nullb0": -EINTR
[ 1141.581086][T15107] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1141.855966][T15112] netlink: 64985 bytes leftover after parsing attributes in process `syz.8.2416'.
[ 1142.114106][T15112] dummy0 speed is unknown, defaulting to 1000
[ 1142.594015][T15136] netlink: 'syz.7.2423': attribute type 11 has an invalid length.
[ 1142.685352][T15133] cgroup: fork rejected by pids controller in /syz1
[ 1143.649487][T13248] bridge0: port 3(syz_tun) entered disabled state
[ 1143.715580][T13248] syz_tun (unregistering): left allmulticast mode
[ 1143.742601][T13248] syz_tun (unregistering): left promiscuous mode
[ 1143.962180][T13248] bridge0: port 3(syz_tun) entered disabled state
[ 1144.797630][T15261] libceph: resolve '.
[ 1144.797630][T15261] #)|.��f��ǝ�a���2s�o�w���?�'�%ЏKAq�f��C���z�e�Sb3L)Hy�o����������Ǥ�Y�M�����h�E$
[ 1144.797630][T15261] ' (ret=-3): failed
[ 1145.334050][T15271] fuse: Bad value for 'user_id'
[ 1145.334066][T15271] fuse: Bad value for 'user_id'
[ 1145.336047][T15271] x_tables: unsorted entry at hook 1
[ 1145.344295][ T5960] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[ 1145.354240][ T5960] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1146.032482][T15277] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1146.550574][T15285] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[ 1149.189907][T15305] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000)
[ 1149.251261][ T5846] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1149.260489][ T5846] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1149.270595][ T5846] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1149.283376][ T5846] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1149.293824][ T5846] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1149.342456][T15307] dummy0 speed is unknown, defaulting to 1000
[ 1149.645677][T12759] usb 9-1: new full-speed USB device number 3 using dummy_hcd
[ 1149.949912][T12759] usb 9-1: config 0 has an invalid interface number: 138 but max is 0
[ 1150.236761][T12759] usb 9-1: config 0 has no interface number 0
[ 1150.242960][T12759] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=c8.66
[ 1150.297529][T12759] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1150.325048][T12759] usb 9-1: config 0 descriptor??
[ 1150.355785][T15307] chnl_net:caif_netlink_parms(): no params data found
[ 1151.302738][T12759] usb 9-1: string descriptor 0 read error: -71
[ 1151.325607][T12759] usbtest 9-1:0.138: couldn't get endpoints, -22
[ 1151.337042][ T5833] Bluetooth: hci2: command tx timeout
[ 1151.459324][T15335] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1151.464495][T12759] usbtest 9-1:0.138: probe with driver usbtest failed with error -22
[ 1151.480661][T12759] usb 9-1: USB disconnect, device number 3
[ 1151.482165][T15307] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1151.517402][T15307] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1151.525078][T15307] bridge_slave_0: entered allmulticast mode
[ 1151.601048][T15307] bridge_slave_0: entered promiscuous mode
[ 1151.621943][T15307] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1151.640540][T15307] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1151.676950][T15307] bridge_slave_1: entered allmulticast mode
[ 1151.685186][T15307] bridge_slave_1: entered promiscuous mode
[ 1151.740037][T15307] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1151.752141][T15307] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1152.172118][T15307] team0: Port device team_slave_0 added
[ 1152.995430][T15307] team0: Port device team_slave_1 added
[ 1153.142080][T15307] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1153.163766][T15307] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1153.242066][T15307] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1153.325026][T15307] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1153.338300][T15307] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1153.417986][ T5833] Bluetooth: hci2: command tx timeout
[ 1153.458863][T15307] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1153.496721][ T5960] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1153.626199][T15307] hsr_slave_0: entered promiscuous mode
[ 1153.647127][ T5960] usb 9-1: device descriptor read/64, error -71
[ 1153.651483][T15307] hsr_slave_1: entered promiscuous mode
[ 1153.674516][T15307] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1153.699244][T15307] Cannot create hsr debugfs directory
[ 1153.956713][ T5960] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1154.789609][ T5960] usb 9-1: device descriptor read/64, error -71
[ 1154.851004][T15355] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1154.862220][T15355] bond0: (slave rose0): Enslaving as an active interface with an up link
[ 1154.960151][ T5960] usb usb9-port1: attempt power cycle
[ 1155.497228][ T5833] Bluetooth: hci2: command tx timeout
[ 1155.497329][ T5960] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[ 1155.609039][ T5960] usb 9-1: device descriptor read/8, error -71
[ 1155.936964][ T5960] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[ 1156.018818][ T5960] usb 9-1: device descriptor read/8, error -71
[ 1156.096975][T15307] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1156.142560][ T5960] usb usb9-port1: unable to enumerate USB device
[ 1156.190795][T15307] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1156.775226][T15307] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1156.821633][T15367] netlink: 24 bytes leftover after parsing attributes in process `syz.8.2456'.
[ 1156.843802][T15307] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1157.011142][   T30] audit: type=1800 audit(1754376220.844:334): pid=15364 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.5.2455" name="/" dev="9p" ino=2 res=0 errno=0
[ 1157.133031][T15307] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1157.216982][T15307] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1157.586613][ T5833] Bluetooth: hci2: command tx timeout
[ 1158.379271][T15376] tty tty34: ldisc open failed (-12), clearing slot 33
[ 1158.511116][T15307] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1158.909049][T15307] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1160.098428][T15388] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1161.810236][T15396] sp0: Synchronizing with TNC
[ 1162.577326][T15406] FAULT_INJECTION: forcing a failure.
[ 1162.577326][T15406] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1162.639880][T15406] CPU: 0 UID: 0 PID: 15406 Comm: syz.7.2466 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1162.639913][T15406] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1162.639927][T15406] Call Trace:
[ 1162.639936][T15406]  <TASK>
[ 1162.639946][T15406]  dump_stack_lvl+0x189/0x250
[ 1162.639977][T15406]  ? __pfx____ratelimit+0x10/0x10
[ 1162.640002][T15406]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1162.640035][T15406]  ? __pfx__printk+0x10/0x10
[ 1162.640064][T15406]  ? __might_fault+0xb0/0x130
[ 1162.640110][T15406]  should_fail_ex+0x414/0x560
[ 1162.640138][T15406]  _copy_from_iter+0x1db/0x16f0
[ 1162.640170][T15406]  ? rcu_is_watching+0x15/0xb0
[ 1162.640196][T15406]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[ 1162.640220][T15406]  ? __pfx__copy_from_iter+0x10/0x10
[ 1162.640249][T15406]  ? __build_skb_around+0x257/0x3e0
[ 1162.640283][T15406]  ? netlink_sendmsg+0x642/0xb30
[ 1162.640311][T15406]  ? skb_put+0x11b/0x210
[ 1162.640346][T15406]  netlink_sendmsg+0x6b2/0xb30
[ 1162.640387][T15406]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1162.640427][T15406]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1162.640448][T15406]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1162.640480][T15406]  __sock_sendmsg+0x21c/0x270
[ 1162.640509][T15406]  ____sys_sendmsg+0x505/0x830
[ 1162.640549][T15406]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1162.640593][T15406]  ? import_iovec+0x74/0xa0
[ 1162.640626][T15406]  ___sys_sendmsg+0x21f/0x2a0
[ 1162.640662][T15406]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1162.640736][T15406]  ? __fget_files+0x2a/0x420
[ 1162.640760][T15406]  ? __fget_files+0x3a0/0x420
[ 1162.640796][T15406]  __x64_sys_sendmsg+0x19b/0x260
[ 1162.640832][T15406]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1162.640876][T15406]  ? __pfx_ksys_write+0x10/0x10
[ 1162.640912][T15406]  ? rcu_is_watching+0x15/0xb0
[ 1162.640959][T15406]  ? do_syscall_64+0xbe/0x3b0
[ 1162.640987][T15406]  do_syscall_64+0xfa/0x3b0
[ 1162.641010][T15406]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1162.641038][T15406]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1162.641059][T15406]  ? clear_bhb_loop+0x60/0xb0
[ 1162.641085][T15406]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1162.641106][T15406] RIP: 0033:0x7fba7338eb69
[ 1162.641124][T15406] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1162.641143][T15406] RSP: 002b:00007fba74132038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1162.641165][T15406] RAX: ffffffffffffffda RBX: 00007fba735b5fa0 RCX: 00007fba7338eb69
[ 1162.641180][T15406] RDX: 0000000000040040 RSI: 0000200000000880 RDI: 0000000000000006
[ 1162.641212][T15406] RBP: 00007fba74132090 R08: 0000000000000000 R09: 0000000000000000
[ 1162.641226][T15406] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1162.641238][T15406] R13: 0000000000000000 R14: 00007fba735b5fa0 R15: 00007ffc9f60eff8
[ 1162.641273][T15406]  </TASK>
[ 1163.810008][T15307] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1163.834552][T15307] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1164.145564][T15307] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1164.174379][T15307] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1164.620546][ T5960] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[ 1165.066583][ T5960] usb 9-1: Using ep0 maxpacket: 8
[ 1165.074139][ T5960] usb 9-1: config 0 has an invalid interface number: 52 but max is 0
[ 1165.087156][ T5960] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1165.112849][ T5960] usb 9-1: config 0 has no interface number 0
[ 1165.152082][ T5960] usb 9-1: config 0 interface 52 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1165.177585][T15307] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1165.201994][T15307] 8021q: adding VLAN 0 to HW filter on device team0
[ 1165.217954][ T5960] usb 9-1: config 0 interface 52 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1165.227002][T14476] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1165.236243][T14476] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1165.246798][ T5960] usb 9-1: config 0 interface 52 altsetting 1 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1165.278721][T14476] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1165.285922][T14476] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1165.293959][ T5960] usb 9-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1165.356986][ T5960] usb 9-1: config 0 interface 52 has no altsetting 0
[ 1165.363791][ T5960] usb 9-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[ 1165.407261][ T5960] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1165.436081][ T5960] usb 9-1: config 0 descriptor??
[ 1165.702909][ T5960] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.52/input/input37
[ 1166.103061][   T10] usb 9-1: USB disconnect, device number 8
[ 1166.103092][    C1] synaptics_usb 9-1:0.52: synusb_irq - usb_submit_urb failed with result: -19
[ 1167.890966][T15307] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1168.042724][T15307] veth0_vlan: entered promiscuous mode
[ 1168.055941][T15307] veth1_vlan: entered promiscuous mode
[ 1168.065363][ T5960] kernel write not supported for file bpf-prog (pid: 5960 comm: kworker/0:6)
[ 1168.108774][T15307] veth0_macvtap: entered promiscuous mode
[ 1168.125372][T15307] veth1_macvtap: entered promiscuous mode
[ 1168.168376][T15307] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1168.192789][T15307] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1168.207983][T15307] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1168.230983][T15307] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1168.255305][T15307] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1168.273652][T15307] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1168.282592][   T24] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[ 1168.486915][   T24] usb 5-1: Using ep0 maxpacket: 8
[ 1168.499832][   T24] usb 5-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1168.523754][   T24] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x93, changing to 0x83
[ 1168.550193][T14473] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1168.565172][T14473] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1168.579107][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1168.623159][   T24] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1168.666174][   T24] usb 5-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[ 1168.706695][T14480] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1168.714558][T14480] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1168.729322][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1168.765690][   T24] usb 5-1: Product: syz
[ 1168.785953][T15464] ALSA: mixer_oss: invalid OSS volume 'X�h8^'
[ 1168.796040][   T24] usb 5-1: Manufacturer: syz
[ 1168.802184][T15464] ALSA: mixer_oss: invalid OSS volume 'p'
[ 1168.812296][   T24] usb 5-1: SerialNumber: syz
[ 1168.852568][   T24] usb 5-1: config 0 descriptor??
[ 1168.944099][   T24] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input38
[ 1169.696694][T15475] netlink: 5224 bytes leftover after parsing attributes in process `syz.8.2480'.
[ 1171.356780][T15452] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[ 1171.364228][T15452] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[ 1171.590078][T15452] vhci_hcd vhci_hcd.0: Device attached
[ 1172.740268][T15491] xt_hashlimit: size too large, truncated to 1048576
[ 1172.995436][T12759] usb 42-1: SetAddress Request (2) to port 0
[ 1173.026669][T12759] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd
[ 1173.263138][T15485] vhci_hcd: sendmsg failed!, ret=-32 for 48
[ 1173.264671][T15483] vhci_hcd: connection closed
[ 1173.279966][   T24] imon:send_packet: packet tx failed (-71)
[ 1173.304937][ T8828] vhci_hcd: stop threads
[ 1173.323847][ T8828] vhci_hcd: release socket
[ 1173.377325][   T24] imon 5-1:0.0: panel buttons/knobs setup failed
[ 1173.828129][ T8828] vhci_hcd: disconnect device
[ 1174.197325][T15503] hsr0: entered promiscuous mode
[ 1174.446626][   T24] rc_core: IR keymap rc-imon-pad not found
[ 1174.453434][   T24] Registered IR keymap rc-empty
[ 1174.476778][   T24] imon 5-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[ 1174.844079][   T24] imon 5-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[ 1174.857332][T15515] FAULT_INJECTION: forcing a failure.
[ 1174.857332][T15515] name failslab, interval 1, probability 0, space 0, times 0
[ 1174.872674][T15515] CPU: 0 UID: 0 PID: 15515 Comm: syz.7.2492 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1174.872702][T15515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1174.872719][T15515] Call Trace:
[ 1174.872728][T15515]  <TASK>
[ 1174.872738][T15515]  dump_stack_lvl+0x189/0x250
[ 1174.872767][T15515]  ? __pfx____ratelimit+0x10/0x10
[ 1174.872791][T15515]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1174.872815][T15515]  ? __pfx__printk+0x10/0x10
[ 1174.872845][T15515]  ? __pfx___might_resched+0x10/0x10
[ 1174.872867][T15515]  ? fs_reclaim_acquire+0x7d/0x100
[ 1174.872898][T15515]  should_fail_ex+0x414/0x560
[ 1174.872926][T15515]  should_failslab+0xa8/0x100
[ 1174.872952][T15515]  __kmalloc_noprof+0xcb/0x4f0
[ 1174.872973][T15515]  ? __list_lru_init+0xba/0x5c0
[ 1174.873002][T15515]  __list_lru_init+0xba/0x5c0
[ 1174.873028][T15515]  ? __raw_spin_lock_init+0x45/0x100
[ 1174.873063][T15515]  alloc_super+0x7cb/0x970
[ 1174.873106][T15515]  ? __pfx_afs_dynroot_test_super+0x10/0x10
[ 1174.873136][T15515]  sget_fc+0x329/0xa40
[ 1174.873166][T15515]  ? __pfx_afs_set_super+0x10/0x10
[ 1174.873198][T15515]  afs_get_tree+0x5fe/0x1030
[ 1174.873246][T15515]  ? safesetid_security_capable+0xa9/0x1a0
[ 1174.873279][T15515]  vfs_get_tree+0x92/0x2b0
[ 1174.873304][T15515]  do_new_mount+0x24a/0xa40
[ 1174.873338][T15515]  __se_sys_mount+0x317/0x410
[ 1174.873369][T15515]  ? __pfx___se_sys_mount+0x10/0x10
[ 1174.873389][T15515]  ? rcu_is_watching+0x15/0xb0
[ 1174.873419][T15515]  ? do_syscall_64+0xbe/0x3b0
[ 1174.873442][T15515]  ? __x64_sys_mount+0x20/0xc0
[ 1174.873470][T15515]  do_syscall_64+0xfa/0x3b0
[ 1174.873492][T15515]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1174.873515][T15515]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1174.873536][T15515]  ? clear_bhb_loop+0x60/0xb0
[ 1174.873564][T15515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1174.873585][T15515] RIP: 0033:0x7fba7338eb69
[ 1174.873604][T15515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1174.873624][T15515] RSP: 002b:00007fba74111038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1174.873648][T15515] RAX: ffffffffffffffda RBX: 00007fba735b6080 RCX: 00007fba7338eb69
[ 1174.873664][T15515] RDX: 00002000000002c0 RSI: 00002000000001c0 RDI: 0000000000000000
[ 1174.873679][T15515] RBP: 00007fba74111090 R08: 0000200000000400 R09: 0000000000000000
[ 1174.873692][T15515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1174.873702][T15515] R13: 0000000000000000 R14: 00007fba735b6080 R15: 00007ffc9f60eff8
[ 1174.873728][T15515]  </TASK>
[ 1174.877182][   T24] imon:send_packet: packet tx failed (-71)
[ 1175.060989][T15521] 9pnet_fd: Insufficient options for proto=fd
[ 1176.212837][T15527] openvswitch: netlink: IP tunnel TTL not specified.
[ 1176.596645][ T5972] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[ 1176.708057][   T24] imon 5-1:0.0: remote input dev register failed
[ 1176.717981][   T24] imon 5-1:0.0: imon_init_intf0: rc device setup failed
[ 1176.916640][ T5972] usb 2-1: Using ep0 maxpacket: 8
[ 1176.958312][ T5972] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[ 1176.995059][ T5972] usb 2-1: config 179 has no interface number 0
[ 1176.996851][   T24] imon 5-1:0.0: unable to initialize intf0, err 0
[ 1177.015564][T15531] x_tables: duplicate underflow at hook 1
[ 1177.021977][   T24] imon:imon_probe: failed to initialize context!
[ 1177.022056][   T24] imon 5-1:0.0: unable to register, err -19
[ 1177.029469][   T24] usb 5-1: USB disconnect, device number 35
[ 1177.043876][ T5972] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1177.062237][ T5972] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1177.073943][ T5972] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1177.085474][ T5972] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1177.097797][ T5972] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1177.113170][ T5972] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1177.124869][ T5972] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1177.148536][T15527] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1177.172071][ T5972] xpad 2-1:179.65: probe with driver xpad failed with error -5
[ 1177.246591][ T5931] usb 6-1: new full-speed USB device number 34 using dummy_hcd
[ 1177.272295][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.396524][   T24] usb 5-1: new low-speed USB device number 36 using dummy_hcd
[ 1177.593639][T15542] fuse: Bad value for 'fd'
[ 1178.296826][T12759] usb 42-1: device descriptor read/8, error -110
[ 1178.317675][ T5931] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[ 1178.341633][ T5911] usb 2-1: USB disconnect, device number 42
[ 1178.353997][ T5931] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[ 1178.368533][ T5931] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[ 1178.384750][ T5931] usb 6-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 1178.395391][ T5931] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1178.403933][ T5931] usb 6-1: Product: syz
[ 1178.408966][ T5931] usb 6-1: Manufacturer: syz
[ 1178.413588][ T5931] usb 6-1: SerialNumber: syz
[ 1178.445316][ T5931] usb 6-1: config 0 descriptor??
[ 1178.462244][T15532] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1178.470734][T15532] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1178.493550][ T5931] usb 6-1: ucan: probing device on interface #0
[ 1178.500243][   T24] usb 5-1: Invalid ep0 maxpacket: 64
[ 1178.647100][   T24] usb 5-1: new low-speed USB device number 37 using dummy_hcd
[ 1178.706234][   T30] audit: type=1326 audit(1754376242.544:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15554 comm="syz.8.2503" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff7e978eb69 code=0x0
[ 1178.737748][T12759] usb usb42-port1: attempt power cycle
[ 1178.807814][   T24] usb 5-1: Invalid ep0 maxpacket: 64
[ 1178.816245][   T24] usb usb5-port1: attempt power cycle
[ 1179.228998][ T5931] ucan 6-1:0.0 can0: registered device
[ 1179.276595][   T24] usb 5-1: new low-speed USB device number 38 using dummy_hcd
[ 1179.297625][   T24] usb 5-1: Invalid ep0 maxpacket: 64
[ 1179.412708][ T5931] ucan 6-1:0.0 can0: firmware string: w
[ 1179.420664][T12759] usb usb42-port1: unable to enumerate USB device
[ 1179.506663][   T24] usb 5-1: new low-speed USB device number 39 using dummy_hcd
[ 1179.540958][   T24] usb 5-1: Invalid ep0 maxpacket: 64
[ 1179.548666][   T24] usb usb5-port1: unable to enumerate USB device
[ 1179.618147][T15532] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1179.649982][T15532] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1179.684087][T15532] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2496'.
[ 1179.694841][T15532] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2496'.
[ 1179.856846][T15532] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(17)
[ 1179.864408][T15532] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1179.998044][T15532] vhci_hcd vhci_hcd.0: Device attached
[ 1180.048802][T15570] 9pnet_fd: Insufficient options for proto=fd
[ 1180.247184][ T5972] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[ 1180.526217][T15572] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2507'.
[ 1180.597957][T15565] vhci_hcd: connection reset by peer
[ 1180.626255][   T10] usb 6-1: USB disconnect, device number 34
[ 1180.642202][T14476] vhci_hcd: stop threads
[ 1180.667226][T14476] vhci_hcd: release socket
[ 1180.718708][T14476] vhci_hcd: disconnect device
[ 1181.732682][   T10] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[ 1181.739480][T15587] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2511'.
[ 1182.147865][   T10] usb 6-1: Using ep0 maxpacket: 16
[ 1182.261191][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1182.261247][   T10] usb 6-1: New USB device found, idVendor=5543, idProduct=3031, bcdDevice= 0.00
[ 1182.261274][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1182.312660][   T10] usb 6-1: config 0 descriptor??
[ 1182.600731][T15592] sctp: [Deprecated]: syz.1.2512 (pid 15592) Use of int in max_burst socket option.
[ 1182.600731][T15592] Use struct sctp_assoc_value instead
[ 1183.047190][T15579] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1183.599426][T15603] overlayfs: missing 'lowerdir'
[ 1185.599868][ T5972] vhci_hcd: vhci_device speed not set
[ 1186.350674][   T10] usb 6-1: string descriptor 0 read error: -71
[ 1186.397325][   T10] uclogic 0003:5543:3031.000D: failed retrieving string descriptor #200: -71
[ 1186.406266][   T10] uclogic 0003:5543:3031.000D: failed retrieving pen parameters: -71
[ 1186.454679][   T10] uclogic 0003:5543:3031.000D: failed probing pen v2 parameters: -71
[ 1186.477764][   T10] uclogic 0003:5543:3031.000D: failed probing parameters: -71
[ 1186.496946][   T10] uclogic 0003:5543:3031.000D: probe with driver uclogic failed with error -71
[ 1186.527286][   T10] usb 6-1: USB disconnect, device number 35
[ 1186.816705][ T5960] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[ 1186.986653][ T5960] usb 9-1: Using ep0 maxpacket: 16
[ 1187.006544][   T24] usb 2-1: new full-speed USB device number 43 using dummy_hcd
[ 1187.044429][ T5960] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1187.088984][ T5960] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1187.184048][ T5960] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1187.199919][ T5960] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1187.208803][ T5960] usb 9-1: Product: syz
[ 1187.213218][ T5960] usb 9-1: Manufacturer: syz
[ 1187.218237][ T5960] usb 9-1: SerialNumber: syz
[ 1187.327703][ T5940] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[ 1187.633100][ T5940] usb 6-1: config 220 has an invalid interface number: 76 but max is 2
[ 1187.642230][ T5940] usb 6-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[ 1187.652903][ T5960] usb 9-1: 0:2 : does not exist
[ 1187.683606][ T5960] usb 9-1: 5:0: failed to get current value for ch 0 (-22)
[ 1187.691184][ T5940] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1187.722274][ T5940] usb 6-1: config 220 has no interface number 2
[ 1187.734974][ T5940] usb 6-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1187.794813][   T24] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[ 1187.823803][ T5960] usb 9-1: USB disconnect, device number 9
[ 1187.825376][   T24] usb 2-1: config 179 has no interface number 0
[ 1187.989715][ T5940] usb 6-1: config 220 interface 0 has no altsetting 0
[ 1187.990049][   T24] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 64
[ 1188.075868][ T5940] usb 6-1: config 220 interface 76 has no altsetting 0
[ 1188.081044][   T24] usb 2-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid maxpacket 14385, setting to 64
[ 1188.083229][ T5940] usb 6-1: config 220 interface 1 has no altsetting 0
[ 1188.107053][   T24] usb 2-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1188.197126][   T24] usb 2-1: config 179 interface 65 has no altsetting 0
[ 1188.442745][ T5940] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1188.452323][ T5940] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1188.460544][ T5940] usb 6-1: Product: syz
[ 1188.466376][ T5940] usb 6-1: Manufacturer: syz
[ 1188.473725][ T5940] usb 6-1: SerialNumber: syz
[ 1188.479369][   T24] usb 2-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[ 1188.709820][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1188.838971][ T5931] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[ 1188.876952][T15639] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1188.916353][T15651] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2532'.
[ 1188.917393][   T24] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:179.65/input/input40
[ 1188.925650][T15651] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2532'.
[ 1188.963088][ T5940] usb 6-1: selecting invalid altsetting 0
[ 1188.977895][ T5940] usb 6-1: Found UVC 7.01 device syz (8086:0b07)
[ 1188.984441][ T5940] usb 6-1: No valid video chain found.
[ 1189.004468][ T5940] usb 6-1: selecting invalid altsetting 0
[ 1189.014310][ T5940] usbtest 6-1:220.1: probe with driver usbtest failed with error -22
[ 1189.016612][ T5931] usb 5-1: device descriptor read/64, error -71
[ 1189.029597][ T5190] input input40: unable to receive magic message: -110
[ 1189.050923][ T5940] usb 6-1: USB disconnect, device number 36
[ 1189.069348][ T5190] input input40: unable to receive magic message: -32
[ 1189.115849][ T5190] input input40: unable to receive magic message: -32
[ 1189.131900][ T5190] input input40: unable to receive magic message: -32
[ 1189.345689][T14852] usb 2-1: USB disconnect, device number 43
[ 1189.345779][    C1] xpad 2-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 1189.516926][ T5931] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[ 1189.680466][ T5931] usb 5-1: device descriptor read/64, error -71
[ 1189.822096][ T5931] usb usb5-port1: attempt power cycle
[ 1190.187181][ T5931] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[ 1190.230837][ T5931] usb 5-1: device descriptor read/8, error -71
[ 1190.659393][ T5931] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[ 1190.738124][ T5931] usb 5-1: device descriptor read/8, error -71
[ 1190.902828][ T5931] usb usb5-port1: unable to enumerate USB device
[ 1191.277110][T15678] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2540'.
[ 1191.600683][T15678] vlan2: entered promiscuous mode
[ 1191.616869][T15678] bridge0: entered promiscuous mode
[ 1191.630900][T15684] netlink: 264 bytes leftover after parsing attributes in process `syz.4.2542'.
[ 1191.652397][T15678] vlan2: entered allmulticast mode
[ 1191.657945][T15678] bridge0: entered allmulticast mode
[ 1191.963972][T15686] 9pnet_fd: Insufficient options for proto=fd
[ 1191.971433][T15686] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2541'.
[ 1197.215215][T15737] FAULT_INJECTION: forcing a failure.
[ 1197.215215][T15737] name failslab, interval 1, probability 0, space 0, times 0
[ 1197.228955][T15737] CPU: 1 UID: 0 PID: 15737 Comm: syz.5.2554 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1197.229000][T15737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1197.229013][T15737] Call Trace:
[ 1197.229022][T15737]  <TASK>
[ 1197.229032][T15737]  dump_stack_lvl+0x189/0x250
[ 1197.229060][T15737]  ? __pfx____ratelimit+0x10/0x10
[ 1197.229083][T15737]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1197.229108][T15737]  ? __pfx__printk+0x10/0x10
[ 1197.229151][T15737]  should_fail_ex+0x414/0x560
[ 1197.229179][T15737]  should_failslab+0xa8/0x100
[ 1197.229205][T15737]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1197.229227][T15737]  ? sctp_add_bind_addr+0x8c/0x370
[ 1197.229258][T15737]  sctp_add_bind_addr+0x8c/0x370
[ 1197.229289][T15737]  sctp_copy_local_addr_list+0x30b/0x4e0
[ 1197.229319][T15737]  ? sctp_copy_local_addr_list+0x9b/0x4e0
[ 1197.229345][T15737]  ? __pfx_sctp_copy_local_addr_list+0x10/0x10
[ 1197.229377][T15737]  ? sctp_v4_is_any+0x35/0x60
[ 1197.229402][T15737]  ? sctp_copy_one_addr+0x93/0x360
[ 1197.229432][T15737]  sctp_bind_addr_copy+0xb3/0x3c0
[ 1197.229459][T15737]  ? sctp_assoc_set_bind_addr_from_ep+0xa5/0x1a0
[ 1197.229485][T15737]  sctp_connect_new_asoc+0x2e0/0x690
[ 1197.229522][T15737]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[ 1197.229559][T15737]  ? sctp_sendmsg+0xbb3/0x2810
[ 1197.229589][T15737]  ? bpf_lsm_sctp_bind_connect+0x9/0x20
[ 1197.229612][T15737]  ? security_sctp_bind_connect+0x7e/0x2e0
[ 1197.229640][T15737]  sctp_sendmsg+0x155c/0x2810
[ 1197.229685][T15737]  ? __pfx_sctp_sendmsg+0x10/0x10
[ 1197.229739][T15737]  ? sock_rps_record_flow+0x19/0x410
[ 1197.229767][T15737]  ? inet_sendmsg+0x2f4/0x370
[ 1197.229796][T15737]  __sock_sendmsg+0x19c/0x270
[ 1197.229826][T15737]  ____sys_sendmsg+0x505/0x830
[ 1197.229874][T15737]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1197.229918][T15737]  ? import_iovec+0x74/0xa0
[ 1197.229952][T15737]  ___sys_sendmsg+0x21f/0x2a0
[ 1197.229988][T15737]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1197.230064][T15737]  ? __fget_files+0x2a/0x420
[ 1197.230087][T15737]  ? __fget_files+0x3a0/0x420
[ 1197.230124][T15737]  __x64_sys_sendmsg+0x19b/0x260
[ 1197.230161][T15737]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1197.230224][T15737]  do_syscall_64+0xfa/0x3b0
[ 1197.230249][T15737]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1197.230270][T15737]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1197.230291][T15737]  ? clear_bhb_loop+0x60/0xb0
[ 1197.230317][T15737]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1197.230338][T15737] RIP: 0033:0x7f0d1df8eb69
[ 1197.230357][T15737] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1197.230376][T15737] RSP: 002b:00007f0d1ee91038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1197.230398][T15737] RAX: ffffffffffffffda RBX: 00007f0d1e1b6160 RCX: 00007f0d1df8eb69
[ 1197.230414][T15737] RDX: 0000000004000891 RSI: 0000200000000140 RDI: 0000000000000004
[ 1197.230428][T15737] RBP: 00007f0d1ee91090 R08: 0000000000000000 R09: 0000000000000000
[ 1197.230441][T15737] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1197.230453][T15737] R13: 0000000000000000 R14: 00007f0d1e1b6160 R15: 00007ffdd3512f78
[ 1197.230488][T15737]  </TASK>
[ 1197.543470][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1197.876659][ T5931] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[ 1200.621034][T15747] trusted_key: syz.8.2560 sent an empty control message without MSG_MORE.
[ 1202.684797][T15773] FAULT_INJECTION: forcing a failure.
[ 1202.684797][T15773] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1202.686920][T15773] 
[ 1202.686928][T15773] ======================================================
[ 1202.686935][T15773] WARNING: possible circular locking dependency detected
[ 1202.686946][T15773] 6.16.0-syzkaller #0 Not tainted
[ 1202.686955][T15773] ------------------------------------------------------
[ 1202.686961][T15773] syz.1.2567/15773 is trying to acquire lock:
[ 1202.686970][T15773] ffffffff8e133300 (console_owner){-.-.}-{0:0}, at: console_flush_all+0x13a/0xc40
[ 1202.687018][T15773] 
[ 1202.687018][T15773] but task is already holding lock:
[ 1202.687023][T15773] ffff8880b8639e18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[ 1202.687059][T15773] 
[ 1202.687059][T15773] which lock already depends on the new lock.
[ 1202.687059][T15773] 
[ 1202.687064][T15773] 
[ 1202.687064][T15773] the existing dependency chain (in reverse order) is:
[ 1202.687070][T15773] 
[ 1202.687070][T15773] -> #4 (&rq->__lock){-.-.}-{2:2}:
[ 1202.687090][T15773]        lock_acquire+0x120/0x360
[ 1202.687121][T15773]        _raw_spin_lock_nested+0x32/0x50
[ 1202.687136][T15773]        raw_spin_rq_lock_nested+0x2a/0x140
[ 1202.687152][T15773]        task_rq_lock+0xbc/0x470
[ 1202.687166][T15773]        cgroup_move_task+0x9a/0x590
[ 1202.687184][T15773]        css_set_move_task+0x658/0x9e0
[ 1202.687202][T15773]        cgroup_post_fork+0x1ef/0x790
[ 1202.687220][T15773]        copy_process+0x37e6/0x3b80
[ 1202.687237][T15773]        kernel_clone+0x224/0x7f0
[ 1202.687255][T15773]        user_mode_thread+0xdd/0x140
[ 1202.687273][T15773]        rest_init+0x23/0x300
[ 1202.687292][T15773]        start_kernel+0x47d/0x500
[ 1202.687309][T15773]        x86_64_start_reservations+0x24/0x30
[ 1202.687332][T15773]        x86_64_start_kernel+0x143/0x1c0
[ 1202.687353][T15773]        common_startup_64+0x13e/0x147
[ 1202.687373][T15773] 
[ 1202.687373][T15773] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[ 1202.687394][T15773]        lock_acquire+0x120/0x360
[ 1202.687406][T15773]        _raw_spin_lock_irqsave+0xa7/0xf0
[ 1202.687431][T15773]        try_to_wake_up+0x6e/0x1290
[ 1202.687450][T15773]        __wake_up_common_lock+0x137/0x1f0
[ 1202.687473][T15773]        pty_unthrottle+0x3c/0x60
[ 1202.687492][T15773]        tty_unthrottle_safe+0x111/0x160
[ 1202.687510][T15773]        n_tty_receive_buf_common+0xf5f/0x12f0
[ 1202.687527][T15773]        tty_port_default_receive_buf+0x6e/0xa0
[ 1202.687552][T15773]        flush_to_ldisc+0x24a/0x720
[ 1202.687575][T15773]        process_scheduled_works+0xade/0x17b0
[ 1202.687591][T15773]        worker_thread+0x8a0/0xda0
[ 1202.687607][T15773]        kthread+0x70e/0x8a0
[ 1202.687626][T15773]        ret_from_fork+0x3fc/0x770
[ 1202.687640][T15773]        ret_from_fork_asm+0x1a/0x30
[ 1202.687659][T15773] 
[ 1202.687659][T15773] -> #2 (&tty->write_wait){-.-.}-{3:3}:
[ 1202.687681][T15773]        lock_acquire+0x120/0x360
[ 1202.687693][T15773]        _raw_spin_lock_irqsave+0xa7/0xf0
[ 1202.687717][T15773]        __wake_up_common_lock+0x2f/0x1f0
[ 1202.687738][T15773]        tty_port_default_wakeup+0xa2/0xf0
[ 1202.687762][T15773]        serial8250_tx_chars+0x72e/0x970
[ 1202.687783][T15773]        serial8250_handle_irq+0x633/0xbb0
[ 1202.687804][T15773]        serial8250_default_handle_irq+0xbf/0x1b0
[ 1202.687827][T15773]        serial8250_interrupt+0xa2/0x1d0
[ 1202.687844][T15773]        __handle_irq_event_percpu+0x289/0x980
[ 1202.687865][T15773]        handle_irq_event+0x8b/0x1e0
[ 1202.687885][T15773]        handle_edge_irq+0x267/0x9c0
[ 1202.687902][T15773]        __common_interrupt+0x140/0x250
[ 1202.687925][T15773]        common_interrupt+0xb6/0xe0
[ 1202.687944][T15773]        asm_common_interrupt+0x26/0x40
[ 1202.687960][T15773]        _raw_spin_unlock_irqrestore+0xa8/0x110
[ 1202.687984][T15773]        uart_port_unlock_deref+0x111/0x2f0
[ 1202.688005][T15773]        uart_write+0xe8/0x130
[ 1202.688025][T15773]        n_tty_write+0xd35/0x11d0
[ 1202.688038][T15773]        file_tty_write+0x500/0x990
[ 1202.688058][T15773]        vfs_write+0x54b/0xa90
[ 1202.688071][T15773]        ksys_write+0x145/0x250
[ 1202.688084][T15773]        do_syscall_64+0xfa/0x3b0
[ 1202.688101][T15773]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1202.688116][T15773] 
[ 1202.688116][T15773] -> #1 (&port_lock_key){-.-.}-{3:3}:
[ 1202.688137][T15773]        lock_acquire+0x120/0x360
[ 1202.688149][T15773]        _raw_spin_lock_irqsave+0xa7/0xf0
[ 1202.688174][T15773]        serial8250_console_write+0x17e/0x1ba0
[ 1202.688197][T15773]        console_flush_all+0x728/0xc40
[ 1202.688217][T15773]        console_unlock+0xc4/0x270
[ 1202.688233][T15773]        vprintk_emit+0x5b7/0x7a0
[ 1202.688250][T15773]        _printk+0xcf/0x120
[ 1202.688268][T15773]        register_console+0xa8b/0xf90
[ 1202.688287][T15773]        univ8250_console_init+0x52/0x90
[ 1202.688307][T15773]        console_init+0x1a1/0x670
[ 1202.688326][T15773]        start_kernel+0x2cc/0x500
[ 1202.688342][T15773]        x86_64_start_reservations+0x24/0x30
[ 1202.688375][T15773]        x86_64_start_kernel+0x143/0x1c0
[ 1202.688395][T15773]        common_startup_64+0x13e/0x147
[ 1202.688414][T15773] 
[ 1202.688414][T15773] -> #0 (console_owner){-.-.}-{0:0}:
[ 1202.688434][T15773]        validate_chain+0xb9b/0x2140
[ 1202.688449][T15773]        __lock_acquire+0xab9/0xd20
[ 1202.688461][T15773]        lock_acquire+0x120/0x360
[ 1202.688473][T15773]        console_flush_all+0x6d2/0xc40
[ 1202.688492][T15773]        console_unlock+0xc4/0x270
[ 1202.688507][T15773]        vprintk_emit+0x5b7/0x7a0
[ 1202.688523][T15773]        _printk+0xcf/0x120
[ 1202.688541][T15773]        should_fail_ex+0x3f5/0x560
[ 1202.688556][T15773]        strncpy_from_user+0x36/0x290
[ 1202.688579][T15773]        strncpy_from_user_nofault+0x72/0x150
[ 1202.688594][T15773]        bpf_probe_read_user_str+0x2a/0x70
[ 1202.688607][T15773]        bpf_prog_bc7c5c6b9645592f+0x3e/0x44
[ 1202.688618][T15773]        bpf_trace_run4+0x28e/0x4a0
[ 1202.688636][T15773]        __bpf_trace_sched_switch+0x17a/0x1e0
[ 1202.688654][T15773]        __traceiter_sched_switch+0x9a/0xd0
[ 1202.688673][T15773]        __schedule+0x22ba/0x4c90
[ 1202.688703][T15773]        preempt_schedule_common+0x83/0xd0
[ 1202.688716][T15773]        preempt_schedule+0xae/0xc0
[ 1202.688728][T15773]        preempt_schedule_thunk+0x16/0x30
[ 1202.688749][T15773]        __local_bh_enable_ip+0x13e/0x1c0
[ 1202.688763][T15773]        __dev_queue_xmit+0x1cd7/0x3a70
[ 1202.688778][T15773]        __netlink_deliver_tap+0x5ad/0x850
[ 1202.688798][T15773]        netlink_deliver_tap+0x19c/0x1b0
[ 1202.688822][T15773]        netlink_sendskb+0x68/0x140
[ 1202.688839][T15773]        netlink_rcv_skb+0x28c/0x470
[ 1202.688857][T15773]        genl_rcv+0x28/0x40
[ 1202.688869][T15773]        netlink_unicast+0x75c/0x8e0
[ 1202.688885][T15773]        netlink_sendmsg+0x805/0xb30
[ 1202.688905][T15773]        __sock_sendmsg+0x21c/0x270
[ 1202.688921][T15773]        ____sys_sendmsg+0x505/0x830
[ 1202.688942][T15773]        ___sys_sendmsg+0x21f/0x2a0
[ 1202.688963][T15773]        __x64_sys_sendmsg+0x19b/0x260
[ 1202.688984][T15773]        do_syscall_64+0xfa/0x3b0
[ 1202.688999][T15773]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1202.689012][T15773] 
[ 1202.689012][T15773] other info that might help us debug this:
[ 1202.689012][T15773] 
[ 1202.689017][T15773] Chain exists of:
[ 1202.689017][T15773]   console_owner --> &p->pi_lock --> &rq->__lock
[ 1202.689017][T15773] 
[ 1202.689054][T15773]  Possible unsafe locking scenario:
[ 1202.689054][T15773] 
[ 1202.689058][T15773]        CPU0                    CPU1
[ 1202.689063][T15773]        ----                    ----
[ 1202.689067][T15773]   lock(&rq->__lock);
[ 1202.689076][T15773]                                lock(&p->pi_lock);
[ 1202.689087][T15773]                                lock(&rq->__lock);
[ 1202.689097][T15773]   lock(console_owner);
[ 1202.689106][T15773] 
[ 1202.689106][T15773]  *** DEADLOCK ***
[ 1202.689106][T15773] 
[ 1202.689122][T15773] 6 locks held by syz.1.2567/15773:
[ 1202.689130][T15773]  #0: ffffffff8f5701f0 (cb_lock){++++}-{4:4}, at: genl_rcv+0x19/0x40
[ 1202.689162][T15773]  #1: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: netlink_deliver_tap+0x2e/0x1b0
[ 1202.689201][T15773]  #2: ffff8880b8639e18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[ 1202.689234][T15773]  #3: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run4+0x19c/0x4a0
[ 1202.689271][T15773]  #4: ffffffff8e133360 (console_lock){+.+.}-{0:0}, at: _printk+0xcf/0x120
[ 1202.689307][T15773]  #5: ffffffff8e01ac30 (console_srcu){....}-{0:0}, at: console_flush_all+0x13a/0xc40
[ 1202.689362][T15773] 
[ 1202.689362][T15773] stack backtrace:
[ 1202.689370][T15773] CPU: 0 UID: 0 PID: 15773 Comm: syz.1.2567 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1202.689387][T15773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1202.689397][T15773] Call Trace:
[ 1202.689402][T15773]  <TASK>
[ 1202.689409][T15773]  dump_stack_lvl+0x189/0x250
[ 1202.689427][T15773]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1202.689444][T15773]  ? __pfx__printk+0x10/0x10
[ 1202.689464][T15773]  ? print_lock_name+0xde/0x100
[ 1202.689483][T15773]  print_circular_bug+0x2ee/0x310
[ 1202.689503][T15773]  check_noncircular+0x134/0x160
[ 1202.689523][T15773]  validate_chain+0xb9b/0x2140
[ 1202.689550][T15773]  __lock_acquire+0xab9/0xd20
[ 1202.689567][T15773]  ? console_flush_all+0x13a/0xc40
[ 1202.689586][T15773]  lock_acquire+0x120/0x360
[ 1202.689599][T15773]  ? console_flush_all+0x13a/0xc40
[ 1202.689621][T15773]  ? do_raw_spin_unlock+0x122/0x240
[ 1202.689641][T15773]  ? console_flush_all+0x13a/0xc40
[ 1202.689661][T15773]  console_flush_all+0x6d2/0xc40
[ 1202.689679][T15773]  ? console_flush_all+0x13a/0xc40
[ 1202.689699][T15773]  ? console_flush_all+0x13a/0xc40
[ 1202.689721][T15773]  ? __pfx_console_flush_all+0x10/0x10
[ 1202.689744][T15773]  ? is_printk_cpu_sync_owner+0x32/0x40
[ 1202.689768][T15773]  console_unlock+0xc4/0x270
[ 1202.689785][T15773]  ? __pfx_console_unlock+0x10/0x10
[ 1202.689804][T15773]  ? is_printk_cpu_sync_owner+0x32/0x40
[ 1202.689840][T15773]  vprintk_emit+0x5b7/0x7a0
[ 1202.689858][T15773]  ? __pfx_vprintk_emit+0x10/0x10
[ 1202.689883][T15773]  _printk+0xcf/0x120
[ 1202.689901][T15773]  ? __pfx____ratelimit+0x10/0x10
[ 1202.689918][T15773]  ? __pfx__printk+0x10/0x10
[ 1202.689938][T15773]  ? __phys_addr+0xd3/0x180
[ 1202.689959][T15773]  should_fail_ex+0x3f5/0x560
[ 1202.689976][T15773]  strncpy_from_user+0x36/0x290
[ 1202.690013][T15773]  strncpy_from_user_nofault+0x72/0x150
[ 1202.690030][T15773]  bpf_probe_read_user_str+0x2a/0x70
[ 1202.690046][T15773]  bpf_prog_bc7c5c6b9645592f+0x3e/0x44
[ 1202.690058][T15773]  bpf_trace_run4+0x28e/0x4a0
[ 1202.690078][T15773]  ? bpf_trace_run4+0x19c/0x4a0
[ 1202.690098][T15773]  ? __pfx_bpf_trace_run4+0x10/0x10
[ 1202.690117][T15773]  ? kvm_sched_clock_read+0x11/0x20
[ 1202.690131][T15773]  ? sched_clock_cpu+0x74/0x430
[ 1202.690148][T15773]  ? __bpf_trace_sched_switch+0x15f/0x1e0
[ 1202.690171][T15773]  __bpf_trace_sched_switch+0x17a/0x1e0
[ 1202.690192][T15773]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[ 1202.690212][T15773]  ? psi_group_change+0xbc7/0x1210
[ 1202.690229][T15773]  ? rcu_read_lock_sched_held+0x89/0x100
[ 1202.690246][T15773]  ? __pfx_rcu_read_lock_sched_held+0x10/0x10
[ 1202.690265][T15773]  ? psi_task_switch+0x318/0x6d0
[ 1202.690283][T15773]  ? tracing_record_taskinfo_sched_switch+0x7d/0x370
[ 1202.690304][T15773]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[ 1202.690324][T15773]  __traceiter_sched_switch+0x9a/0xd0
[ 1202.690346][T15773]  __schedule+0x22ba/0x4c90
[ 1202.690359][T15773]  ? kasan_save_free_info+0x46/0x50
[ 1202.690378][T15773]  ? __kasan_slab_free+0x62/0x70
[ 1202.690391][T15773]  ? dev_hard_start_xmit+0x2d7/0x830
[ 1202.690405][T15773]  ? __dev_queue_xmit+0x1adf/0x3a70
[ 1202.690420][T15773]  ? netlink_rcv_skb+0x28c/0x470
[ 1202.690439][T15773]  ? genl_rcv+0x28/0x40
[ 1202.690453][T15773]  ? ____sys_sendmsg+0x505/0x830
[ 1202.690474][T15773]  ? ___sys_sendmsg+0x21f/0x2a0
[ 1202.690495][T15773]  ? __x64_sys_sendmsg+0x19b/0x260
[ 1202.690517][T15773]  ? do_syscall_64+0xfa/0x3b0
[ 1202.690534][T15773]  ? preempt_schedule_common+0x83/0xd0
[ 1202.690550][T15773]  ? __pfx___schedule+0x10/0x10
[ 1202.690570][T15773]  ? preempt_schedule+0xae/0xc0
[ 1202.690582][T15773]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1202.690598][T15773]  preempt_schedule_common+0x83/0xd0
[ 1202.690612][T15773]  preempt_schedule+0xae/0xc0
[ 1202.690626][T15773]  ? __pfx_preempt_schedule+0x10/0x10
[ 1202.690641][T15773]  ? preempt_schedule_notrace_thunk+0x16/0x30
[ 1202.690665][T15773]  preempt_schedule_thunk+0x16/0x30
[ 1202.690689][T15773]  __local_bh_enable_ip+0x13e/0x1c0
[ 1202.690704][T15773]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1202.690721][T15773]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1202.690735][T15773]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1202.690750][T15773]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1202.690765][T15773]  __dev_queue_xmit+0x1cd7/0x3a70
[ 1202.690781][T15773]  ? __netlink_deliver_tap+0x404/0x850
[ 1202.690803][T15773]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1202.690823][T15773]  ? do_syscall_64+0xfa/0x3b0
[ 1202.690844][T15773]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1202.690864][T15773]  ? __copy_skb_header+0xa7/0x550
[ 1202.690878][T15773]  ? __asan_memcpy+0x40/0x70
[ 1202.690906][T15773]  ? skb_clone+0x246/0x3a0
[ 1202.690921][T15773]  __netlink_deliver_tap+0x5ad/0x850
[ 1202.690947][T15773]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1202.690969][T15773]  netlink_deliver_tap+0x19c/0x1b0
[ 1202.690996][T15773]  netlink_sendskb+0x68/0x140
[ 1202.691025][T15773]  netlink_rcv_skb+0x28c/0x470
[ 1202.691045][T15773]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1202.691060][T15773]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1202.691085][T15773]  ? down_read+0x1ad/0x2e0
[ 1202.691102][T15773]  genl_rcv+0x28/0x40
[ 1202.691115][T15773]  netlink_unicast+0x75c/0x8e0
[ 1202.691136][T15773]  netlink_sendmsg+0x805/0xb30
[ 1202.691159][T15773]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1202.691181][T15773]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1202.691196][T15773]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1202.691216][T15773]  __sock_sendmsg+0x21c/0x270
[ 1202.691232][T15773]  ____sys_sendmsg+0x505/0x830
[ 1202.691256][T15773]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1202.691280][T15773]  ? import_iovec+0x74/0xa0
[ 1202.691300][T15773]  ___sys_sendmsg+0x21f/0x2a0
[ 1202.691322][T15773]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1202.691356][T15773]  ? __fget_files+0x2a/0x420
[ 1202.691372][T15773]  ? __fget_files+0x3a0/0x420
[ 1202.691390][T15773]  __x64_sys_sendmsg+0x19b/0x260
[ 1202.691413][T15773]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1202.691438][T15773]  ? __pfx_ksys_write+0x10/0x10
[ 1202.691449][T15773]  ? rcu_is_watching+0x15/0xb0
[ 1202.691465][T15773]  ? do_syscall_64+0xbe/0x3b0
[ 1202.691482][T15773]  do_syscall_64+0xfa/0x3b0
[ 1202.691497][T15773]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1202.691510][T15773]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1202.691524][T15773]  ? clear_bhb_loop+0x60/0xb0
[ 1202.691539][T15773]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1202.691553][T15773] RIP: 0033:0x7ff84898eb69
[ 1202.691565][T15773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1202.691577][T15773] RSP: 002b:00007ff8467f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1202.691590][T15773] RAX: ffffffffffffffda RBX: 00007ff848bb5fa0 RCX: 00007ff84898eb69
[ 1202.691601][T15773] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004
[ 1202.691610][T15773] RBP: 00007ff8467f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1202.691619][T15773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1202.691627][T15773] R13: 0000000000000000 R14: 00007ff848bb5fa0 R15: 00007ffe6fdc7f58
[ 1202.691643][T15773]  </TASK>
[ 1204.164955][T15773] CPU: 0 UID: 0 PID: 15773 Comm: syz.1.2567 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1204.164976][T15773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1204.164986][T15773] Call Trace:
[ 1204.164994][T15773]  <TASK>
[ 1204.165002][T15773]  dump_stack_lvl+0x189/0x250
[ 1204.165023][T15773]  ? __pfx____ratelimit+0x10/0x10
[ 1204.165039][T15773]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1204.165056][T15773]  ? __pfx__printk+0x10/0x10
[ 1204.165076][T15773]  ? __phys_addr+0xd3/0x180
[ 1204.165097][T15773]  should_fail_ex+0x414/0x560
[ 1204.165114][T15773]  strncpy_from_user+0x36/0x290
[ 1204.165139][T15773]  strncpy_from_user_nofault+0x72/0x150
[ 1204.165175][T15773]  bpf_probe_read_user_str+0x2a/0x70
[ 1204.165193][T15773]  bpf_prog_bc7c5c6b9645592f+0x3e/0x44
[ 1204.165207][T15773]  bpf_trace_run4+0x28e/0x4a0
[ 1204.165228][T15773]  ? bpf_trace_run4+0x19c/0x4a0
[ 1204.165249][T15773]  ? __pfx_bpf_trace_run4+0x10/0x10
[ 1204.165268][T15773]  ? kvm_sched_clock_read+0x11/0x20
[ 1204.165284][T15773]  ? sched_clock_cpu+0x74/0x430
[ 1204.165302][T15773]  ? __bpf_trace_sched_switch+0x15f/0x1e0
[ 1204.165326][T15773]  __bpf_trace_sched_switch+0x17a/0x1e0
[ 1204.165348][T15773]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[ 1204.165369][T15773]  ? psi_group_change+0xbc7/0x1210
[ 1204.165387][T15773]  ? rcu_read_lock_sched_held+0x89/0x100
[ 1204.165405][T15773]  ? __pfx_rcu_read_lock_sched_held+0x10/0x10
[ 1204.165429][T15773]  ? psi_task_switch+0x318/0x6d0
[ 1204.165449][T15773]  ? tracing_record_taskinfo_sched_switch+0x7d/0x370
[ 1204.165471][T15773]  ? __pfx___bpf_trace_sched_switch+0x10/0x10
[ 1204.165493][T15773]  __traceiter_sched_switch+0x9a/0xd0
[ 1204.165516][T15773]  __schedule+0x22ba/0x4c90
[ 1204.165532][T15773]  ? kasan_save_free_info+0x46/0x50
[ 1204.165552][T15773]  ? __kasan_slab_free+0x62/0x70
[ 1204.165566][T15773]  ? dev_hard_start_xmit+0x2d7/0x830
[ 1204.165581][T15773]  ? __dev_queue_xmit+0x1adf/0x3a70
[ 1204.165597][T15773]  ? netlink_rcv_skb+0x28c/0x470
[ 1204.165618][T15773]  ? genl_rcv+0x28/0x40
[ 1204.165632][T15773]  ? ____sys_sendmsg+0x505/0x830
[ 1204.165655][T15773]  ? ___sys_sendmsg+0x21f/0x2a0
[ 1204.165677][T15773]  ? __x64_sys_sendmsg+0x19b/0x260
[ 1204.165700][T15773]  ? do_syscall_64+0xfa/0x3b0
[ 1204.165717][T15773]  ? preempt_schedule_common+0x83/0xd0
[ 1204.165735][T15773]  ? __pfx___schedule+0x10/0x10
[ 1204.165755][T15773]  ? preempt_schedule+0xae/0xc0
[ 1204.165769][T15773]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1204.165785][T15773]  preempt_schedule_common+0x83/0xd0
[ 1204.165801][T15773]  preempt_schedule+0xae/0xc0
[ 1204.165816][T15773]  ? __pfx_preempt_schedule+0x10/0x10
[ 1204.165831][T15773]  ? preempt_schedule_notrace_thunk+0x16/0x30
[ 1204.165857][T15773]  preempt_schedule_thunk+0x16/0x30
[ 1204.165883][T15773]  __local_bh_enable_ip+0x13e/0x1c0
[ 1204.165899][T15773]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1204.165917][T15773]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1204.165933][T15773]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1204.165947][T15773]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1204.165963][T15773]  __dev_queue_xmit+0x1cd7/0x3a70
[ 1204.165994][T15773]  ? __netlink_deliver_tap+0x404/0x850
[ 1204.166016][T15773]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1204.166032][T15773]  ? do_syscall_64+0xfa/0x3b0
[ 1204.166053][T15773]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1204.166074][T15773]  ? __copy_skb_header+0xa7/0x550
[ 1204.166088][T15773]  ? __asan_memcpy+0x40/0x70
[ 1204.166116][T15773]  ? skb_clone+0x246/0x3a0
[ 1204.166132][T15773]  __netlink_deliver_tap+0x5ad/0x850
[ 1204.166157][T15773]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1204.166179][T15773]  netlink_deliver_tap+0x19c/0x1b0
[ 1204.166200][T15773]  netlink_sendskb+0x68/0x140
[ 1204.166220][T15773]  netlink_rcv_skb+0x28c/0x470
[ 1204.166241][T15773]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1204.166257][T15773]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1204.166284][T15773]  ? down_read+0x1ad/0x2e0
[ 1204.166302][T15773]  genl_rcv+0x28/0x40
[ 1204.166316][T15773]  netlink_unicast+0x75c/0x8e0
[ 1204.166339][T15773]  netlink_sendmsg+0x805/0xb30
[ 1204.166363][T15773]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1204.166387][T15773]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1204.166403][T15773]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1204.166428][T15773]  __sock_sendmsg+0x21c/0x270
[ 1204.166447][T15773]  ____sys_sendmsg+0x505/0x830
[ 1204.166472][T15773]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1204.166498][T15773]  ? import_iovec+0x74/0xa0
[ 1204.166520][T15773]  ___sys_sendmsg+0x21f/0x2a0
[ 1204.166545][T15773]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1204.166581][T15773]  ? __fget_files+0x2a/0x420
[ 1204.166597][T15773]  ? __fget_files+0x3a0/0x420
[ 1204.166618][T15773]  __x64_sys_sendmsg+0x19b/0x260
[ 1204.166642][T15773]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1204.166669][T15773]  ? __pfx_ksys_write+0x10/0x10
[ 1204.166682][T15773]  ? rcu_is_watching+0x15/0xb0
[ 1204.166700][T15773]  ? do_syscall_64+0xbe/0x3b0
[ 1204.166718][T15773]  do_syscall_64+0xfa/0x3b0
[ 1204.166734][T15773]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1204.166748][T15773]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1204.166763][T15773]  ? clear_bhb_loop+0x60/0xb0
[ 1204.166780][T15773]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1204.166795][T15773] RIP: 0033:0x7ff84898eb69
[ 1204.166809][T15773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1204.166823][T15773] RSP: 002b:00007ff8467f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1204.166839][T15773] RAX: ffffffffffffffda RBX: 00007ff848bb5fa0 RCX: 00007ff84898eb69
[ 1204.166850][T15773] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004
[ 1204.166860][T15773] RBP: 00007ff8467f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1204.166870][T15773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1204.166880][T15773] R13: 0000000000000000 R14: 00007ff848bb5fa0 R15: 00007ffe6fdc7f58
[ 1204.166897][T15773]  </TASK>
[ 1204.306802][T12759] usb 6-1: new full-speed USB device number 37 using dummy_hcd
[ 1204.969504][T12759] usb 6-1: device descriptor read/all, error -71