last executing test programs:

15m7.448554504s ago: executing program 3 (id=1659):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x9}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000003480)=[{{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000001400)="c0", 0x1}], 0x1}}], 0x1, 0x1)
ioctl$sock_inet_sctp_SIOCINQ(r0, 0x541b, &(0x7f0000000000))
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x24000000)

15m7.304942012s ago: executing program 3 (id=1662):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f0000000000)=0x8, 0x4)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r2, &(0x7f0000003480)=[{{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f0000001400)="c09bd65a75b56b924573f105bd55ef2b455326e4af9f174c2609f3fb9f52493449d9348dc907fab1cb219c4338d1ef214d72554a7db767b6c4b74fc005f33cac1bad692af0fba16f6c77e25b6540fae461dd1e83d815a1c1cd6d9988b2bfb5c01369e75d3ac54670aaf21a2254894e4a313788cd939932e3390182ee9131fcd371b140d5cb11f0e60fc440b0a2eedfe1d9f6f34d3f0990f07a070147f65d6a0ab4d4f581e421cc38f05febcc49d294b7f2975b7a7db908324d64cfcd9307956f05f2dd7b23", 0xc5}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, 0x0, 0xb8}}, {{0x0, 0x0, 0x0}}], 0x3, 0x1)
shutdown(r2, 0x1)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, 0x0, 0x57)
r3 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000180), 0x4)
writev(r3, &(0x7f00000003c0)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fdd411efc40800040000000000000000", 0x39}], 0x1)
syz_emit_ethernet(0x4e, &(0x7f0000000040)={@local, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, '\x00\'$', 0x18, 0x3a, 0xff, @rand_addr=' \x01\x00', @mcast2, {[], @mld={0x102, 0x0, 0x0, 0xf, 0xfff7, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}}}}}}, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000500)=[{0x0}], 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

15m7.21457519s ago: executing program 3 (id=1665):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000000)={0x0, @in={{0x2, 0x4e24, @empty}}, 0x100, 0x600}, 0x90)

15m7.065109357s ago: executing program 3 (id=1666):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x1d0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='ramfs\x00', 0x10, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x104000, 0x0)
mount$9p_unix(&(0x7f0000000100)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x12d7498, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
umount2(&(0x7f00000000c0)='./file0/file0/../file0\x00', 0x1)

15m6.900741559s ago: executing program 3 (id=1670):
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000180)={0xfd, 0xcb, 0x5})

15m6.548865543s ago: executing program 3 (id=1677):
r0 = socket$inet6(0x10, 0x3, 0x0)
recvfrom$inet6(r0, 0x0, 0x0, 0x12000, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff3b, 0x0, 0x0, 0x0)
recvfrom$inet6(r0, &(0x7f0000000000)=""/45, 0x44, 0x0, 0x0, 0xffffffffffffffc3)
unshare(0x400)
move_pages(0x0, 0x20000000000000fe, &(0x7f0000000080)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil], 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0)
mmap(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x7000)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$UFFDIO_UNREGISTER(0xffffffffffffffff, 0x8010aa01, &(0x7f0000000000)={&(0x7f00001fb000/0x6000)=nil, 0x6000})
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000000)="48050000150019", 0x7}], 0x1)
r1 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r1, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

15m6.02118163s ago: executing program 32 (id=1677):
r0 = socket$inet6(0x10, 0x3, 0x0)
recvfrom$inet6(r0, 0x0, 0x0, 0x12000, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000140)="1ba0000016001d0d89fdc5cbdd045798707bed4dca141a780f0f8e", 0xff3b, 0x0, 0x0, 0x0)
recvfrom$inet6(r0, &(0x7f0000000000)=""/45, 0x44, 0x0, 0x0, 0xffffffffffffffc3)
unshare(0x400)
move_pages(0x0, 0x20000000000000fe, &(0x7f0000000080)=[&(0x7f0000fff000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil], 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0)
mmap(&(0x7f0000ff7000/0x4000)=nil, 0x4000, 0x0, 0x13, 0xffffffffffffffff, 0x7000)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$UFFDIO_UNREGISTER(0xffffffffffffffff, 0x8010aa01, &(0x7f0000000000)={&(0x7f00001fb000/0x6000)=nil, 0x6000})
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000000)="48050000150019", 0x7}], 0x1)
r1 = socket$inet6(0x10, 0x3, 0x0)
sendto$inet6(r1, &(0x7f0000000000)='s', 0x10a73, 0x800, 0x0, 0x4b6ae4f95a5de35b)

19.968156678s ago: executing program 5 (id=4769):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x19, 0xe, 0x0, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x94)
r2 = syz_open_procfs(0x0, &(0x7f0000000e00)='net/icmp6\x00')
lseek(r2, 0x7ffffffffffffbff, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, 0x0, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x4, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast2, @in6=@private2, 0x0, 0x0, 0x4e21, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x6, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x100000000000}, {}, 0x0, 0x0, 0x1, 0x0, 0x3}, {{@in6=@mcast2, 0x0, 0x33}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0xb7, 0xfffffffe}}, 0xe8)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
write$P9_RSTAT(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="490000007d010000004200080001040000420300000002000000000000000000044109000000030000000800000000000000040047504c00040047504c0004004750b7050300402a29"], 0x49)
sendmsg$key(r4, &(0x7f0000000080)={0x0, 0x700, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="0209000002"], 0x10}, 0x1, 0xfdffffff}, 0x0)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x3, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = syz_open_dev$vcsa(0x0, 0x5d3d, 0x2000)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002e00)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000003c0)="aeb24ea10d8204974de31ece2817a8faf55359634d0011180c2ce4f3ec9a0c0b28d839fe4f6706fc4fe04dace11d3409ea23d2dcb430787dbfaeac3405fc940f7609ca7305731e4bc88aefb53245f2ab7e8f7ea10dffb8191df4f7b7a13eba5ca1b931c99d3f2d628189b47ad0c00b94a03fb86c2ec6fcc4b055fbc5af64", 0x7e}, {&(0x7f0000000580)="485bd75fd51928c36b3251cc1e4cab6e0314186df0f7b55e879c94a6efa8ad3b336dcb013512ebda38d5d96f2dd58fb13c787582810f4b216669c6e386f26c2503c574beb47032f61e67ba8d2a254f4c87912fd3a8bbaeaa7e1c3b075ccef5aaeb7f99b7759b6275f6fb101ddd31a622c24deba3a7cef0d79f06d470f0f52e2ddcf228fd8835479c0a77d160cc61089bbf8b8a16d5c6e57c732b1d44fb12bd8a3cf9d741017ba1a87f6f3f", 0xab}, {&(0x7f0000000640)="4f1408c2b99468c7b95a68390fc45eccbcb0cc8d211555ebba2558d1797aa8d15ccca82d4300defe921109ba4271df345c1547fc777a576030b4c7fcd3158d6d1bd3544a46e3f764f22c4f24bf7b88d9b145f8cd9c0d75549a22d07949d9184e27c5f0b8974fe2f2ca4c6f99ed", 0x6d}], 0x3, &(0x7f0000000c40)=[@rights={{0x18, 0x1, 0x1, [r0, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r1]}}, @rights={{0x14, 0x1, 0x1, [r5]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r4]}}, @rights={{0x18, 0x1, 0x1, [r3, r1]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [r4]}}, @rights={{0x20, 0x1, 0x1, [r1, 0xffffffffffffffff, r1, r7]}}, @cred={{0x1c}}], 0x110, 0x8b1}}, {{&(0x7f0000000980)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000b00)=[{&(0x7f0000000f80)="57d304892b4e8dc0250ae273fadd80730ee4e9c9c75611a201fde65584322676c5c40103bbbf3ca151fe7ff78642b75929a6cb00ac41944cefe112f85ebe22943006852e6f48ee8c7e5ab050eaf6b1f9315bebdb6deb6769f39ba9f72dcbefef538396d459ff5784296640bcd8a40e2c9c58e94338c289229e11e73b4a743470413f7a8cb10b05a8bed47e9979b136561b5e0a186d08d6f0f95ee3d6a53ab89a796261a7365444afe2d2c13592b511044fffec3947f9498a87f5cfb9be8c6926cf7f0e382569753b7584f104b3cdc9da36d1cb60490cf49f2b34a31286e1ed008e02d5ee1826556bcd485f18595e1a228ac3fba6cf6d7a02c4ec741fc12bb0f5c1a3c60c75d51c45bb4bbc9685502f869402f385c5e21a7ac91202414711c602d5aeca1e328d11abee678f4d80cbd3d4bf959711e94a3a78a3c31f4aa9ab92e62b48278eff03e9d3fbacba55bf797bd4f1a0f905fcc59c2fb0420ea38988daa6ce4b8ac907c65a8daf6c3905c6df398f6a3e2d93251b26c92e4247f70d1b68201725f4029f660167beebb2a661a4a60c4ace0e0f4cb10dbb912616545ffa81b10bf7fb8bbdaf9cbde0d8bfdfea79e61f80d9b4578c3465a793a55bdc128985676dd2a3832246cae261f9038232e4087cb1aedf3384e0d824f40d33512688c8bfd83a1674e54074d5cae9b9fcb59153b536639a69a4c9075097a5873e204c1999b4e317cb2796d92752843bc06834c855c06d51e2486b22c98bc6551d1acf5f139f83fbeeebf4afb0a3285ad9485de109ee009123ab74fd8b779eb1a1cfe9bbd736381a490d2f86c73ee499ffcb48dde8cefb5de43edc2bc3be6366d9651cf3d3a7f52a24548986c13993b509810afbe88bb715521f19695c8a96c1be37ec55ff536b41e85362bc78c7ae3ace39c57492c7e326a14334b2f149d1e410658338d612cffc7d583a3e8b164176014b10f4b20df7d26977251990598ad0edabda6939a217ad0e57e4b98e0dd361338121b521c05615dc46ac6869f448354ef7675449bc2b3a903f8a8996f972a6ac025cdee31ee352837dbc316e33adc05e376e2bcd17970ad0bee979ea2259da19f331516898a11c5ec57020611d213df94dd25a97d5cfa5774cbea6984e7ccb09ebe3aa95e46ae445fbe093dae4473ae0ba365e6f0bc3efa94901dfcbd4d6b70bffea0b459b32deeab688314ab3b3045b2b7c3d9f8c9508d2ba5a21e60f7bf9ec2995a287d59b7bef076f044fd33bd5fc1a470cd19655d647e030c458c41ae3418a0bc11594eb7d2b328edb5f3ce7f8e479ccac9fdbee7225a42d07ae9e0326a48ae15729770bd5f843f46aeecd24e4008925b7c2fe98c0da30d1b3c9fc928f96cce469d378cfabd3297dade8d155cb6f4fea42cd47b559b54247142755a6ef96f29d739f18ca3b86424c461abd10c706a7830eeadb1a6e1033197a1246f38dabd81d8daca6ccef960523900c8f7e35eda27899be3b3c253fa58f53815b21a470de554e0b46b4032a5724e39ba582cef192b3a382cffbdfca866fb55ec49d43f0710eeb95d2a62d9373515176705b14d7571883c028b3fd068090af84ceef736d8ff3d1fe0dde77503edc23adad659813bb89a9420bd18a67e3b61fa7782d151d5afc50fbd2277881bbddbc3bf775bbb32b45e3f74daf358a5bb9551944d5e7c42c57b57a9b38d2b002d0f1c51104dd8cc07db4ff1fa2302a82c9b6a382832d650a850e427913eadff39a2d3e5fbd51c68322e3bd3eb9b8ff35e6f675960c230534c37c09b16d569ce9f5395df939b7541a2b74866e154894c180d75c5b341112169c361be1ad83e6364daad39c17e0388541572fc453da467bbeb29ee0f0b1b70e589a591551196beb0ef848ca906f9bd7329f0a36804442b5e1bbdc0e4c2fd04e7096c166227f5d86b8dee90b84fc7a5e9ddb022ddd77eb7cec3c74cf4a740808a8811c614411c377a1f2cca60ce9c03fe98ba7ceb356c40ee474722a786e83f7651e8eacef168547779103efb30ecf53b96b5cbec1d1c2839aa89012ae81bb9e368a7e292b99ec138c0309cc483012406af7420fa30b8d0a23b600400af106216305899b9b91379986198adf577f48ad1656a4984f5bca10b8f2f15843ffdbd2453878a8bbe5eb8d1046325c8ff09dd1e06358f82393fbcaf0a3d76120dd41357255ec91440d8b882b6fa58140349a37ce5e34b3a188b3b7ea16a6662baead1def14cfff702604c428a784f4ab6000a15125e10f6e065cb200364deeb92662394bd1b7d57207878ffcfb79edd552d6545c5b72dbd533b27701ca25dc9830d598eb4982ce1d737c0f0df9ccf205381781a167bd598683b752ca234ded4a7dc7168ef5d15bd2deaee9f17f1af4f86a00379ae8ee898cb99df5fdd555a132a37fde3f4f3e03eb554514d41118eb2786d8d321f7b23127321a7cc211d2f940b5c0051268042087f449692ed16366d91eac8fcaa5105a250375eeb92e91b7f474da44fe1228cc11d117a8cdf3ea6714f62a20b53c8627de4640a4e32a8a0843531cf4875bfe91cad395cbbbb6b4dc3eac9ebee971758ec16e8f553fcff128aea63e1f4511d8489e817c4de5287663b8f231d000ac5389b86f5ceabb9e3e9017b094c41e5ad64e650bf051ec5d2f87a50e408dadd140cc1d06c807665957adfee769728a773c1f5fbb6aff21d5663cbcd0b516f01b0dd5a964ef3bc2acd9bda4bc476f1bfb7c0e72f26fc64b12eedd5de655fab5992b51a014948fa4ce8d6723c9b871ce5c4f1108e94055d3e6e1da9dad021dba427c1b7ad7d1325149e06360308f81553e58f743eaa9bc6f8fb7dfe201f5aa90b937b8774b022edea0fbdcd45d1512ae58510071aa4aed7fbd1d44c6c4c894af5bd0ea9ed354b2505d0698e9cf9460aa3466b2c1ca59cda8edf7d339569486ecc96aa29c57deb982bcf6bfcd45ce01c4730c1020f908166ec9af48a8f6545576eaa928a469913440d781b96293c4760979550f6fa3fd6c31eefacd80b48275287752fae261d5e1f5c3bf4f65e743b2e3996285daa88ff4760cda98e2981f37d1be2bdda812735416c73c92ea6aeda52bbf1b7dfcad2817e246a0841da55e9895fd0aeb15cea56ffc9801a704bf1fa0cc6c6e9d5827a4908b1ebb63b9f91d14cc40372444bb60411ff8c2790b7345ee663c10998ff6e6df2b1d3be59c77b130e91297df7afb3d73dfbc7c025ca918849f611509962534f4aef994f346d594affb9ce2deb90ea048c3d55e4fe845a307e3ee5ebc3fe3e829c369492e1fc1a3b6575d668de4dc471cde7ae63788f95ba7eff0eaf196e6c10d8ae622d0dd79d599a6d4ce321395e8c144ff81a3bd833b52679eb6baf9bb115e272a3f95b08db47ab38fa03355af47e197bbf63e219da909d027081dce772c9197a99ffefc03a52d24582724f36afdcec36834883f20b86448a907ca5e2460587c8c2bf4841c3bee517e49d3ed5898e4b620d7b735b26a7df36c4b70f7062091cd2b20a7b5454dcd710c398ca4212e0ae9e3ccba4a236ca78c096097dfaebb811686357f4ac089350a7412bafe7e32a98b05dae0a2e3e7cd2c66210ad1eac18886cd9adae8b1a3cd1dcbb3b51e2ab5d9c33c60b7bcfe47630c4aadebc7fa63732ea4b0fcfceb635d496009d89310163972a3cda95eae43f8f4b054aa788d98b6ab965ac8397ea4ec6026a8613d9914a0ad85c2f72df38c83f2f8d53fdd5e83687e614447688517eaae3888558e4e6d61bc2ec3286545ed5eae194162fdaf7df0ce8e8e3095b52395d23bc9a475ac30af4d8d696d43ca0469a13168471efc806c9772b0dc7f93762e4ff2d1ab33f058a12ffd458e8749934467a78db877eac5cad3b1ee576cb72792f446662ed1cce716558d7b858ef9f83067d49213353315a517c37bae53695b3d66b7e608aa5202d14852181fea3866b4f526f20e68269615ef2c89f785007c7cca375137d9765abe2187759f9908516f3a8c680cdcc2ba40f77f9f1ab1d91214a3446ef2a6283b826cf11ebb6f42dac99a5af998cf7af04156ae8969200fdf2d0b8c90cfa5b50177732898b6725102434d75303f86718ec299427909ccc2a38720d4d68e4d7da7463dddb12d8d0c8dfbd90df4c739767730cb055ce2ea08fc45bc14a7263e45cb5c6ab5c6172af05c1386bc2d608a37b9ba956f5e47e71864ab3e6f637cdd06bdc46b19166d5fbae6ddcd05adcb67444f80cb6e93f61b3bc346d308dae368bfcc5c85caef0ff516c0f8b9fc6334a5fe5d7ebff48b778934271c888ef8867d3201d80d4b4cbacf0bcea4e76d81452c0aab7f5d74479d3c2527b7333ffae066010b4c35c6e3bfa9ef7e6fe915a7493df90728e9412f2be4e7d5c37c73190d2d0bcda424c339ea3e1e819e1d03db4ea161a95208a171697cf978e43eac15f71701237c46318e2b4d07dc0b932c9661b9673d87450d028168151f200e012b4e693c4a51fefaf935071425afd2cebf9e89b1f1d5ebeddaae18f069d75be2e588d84fb0ead498aebb912d01f1f610be1fb3d6fb77f2c57dff96ceddbd392f1e6af99fd7674058668c3a739c56a313ae40db616e3c25b0607ff377a59416565b3b1ad4a50baf8f97f83b099a7160156bd892e5af9aea14fa85c518ab923382a0d9e1d6aeab0c2961ce428d9ec94df1d61782fd9f994bbe28cb4e453a1d96b919b53685abda7da302cee6d0698f5ec1f771cb2ccbdefd241e5076d18272b550447915240f5db565c7bd25dc173c970f864e4042b1e4679f728c53995ce756030b85a0a432f2a521c15ba1e2ae6d0a31ba7d1ead1713a8d028142cc984a643e5636fd813255e0fbaac9c89ba8559ac770d0810247c42d09e15ab0f1a28c9f340c165c6c5345dc70aa949f0f3ba0432557bb502c99006985e02cfcb705a0c7d86df64d4b44e6e9f8a7bef5198112b33696ea5db876171a9b961334fddfbbd2a7aa2fcbd82a7ac1ad7dded8b81727ea10a1d94b2920571110b728101374f5686073ba91d5e411a4fb02c2475222c324f61e22b109a91441a6a7048e7a639dc38b16eb41d40c20ab2612b888534230723438580f98505774911991d0aaa173c9839a46031978851a8ed33136636c93b6e1984ea7873a3cf5240dd50f14df9a0cb90950481411bbe2fb45a4198223d4355d849388f4c238f66ecbefe80c99ae1ac0511217f2afa4cd98b8fd203aa396ebceb2ea169e03b0fa03ee691835f7d02ccc6843a13ddc8a0050a8853c991b845ccce8e62c76f173dfe3873254268d7f8b0474d93b72645d738268950d7a77cee3914e899cb123c947ca10be40570b8202c5eb8d8e126d8606ba3ef6947748dcd8cea182badae58939af485f6ddf558cd618792f6e3627cda0ac0c703ae022845674427ef8019d534dfcdb0c2f353df65626ecbdccae702d29c81f6abbc84fdddf0e7f149158c7de8bb12e01fff2ac9395e7e7f9f559f91b406e009d526a51c775203123745e0327266a372f82c12c9fdbe0ff266c1261faff9b40f20de8f164691a2a7170120db667c577fa987d23fd4fd6e8d7fbd3b26a13368bba5ceea58f9a2a477dc4d4a09f770f8dc06a4851defbe016444c6793df17467fb0b6e9a9c15115214c47dc5c130407896dcec26780f49d8532f07f962bd5ec0931507f1d6e2296ac56c40ce39eda8603ab6195c4ebfd39c84c0acf0704c4e293d959e8bca65973966c8fc5e68a9ff804eff836f3e800d4d50def0e20c1f9d433e75e997f98b23dc3d95bf746914380c8f9274090ea6cc47a8", 0x1000}, {&(0x7f0000000a00)="8875be5bbd025b047e12cfd113a7632c59ab8bfeb54688b742275792e4afccbd3897bf99006ca072a96b447c1331325b10a3c078620b0d76fca27f8dad309687fa822392c7e81a5845195fa13a0301526a3a1a69fcf7c7176c4ef80057c557c42b8dc8a8e005ddabda621882ee8705c3b270b2cc86c64fe527f0324704a873d59bb2e5a40b433d6ec18b0843ebddb869ff907715b7ed58673a68a5a65695069983f1e49bba2efe2a69cde79211e37b2b89c8aa1cbe14dea1d283e73a8b44963a1b137938333e6153ca0baa013eeea0", 0xcf}], 0x2, &(0x7f0000000d80)=ANY=[@ANYBLOB="38000000000000000100000001000000", @ANYRES32, @ANYRES32=r1, @ANYRES32=r5, @ANYRES32, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32, @ANYRES32=r6, @ANYRES32=r4, @ANYRES32=r3, @ANYBLOB="1c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRESOCT, @ANYRES32=r3, @ANYRES32=r7, @ANYBLOB="1c0000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="000000001c00000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32=r4, @ANYRES32, @ANYRES16=r0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32, @ANYRES32=0xee01, @ANYRESDEC=r0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r6, @ANYBLOB="1c0000000001000000020000006310dae2c5981c97215eb145ce5f2b0f54adb085a257", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x150, 0x20000000}}, {{0x0, 0x0, &(0x7f00000027c0)=[{&(0x7f0000002480)="0adeba962623c80890cc4a24396efd88118b0f6eb90d03cb6589d44793620af258e7f0ab11788aa97779ae30d31e0ff3e31523c93e7f4ce7b1eda89f31c9b1cac2db175cba44ce8f18c725b5f548a2c4fadc27a834b1859d130ed21bae934bd5a9a727735197e3d7ab65567f04ed834ece351564553106d1e8bbd376584a9ebdabb3ace0dc53e30ed984", 0x8a}, {&(0x7f0000002540)="0f01d8743d3b2519fcfc78c4d9a29618e470cfc5c3f3bd2cc9060062cf07217171b8af253eda85c01098970817e0ebf9bbcfd1ee46f1ae066656852888ab4d2802eaca66e1bcd98981e243354c227cabc1ed2ace02254e0d04235c9bd71d3ce66eb4ba3d5ac9c76ea444312b240adeb3d7cf65787e02ee31bc0719db53c7681e29d8a9e199abe5339b9d05b25c1f010b57abd5207c900f2ad6642688d39ae1d179f20b534728c812802d5dd48b827d92e2ca", 0xb2}, {&(0x7f0000000b40)="891c93ed61ab1c3bb98bf1224df6e7772c5ee706f36d42fa2baa630d779a2ec24e1e5d6c1d331ad93a5d45e13e1dd24428445950ae4ca58c34a0308a7a9ece8ce7b1864a825ffefd940e1233d0251025489374fb900531668c57119a82554040442afca25c62e7cad3a016edde6924c6986b03efc7b98da0d3d63a8bb3602815a9ff096cf02c7747d76657715afe45431e4652d6eb932de499ae9c1cb1778d433f352f783884e88ce0aa593fd1c302161da042defb9a19075e0b21c0ad88c01bbb91efc2fad3f0af", 0xc8}, {&(0x7f0000002700)="723de311b14516c2dd9a4ec3225402b1308c838a93c51e1d9a0bd347ea88ae00f39c1944edc316d8278fd5d236", 0x2d}, {&(0x7f0000002740)="1223d0d445db9a61fe952f5dd6cf34b037ccfe86b870554ac067c672a0939595bdac57d5a10e5382b00e833a8d1e6518619588253e31072b613783bcee20cdbf4fd49605c3ef3abce3f926c553bc08bf3f7e5eb3f2552631d331334ca79dc6d7c3fd9200278102d8", 0x68}], 0x5, 0x0, 0x0, 0x4840}}, {{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000002840)="b9e6823361c387114c3ae903e6c7721ee420d7c3bdd981953e7afe300f3ed9e74abd2fb0f52f06b1f223fa9935e4c4170d3c4bbe9ef425b5c86959312cf0fd5d8a22f98eca0f9786f6d44a6a48df5d692028d07cd970d3c79ba07ca1885a03ebd19b379dfd432b2a035f4c7d1963c3d66f", 0x71}, {&(0x7f00000028c0)="9cfaf36546", 0x5}, {&(0x7f0000002900)="ffdd402069673470ed1d6a1c693cd01bfc842aacef723fd81ccc602a9e0d493fa62fc15468b5830c809c447d88a6a21151da421a3a08b1bf6d668df1808641ef1fb6c1e05a8f2abcc436b505b54d5cdd9087c05657d0f247b25a28de2d8c02bbe940cdb148d04fea8a30f5273c0ee914927f4e6f05328ee824bae40a2d866908cbb0cda4f8017f8f164e8d3f808646e5f9b55948ab172b64717e95cc3a909339", 0xa0}, {&(0x7f00000029c0)="ff538550623e5ca80d7df00148b26e3cd77c58cf62801b3f2bf98597f52a3b152ba4644de640f43465faf266fb8e8ed7c8312b38e76c34335d1e61d73932026cfd3cf7635c303999e9709aa9e992b4d14ac237f2a9f8fc896e4849b12269ac90a76f1e0c99b6148837a57b9c", 0x6c}, {&(0x7f0000002a40)="c6cd0114c07341b02081390a7eae16969d310bfa930086a58d7ce62ffd0c3a792071924ae2f54963aef6c29e697fac9f9d656e3dbae24cf1f121b69fa3dbfaf3feac69098f1d58dd7aa3c8cc25836c6559f6b0c138056b832f6db9c8ee0050199ea4807c8186b688b6ad979258aa7b59f1ef029bc84b957c8f861881081a174feb5bc3", 0x83}, {&(0x7f0000002b00)="259f73cb7187b1a71c7c72486979d67a38088359bc744d7733d7f8bfbb5c4490e09d0f9a63a421d47ae6bae374422f925f131c67adfc5dda80d3086c4826040144bd269c4f73cee73bfd0091aeb35f9aaaf4457f980865be01a521511d14ba2136b1cfd7636ecab9276c9c1c07f1e7e8d8fead7b9242e3e6062ec49de3bbdcab8ddbc951a1feadc8b7d6e151f0fba38b82d83716558374c78e7400be5adb776d70596c281d62d185663d65f10ccae7e039758db1550e1c82e26f750dd4eb4257dc3f56378e043fa3b93b1468139d797c3bc2fae4df99e8210897114968f09955d1", 0xe1}], 0x6, &(0x7f0000002d80)=[@cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [r3, 0xffffffffffffffff, r0, r4, r0, r4, r0]}}], 0x50, 0x804}}], 0x4, 0x400c040)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r5, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000780)="d2205d96c717ab96f0ded75d86dd", 0x0, 0xd5b5, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
getpid()
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0)
fcntl$lock(r8, 0x26, &(0x7f0000000000))
ioctl$TUNSETLINK(r8, 0x400454cd, 0x30d)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)

18.888411556s ago: executing program 5 (id=4773):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
r1 = bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@fwd={0x1}, @fwd={0x2}, @var={0x2, 0x0, 0x0, 0xe, 0x3}]}}, 0x0, 0x42, 0x0, 0x100, 0x0, 0x10000, @value=r1}, 0x28)
syz_open_dev$usbfs(0x0, 0x76, 0x103901)
shmget$private(0x0, 0x4000, 0x800, &(0x7f0000007000/0x4000)=nil)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r2 = socket$netlink(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x7fffffff, 0x8000003, 0xffffffff}, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000200), 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={0x14, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}}, 0x14}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="3800000002011d04000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001"], 0x38}}, 0x0)
r4 = syz_clone3(&(0x7f0000000380)={0x22140000, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, &(0x7f0000000340)=[0x0], 0x1}, 0x58)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r4, 0x10, &(0x7f0000000080)={0x3})

18.738539909s ago: executing program 5 (id=4774):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x80}, 0x1, 0x0, 0x0, 0x4015}, 0x4041010)
setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, 0x0, 0x0)
socket$inet(0x2, 0x3, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x6}, 0x18)
ppoll(&(0x7f0000000500)=[{r2}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x6, 0x3, 0x4, 0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x200000000000000, 0x0, 0x7fffffff}, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
close(0x4)

15.277017353s ago: executing program 5 (id=4778):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r3, 0x6, 0x10, 0x0, &(0x7f00000000c0))
sendmsg$IPSET_CMD_GET_BYNAME(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000300)={&(0x7f0000001a80)=ANY=[], 0x30}, 0x1, 0x0, 0x0, 0x880}, 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='sched_switch\x00', r5}, 0x18)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x40052)
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r6, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0xf4, @remote}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x840}, 0x0)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000c00)={0x0, 0x0, 0x0}, 0x0)
ioctl$TIOCL_SETSEL(r7, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x3bf, 0x4, 0x14c}})
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000040}, 0x80)

14.128753195s ago: executing program 5 (id=4781):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, 0x0)
ioctl$IOMMU_HWPT_ALLOC$TEST(0xffffffffffffffff, 0x3b89, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x4, 0x8f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x25)
setresuid(0xee01, 0xee01, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
r3 = syz_open_dev$vim2m(&(0x7f0000000580), 0x7fffffff, 0x2)
mount$tmpfs(0x0, &(0x7f0000000540)='./cgroup\x00', &(0x7f0000000180), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="6d706f6c3d6c6f63616ce773746174696328006ef5cf0bfa92de24f2a210089076d00bd151f8c1699132bf810bee3f65cb9b0101c8ccc06529f20b467fd7419a698853ab289b52"])
ioctl$vim2m_VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f0000000240)={0xb, 0x1, 0x0, "f85a03f073e22f000000780000000000000000000000000000000000ffff00", 0x36314d59})
syz_genetlink_get_family_id$ieee802154(0x0, r1)
kexec_load(0xff0e, 0x1, &(0x7f0000000900)=[{0x0, 0x0, 0x7ffe0000, 0x3e0000}], 0x0)
socket$igmp6(0xa, 0x3, 0x2)
r4 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r4, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
bind$inet(r4, &(0x7f0000000340)={0x2, 0x4e22, @loopback}, 0x10)
sendmsg$inet(r4, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x40)
sendmsg$L2TP_CMD_SESSION_DELETE(r4, &(0x7f0000001bc0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001a40)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x2004e101}, 0x0)
close(r4)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000003c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x360, 0x150, 0xc8, 0x8, 0x0, 0x5803, 0x290, 0x2e8, 0x2e8, 0x290, 0x2e8, 0x3, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @multicast1}, @mcast1, [0x0, 0xff], [], 'erspan0\x00', 'geneve1\x00', {}, {}, 0x0, 0x0, 0x3}, 0x0, 0x110, 0x150, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@connbytes={{0x38}, {[{0x10}, {0x8000000000000001}]}}, @common=@frag={{0x30}, {[0x4, 0x7fffffff], 0x4, 0x10, 0x3}}]}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x2, 0x80000000, 0x10001, 0xffff8000, 0x7f, 0x9, 0xeb8, 0x10000]}}}, {{@ipv6={@private1, @remote, [0xffffffff, 0xff, 0xffffffff, 0xff000000], [0xffffff00, 0xffffffff, 0xff, 0xffffffff], 'geneve1\x00', 'netpci0\x00', {}, {0xff}, 0x32, 0x4, 0x4, 0x4}, 0x0, 0x118, 0x140, 0x0, {}, [@common=@dst={{0x48}, {0x8, 0x7, 0x1, [0x9, 0x4, 0x13, 0x0, 0x6, 0x6, 0x8, 0x1fd, 0x2, 0x401, 0x800, 0x6, 0x6, 0x5fd8, 0x8000], 0x1}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffb}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3c0)

13.284522203s ago: executing program 0 (id=4784):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x19, 0xe, 0x0, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x94)
r2 = syz_open_procfs(0x0, &(0x7f0000000e00)='net/icmp6\x00')
lseek(r2, 0x7ffffffffffffbff, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, 0x0, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x4, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast2, @in6=@private2, 0x0, 0x0, 0x4e21, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x6, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x100000000000}, {}, 0x0, 0x0, 0x1, 0x0, 0x3}, {{@in6=@mcast2, 0x0, 0x33}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0xb7, 0xfffffffe}}, 0xe8)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)
write$P9_RSTAT(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="490000007d010000004200080001040000420300000002000000000000000000044109000000030000000800000000000000040047504c00040047504c0004004750b7050300402a29"], 0x49)
sendmsg$key(r4, &(0x7f0000000080)={0x0, 0x700, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="0209000002"], 0x10}, 0x1, 0xfdffffff}, 0x0)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x3, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = syz_open_dev$vcsa(0x0, 0x5d3d, 0x2000)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002e00)=[{{0x0, 0x0, &(0x7f0000000440)=[{&(0x7f00000003c0)="aeb24ea10d8204974de31ece2817a8faf55359634d0011180c2ce4f3ec9a0c0b28d839fe4f6706fc4fe04dace11d3409ea23d2dcb430787dbfaeac3405fc940f7609ca7305731e4bc88aefb53245f2ab7e8f7ea10dffb8191df4f7b7a13eba5ca1b931c99d3f2d628189b47ad0c00b94a03fb86c2ec6fcc4b055fbc5af64", 0x7e}, {&(0x7f0000000580)="485bd75fd51928c36b3251cc1e4cab6e0314186df0f7b55e879c94a6efa8ad3b336dcb013512ebda38d5d96f2dd58fb13c787582810f4b216669c6e386f26c2503c574beb47032f61e67ba8d2a254f4c87912fd3a8bbaeaa7e1c3b075ccef5aaeb7f99b7759b6275f6fb101ddd31a622c24deba3a7cef0d79f06d470f0f52e2ddcf228fd8835479c0a77d160cc61089bbf8b8a16d5c6e57c732b1d44fb12bd8a3cf9d741017ba1a87f6f3f", 0xab}, {&(0x7f0000000640)="4f1408c2b99468c7b95a68390fc45eccbcb0cc8d211555ebba2558d1797aa8d15ccca82d4300defe921109ba4271df345c1547fc777a576030b4c7fcd3158d6d1bd3544a46e3f764f22c4f24bf7b88d9b145f8cd9c0d75549a22d07949d9184e27c5f0b8974fe2f2ca4c6f99ed", 0x6d}], 0x3, &(0x7f0000000c40)=[@rights={{0x18, 0x1, 0x1, [r0, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r1]}}, @rights={{0x14, 0x1, 0x1, [r5]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r4]}}, @rights={{0x18, 0x1, 0x1, [r3, r1]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [r4]}}, @rights={{0x20, 0x1, 0x1, [r1, 0xffffffffffffffff, r1, r7]}}, @cred={{0x1c}}], 0x110, 0x8b1}}, {{&(0x7f0000000980)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000b00)=[{&(0x7f0000000f80)="57d304892b4e8dc0250ae273fadd80730ee4e9c9c75611a201fde65584322676c5c40103bbbf3ca151fe7ff78642b75929a6cb00ac41944cefe112f85ebe22943006852e6f48ee8c7e5ab050eaf6b1f9315bebdb6deb6769f39ba9f72dcbefef538396d459ff5784296640bcd8a40e2c9c58e94338c289229e11e73b4a743470413f7a8cb10b05a8bed47e9979b136561b5e0a186d08d6f0f95ee3d6a53ab89a796261a7365444afe2d2c13592b511044fffec3947f9498a87f5cfb9be8c6926cf7f0e382569753b7584f104b3cdc9da36d1cb60490cf49f2b34a31286e1ed008e02d5ee1826556bcd485f18595e1a228ac3fba6cf6d7a02c4ec741fc12bb0f5c1a3c60c75d51c45bb4bbc9685502f869402f385c5e21a7ac91202414711c602d5aeca1e328d11abee678f4d80cbd3d4bf959711e94a3a78a3c31f4aa9ab92e62b48278eff03e9d3fbacba55bf797bd4f1a0f905fcc59c2fb0420ea38988daa6ce4b8ac907c65a8daf6c3905c6df398f6a3e2d93251b26c92e4247f70d1b68201725f4029f660167beebb2a661a4a60c4ace0e0f4cb10dbb912616545ffa81b10bf7fb8bbdaf9cbde0d8bfdfea79e61f80d9b4578c3465a793a55bdc128985676dd2a3832246cae261f9038232e4087cb1aedf3384e0d824f40d33512688c8bfd83a1674e54074d5cae9b9fcb59153b536639a69a4c9075097a5873e204c1999b4e317cb2796d92752843bc06834c855c06d51e2486b22c98bc6551d1acf5f139f83fbeeebf4afb0a3285ad9485de109ee009123ab74fd8b779eb1a1cfe9bbd736381a490d2f86c73ee499ffcb48dde8cefb5de43edc2bc3be6366d9651cf3d3a7f52a24548986c13993b509810afbe88bb715521f19695c8a96c1be37ec55ff536b41e85362bc78c7ae3ace39c57492c7e326a14334b2f149d1e410658338d612cffc7d583a3e8b164176014b10f4b20df7d26977251990598ad0edabda6939a217ad0e57e4b98e0dd361338121b521c05615dc46ac6869f448354ef7675449bc2b3a903f8a8996f972a6ac025cdee31ee352837dbc316e33adc05e376e2bcd17970ad0bee979ea2259da19f331516898a11c5ec57020611d213df94dd25a97d5cfa5774cbea6984e7ccb09ebe3aa95e46ae445fbe093dae4473ae0ba365e6f0bc3efa94901dfcbd4d6b70bffea0b459b32deeab688314ab3b3045b2b7c3d9f8c9508d2ba5a21e60f7bf9ec2995a287d59b7bef076f044fd33bd5fc1a470cd19655d647e030c458c41ae3418a0bc11594eb7d2b328edb5f3ce7f8e479ccac9fdbee7225a42d07ae9e0326a48ae15729770bd5f843f46aeecd24e4008925b7c2fe98c0da30d1b3c9fc928f96cce469d378cfabd3297dade8d155cb6f4fea42cd47b559b54247142755a6ef96f29d739f18ca3b86424c461abd10c706a7830eeadb1a6e1033197a1246f38dabd81d8daca6ccef960523900c8f7e35eda27899be3b3c253fa58f53815b21a470de554e0b46b4032a5724e39ba582cef192b3a382cffbdfca866fb55ec49d43f0710eeb95d2a62d9373515176705b14d7571883c028b3fd068090af84ceef736d8ff3d1fe0dde77503edc23adad659813bb89a9420bd18a67e3b61fa7782d151d5afc50fbd2277881bbddbc3bf775bbb32b45e3f74daf358a5bb9551944d5e7c42c57b57a9b38d2b002d0f1c51104dd8cc07db4ff1fa2302a82c9b6a382832d650a850e427913eadff39a2d3e5fbd51c68322e3bd3eb9b8ff35e6f675960c230534c37c09b16d569ce9f5395df939b7541a2b74866e154894c180d75c5b341112169c361be1ad83e6364daad39c17e0388541572fc453da467bbeb29ee0f0b1b70e589a591551196beb0ef848ca906f9bd7329f0a36804442b5e1bbdc0e4c2fd04e7096c166227f5d86b8dee90b84fc7a5e9ddb022ddd77eb7cec3c74cf4a740808a8811c614411c377a1f2cca60ce9c03fe98ba7ceb356c40ee474722a786e83f7651e8eacef168547779103efb30ecf53b96b5cbec1d1c2839aa89012ae81bb9e368a7e292b99ec138c0309cc483012406af7420fa30b8d0a23b600400af106216305899b9b91379986198adf577f48ad1656a4984f5bca10b8f2f15843ffdbd2453878a8bbe5eb8d1046325c8ff09dd1e06358f82393fbcaf0a3d76120dd41357255ec91440d8b882b6fa58140349a37ce5e34b3a188b3b7ea16a6662baead1def14cfff702604c428a784f4ab6000a15125e10f6e065cb200364deeb92662394bd1b7d57207878ffcfb79edd552d6545c5b72dbd533b27701ca25dc9830d598eb4982ce1d737c0f0df9ccf205381781a167bd598683b752ca234ded4a7dc7168ef5d15bd2deaee9f17f1af4f86a00379ae8ee898cb99df5fdd555a132a37fde3f4f3e03eb554514d41118eb2786d8d321f7b23127321a7cc211d2f940b5c0051268042087f449692ed16366d91eac8fcaa5105a250375eeb92e91b7f474da44fe1228cc11d117a8cdf3ea6714f62a20b53c8627de4640a4e32a8a0843531cf4875bfe91cad395cbbbb6b4dc3eac9ebee971758ec16e8f553fcff128aea63e1f4511d8489e817c4de5287663b8f231d000ac5389b86f5ceabb9e3e9017b094c41e5ad64e650bf051ec5d2f87a50e408dadd140cc1d06c807665957adfee769728a773c1f5fbb6aff21d5663cbcd0b516f01b0dd5a964ef3bc2acd9bda4bc476f1bfb7c0e72f26fc64b12eedd5de655fab5992b51a014948fa4ce8d6723c9b871ce5c4f1108e94055d3e6e1da9dad021dba427c1b7ad7d1325149e06360308f81553e58f743eaa9bc6f8fb7dfe201f5aa90b937b8774b022edea0fbdcd45d1512ae58510071aa4aed7fbd1d44c6c4c894af5bd0ea9ed354b2505d0698e9cf9460aa3466b2c1ca59cda8edf7d339569486ecc96aa29c57deb982bcf6bfcd45ce01c4730c1020f908166ec9af48a8f6545576eaa928a469913440d781b96293c4760979550f6fa3fd6c31eefacd80b48275287752fae261d5e1f5c3bf4f65e743b2e3996285daa88ff4760cda98e2981f37d1be2bdda812735416c73c92ea6aeda52bbf1b7dfcad2817e246a0841da55e9895fd0aeb15cea56ffc9801a704bf1fa0cc6c6e9d5827a4908b1ebb63b9f91d14cc40372444bb60411ff8c2790b7345ee663c10998ff6e6df2b1d3be59c77b130e91297df7afb3d73dfbc7c025ca918849f611509962534f4aef994f346d594affb9ce2deb90ea048c3d55e4fe845a307e3ee5ebc3fe3e829c369492e1fc1a3b6575d668de4dc471cde7ae63788f95ba7eff0eaf196e6c10d8ae622d0dd79d599a6d4ce321395e8c144ff81a3bd833b52679eb6baf9bb115e272a3f95b08db47ab38fa03355af47e197bbf63e219da909d027081dce772c9197a99ffefc03a52d24582724f36afdcec36834883f20b86448a907ca5e2460587c8c2bf4841c3bee517e49d3ed5898e4b620d7b735b26a7df36c4b70f7062091cd2b20a7b5454dcd710c398ca4212e0ae9e3ccba4a236ca78c096097dfaebb811686357f4ac089350a7412bafe7e32a98b05dae0a2e3e7cd2c66210ad1eac18886cd9adae8b1a3cd1dcbb3b51e2ab5d9c33c60b7bcfe47630c4aadebc7fa63732ea4b0fcfceb635d496009d89310163972a3cda95eae43f8f4b054aa788d98b6ab965ac8397ea4ec6026a8613d9914a0ad85c2f72df38c83f2f8d53fdd5e83687e614447688517eaae3888558e4e6d61bc2ec3286545ed5eae194162fdaf7df0ce8e8e3095b52395d23bc9a475ac30af4d8d696d43ca0469a13168471efc806c9772b0dc7f93762e4ff2d1ab33f058a12ffd458e8749934467a78db877eac5cad3b1ee576cb72792f446662ed1cce716558d7b858ef9f83067d49213353315a517c37bae53695b3d66b7e608aa5202d14852181fea3866b4f526f20e68269615ef2c89f785007c7cca375137d9765abe2187759f9908516f3a8c680cdcc2ba40f77f9f1ab1d91214a3446ef2a6283b826cf11ebb6f42dac99a5af998cf7af04156ae8969200fdf2d0b8c90cfa5b50177732898b6725102434d75303f86718ec299427909ccc2a38720d4d68e4d7da7463dddb12d8d0c8dfbd90df4c739767730cb055ce2ea08fc45bc14a7263e45cb5c6ab5c6172af05c1386bc2d608a37b9ba956f5e47e71864ab3e6f637cdd06bdc46b19166d5fbae6ddcd05adcb67444f80cb6e93f61b3bc346d308dae368bfcc5c85caef0ff516c0f8b9fc6334a5fe5d7ebff48b778934271c888ef8867d3201d80d4b4cbacf0bcea4e76d81452c0aab7f5d74479d3c2527b7333ffae066010b4c35c6e3bfa9ef7e6fe915a7493df90728e9412f2be4e7d5c37c73190d2d0bcda424c339ea3e1e819e1d03db4ea161a95208a171697cf978e43eac15f71701237c46318e2b4d07dc0b932c9661b9673d87450d028168151f200e012b4e693c4a51fefaf935071425afd2cebf9e89b1f1d5ebeddaae18f069d75be2e588d84fb0ead498aebb912d01f1f610be1fb3d6fb77f2c57dff96ceddbd392f1e6af99fd7674058668c3a739c56a313ae40db616e3c25b0607ff377a59416565b3b1ad4a50baf8f97f83b099a7160156bd892e5af9aea14fa85c518ab923382a0d9e1d6aeab0c2961ce428d9ec94df1d61782fd9f994bbe28cb4e453a1d96b919b53685abda7da302cee6d0698f5ec1f771cb2ccbdefd241e5076d18272b550447915240f5db565c7bd25dc173c970f864e4042b1e4679f728c53995ce756030b85a0a432f2a521c15ba1e2ae6d0a31ba7d1ead1713a8d028142cc984a643e5636fd813255e0fbaac9c89ba8559ac770d0810247c42d09e15ab0f1a28c9f340c165c6c5345dc70aa949f0f3ba0432557bb502c99006985e02cfcb705a0c7d86df64d4b44e6e9f8a7bef5198112b33696ea5db876171a9b961334fddfbbd2a7aa2fcbd82a7ac1ad7dded8b81727ea10a1d94b2920571110b728101374f5686073ba91d5e411a4fb02c2475222c324f61e22b109a91441a6a7048e7a639dc38b16eb41d40c20ab2612b888534230723438580f98505774911991d0aaa173c9839a46031978851a8ed33136636c93b6e1984ea7873a3cf5240dd50f14df9a0cb90950481411bbe2fb45a4198223d4355d849388f4c238f66ecbefe80c99ae1ac0511217f2afa4cd98b8fd203aa396ebceb2ea169e03b0fa03ee691835f7d02ccc6843a13ddc8a0050a8853c991b845ccce8e62c76f173dfe3873254268d7f8b0474d93b72645d738268950d7a77cee3914e899cb123c947ca10be40570b8202c5eb8d8e126d8606ba3ef6947748dcd8cea182badae58939af485f6ddf558cd618792f6e3627cda0ac0c703ae022845674427ef8019d534dfcdb0c2f353df65626ecbdccae702d29c81f6abbc84fdddf0e7f149158c7de8bb12e01fff2ac9395e7e7f9f559f91b406e009d526a51c775203123745e0327266a372f82c12c9fdbe0ff266c1261faff9b40f20de8f164691a2a7170120db667c577fa987d23fd4fd6e8d7fbd3b26a13368bba5ceea58f9a2a477dc4d4a09f770f8dc06a4851defbe016444c6793df17467fb0b6e9a9c15115214c47dc5c130407896dcec26780f49d8532f07f962bd5ec0931507f1d6e2296ac56c40ce39eda8603ab6195c4ebfd39c84c0acf0704c4e293d959e8bca65973966c8fc5e68a9ff804eff836f3e800d4d50def0e20c1f9d433e75e997f98b23dc3d95bf746914380c8f9274090ea6cc47a8", 0x1000}, {&(0x7f0000000a00)="8875be5bbd025b047e12cfd113a7632c59ab8bfeb54688b742275792e4afccbd3897bf99006ca072a96b447c1331325b10a3c078620b0d76fca27f8dad309687fa822392c7e81a5845195fa13a0301526a3a1a69fcf7c7176c4ef80057c557c42b8dc8a8e005ddabda621882ee8705c3b270b2cc86c64fe527f0324704a873d59bb2e5a40b433d6ec18b0843ebddb869ff907715b7ed58673a68a5a65695069983f1e49bba2efe2a69cde79211e37b2b89c8aa1cbe14dea1d283e73a8b44963a1b137938333e6153ca0baa013eeea0", 0xcf}], 0x2, &(0x7f0000000d80)=ANY=[@ANYBLOB="38000000000000000100000001000000", @ANYRES32, @ANYRES32=r1, @ANYRES32=r5, @ANYRES32, @ANYRES32=r0, @ANYRES32=r1, @ANYRES32, @ANYRES32=r6, @ANYRES32=r4, @ANYRES32=r3, @ANYBLOB="1c000000000000000100000001000000", @ANYRES32, @ANYRES32, @ANYRES32=r0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRESOCT, @ANYRES32=r3, @ANYRES32=r7, @ANYBLOB="1c0000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="000000001c00000000000000", @ANYRES32, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32=r4, @ANYRES32, @ANYRES16=r0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32, @ANYRES32=0xee01, @ANYRESDEC=r0, @ANYBLOB="0000000018000000000000000100000001000000", @ANYRES32=r3, @ANYRES32=r6, @ANYBLOB="1c0000000001000000020000006310dae2c5981c97215eb145ce5f2b0f54adb085a257", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x150, 0x20000000}}, {{0x0, 0x0, &(0x7f00000027c0)=[{&(0x7f0000002480)="0adeba962623c80890cc4a24396efd88118b0f6eb90d03cb6589d44793620af258e7f0ab11788aa97779ae30d31e0ff3e31523c93e7f4ce7b1eda89f31c9b1cac2db175cba44ce8f18c725b5f548a2c4fadc27a834b1859d130ed21bae934bd5a9a727735197e3d7ab65567f04ed834ece351564553106d1e8bbd376584a9ebdabb3ace0dc53e30ed984", 0x8a}, {&(0x7f0000002540)="0f01d8743d3b2519fcfc78c4d9a29618e470cfc5c3f3bd2cc9060062cf07217171b8af253eda85c01098970817e0ebf9bbcfd1ee46f1ae066656852888ab4d2802eaca66e1bcd98981e243354c227cabc1ed2ace02254e0d04235c9bd71d3ce66eb4ba3d5ac9c76ea444312b240adeb3d7cf65787e02ee31bc0719db53c7681e29d8a9e199abe5339b9d05b25c1f010b57abd5207c900f2ad6642688d39ae1d179f20b534728c812802d5dd48b827d92e2ca", 0xb2}, {&(0x7f0000000b40)="891c93ed61ab1c3bb98bf1224df6e7772c5ee706f36d42fa2baa630d779a2ec24e1e5d6c1d331ad93a5d45e13e1dd24428445950ae4ca58c34a0308a7a9ece8ce7b1864a825ffefd940e1233d0251025489374fb900531668c57119a82554040442afca25c62e7cad3a016edde6924c6986b03efc7b98da0d3d63a8bb3602815a9ff096cf02c7747d76657715afe45431e4652d6eb932de499ae9c1cb1778d433f352f783884e88ce0aa593fd1c302161da042defb9a19075e0b21c0ad88c01bbb91efc2fad3f0af", 0xc8}, {&(0x7f0000002700)="723de311b14516c2dd9a4ec3225402b1308c838a93c51e1d9a0bd347ea88ae00f39c1944edc316d8278fd5d236", 0x2d}, {&(0x7f0000002740)="1223d0d445db9a61fe952f5dd6cf34b037ccfe86b870554ac067c672a0939595bdac57d5a10e5382b00e833a8d1e6518619588253e31072b613783bcee20cdbf4fd49605c3ef3abce3f926c553bc08bf3f7e5eb3f2552631d331334ca79dc6d7c3fd9200278102d8", 0x68}], 0x5, 0x0, 0x0, 0x4840}}, {{0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000002840)="b9e6823361c387114c3ae903e6c7721ee420d7c3bdd981953e7afe300f3ed9e74abd2fb0f52f06b1f223fa9935e4c4170d3c4bbe9ef425b5c86959312cf0fd5d8a22f98eca0f9786f6d44a6a48df5d692028d07cd970d3c79ba07ca1885a03ebd19b379dfd432b2a035f4c7d1963c3d66f", 0x71}, {&(0x7f00000028c0)="9cfaf36546", 0x5}, {&(0x7f0000002900)="ffdd402069673470ed1d6a1c693cd01bfc842aacef723fd81ccc602a9e0d493fa62fc15468b5830c809c447d88a6a21151da421a3a08b1bf6d668df1808641ef1fb6c1e05a8f2abcc436b505b54d5cdd9087c05657d0f247b25a28de2d8c02bbe940cdb148d04fea8a30f5273c0ee914927f4e6f05328ee824bae40a2d866908cbb0cda4f8017f8f164e8d3f808646e5f9b55948ab172b64717e95cc3a909339", 0xa0}, {&(0x7f00000029c0)="ff538550623e5ca80d7df00148b26e3cd77c58cf62801b3f2bf98597f52a3b152ba4644de640f43465faf266fb8e8ed7c8312b38e76c34335d1e61d73932026cfd3cf7635c303999e9709aa9e992b4d14ac237f2a9f8fc896e4849b12269ac90a76f1e0c99b6148837a57b9c", 0x6c}, {&(0x7f0000002a40)="c6cd0114c07341b02081390a7eae16969d310bfa930086a58d7ce62ffd0c3a792071924ae2f54963aef6c29e697fac9f9d656e3dbae24cf1f121b69fa3dbfaf3feac69098f1d58dd7aa3c8cc25836c6559f6b0c138056b832f6db9c8ee0050199ea4807c8186b688b6ad979258aa7b59f1ef029bc84b957c8f861881081a174feb5bc3", 0x83}, {&(0x7f0000002b00)="259f73cb7187b1a71c7c72486979d67a38088359bc744d7733d7f8bfbb5c4490e09d0f9a63a421d47ae6bae374422f925f131c67adfc5dda80d3086c4826040144bd269c4f73cee73bfd0091aeb35f9aaaf4457f980865be01a521511d14ba2136b1cfd7636ecab9276c9c1c07f1e7e8d8fead7b9242e3e6062ec49de3bbdcab8ddbc951a1feadc8b7d6e151f0fba38b82d83716558374c78e7400be5adb776d70596c281d62d185663d65f10ccae7e039758db1550e1c82e26f750dd4eb4257dc3f56378e043fa3b93b1468139d797c3bc2fae4df99e8210897114968f09955d1", 0xe1}], 0x6, &(0x7f0000002d80)=[@cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [r3, 0xffffffffffffffff, r0, r4, r0, r4, r0]}}], 0x50, 0x804}}], 0x4, 0x400c040)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r5, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000780)="d2205d96c717ab96f0ded75d86dd", 0x0, 0xd5b5, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
getpid()
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0)
fcntl$lock(r8, 0x26, &(0x7f0000000000))
ioctl$TUNSETLINK(r8, 0x400454cd, 0x30d)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)

13.106856156s ago: executing program 5 (id=4785):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@newtfilter={0x74, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, 0x0, {0xe, 0xfff3}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_basic={{0xa}, {0x44, 0x2, [@TCA_BASIC_POLICE={0x40, 0x4, [@TCA_POLICE_TBF={0x3c, 0x1, {0x2, 0x20000000, 0x1, 0xfffffffe, 0xfff, {0x5, 0x0, 0x9c, 0xf9e, 0x4, 0x7}, {0xf8, 0x2, 0x0, 0xfdb6, 0xefb, 0x4}, 0x6, 0xde}}]}]}}]}, 0x74}}, 0x4000)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001100)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000400000000000e1ff95000000000000002ba76bb3019c1341056bd8174b79603123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee00aa19ce670d25010000020000040000009fc404000000c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965dac05c04683712a0b09ec39e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e468eea3fcfcf498278a315f5b87e1c26433a8acd715f5888b2007f00000000000000000100000000000000010015d60605000053350000000034a70c2ab40c7cf5691db43a5c00000000000000f030007ce2c6f800000000000000e75a89faff01218087560cce39bf405f1e846c1242000000000040cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bef5d7d617da7a6520655a805608df4d431623c850af895abba14f6fbd7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf050000008600a62e96b7cb8e52cbdc2ba9d580609e31c30879d6fce424c2208af6c3784a1975fa657de38a3a32e4fd67ce446adb431d07db79241aca1dd9ba02453bbb5ee8babe1745e645f091231b986e952afdac972f342c6f184777d05d988d6edc71df0100000013a38300cabf2b554380ad215c789bef4cc574109b8df8d9a9db669557b3809d8c396d2c0361629d1822f722ec23812770d72cd00100000078a75dea785be550dbb420287e0789b8c7044f563a1f68d4efe895fdbc463f747c08f4010586903500000000000000e800000000000000000000000000000000000000003ddf4aa4b1c8b8a0ae6fb5425f1d581961471cdb51f8940290e99ccff4123f955267fe4a75c11448741f064fc7ce7e62ee4df874e086287547d4099aeec9f1538ee25a2a5ccf4a9b604e88e12ff25184d4e3c6f7f623559435b2c505fb711300000000040000000000000000000000000000e67ccc02148a4fc43021cce9f24f4b2f9492c32e7a92a557ac2b44b84e88bbf7a49789906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd029406000000433f5c899119ec0c0acef5385c5a2720caeb68f1e9c05b0591d89467ded84da092dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696ad3a042a7097ddefe0671a5767014b09ddbf69b78f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32879d326497e21e041254f06bd7f3a067e147e82e841dba3867da8bfbc101d3960e07d282f483e7b49991be06b950ccd48f4e49833f3c4a02bbd06c84680549f9eb16682ecb722e8ffaca907a3eaaebfc8e0a47c0076d7cc9d32b3cc96aa751d890881c3c33bd91f6ecf45ab3f12f816318346f9b883427b9190024edc1eddd68f34ce3bfedb5fe5d7beae4d3ca561e37570587783f9673e7ab17f5a09efc1114777d2707d2996961203aedff1c52108d9c0d51dc30209872ec602af42eb29d54a37be0fdfdcd74c2d859a566ee5c30677173a2592a4617ae08bec07422d52d2ba7271550a5c20e3a8d1c8c8fd3025ff00607b2249ae9a18391e01b21b36169790b8e96f7955754b6b01a75165d3573d1dec5cf1b08b6115b43203a5654cce2277eb4c02ef4817b4cb989ac178895810eff7b697f2dc9b308aa2460e3cb85cdc4833571a62bf310700000000000000cc7f923284230ada8c756096a66119d4b6b2f159585c3cf8e7bfdd619e294b1d21cd491b8cfd4a253856e485fe29c6ad177a9fb078ca905782b9ed3c30675b89a784bb8031cac0de95178a5acff029a0f0fe972df22b20afe95fba722056f94ab15f1cf605c33df627311f1b614684d77549"], &(0x7f0000000140)='GPL\x00'}, 0x48)
r0 = socket$kcm(0x11, 0x200000000000002, 0x300)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
write$cgroup_devices(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="1e000300008c71ef28ff4b"], 0xffdd)

11.403112706s ago: executing program 2 (id=4788):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x80}, 0x1, 0x0, 0x0, 0x4015}, 0x4041010)
setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, 0x0, 0x0)
socket$inet(0x2, 0x3, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x6}, 0x18)
ppoll(&(0x7f0000000500)=[{r2}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x6, 0x3, 0x4, 0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x200000000000000, 0x0, 0x7fffffff}, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
close(0x4)

10.962538627s ago: executing program 0 (id=4789):
r0 = socket(0x1, 0x1, 0x0)
ioctl$SIOCGETSGCNT(r0, 0x89a0, &(0x7f0000000200)={@dev={0xac, 0x14, 0x14, 0x25}, @rand_addr=0x64010125}) (fail_nth: 8)

10.238685647s ago: executing program 4 (id=4790):
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{}, &(0x7f0000000040), &(0x7f0000000140)}, 0x20)
sendmmsg(0xffffffffffffffff, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000800), 0xffffffffffffffff)
setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000001c0)=0x200000, 0x4)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000240)={0x0, 0x1228000, 0x1000, 0x2, 0x1}, 0x20)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x10000c00)

10.072506112s ago: executing program 2 (id=4791):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_int(r0, 0x0, 0xf, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="6c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="5d580000000000001c001a8018000a801400070000000000000000000000000000000002140003006970766c616e31"], 0x6c}, 0x1, 0x0, 0x0, 0x840}, 0x0)

8.452316573s ago: executing program 4 (id=4792):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair(0x1e, 0x80005, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x5, 0x0, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
close(0xffffffffffffffff)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
listen(r3, 0x0)
bind$bt_sco(0xffffffffffffffff, 0x0, 0x0)
ioctl$VIDIOC_S_OUTPUT(0xffffffffffffffff, 0xc004562f, 0x0)
ioctl$VIDIOC_S_DV_TIMINGS(0xffffffffffffffff, 0xc0845657, &(0x7f0000000140)={0x0, @bt={0x2, 0x9, 0x0, 0x2, 0x1000, 0x400, 0x82ec, 0x3, 0x10001, 0xa, 0x8, 0x0, 0xd546, 0x6, 0xd, 0x0, {0x8}, 0xb, 0x4}})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x78, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x0, 0xf}, {}, {0x7, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x48, 0x2, [@TCA_FLOW_EMATCHES={0x44, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x2}}, @TCA_EMATCH_TREE_LIST={0x38, 0x2, 0x0, 0x1, [@TCF_EM_IPT={0x34, 0x1, 0x0, 0x0, {{0x8, 0x9, 0x40}, [@TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x2}, @TCA_EM_IPT_HOOK={0x8, 0x1, 0x3}, @TCA_EM_IPT_MATCH_REVISION={0x5, 0x3, 0xfc}, @TCA_EM_IPT_MATCH_DATA={0x4}, @TCA_EM_IPT_MATCH_NAME={0xffffffffffffffa9}]}}]}]}]}}]}, 0x78}, 0x1, 0x0, 0x0, 0x10}, 0x2008c014)

6.116931831s ago: executing program 0 (id=4793):
socket$nl_route(0x10, 0x3, 0x0)
fanotify_init(0x500, 0x0)
io_uring_setup(0x1946, &(0x7f0000000a80)={0x0, 0xa94d, 0x10, 0x0, 0x22e})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000500)={0xa, 0x2, 0x0, @loopback, 0x4}, 0x1c)
r1 = syz_open_dev$sg(&(0x7f0000001940), 0x0, 0x202)
ioctl$SG_GET_PACK_ID(r1, 0x227c, &(0x7f0000000000))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f0000000540)=[{{&(0x7f0000000300)=@l2tp6={0xa, 0x0, 0x0, @private1}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000380)=""/136, 0x88}, {&(0x7f0000000440)=""/93, 0x5d}], 0x2, &(0x7f00000004c0)=""/15, 0xf}, 0x6}], 0x1, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
io_uring_register$IORING_UNREGISTER_RING_FDS(0xffffffffffffffff, 0x15, &(0x7f0000003300)=[{0x0, 0x0, 0x0, 0x0, 0x0}], 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sendto$inet6(r0, &(0x7f00000000c0)="04", 0x1, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000100)={@in6={{0xa, 0x4e24, 0x0, @loopback, 0x1}}, 0x0, 0x0, 0x17, 0x0, "10baa70a93289349d889de25b87376f64276337642b890d33cb5b592e66e6229bc5ce1b3871b7ef6619db5b2a94edb6f73ea08b02aa3b47debd38b6d889a8c986b330600000000000000fd6700"}, 0xd8)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x40000)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r6, 0xc02c5341, &(0x7f00000000c0))
dup(r0)
syz_io_uring_setup(0xbe0, &(0x7f0000000280)={0x0, 0xec22, 0x8, 0x2, 0x4000033b}, &(0x7f00000006c0)=<r7=>0x0, &(0x7f00000001c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, 0x0, 0x0, 0x4)

5.836702332s ago: executing program 2 (id=4796):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
write$binfmt_script(r1, &(0x7f0000000600), 0xfec8)
recvmmsg(r1, &(0x7f00000008c0)=[{{&(0x7f00000000c0)=@pptp={0x18, 0x2, {0x0, @initdev}}, 0x80, &(0x7f0000000ac0)=[{&(0x7f00000004c0)=""/203, 0xcb}, {&(0x7f0000000140)}, {&(0x7f0000000300)=""/225, 0xe1}, {&(0x7f0000000400)=""/41, 0x29}, {&(0x7f00000001c0)=""/200, 0xc8}, {&(0x7f0000000440)=""/123, 0x7b}, {&(0x7f0000000800)=""/49, 0x31}, {&(0x7f00000009c0)=""/222, 0xde}], 0x8, &(0x7f0000000640)=""/123, 0x7b, 0x2000000}}, {{0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000880)=""/24, 0x18}}], 0x2, 0xcb, &(0x7f0000008000)={0x0, 0x989680})

5.639391599s ago: executing program 2 (id=4797):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0x0, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
statx(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x100, 0x7ff, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000007e40)=[{{&(0x7f0000000340)={0xa, 0x4e20, 0x0, @empty, 0x6}, 0x1c, 0x0}}], 0x1, 0x200400ca)
quotactl$Q_GETFMT(0xffffffff80000400, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
r2 = openat$drirender128(0xffffffffffffff9c, &(0x7f00000001c0), 0x448880, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000380)={&(0x7f0000000200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000280)=[0x0], &(0x7f0000000300)=[0x0, 0x0], &(0x7f0000000340)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x1, 0x2, 0x7})
r3 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x0)
r5 = userfaultfd(0x801)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0xc})
r6 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000100), 0x8000, 0x0)
ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00001b4000/0x3000)=nil, 0x3000}, 0x3})
madvise(&(0x7f00001b4000/0x4000)=nil, 0x4000, 0x4)
r7 = syz_io_uring_setup(0x10f, &(0x7f0000000140)={0x0, 0xfadb, 0x10000, 0x3}, &(0x7f0000000240)=<r8=>0x0, 0x0)
syz_io_uring_submit(r8, 0x0, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x241}})
io_uring_enter(r7, 0x47f6, 0x0, 0x0, 0x0, 0x0)

5.630770909s ago: executing program 4 (id=4798):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000080)=ANY=[@ANYBLOB="88000000", @ANYRES16=r1, @ANYBLOB="01002abd7000fedbdf253b00000008000300", @ANYRES32=r2, @ANYBLOB="6b0033008000de00ffffffffffff080211000000505050505050000007000000000000006400824403010e0503ff4f063c040180a91c2d1a02000c0200000000000000000001000f0003030303037107fffeff"], 0x88}, 0x1, 0x0, 0x0, 0x880}, 0x0)
r3 = syz_io_uring_setup(0x7431, &(0x7f0000000080)={0x0, 0xc089, 0x400, 0x3, 0x163}, &(0x7f0000000000), &(0x7f0000000100))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
r5 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r5, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @broadcast}, 0x10)
sendmmsg(r5, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) (async)
sendmmsg(r5, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)
syz_io_uring_setup(0x952, &(0x7f0000000400)={0x0, 0x537, 0x8000, 0x1, 0x3d5, 0x0, r3}, &(0x7f0000000040), &(0x7f0000000240)) (async)
r6 = syz_io_uring_setup(0x952, &(0x7f0000000400)={0x0, 0x537, 0x8000, 0x1, 0x3d5, 0x0, r3}, &(0x7f0000000040), &(0x7f0000000240))
io_uring_register$IORING_UNREGISTER_IOWQ_AFF(r6, 0x12, 0x0, 0x700) (async)
io_uring_register$IORING_UNREGISTER_IOWQ_AFF(r6, 0x12, 0x0, 0x700)

4.67284976s ago: executing program 0 (id=4799):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
r1 = bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@fwd={0x1}, @fwd={0x2}, @var={0x2, 0x0, 0x0, 0xe, 0x3}]}}, 0x0, 0x42, 0x0, 0x100, 0x0, 0x10000, @value=r1}, 0x28)
syz_open_dev$usbfs(0x0, 0x76, 0x103901)
shmget$private(0x0, 0x4000, 0x800, &(0x7f0000007000/0x4000)=nil)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r2 = socket$netlink(0x10, 0x3, 0xc)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x7fffffff, 0x8000003, 0xffffffff}, 0x10)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000200), 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)={0x14, 0x0, 0x1, 0x401, 0x0, 0x1a14, {0x2}}, 0x14}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="3800000002011d04000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001"], 0x38}}, 0x0)
r4 = syz_clone3(&(0x7f0000000380)={0x22140000, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, &(0x7f0000000340)=[0x0], 0x1}, 0x58)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r4, 0x10, &(0x7f0000000080)={0x3})

4.663499039s ago: executing program 1 (id=4800):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100))
mount$binderfs(0x0, 0x0, 0x0, 0x4800, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{0xffffffffffffffff, <r0=>0xffffffffffffffff}, &(0x7f00000000c0), 0x0}, 0x20)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'veth1_vlan\x00', <r1=>0x0})
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=r0, @ANYBLOB="060a000000", @ANYRES32=r1, @ANYRES32, @ANYBLOB="00000000010000000200"/28], 0x50)
r2 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_READ(r2, 0xc008551a, &(0x7f0000001100)={0x3})
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_open_dev$admmidi(&(0x7f0000000140), 0x20, 0x0)
syz_open_procfs(0x0, 0x0)
r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
read$midi(r4, 0x0, 0x20)
ioctl$SNDCTL_SEQ_RESET(r5, 0x5100)
pread64(0xffffffffffffffff, &(0x7f0000001600)=""/4103, 0x1007, 0x9b)
pipe2$9p(0x0, 0x800)
r6 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet6(r6, &(0x7f0000000380)={&(0x7f0000000080)={0xa, 0x4e20, 0x1000000080000, @dev={0xfe, 0x80, '\x00', 0x28}}, 0x1c, 0x0, 0x0, 0x0, 0x30}, 0x8800)
dup(0xffffffffffffffff)
syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)

4.595498076s ago: executing program 4 (id=4801):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x80}, 0x1, 0x0, 0x0, 0x4015}, 0x4041010)
setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, 0x0, 0x0)
socket$inet(0x2, 0x3, 0x7)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3, 0x0, 0x6}, 0x18)
ppoll(&(0x7f0000000500)=[{r2}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x6, 0x3, 0x4, 0x0, 0x0, 0x3}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x200000000000000, 0x0, 0x7fffffff}, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
close(0x4)

4.305636865s ago: executing program 2 (id=4802):
socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{}, &(0x7f0000000040), &(0x7f0000000140)}, 0x20)
sendmmsg(0xffffffffffffffff, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$xdp(0x2c, 0x3, 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000800), 0xffffffffffffffff)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000001c0)=0x200000, 0x4)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000240)={0x0, 0x1228000, 0x1000, 0x2, 0x1}, 0x20)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
unshare(0x10000c00)

3.862095804s ago: executing program 0 (id=4803):
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="13000000100000000200"/19, @ANYRES32, @ANYRESHEX=0x0, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000edb987783856c4647902a8c4b359e25d00"/42], 0x48)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x3e, &(0x7f0000000140)={&(0x7f0000000240)={0x14, 0x38, 0x301, 0x270bd26, 0x25dfdbfc, {0x3, 0x0, 0x4000}, [@nested={0x0, 0x42, 0x0, 0x1, [@nested={0x0, 0x13, 0x0, 0x1, [@nested={0x0, 0xa}, @nested={0x0, 0x86}, @typed={0x0, 0x69, 0x0, 0x0, @u32=0xc}, @generic="7a58f531f9b2b900f2f1b9932e10b11a58aa3896699648c571499365da242704777130fc29045e2230253fd05736479c720db862aaec9d74efc86be25ab843c163bb6bc3490ebfa9eda86a2cc41f4d159794da04d76d87364891a43b4af6416ca056e14e530867be763a418992d59c6466ae", @generic="225739a2e6e224a5088db968e9e77670d5f527e299bf7a3bc3679f7083703b22413ab868cab721d83c6360347e609c9adf50d13ea91592aac51f34920c82ebdd27bc41ac91f5d92d908cf21899ce6b2dd4fdc576f65ef73562f23f1bcd7d3e46c461488b69469902712f0ddfda5a9e060474940a91375aa9e22e6e6a6e58f0482710ec711a45b5a278b3f3d0", @typed={0x0, 0xad, 0x0, 0x0, @binary="e82c40967248176b5bcc464f089abd"}]}, @generic="7d891de6ad4aaba39f7b3fafa77c5d268724697e44a39e747168905bc951afd0dd3408c10dbff4f72ce478acb89136c37ab6450242f6b22f9d49218801df48e27013cce916eb1b9b3b127c27576a8652749e25035f6397a39055db34dd06ee17aa5371a2bb181f1b08202d3a9a27862e5b5b3adc495ccbbfb09224ed06a08128822b9645b5c1c44ef360de945e60d204d6c088325aec8d8ad0ae9ba1ece7d73067a2d5c097b2c1bea1720888146d82b3d3f06078", @typed={0x0, 0xe4, 0x0, 0x0, @binary="804780e7"}, @typed={0x0, 0x9b, 0x0, 0x0, @ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}]}]}, 0x14}, 0x1, 0x8000000000000, 0x0, 0x80c0}, 0x8004)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000009c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000200)={0x1d, r2, 0x0, {0x0, 0x0, 0x3}}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x22020400)
mkdir(&(0x7f0000000000)='./file0\x00', 0x2)
sendmsg$can_j1939(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000005c0)={0x0}, 0x1, 0x0, 0x0, 0xc000}, 0x20008000)
fchdir(0xffffffffffffffff)
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f00000000c0)={'s526\x00', [0x4f27, 0x5, 0x2, 0x401, 0x1, 0xc47, 0xfff, 0x5c95239c, 0x5, 0x3ff, 0x800, 0x1, 0x1, 0x1, 0x9, 0x8, 0x6, 0x4, 0x3, 0x395, 0x80000089, 0xfffffffe, 0xb, 0xfffffff5, 0xffffeadb, 0x6, 0x3c, 0x8, 0x4, 0x8000000, 0xdffffffa]})

3.444295108s ago: executing program 1 (id=4804):
socket(0x10, 0x3, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x6d}, 0x2c)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), r5)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r5, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000007c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002ebd7000fbdbdf2528000000180001801400020076657468315f746f5f626174616476"], 0x2c}, 0x1, 0x0, 0x0, 0x4000001}, 0x50)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000001800), 0x2, 0x0)
r7 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r7, 0x0, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000440)={[{0x2b, 'io'}, {0x2b, 'rdma'}, {0x2b, 'cpuacct'}, {0x2b, 'freezer'}]}, 0x1c)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x6, &(0x7f00000001c0)=ANY=[@ANYBLOB="180200000101010000000000000000008500000041000000180000000300000000000000040000009500"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r8, 0x0, 0xe, 0x0, &(0x7f0000000680)="548852ac5b4eba7aeaccd2c62b2b", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9, 0x8}, 0x50)
r9 = socket$inet(0x2b, 0x801, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x48f, &(0x7f0000000000)={0x0, @private, 0x0, 0x0, 'lc\x00', 0x4, 0x3, 0xfffffffe}, 0x2c)
pwritev2(r9, &(0x7f0000000300)=[{&(0x7f0000000340)="9d1f77e3aa315b70e9cc08c4d6e24209c3d49ddedb950b27393a7278a43facf47a227c49f276efb8f2a4421bc66636ede1d039cf88d8b3ac53bdedb68d28ffa5dca598cc67f89d7e777eb61fc948ff677318e8f183d6759075621e2ddcb80e647c7dc594f7ddd875c7e461ea5c5a99bed76f2cbfd1771075ea9b39cfb70fed0e288c65292590e45796810e6f88f22b303aefc9a3346dfd3fd647b85368f7cdbc7feeda5699d3a464f30c6ea6c4c507693315701e1cac25daa2cb7376ab9ca173f5ee66b2fb4b6978a7bad693c1bed5906632ef92c5f56d853918abfe2009000000826bb0c7afaf4b07d4174a544b663e097209a6aa", 0xfffffffffffffef2}, {&(0x7f0000000280)="ed645651414df50d2c8cd7ae33d362d3ad99b43721b8f6657829c97f8e74ec9ab3df5b035e336323d9d9ba824d28ebc117b7f12e6ee629852fdc18008629092f85a1c32d063886d2a73620705a665eb46371e87ee5eb12e32876c9b5a52fd3"}], 0x1, 0x6b, 0x9, 0x0)

2.248788767s ago: executing program 1 (id=4805):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
unshare(0x22020400)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
r5 = memfd_secret(0x80000)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r5, 0x6, 0x21, &(0x7f00000001c0)="04ae602cccc8cd48815d3a83b0704bf7", 0x10)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000680)=@broute={'broute\x00', 0x20, 0x0, 0x90, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000080], 0x0, 0x0, &(0x7f0000000080)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffc}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r3}, 0x10)
getrlimit(0x6, &(0x7f0000000000))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r6, <r7=>0xffffffffffffffff}, 0x4)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x1f, 0x11, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0xe}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r7}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000200)={r8}, 0xc)
r9 = socket$inet6(0xa, 0x3, 0xff)
connect$inet6(r9, 0x0, 0x0)
r10 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
r12 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x3, 0x8, &(0x7f0000000180)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x7}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r11}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r12, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="d2ff03076003008cb89e08f086dd", 0x0, 0x1d5ae, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
listen(r10, 0x3842)
listen(r10, 0x80)

711.359595ms ago: executing program 1 (id=4806):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'generic-gcm-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0)
write$binfmt_script(r1, &(0x7f0000000600), 0xfec8)
recvmmsg(r1, &(0x7f00000008c0)=[{{&(0x7f00000000c0)=@pptp={0x18, 0x2, {0x0, @initdev}}, 0x80, &(0x7f0000000ac0)=[{&(0x7f00000004c0)=""/203, 0xcb}, {&(0x7f0000000140)}, {&(0x7f0000000300)=""/225, 0xe1}, {&(0x7f0000000400)=""/41, 0x29}, {&(0x7f00000001c0)=""/200, 0xc8}, {&(0x7f0000000440)=""/123, 0x7b}, {&(0x7f0000000800)=""/49, 0x31}, {&(0x7f00000009c0)=""/222, 0xde}], 0x8, &(0x7f0000000640)=""/123, 0x7b, 0x2000000}}, {{0x0, 0x0, &(0x7f0000000840), 0x0, &(0x7f0000000880)=""/24, 0x18}}], 0x2, 0xcb, &(0x7f0000008000)={0x0, 0x989680})

710.233531ms ago: executing program 4 (id=4807):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000005340)=[{{0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000540)=""/6, 0x6}, {&(0x7f0000000740)=""/158, 0x9e}, {&(0x7f00000005c0)=""/43, 0x2b}, {&(0x7f0000001500)=""/4096, 0x1000}, {&(0x7f0000000800)=""/93, 0x5d}], 0x5}, 0x7}, {{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, 0x0}, 0x9}, {{0x0, 0x0, 0x0}, 0xfff}], 0x4, 0x40010020, 0x0)

560.522003ms ago: executing program 1 (id=4808):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{0xffffffffffffffff, <r0=>0xffffffffffffffff}, &(0x7f0000000100), &(0x7f0000000180)}, 0x20)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000080)={'wlan0\x00', @random="7cf1e97c9e4f"})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x1, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0xa}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r2, 0xe0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10)
creat(&(0x7f00000004c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x12)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000004c80)=[{{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000001400)="c6db895249a70190efd23a214cad28349bf4a28269480c9bc914a10ea1ea6570d12d4a82744ba0045a801ad7de161e60b7c83fe563365e5acff84d205e0d53d57aa35ff6f3b0543140895196020d9afcb0c97e0e6e0f7245f8bfe9018d88136e2cee9049a74c7d620b9e49358a0558f266cc1467f12ebbce067e17d4fe77e065703504884e8bb5a6f24a010aa4ad168bf3074d6b72b6d727923815a7f03baa67a262ce457dcf1423074fe42584e9589ffc786204a961b046dbe81f77219f7c3ee699fbb8e76952d01dcdee5247e6a6d77b3daeed964188a0cdf1e8d3bbce8015b97de99b73ac27f5af7a81de5867cb19f2baef77b036abb949d37d34a73a0eb663a906c49d0cdd531432e4b4f1a4072c580fa19e20f3dcfaeddd9c41cf07a4fb410c44e3b5fe28f2042dfb1956ced8a964af756ba53b0766a35f4c60cb5c4f1340625501e48d3b71480688f19976137e9113c386b7a83ca137ae03717e472a73d8c3fa52545a662b8489f7aaea770db996a0050d15402729198b155b6bb627ab8735354e5c3d0351893fcf57ef23df88b9c383279a142f3d3fa8dba7a40fdafa72b07394c182621b4516230bd849c493fe0cafc830332b6bf7495ec2184e833dd208e3e6c97af6533df9e519fb968f0e0b39a72451ccffa7003395ce78a1b1b6a1ff24032a711984c37061d69922fdbeead34993d312d9f0abd5d2933a8bc1af25b9568c07a588194718fa073dd4caf86102b6b4600e631877a7e66aca47261a79f391f3a5a17c460a345c4839d8b1d7a4a9c3b3a712e7a09885b6cc8fba30a0ffdf9ef6d57ffe57f4eb53c7882479245a190ce3e52f823eb81631cb22483bda591a650c2db9392b7371d0501ea77cc5687a46639a61f52f3f2598989450e7dee6e0227a59b64582a93362f4718a17df73c61a9984ba98d249d6602e6442f9592b19b976d8ee466fc7913eddb43e0c8bc4f0bee2a433c85ada2f17b194ebb8f1818f565715ae963609407fe9c77140e90ae770d4158549fdd154cde390dcfc004410c2f6b00672f1f2023e3a7b8f2da4beee6b96ba0198abbdd8175211438a9f21b818c662e735e14090fa567c922abe2888bd00eeb7eb630166901ba6ba13b0925dba9e1db2de81e566f92d50701fa15828e127352d424a38f3081816baee6b548e44365fcf08971a19630f335ad4225aef574f2c8038472a7220fa0196dbddce60dda9f0c28297719cca2370297593e9fab985000ab3260910b3a057c3a2bdd2ac5dfb62c353f95d3a3fee676cf94c8e5b4cc8b5601de8e2f6932e50c09d5742c9c8ff27bf2ce0d9d2c8f9a578c08a6dee9f711f148f7d1eca02bd25deb2e44fbe42133c0a5f4ce4d1d90228a2a44e91879d6b983cd8afc11f9bea9fef1dc81f4035cc1218d6d23ca1acbd077064b6c3c7385c0adf43b199cda9e34a56899f5431832d191c1ddec1e0e4ef9cd6d689abd18149fa8d522d2a9f5213a5ffd0fdc60c6f877ae40b285de77f8bb136c81fea3a820b6a1d59dfb47b3472cf0127c0a17c2c0b994eb205ba99c9a13b1479d83e9e21174839bfb46cedad9d9af40afadbb17c5ef4b5997f5f24795dcfcb8f3de085153eb853dbf93e5706956a9644ee877aee5e277d51be5a6558ed78099b4767965f040e4a63ec7f1407cea9970cf92c2c512148b4b811d435bd1b52cae5f7714eacad2ea9fee4f60b9deb41e0521aa5d2fbcd2a584003efef1a2164a2a41a5e9522dd74323a9e727c696d520f808b2fb401f622ddbf82e324130c75b7ce918f3ad9ba87abeb1fa99cd011ff01c990cf7d3e104a514f0a42d8aa5e2256e14e8f13142760e177f70dd99178db54c75819012896f890c45b6da9881a85e5e9dbe437e1840cc4e1dd7d2acb1067ae360c2fac303212dc0f4be2f3b5b001fca6e5af0c13e70d32f96fddd2ebdae4c5b39a91576584fe7e1a004467432930c4b2338399b16b16df199be6ef3f2017e37c219b9a2333f197d4c05f3885570589379c1769a2238c69c889b1627d6fa76775f0d6abccbfd416e17e05e2233a297eb967e9837c7ea181fbe284f430bfb22ea7b3584ff79c70b1416f81c12e0d14b6743c145e58fcd8de7e4913a38f72e4076076c7bb9084a0c82c98d9b16ad1da4c5c0fe67b7db7573fc6a178765263cd130f105a573a0179b38bc4f27296758ac08c377f6fee5d24dace6ed54495d03cd43a310cd2265032c02e5bc9e6dbba1a80a359dfb66dc1d3d040867a08942809a2ad091b1a04f39de2961e7e2ae8d280cc64fad468093a11558ea9198bd600068b9bfb1733392c032b10bb4fc2c288b1ba4f5f6c13a15f1251ab459f977be92901c2793ff2202c4f22087683667bf156e002665b1da68e504b76893c94aa54592c4ad91943753c713e6f83237b03b8832140b38ef8c215f893ca4e6bb280be2f3479951966e270343b015b06fe52008b416b87386d8db0f04bab7fc6885699a359a5fcb602bd8079299cd9af6c90087b7f4ec70c26c09fce04b4abace0801468e745883b389cc56b0f519bd73692a52db20b805f070568aa789882cf905dd756ddda310a7a3c19b664ddbe5df066fa72e0ef98c62eb09b836c5ea0d733542eca9b0bd20de1ac909f925223aa8e150adfd8333c43f5d48b9f880240bb4f3ce8d44a5d33781278548c6160d181c3e9f856e8d92b0f2b5a9a0d7a221d94e13a9ddc7813686194a999f0d6ad19ef27b100ce13dca7b120772cf031ff86a14e76e39f8ded32138b4fb86b5f97587cf244ab510012f9e52c2a826e6aad4d550f56e87e36bcd20bf37dc19413940fb6afdcb082e267fc2ecad1f9504dd7e74b461e6ae3076306225ca07e47c40c0ab84bdf5c23dbf5bc65592649ea41b34e3c2ddb386ff06f2472d9e695b6b083ba8dd01ba992224f2f0bb7b63e4667f1d58f08f644d3d56663cf57a3761aebe71943fe9d728eca19ef90627614f735aef161ec624a01d257b65457b35163af05385242042f7a26aaf14e8a9903cf6633cb9afdf1e21eeee98d947df64e3f2b4df5b251c5c6a96081dca367709d2e5bcf3616179426cd9019e5fe367c8d5a3bd6ec04709b551d80d1f31ecf567c69305c2822844fbba27c1cf8c1b514140f874f7eb18921f6b00388c19a1dc6610ef908b0e452f24a36ecfb292c1f592ead7f26fd0f179707a2ce9628e5ac538f12405833a6319906b2455ba6ee4ef7201b59c45a4ec737754be66ebe24c8eaf1c9be4e499f62a038886db40f00da95978759c4d6c93fe65e59b0a4fe1d35efde2880feef6d0e8e4bdd0bb76895ed28eb7947c2f8d4e20881863f5d9fd15d0794c2c56baea19a9741cb33c6d0f24ee2f03e940e5d5ef2f4deca4f9964dd15f68256185ab119d2566d16c0aee629ea50051221010b022da21f95296f48949ae6a1c7d7ad1d8510291ba384918b57df8026020c192c267c110707bc29df14afd1fffab9dcad1f589e66f12853dfd5ca5ff50fbc5407b6378e2f93d6b960ee9641b39d11c70bcded72f5400d3701d4137152c26fcb8a74ce4b483310180b5487ba67a9d09cbadf4ab4747fb636f7bd8e464366c059475b573267198fec0cc7667be8511ae066a9c4aad6023818824a738155516116ca3be30ef1399b679a3b2b5d040235a61ae61f2764951682b0f19af683f2bd90b49f49bf112d4507e63266e77938512e0d3ef24cec89e9457ffb72dc4f58ced023fa81f6ba1dc0f02b291897cc31f1e24a8a392a64ce39740c3dc3aaac32dad2e881347ce88f65efba9ee028966c04f79013f97176f4fb8d3ea03810008daff1f11b2282b7e5bc7322edcef4785bb0fe7b1988c712d95f737d36c80135aefff12ff02487188c9b1aa16a6ece2f5b4388ee04a71aac1e7c634edde5e580dfea077a5c93b31b56c2e9da6844b0a0ae92a5e1a108f418d94cf61741d11414a380bda12a7a9fd2f551a955c6130bb074c3e87bcbab13d4e43687aec2dc7a8a70a19991efcabb5bda8bfab39f11d5904f5a11fb1d2d2e45de34c494ba955a0a832832b6317d26ca332b3e675d452909c34af036e63850715689ecf6352a8602d2fcab7dd4756797d2f8a86948e663a50da7186f869aba7f27d1cff106bfaf1f26f6c8ac8a70978414733791412da2d32d31c93ff6107f59f447cd84a8c6cba2dd2ffccb731b7bf8b6519a5f9ba7ccd2c5f95d938cb3644debab8d6670d0be320c6a0e5c6d0e67916273c350932d4a574d08b00a0246919ed93b82438bba74e1505c4e8a1ca7c6afd68dc5f8e8c487ac588c088c8a86ae579fe74d40bae96ab3adc7becc5db30ffcd4022c0bc613d00fce7f2ddcfac8e090fa48307e2025091a6cc9ca9eb25adaa7aa9e967645038f179c37ac677e62c0fc68118ccec6106498ff1ae485ca68766155f740191b74fc03db1fe21100e6f2a6816a22fbf6a3898fca1c924c8e18a06a004296b35cb013d81db26255417f4c6ad0eb7af2ddca3cb40724715352948cf31a8f6c0b1c63c3b254cd10aeccb2d52d9a9724292c38b09490bde66989b521ac9ffc2d00ea8f3f04f40c3c3bbdc00804e2fbd195d177f625a1951d5814826d810edcd7b77e089df024efb49996977235cbd67f01143dd97d3120f1323f7e2f2103c8f62024b450e0e547ed61838d1ebbaa64cc6531f9c4145b497e24af0c3e9313130a3b0fae61c663ab42d85525c5e95b488063d3c7487f0ebfaf1e0182e16d2c14e99aedee54645ef4b8cf46cd07f9240eec745b2a846f02a3b209fa317d16be52ecf51277b1122ba5fb868ebe8050ad4b0e81ea30899f8398c10d8ca0b8e7f72abfe90f0153fe53b2975ef7a1ed85a088f1588fd73b8379b6435220fdda26f6ca9e1904b35a8b0e181f8f8180d96b28df2327a0776e46da8683422cf37d0958d9fe816e564273df81f3cda1d92777368bf2622a71911201a08911b12558dbfc8a65197c351d03ccb904a3f3ce029553decddd762e27c4e6ed9c3f092d1c87a90268c12eb61106affb5fe742bfd82369d14d9ee7f0572d0fe213607dfe86d40c44c3680dfecb8a0eb9dc0ad7135a2a3fa1797a", 0xe00}, {&(0x7f0000000340)="f6ecc35ecff6796100f236f757cafe08f02725ce04c090dbe747d4f5ce27aa6ea4f3f92515cc63e09c84679e4e6363704b4c156135c808b71e", 0x39}, {0x0}, {&(0x7f00000006c0)="18f89e083e27335464a5949d5156aee5e53e38bd8afbacaabec07d4ff6c529ca56290639546170fcb3c964cd9a6ad2457e9faf7c5bb057e3a191569534b9d31273fc1338bd560f", 0x47}, {&(0x7f0000000580)="3af36ffe5ae18eefcc87a22877", 0xd}, {&(0x7f0000000780)="0fb423302e357d068482ad00a731bf36080825ff9b8f6217f4271aff69b0fc972daf0534e1b0ffff993480d7b6c7086bde63ce0e9eb6d0311204513ab2469a9c615a07a832fef4134b870dfe9396a106fe2d3b0c5a0bb1140176b725c155e33836e40b283c00ebafc9bf83f622dc", 0x6e}, {&(0x7f0000000600)="daf6a865dbdb0d44bfbe44ec87978e934809ec890a060a6fb55e1c0eec", 0x1d}], 0x7}}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000980)="7cfb74fafe0b9e8b30b676d3abdbc0549b80acb76934c3e8d06f4ac0f0d7dcef56f47a6add8f7718f363c0268e04d2ff1cf2c0cc0a5f74989ada9091559af4bc5ec45c82cfcc1cbeeac788f505a76727124ad9c506087c7ef86c640519ceb3729f9077c8b5a02dbaabae2a8cb7967598fac0f9e7f5e78a895908c51bd0958125d9b75db3dc99236260d8a16188d18a", 0x8f}], 0x1}}], 0x2, 0x4)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r7=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r6, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r7, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f00000002c0))
r9 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r9, 0x29, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x3c1, 0x3, 0x2f0, 0x0, 0x12, 0x60a, 0x138, 0x202, 0x220, 0x2e8, 0x2e8, 0x220, 0x2c0, 0x4, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth1_to_bond\x00', 'geneve1\x00'}, 0x0, 0xf8, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@ecn={{0x28}, {0x10}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x0, 0x0, "0b0500dd2f808bcbf5a552fd64a72ee561b24c479377004898fbe1cefa63"}}}, {{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x350)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0), 0x0, 0x0, 0x0})
r10 = dup3(r8, r1, 0x0)
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
prctl$PR_MCE_KILL(0x21, 0x1, 0x1)
ioctl$BINDER_WRITE_READ(r10, 0xc0306201, &(0x7f0000000580)={0x4c, 0x0, &(0x7f00000005c0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x78, 0x18, &(0x7f0000000640)={@ptr={0x70742a85, 0x0, 0x0, 0x0, 0x800000002, 0x1e}, @ptr={0x66646185, 0x0, 0x0, 0x0, 0x1, 0x33}, @ptr={0x70742a85, 0x1, 0x0, 0x0, 0x0, 0x18}}, &(0x7f0000000240)={0x0, 0x28, 0x50}}, 0x400}], 0x0, 0x0, 0x0})
r11 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x101040, 0x0)
ioctl$KVM_CREATE_VM(r11, 0xae01, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000a40)={0x1, 0x14, &(0x7f0000000b00)=ANY=[@ANYBLOB="180000000500000000000000000800001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000008000000850000000600000018120000", @ANYRES32=r0, @ANYBLOB="000000000000000000b700000000000000181100"/36, @ANYRESDEC, @ANYBLOB="0000000000000000b70200000000000085000000860000009500000000000000"], &(0x7f00000000c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x21}, 0x94)

496.357592ms ago: executing program 0 (id=4809):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000090f00080000000000000000850000000e000000850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x41, '\x00', 0x0, 0x2}, 0x94)
r1 = openat(0xffffffffffffff9c, 0x0, 0x80101, 0x0)
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000280)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff000000000000000458000b480400945f64009400050038925a01000000000000008004000000ffe809000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1)
dup2(r1, 0xffffffffffffffff)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r7, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r8}, 0x18)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x20d41, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB="8c6f75", @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
accept4$tipc(0xffffffffffffffff, 0x0, 0x0, 0x80000)
umount2(&(0x7f0000000000)='./file0\x00', 0x3)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r9=>r0, {0x2}}, './file0\x00'})
r10 = syz_open_dev$audion(&(0x7f00000000c0), 0x8, 0x2744c0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000100)={0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x4)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000400)={'sit0\x00', &(0x7f0000000380)={'syztnl0\x00', <r12=>0x0, 0x1, 0x700, 0x9, 0x3, {{0x12, 0x4, 0x2, 0x9, 0x48, 0x68, 0x0, 0x5, 0x4, 0x0, @multicast2, @loopback, {[@timestamp={0x44, 0x2c, 0x8d, 0x0, 0x2, [0x401, 0x5, 0x645b, 0x600, 0x6, 0x6, 0xe, 0x3, 0x4, 0x5]}, @lsrr={0x83, 0x7, 0xb1, [@initdev={0xac, 0x1e, 0x0, 0x0}]}]}}}}})
r13 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x11, 0x27, &(0x7f0000000240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x77cf6f7a}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@generic={0x4a, 0xe, 0xd, 0x7, 0x6}, @map_val={0x18, 0x0, 0x2, 0x0, r9, 0x0, 0x0, 0x0, 0x4}, @map_idx={0x18, 0x1, 0x5, 0x0, 0x10}, @func={0x85, 0x0, 0x1, 0x0, 0x7}, @map_val={0x18, 0x5, 0x2, 0x0, r10, 0x0, 0x0, 0x0, 0x3}, @func, @ldst={0x1, 0x1, 0x3, 0xb, 0xb, 0x0, 0xffffffffffffffec}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x19100c5c}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r11}}, @alu={0x0, 0x0, 0x1, 0xa, 0x9, 0xfffffffffffffffe, 0xffffffffffffffff}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000140)='GPL\x00', 0x2583, 0x0, 0x0, 0x41100, 0x2c, '\x00', r12, 0x0, r13, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000480)={0x0, 0x1, 0xeb9, 0x1}, 0x10, 0x0, 0x0, 0x7, 0x0, &(0x7f0000000540)=[{0x0, 0x1, 0x5, 0x2}, {0x4, 0x5, 0x8, 0x5}, {0x5, 0x5, 0x6, 0x7}, {0x0, 0x4, 0xd, 0x5}, {0x0, 0x3, 0x6, 0x5}, {0x3, 0x5, 0x5, 0x1}, {0x2, 0x1, 0xd, 0x5}], 0x10, 0x4}, 0x94)

490.788474ms ago: executing program 4 (id=4810):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r3 = syz_clone(0x88200200, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)
setpgid(0x0, r3)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901)
move_mount(r4, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x10)
creat(&(0x7f00000001c0)='./file0\x00', 0x8)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r5, &(0x7f0000000040)=0x1c8, 0x12)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
dup(r6)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r7, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
bind$inet6(r7, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

152.833059ms ago: executing program 2 (id=4811):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
r0 = socket(0x28, 0x5, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x101201, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x88)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})
r4 = open(&(0x7f0000000480)='./file0\x00', 0x0, 0x718bb647156ec3b7)
mknodat$loop(r4, &(0x7f0000001600)='./file1\x00', 0x200, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
linkat(r4, &(0x7f0000000040)='./file1\x00', r4, &(0x7f0000000180)='./bus\x00', 0x0)
link(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0)='./file0\x00')
open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r5 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r5, 0x4020aeb2, &(0x7f0000000080)={0x0, 0x2000000, @ioapic={0x0, 0x1, 0x8000, 0x0, 0x0, [{0x6, 0x7, 0xa, '\x00', 0xab}, {0x2, 0x0, 0x4, '\x00', 0x5b}, {0x60, 0x4, 0x8, '\x00', 0xb}, {0x5, 0xe, 0x7, '\x00', 0xf1}, {0x1c, 0xc, 0xd, '\x00', 0x43}, {0x4, 0x78, 0xc5, '\x00', 0x9}, {0x94, 0x5, 0x9, '\x00', 0xbe}, {0xf, 0x0, 0x6, '\x00', 0xfc}, {0x1, 0x4, 0x48, '\x00', 0x33}, {0x81, 0xf, 0x57, '\x00', 0x9}, {0x5, 0x4, 0x1, '\x00', 0x6}, {0x81, 0x6, 0x6, '\x00', 0x48}, {0x3, 0x1, 0x8, '\x00', 0x8}, {0x6, 0x3, 0x2, '\x00', 0x2}, {0x6, 0x5, 0x3, '\x00', 0x50}, {0xd, 0x2, 0xd}, {0x8, 0x81, 0x81, '\x00', 0xb}, {0x3, 0x89, 0x1, '\x00', 0xf}, {0x78, 0x7, 0x2, '\x00', 0x5}, {0x3, 0x7, 0xc1, '\x00', 0x7}, {0x5, 0x26, 0x5, '\x00', 0x9}, {0x7, 0x9, 0xe4, '\x00', 0x6}, {0xc1, 0xd, 0x3, '\x00', 0x10}, {0xfd, 0x3, 0x80, '\x00', 0x6}]}})
chown(&(0x7f0000000580)='./file0\x00', 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r6, 0x6, 0x16, &(0x7f0000000340)=[@sack_perm, @mss={0x2, 0x1000}, @mss={0x2, 0x80000000}], 0x3)
r7 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r7, &(0x7f00000002c0)=[{&(0x7f0000000040)="580000001400192340834b80040d8c560a067fbc45ff81054e220000000058000b480400945f64009400050038925a01000000000000008004000000ffe809000000fff5dd0000000800030006010000418e01400004fcff", 0x58}], 0x1)

0s ago: executing program 1 (id=4812):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000500)=ANY=[@ANYBLOB="1c0000002d00090027bd7000000000000600000008000a"], 0x1c}}, 0x84) (fail_nth: 8)

kernel console output (not intermixed with test programs):

th:syzkaller0>
[ 1256.401132][T20000] tipc: Disabling bearer <eth:syzkaller0>
[ 1256.457863][T15999] tipc: Node number set to 1120399129
[ 1257.351668][ T5947] peak_usb 6-1:0.0 can0: unable to request usb[type=0 value=1] err=-71
[ 1257.401509][ T5947] peak_usb 6-1:0.0: unable to read PCAN-USB Pro firmware info (err -71)
[ 1257.418041][T20017] veth0: entered promiscuous mode
[ 1257.661450][T20016] veth0: left promiscuous mode
[ 1257.690130][ T5947] peak_usb 6-1:0.0: probe with driver peak_usb failed with error -71
[ 1257.704413][ T5947] usb 6-1: USB disconnect, device number 12
[ 1259.529544][T20042] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4097'.
[ 1260.512953][T20055] program syz.2.4099 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1260.523941][T20053] 
@ÿ: renamed from bond_slave_0
[ 1260.787247][T20058] tipc: Failed to remove unknown binding: 66,1,1/1120399129:2561781331/2561781333
[ 1260.838122][ T5925] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[ 1260.858321][T20059] veth0: entered promiscuous mode
[ 1260.877567][T20057] veth0: left promiscuous mode
[ 1260.901638][T20058] tipc: Failed to remove unknown binding: 66,1,1/1120399129:2561781331/2561781333
[ 1260.936352][T20058] tipc: Failed to remove unknown binding: 66,1,1/1120399129:2561781331/2561781333
[ 1261.008402][ T5925] usb 3-1: device descriptor read/64, error -71
[ 1261.248070][ T5925] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[ 1261.501645][T20070] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1261.514483][T20070] tipc: Resetting bearer <eth:syzkaller0>
[ 1261.554574][T20069] tipc: Disabling bearer <eth:syzkaller0>
[ 1261.598137][ T5925] usb 3-1: device descriptor read/64, error -71
[ 1261.737545][ T5925] usb usb3-port1: attempt power cycle
[ 1262.687450][    T9] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[ 1262.837994][ T5925] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[ 1262.872555][ T5925] usb 3-1: device descriptor read/8, error -71
[ 1262.952464][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1262.977512][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1262.990077][T20095] netlink: 209592 bytes leftover after parsing attributes in process `syz.0.4114'.
[ 1263.012176][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1263.027283][    T9] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1263.041395][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1263.055565][    T9] usb 2-1: config 0 descriptor??
[ 1263.127961][ T5925] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[ 1263.168932][ T5925] usb 3-1: device descriptor read/8, error -71
[ 1263.379333][ T5925] usb usb3-port1: unable to enumerate USB device
[ 1263.453704][T20105] tipc: Failed to remove unknown binding: 66,1,1/0:1801469669/1801469671
[ 1263.558187][T20105] tipc: Failed to remove unknown binding: 66,1,1/0:1801469669/1801469671
[ 1263.587325][T20105] tipc: Failed to remove unknown binding: 66,1,1/0:1801469669/1801469671
[ 1263.857254][    T9] usbhid 2-1:0.0: can't add hid device: -71
[ 1263.897129][    T9] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1263.935306][    T9] usb 2-1: USB disconnect, device number 42
[ 1265.809002][T20127] set match dimension is over the limit!
[ 1267.359448][T20138] netlink: 209592 bytes leftover after parsing attributes in process `syz.4.4126'.
[ 1268.171416][T20148] xt_TPROXY: Can be used only with -p tcp or -p udp
[ 1268.494146][T20149] tipc: Failed to remove unknown binding: 66,1,1/0:2451435269/2451435271
[ 1268.664755][T20151] tipc: Failed to remove unknown binding: 66,1,1/0:2451435269/2451435271
[ 1268.673586][T20151] tipc: Failed to remove unknown binding: 66,1,1/0:2451435269/2451435271
[ 1268.967959][ T5925] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[ 1269.033480][T20157] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4133'.
[ 1269.101282][T20157] veth0: entered promiscuous mode
[ 1269.114002][T20157] batman_adv: batadv0: Adding interface: macvlan2
[ 1269.123521][T20157] batman_adv: batadv0: The MTU of interface macvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1269.140009][ T5925] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1269.155281][T20157] batman_adv: batadv0: Interface activated: macvlan2
[ 1269.166402][ T5925] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1269.177483][ T5925] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1269.192238][ T5925] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1269.202055][ T5925] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1269.210600][T20162] veth0: entered promiscuous mode
[ 1269.219925][ T5925] usb 6-1: config 0 descriptor??
[ 1269.244796][T20160] veth0: left promiscuous mode
[ 1269.650616][T20179] netlink: 209592 bytes leftover after parsing attributes in process `syz.1.4140'.
[ 1269.954054][T14111] lec:lec_start_xmit: lec0:No lecd attached
[ 1270.481493][ T5925] usbhid 6-1:0.0: can't add hid device: -71
[ 1270.497560][ T5925] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1270.559460][ T5925] usb 6-1: USB disconnect, device number 13
[ 1271.800442][T15999] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[ 1272.067854][T15999] usb 2-1: Using ep0 maxpacket: 8
[ 1272.079816][T15999] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1272.097983][T15999] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1272.117758][T15999] usb 2-1: New USB device found, idVendor=04d8, idProduct=4018, bcdDevice= 0.00
[ 1272.306351][T15999] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1272.830667][T15999] usb 2-1: config 0 descriptor??
[ 1272.866796][T15999] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 1273.357895][T20087] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[ 1273.559664][T20087] usb 6-1: config 0 has an invalid interface number: 217 but max is 0
[ 1273.597702][T20087] usb 6-1: config 0 has no interface number 0
[ 1273.728193][T20220] netlink: 209592 bytes leftover after parsing attributes in process `syz.0.4151'.
[ 1274.346194][T20087] usb 6-1: New USB device found, idVendor=a168, idProduct=0618, bcdDevice=e3.a4
[ 1274.456677][T20087] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1274.469272][T20087] usb 6-1: Product: syz
[ 1274.473574][T20087] usb 6-1: Manufacturer: syz
[ 1274.492612][T20087] usb 6-1: SerialNumber: syz
[ 1274.502690][T20087] usb 6-1: config 0 descriptor??
[ 1274.525982][T20087] gspca_main: gspca_sn9c20x-2.14.0 probing a168:0618
[ 1275.077810][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5120 ms
[ 1275.086037][    C0] lec:lec_tx_timeout: lec0
[ 1275.239447][T20087] gspca_sn9c20x: Write register 1001 failed -110
[ 1275.361723][ T5925] usb 2-1: USB disconnect, device number 43
[ 1275.418877][T20087] gspca_sn9c20x: Device initialization failed
[ 1275.434122][T20087] gspca_sn9c20x 6-1:0.217: probe with driver gspca_sn9c20x failed with error -110
[ 1275.650926][T15999] usb 6-1: USB disconnect, device number 14
[ 1277.020600][T20247] binder: BINDER_SET_CONTEXT_MGR already set
[ 1277.026690][T20247] binder: 20244:20247 ioctl 4018620d 200000000040 returned -16
[ 1277.314877][T20256] NILFS (nullb0): couldn't find nilfs on the device
[ 1277.363791][T15999] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[ 1277.448048][   T30] audit: type=1326 audit(1755034074.622:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20254 comm="syz.1.4160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bc998ebe9 code=0x7ffc0000
[ 1277.478294][   T30] audit: type=1326 audit(1755034074.622:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20254 comm="syz.1.4160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bc998ebe9 code=0x7ffc0000
[ 1277.553430][   T30] audit: type=1326 audit(1755034074.622:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20254 comm="syz.1.4160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f1bc998ebe9 code=0x7ffc0000
[ 1277.615365][   T30] audit: type=1326 audit(1755034074.762:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20254 comm="syz.1.4160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bc998ebe9 code=0x7ffc0000
[ 1277.667868][T15999] usb 5-1: Using ep0 maxpacket: 16
[ 1277.719982][T15999] usb 5-1: config 3 has an invalid interface number: 124 but max is 0
[ 1277.792394][T15999] usb 5-1: config 3 has no interface number 0
[ 1277.830506][   T30] audit: type=1326 audit(1755034074.762:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20254 comm="syz.1.4160" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1bc998ebe9 code=0x7ffc0000
[ 1277.852601][T15999] usb 5-1: config 3 interface 124 has no altsetting 0
[ 1277.857664][T20269] netlink: 209592 bytes leftover after parsing attributes in process `syz.0.4163'.
[ 1277.889459][T15999] usb 5-1: New USB device found, idVendor=33d8, idProduct=bbce, bcdDevice=3f.d1
[ 1277.904593][T15999] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1277.958183][T15999] usb 5-1: Product: syz
[ 1277.962505][T15999] usb 5-1: Manufacturer: syz
[ 1278.042053][T15999] usb 5-1: SerialNumber: syz
[ 1278.322581][T15999] usb 5-1: USB disconnect, device number 19
[ 1278.750671][T20276] netlink: 16 bytes leftover after parsing attributes in process `syz.2.4165'.
[ 1281.990758][T20299] binder: BINDER_SET_CONTEXT_MGR already set
[ 1282.002620][T20299] binder: 20297:20299 ioctl 4018620d 200000000040 returned -16
[ 1282.473489][T20306] netlink: 209592 bytes leftover after parsing attributes in process `syz.2.4174'.
[ 1283.884896][T20320] syzkaller0: entered promiscuous mode
[ 1283.890645][T20320] syzkaller0: entered allmulticast mode
[ 1287.149420][T20346] tipc: Failed to remove unknown binding: 66,1,1/0:645326580/645326582
[ 1289.472824][T20365] netlink: 209592 bytes leftover after parsing attributes in process `syz.1.4187'.
[ 1290.233886][T20373] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1293.792523][T20409] overlayfs: missing 'workdir'
[ 1295.682689][T20424] tipc: Failed to remove unknown binding: 66,1,1/0:1598968038/1598968040
[ 1296.492687][T20423] tipc: Failed to remove unknown binding: 66,1,1/0:1598968038/1598968040
[ 1297.014346][T20423] tipc: Failed to remove unknown binding: 66,1,1/0:1598968038/1598968040
[ 1297.454441][T20436] netlink: 209592 bytes leftover after parsing attributes in process `syz.2.4206'.
[ 1297.550459][T20439] syzkaller0: entered promiscuous mode
[ 1297.562480][T20439] syzkaller0: entered allmulticast mode
[ 1299.268027][T20087] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[ 1299.427864][T20087] usb 1-1: Using ep0 maxpacket: 16
[ 1299.512082][T20464] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4214'.
[ 1299.514212][T20087] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 1299.588558][T20087] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1299.601218][T20087] usb 1-1: Product: syz
[ 1299.606612][T20087] usb 1-1: Manufacturer: syz
[ 1299.614492][T20087] usb 1-1: SerialNumber: syz
[ 1299.710087][T20087] r8152-cfgselector 1-1: Unknown version 0x0000
[ 1299.730450][T20087] r8152-cfgselector 1-1: config 0 descriptor??
[ 1300.350892][T20087] r8152-cfgselector 1-1: USB disconnect, device number 32
[ 1300.366469][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.376193][ T1302] lec:lec_start_xmit: lec0:No lecd attached
[ 1300.454950][   T30] audit: type=1804 audit(1755034097.762:323): pid=20469 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.2.4215" name="bus" dev="ramfs" ino=76660 res=1 errno=0
[ 1300.931521][   T30] audit: type=1326 audit(1755034098.242:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20471 comm="syz.2.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe53ad8ebe9 code=0x7ffc0000
[ 1300.959429][   T30] audit: type=1326 audit(1755034098.242:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20471 comm="syz.2.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe53ad8ebe9 code=0x7ffc0000
[ 1300.994639][   T30] audit: type=1326 audit(1755034098.242:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20471 comm="syz.2.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fe53ad8ebe9 code=0x7ffc0000
[ 1301.023245][   T30] audit: type=1326 audit(1755034098.242:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20471 comm="syz.2.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe53ad8ebe9 code=0x7ffc0000
[ 1301.059399][   T30] audit: type=1326 audit(1755034098.242:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20471 comm="syz.2.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe53ad8ebe9 code=0x7ffc0000
[ 1301.086010][   T30] audit: type=1326 audit(1755034098.242:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20471 comm="syz.2.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=141 compat=0 ip=0x7fe53ad8ebe9 code=0x7ffc0000
[ 1301.107610][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1301.185262][   T30] audit: type=1326 audit(1755034098.242:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20471 comm="syz.2.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe53ad8ebe9 code=0x7ffc0000
[ 1301.206855][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1301.248049][   T30] audit: type=1326 audit(1755034098.242:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20471 comm="syz.2.4216" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe53ad8ebe9 code=0x7ffc0000
[ 1303.136010][T20491] overlayfs: missing 'workdir'
[ 1303.188764][T20490] netlink: 209592 bytes leftover after parsing attributes in process `syz.2.4219'.
[ 1304.599335][T20503] netlink: 12 bytes leftover after parsing attributes in process `syz.5.4224'.
[ 1305.182064][T20508] overlayfs: failed to clone upperpath
[ 1305.476327][T20513] FAULT_INJECTION: forcing a failure.
[ 1305.476327][T20513] name failslab, interval 1, probability 0, space 0, times 0
[ 1305.492350][T20513] CPU: 0 UID: 0 PID: 20513 Comm: syz.4.4227 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1305.492381][T20513] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1305.492396][T20513] Call Trace:
[ 1305.492406][T20513]  <TASK>
[ 1305.492416][T20513]  dump_stack_lvl+0x189/0x250
[ 1305.492449][T20513]  ? __pfx____ratelimit+0x10/0x10
[ 1305.492474][T20513]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1305.492499][T20513]  ? __pfx__printk+0x10/0x10
[ 1305.492535][T20513]  ? __pfx___might_resched+0x10/0x10
[ 1305.492559][T20513]  ? fs_reclaim_acquire+0x7d/0x100
[ 1305.492592][T20513]  should_fail_ex+0x414/0x560
[ 1305.492621][T20513]  should_failslab+0xa8/0x100
[ 1305.492647][T20513]  __kmalloc_noprof+0xcb/0x4f0
[ 1305.492667][T20513]  ? kfree+0x4d/0x440
[ 1305.492697][T20513]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1305.492734][T20513]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1305.492764][T20513]  ? tomoyo_domain+0xda/0x130
[ 1305.492803][T20513]  tomoyo_path_perm+0x213/0x4b0
[ 1305.492834][T20513]  ? tomoyo_path_perm+0x1e3/0x4b0
[ 1305.492857][T20513]  ? __pfx_tomoyo_path_perm+0x10/0x10
[ 1305.492891][T20513]  ? vfs_write+0x8d8/0xa90
[ 1305.492936][T20513]  ? __lock_acquire+0xab9/0xd20
[ 1305.492973][T20513]  security_file_truncate+0xb1/0x270
[ 1305.493002][T20513]  do_ftruncate+0x270/0x540
[ 1305.493032][T20513]  ? __pfx_do_ftruncate+0x10/0x10
[ 1305.493053][T20513]  ? __fget_files+0x3a0/0x420
[ 1305.493078][T20513]  ? __fget_files+0x2a/0x420
[ 1305.493113][T20513]  __x64_sys_ftruncate+0x92/0xf0
[ 1305.493138][T20513]  do_syscall_64+0xfa/0x3b0
[ 1305.493162][T20513]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1305.493198][T20513]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1305.493219][T20513]  ? clear_bhb_loop+0x60/0xb0
[ 1305.493246][T20513]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1305.493268][T20513] RIP: 0033:0x7f6320b8ebe9
[ 1305.493287][T20513] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1305.493307][T20513] RSP: 002b:00007f632199b038 EFLAGS: 00000246 ORIG_RAX: 000000000000004d
[ 1305.493330][T20513] RAX: ffffffffffffffda RBX: 00007f6320db5fa0 RCX: 00007f6320b8ebe9
[ 1305.493346][T20513] RDX: 0000000000000000 RSI: 0000000008800000 RDI: 0000000000000003
[ 1305.493360][T20513] RBP: 00007f632199b090 R08: 0000000000000000 R09: 0000000000000000
[ 1305.493374][T20513] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1305.493387][T20513] R13: 00007f6320db6038 R14: 00007f6320db5fa0 R15: 00007ffca7bc9fc8
[ 1305.493421][T20513]  </TASK>
[ 1305.493679][T20513] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1305.498402][  T980] usb 3-1: new low-speed USB device number 37 using dummy_hcd
[ 1306.037820][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5660 ms
[ 1306.046077][    C0] lec:lec_tx_timeout: lec0
[ 1306.218523][  T980] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[ 1306.276166][  T980] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x8B is Bulk; changing to Interrupt
[ 1306.289741][  T980] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[ 1306.337143][  T980] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1306.368940][  T980] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1306.378569][  T980] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1306.427867][T20087] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[ 1306.438548][  T980] usbtmc 3-1:16.0: bulk endpoints not found
[ 1306.578370][T20087] usb 5-1: Using ep0 maxpacket: 8
[ 1306.592882][T20087] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1306.656463][T20087] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1306.753510][T20087] usb 5-1: New USB device found, idVendor=0c70, idProduct=f00a, bcdDevice= 0.00
[ 1306.768420][T20508] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4225'.
[ 1306.788260][T20087] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1306.842371][T20087] usb 5-1: config 0 descriptor??
[ 1307.671335][T20527] syzkaller0: entered promiscuous mode
[ 1307.685752][T20087] aquacomputer_d5next 0003:0C70:F00A.000D: unknown main item tag 0x0
[ 1307.697969][T20527] syzkaller0: entered allmulticast mode
[ 1307.714157][T20087] aquacomputer_d5next 0003:0C70:F00A.000D: unknown main item tag 0x0
[ 1307.727891][  T980] usb 3-1: USB disconnect, device number 37
[ 1307.897749][   T30] audit: type=1326 audit(1755034105.202:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20515 comm="syz.4.4229" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6320b8ebe9 code=0x0
[ 1307.935235][T20087] aquacomputer_d5next 0003:0C70:F00A.000D: unknown main item tag 0x0
[ 1308.023784][T20087] aquacomputer_d5next 0003:0C70:F00A.000D: unknown main item tag 0x0
[ 1308.035099][T20087] aquacomputer_d5next 0003:0C70:F00A.000D: unknown main item tag 0x0
[ 1308.195416][T20087] aquacomputer_d5next 0003:0C70:F00A.000D: hidraw0: USB HID v0.00 Device [HID 0c70:f00a] on usb-dummy_hcd.4-1/input0
[ 1309.555959][  T980] usb 5-1: reset high-speed USB device number 20 using dummy_hcd
[ 1310.334024][T20554] set match dimension is over the limit!
[ 1311.005788][ T5904] usb 5-1: USB disconnect, device number 20
[ 1313.036870][T20577] tipc: Started in network mode
[ 1313.051249][T20577] tipc: Node identity 9aa7b5ea55f6, cluster identity 4711
[ 1313.065340][T20577] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1313.115016][T20577] syzkaller0: entered promiscuous mode
[ 1313.143689][T20577] syzkaller0: entered allmulticast mode
[ 1313.198092][T20577] tipc: Resetting bearer <eth:syzkaller0>
[ 1313.234425][T20574] tipc: Resetting bearer <eth:syzkaller0>
[ 1313.297227][T20574] tipc: Disabling bearer <eth:syzkaller0>
[ 1314.390447][T20592] FAULT_INJECTION: forcing a failure.
[ 1314.390447][T20592] name failslab, interval 1, probability 0, space 0, times 0
[ 1314.403759][T20592] CPU: 1 UID: 0 PID: 20592 Comm: syz.0.4245 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1314.403789][T20592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1314.403804][T20592] Call Trace:
[ 1314.403813][T20592]  <TASK>
[ 1314.403824][T20592]  dump_stack_lvl+0x189/0x250
[ 1314.403859][T20592]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1314.403886][T20592]  ? __pfx__printk+0x10/0x10
[ 1314.403932][T20592]  should_fail_ex+0x414/0x560
[ 1314.403971][T20592]  should_failslab+0xa8/0x100
[ 1314.403999][T20592]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1314.404021][T20592]  ? __inet_hash_connect+0xdcc/0x2310
[ 1314.404060][T20592]  __inet_hash_connect+0xdcc/0x2310
[ 1314.404097][T20592]  ? __pfx___inet_check_established+0x10/0x10
[ 1314.404141][T20592]  ? __inet_hash_connect+0x4fa/0x2310
[ 1314.404184][T20592]  ? __pfx___inet_hash_connect+0x10/0x10
[ 1314.404217][T20592]  ? percpu_counter_add_batch+0xea/0x1e0
[ 1314.404259][T20592]  ? inet_hash_connect+0x12f/0x240
[ 1314.404296][T20592]  tcp_v4_connect+0xd42/0x19d0
[ 1314.404346][T20592]  ? __pfx_tcp_v4_connect+0x10/0x10
[ 1314.404385][T20592]  __inet_stream_connect+0x2ab/0xe80
[ 1314.404425][T20592]  ? __pfx___inet_stream_connect+0x10/0x10
[ 1314.404456][T20592]  ? __kasan_kmalloc+0x93/0xb0
[ 1314.404481][T20592]  ? tcp_sendmsg_fastopen+0x1de/0x5e0
[ 1314.404514][T20592]  tcp_sendmsg_fastopen+0x3a7/0x5e0
[ 1314.404551][T20592]  tcp_sendmsg_locked+0x4dc7/0x5650
[ 1314.404583][T20592]  ? tcp_sendmsg_locked+0x4e1/0x5650
[ 1314.404619][T20592]  ? rcu_is_watching+0x15/0xb0
[ 1314.404644][T20592]  ? trace_irq_disable+0x37/0x110
[ 1314.404675][T20592]  ? preempt_schedule_irq+0xde/0x150
[ 1314.404699][T20592]  ? __pfx_preempt_schedule_irq+0x10/0x10
[ 1314.404722][T20592]  ? look_up_lock_class+0x74/0x170
[ 1314.404749][T20592]  ? register_lock_class+0x51/0x320
[ 1314.404791][T20592]  ? __lock_acquire+0xab9/0xd20
[ 1314.404826][T20592]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[ 1314.404851][T20592]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1314.404880][T20592]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1314.404920][T20592]  tcp_sendmsg+0x2f/0x50
[ 1314.404947][T20592]  __sock_sendmsg+0x19c/0x270
[ 1314.404996][T20592]  __sys_sendto+0x3bd/0x520
[ 1314.405031][T20592]  ? __pfx___sys_sendto+0x10/0x10
[ 1314.405078][T20592]  ? __pfx___schedule+0x10/0x10
[ 1314.405128][T20592]  __x64_sys_sendto+0xde/0x100
[ 1314.405165][T20592]  do_syscall_64+0xfa/0x3b0
[ 1314.405193][T20592]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1314.405214][T20592]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1314.405237][T20592]  ? clear_bhb_loop+0x60/0xb0
[ 1314.405264][T20592]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1314.405287][T20592] RIP: 0033:0x7f7d9018ebe9
[ 1314.405308][T20592] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1314.405329][T20592] RSP: 002b:00007f7d90f68038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1314.405353][T20592] RAX: ffffffffffffffda RBX: 00007f7d903b6090 RCX: 00007f7d9018ebe9
[ 1314.405370][T20592] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000006
[ 1314.405384][T20592] RBP: 00007f7d90f68090 R08: 0000200000000040 R09: 0000000000000010
[ 1314.405400][T20592] R10: 000000002406c014 R11: 0000000000000246 R12: 0000000000000001
[ 1314.405415][T20592] R13: 00007f7d903b6128 R14: 00007f7d903b6090 R15: 00007ffcdd956458
[ 1314.405450][T20592]  </TASK>
[ 1316.993368][T20603] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4248'.
[ 1317.646261][T20608] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4250'.
[ 1317.651841][T20605] syzkaller0: entered promiscuous mode
[ 1317.667991][T20605] syzkaller0: entered allmulticast mode
[ 1320.038900][T19666] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[ 1320.425100][T19666] usb 1-1: config 0 has no interfaces?
[ 1320.451939][T19666] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1320.471495][T19666] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1320.490428][T19666] usb 1-1: Manufacturer: syz
[ 1320.690033][T19666] usb 1-1: config 0 descriptor??
[ 1323.367209][T20636] netlink: 96 bytes leftover after parsing attributes in process `syz.0.4254'.
[ 1323.430417][T19666] usb 1-1: USB disconnect, device number 33
[ 1323.759534][T20665] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4261'.
[ 1324.538940][T20682] FAULT_INJECTION: forcing a failure.
[ 1324.538940][T20682] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1324.552686][T20682] CPU: 0 UID: 0 PID: 20682 Comm: syz.1.4264 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1324.552717][T20682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1324.552732][T20682] Call Trace:
[ 1324.552743][T20682]  <TASK>
[ 1324.552754][T20682]  dump_stack_lvl+0x189/0x250
[ 1324.552786][T20682]  ? __pfx____ratelimit+0x10/0x10
[ 1324.552811][T20682]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1324.552838][T20682]  ? __pfx__printk+0x10/0x10
[ 1324.552881][T20682]  should_fail_ex+0x414/0x560
[ 1324.552912][T20682]  _copy_to_user+0x31/0xb0
[ 1324.552947][T20682]  simple_read_from_buffer+0xe1/0x170
[ 1324.552978][T20682]  proc_fail_nth_read+0x1df/0x250
[ 1324.553010][T20682]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1324.553043][T20682]  ? rw_verify_area+0x258/0x650
[ 1324.553077][T20682]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1324.553107][T20682]  vfs_read+0x200/0x980
[ 1324.553148][T20682]  ? __pfx___mutex_lock+0x10/0x10
[ 1324.553176][T20682]  ? __pfx_vfs_read+0x10/0x10
[ 1324.553213][T20682]  ? __fget_files+0x2a/0x420
[ 1324.553244][T20682]  ? __fget_files+0x3a0/0x420
[ 1324.553269][T20682]  ? __fget_files+0x2a/0x420
[ 1324.553305][T20682]  ksys_read+0x145/0x250
[ 1324.553329][T20682]  ? __pfx_ksys_read+0x10/0x10
[ 1324.553348][T20682]  ? rcu_is_watching+0x15/0xb0
[ 1324.553389][T20682]  ? do_syscall_64+0xbe/0x3b0
[ 1324.553420][T20682]  do_syscall_64+0xfa/0x3b0
[ 1324.553444][T20682]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1324.553468][T20682]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1324.553491][T20682]  ? clear_bhb_loop+0x60/0xb0
[ 1324.553520][T20682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1324.553543][T20682] RIP: 0033:0x7f1bc998d5fc
[ 1324.553564][T20682] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1324.553584][T20682] RSP: 002b:00007f1bca71e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1324.553608][T20682] RAX: ffffffffffffffda RBX: 00007f1bc9bb5fa0 RCX: 00007f1bc998d5fc
[ 1324.553625][T20682] RDX: 000000000000000f RSI: 00007f1bca71e0a0 RDI: 0000000000000005
[ 1324.553640][T20682] RBP: 00007f1bca71e090 R08: 0000000000000000 R09: 0000000000000000
[ 1324.553654][T20682] R10: 00000000000000ae R11: 0000000000000246 R12: 0000000000000001
[ 1324.553669][T20682] R13: 00007f1bc9bb6038 R14: 00007f1bc9bb5fa0 R15: 00007ffc05f38d28
[ 1324.553705][T20682]  </TASK>
[ 1326.512690][T20700] syzkaller0: entered promiscuous mode
[ 1326.519617][T20700] syzkaller0: entered allmulticast mode
[ 1328.257901][T20712] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4272'.
[ 1333.859159][T14111] lec:lec_start_xmit: lec0:No lecd attached
[ 1334.635417][T20764] FAULT_INJECTION: forcing a failure.
[ 1334.635417][T20764] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1334.721597][T20764] CPU: 1 UID: 0 PID: 20764 Comm: syz.1.4283 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1334.721630][T20764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1334.721645][T20764] Call Trace:
[ 1334.721655][T20764]  <TASK>
[ 1334.721665][T20764]  dump_stack_lvl+0x189/0x250
[ 1334.721697][T20764]  ? __pfx____ratelimit+0x10/0x10
[ 1334.721726][T20764]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1334.721752][T20764]  ? __pfx__printk+0x10/0x10
[ 1334.721782][T20764]  ? __might_fault+0xb0/0x130
[ 1334.721829][T20764]  should_fail_ex+0x414/0x560
[ 1334.721858][T20764]  _copy_from_user+0x2d/0xb0
[ 1334.721889][T20764]  snd_seq_oss_write+0x515/0x930
[ 1334.721932][T20764]  ? __pfx_snd_seq_oss_write+0x10/0x10
[ 1334.721963][T20764]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1334.721993][T20764]  ? security_file_permission+0x75/0x290
[ 1334.722024][T20764]  odev_write+0x5a/0x80
[ 1334.722043][T20764]  ? __pfx_odev_write+0x10/0x10
[ 1334.722065][T20764]  vfs_write+0x27e/0xa90
[ 1334.722095][T20764]  ? __pfx_vfs_write+0x10/0x10
[ 1334.722118][T20764]  ? __fget_files+0x2a/0x420
[ 1334.722146][T20764]  ? __fget_files+0x2a/0x420
[ 1334.722169][T20764]  ? __fget_files+0x3a0/0x420
[ 1334.722193][T20764]  ? __fget_files+0x2a/0x420
[ 1334.722227][T20764]  ksys_write+0x145/0x250
[ 1334.722250][T20764]  ? __pfx_ksys_write+0x10/0x10
[ 1334.722268][T20764]  ? rcu_is_watching+0x15/0xb0
[ 1334.722296][T20764]  ? do_syscall_64+0xbe/0x3b0
[ 1334.722324][T20764]  do_syscall_64+0xfa/0x3b0
[ 1334.722348][T20764]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1334.722372][T20764]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1334.722393][T20764]  ? clear_bhb_loop+0x60/0xb0
[ 1334.722420][T20764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1334.722442][T20764] RIP: 0033:0x7f1bc998ebe9
[ 1334.722462][T20764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1334.722481][T20764] RSP: 002b:00007f1bca71e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1334.722504][T20764] RAX: ffffffffffffffda RBX: 00007f1bc9bb5fa0 RCX: 00007f1bc998ebe9
[ 1334.722521][T20764] RDX: 0000000000000232 RSI: 00002000000004c0 RDI: 0000000000000003
[ 1334.722535][T20764] RBP: 00007f1bca71e090 R08: 0000000000000000 R09: 0000000000000000
[ 1334.722549][T20764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1334.722562][T20764] R13: 00007f1bc9bb6038 R14: 00007f1bc9bb5fa0 R15: 00007ffc05f38d28
[ 1334.722603][T20764]  </TASK>
[ 1334.968121][    C1] hrtimer: interrupt took 240369100 ns
[ 1335.478921][T20775] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4287'.
[ 1335.742450][T20776] syzkaller0: entered promiscuous mode
[ 1335.908658][T20776] syzkaller0: entered allmulticast mode
[ 1337.024768][T19892] Bluetooth: hci3: Frame reassembly failed (-84)
[ 1337.285646][T15999] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[ 1337.491822][T15999] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1337.510282][T15999] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1337.543603][T15999] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1337.558048][T15999] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1337.567299][T15999] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1337.579789][T15999] usb 2-1: config 0 descriptor??
[ 1338.021792][T15999] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[ 1338.379631][    C0] plantronics 0003:047F:FFFF.000E: hid_field_extract() called with n (132) > 32! (kworker/u8:10)
[ 1339.077843][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5220 ms
[ 1339.086014][    C0] lec:lec_tx_timeout: lec0
[ 1339.431861][T17429] Bluetooth: hci3: command 0x1003 tx timeout
[ 1339.439678][ T5857] Bluetooth: hci3: Opcode 0x1003 failed: -110
[ 1340.375750][T15999] usb 2-1: USB disconnect, device number 44
[ 1342.545472][T20844] netlink: 9 bytes leftover after parsing attributes in process `syz.2.4299'.
[ 1345.292063][T20819] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1345.421045][T20844] gretap0: entered promiscuous mode
[ 1350.242379][T20884] syzkaller0: entered promiscuous mode
[ 1350.273248][T20884] syzkaller0: entered allmulticast mode
[ 1357.121513][T20907] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1358.176938][T20985] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4330'.
[ 1361.077939][T20996] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4333'.
[ 1361.835590][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1361.880729][T21010] netlink: 'syz.0.4335': attribute type 1 has an invalid length.
[ 1361.881875][ T1302] lec:lec_start_xmit: lec0:No lecd attached
[ 1361.949754][T21012] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4335'.
[ 1362.846051][T21017] random: crng reseeded on system resumption
[ 1363.233437][T21020] syzkaller0: entered promiscuous mode
[ 1363.239603][T21020] syzkaller0: entered allmulticast mode
[ 1363.508557][T21024] tipc: Failed to remove unknown binding: 66,1,1/0:2033310690/2033310692
[ 1363.855463][T21024] tipc: Failed to remove unknown binding: 66,1,1/0:2033310690/2033310692
[ 1363.885052][T21024] tipc: Failed to remove unknown binding: 66,1,1/0:2033310690/2033310692
[ 1364.139815][T21029] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4340'.
[ 1367.088582][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5200 ms
[ 1367.096744][    C0] lec:lec_tx_timeout: lec0
[ 1368.647456][T21036] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1368.728403][T21038] syzkaller0: entered promiscuous mode
[ 1368.736032][T21038] syzkaller0: entered allmulticast mode
[ 1368.950873][T21051] tipc: Resetting bearer <eth:syzkaller0>
[ 1371.093634][T21051] tipc: Disabling bearer <eth:syzkaller0>
[ 1371.420974][T21082] netlink: 209592 bytes leftover after parsing attributes in process `syz.4.4348'.
[ 1372.861980][T21091] workqueue: Failed to create a rescuer kthread for wq "xfs-buf/nbd1": -EINTR
[ 1375.256987][T21098] tipc: Failed to remove unknown binding: 66,1,1/0:3147077490/3147077492
[ 1375.412516][T21101] tipc: Failed to remove unknown binding: 66,1,1/0:3147077490/3147077492
[ 1375.421105][T21101] tipc: Failed to remove unknown binding: 66,1,1/0:3147077490/3147077492
[ 1375.602546][T21107] overlay: ./file0 is not a directory
[ 1376.273679][T20087] usb 3-1: new low-speed USB device number 38 using dummy_hcd
[ 1376.713649][T21117] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4356'.
[ 1377.321821][T20087] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 1377.342797][T20087] usb 3-1: config 0 has no interface number 0
[ 1377.443242][T20087] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1377.515632][T20087] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[ 1377.536937][T20087] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1377.566156][T20087] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1377.608688][T20087] usb 3-1: config 0 descriptor??
[ 1377.614437][T21106] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1377.629937][T21116] syzkaller0: entered promiscuous mode
[ 1377.651779][T21116] syzkaller0: entered allmulticast mode
[ 1377.673831][T20087] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1381.890484][T21142] netlink: 209592 bytes leftover after parsing attributes in process `syz.4.4362'.
[ 1384.540323][T21125] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1384.547468][T21129] syzkaller0: entered promiscuous mode
[ 1384.554037][T21129] syzkaller0: entered allmulticast mode
[ 1384.582669][T21135] tipc: Resetting bearer <eth:syzkaller0>
[ 1384.604598][T21123] tipc: Resetting bearer <eth:syzkaller0>
[ 1384.661380][T15999] usb 3-1: USB disconnect, device number 38
[ 1384.696289][T21123] tipc: Disabling bearer <eth:syzkaller0>
[ 1384.802810][T21151] FAULT_INJECTION: forcing a failure.
[ 1384.802810][T21151] name failslab, interval 1, probability 0, space 0, times 0
[ 1384.834481][T21151] CPU: 1 UID: 0 PID: 21151 Comm: syz.2.4364 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1384.834514][T21151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1384.834529][T21151] Call Trace:
[ 1384.834539][T21151]  <TASK>
[ 1384.834549][T21151]  dump_stack_lvl+0x189/0x250
[ 1384.834582][T21151]  ? __pfx____ratelimit+0x10/0x10
[ 1384.834607][T21151]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1384.834633][T21151]  ? __pfx__printk+0x10/0x10
[ 1384.834669][T21151]  ? __pfx___might_resched+0x10/0x10
[ 1384.834694][T21151]  ? fs_reclaim_acquire+0x7d/0x100
[ 1384.834727][T21151]  should_fail_ex+0x414/0x560
[ 1384.834757][T21151]  should_failslab+0xa8/0x100
[ 1384.834784][T21151]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1384.834808][T21151]  ? __alloc_skb+0x112/0x2d0
[ 1384.834844][T21151]  __alloc_skb+0x112/0x2d0
[ 1384.834880][T21151]  netlink_ack+0x146/0xa50
[ 1384.834908][T21151]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1384.834931][T21151]  ? __pfx_nl80211_pre_doit+0x10/0x10
[ 1384.834952][T21151]  ? __pfx_nl80211_post_doit+0x10/0x10
[ 1384.834991][T21151]  netlink_rcv_skb+0x28c/0x470
[ 1384.835023][T21151]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1384.835049][T21151]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1384.835101][T21151]  ? down_read+0x1ad/0x2e0
[ 1384.835132][T21151]  genl_rcv+0x28/0x40
[ 1384.835154][T21151]  netlink_unicast+0x75c/0x8e0
[ 1384.835196][T21151]  netlink_sendmsg+0x805/0xb30
[ 1384.835239][T21151]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1384.835281][T21151]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1384.835303][T21151]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1384.835337][T21151]  __sock_sendmsg+0x21c/0x270
[ 1384.835368][T21151]  ____sys_sendmsg+0x505/0x830
[ 1384.835409][T21151]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1384.835454][T21151]  ? import_iovec+0x74/0xa0
[ 1384.835497][T21151]  ___sys_sendmsg+0x21f/0x2a0
[ 1384.835535][T21151]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1384.835611][T21151]  ? __fget_files+0x2a/0x420
[ 1384.835635][T21151]  ? __fget_files+0x3a0/0x420
[ 1384.835673][T21151]  __x64_sys_sendmsg+0x19b/0x260
[ 1384.835711][T21151]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1384.835757][T21151]  ? __pfx_ksys_write+0x10/0x10
[ 1384.835776][T21151]  ? rcu_is_watching+0x15/0xb0
[ 1384.835806][T21151]  ? do_syscall_64+0xbe/0x3b0
[ 1384.835836][T21151]  do_syscall_64+0xfa/0x3b0
[ 1384.835859][T21151]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1384.835882][T21151]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1384.835905][T21151]  ? clear_bhb_loop+0x60/0xb0
[ 1384.835933][T21151]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1384.835955][T21151] RIP: 0033:0x7fe53ad8ebe9
[ 1384.835976][T21151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1384.835995][T21151] RSP: 002b:00007fe53bcab038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1384.836020][T21151] RAX: ffffffffffffffda RBX: 00007fe53afb5fa0 RCX: 00007fe53ad8ebe9
[ 1384.836037][T21151] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[ 1384.836052][T21151] RBP: 00007fe53bcab090 R08: 0000000000000000 R09: 0000000000000000
[ 1384.836066][T21151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1384.836080][T21151] R13: 00007fe53afb6038 R14: 00007fe53afb5fa0 R15: 00007fffdf145a58
[ 1384.836116][T21151]  </TASK>
[ 1385.499931][ T5925] usb 5-1: new low-speed USB device number 21 using dummy_hcd
[ 1386.506463][ T5925] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[ 1386.517886][ T5925] usb 5-1: config 0 has no interface number 0
[ 1386.524824][ T5925] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1386.590614][ T5925] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[ 1386.680235][ T5925] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1386.701101][ T5925] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1386.745431][ T5925] usb 5-1: config 0 descriptor??
[ 1386.813812][T21158] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1387.120981][ T5925] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1387.202109][T21176] FAULT_INJECTION: forcing a failure.
[ 1387.202109][T21176] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1387.301993][T21176] CPU: 0 UID: 0 PID: 21176 Comm: syz.2.4372 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1387.302027][T21176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1387.302043][T21176] Call Trace:
[ 1387.302053][T21176]  <TASK>
[ 1387.302063][T21176]  dump_stack_lvl+0x189/0x250
[ 1387.302094][T21176]  ? __pfx____ratelimit+0x10/0x10
[ 1387.302119][T21176]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1387.302145][T21176]  ? __pfx__printk+0x10/0x10
[ 1387.302188][T21176]  should_fail_ex+0x414/0x560
[ 1387.302217][T21176]  _copy_to_user+0x31/0xb0
[ 1387.302251][T21176]  simple_read_from_buffer+0xe1/0x170
[ 1387.302282][T21176]  proc_fail_nth_read+0x1df/0x250
[ 1387.302322][T21176]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1387.302353][T21176]  ? rw_verify_area+0x258/0x650
[ 1387.302387][T21176]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1387.302416][T21176]  vfs_read+0x200/0x980
[ 1387.302456][T21176]  ? __pfx___mutex_lock+0x10/0x10
[ 1387.302482][T21176]  ? __pfx_vfs_read+0x10/0x10
[ 1387.302518][T21176]  ? __fget_files+0x2a/0x420
[ 1387.302549][T21176]  ? __fget_files+0x3a0/0x420
[ 1387.302573][T21176]  ? __fget_files+0x2a/0x420
[ 1387.302608][T21176]  ksys_read+0x145/0x250
[ 1387.302632][T21176]  ? __pfx_ksys_read+0x10/0x10
[ 1387.302660][T21176]  ? do_syscall_64+0xbe/0x3b0
[ 1387.302689][T21176]  do_syscall_64+0xfa/0x3b0
[ 1387.302713][T21176]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1387.302736][T21176]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1387.302758][T21176]  ? clear_bhb_loop+0x60/0xb0
[ 1387.302786][T21176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1387.302808][T21176] RIP: 0033:0x7fe53ad8d5fc
[ 1387.302828][T21176] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1387.302848][T21176] RSP: 002b:00007fe53bcab030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1387.302870][T21176] RAX: ffffffffffffffda RBX: 00007fe53afb5fa0 RCX: 00007fe53ad8d5fc
[ 1387.302887][T21176] RDX: 000000000000000f RSI: 00007fe53bcab0a0 RDI: 0000000000000004
[ 1387.302901][T21176] RBP: 00007fe53bcab090 R08: 0000000000000000 R09: 0000000000000000
[ 1387.302915][T21176] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[ 1387.302929][T21176] R13: 00007fe53afb6038 R14: 00007fe53afb5fa0 R15: 00007fffdf145a58
[ 1387.302965][T21176]  </TASK>
[ 1391.444084][T20087] usb 5-1: USB disconnect, device number 21
[ 1391.496028][T21180] syzkaller0: entered promiscuous mode
[ 1391.508079][T21180] syzkaller0: entered allmulticast mode
[ 1391.516781][T21187] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1391.549647][T21189] syzkaller0: entered promiscuous mode
[ 1391.555283][T21189] syzkaller0: entered allmulticast mode
[ 1392.712807][T20087] tipc: Node number set to 3478238698
[ 1393.712105][T21210] FAULT_INJECTION: forcing a failure.
[ 1393.712105][T21210] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1393.725514][T21210] CPU: 1 UID: 0 PID: 21210 Comm: syz.5.4379 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1393.725544][T21210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1393.725559][T21210] Call Trace:
[ 1393.725568][T21210]  <TASK>
[ 1393.725578][T21210]  dump_stack_lvl+0x189/0x250
[ 1393.725611][T21210]  ? __pfx____ratelimit+0x10/0x10
[ 1393.725636][T21210]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1393.725662][T21210]  ? __pfx__printk+0x10/0x10
[ 1393.725692][T21210]  ? __might_fault+0xb0/0x130
[ 1393.725728][T21210]  should_fail_ex+0x414/0x560
[ 1393.725765][T21210]  _copy_from_user+0x2d/0xb0
[ 1393.725800][T21210]  ___sys_sendmsg+0x158/0x2a0
[ 1393.725839][T21210]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1393.725915][T21210]  ? __fget_files+0x2a/0x420
[ 1393.725940][T21210]  ? __fget_files+0x3a0/0x420
[ 1393.725978][T21210]  __x64_sys_sendmsg+0x19b/0x260
[ 1393.726017][T21210]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1393.726063][T21210]  ? __pfx_ksys_write+0x10/0x10
[ 1393.726083][T21210]  ? rcu_is_watching+0x15/0xb0
[ 1393.726114][T21210]  ? do_syscall_64+0xbe/0x3b0
[ 1393.726144][T21210]  do_syscall_64+0xfa/0x3b0
[ 1393.726171][T21210]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1393.726193][T21210]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1393.726215][T21210]  ? clear_bhb_loop+0x60/0xb0
[ 1393.726243][T21210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1393.726266][T21210] RIP: 0033:0x7f7bf5b8ebe9
[ 1393.726286][T21210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1393.726306][T21210] RSP: 002b:00007f7bf6a02038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1393.726330][T21210] RAX: ffffffffffffffda RBX: 00007f7bf5db6090 RCX: 00007f7bf5b8ebe9
[ 1393.726347][T21210] RDX: 0000000000000000 RSI: 0000200000000740 RDI: 0000000000000007
[ 1393.726362][T21210] RBP: 00007f7bf6a02090 R08: 0000000000000000 R09: 0000000000000000
[ 1393.726377][T21210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1393.726391][T21210] R13: 00007f7bf5db6128 R14: 00007f7bf5db6090 R15: 00007ffdcf943828
[ 1393.726426][T21210]  </TASK>
[ 1393.933913][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1396.950769][T19666] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[ 1397.137892][T19666] usb 6-1: Using ep0 maxpacket: 16
[ 1397.167142][T19666] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1397.180551][T19666] usb 6-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1397.195603][T19666] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1397.239308][T19666] usb 6-1: Product: syz
[ 1397.243814][T19666] usb 6-1: Manufacturer: syz
[ 1397.248762][T19666] usb 6-1: SerialNumber: syz
[ 1397.266536][T19666] usb 6-1: config 0 descriptor??
[ 1397.296669][T19666] em28xx 6-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1397.311802][T19666] em28xx 6-1:0.0: DVB interface 0 found: bulk
[ 1397.749532][T14111] lec:lec_start_xmit: lec0:No lecd attached
[ 1397.930343][T19666] em28xx 6-1:0.0: unknown em28xx chip ID (0)
[ 1398.440726][T19666] em28xx 6-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[ 1398.450170][T19666] em28xx 6-1:0.0: board has no eeprom
[ 1399.191389][T21189] tipc: Resetting bearer <eth:syzkaller0>
[ 1399.213152][T21184] tipc: Resetting bearer <eth:syzkaller0>
[ 1399.268941][T21184] tipc: Disabling bearer <eth:syzkaller0>
[ 1399.565503][T21229] em28xx 6-1:0.0: reading from i2c device at 0x8 failed (error=-5)
[ 1399.636962][T19666] em28xx 6-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[ 1399.657294][T19666] em28xx 6-1:0.0: dvb set to bulk mode.
[ 1399.678283][T15999] em28xx 6-1:0.0: Binding DVB extension
[ 1399.738905][T19666] usb 6-1: USB disconnect, device number 15
[ 1399.780195][T19666] em28xx 6-1:0.0: Disconnecting em28xx
[ 1399.892261][T15999] em28xx 6-1:0.0: Registering input extension
[ 1399.904852][T19666] em28xx 6-1:0.0: Closing input extension
[ 1399.960696][T19666] em28xx 6-1:0.0: Freeing device
[ 1402.121661][T21263] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4394'.
[ 1403.077780][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5330 ms
[ 1403.085881][    C0] lec:lec_tx_timeout: lec0
[ 1403.333529][T21276] syzkaller0: entered promiscuous mode
[ 1403.343597][T21276] syzkaller0: entered allmulticast mode
[ 1410.872873][T21280] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1410.880053][T21281] syzkaller0: entered promiscuous mode
[ 1410.885587][T21281] syzkaller0: entered allmulticast mode
[ 1411.007351][T21288] tipc: Resetting bearer <eth:syzkaller0>
[ 1411.030895][T21278] tipc: Resetting bearer <eth:syzkaller0>
[ 1411.082875][T21278] tipc: Disabling bearer <eth:syzkaller0>
[ 1411.166313][T21333] FAULT_INJECTION: forcing a failure.
[ 1411.166313][T21333] name failslab, interval 1, probability 0, space 0, times 0
[ 1411.189088][T21333] CPU: 0 UID: 0 PID: 21333 Comm: syz.0.4408 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1411.189118][T21333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1411.189132][T21333] Call Trace:
[ 1411.189141][T21333]  <TASK>
[ 1411.189150][T21333]  dump_stack_lvl+0x189/0x250
[ 1411.189180][T21333]  ? __pfx____ratelimit+0x10/0x10
[ 1411.189202][T21333]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1411.189226][T21333]  ? __pfx__printk+0x10/0x10
[ 1411.189256][T21333]  ? __pfx___might_resched+0x10/0x10
[ 1411.189278][T21333]  ? fs_reclaim_acquire+0x7d/0x100
[ 1411.189309][T21333]  should_fail_ex+0x414/0x560
[ 1411.189335][T21333]  should_failslab+0xa8/0x100
[ 1411.189361][T21333]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1411.189382][T21333]  ? security_file_alloc+0x34/0x330
[ 1411.189420][T21333]  security_file_alloc+0x34/0x330
[ 1411.189445][T21333]  init_file+0x93/0x2f0
[ 1411.189475][T21333]  alloc_empty_file+0x6e/0x1d0
[ 1411.189503][T21333]  alloc_file_pseudo+0x13d/0x210
[ 1411.189532][T21333]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1411.189557][T21333]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1411.189598][T21333]  anon_inode_getfile+0xc5/0x1a0
[ 1411.189629][T21333]  bpf_link_prime+0xfc/0x220
[ 1411.189662][T21333]  bpf_raw_tp_link_attach+0x4a5/0x6b0
[ 1411.189694][T21333]  ? __pfx_bpf_raw_tp_link_attach+0x10/0x10
[ 1411.189734][T21333]  ? __fget_files+0x2a/0x420
[ 1411.189769][T21333]  bpf_raw_tracepoint_open+0x19b/0x1f0
[ 1411.189808][T21333]  __sys_bpf+0x3cd/0x860
[ 1411.189842][T21333]  ? __pfx___sys_bpf+0x10/0x10
[ 1411.189886][T21333]  ? ksys_write+0x22a/0x250
[ 1411.189910][T21333]  ? __pfx_ksys_write+0x10/0x10
[ 1411.189927][T21333]  ? rcu_is_watching+0x15/0xb0
[ 1411.189960][T21333]  __x64_sys_bpf+0x7c/0x90
[ 1411.189990][T21333]  do_syscall_64+0xfa/0x3b0
[ 1411.190015][T21333]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1411.190038][T21333]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1411.190061][T21333]  ? clear_bhb_loop+0x60/0xb0
[ 1411.190087][T21333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1411.190109][T21333] RIP: 0033:0x7f7d9018ebe9
[ 1411.190130][T21333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1411.190149][T21333] RSP: 002b:00007f7d90f89038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1411.190173][T21333] RAX: ffffffffffffffda RBX: 00007f7d903b5fa0 RCX: 00007f7d9018ebe9
[ 1411.190188][T21333] RDX: 0000000000000010 RSI: 0000200000000040 RDI: 0000000000000011
[ 1411.190202][T21333] RBP: 00007f7d90f89090 R08: 0000000000000000 R09: 0000000000000000
[ 1411.190216][T21333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1411.190227][T21333] R13: 00007f7d903b6038 R14: 00007f7d903b5fa0 R15: 00007ffcdd956458
[ 1411.190261][T21333]  </TASK>
[ 1411.735054][T21340] netlink: 'syz.0.4410': attribute type 29 has an invalid length.
[ 1411.983375][T21346] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4412'.
[ 1412.746234][T21340] netlink: 'syz.0.4410': attribute type 29 has an invalid length.
[ 1413.758236][T21340] netlink: 500 bytes leftover after parsing attributes in process `syz.0.4410'.
[ 1415.376922][T21358] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4415'.
[ 1416.084912][T21367] syzkaller0: entered promiscuous mode
[ 1416.102053][T21367] syzkaller0: entered allmulticast mode
[ 1416.249376][T21372] set match dimension is over the limit!
[ 1416.877481][T21375] program syz.5.4420 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1416.919985][T21375] program syz.5.4420 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1416.933338][T21375] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[ 1421.443899][T21412] netlink: 596 bytes leftover after parsing attributes in process `syz.4.4427'.
[ 1422.456831][T21382] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1422.468299][T21383] syzkaller0: entered promiscuous mode
[ 1422.473836][T21383] syzkaller0: entered allmulticast mode
[ 1422.481838][T21399] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[ 1422.517999][T21410] netlink: 'syz.4.4427': attribute type 29 has an invalid length.
[ 1422.749316][T21391] tipc: Resetting bearer <eth:syzkaller0>
[ 1423.252649][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.254822][ T1302] lec:lec_start_xmit: lec0:No lecd attached
[ 1423.795082][T20087] tipc: Node number set to 303222829
[ 1424.187933][T21391] tipc: Disabling bearer <eth:syzkaller0>
[ 1424.401607][T21429] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer.
[ 1424.490293][ T5206] udevd[5206]: worker [21315] terminated by signal 33 (Unknown signal 33)
[ 1424.520560][T21435] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4435'.
[ 1427.670520][T21466] netlink: 596 bytes leftover after parsing attributes in process `syz.1.4440'.
[ 1429.087783][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5840 ms
[ 1429.095892][    C0] lec:lec_tx_timeout: lec0
[ 1429.317621][T21478] FAULT_INJECTION: forcing a failure.
[ 1429.317621][T21478] name failslab, interval 1, probability 0, space 0, times 0
[ 1429.337870][T21478] CPU: 1 UID: 0 PID: 21478 Comm: syz.2.4443 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1429.337901][T21478] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1429.337916][T21478] Call Trace:
[ 1429.337926][T21478]  <TASK>
[ 1429.337937][T21478]  dump_stack_lvl+0x189/0x250
[ 1429.337964][T21478]  ? __pfx____ratelimit+0x10/0x10
[ 1429.337984][T21478]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1429.338015][T21478]  ? __pfx__printk+0x10/0x10
[ 1429.338050][T21478]  ? __pfx___might_resched+0x10/0x10
[ 1429.338073][T21478]  ? fs_reclaim_acquire+0x7d/0x100
[ 1429.338105][T21478]  should_fail_ex+0x414/0x560
[ 1429.338135][T21478]  should_failslab+0xa8/0x100
[ 1429.338162][T21478]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1429.338184][T21478]  ? prepare_creds+0x31/0x6c0
[ 1429.338218][T21478]  prepare_creds+0x31/0x6c0
[ 1429.338253][T21478]  ovl_setup_cred_for_create+0x20/0x300
[ 1429.338283][T21478]  ovl_tmpfile+0x2cb/0x710
[ 1429.338313][T21478]  ? __pfx_ovl_tmpfile+0x10/0x10
[ 1429.338335][T21478]  ? in_group_p+0x83/0x1c0
[ 1429.338366][T21478]  ? mode_strip_sgid+0x133/0x1b0
[ 1429.338400][T21478]  vfs_tmpfile+0x39d/0x860
[ 1429.338445][T21478]  do_tmpfile+0xd3/0x240
[ 1429.338480][T21478]  path_openat+0x30fa/0x3830
[ 1429.338510][T21478]  ? arch_stack_walk+0xfc/0x150
[ 1429.338568][T21478]  ? kasan_save_track+0x4f/0x80
[ 1429.338599][T21478]  ? kasan_save_track+0x3e/0x80
[ 1429.338633][T21478]  ? getname_flags+0xb8/0x540
[ 1429.338658][T21478]  ? __pfx_path_openat+0x10/0x10
[ 1429.338687][T21478]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1429.338727][T21478]  do_filp_open+0x1fa/0x410
[ 1429.338751][T21478]  ? __lock_acquire+0xab9/0xd20
[ 1429.338771][T21478]  ? __pfx_do_filp_open+0x10/0x10
[ 1429.338817][T21478]  ? _raw_spin_unlock+0x28/0x50
[ 1429.338843][T21478]  ? alloc_fd+0x64c/0x6c0
[ 1429.338874][T21478]  do_sys_openat2+0x121/0x1c0
[ 1429.338901][T21478]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1429.338925][T21478]  ? ksys_write+0x22a/0x250
[ 1429.338944][T21478]  ? __pfx_ksys_write+0x10/0x10
[ 1429.338958][T21478]  ? rcu_is_watching+0x15/0xb0
[ 1429.338980][T21478]  __x64_sys_openat+0x138/0x170
[ 1429.339020][T21478]  do_syscall_64+0xfa/0x3b0
[ 1429.339039][T21478]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1429.339058][T21478]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1429.339076][T21478]  ? clear_bhb_loop+0x60/0xb0
[ 1429.339098][T21478]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1429.339114][T21478] RIP: 0033:0x7fe53ad8ebe9
[ 1429.339131][T21478] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1429.339147][T21478] RSP: 002b:00007fe53bcab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1429.339167][T21478] RAX: ffffffffffffffda RBX: 00007fe53afb5fa0 RCX: 00007fe53ad8ebe9
[ 1429.339181][T21478] RDX: 0000000000515401 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1429.339193][T21478] RBP: 00007fe53bcab090 R08: 0000000000000000 R09: 0000000000000000
[ 1429.339204][T21478] R10: 0000000000000408 R11: 0000000000000246 R12: 0000000000000001
[ 1429.339215][T21478] R13: 00007fe53afb6038 R14: 00007fe53afb5fa0 R15: 00007fffdf145a58
[ 1429.339245][T21478]  </TASK>
[ 1431.066294][T21462] netlink: 'syz.1.4440': attribute type 29 has an invalid length.
[ 1431.165201][T21485] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1431.233952][T21501] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4447'.
[ 1431.238738][T21500] block nbd0: not configured, cannot reconfigure
[ 1431.404449][T21505] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4449'.
[ 1431.465751][T21505] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4449'.
[ 1432.541478][T21505] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1432.551686][T21505] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1432.561741][T21505] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1432.570581][T21505] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1433.083198][T21513] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4452'.
[ 1433.487650][T15999] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[ 1433.680024][T15999] usb 1-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice=db.e9
[ 1433.699994][T15999] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1433.838063][T21528] netlink: 'syz.4.4455': attribute type 4 has an invalid length.
[ 1433.857871][T21528] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4455'.
[ 1433.881814][T15999] usb 1-1: config 0 descriptor??
[ 1433.899422][T15999] pcwd_usb: The device isn't a Human Interface Device
[ 1434.110567][T15999] usb 1-1: USB disconnect, device number 34
[ 1435.660720][T21543] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4456'.
[ 1436.390257][T21545] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4458'.
[ 1436.550847][T21549] block nbd1: not configured, cannot reconfigure
[ 1436.823687][T21555] netlink: 36 bytes leftover after parsing attributes in process `syz.1.4461'.
[ 1437.598989][T21568] FAULT_INJECTION: forcing a failure.
[ 1437.598989][T21568] name failslab, interval 1, probability 0, space 0, times 0
[ 1437.611714][T21568] CPU: 0 UID: 0 PID: 21568 Comm: syz.1.4465 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1437.611743][T21568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1437.611758][T21568] Call Trace:
[ 1437.611768][T21568]  <TASK>
[ 1437.611780][T21568]  dump_stack_lvl+0x189/0x250
[ 1437.611811][T21568]  ? __pfx____ratelimit+0x10/0x10
[ 1437.611835][T21568]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1437.611861][T21568]  ? __pfx__printk+0x10/0x10
[ 1437.611893][T21568]  ? __pfx___might_resched+0x10/0x10
[ 1437.611918][T21568]  ? fs_reclaim_acquire+0x7d/0x100
[ 1437.611952][T21568]  should_fail_ex+0x414/0x560
[ 1437.611982][T21568]  should_failslab+0xa8/0x100
[ 1437.612009][T21568]  __kmalloc_node_track_caller_noprof+0xcc/0x4e0
[ 1437.612034][T21568]  ? rds_rm_size+0x3ea/0x730
[ 1437.612068][T21568]  ? rds_rm_size+0x3ea/0x730
[ 1437.612096][T21568]  krealloc_noprof+0x124/0x340
[ 1437.612124][T21568]  rds_rm_size+0x3ea/0x730
[ 1437.612171][T21568]  rds_sendmsg+0xaef/0x1f00
[ 1437.612219][T21568]  ? __pfx_rds_sendmsg+0x10/0x10
[ 1437.612258][T21568]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[ 1437.612302][T21568]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1437.612353][T21568]  ? __pfx_rds_sendmsg+0x10/0x10
[ 1437.612383][T21568]  __sock_sendmsg+0x21c/0x270
[ 1437.612415][T21568]  ____sys_sendmsg+0x505/0x830
[ 1437.612456][T21568]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1437.612502][T21568]  ? import_iovec+0x74/0xa0
[ 1437.612537][T21568]  ___sys_sendmsg+0x21f/0x2a0
[ 1437.612575][T21568]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1437.612652][T21568]  ? __fget_files+0x2a/0x420
[ 1437.612677][T21568]  ? __fget_files+0x3a0/0x420
[ 1437.612715][T21568]  __x64_sys_sendmsg+0x19b/0x260
[ 1437.612753][T21568]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1437.612800][T21568]  ? __pfx_ksys_write+0x10/0x10
[ 1437.612818][T21568]  ? rcu_is_watching+0x15/0xb0
[ 1437.612849][T21568]  ? do_syscall_64+0xbe/0x3b0
[ 1437.612880][T21568]  do_syscall_64+0xfa/0x3b0
[ 1437.612906][T21568]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1437.612928][T21568]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1437.612951][T21568]  ? clear_bhb_loop+0x60/0xb0
[ 1437.612978][T21568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1437.613001][T21568] RIP: 0033:0x7f1bc998ebe9
[ 1437.613022][T21568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1437.613043][T21568] RSP: 002b:00007f1bc7bd5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1437.613066][T21568] RAX: ffffffffffffffda RBX: 00007f1bc9bb6180 RCX: 00007f1bc998ebe9
[ 1437.613084][T21568] RDX: 0000000000000000 RSI: 0000200000001600 RDI: 000000000000000a
[ 1437.613099][T21568] RBP: 00007f1bc7bd5090 R08: 0000000000000000 R09: 0000000000000000
[ 1437.613114][T21568] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1437.613128][T21568] R13: 00007f1bc9bb6218 R14: 00007f1bc9bb6180 R15: 00007ffc05f38d28
[ 1437.613164][T21568]  </TASK>
[ 1442.598231][T21596] block nbd2: not configured, cannot reconfigure
[ 1442.663748][T21598] netlink: 209592 bytes leftover after parsing attributes in process `syz.4.4473'.
[ 1443.212387][T21608] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1443.235078][T21608] netlink: 36 bytes leftover after parsing attributes in process `syz.5.4475'.
[ 1443.244751][T21608] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4475'.
[ 1445.583679][T21621] netlink: 'syz.2.4477': attribute type 12 has an invalid length.
[ 1445.596982][T21621] netlink: 9472 bytes leftover after parsing attributes in process `syz.2.4477'.
[ 1448.433565][T21623] netlink: 'syz.2.4477': attribute type 12 has an invalid length.
[ 1448.449109][T21623] netlink: 9472 bytes leftover after parsing attributes in process `syz.2.4477'.
[ 1448.781079][T21640] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4481'.
[ 1450.474524][T21648] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4483'.
[ 1451.384468][T21657] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4486'.
[ 1452.205408][T21667] netlink: 209592 bytes leftover after parsing attributes in process `syz.0.4490'.
[ 1452.237813][ T5947] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[ 1452.409736][ T5947] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1452.443728][ T5947] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1452.484383][ T5947] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1452.536231][ T5947] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1452.557432][ T5947] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1452.623561][ T5947] usb 3-1: config 0 descriptor??
[ 1453.749359][ T5947] usbhid 3-1:0.0: can't add hid device: -71
[ 1453.828989][ T5947] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1453.877942][ T5947] usb 3-1: USB disconnect, device number 39
[ 1454.077826][T20087] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[ 1454.281756][T20087] usb 2-1: too many configurations: 65, using maximum allowed: 8
[ 1454.319257][T20087] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1454.335618][T20087] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1454.348991][T20087] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1454.366332][T20087] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1454.393857][T20087] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1454.419605][T20087] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1454.434656][T20087] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1454.451667][T20087] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1454.476028][T20087] usb 2-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=83.9c
[ 1454.485719][T20087] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1454.524848][T20087] usb 2-1: Product: syz
[ 1454.545744][T20087] usb 2-1: Manufacturer: syz
[ 1454.563095][T20087] usb 2-1: SerialNumber: syz
[ 1454.586552][T20087] usb 2-1: config 0 descriptor??
[ 1454.601724][T20087] ims_pcu 2-1:0.0: Zero length descriptor
[ 1454.610670][T20087] ims_pcu 2-1:0.0: probe with driver ims_pcu failed with error -22
[ 1454.886750][ T5947] usb 2-1: USB disconnect, device number 45
[ 1458.007984][ T5925] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[ 1458.417971][ T5925] usb 1-1: Using ep0 maxpacket: 8
[ 1458.425503][ T5925] usb 1-1: descriptor type invalid, skip
[ 1458.446958][ T5925] usb 1-1: config 1 has an invalid descriptor of length 109, skipping remainder of the config
[ 1458.467920][ T5925] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1458.480760][ T5925] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1458.561680][ T5925] usb 1-1: language id specifier not provided by device, defaulting to English
[ 1458.579509][ T5925] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1458.594646][ T5925] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1458.610893][ T5925] usb 1-1: Product: syz
[ 1458.726900][ T5925] usb 1-1: Manufacturer: syz
[ 1458.749334][ T5925] usb 1-1: SerialNumber: syz
[ 1458.773386][ T5925] cdc_ncm 1-1:1.0: skipping garbage
[ 1458.778819][ T5925] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found
[ 1458.785715][ T5925] cdc_ncm 1-1:1.0: bind() failure
[ 1459.464570][T21737] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4503'.
[ 1460.535905][ T5925] usb 1-1: USB disconnect, device number 35
[ 1461.697926][ T5925] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[ 1461.908250][ T5925] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1461.919248][ T5925] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1461.931881][ T5925] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1461.944891][ T5925] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1461.954017][ T5925] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1461.965369][ T5925] usb 1-1: config 0 descriptor??
[ 1462.530059][T21752] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«=
[ 1462.708674][T14111] lec:lec_start_xmit: lec0:No lecd attached
[ 1462.797208][T21756] set match dimension is over the limit!
[ 1463.477861][ T5925] usbhid 1-1:0.0: can't add hid device: -71
[ 1463.634176][ T5925] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1463.754983][ T5925] usb 1-1: USB disconnect, device number 36
[ 1464.009109][T21763] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4510'.
[ 1465.390444][T21779] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1466.068068][T21779] syzkaller0: entered promiscuous mode
[ 1466.073619][T21779] syzkaller0: entered allmulticast mode
[ 1466.168511][ T3450] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[ 1466.230571][  T980] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[ 1466.282596][T21785] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1466.309750][T21782] tipc: Resetting bearer <eth:syzkaller0>
[ 1466.329689][T21776] tipc: Resetting bearer <eth:syzkaller0>
[ 1466.340389][ T3450] usb 5-1: Using ep0 maxpacket: 8
[ 1466.353547][ T3450] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[ 1466.364554][ T3450] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1466.375730][ T3450] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1466.389677][ T3450] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1466.404697][ T3450] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1466.424496][ T3450] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1466.425222][T21776] tipc: Disabling bearer <eth:syzkaller0>
[ 1466.433868][ T3450] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1466.451891][  T980] usb 1-1: Using ep0 maxpacket: 8
[ 1466.461716][  T980] usb 1-1: descriptor type invalid, skip
[ 1466.476992][  T980] usb 1-1: config 1 has an invalid descriptor of length 109, skipping remainder of the config
[ 1466.505917][  T980] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1466.539943][  T980] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1466.605957][  T980] usb 1-1: language id specifier not provided by device, defaulting to English
[ 1466.646115][  T980] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1466.664176][ T3450] usb 5-1: usb_control_msg returned -32
[ 1466.686480][ T3450] usbtmc 5-1:16.0: can't read capabilities
[ 1466.696481][  T980] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1466.705832][  T980] usb 1-1: Product: syz
[ 1466.730223][  T980] usb 1-1: Manufacturer: syz
[ 1466.740584][  T980] usb 1-1: SerialNumber: syz
[ 1466.761862][  T980] cdc_ncm 1-1:1.0: skipping garbage
[ 1466.767325][  T980] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found
[ 1466.781869][  T980] cdc_ncm 1-1:1.0: bind() failure
[ 1466.850829][T21794] ubi31: detaching mtd0
[ 1466.871084][T21794] ubi31: mtd0 is detached
[ 1466.977919][ T3450] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[ 1467.127894][ T3450] usb 3-1: Using ep0 maxpacket: 16
[ 1467.136878][ T3450] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1467.156897][ T3450] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1467.184419][ T3450] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1467.196356][ T3450] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1467.210864][ T3450] usb 3-1: Product: syz
[ 1467.216462][ T3450] usb 3-1: Manufacturer: syz
[ 1467.227498][ T3450] usb 3-1: SerialNumber: syz
[ 1467.243606][ T3450] usb 3-1: config 0 descriptor??
[ 1467.258291][ T3450] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1467.274902][ T3450] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[ 1467.892597][ T3450] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[ 1467.902569][ T3450] em28xx 3-1:0.0: Config register raw data: 0xfffffffb
[ 1468.037803][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5330 ms
[ 1468.045916][    C0] lec:lec_tx_timeout: lec0
[ 1468.222658][ T5947] usb 5-1: USB disconnect, device number 22
[ 1468.406693][ T5925] usb 1-1: USB disconnect, device number 37
[ 1468.408847][T21801] set match dimension is over the limit!
[ 1468.672462][ T3450] em28xx 3-1:0.0: Unknown AC97 audio processor detected!
[ 1468.966986][T21803] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1469.039362][T21803] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1469.048654][T21806] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4522'.
[ 1469.805274][ T3450] em28xx 3-1:0.0: couldn't setup AC97 register 2
[ 1469.816612][ T3450] em28xx 3-1:0.0: couldn't setup AC97 register 4
[ 1469.824028][ T3450] em28xx 3-1:0.0: couldn't setup AC97 register 6
[ 1469.831160][ T3450] em28xx 3-1:0.0: couldn't setup AC97 register 54
[ 1469.849904][ T3450] em28xx 3-1:0.0: couldn't setup AC97 register 56
[ 1469.926346][T21810] netlink: 209592 bytes leftover after parsing attributes in process `syz.4.4523'.
[ 1470.305620][ T3450] usb 3-1: USB disconnect, device number 40
[ 1470.718043][ T3450] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[ 1470.892031][ T3450] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1470.906987][ T3450] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1470.916856][ T3450] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1470.933936][ T3450] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1470.943105][ T3450] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1470.961241][ T3450] usb 3-1: config 0 descriptor??
[ 1471.670870][ T3450] usbhid 3-1:0.0: can't add hid device: -71
[ 1471.677656][ T3450] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1471.760593][ T3450] usb 3-1: USB disconnect, device number 41
[ 1471.921100][T21821] loop2: detected capacity change from 0 to 7
[ 1471.951205][T21821] Dev loop2: unable to read RDB block 7
[ 1471.956862][T21821]  loop2: AHDI p1 p2 p3
[ 1471.979948][T21821] loop2: partition table partially beyond EOD, truncated
[ 1472.003925][T21821] loop2: p1 start 1601398130 is beyond EOD, truncated
[ 1472.034411][T21821] loop2: p2 start 1702059890 is beyond EOD, truncated
[ 1472.837809][   T30] audit: type=1400 audit(1755034270.142:333): lsm=SMACK fn=smack_inode_permission action=denied subject="w" object="_" requested=w pid=21832 comm="syz.4.4530" name="register" dev="binfmt_misc" ino=3
[ 1473.680448][  T980] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[ 1474.077789][  T980] usb 5-1: Using ep0 maxpacket: 8
[ 1474.123052][  T980] usb 5-1: descriptor type invalid, skip
[ 1474.218350][T21860] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4534'.
[ 1474.400843][  T980] usb 5-1: config 1 has an invalid descriptor of length 109, skipping remainder of the config
[ 1474.487200][  T980] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1474.585419][  T980] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1474.772807][  T980] usb 5-1: language id specifier not provided by device, defaulting to English
[ 1474.817998][  T980] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1474.827453][  T980] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1474.855454][  T980] usb 5-1: Product: syz
[ 1474.870691][  T980] usb 5-1: Manufacturer: syz
[ 1474.875364][  T980] usb 5-1: SerialNumber: syz
[ 1475.038719][T21869] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4536'.
[ 1475.161184][  T980] cdc_ncm 5-1:1.0: skipping garbage
[ 1475.166843][  T980] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[ 1475.174744][  T980] cdc_ncm 5-1:1.0: bind() failure
[ 1476.789938][T21887] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1476.811114][T20087] usb 5-1: USB disconnect, device number 23
[ 1476.926811][T21884] tmpfs: Bad value for 'mpol'
[ 1476.979068][T21884] xt_hashlimit: max too large, truncated to 1048576
[ 1477.010737][T21893] 9pnet_fd: Insufficient options for proto=fd
[ 1477.108953][T21899] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1477.116685][T21899] comedi comedi3: 8255: I/O port conflict (0x2,4)
[ 1477.124636][T21899] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1477.133239][T21899] comedi comedi3: 8255: I/O port conflict (0x5c952399,4)
[ 1477.142998][T21899] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1477.150484][T21899] comedi comedi3: 8255: I/O port conflict (0x3ff,4)
[ 1477.168312][T21899] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1477.175338][T21899] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1477.191039][T21899] comedi comedi3: 8255: I/O port conflict (0x9,4)
[ 1477.198668][T21899] comedi comedi3: 8255: I/O port conflict (0x6,4)
[ 1477.198971][T21888] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[ 1477.205353][T21899] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1477.227038][T21899] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1477.237853][T21899] comedi comedi3: 8255: I/O port conflict (0xffffffff80000089,4)
[ 1477.247807][T21899] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffd,4)
[ 1480.754068][T21931] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1483.968589][ T9348] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[ 1484.391304][T21960] program syz.4.4557 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1484.552869][ T9348] usb 6-1: Using ep0 maxpacket: 8
[ 1484.567000][ T9348] usb 6-1: descriptor type invalid, skip
[ 1484.605278][ T9348] usb 6-1: config 1 has an invalid descriptor of length 109, skipping remainder of the config
[ 1484.616868][ T9348] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1484.653781][ T9348] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1484.693352][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1484.711349][ T1302] lec:lec_start_xmit: lec0:No lecd attached
[ 1484.722785][ T9348] usb 6-1: language id specifier not provided by device, defaulting to English
[ 1484.791629][ T9348] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1484.828271][ T9348] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1484.867826][ T9348] usb 6-1: Product: syz
[ 1484.877976][ T9348] usb 6-1: Manufacturer: syz
[ 1484.882647][ T9348] usb 6-1: SerialNumber: syz
[ 1484.914497][ T9348] cdc_ncm 6-1:1.0: skipping garbage
[ 1484.940440][ T9348] cdc_ncm 6-1:1.0: CDC Union missing and no IAD found
[ 1484.947311][ T9348] cdc_ncm 6-1:1.0: bind() failure
[ 1485.980715][T21980] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4563'.
[ 1487.737425][T15999] usb 6-1: USB disconnect, device number 16
[ 1488.264489][T21986] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1488.289641][T21986] syzkaller0: entered promiscuous mode
[ 1488.295633][T21986] syzkaller0: entered allmulticast mode
[ 1488.998431][T21986] tipc: Resetting bearer <eth:syzkaller0>
[ 1489.028117][T21985] tipc: Resetting bearer <eth:syzkaller0>
[ 1489.057010][T21985] tipc: Disabling bearer <eth:syzkaller0>
[ 1490.047774][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5340 ms
[ 1490.055825][    C0] lec:lec_tx_timeout: lec0
[ 1494.765480][T22060] set match dimension is over the limit!
[ 1494.795169][T22060] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4578'.
[ 1497.952980][T22081] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4584'.
[ 1498.108982][ T9348] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[ 1498.367819][ T9348] usb 6-1: Using ep0 maxpacket: 32
[ 1498.386828][ T9348] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1498.401101][ T9348] usb 6-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1498.426473][ T9348] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1498.476936][ T9348] usb 6-1: Product: syz
[ 1498.484019][ T9348] usb 6-1: Manufacturer: syz
[ 1498.498069][ T9348] usb 6-1: SerialNumber: syz
[ 1498.623811][T22095] netlink: 68 bytes leftover after parsing attributes in process `syz.0.4586'.
[ 1499.014009][ T9348] usb 6-1: config 0 descriptor??
[ 1499.286520][T22098] FAULT_INJECTION: forcing a failure.
[ 1499.286520][T22098] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1499.377784][T22098] CPU: 1 UID: 0 PID: 22098 Comm: syz.4.4589 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1499.377814][T22098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1499.377826][T22098] Call Trace:
[ 1499.377834][T22098]  <TASK>
[ 1499.377842][T22098]  dump_stack_lvl+0x189/0x250
[ 1499.377870][T22098]  ? __pfx____ratelimit+0x10/0x10
[ 1499.377890][T22098]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1499.377911][T22098]  ? __pfx__printk+0x10/0x10
[ 1499.377935][T22098]  ? __might_fault+0xb0/0x130
[ 1499.377964][T22098]  should_fail_ex+0x414/0x560
[ 1499.377989][T22098]  _copy_from_iter+0x1db/0x16f0
[ 1499.378025][T22098]  ? __pfx__copy_from_iter+0x10/0x10
[ 1499.378046][T22098]  ? sock_alloc_send_pskb+0x875/0x990
[ 1499.378072][T22098]  ? __pfx__copy_from_iter+0x10/0x10
[ 1499.378097][T22098]  ? page_copy_sane+0x16a/0x280
[ 1499.378122][T22098]  copy_page_from_iter+0xdd/0x170
[ 1499.378149][T22098]  skb_copy_datagram_from_iter+0x306/0x720
[ 1499.378180][T22098]  tun_get_user+0x15c3/0x3ce0
[ 1499.378220][T22098]  ? __might_fault+0xb0/0x130
[ 1499.378241][T22098]  ? __pfx_tun_get_user+0x10/0x10
[ 1499.378271][T22098]  ? __lock_acquire+0xab9/0xd20
[ 1499.378294][T22098]  ? ref_tracker_alloc+0x318/0x460
[ 1499.378314][T22098]  ? __lock_acquire+0xab9/0xd20
[ 1499.378333][T22098]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1499.378358][T22098]  ? tun_get+0x1c/0x2f0
[ 1499.378385][T22098]  ? tun_get+0x1c/0x2f0
[ 1499.378408][T22098]  ? tun_get+0x1c/0x2f0
[ 1499.378435][T22098]  tun_chr_write_iter+0x113/0x200
[ 1499.378461][T22098]  vfs_write+0x54b/0xa90
[ 1499.378484][T22098]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1499.378508][T22098]  ? __pfx_vfs_write+0x10/0x10
[ 1499.378536][T22098]  ? __fget_files+0x2a/0x420
[ 1499.378565][T22098]  ksys_write+0x145/0x250
[ 1499.378585][T22098]  ? __pfx_ksys_write+0x10/0x10
[ 1499.378600][T22098]  ? rcu_is_watching+0x15/0xb0
[ 1499.378627][T22098]  ? do_syscall_64+0xbe/0x3b0
[ 1499.378653][T22098]  do_syscall_64+0xfa/0x3b0
[ 1499.378673][T22098]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1499.378693][T22098]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1499.378713][T22098]  ? clear_bhb_loop+0x60/0xb0
[ 1499.378737][T22098]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1499.378755][T22098] RIP: 0033:0x7f6320b8ebe9
[ 1499.378781][T22098] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1499.378798][T22098] RSP: 002b:00007f632199b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1499.378820][T22098] RAX: ffffffffffffffda RBX: 00007f6320db5fa0 RCX: 00007f6320b8ebe9
[ 1499.378835][T22098] RDX: 000000000000fdef RSI: 0000200000000040 RDI: 0000000000000005
[ 1499.378847][T22098] RBP: 00007f632199b090 R08: 0000000000000000 R09: 0000000000000000
[ 1499.378859][T22098] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1499.378870][T22098] R13: 00007f6320db6038 R14: 00007f6320db5fa0 R15: 00007ffca7bc9fc8
[ 1499.378900][T22098]  </TASK>
[ 1499.694452][ T9348] gs_usb 6-1:0.0: Configuring for 2 interfaces
[ 1500.032067][T22108] set match dimension is over the limit!
[ 1500.044145][T22108] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4592'.
[ 1500.188412][ T3450] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[ 1500.538228][T22100] loop6: detected capacity change from 0 to 63
[ 1500.549976][T22100] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1500.558412][T22100] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1500.566810][T22100] Buffer I/O error on dev loop6, logical block 2, async page read
[ 1500.575225][T22100] Buffer I/O error on dev loop6, logical block 3, async page read
[ 1500.583931][T22100] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1500.594593][T22100] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1500.603373][T22100] Buffer I/O error on dev loop6, logical block 2, async page read
[ 1500.612167][T22100] Buffer I/O error on dev loop6, logical block 3, async page read
[ 1500.621063][T22100] Buffer I/O error on dev loop6, logical block 0, async page read
[ 1500.629668][T22100] Buffer I/O error on dev loop6, logical block 1, async page read
[ 1500.849342][ T9348] gs_usb 6-1:0.0: Disabling termination support for channel 0 (-ETIMEDOUT)
[ 1501.048411][T15999] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[ 1501.120300][ T9348] gs_usb 6-1:0.0: Couldn't get bit timing const for channel 1 (-EPIPE)
[ 1501.147803][ T3450] usb 2-1: Using ep0 maxpacket: 8
[ 1501.163465][ T3450] usb 2-1: config 0 has an invalid interface number: 52 but max is 0
[ 1501.190370][ T3450] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1501.237843][T15999] usb 1-1: Using ep0 maxpacket: 8
[ 1501.245388][T15999] usb 1-1: config index 0 descriptor too short (expected 1821, got 853)
[ 1501.274817][ T3450] usb 2-1: config 0 has no interface number 0
[ 1501.281166][T15999] usb 1-1: config 0 has an invalid interface number: 103 but max is 2
[ 1501.324140][ T3450] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1501.507814][T15999] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1501.508134][ T9348] gs_usb 6-1:0.0: probe with driver gs_usb failed with error -32
[ 1501.543087][ T3450] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1502.308866][T15999] usb 1-1: config 0 has 2 interfaces, different from the descriptor's value: 3
[ 1502.371187][ T3450] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1502.391369][T15999] usb 1-1: config 0 has no interface number 1
[ 1502.417870][T15999] usb 1-1: config 0 interface 103 altsetting 9 endpoint 0x7 has an invalid bInterval 0, changing to 7
[ 1502.428944][ T3450] usb 2-1: config 0 interface 52 has no altsetting 0
[ 1502.448049][T15999] usb 1-1: config 0 interface 103 altsetting 9 endpoint 0xE has invalid maxpacket 1024, setting to 64
[ 1502.459925][ T3450] usb 2-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[ 1502.475875][ T3450] usb 2-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[ 1502.487859][T15999] usb 1-1: config 0 interface 103 altsetting 9 has a duplicate endpoint with address 0x8, skipping
[ 1502.597950][ T3450] usb 2-1: Manufacturer: syz
[ 1502.607800][T15999] usb 1-1: config 0 interface 103 altsetting 9 has a duplicate endpoint with address 0x4, skipping
[ 1502.620180][ T3450] usb 2-1: config 0 descriptor??
[ 1502.643439][T15999] usb 1-1: config 0 interface 103 has no altsetting 0
[ 1502.665651][T15999] usb 1-1: New USB device found, idVendor=04b4, idProduct=1002, bcdDevice=cd.b4
[ 1502.681803][ T9348] usb 6-1: USB disconnect, device number 17
[ 1502.687888][T15999] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1502.687942][T15999] usb 1-1: Product: syz
[ 1502.687960][T15999] usb 1-1: Manufacturer: syz
[ 1502.687978][T15999] usb 1-1: SerialNumber: syz
[ 1502.709095][T15999] usb 1-1: config 0 descriptor??
[ 1502.888004][ T3450] usb 2-1: Can not set alternate setting to 1, error: -71
[ 1502.946024][ T3450] synaptics_usb 2-1:0.52: probe with driver synaptics_usb failed with error -71
[ 1503.024125][ T3450] usb 2-1: USB disconnect, device number 46
[ 1503.038764][T15999] videodev: could not get a free minor
[ 1503.044262][T15999] dsbr100 1-1:0.0: couldn't register video device
[ 1503.097304][T15999] dsbr100 1-1:0.0: probe with driver dsbr100 failed with error -23
[ 1503.144483][T15999] usb 1-1: USB disconnect, device number 38
[ 1503.698064][ T5925] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[ 1503.985466][ T5925] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1504.015062][ T5925] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1504.038907][ T5925] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[ 1504.049871][ T5925] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1504.095116][ T5925] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1504.115744][ T5925] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1504.160287][ T5925] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 1504.177243][ T5925] usb 5-1: invalid MIDI out EP 0
[ 1505.372310][ T5925] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 1505.415216][ T5925] usb 5-1: USB disconnect, device number 24
[ 1505.492812][T22137] tmpfs: Bad value for 'mpol'
[ 1506.076939][T22139] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4602'.
[ 1507.168049][T22145] Cannot find set identified by id 0 to match
[ 1507.193174][T22145] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4604'.
[ 1508.077968][ T9348] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[ 1508.452999][ T9348] usb 1-1: Using ep0 maxpacket: 8
[ 1508.480048][ T9348] usb 1-1: config 0 has an invalid interface number: 52 but max is 0
[ 1508.552092][ T9348] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1508.598428][ T9348] usb 1-1: config 0 has no interface number 0
[ 1508.706050][T22164] set match dimension is over the limit!
[ 1508.733796][T22164] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4610'.
[ 1509.090273][ T9348] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1509.117813][ T9348] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1509.133969][ T9348] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1509.192891][ T9348] usb 1-1: config 0 interface 52 has no altsetting 0
[ 1509.356823][ T9348] usb 1-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[ 1509.366220][ T9348] usb 1-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[ 1509.374575][ T9348] usb 1-1: Manufacturer: syz
[ 1509.413624][ T9348] usb 1-1: config 0 descriptor??
[ 1510.092630][ T9348] usb 1-1: Can not set alternate setting to 1, error: -71
[ 1510.176160][ T9348] synaptics_usb 1-1:0.52: probe with driver synaptics_usb failed with error -71
[ 1510.296803][ T9348] usb 1-1: USB disconnect, device number 39
[ 1510.667768][T22184] FAULT_INJECTION: forcing a failure.
[ 1510.667768][T22184] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1510.681487][T22184] CPU: 1 UID: 0 PID: 22184 Comm: syz.5.4617 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1510.681518][T22184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1510.681533][T22184] Call Trace:
[ 1510.681542][T22184]  <TASK>
[ 1510.681552][T22184]  dump_stack_lvl+0x189/0x250
[ 1510.681584][T22184]  ? __pfx____ratelimit+0x10/0x10
[ 1510.681609][T22184]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1510.681644][T22184]  ? __pfx__printk+0x10/0x10
[ 1510.681687][T22184]  should_fail_ex+0x414/0x560
[ 1510.681718][T22184]  _copy_to_user+0x31/0xb0
[ 1510.681753][T22184]  simple_read_from_buffer+0xe1/0x170
[ 1510.681783][T22184]  proc_fail_nth_read+0x1df/0x250
[ 1510.681815][T22184]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1510.681858][T22184]  ? rw_verify_area+0x258/0x650
[ 1510.681904][T22184]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1510.681931][T22184]  vfs_read+0x200/0x980
[ 1510.681968][T22184]  ? __pfx___mutex_lock+0x10/0x10
[ 1510.681992][T22184]  ? __pfx_vfs_read+0x10/0x10
[ 1510.682025][T22184]  ? __fget_files+0x2a/0x420
[ 1510.682054][T22184]  ? __fget_files+0x3a0/0x420
[ 1510.682076][T22184]  ? __fget_files+0x2a/0x420
[ 1510.682109][T22184]  ksys_read+0x145/0x250
[ 1510.682130][T22184]  ? __pfx_ksys_read+0x10/0x10
[ 1510.682147][T22184]  ? rcu_is_watching+0x15/0xb0
[ 1510.682175][T22184]  ? do_syscall_64+0xbe/0x3b0
[ 1510.682202][T22184]  do_syscall_64+0xfa/0x3b0
[ 1510.682224][T22184]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1510.682246][T22184]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1510.682266][T22184]  ? clear_bhb_loop+0x60/0xb0
[ 1510.682292][T22184]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1510.682312][T22184] RIP: 0033:0x7f7bf5b8d5fc
[ 1510.682330][T22184] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1510.682349][T22184] RSP: 002b:00007f7bf6a02030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1510.682371][T22184] RAX: ffffffffffffffda RBX: 00007f7bf5db6090 RCX: 00007f7bf5b8d5fc
[ 1510.682386][T22184] RDX: 000000000000000f RSI: 00007f7bf6a020a0 RDI: 000000000000000a
[ 1510.682400][T22184] RBP: 00007f7bf6a02090 R08: 0000000000000000 R09: 0000000000000000
[ 1510.682413][T22184] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000001
[ 1510.682427][T22184] R13: 00007f7bf5db6128 R14: 00007f7bf5db6090 R15: 00007ffdcf943828
[ 1510.682460][T22184]  </TASK>
[ 1511.233968][T22193] FAULT_INJECTION: forcing a failure.
[ 1511.233968][T22193] name failslab, interval 1, probability 0, space 0, times 0
[ 1511.246886][T22193] CPU: 1 UID: 0 PID: 22193 Comm: syz.0.4619 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1511.246907][T22193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1511.246918][T22193] Call Trace:
[ 1511.246925][T22193]  <TASK>
[ 1511.246932][T22193]  dump_stack_lvl+0x189/0x250
[ 1511.246955][T22193]  ? __pfx____ratelimit+0x10/0x10
[ 1511.246972][T22193]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1511.246991][T22193]  ? __pfx__printk+0x10/0x10
[ 1511.247016][T22193]  ? __pfx___might_resched+0x10/0x10
[ 1511.247033][T22193]  ? fs_reclaim_acquire+0x7d/0x100
[ 1511.247057][T22193]  should_fail_ex+0x414/0x560
[ 1511.247078][T22193]  should_failslab+0xa8/0x100
[ 1511.247096][T22193]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1511.247112][T22193]  ? __xdp_reg_mem_model+0x1d8/0x5a0
[ 1511.247141][T22193]  __xdp_reg_mem_model+0x1d8/0x5a0
[ 1511.247169][T22193]  ? __pfx___xdp_reg_mem_model+0x10/0x10
[ 1511.247195][T22193]  ? page_pool_create_percpu+0x800/0xbe0
[ 1511.247216][T22193]  xdp_reg_mem_model+0x22/0x40
[ 1511.247240][T22193]  bpf_test_run_xdp_live+0x215/0x1b10
[ 1511.247266][T22193]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1511.247291][T22193]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1511.247317][T22193]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[ 1511.247339][T22193]  ? 0xffffffffa02057c0
[ 1511.247354][T22193]  ? 0xffffffffa02057c0
[ 1511.247403][T22193]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[ 1511.247433][T22193]  ? _copy_from_user+0x94/0xb0
[ 1511.247455][T22193]  ? bpf_test_init+0x133/0x170
[ 1511.247475][T22193]  ? xdp_convert_md_to_buff+0x5b/0x330
[ 1511.247500][T22193]  bpf_prog_test_run_xdp+0x713/0x1000
[ 1511.247534][T22193]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 1511.247561][T22193]  ? __fget_files+0x2a/0x420
[ 1511.247583][T22193]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[ 1511.247606][T22193]  bpf_prog_test_run+0x2c7/0x340
[ 1511.247634][T22193]  __sys_bpf+0x4a4/0x860
[ 1511.247658][T22193]  ? __pfx___sys_bpf+0x10/0x10
[ 1511.247706][T22193]  ? ksys_write+0x22a/0x250
[ 1511.247729][T22193]  ? __pfx_ksys_write+0x10/0x10
[ 1511.247747][T22193]  ? rcu_is_watching+0x15/0xb0
[ 1511.247779][T22193]  __x64_sys_bpf+0x7c/0x90
[ 1511.247821][T22193]  do_syscall_64+0xfa/0x3b0
[ 1511.247844][T22193]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1511.247873][T22193]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1511.247894][T22193]  ? clear_bhb_loop+0x60/0xb0
[ 1511.247920][T22193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1511.247940][T22193] RIP: 0033:0x7f7d9018ebe9
[ 1511.247959][T22193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1511.247977][T22193] RSP: 002b:00007f7d90f89038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1511.248001][T22193] RAX: ffffffffffffffda RBX: 00007f7d903b5fa0 RCX: 00007f7d9018ebe9
[ 1511.248017][T22193] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[ 1511.248032][T22193] RBP: 00007f7d90f89090 R08: 0000000000000000 R09: 0000000000000000
[ 1511.248046][T22193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1511.248059][T22193] R13: 00007f7d903b6038 R14: 00007f7d903b5fa0 R15: 00007ffcdd956458
[ 1511.248092][T22193]  </TASK>
[ 1512.376429][T17429] Bluetooth: hci1: command 0x0406 tx timeout
[ 1512.445742][T22198] set match dimension is over the limit!
[ 1513.377850][ T5947] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[ 1513.562132][ T5947] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1513.609546][ T5947] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1513.650128][ T5947] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1513.694358][ T5947] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1513.714095][ T5947] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1513.726358][T22212] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.4626'.
[ 1513.740672][ T5947] usb 6-1: config 0 descriptor??
[ 1514.505457][ T5947] usbhid 6-1:0.0: can't add hid device: -71
[ 1514.527288][ T5947] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1514.561423][ T5947] usb 6-1: USB disconnect, device number 18
[ 1514.620678][T22228] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4630'.
[ 1514.781625][T22230] netlink: 'syz.1.4631': attribute type 3 has an invalid length.
[ 1514.821168][T22230] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4631'.
[ 1514.871719][T22232] syzkaller0: entered promiscuous mode
[ 1514.878500][T22232] syzkaller0: entered allmulticast mode
[ 1517.628680][T22268] netlink: 68 bytes leftover after parsing attributes in process `syz.4.4643'.
[ 1518.359550][T22271] fanotify: failed to encode fid (type=0, len=0, err=-2)
[ 1520.329469][T22289] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4649'.
[ 1523.299332][T22308] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4655'.
[ 1524.432177][T22319] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4657'.
[ 1526.704329][T14111] lec:lec_start_xmit: lec0:No lecd attached
[ 1526.770961][T22322] tmpfs: Bad value for 'mpol'
[ 1527.617375][T22316] IPVS: length: 159 != 24
[ 1527.847865][ T5947] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[ 1528.317851][ T5947] usb 1-1: Using ep0 maxpacket: 8
[ 1529.878104][ T5857] Bluetooth: hci1: command 0x0406 tx timeout
[ 1529.878961][ T5947] usb 1-1: config 0 has an invalid interface number: 52 but max is 0
[ 1529.892706][ T5947] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1529.903111][ T5947] usb 1-1: config 0 has no interface number 0
[ 1529.909510][ T5947] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1529.921757][ T5947] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1529.931988][ T5947] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1529.981802][ T5947] usb 1-1: config 0 interface 52 has no altsetting 0
[ 1530.009334][ T5947] usb 1-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[ 1530.031433][ T5947] usb 1-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[ 1530.077990][ T5947] usb 1-1: Manufacturer: syz
[ 1530.089112][ T5947] usb 1-1: config 0 descriptor??
[ 1530.287265][ T5947] usb 1-1: Can not set alternate setting to 1, error: -71
[ 1530.318273][ T5947] synaptics_usb 1-1:0.52: probe with driver synaptics_usb failed with error -71
[ 1530.393180][ T5947] usb 1-1: USB disconnect, device number 40
[ 1530.425014][T22351] tmpfs: Bad value for 'mpol'
[ 1530.679068][T22350] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4667'.
[ 1530.680389][T22358] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4666'.
[ 1530.726094][T22359] xt_hashlimit: max too large, truncated to 1048576
[ 1532.037874][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5330 ms
[ 1532.046004][    C0] lec:lec_tx_timeout: lec0
[ 1535.443543][ T5857] Bluetooth: hci1: command 0x0406 tx timeout
[ 1536.797810][ T5925] IPVS: starting estimator thread 0...
[ 1536.887885][T22405] IPVS: using max 27 ests per chain, 64800 per kthread
[ 1536.930970][T15999] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[ 1537.087812][T15999] usb 5-1: Using ep0 maxpacket: 8
[ 1537.103434][T15999] usb 5-1: config 0 has an invalid interface number: 52 but max is 0
[ 1537.113725][T15999] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1537.196874][T15999] usb 5-1: config 0 has no interface number 0
[ 1537.218521][T15999] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1537.267942][ T5925] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[ 1537.269018][T15999] usb 5-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1537.305966][T15999] usb 5-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1537.368915][T15999] usb 5-1: config 0 interface 52 has no altsetting 0
[ 1537.410014][T15999] usb 5-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[ 1537.447891][T15999] usb 5-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[ 1537.476638][T15999] usb 5-1: Manufacturer: syz
[ 1537.489742][ T5925] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1537.495046][T15999] usb 5-1: config 0 descriptor??
[ 1537.537556][ T5925] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1537.564682][ T5925] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1537.622491][ T5925] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1537.681795][ T5925] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1537.720478][ T5925] usb 2-1: config 0 descriptor??
[ 1537.757949][T15999] usb 5-1: Can not set alternate setting to 1, error: -71
[ 1537.825173][T15999] synaptics_usb 5-1:0.52: probe with driver synaptics_usb failed with error -71
[ 1537.907015][T15999] usb 5-1: USB disconnect, device number 25
[ 1538.693748][ T5925] usbhid 2-1:0.0: can't add hid device: -71
[ 1538.732394][ T5925] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1538.775526][ T5925] usb 2-1: USB disconnect, device number 47
[ 1539.084477][T22438] tmpfs: Bad value for 'mpol'
[ 1539.460553][T22444] xt_hashlimit: max too large, truncated to 1048576
[ 1541.645971][T22471] set match dimension is over the limit!
[ 1541.656574][T22471] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4691'.
[ 1543.558225][T17429] Bluetooth: hci1: command 0x0406 tx timeout
[ 1544.952205][ T3450] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[ 1545.159497][ T3450] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1545.219690][ T3450] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1545.266447][ T3450] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1545.303162][ T3450] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1545.468456][ T3450] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1545.491034][ T3450] usb 3-1: config 0 descriptor??
[ 1546.315683][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.326665][ T1302] lec:lec_start_xmit: lec0:No lecd attached
[ 1546.974409][ T3450] usbhid 3-1:0.0: can't add hid device: -71
[ 1547.011887][ T3450] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1547.069406][ T3450] usb 3-1: USB disconnect, device number 42
[ 1547.677851][T22536] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4704'.
[ 1548.370992][T15999] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[ 1548.601601][T22550] FAULT_INJECTION: forcing a failure.
[ 1548.601601][T22550] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1548.617994][  T980] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[ 1548.625584][T15999] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1548.625622][T15999] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1548.625664][T15999] usb 3-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[ 1548.625691][T15999] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1548.629178][T15999] usb 3-1: config 0 descriptor??
[ 1548.675281][T22550] CPU: 1 UID: 0 PID: 22550 Comm: syz.5.4709 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1548.675318][T22550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1548.675333][T22550] Call Trace:
[ 1548.675343][T22550]  <TASK>
[ 1548.675354][T22550]  dump_stack_lvl+0x189/0x250
[ 1548.675386][T22550]  ? __pfx____ratelimit+0x10/0x10
[ 1548.675412][T22550]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1548.675437][T22550]  ? __pfx__printk+0x10/0x10
[ 1548.675468][T22550]  ? __might_fault+0xb0/0x130
[ 1548.675505][T22550]  should_fail_ex+0x414/0x560
[ 1548.675534][T22550]  _copy_from_user+0x2d/0xb0
[ 1548.675565][T22550]  memdup_user+0x5e/0xd0
[ 1548.675593][T22550]  strndup_user+0x68/0xd0
[ 1548.675621][T22550]  __se_sys_mount+0x9c/0x410
[ 1548.675646][T22550]  ? ksys_write+0x22a/0x250
[ 1548.675669][T22550]  ? __pfx___se_sys_mount+0x10/0x10
[ 1548.675691][T22550]  ? rcu_is_watching+0x15/0xb0
[ 1548.675722][T22550]  ? do_syscall_64+0xbe/0x3b0
[ 1548.675744][T22550]  ? __x64_sys_mount+0x20/0xc0
[ 1548.675772][T22550]  do_syscall_64+0xfa/0x3b0
[ 1548.675798][T22550]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1548.675820][T22550]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1548.675841][T22550]  ? clear_bhb_loop+0x60/0xb0
[ 1548.675868][T22550]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1548.675891][T22550] RIP: 0033:0x7f7bf5b8ebe9
[ 1548.675911][T22550] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1548.675931][T22550] RSP: 002b:00007f7bf6a23038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1548.675955][T22550] RAX: ffffffffffffffda RBX: 00007f7bf5db5fa0 RCX: 00007f7bf5b8ebe9
[ 1548.675972][T22550] RDX: 0000200000000040 RSI: 0000200000000000 RDI: 0000200000000140
[ 1548.675989][T22550] RBP: 00007f7bf6a23090 R08: 0000000000000000 R09: 0000000000000000
[ 1548.676015][T22550] R10: 0000000000208000 R11: 0000000000000246 R12: 0000000000000001
[ 1548.676030][T22550] R13: 00007f7bf5db6038 R14: 00007f7bf5db5fa0 R15: 00007ffdcf943828
[ 1548.676065][T22550]  </TASK>
[ 1549.030085][  T980] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1549.043135][  T980] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1549.077791][  T980] usb 1-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[ 1549.107479][  T980] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1549.148932][  T980] usb 1-1: config 0 descriptor??
[ 1549.348198][T15999] hid-steam 0003:28DE:1142.000F: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[ 1549.437852][T15999] hid-steam 0003:28DE:1142.000F: Steam wireless receiver connected
[ 1549.453065][T15999] hid-steam 0003:28DE:1142.0010: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[ 1549.773826][  T980] hid-steam 0003:28DE:1142.0011: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.0-1/input0
[ 1550.219617][T22559] FAULT_INJECTION: forcing a failure.
[ 1550.219617][T22559] name failslab, interval 1, probability 0, space 0, times 0
[ 1550.232518][T22559] CPU: 1 UID: 0 PID: 22559 Comm: syz.0.4706 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1550.232549][T22559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1550.232563][T22559] Call Trace:
[ 1550.232574][T22559]  <TASK>
[ 1550.232591][T22559]  dump_stack_lvl+0x189/0x250
[ 1550.232622][T22559]  ? __pfx____ratelimit+0x10/0x10
[ 1550.232646][T22559]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1550.232671][T22559]  ? __pfx__printk+0x10/0x10
[ 1550.232706][T22559]  ? __pfx___might_resched+0x10/0x10
[ 1550.232736][T22559]  should_fail_ex+0x414/0x560
[ 1550.232764][T22559]  ? vmemdup_user+0x26/0xd0
[ 1550.232790][T22559]  should_failslab+0xa8/0x100
[ 1550.232817][T22559]  __kvmalloc_node_noprof+0x161/0x5f0
[ 1550.232841][T22559]  ? vmemdup_user+0x26/0xd0
[ 1550.232875][T22559]  vmemdup_user+0x26/0xd0
[ 1550.232904][T22559]  map_lookup_elem+0x237/0x620
[ 1550.232938][T22559]  ? bpf_lsm_bpf+0x9/0x20
[ 1550.232970][T22559]  __sys_bpf+0x46b/0x860
[ 1550.233003][T22559]  ? __pfx___sys_bpf+0x10/0x10
[ 1550.233068][T22559]  __x64_sys_bpf+0x7c/0x90
[ 1550.233098][T22559]  do_syscall_64+0xfa/0x3b0
[ 1550.233124][T22559]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1550.233145][T22559]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1550.233167][T22559]  ? clear_bhb_loop+0x60/0xb0
[ 1550.233194][T22559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1550.233215][T22559] RIP: 0033:0x7f7d9018ebe9
[ 1550.233235][T22559] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1550.233254][T22559] RSP: 002b:00007f7d90f47038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1550.233277][T22559] RAX: ffffffffffffffda RBX: 00007f7d903b6180 RCX: 00007f7d9018ebe9
[ 1550.233293][T22559] RDX: 000000000000001d RSI: 00002000000000c0 RDI: 0000000000000001
[ 1550.233308][T22559] RBP: 00007f7d90f47090 R08: 0000000000000000 R09: 0000000000000000
[ 1550.233322][T22559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1550.233335][T22559] R13: 00007f7d903b6218 R14: 00007f7d903b6180 R15: 00007ffcdd956458
[ 1550.233369][T22559]  </TASK>
[ 1550.457760][  T980] hid-steam 0003:28DE:1142.0011: Steam wireless receiver connected
[ 1550.591317][  T980] hid-steam 0003:28DE:1142.0012: hidraw1: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.0-1/input0
[ 1550.679648][  T980] usb 1-1: USB disconnect, device number 41
[ 1550.718446][ T3450] usb 3-1: reset high-speed USB device number 43 using dummy_hcd
[ 1550.805964][  T980] hid-steam 0003:28DE:1142.0011: Steam wireless receiver disconnected
[ 1551.206188][  T980] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[ 1551.357949][  T980] usb 1-1: Using ep0 maxpacket: 32
[ 1551.359580][T22567] set match dimension is over the limit!
[ 1551.387642][  T980] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 1551.416908][  T980] usb 1-1: config 0 has no interface number 0
[ 1551.646647][  T980] usb 1-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[ 1551.675728][  T980] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1551.697785][  T980] usb 1-1: Product: syz
[ 1551.702366][  T980] usb 1-1: Manufacturer: syz
[ 1551.707143][  T980] usb 1-1: SerialNumber: syz
[ 1551.848147][  T980] usb 1-1: config 0 descriptor??
[ 1551.938636][  T980] usb 1-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[ 1552.008140][  T980] usb 1-1: selecting invalid altsetting 1
[ 1552.027866][  T980] usb 1-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[ 1552.037742][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5710 ms
[ 1552.045805][    C0] lec:lec_tx_timeout: lec0
[ 1552.086812][  T980] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1552.113715][  T980] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[ 1552.146751][  T980] usb 1-1: media controller created
[ 1552.232269][  T980] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1552.544435][T15999] usb 3-1: USB disconnect, device number 43
[ 1552.661837][T15999] hid-steam 0003:28DE:1142.000F: Steam wireless receiver disconnected
[ 1553.118195][T15999] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[ 1553.182337][T22562] usb 1-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[ 1553.292525][  T980] usb 1-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[ 1553.320557][  T980] zl10353_read_register: readreg error (reg=127, ret==-71)
[ 1553.336317][  T980] usb 1-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[ 1553.408569][  T980] usb 1-1: USB disconnect, device number 42
[ 1553.410680][T15999] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1553.534885][T22598] input input35: cannot allocate more than FF_MAX_EFFECTS effects
[ 1553.550327][T15999] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1553.560815][T15999] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1553.579346][T15999] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1553.592512][T15999] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1553.659646][T15999] usb 3-1: config 0 descriptor??
[ 1554.485457][T22605] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4721'.
[ 1554.993101][T15999] usbhid 3-1:0.0: can't add hid device: -71
[ 1555.000247][T15999] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1555.059809][  T980] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[ 1555.113793][T15999] usb 3-1: USB disconnect, device number 44
[ 1555.238154][  T980] usb 1-1: Using ep0 maxpacket: 8
[ 1555.246983][  T980] usb 1-1: config 0 has an invalid interface number: 52 but max is 0
[ 1555.257819][  T980] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1555.313164][  T980] usb 1-1: config 0 has no interface number 0
[ 1555.364021][  T980] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1555.421785][  T980] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1555.487762][  T980] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1555.575887][  T980] usb 1-1: config 0 interface 52 has no altsetting 0
[ 1555.587582][  T980] usb 1-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[ 1555.617639][  T980] usb 1-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[ 1555.626034][  T980] usb 1-1: Manufacturer: syz
[ 1555.851941][  T980] usb 1-1: config 0 descriptor??
[ 1556.592070][  T980] usb 1-1: Can not set alternate setting to 1, error: -71
[ 1556.599840][  T980] synaptics_usb 1-1:0.52: probe with driver synaptics_usb failed with error -71
[ 1556.615530][  T980] usb 1-1: USB disconnect, device number 43
[ 1558.217648][T22651] tmpfs: Bad value for 'mpol'
[ 1558.630436][T22653] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4730'.
[ 1558.810118][T22650] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[ 1559.052615][T22665] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4734'.
[ 1559.137972][ T9348] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[ 1559.298077][ T9348] usb 5-1: Using ep0 maxpacket: 16
[ 1559.313398][ T9348] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[ 1559.346353][ T9348] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1559.355812][ T9348] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1559.415132][T22678] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4738'.
[ 1559.872031][ T9348] usb 5-1: Product: syz
[ 1559.881791][ T9348] usb 5-1: Manufacturer: syz
[ 1559.888147][ T9348] usb 5-1: SerialNumber: syz
[ 1559.896495][ T9348] usb 5-1: config 0 descriptor??
[ 1559.969733][T22683] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1559.987913][ T5925] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[ 1560.355092][T15999] IPVS: starting estimator thread 0...
[ 1560.362490][ T9348] usb 5-1: USB disconnect, device number 26
[ 1560.372617][ T5925] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1560.388065][ T5925] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1560.400164][ T5925] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1560.416752][ T5925] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1560.435840][ T5925] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1560.455627][ T5925] usb 2-1: config 0 descriptor??
[ 1560.478365][T22691] IPVS: using max 22 ests per chain, 52800 per kthread
[ 1561.920700][ T5925] usbhid 2-1:0.0: can't add hid device: -71
[ 1561.933525][ T5925] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1562.018120][ T5925] usb 2-1: USB disconnect, device number 48
[ 1564.144554][T22716] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4748'.
[ 1564.511179][T22728] block nbd5: not configured, cannot reconfigure
[ 1564.601781][T22731] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4752'.
[ 1565.492131][T22734] netlink: 'syz.1.4753': attribute type 10 has an invalid length.
[ 1565.551710][T22734] veth0_vlan: left promiscuous mode
[ 1565.593890][T22734] veth0_vlan: entered promiscuous mode
[ 1565.622305][T22734] team0: Device veth0_vlan failed to register rx_handler
[ 1567.938573][T22762] set match dimension is over the limit!
[ 1568.620145][T22770] netlink: 68 bytes leftover after parsing attributes in process `syz.4.4763'.
[ 1569.350672][T22775] FAULT_INJECTION: forcing a failure.
[ 1569.350672][T22775] name failslab, interval 1, probability 0, space 0, times 0
[ 1569.364130][T22775] CPU: 0 UID: 0 PID: 22775 Comm: syz.4.4764 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1569.364171][T22775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1569.364187][T22775] Call Trace:
[ 1569.364196][T22775]  <TASK>
[ 1569.364206][T22775]  dump_stack_lvl+0x189/0x250
[ 1569.364238][T22775]  ? __pfx____ratelimit+0x10/0x10
[ 1569.364263][T22775]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1569.364288][T22775]  ? __pfx__printk+0x10/0x10
[ 1569.364324][T22775]  ? __pfx___might_resched+0x10/0x10
[ 1569.364356][T22775]  should_fail_ex+0x414/0x560
[ 1569.364385][T22775]  should_failslab+0xa8/0x100
[ 1569.364412][T22775]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1569.364434][T22775]  ? getname_flags+0xb8/0x540
[ 1569.364467][T22775]  getname_flags+0xb8/0x540
[ 1569.364492][T22775]  ? _copy_from_user+0x94/0xb0
[ 1569.364527][T22775]  user_path_at+0x24/0x60
[ 1569.364557][T22775]  __se_sys_mount+0x2d3/0x410
[ 1569.364591][T22775]  ? __pfx___se_sys_mount+0x10/0x10
[ 1569.364618][T22775]  ? rcu_is_watching+0x15/0xb0
[ 1569.364644][T22775]  ? trace_sys_enter+0x25/0x120
[ 1569.364665][T22775]  ? __x64_sys_mount+0x20/0xc0
[ 1569.364693][T22775]  do_syscall_64+0xfa/0x3b0
[ 1569.364718][T22775]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1569.364742][T22775]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1569.364764][T22775]  ? clear_bhb_loop+0x60/0xb0
[ 1569.364792][T22775]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1569.364815][T22775] RIP: 0033:0x7f6320b8ebe9
[ 1569.364835][T22775] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1569.364855][T22775] RSP: 002b:00007f632199b038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1569.364879][T22775] RAX: ffffffffffffffda RBX: 00007f6320db5fa0 RCX: 00007f6320b8ebe9
[ 1569.364896][T22775] RDX: 0000200000000280 RSI: 0000200000000080 RDI: 00002000000001c0
[ 1569.364913][T22775] RBP: 00007f632199b090 R08: 0000000000000000 R09: 0000000000000000
[ 1569.364927][T22775] R10: 0000000001004418 R11: 0000000000000246 R12: 0000000000000001
[ 1569.364941][T22775] R13: 00007f6320db6038 R14: 00007f6320db5fa0 R15: 00007ffca7bc9fc8
[ 1569.364977][T22775]  </TASK>
[ 1569.601363][T22777] block nbd5: not configured, cannot reconfigure
[ 1569.728743][ T5857] Bluetooth: hci3: sending frame failed (-49)
[ 1569.746714][T17429] Bluetooth: hci3: Opcode 0x1003 failed: -49
[ 1572.337002][T22816] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4775'.
[ 1575.707199][T22831] block nbd1: not configured, cannot reconfigure
[ 1575.833625][T22836] tmpfs: Bad value for 'mpol'
[ 1576.483197][T22833] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[ 1576.792704][T22843] tmpfs: Bad value for 'mpol'
[ 1577.505435][T22852] netlink: 68 bytes leftover after parsing attributes in process `syz.2.4786'.
[ 1578.574843][T22848] syzkaller0: entered promiscuous mode
[ 1578.607777][T22848] syzkaller0: entered allmulticast mode
[ 1580.140082][T22876] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4791'.
[ 1583.353164][T22867] FAULT_INJECTION: forcing a failure.
[ 1583.353164][T22867] name failslab, interval 1, probability 0, space 0, times 0
[ 1583.366407][T22867] CPU: 1 UID: 0 PID: 22867 Comm: syz.0.4789 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1583.366427][T22867] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1583.366436][T22867] Call Trace:
[ 1583.366443][T22867]  <TASK>
[ 1583.366449][T22867]  dump_stack_lvl+0x189/0x250
[ 1583.366471][T22867]  ? __pfx____ratelimit+0x10/0x10
[ 1583.366486][T22867]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1583.366502][T22867]  ? __pfx__printk+0x10/0x10
[ 1583.366526][T22867]  ? __pfx___might_resched+0x10/0x10
[ 1583.366546][T22867]  should_fail_ex+0x414/0x560
[ 1583.366565][T22867]  should_failslab+0xa8/0x100
[ 1583.366581][T22867]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1583.366596][T22867]  ? alloc_netdev_mqs+0xbd5/0x11e0
[ 1583.366612][T22867]  ? __xdp_rxq_info_reg+0x189/0x2a0
[ 1583.366637][T22867]  alloc_netdev_mqs+0xbd5/0x11e0
[ 1583.366657][T22867]  br_add_bridge+0x39/0xf0
[ 1583.366694][T22867]  br_ioctl_stub+0x526/0xc80
[ 1583.366715][T22867]  ? trace_contention_end+0x39/0x120
[ 1583.366736][T22867]  ? __pfx_br_ioctl_stub+0x10/0x10
[ 1583.366762][T22867]  ? sock_ioctl+0x4b4/0x790
[ 1583.366784][T22867]  ? __lock_acquire+0xab9/0xd20
[ 1583.366804][T22867]  ? smack_file_ioctl+0x24a/0x340
[ 1583.366823][T22867]  ? __pfx_br_ioctl_stub+0x10/0x10
[ 1583.366842][T22867]  sock_ioctl+0x4d8/0x790
[ 1583.366860][T22867]  ? __pfx_sock_ioctl+0x10/0x10
[ 1583.366877][T22867]  ? __fget_files+0x2a/0x420
[ 1583.366894][T22867]  ? __fget_files+0x3a0/0x420
[ 1583.366911][T22867]  ? __fget_files+0x2a/0x420
[ 1583.366930][T22867]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1583.366948][T22867]  ? __pfx_sock_ioctl+0x10/0x10
[ 1583.366964][T22867]  __se_sys_ioctl+0xfc/0x170
[ 1583.366989][T22867]  do_syscall_64+0xfa/0x3b0
[ 1583.367005][T22867]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1583.367029][T22867]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1583.367045][T22867]  ? clear_bhb_loop+0x60/0xb0
[ 1583.367064][T22867]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1583.367078][T22867] RIP: 0033:0x7f7d9018ebe9
[ 1583.367093][T22867] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1583.367107][T22867] RSP: 002b:00007f7d90f89038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1583.367123][T22867] RAX: ffffffffffffffda RBX: 00007f7d903b5fa0 RCX: 00007f7d9018ebe9
[ 1583.367135][T22867] RDX: 0000200000000200 RSI: 00000000000089a0 RDI: 0000000000000003
[ 1583.367145][T22867] RBP: 00007f7d90f89090 R08: 0000000000000000 R09: 0000000000000000
[ 1583.367154][T22867] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1583.367164][T22867] R13: 00007f7d903b6038 R14: 00007f7d903b5fa0 R15: 00007ffcdd956458
[ 1583.367188][T22867]  </TASK>
[ 1586.342729][T20797] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1586.358758][T20797] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1586.367242][T20797] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1586.377473][T20797] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1586.385561][T20797] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1586.802221][T16265] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1587.555854][T16265] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1588.767870][ T5857] Bluetooth: hci2: command tx timeout
[ 1588.851097][T16265] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1589.223969][T16265] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1589.310151][T22924] chnl_net:caif_netlink_parms(): no params data found
[ 1589.627242][T22949] xt_ecn: cannot match TCP bits for non-tcp packets
[ 1589.909277][T22963] 
[ 1589.911641][T22963] ======================================================
[ 1589.918668][T22963] WARNING: possible circular locking dependency detected
[ 1589.925725][T22963] 6.16.0-syzkaller #0 Not tainted
[ 1589.930789][T22963] ------------------------------------------------------
[ 1589.937832][T22963] syz.4.4810/22963 is trying to acquire lock:
[ 1589.943915][T22963] ffff88802869b140 (&sbi->pipe_mutex){+.+.}-{4:4}, at: autofs_notify_daemon+0x735/0xe50
[ 1589.953681][T22963] 
[ 1589.953681][T22963] but task is already holding lock:
[ 1589.961049][T22963] ffff88807ec19c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1e0/0x4f0
[ 1589.970382][T22963] 
[ 1589.970382][T22963] which lock already depends on the new lock.
[ 1589.970382][T22963] 
[ 1589.980784][T22963] 
[ 1589.980784][T22963] the existing dependency chain (in reverse order) is:
[ 1589.989804][T22963] 
[ 1589.989804][T22963] -> #2 (&of->mutex){+.+.}-{4:4}:
[ 1589.997022][T22963]        lock_acquire+0x120/0x360
[ 1590.002068][T22963]        __mutex_lock+0x182/0xe80
[ 1590.007096][T22963]        kernfs_fop_write_iter+0x1e0/0x4f0
[ 1590.012914][T22963]        iter_file_splice_write+0x937/0x1000
[ 1590.018899][T22963]        do_splice+0xc79/0x1660
[ 1590.023752][T22963]        __se_sys_splice+0x2e1/0x460
[ 1590.029040][T22963]        do_syscall_64+0xfa/0x3b0
[ 1590.034063][T22963]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1590.040485][T22963] 
[ 1590.040485][T22963] -> #1 (&pipe->mutex){+.+.}-{4:4}:
[ 1590.047898][T22963]        lock_acquire+0x120/0x360
[ 1590.052922][T22963]        __mutex_lock+0x182/0xe80
[ 1590.057948][T22963]        anon_pipe_write+0x16a/0x1360
[ 1590.063340][T22963]        __kernel_write_iter+0x3ec/0x860
[ 1590.068982][T22963]        __kernel_write+0xef/0x150
[ 1590.074101][T22963]        autofs_notify_daemon+0x748/0xe50
[ 1590.079828][T22963]        autofs_wait+0x11dc/0x1870
[ 1590.084939][T22963]        autofs_mount_wait+0x16b/0x330
[ 1590.090417][T22963]        autofs_d_automount+0x393/0x720
[ 1590.095967][T22963]        __traverse_mounts+0x308/0x5b0
[ 1590.101441][T22963]        step_into+0x534/0xf30
[ 1590.106299][T22963]        path_openat+0x1bc6/0x3830
[ 1590.111417][T22963]        do_filp_open+0x1fa/0x410
[ 1590.116446][T22963]        do_sys_openat2+0x121/0x1c0
[ 1590.121650][T22963]        __x64_sys_creat+0x8f/0xc0
[ 1590.126768][T22963]        do_syscall_64+0xfa/0x3b0
[ 1590.131793][T22963]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1590.138296][T22963] 
[ 1590.138296][T22963] -> #0 (&sbi->pipe_mutex){+.+.}-{4:4}:
[ 1590.146033][T22963]        validate_chain+0xb9b/0x2140
[ 1590.151410][T22963]        __lock_acquire+0xab9/0xd20
[ 1590.156623][T22963]        lock_acquire+0x120/0x360
[ 1590.161648][T22963]        __mutex_lock+0x182/0xe80
[ 1590.166676][T22963]        autofs_notify_daemon+0x735/0xe50
[ 1590.172419][T22963]        autofs_wait+0x11dc/0x1870
[ 1590.177524][T22963]        autofs_mount_wait+0x16b/0x330
[ 1590.182992][T22963]        autofs_d_automount+0x393/0x720
[ 1590.188529][T22963]        __traverse_mounts+0x308/0x5b0
[ 1590.193999][T22963]        step_into+0x534/0xf30
[ 1590.198770][T22963]        path_lookupat+0x163/0x430
[ 1590.203900][T22963]        filename_lookup+0x212/0x570
[ 1590.209195][T22963]        kern_path+0x35/0x50
[ 1590.213795][T22963]        lookup_bdev+0xc0/0x280
[ 1590.218649][T22963]        resume_store+0x169/0x460
[ 1590.223698][T22963]        kernfs_fop_write_iter+0x378/0x4f0
[ 1590.229530][T22963]        vfs_write+0x54b/0xa90
[ 1590.234292][T22963]        ksys_write+0x145/0x250
[ 1590.239136][T22963]        do_syscall_64+0xfa/0x3b0
[ 1590.244162][T22963]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1590.250584][T22963] 
[ 1590.250584][T22963] other info that might help us debug this:
[ 1590.250584][T22963] 
[ 1590.260818][T22963] Chain exists of:
[ 1590.260818][T22963]   &sbi->pipe_mutex --> &pipe->mutex --> &of->mutex
[ 1590.260818][T22963] 
[ 1590.273272][T22963]  Possible unsafe locking scenario:
[ 1590.273272][T22963] 
[ 1590.280810][T22963]        CPU0                    CPU1
[ 1590.286280][T22963]        ----                    ----
[ 1590.291645][T22963]   lock(&of->mutex);
[ 1590.295635][T22963]                                lock(&pipe->mutex);
[ 1590.302308][T22963]                                lock(&of->mutex);
[ 1590.308807][T22963]   lock(&sbi->pipe_mutex);
[ 1590.313307][T22963] 
[ 1590.313307][T22963]  *** DEADLOCK ***
[ 1590.313307][T22963] 
[ 1590.321449][T22963] 4 locks held by syz.4.4810/22963:
[ 1590.326650][T22963]  #0: ffff8880318abb38 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x247/0x320
[ 1590.335737][T22963]  #1: ffff8880306a4428 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x211/0xa90
[ 1590.344618][T22963]  #2: ffff88807ec19c88 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1e0/0x4f0
[ 1590.354373][T22963]  #3: ffff88801dab94b8 (kn->active#77){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x203/0x4f0
[ 1590.364488][T22963] 
[ 1590.364488][T22963] stack backtrace:
[ 1590.370378][T22963] CPU: 1 UID: 0 PID: 22963 Comm: syz.4.4810 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1590.370398][T22963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1590.370408][T22963] Call Trace:
[ 1590.370417][T22963]  <TASK>
[ 1590.370424][T22963]  dump_stack_lvl+0x189/0x250
[ 1590.370446][T22963]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1590.370475][T22963]  ? __pfx__printk+0x10/0x10
[ 1590.370496][T22963]  ? print_lock_name+0xde/0x100
[ 1590.370517][T22963]  print_circular_bug+0x2ee/0x310
[ 1590.370538][T22963]  check_noncircular+0x134/0x160
[ 1590.370578][T22963]  validate_chain+0xb9b/0x2140
[ 1590.370606][T22963]  __lock_acquire+0xab9/0xd20
[ 1590.370624][T22963]  ? autofs_notify_daemon+0x735/0xe50
[ 1590.370640][T22963]  lock_acquire+0x120/0x360
[ 1590.370654][T22963]  ? autofs_notify_daemon+0x735/0xe50
[ 1590.370675][T22963]  __mutex_lock+0x182/0xe80
[ 1590.370694][T22963]  ? autofs_notify_daemon+0x735/0xe50
[ 1590.370712][T22963]  ? autofs_notify_daemon+0x6e5/0xe50
[ 1590.370730][T22963]  ? autofs_notify_daemon+0x735/0xe50
[ 1590.370747][T22963]  ? __pfx___mutex_lock+0x10/0x10
[ 1590.370764][T22963]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1590.370782][T22963]  ? from_kgid_munged+0x1f4/0x6a0
[ 1590.370808][T22963]  ? __pfx_from_kgid_munged+0x10/0x10
[ 1590.370830][T22963]  ? kasan_save_track+0x4f/0x80
[ 1590.370854][T22963]  ? __kasan_kmalloc+0x93/0xb0
[ 1590.370868][T22963]  ? __kmalloc_cache_noprof+0x230/0x3d0
[ 1590.370884][T22963]  ? autofs_wait+0xd32/0x1870
[ 1590.370898][T22963]  ? autofs_notify_daemon+0x3d1/0xe50
[ 1590.370916][T22963]  autofs_notify_daemon+0x735/0xe50
[ 1590.370932][T22963]  ? do_syscall_64+0xfa/0x3b0
[ 1590.370953][T22963]  ? __pfx_autofs_notify_daemon+0x10/0x10
[ 1590.370983][T22963]  ? __raw_spin_lock_init+0x45/0x100
[ 1590.371009][T22963]  ? autofs_wait+0xe13/0x1870
[ 1590.371033][T22963]  autofs_wait+0x11dc/0x1870
[ 1590.371055][T22963]  ? d_walk+0x2c0/0x780
[ 1590.371089][T22963]  ? __pfx_autofs_wait+0x10/0x10
[ 1590.371107][T22963]  ? do_raw_spin_unlock+0x122/0x240
[ 1590.371134][T22963]  autofs_mount_wait+0x16b/0x330
[ 1590.371150][T22963]  autofs_d_automount+0x393/0x720
[ 1590.371168][T22963]  __traverse_mounts+0x308/0x5b0
[ 1590.371191][T22963]  step_into+0x534/0xf30
[ 1590.371211][T22963]  ? lookup_slow+0x5e/0x70
[ 1590.371234][T22963]  ? __pfx_step_into+0x10/0x10
[ 1590.371253][T22963]  ? walk_component+0x190/0x400
[ 1590.371273][T22963]  path_lookupat+0x163/0x430
[ 1590.371296][T22963]  filename_lookup+0x212/0x570
[ 1590.371319][T22963]  ? __pfx_filename_lookup+0x10/0x10
[ 1590.371348][T22963]  ? trace_kmem_cache_alloc+0x1f/0xc0
[ 1590.371362][T22963]  ? getname_kernel+0x146/0x2f0
[ 1590.371383][T22963]  ? getname_kernel+0x20e/0x2f0
[ 1590.371403][T22963]  kern_path+0x35/0x50
[ 1590.371423][T22963]  lookup_bdev+0xc0/0x280
[ 1590.371442][T22963]  ? rcu_is_watching+0x15/0xb0
[ 1590.371467][T22963]  ? __pfx_lookup_bdev+0x10/0x10
[ 1590.371486][T22963]  ? kstrndup+0xbf/0x160
[ 1590.371510][T22963]  resume_store+0x169/0x460
[ 1590.371530][T22963]  ? sysfs_file_kobj+0x1a/0x230
[ 1590.371546][T22963]  ? __pfx_resume_store+0x10/0x10
[ 1590.371568][T22963]  ? sysfs_file_kobj+0x1a/0x230
[ 1590.371583][T22963]  ? sysfs_file_kobj+0x1a/0x230
[ 1590.371597][T22963]  ? sysfs_file_kobj+0x1a/0x230
[ 1590.371612][T22963]  ? sysfs_file_kobj+0x1e4/0x230
[ 1590.371628][T22963]  ? sysfs_kf_write+0x166/0x260
[ 1590.371646][T22963]  ? __pfx_sysfs_kf_write+0x10/0x10
[ 1590.371662][T22963]  kernfs_fop_write_iter+0x378/0x4f0
[ 1590.371690][T22963]  vfs_write+0x54b/0xa90
[ 1590.371707][T22963]  ? __pfx_kernfs_fop_write_iter+0x10/0x10
[ 1590.371732][T22963]  ? __pfx_vfs_write+0x10/0x10
[ 1590.371751][T22963]  ? __fget_files+0x2a/0x420
[ 1590.371772][T22963]  ksys_write+0x145/0x250
[ 1590.371787][T22963]  ? __pfx_ksys_write+0x10/0x10
[ 1590.371806][T22963]  do_syscall_64+0xfa/0x3b0
[ 1590.371824][T22963]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1590.371856][T22963]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1590.371871][T22963]  ? clear_bhb_loop+0x60/0xb0
[ 1590.371888][T22963]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1590.371916][T22963] RIP: 0033:0x7f6320b8ebe9
[ 1590.371930][T22963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1590.371942][T22963] RSP: 002b:00007f6321938038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1590.371958][T22963] RAX: ffffffffffffffda RBX: 00007f6320db6270 RCX: 00007f6320b8ebe9
[ 1590.371969][T22963] RDX: 0000000000000012 RSI: 0000200000000040 RDI: 0000000000000007
[ 1590.371979][T22963] RBP: 00007f6320c11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1590.371988][T22963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1590.371997][T22963] R13: 00007f6320db6308 R14: 00007f6320db6270 R15: 00007ffca7bc9fc8
[ 1590.372014][T22963]  </TASK>
[ 1590.839308][ T5857] Bluetooth: hci2: command tx timeout
[ 1590.876682][T22924] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1590.893241][T22924] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1590.900778][T22924] bridge_slave_0: entered allmulticast mode
[ 1591.073634][T14111] lec:lec_start_xmit: lec0:No lecd attached
[ 1591.383494][T22924] bridge_slave_0: entered promiscuous mode
[ 1591.501042][T22924] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1591.510445][T22924] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1591.522037][T22924] bridge_slave_1: entered allmulticast mode
[ 1591.533390][T22924] bridge_slave_1: entered promiscuous mode
[ 1591.541791][T16265] bridge_slave_1: left allmulticast mode
[ 1591.547478][T16265] bridge_slave_1: left promiscuous mode
[ 1591.624445][T16265] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1591.657524][T16265] bridge_slave_0: left allmulticast mode
[ 1591.692015][T16265] bridge_slave_0: left promiscuous mode
[ 1591.720209][T16265] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1592.527298][T22963] block device autoloading is deprecated and will be removed.
[ 1592.535995][T22963] PM: Image not found (code -22)
[ 1592.927953][ T5857] Bluetooth: hci2: command tx timeout
[ 1593.006436][T16265] bond0 (unregistering): (slave 
1
@ÿ): Releasing backup interface
[ 1593.015953][T16265] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1593.025758][T16265] bond0 (unregistering): Released all slaves
[ 1593.053772][T22924] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1593.072927][T22924] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1593.094948][T16265] tipc: Left network mode
[ 1593.135956][T22924] team0: Port device team_slave_0 added
[ 1593.144494][T22924] team0: Port device team_slave_1 added
[ 1593.169571][T22924] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1593.177818][T22924] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1593.204105][T22924] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1593.231090][T22924] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1593.238642][T22924] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1593.265068][T22924] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1593.311026][T22924] hsr_slave_0: entered promiscuous mode
[ 1593.317306][T22924] hsr_slave_1: entered promiscuous mode
[ 1593.324357][T22924] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1593.332991][T22924] Cannot create hsr debugfs directory
[ 1593.349359][T16265] hsr_slave_0: left promiscuous mode
[ 1593.355152][T16265] hsr_slave_1: left promiscuous mode
[ 1593.361186][T16265] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1593.368999][T16265] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1593.376731][T16265] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1593.384382][T16265] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1593.392083][T16265] batman_adv: batadv0: Interface deactivated: virt_wifi0
[ 1593.399772][T16265] batman_adv: batadv0: Removing interface: virt_wifi0
[ 1593.410596][T16265] veth1_macvtap: left promiscuous mode
[ 1593.416609][T16265] veth0_macvtap: left promiscuous mode
[ 1593.422308][T16265] veth1_vlan: left promiscuous mode
[ 1593.427602][T16265] veth0_vlan: left promiscuous mode
[ 1593.605137][T16265] team0 (unregistering): Port device team_slave_1 removed
[ 1593.640515][T16265] team0 (unregistering): Port device team_slave_0 removed
[ 1593.823373][T16265] dummy0 (unregistering): left allmulticast mode
[ 1594.331018][T22924] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1594.351320][T22924] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1594.360758][T22924] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1594.372034][T22924] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1594.453106][T22924] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1594.469205][T22924] 8021q: adding VLAN 0 to HW filter on device team0
[ 1594.480281][ T6187] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1594.487461][ T6187] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1594.501469][T16257] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1594.508624][T16257] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1594.654954][T22924] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1594.825269][T22924] veth0_vlan: entered promiscuous mode
[ 1594.834876][T22924] veth1_vlan: entered promiscuous mode
[ 1594.857816][T22924] veth0_macvtap: entered promiscuous mode
[ 1594.866223][T22924] veth1_macvtap: entered promiscuous mode
[ 1594.882955][T22924] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1594.895473][T22924] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1594.906464][T22924] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1594.915378][T22924] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1594.924817][T22924] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1594.933621][T22924] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1594.962219][T22924] ieee80211 phy28: Selected rate control algorithm 'minstrel_ht'
[ 1594.983823][ T7252] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1594.985642][T22924] ieee80211 phy29: Selected rate control algorithm 'minstrel_ht'
[ 1594.997918][ T7252] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1595.009452][ T5857] Bluetooth: hci2: command tx timeout
[ 1595.026590][T16265] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1595.034640][T16265] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1596.087778][    C0] lec0: NETDEV WATCHDOG: CPU: 0: transmit queue 0 timed out 5010 ms
[ 1596.095827][    C0] lec:lec_tx_timeout: lec0