last executing test programs:

14m58.415523662s ago: executing program 0 (id=52):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000e40)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_BSS(r0, &(0x7f0000001300)={0x0, 0x0, &(0x7f00000012c0)={&(0x7f0000001280)={0x1c, r1, 0x1, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4750a8f0842baf26}, 0x408c0)

14m58.359876308s ago: executing program 0 (id=54):
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
socket(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
accept4(r2, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000200)="ad000000", 0x4)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0)
ioctl$VIDIOC_ENUMINPUT(r0, 0xc050561a, &(0x7f0000000140)={0x3, "02e7fbc4648d428dc3bb40af0f801b0ac329f935c8e300", 0x2, 0x3, 0x5, 0xff0000, 0x2040804, 0x4})
r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000140), 0x256f16877c9c3f29, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000040))
ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f0000000080)=0x7)
ioctl$SNDCTL_DSP_GETOPTR(r3, 0x800c5012, &(0x7f0000000000))
ioctl$SNDCTL_DSP_STEREO(r3, 0xc0045003, &(0x7f00000000c0))
write$dsp(r3, &(0x7f0000000340)="05b7402549a41789c71ad3a6971500f5", 0x10)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000040)='yeah\x00', 0x5)
memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000100"/28], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f0000000380)=ANY=[@ANYBLOB="ae6e0f79b9bf0000e04fbd17a645359f73e346ae9887782a94e536c08165f00fe791503f1c790c58054be257f7048b7feb4df719c56e4785454dc46febbfc64974fb1f9b9200927e56ebf05f201b1678db656a0899ba76a53f0a00932cfca63723f0416a0b33f502ecd61415eab4750a5e69262467beabc7f242dbaea4f3104f24359a9653c0e441061c22d72b9ea849965185dc799a10ca", @ANYRES32=r5, @ANYBLOB="0000000000000000b7e378422cff466a7e250651a44e5e02000014000000b7030000000000008500000005000000bf09000000000000460901fffffffce716000000060000002020207b9af8ff00000008ad9100000000000037010000f8ffffffb702000008000000b70300000000000024090000060000005c93d46c847e000000000000b50300000000000085a1dd606001c6b85110"], &(0x7f0000000040)='GPL\x00', 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffeca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b00)={r6, 0xe0, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
syz_extract_tcp_res(&(0x7f0000000000), 0x2, 0x8)
getsockopt$inet_tcp_buf(r4, 0x6, 0x1a, 0x0, &(0x7f0000000100))

14m57.392725809s ago: executing program 0 (id=58):
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = epoll_create1(0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x1000000, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f00000000c0)={0xe000001a})
preadv2(r6, &(0x7f0000000080)=[{&(0x7f0000001180)=""/4096, 0x1000}], 0x1, 0x80000000, 0x8, 0x6)
ioctl$GIO_SCRNMAP(r6, 0x4b40, &(0x7f0000000440)=""/147)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="2000000069000b00000000000a00000000000000000000000800010002"], 0x20}}, 0x0)

14m56.299737718s ago: executing program 0 (id=64):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000140), 0x101000)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f00000009c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(0xffffffffffffffff, &(0x7f00000002c0)={0x1d, r2, 0x0, {}, 0xfe}, 0x18)
close_range(r1, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000ac0)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005345c0f63cdc2e82818254950ee03568b8809a1f04c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab66c1aae9314d7381fcfeb970bea672010000000000000043144648a07a975bd89dc398712376610faa54f12495b4659be8673086f6f3543205d4bc4ce05b8b961103673dff7f158052e62bfbdcddde6985f3f1ac5d9a94cc53207899762a07282a1914452d11858e795a3ca30a101af5574f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5ed44039aab46419496362e54cfad05b4004ac71a003d7b85d07191bed4e5a8908263722d4146f7ed569985439baa355cf3d8731f5e7a237bc06d035a8d601f21746d880819f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c5b9f87d988c9fbd2b9d9b4e2d71753b1549fa734f0b2e5fcf9549804cddad721971637f9c9730a9cc384eed30345979db9c93e1c52f42cad0a4d4f9436d3f39b0ed09c395dc6e970366087a8e4daeeb1b017006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f710c490ecd085d2811a7555c53030000007f00000000bfa6478eb96b079c277e2910b7ccdc3d672ed34aa65278c549e2abb549ad954884289130bc71cee2b7de62bf48129ae1af052a2d46a6165eb0954dac7265f1f425735acf6377793946b3229e861d8ea49806b3b533345d36ecef9df700000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c000000aaae37f044bcadeb0f6846582b7653665aa336db9f0384d3c7ddf79c2e0000000000000000000000000000000000000000000000e154aa0d3e41986a668ee1e5ef93a8ceac75f44aae95e26742f895f287111f8ee86f7e3ffb63cfb0e345cf7fc63dd2b0d30977899c6f03640040af4db71f7452bfc79a05118d8bb42b63b195771e42f9942ec626bd4b5461b74324012164e8"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
mkdir(&(0x7f00000003c0)='./file1\x00', 0x16)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r4 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x1607010, 0x0)
r5 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r4, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x87, <r6=>r5}, './file0\x00'})
r7 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000100), 0x20c00, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r7, 0xc0189379, &(0x7f0000000140)={{0x1, 0x1, 0x18, r6}, './file1\x00'})
chdir(&(0x7f0000000040)='./file0\x00')
open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000240)=ANY=[@ANYRES32=r8, @ANYRES32=r3, @ANYBLOB="02"], 0x10)
r9 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000f00)=ANY=[@ANYRES32=r9, @ANYRES32=r0, @ANYBLOB="02"], 0x10)

14m55.649861582s ago: executing program 0 (id=66):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r3, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07})
readv(r3, &(0x7f0000000080)=[{&(0x7f0000002600)=""/46, 0x2e}], 0x1)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000780)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="01000000000000000000010000000000000001"], 0x38}}, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
listen(r6, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x20, &(0x7f0000000040)=0x2, 0xf6)
connect$inet(r7, &(0x7f0000000800)={0x2, 0x0, @local}, 0x10)
landlock_create_ruleset(&(0x7f00000000c0)={0x0, 0x2, 0x3}, 0x11, 0x0)
mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0)
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
r8 = userfaultfd(0x1)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f00000004c0))
ioctl$UFFDIO_REGISTER(r8, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x3})
ioctl$UFFDIO_ZEROPAGE(r8, 0xc020aa04, &(0x7f0000000140)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}})

14m54.142705498s ago: executing program 0 (id=71):
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
socket(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
accept4(r2, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000200)="ad000000", 0x4)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0)
ioctl$VIDIOC_ENUMINPUT(r0, 0xc050561a, &(0x7f0000000140)={0x3, "02e7fbc4648d428dc3bb40af0f801b0ac329f935c8e300", 0x2, 0x3, 0x5, 0xff0000, 0x2040804, 0x4})
r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000140), 0x256f16877c9c3f29, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000040))
ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f0000000080)=0x7)
ioctl$SNDCTL_DSP_GETOPTR(r3, 0x800c5012, &(0x7f0000000000))
ioctl$SNDCTL_DSP_STEREO(r3, 0xc0045003, &(0x7f00000000c0))
write$dsp(r3, &(0x7f0000000340)="05b7402549a41789c71ad3a6971500f5", 0x10)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000040)='yeah\x00', 0x5)
memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f0000000380)=ANY=[@ANYBLOB="ae6e0f79b9bf0000e04fbd17a645359f73e346ae9887782a94e536c08165f00fe791503f1c790c58054be257f7048b7feb4df719c56e4785454dc46febbfc64974fb1f9b9200927e56ebf05f201b1678db656a0899ba76a53f0a00932cfca63723f0416a0b33f502ecd61415eab4750a5e69262467beabc7f242dbaea4f3104f24359a9653c0e441061c22d72b9ea849965185dc799a10ca", @ANYRES32, @ANYBLOB="0000000000000000b7e378422cff466a7e250651a44e5e02000014000000b7030000000000008500000005000000bf09000000000000460901fffffffce716000000060000002020207b9af8ff00000008ad9100000000000037010000f8ffffffb702000008000000b70300000000000024090000060000005c93d46c847e000000000000b50300000000000085a1dd606001c6b85110"], &(0x7f0000000040)='GPL\x00', 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffeca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b00)={r5, 0xe0, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
syz_extract_tcp_res(&(0x7f0000000000)={<r6=>0x41424344}, 0x2, 0x8)
syz_emit_ethernet(0x62, &(0x7f00000001c0)=ANY=[@ANYBLOB="bbbbbbbbbbbb00200000000888a815008100c6ff08004e00004c0000000000069078ac1e0001ac14140d830fd7ac141428e000000200000000440cb0030000008000000000860600"/82, @ANYRES32=0x41424344, @ANYRES32=r6, @ANYBLOB="1a38733a00000010"], 0x0)
getsockopt$inet_tcp_buf(r4, 0x6, 0x1a, 0x0, &(0x7f0000000100))

14m53.444607593s ago: executing program 32 (id=71):
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
socket(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008a}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
accept4(r2, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f0000000200)="ad000000", 0x4)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0)
ioctl$VIDIOC_ENUMINPUT(r0, 0xc050561a, &(0x7f0000000140)={0x3, "02e7fbc4648d428dc3bb40af0f801b0ac329f935c8e300", 0x2, 0x3, 0x5, 0xff0000, 0x2040804, 0x4})
r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000140), 0x256f16877c9c3f29, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000000040))
ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f0000000080)=0x7)
ioctl$SNDCTL_DSP_GETOPTR(r3, 0x800c5012, &(0x7f0000000000))
ioctl$SNDCTL_DSP_STEREO(r3, 0xc0045003, &(0x7f00000000c0))
write$dsp(r3, &(0x7f0000000340)="05b7402549a41789c71ad3a6971500f5", 0x10)
r4 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000040)='yeah\x00', 0x5)
memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f0000000380)=ANY=[@ANYBLOB="ae6e0f79b9bf0000e04fbd17a645359f73e346ae9887782a94e536c08165f00fe791503f1c790c58054be257f7048b7feb4df719c56e4785454dc46febbfc64974fb1f9b9200927e56ebf05f201b1678db656a0899ba76a53f0a00932cfca63723f0416a0b33f502ecd61415eab4750a5e69262467beabc7f242dbaea4f3104f24359a9653c0e441061c22d72b9ea849965185dc799a10ca", @ANYRES32, @ANYBLOB="0000000000000000b7e378422cff466a7e250651a44e5e02000014000000b7030000000000008500000005000000bf09000000000000460901fffffffce716000000060000002020207b9af8ff00000008ad9100000000000037010000f8ffffffb702000008000000b70300000000000024090000060000005c93d46c847e000000000000b50300000000000085a1dd606001c6b85110"], &(0x7f0000000040)='GPL\x00', 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffeca, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000b00)={r5, 0xe0, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
syz_extract_tcp_res(&(0x7f0000000000)={<r6=>0x41424344}, 0x2, 0x8)
syz_emit_ethernet(0x62, &(0x7f00000001c0)=ANY=[@ANYBLOB="bbbbbbbbbbbb00200000000888a815008100c6ff08004e00004c0000000000069078ac1e0001ac14140d830fd7ac141428e000000200000000440cb0030000008000000000860600"/82, @ANYRES32=0x41424344, @ANYRES32=r6, @ANYBLOB="1a38733a00000010"], 0x0)
getsockopt$inet_tcp_buf(r4, 0x6, 0x1a, 0x0, &(0x7f0000000100))

12m12.867330473s ago: executing program 2 (id=555):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
faccessat(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000080), 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3, 0x12, r3, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_CMAP(r4, 0x4bfa, &(0x7f0000000040))

12m10.986008489s ago: executing program 2 (id=561):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000640)=@broute={'broute\x00', 0x20, 0x1, 0x170, [], 0x0, 0x0, 0x0}, 0x1e8)

12m10.535406463s ago: executing program 2 (id=563):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000a80)=@raw={'raw\x00', 0x3c1, 0x3, 0x480, 0x2c0, 0x9403, 0x0, 0x2c0, 0x2c0, 0x3b0, 0x3d8, 0x3d8, 0x3b0, 0x3d8, 0x3, 0x0, {[{{@ipv6={@private2, @private0, [], [], 'veth0_to_batadv\x00', 'batadv0\x00'}, 0x0, 0x298, 0x2c0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x4, 0x0, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @common=@inet=@TCPMSS={0x28}}, {{@uncond, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4e0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[])
newfstatat(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0x0, 0x0)
syz_fuse_handle_req(r5, &(0x7f000000e400)="2ba448f59a316b2ea441f8e2b61e7c8a84219871e92cf0c092bf0927210a55613835de33e740aec1aac65c4948573319bd8c60db15fccf040a0e772ea766a39634dc19b47d7bda4e791236359522b2f451e375c93e3175ac306bd58345f97eb4ecd946a651f047131cb9bd7d99adf549485a8b68588aef520fb148d2985d1f8f31176e85c561b08bd3c8f9107b08cc61993e9abc898a7485165ea08b85ef396483e1cf2aede0555c4f839bb9265be503662a689354937de6c63341e04652bc00b029b05d9a9e42354c410d35f21f2b679ccb9fdacbcb45bf8af84c2ae01f9cfc434da85caa81d11eca29fd9cefb40f33db5e6ef6d8aa1b50c1f9b0499555aa0b9a391a41ee3aa267bf544935c8455795591b4183782ad3243f6766957d92c6d5fc8babd66efe54296e630b48c3eddc1d5dd4c874f7bd802e0ce94f0fd2903f73a8c9fd9e3797846643c0ef4337c07a9274c74b75a24d32ab2d7bb124e4f39f0af1285772a6011699e9ac4325580da23225296304d6166b8538c29bcf4fb23de371e14c199f4ef671ac7137ef1ea3bf3970fc595fc6866ab9c98bbcb35e96c31f865f78102f09f8fd955d0eb5bea98cba8e06242047e3d960c160f3a2d1a381182aa570d532204ad79c928abfddbc976b1d3b824a78fe4c528ff44807c59f69f97b088390e94d615046d107ad3f771681d15e242c5b54afb6c01c17233b60c0edc05d7e167936b77177c5d55d7069d0adaee4f5c6eae1e269a1e24795b677487afae1fffeccf55ce8267f204d2c3a0407c70ded02eb10213a156f3894dbfeff2278782eac0da18cc318325351ac3d005631eaa10a9b693b5049e31c6b73698fa537bcbce5a60e7cd7ed265e6742607e242c8a99409f97c1a959f3d36430ad6fda68045c4a4485d7154c940ce32783ccfb6fd2bc61166f53007f249fde55c13af31589b1d7daa0d4e4cb00c151d5108b1403fc28b642a5b628686be053ae3c5d7893d4ad75108ff7f51a7fdd8c50c7edc973b50ec96022735989e465231dfc4cc8828cc048ab288a1f1a8905c40f9200033816c40c1b5ed277aee65d8c9c78dc9a62a188110db0b0fe395bd53e7e2063261829f0d2aaf71d7ea4b8a51baf2c6981d75e4190642d162eaaaf173ab5e2dfe44699bbcbc912b4e6e073aa006cc83747556f699884bc2eeb63120c2748eb32da81e76e075728f14dbdc97be9a756489a904c2b90453ed0faa59219e4b1cbfee8c1783f35107a32bb3e53bbdcfa09367aafd760083ff3c0300c643b96520ccaccaf30795307c4b3e4ff9ba4de7466f774c56d70f4f99ad596c16f68d79ed053aebb60ff53250d4c02607c24a545751a7c3c5a6ecfb8593e9fd5ab913961516f83a2f7d8838b7b1530b8b54e2d3f8eaa5fabbfcfae1856931fcbc0d483c6dc35bcc5dcec86ce16e154aad73c635ad3b28762b027f415135b68d5bc9c1b3629326aa087c1d0f5e611715e2cfea7e2ff388dcc88fe23f3f4cfba112f7883d7479887bc5aa8ba8fb080a623f3b6ddda1edb5bedc929a5192b62fab8e820e978834909a6799cc5ec3372ef077a35478709d9f33800fee83e0f9969139226ec527804f67e8512167127a872dded28cf5cf946f9cac0760c2a6c63593b5ea1e716fe11fe889cda4c18612dd6a044f81794522f4345dedd86f59488cc1652ed511c74bd285f67770c5d34ea1f7adddadb402e758a6a7746a661a1e43928bee46706c3994706d69b0e667a029792a80fc1e6d02cd888fe421d08639161c5c49876b10c891a316821e51d6b5713436a9f2a4500d04b4676b3c726a2faad546c291273e6e7b5838b676999cc3cc3d4b6104a5793a2c63f4efcd260eddc2bf03cb94e6fd0c9ac43da515e46664e589f7652957f240f1b147ca254e219d09b2f28b7c66fdb221471b2d64504eca211e11575bd61551eacab2f8ba9769c31ac4addb9b467ea2ff11c29d2a8e05c8d3e22b8aed619bbf9db55c015774388565222f527deb13bde8c92868c401fdf5344cce55f0eaf4d46676df2355e08474d91e9ac6b4102c72db12ab4e534afe7e24696923c95a8640f4d758bf7bc4b2e2f8fb293c18ca73f163602aaad5620945d238ce39bde703c3e481e67dedb0227aa0ffbce3e61ceb19ddb08015249e2bc4791fd69a30ddda9814e87a25c1a7ff3021882ac423efa98ae8bab46cad8d572a45a2979116e878e632310f25b1fc3d86b126f66ef719cc71744bd18d1884e751d94e13f6af9dd1a2f746b128969b5d986191973fa1972b5e1d5f70003706ac46d7a726c8c1299216284c599a6ec59605578cd7e30abe794c0be336c008190870e90d949859cb3a078fc791a4cc69db0169e6e9a3c851db143b535fe7aa528c42e7a46d8d201fd8d97cc56bc2ca56b81da0c2cedcfd892f957ede109b721917b36550b1ff3f34adbba65b1299d24434850f5d9bd7e8e0dac5b8ed287a169e4f3a10d7ddb631d86ed39e1f779b7d7c384ee99812ecab1dd823ac6e5f8b3f63c30fd4a53f4e5d3b4fdf5e3b9e68848de6b885de4ebbabf819ad2e0b5feafba4f6a127df55d87836c70231902f2ec2c7ab9accd190ee0183220d569f9ab01c19ac56ffeba7e27d642c89f9f43ff36daebe0d7e25979b51c05673461dd8df8a6d50cedca84b89e3f1a4200274cabc729126571c2e79b7e00f980d7e6102c0240b89624292edec9883f895aff0c303f606e6cb3ffcc9398f46c7d4cbbd6cb79932dec08b515c030bbaa2dcc5732d7535dbef85f5ea3fe9f41dc1fa1087e2c0130910e92bc22a2ab312db0a6021c6cb32ebec3278132c5d35bde7accd68e84d17e80d18773ae8793974a0787b14ee8ffe5f13a46c302a4b914596579cb6883bad6b717c8bb7fe13d7aff23e9a8b91a57bc3d89c1e6f6bf36e79ae1ae1f979f1b372fc1b11ff02080622391e7476badbbfae97ffac410b7ea2fc383a626c4b0490dc1d7dd39b0b4ed51547069f4d1d88603e944d46bccf9e0f588e0a3a8a1954919973271d44bfc8692c586b5bb0339a77799d8247076c6f798d8c9cdac6e17849c9cb7bf9b3bf90a068f5ca4e7d96b4cc51824a8938f1d50654f57ce1818deb98ed58b01943e378c750e9bf1b8ce60352f6db30622290fdaa2718b03c4573548bd222c73d1ca2f1138633fa466a124185b90e787603a524d92c5ed6fda6f1dee43b6cd5301cab86186fc567646f1db4a6e2e966ff50eea0db1498dbcbdafc98d27a920b58c9cd4a6b7a2f031cf88942926589123f5a84eb9cf745611cab2713ce93774dfcd05eab381c255465f4935c35f8080b68bdc6faf8e0e7f1fbacf0d169fed8a8c779f74d4701cfc659e9f7b870c91af705f677b66cad38f374eed84cec333e68e2860b1cc94f37dc35d8e2ade2884209056c006bb082c97676bbab2f4f7e1ab551acefe496308fbe2d09f5a43fe564984d9aa1c113c2665c69e93da2de68b88226211b7f4922deff711184eb9a46ead6e5b0ef45392dc43fdcf45c6060b3b5a7e8adbc74ff4e572b3506f1f5f5a2394ee5a6c49300ab93b26b593a464d1f1b411b53e03db8d1c20ed7c0bae7d5cb06acc1f9462accd0348124d126b6e785b374c84b53fa6b7df15e4ef9502274c1f097f588b3b1583d744f9affc8ac4bb34eb4d4697547fe77f1a582e37659ffaac5ff51192d84691fb8f2bd5e41ab3443007f364126f06fa9596306da2cef308da334e8e1b59892ed595c8cd215a523f24596bf040a4f665eebc37f16944400c4df4cd85e897996776a19d5bfdaa620de9363f80764069df9914dfd31975adde76dc7066d1b82d0de7af21a780e86705d63382358e976d65ad905997761ade162a60f3ee5bf2ad7c73d09798a7616750d7e082ba579587191992fe0009ed3ea0e360cbf451d26027beb21f2167f3bbfc12e32f2a53774fbf665d22ff20df6a7df59947a1d38f682ae4ea38065ac43d53e8b1fe0a5620d8bb69f501e1ad489adc2b6159769490e21742e2d93c24ddc0497993da4a889c7479c27bab9bd415e555a2bc4b8898e4e645d5eef5c74b25a956c7ff60bfcaf45f42e771d61db12e89e1db9ffc024f1f214f875254e03730f59d298fc0ea62c2102b1e076550614a80aad0474e143efa746abc0087ea62a52d78802cc1d2709b185bbcbd01e690c109e28d9fc11bef26cf775fb8ceaee02f149a6902530fdaa62949094c4dc12308f5f9b54792e9b0f46241f5e5de461b45dd11fcb98954a02887a0f9362e26c3858aec70683642c0139eb4b081feb8b3fde5204b397b99f29b356823a182be7babf2124596bcda4665b376242cfcb6da4dc6f60517fc5958c822961adbfc51551469ab01560c0dfeaab3b5fe66c447a7b453d636a9ec343de385c78af532495b8338e3dd68ed4793b8a62db4e9303e4039e6d60ab3718a8b74710365c36a0076c98259c0931ff42276c2638bfabfe88820a6e4182824b241f5d600656c41e9e35e7d15a6a8e84b267845e77017b662db2605b5961e8ee668bee1f385152ebe4f02a0dad7763e54abb62d13ebe792e500430539ea8104d38af620640e9026717cd337efceb7906f6863d4fedfd1196f1b754719522037d38ea75a51fe2dd6488a5b512a06c93f71eb398ffd4296912bd025937322afe9ad8329f337c89054172d61db5bfcbb9f4c511fa81d18444803a7e3b0c845c7cc4a72b4cb61067dc372d0b864f156f906584c06449567b174a4b2bd64408c831064a386c3cd47fd67cd35e6543737019e3e069e0b4379a9169a3c17804ac60d9241bee2780d8bd7e8511eaab6dc7052544519f49f55ee9ec9c5c4b31d6a0abf9e7615fb322b598ddb6c3123fcd245729eb843230c19e33ea865c6a3a8f6a880f271e89af108631bb38a77c07ca771e1a626ca4f03b6e27add79e3f85867d9373508480bf91585c10443148a25e0d9e68453f3ac46a8b762715ea27271607f8fa2f331798ff30544217bb99c201861a13575cd02111651851739edb8d4d257c89caf0d04954bba437c22ecda082013e4cad9d452a152f0963e344642fb445e4fcb7af37a69b26966066b0b9cdc660fd8b17d3fd4f5c046e5c4dfb7adc961aadf4da780d4a63ecb95d837293ca9d5a9c3c5d178413a744e45b61bcb1a069f71b29b90da3c072fe4fc6892452f29c5e183e8d9a672589c3a878dc39fe4a1bcf46dacad0d3c8ab931eaef1ed92d5f1ec117cc9d20c9b031921ed4832085f9337c32a6dc9cc8eb960e168704e9fe87855e96c785298ec7a6f19459f3c45e97865be36c329b3c5369794d7b5442655118fbf82c587f0b6e850f44aa8d63bb6e3e08fd99c649c9acab15f84b54bc1f88170967dbc86b7760ff0abca7fca1bf51b636ef879d34aef6972c7f44663b8d92ab48951c48663b1780334d297d66f114f3a217b855cff4b7b0e31708bb087e32cafcefbe33dec879488382d522e053b52f8647ab40249926f3ed1d2d4f3b09d8d02be95139e00fd2e8d45dc1a95dbcb0cc85927148fb6b790204a25de47ca776025b10ffecb082591f732dff0f76f6f76f8dadce5a8d71d35e1afefa5e7b03d6f7b5fac5f8b352d1f16ba58fa2db3e6eeca1d17c7023e396f72ff9ec0a6974bd31351a70ad7aa80c644025b0c41b69484e93f1d78668a19c537edae5789e7b3a08d9af2886263a92410843133f075fd05cd79a6e4253b236c812eab1dcb05f8eb4b0a7b6dcea56e290eabe5e12f864163197fbd8c3625d7fc41abd471ebd1d67c398dd1652ed3865d91209f9275f93f56ce37e9e655360509d4238913d078bd2edd9266bab02169d6e125475aa2e7adfb15a9ee2f0ad6dbb7f8da5fd8fbe016b16d1bbbd784336b0787904561a070fdb3098c7995f3d765b8d2c517fad8366ddc3b04f6b459b9cbe6a9943d7a32778ebd452268bf2671934c3857a980bac535c07473e2a0d2f82321a43deddb20b456480d703a145cd59909d8743dcb8df851317af66a3f4b25d57e43de515b72470142ee3d0ab4aea81d7f161a8b8f6f3442f2ad17bca7ef8c03ed6db0c9d845d3f372e75855d36c2b1f3c32cf761ed6d677e9174a4378f0b03e4c9e6e76ed261aa930ae6578352a4d5edf1a772c248117fea74c75f8102522a04705874b10b7c55a4c2a6040fb18f40a1de278d5e3b8db1acf1640fd61d70c2e55fe2edc5f4f876c9dbeb72edb575afc2b2675ea832c9b691e81835664e670d6dc53b34a29f4e0fb8a2055959f1273acddcf7bd6b92a89aba23c5b410009a55f78fda55cee59f985980db68a53b3a524da182a1fee0225942e8c3115a69bbe062b8455b9c795e6183e34ef37e4ea655761f38712d18bbe4158f6a293d82559f4265fa48ec3a758f5198aa20af9e602b605c869ac9915e9a72703ee2bc5ccd44a14b1e61b82fedebb3bcd79fd557f0cc1f58d4d66a18883336ec293a7e108893a25e68bb9a3d2bdc531f63f0155b72a1fb13c3d2f1d7471edbc8255705fefbb1392d175736ddb259ce7d669fe6e9a4ee7e834b3ded4f86b75d7d72cf8b36eb2181a9213bcc659b5d0e838bd3512ad0a78bf74a93c97654872a7982a14fd70b583fac70c571a096e0e829e4f1f9c9ace7d1888383535fbdb6d2507f1cab46298c14dfe6f1e5cb259d069ea2641a6460eaf239c76b92d671728633a74714a751d7c160f6f74b2d5a020a9d86a50107d6765fef5d43ea5a7aca78549f0b6bc28556cef0248f8b35289714ad5704887af8b12c6eb67af570a0535301e815654a3b1f96f99f5e3ef0094a6ec596c9d52376020727c5b66c64824af2fbfa02ad05da22e76336b288765eedb40eefca804b6a183129a245747ac23ff4028606e4c7b9ca8638f8d88a16485c4cbe98d1a1f07fd2a29ad6cf4e2a21e184a0f9301ddfaae2c5598fe8c24a8ebde5d203d0054ee7dfe5ada183283acd19ef8228c3625c2eb47171dfb8662a21e79111d106f4f3acf849e61f320e82208155af8966f34bf4b0582afc348ecfb5627979558fcd3b86cb6b3b6c452d737dd18e6bad78828a26464ad4278d608b4c3a4d71a694fc8956138929bf9e2915e4ebea23d2edf46915443c9b2400e3396a336c7eadf9fd93fc5233c5ae902134cfe2bada62680423d0ef4006c385609508fad32f6a8e509f9d88c0189a9e3e604a4c3332d6f1339004d8ba4d826130cbc5052e41ee7950535a51411fd463cb445b747d1e372c4dd5eaad7d2b718f7fe90a13d89e2335a545f319270dd2c26ae9b0bbcc8ba1542d6e34211dc0fc8efe3c15d59d5b3fce880dabc93a9930fa014b7ec4aa0e0d81e08ee2893e4e693cc05317203952723d1ed5fe29c73444d090ad49fcafb768d604f0a4e525603e5510c0dceffebb4f6f4f973a7233a367ea83158612dfeb48e0c5b95d08748c7639aac9d08b55193fffa35232b23e9468f003b51277b4d013f56b07e196c0faef303fc0f5cc14cf14ccb7a050e7ccbf1e7760a0ef3d83ec9a5940261f10321ab7935b46d1d6815d3e7ccc650ec2290772565bd1088e2d7a767f36a1775fe9b710e5cb986254e9b9d8d7f90a0664c818916dbcab953e5ace4d593cd6aa284266af6099f3db6f21d523c0a74687171b34a567ff203c5d15c0b38980e0648912c66b10b374341f8062557778a3713c48e37768f2818607d0985eecd36330932d714cb8705f3832d39ad98dcd4ba713b3e093ddb683930b23bf595704d7a08461c00dcfe6d80996bb47880ac784c24780fb2f8d8032a1608ff8ec6d4efa7a00ccc38b293411d36ce5e3bc4e2eac9842b616109e7478e2c00d7ddca25cd106a3241d4ccf1b259da48886d608e917ff2b7cdf2dfdb360414a7c9d350817ab50a811c8f4ad47150268b6d87b6794c6f18a4c9f5fe406d81860422ed5c107f3ab58975195d3e2a80b5500d30e73088cb50088a85539faaf844d77bca7cc410e4e4200ed1874a626de01bc08c74aec3828deeef0f7d09469d6964a843d28e47735c71edfb906fd081a0f8d804f03291e6925a2ac65a971fdc16752565488077d7c2b8acb44a734b886b449be12af402eb572b201d417fccbd4b5510ac62663b8f8253e256f13c7c0966ba947f5fe9cf8f0c791348377b89793d6215d9cb579fca5e0077c892ec995073fbccfc6747afac3b49afcbd8d75b2d67e7af2659cdd1036d6901f53d0f28b981c1280bbfb785afaced868eddc7d65224c5bf15cdaf88efd258bbb353dbd8f4f4006cb0d859f521d844b79b278c3ce27e254ffb94020f1cf6617c2d80aadd7646d7a822e79133aa5e9ec00419988f51fc02513c9797bea2375fb77d995faf07c991c8b885e6c91f61a021e647815956461ed576107710c485af9a6835317663f57f38801098df23a5fcf903615d70597488a04ff85a5a07e52dcb2923042d451ab212a2e4d920ee144441c380152c9f6e18396184e85eb57f7d861626e0ad73bf58b74cb6e6ceacf1359e48c6f33031eac2c5dd075df0081028efc4536ececb7133877d41559ea38eec37ee57caf509dd8d71abc9ad8aa8df125e6b42dedade5aa18538033e78423e9b624fd09538696bcdb6cd7c0d218df5c8ee537d4b586fbdd94e3fb235ebbd57e20bb48b56f5ff0de38f2385b7f1952e947d7a3e78a963a0cc6104ee8edb934857d27614c83909771eb56248a4a1adec90639cf5dbe2599a746fb1cb2907a16a05528758cf63c3af8365293a009bc3907e3f7ccab8d18fe1a3a69bef6ce639695fa598a8a2c2fc68286c84908fc394ad2b0646318bde25b971c987708115aa107fb32ec8de0c721c967c8f66f5be051e2315c90de2730cbb2e94ae00587adc946e7cf32f6d7e06d857ac89cafe6a2b1edf313ea8a774e13ab2c7b61fa94482624aff3a6b634ad54096a8d00dc92d515c3b9072619343605e696eac9fcc98d1c40f2fafdb1f9c16336b5df7ae3ebe0a9620f2637c4caeaf14003d06a74b8c3e07090115df06c485d1d3b3199741f039bddfbaaea124a779eacadff67b35543ceece60464189a6114b4ff2bad2bf9248fc5a5d0f854d81bacaaf1a7529ce544e8b632f4154cc2e072f599a3d614408ea0a25b8b65321b457d41c444d733f32641848095708f79b5fa531af4a9dfe89dcaae57d2633761909d4004b4425d43a22337d3f2fdeb0ddca380abe511f2f334d09c7ed4c8e67d5c603e55f026620051fb540096d5a6748b92b90a4a525211d008c2ec6b23495d1738600e7bd22aa22102817e2928c18f0f979daf2c00069a129b02d64124e98b8558753399da93ea741a5adff10978e32a17887daf394ee72185f5a25568078935b7eeab804de7cebbf402479b956bc8e9961d9dd44649753ac66e6dd64849dd245b95940f47f25f58f15e5be0269962e84f76c7699a3f5ee334f3d29b3251c57f0b2d087f5e95af1d0d46e9a2da4cda6ed88817c96725b5c4a0779c6ac9cbd3bebe07d995c734cf150cc15da440d5910c24b533fc9f564d4510885b237dfa26b4c1c06468dc97991c2347d5b91fe6c7f9028997283f8c78216b2a70a250bb11a784e97cc897a26d09d526c4f460be23b8559790e8902f1f3a59de4bcd4263be73a6cc22c94120b5a865021b76f64f792399be295884cf63edf4b2e5e242e6a4eaa7b335273411613c199634c2ce04b0ac4fc03d290936733c564cb670d031a9aedd00d35db4c0fcb1676dc5d44b40e8f6bb31b74830348a80a9e71532260dbadb94c398ffcedb929b5e7561138d7cf7312dc62394ebdac8751cab6682fa5ad068cee660906663cd7b2327eed04c2c1229b6c00c82624a75597f1d6d2166a536ccafdc59813d20e895353189f95a351330dbf938720ae7386bf3076b48b78b4d30b9d2b59ab0f5991b32f68cbf3b175c3b68c1ec1194d5bb28e2c818ce0ef80274a4f430e9c525d161d79d1e86ef129c839c1e8c52ddd8300dab30b12a267c03a0f919db681c835660beda74bc5dbc18b9c6c1c0cca829be7f57bdd57fae58df16649d726bb6c7718724c7a5e2ce4fc3486b5398471a284632d8986afca94c6110eaa4b0638c09886f9057e38c1745bd3b67e74b25b0c690047454d9e81ea8572057caac8973d2558c0128113ef4b51c517944ef980569ed2e9d35b785fd180250a7615ffd27d64fe3cffc9d6ffadd85e7f04b9699df4e855270c57c57d8d561c9176241596a3105695cc7b8028c2f8ecde94db0a0cbb25baf04a207d24338596fc670098065693f2ac94fe792e21a739da6803b4fda0ed8cd0f0592be110197686871404aa644f3c96fcb6af31ae967dbfcbbbd980f7bea72d87307e851c2d15a8a75b35487adee3ccf09d5f2ffb88828562c167abe69c967e81afef1b78370da7a2b299d634146e1c72c77f5667651e1a0fbc6b2f82ee8ddb1946af59edff74831e81b2fea87311b599d8ccbbbcc04b7a77b8d4193ab44e14ddc2525efd5b8630789b08c46656ff50790cbcf3797ccf0de81233158d7bf4a3fe60a532499a0c404af6c24aa67a507c5d2f7858aadc45110e48b68339b12a530866c6da0a38c62e7c3a94a5adbffecbf3699c797c0cc1dfbceab728ef4b1af5172f9df10470a2390824c7f7b5e4eba2465b6954e3b6a8735e904f55a2ede5cd52fd1e2edb28242830611a2b3a789fbf4fdd5deeb232a4e2874f3a3951c9d72e6dcecd19851b516b7563dfbb9f8111fa3626d621e64f3ac54c3e8bd3bbf18e1433b518c7d4ce841fa0bc7c7705885fb5e75d93a0913bfd99b663cbd721f6a28a9dffb85ed69eaf6d5d1e58cd7c98fc07acf1b59083b639366be3af8071a95dc4c0ac7b347bf6dfdd182e3a9c4ea0b02bcc19882e1078e7f24c85559b604e4c6b3dd0f792717ae308e51edd9f8c95ee411e4c9d8a3e8e10b179cf6864cf1997ea030cfa0d1ebbeaff6c0481772bb0aa2fd131283b25ddff34a32e95911eae07341981fb770eee124e7a8571e45e380b2d762b0ed942d988468801b52e8698decefdcebb3ad518b11e895e72ccba911ad58729fccc07399728e1aa0f1f038fafac07054adb44ced42b16ace5ed49a86f93a9fdf7900261e9f6368f609ad15a715c2ab34b19a77d4ba1c5d434d277beae1302bcd33a6f0ea8fc2365ba1d548269400f034ea3ba17b284adbb1e30265e8daf414d2156e5444e7b2936af507c13b683382b86c1cd995ee091a12c2a5f55765e521fcc76cd0e7c32ae7fda2128e51f41cbab24f0652e209aa4e65b99bfde6acf32ad276ef79f94e2c5504e508e1a60f797bd968b79a3013f332cce00e7d0df31b2dfb8a6dd6a3662b8302dcc2b69d587f223901596bc1e67dfbbf2fbf81e0e8040c68564f3ddec0a50ad9b0f5052dbf99e1b6d58635f19d33d4a4c5b98d7152bee661756171a39bf573fe1ac8de4f4233c5e03f704cd681363765fbcdef25ba315a38eb6e8069e8105cdc5c52854ad86c337eefc00b4aaf21b0e77167fccfcc7a794083ec04ff0aa321529e7c05d7bf11010ebbe628336d96d4d80f495f441b92d6cf1f0e66efa49c3d7e46009fd8cfb6e0e66b66246bfb3def8e23ed18e1dfcba1e5d6d10f85eab1f2d84e82bed69ba037ad7a145512e2cff2af6dfb9889af69f6f4bc63c52b7d", 0x2000, &(0x7f00000009c0)={&(0x7f0000000280)={0x50, 0xffffffffffffffda, 0x0, {0x7, 0x27, 0x0, 0x2008c30}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r6, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000580)=""/147, 0x0, 0xeeee0000})
ioctl$VHOST_SET_MEM_TABLE(r6, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000040)=0x20004)
read$FUSE(r5, 0x0, 0x0)

12m8.650782495s ago: executing program 2 (id=564):
r0 = socket(0x2, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1, 0x10012, r1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0xa00000000000000, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x1, 0x990, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000e00], 0x0, 0x0, 0x0}, 0xa08)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x13, 0x7, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000fdffffff0000000000000000186800001000800000000000ff0f000085000000000000000000000029a10000010000007ba1be4a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x74, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@can_newroute={0x34, 0x18, 0x1, 0x20, 0x0, {}, [@CGW_MOD_SET={0x15, 0x4, {{{}, 0x0, 0x0, 0x0, 0x0, "8b893b21c1f3344a"}, 0x5}}, @CGW_CS_XOR={0x8, 0x5, {0x5, 0xfffffffffffffffa, 0xfffffffffffffff9, 0x5}}]}, 0x34}}, 0x0)
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = fsopen(&(0x7f0000000000)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r3, 0x6, 0x0, 0x0, 0x0)
iopl(0x3)
semctl$SETALL(0x0, 0x0, 0xe, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10)
r4 = syz_open_dev$sg(&(0x7f0000000100), 0x0, 0x189202)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040))
ioctl$SCSI_IOCTL_SEND_COMMAND(r4, 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="800000000000000058"])
r5 = syz_io_uring_setup(0x1f8c, &(0x7f0000000080)={0x0, 0x9294, 0x13580, 0x0, 0x8}, &(0x7f0000000100), &(0x7f0000000280))
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0xfffd}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x1d}, @NFTA_XFRM_DIR={0x5, 0x3, 0x2}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x6}]}}}]}]}], {0x14}}, 0xcc}}, 0x0)
io_uring_enter(r5, 0x54, 0x0, 0x1, 0x0, 0x0)
r7 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000034276d20402002c68e010000000109021200010000000009040001"], 0x0)
r8 = epoll_create1(0x80000)
r9 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x2)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13d, 0x2}}, 0x20)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r9, &(0x7f0000000040))
fcntl$dupfd(r7, 0x0, r7)

12m4.614426129s ago: executing program 2 (id=578):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xchacha20-simd,anubis-generic,nhpoly1305-sse2)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f00000005c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0xc000}], 0x1, 0x0)
syz_emit_ethernet(0x2e, &(0x7f0000000000)={@link_local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x3c, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @remote, @multicast1}, {0x4e24, 0x17c1, 0xc, 0x0, @gue={{0x1, 0x0, 0x3, 0xfc, 0x0, @void}}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x6, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
syz_genetlink_get_family_id$mptcp(&(0x7f0000001640), r1)
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r3, &(0x7f0000000000), 0x0)

12m3.297264183s ago: executing program 2 (id=583):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$inet(r0, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be", 0x1}], 0x1, &(0x7f0000000080)=[@ip_retopts={{0x10}}], 0x10}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$invalidate(0x15, r1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) (async)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15) (async)
syz_open_dev$sndctrl(0x0, 0x8, 0x10000) (async)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(0xffffffffffffffff, 0xc0884113, 0x0) (async)
r3 = open(&(0x7f00000000c0)='./file0\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r3, 0x0)
ioctl$SOUND_MIXER_WRITE_RECSRC(r3, 0xc0044dff, &(0x7f0000000080)=0x8)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="d80000001c0081044e81f782db44b904021d08020e0000008100e0a1180002000000000000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c11503c6bbace8017cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0) (async)
ioctl$TIOCSERGETLSR(0xffffffffffffffff, 0x5417, &(0x7f0000000200))
syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = socket$inet6(0xa, 0x2, 0x3a)
sendto$inet6(r5, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)

11m44.443002166s ago: executing program 33 (id=583):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) (async)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$inet(r0, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000140)="be", 0x1}], 0x1, &(0x7f0000000080)=[@ip_retopts={{0x10}}], 0x10}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$invalidate(0x15, r1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) (async)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15) (async)
syz_open_dev$sndctrl(0x0, 0x8, 0x10000) (async)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(0xffffffffffffffff, 0xc0884113, 0x0) (async)
r3 = open(&(0x7f00000000c0)='./file0\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27fffff, 0x4002011, r3, 0x0)
ioctl$SOUND_MIXER_WRITE_RECSRC(r3, 0xc0044dff, &(0x7f0000000080)=0x8)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="d80000001c0081044e81f782db44b904021d08020e0000008100e0a1180002000000000000000e1208000f0100810401a8001600200001400300000803600cfab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef075c11503c6bbace8017cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7c9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e0060000000000000080bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd68adbef3d93452a00"/216, 0xd8}], 0x1, 0x0, 0x0, 0x7400}, 0x0) (async)
ioctl$TIOCSERGETLSR(0xffffffffffffffff, 0x5417, &(0x7f0000000200))
syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2)
socket$nl_generic(0x10, 0x3, 0x10) (async)
r5 = socket$inet6(0xa, 0x2, 0x3a)
sendto$inet6(r5, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)

9.73141207s ago: executing program 1 (id=2660):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
add_key$user(&(0x7f00000001c0), &(0x7f0000000240)={'syz', 0x3}, &(0x7f0000000480)="60a4a797cb900133ff3ecbb71652f806e73e77374c39d41d9f756d9ce98062822f5d200d95faec24d9d638b727db462b17c66acc0e99c0cd7bd37e53b2f6df33ea3b9bfe8dde3f856c2b7f4e5a99760a10a1acc9dcf005e08cc7e182aa3b8e1eaab588a831bb78668870fa20077eff8cd84433ee8afdd981e0568e3aa745a344e727ef4b035e2c0da0b4a7795bbd4fb3227dd3e7cc6895e121c76dd0f41aae4408", 0xa1, 0xfffffffffffffff8)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
preadv(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000001a80)=""/102400, 0x12}], 0x1, 0x0, 0x0)
shutdown(r1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a35f2", 0x14, 0x6, 0x0, @remote={0xfe, 0x50}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2}}}}}}}, 0x0)
io_setup(0x5, &(0x7f0000000180))
socket$igmp6(0xa, 0x3, 0x2)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x25, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x70}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={<r5=>0x0, 0x0, &(0x7f00000002c0)}, &(0x7f0000000440)=0x10)
getsockopt$inet_sctp6_SCTP_STATUS(r1, 0x84, 0x10, &(0x7f0000000580)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @private2}}, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}}, &(0x7f0000000080)=0xb0)
getsockopt$bt_BT_POWER(r0, 0x112, 0xf, 0x0, &(0x7f0000000100))
ioctl$FIOCLEX(r0, 0x5451)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='mqueue\x00', 0x41001, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r6)

8.393675555s ago: executing program 1 (id=2665):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x6, 0x4, 0x4, 0x3, 0x0, 0x1, 0x9, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$usbfs(&(0x7f0000000040), 0x80000000003, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r4, 0x802c550a, &(0x7f0000000000)=ANY=[@ANYBLOB="0200a006002a17006000000002000020d3"])

7.842068696s ago: executing program 6 (id=2671):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, &(0x7f0000000300)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, 0x0, &(0x7f0000000180)=0x24)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
r3 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x40201)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f0000000740)={0x30}, 0x30)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0)
r5 = openat$binfmt_format(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/fs/binfmt_misc/syz1\x00', 0x2, 0x0)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
sendfile(r5, r6, 0x0, 0x11fb)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r3, 0xc0045540, &(0x7f0000000080))
r7 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
ioctl$SIOCAX25CTLCON(r7, 0x89e8, &(0x7f0000000080)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x63, 0xffffffffffffffff, 0x0, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @default, @null]})

6.938777856s ago: executing program 1 (id=2672):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f00000001c0)=0x7ff, 0x4)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r0, 0x0, 0x47, 0x22004085, &(0x7f0000b63fe4)={0xa, 0x2, 0x6, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
r1 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000100))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000002100), 0x20101, 0x0)
ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000002140)=0x19)
ioctl$TCGETA(r6, 0x40085500, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r8 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r8, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANE(r8, 0xc02064b6, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETPLANE(r7, 0xc02064b6, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r7, 0xc06864a2, 0x0)
ioctl$VIDIOC_CROPCAP(r1, 0xc02c563a, &(0x7f0000000080)={0x2, {0x1ff, 0x6, 0x1, 0x2}, {0x5, 0x9, 0x7ff, 0xc4}, {0x2, 0x1}})

6.912180756s ago: executing program 6 (id=2674):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0xa, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6a0ac4ff00000000711084000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r0, 0x4068aea3, 0x0)
unshare(0xc000400)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000180)={0x18, 0x0, {0x2, @local, 'wg2\x00'}}, 0x1e)
sendmmsg(r1, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}}], 0x3e8, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$EBT_SO_SET_COUNTERS(0xffffffffffffffff, 0x0, 0x81, 0x0, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x78, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x6, '\x00', 0xa2e, 0x40, 0xe, 0x6}}}}]}, 0x48}}, 0x0)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x30, r7, 0x1, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1a}]}]}, 0x30}}, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000280)={'wg2\x00'})

5.99249049s ago: executing program 4 (id=2675):
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x20, 0x0, 0x1, 0x0, 0x0, 0x0, {}, [@CTA_SEQ_ADJ_REPLY={0xc, 0x10, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8, 0x1, 0x1, 0x0, 0x260e}]}]}, 0x20}}, 0x0)
setsockopt$bt_hci_HCI_DATA_DIR(0xffffffffffffffff, 0x0, 0x1, &(0x7f0000000180)=0x7, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x8, 0x5, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3000}, [@alu={0x7, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2f22}, @jmp={0x5, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffe}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="580000000002000000000000000000000000000010"], 0x58}}, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="d824000028000100020000080000000009"], 0x24d8}], 0x1}, 0x800)
r3 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000080), 0x84001, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r4)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='neigh_update\x00'}, 0x10)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSARP(r7, 0x8955, &(0x7f0000000040)={{0x2, 0x0, @multicast2}, {}, 0x0, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 'ip6gre0\x00'})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000010000000000000000001851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000106608000000000000180000000000000000000000000000009500000000000000360a020000001000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a00000000000085000000060000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x2, 0xff5c, &(0x7f0000000340)=""/222, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[], 0x1c}}, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
ioctl$TIOCSTI(r3, 0x5412, &(0x7f0000000140)=0x58)

5.990849391s ago: executing program 3 (id=2676):
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x24002de8)

5.946433828s ago: executing program 1 (id=2677):
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382)
r1 = memfd_create(&(0x7f0000000800)='U\xffA\x05\xd6\xe7\xfc\xa3\xb0\x04\xe2\x1b\\by\xdc2\xe3ZoL\x14\xa7\x8c\'\xa7\xcf\xff\xf0+9\xac\\\xa4\xa5=\\\xcc\xf6\xc4R\x88A\x94\xe0\xff\xff\xffX\x91\x1au\x83V\xc1H\xd3\rZ\x01!b\xc0\xaeW\xc5\x1f\xec\xfd\xe3\xc1\a\xeb\\,\x98P \xf2\xfe\xc5\xf9\xd4\x9a\x16\xa6\xb2\xde\x82\xa8\xf9\xcb{\xa9m\x83\xfb\x84\x8e\xef\xe3#\xcf$Df\x89\xe2?`\x96E=-\xd6\x91,4yEE\x1d\x81\x9c\x00\x00\x00\x00\x00\x001N\x1a\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\xcc\xb8o7\t\x0e4$Lb\xf9e\x8dv\xd0Y\x86\x18\v\xd6\xf9\\-\xdc\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a4\xf2\x8c\x19\x1e\xf0\xb5_\x93\x98\xb8\xcc\xc2\xc6\x15?\xa44\xd4\x12\xed\xa1\xf1!\xbch\x94\xd6\xf0\x98u\xd0#\x95y\x10\x06^\xdf\x0563\x9dX\xdcI\x06\xfe6\x1e^\"\x90\xbf\xa7&\xa3\xb5\x8d\\\xcf\xa1T\v\xd1\x92oV\x8d\xbcGd\x82\xaeD\xe0D\x10\xa9\xdb[\\eN\xbc\xb26-\xcd\xeat\xfa)\xc8\x00\x91<0\xbcf\x8b\xd5\xdb\xd9AC\xf5Z4h\x1a', 0x0)
pwritev(r1, &(0x7f00000007c0)=[{&(0x7f0000000040)="3f9ebe239545703482cbae9a17ba12fc50ab1b6e", 0x14}, {0x0}], 0x2, 0x81806, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
sendfile(r0, r1, 0x0, 0x100000000000042)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000040)=ANY=[@ANYBLOB="0400000000000000840000400000000009000000000000000b020000000000000300000000000000631b00000000000000004022000000006f2c9b65000000000104000000000000"])
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008f}, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r5, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @rand_addr=0x64010101}, 0x10)
connect$inet(r5, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r5, 0x0, 0xc, &(0x7f0000000180)=0x40000000, 0x4)
recvmsg$can_j1939(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=""/157, 0x9d}, 0x40000000)
recvmmsg(r5, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000002700)=""/102392, 0x18ff8)
r7 = syz_open_dev$media(&(0x7f0000000000), 0x0, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r7, 0xc0487c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000240)=[{}]})
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
socket$kcm(0x2, 0xa, 0x2)
pipe2$9p(&(0x7f0000000040), 0x800)

5.897299209s ago: executing program 6 (id=2678):
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x123}, 0x10, 0x0)
landlock_restrict_self(r0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000440), 0xffffffffffffffff)
sendmsg$L2TP_CMD_SESSION_GET(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)={0x28, r5, 0x1, 0x0, 0x0, {0x7}, [@L2TP_ATTR_IFNAME={0x14}]}, 0x28}}, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_create_ruleset(&(0x7f0000000140)={0x895}, 0x10, 0x0)
landlock_create_ruleset(&(0x7f0000000140)={0x895}, 0x10, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f00007fd000/0x2000)=nil, 0x2000, 0x2000, 0x7, &(0x7f00008d7000/0x2000)=nil)

5.80750814s ago: executing program 3 (id=2680):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000340), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x0)

3.964235925s ago: executing program 4 (id=2681):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000f8ff0000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000d40)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a764ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b2f113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55a8a89b60317cd78ea1dc8e0f77f2c1e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b4492510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2002045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f6b43ec83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea5919ffff72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac6ed77718098b2f722bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d47685404cc540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff153d20f3681f7a3a31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000000c0)={r1, 0xe0, &(0x7f0000000480)={0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r3 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r2}, 0x60)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={r3, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000940)={0x6, 0x3, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000740)='syzkaller\x00', 0x7, 0xc, &(0x7f0000000780)=""/12, 0x0, 0x0, '\x00', r4, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r5 = io_uring_setup(0x253d, &(0x7f0000000280)={0x0, 0x547a, 0x8, 0x0, 0x3ca})
r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect(r6, &(0x7f0000000300)=@rc={0x1f, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x8}, 0x80)
r7 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FILTER(r7, 0x65, 0x7, 0x0, &(0x7f00000000c0))
close_range(r5, 0xffffffffffffffff, 0x0)
r8 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r8, 0x4020565a, &(0x7f0000000080)={0x5, 0x2})
ioctl$VIDIOC_DQEVENT(r8, 0x80885659, 0x0)
ioctl$VIDIOC_S_INPUT(r8, 0xc0045627, &(0x7f00000000c0)=0x3)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)=@updsa={0x104, 0x10, 0x1, 0x0, 0x0, {{@in=@broadcast, @in=@loopback}, {@in=@local, 0x0, 0x2b}, @in=@private, {}, {}, {}, 0x0, 0x0, 0xa, 0x4, 0x0, 0x42}, [@coaddr={0x14, 0xe, @in6=@private0}]}, 0x104}}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xe0, 0x36, 0xea, 0x20, 0x93a, 0x50f, 0x437f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x81, [{{0x9, 0x4, 0xff, 0x40, 0x0, 0x2b, 0x4d, 0xa3, 0x8}}]}}]}}, 0x0)

3.8677555s ago: executing program 6 (id=2682):
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYRES16, @ANYRES16=0x0, @ANYRESHEX=0x0, @ANYRES64], 0x34}}, 0x0)
creat(&(0x7f0000000240)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
getrlimit(0x8, &(0x7f0000000100))
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000ff000000850000000f000000850000005000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x1e, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
socket$key(0xf, 0x3, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x6, &(0x7f0000000140)=ANY=[@ANYBLOB="18060000000000000000000000000000851000000200000040000000000000009500007b842963af9500000000000000"], &(0x7f00000000c0)='GPL\x00', 0xa, 0x92, &(0x7f0000000300)=""/146, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff0480000008003950323030"], 0x15)
r4 = dup(r3)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = mq_open(&(0x7f0000000540)='\r\x00elinu\xef\xe3elinux\x00\x96\xf6\x92\n#*\xac\x05\xce\xf8D\\\x9a\xe6[]L+\xf6\v\xe8\xf2\xd3\b\x15\n\xb8F!Q9o\x1f#\xbdt\r\xfb\"\x18%\xfdM\xaf_t\xd2\xdcJ\x10\a\xbab\x1a\xdf\xb1\xbdU\xd7Lo\xe7\xac\x81\x10k\xce-\xf5@\x9b\x9d;\xe8\xf6\xffQ\x04\xaai\x92k\x1b;\xddM\xa2\xe1-\x0e\xd8\xde\x00\xff\x18\xdd\bL\xfb\xa2.\xb6{\xb5\x85#\x88\xdc\xf0\x0f\x05\xf1\xc4 \xdeV\x80q\xf7\x04\xf5\x85T\x1f\xc2S]*\xc9lw\xd3J\xc5\xe8\x02\xcb\xbbAHxr\xac\xb77F\xdf\x1c\xcb\xd4\xce\x88L\xf1\xf9[\x98\xd4+pTx\x95\xb5\x1b]x\x1a\x95\xe1c83\xb7n#\xe0\xc1_\xff\xba\xde\a\x8b\xc5\x86woo\xbc\x1c\xa3r\x82\xf3enp-\x90/\xed\xff\xad+\x03\x10\t\xda\xfd\xa2\xd0\xef4\n%\xf1\xd8', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000140)={0x0, 0x1, 0x5})
mq_getsetattr(r6, &(0x7f0000000300)={0x800, 0x0, 0x1}, 0x0)
mq_timedreceive(r6, &(0x7f0000000080)=""/92, 0x5c, 0x0, 0x0)

3.795590872s ago: executing program 3 (id=2683):
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382)
r1 = memfd_create(&(0x7f0000000800)='U\xffA\x05\xd6\xe7\xfc\xa3\xb0\x04\xe2\x1b\\by\xdc2\xe3ZoL\x14\xa7\x8c\'\xa7\xcf\xff\xf0+9\xac\\\xa4\xa5=\\\xcc\xf6\xc4R\x88A\x94\xe0\xff\xff\xffX\x91\x1au\x83V\xc1H\xd3\rZ\x01!b\xc0\xaeW\xc5\x1f\xec\xfd\xe3\xc1\a\xeb\\,\x98P \xf2\xfe\xc5\xf9\xd4\x9a\x16\xa6\xb2\xde\x82\xa8\xf9\xcb{\xa9m\x83\xfb\x84\x8e\xef\xe3#\xcf$Df\x89\xe2?`\x96E=-\xd6\x91,4yEE\x1d\x81\x9c\x00\x00\x00\x00\x00\x001N\x1a\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\xcc\xb8o7\t\x0e4$Lb\xf9e\x8dv\xd0Y\x86\x18\v\xd6\xf9\\-\xdc\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a4\xf2\x8c\x19\x1e\xf0\xb5_\x93\x98\xb8\xcc\xc2\xc6\x15?\xa44\xd4\x12\xed\xa1\xf1!\xbch\x94\xd6\xf0\x98u\xd0#\x95y\x10\x06^\xdf\x0563\x9dX\xdcI\x06\xfe6\x1e^\"\x90\xbf\xa7&\xa3\xb5\x8d\\\xcf\xa1T\v\xd1\x92oV\x8d\xbcGd\x82\xaeD\xe0D\x10\xa9\xdb[\\eN\xbc\xb26-\xcd\xeat\xfa)\xc8\x00\x91<0\xbcf\x8b\xd5\xdb\xd9AC\xf5Z4h\x1a', 0x0)
sendfile(r0, r1, 0x0, 0x100000000000042)

3.686229663s ago: executing program 3 (id=2684):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
r0 = socket$kcm(0x10, 0x2, 0x10)
r1 = socket(0x28, 0x5, 0x0)
r2 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @local}, 0x10)
listen(r2, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
sendmmsg(r1, &(0x7f00000000c0)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000000)="1b", 0x1}, {&(0x7f00000006c0)="1a641e28f4d88a4454a8b70a1721f186d9fb02061c135db066cd67a29a254bab853b299576f6669b35f64ddaa6a42891e4d8838e68edf86b4858d77e5f8c51a4e06872d6fcd90980ffd50aab3af0e56643d26868decddaf87d938d691d196a012c4846f033e91007be88573c6ae419a813036e51fd2c1bf57603f3b08612a3dabd6eeea0fd061093d3cfec864b6800a62557ed90fbdd5ba8ac8109c1cb178995cefa7091f353542f2f65906ab291083b9f41aea435f45421ca2aede21829d20b46ab25653d3d0bc2453978e8cc1dd9855c3d792628e6628f39162f33bc09381e1551d7512914f520f964e599ed6fdf1b8658b2262843e1924d446b5bd57b5a0f0f14bf36d8bcee2011949a83a0853b45f55c7e5d5fc42109ba3bfce4930c9dc91dd8224283af19ea78fffdca9bc0a0a95ea464bf48c0718b732fa2f77e2e5821c566b49ffc5fcb6b45141190adbf76be513fd4fe0397d6471bbacccabd606d9c5848da0f97a4eb015306f616f0aa9aa77f44e4ee52cc679718f4006f56c3fccf456577661b3f4f081d60fa05928f9cb327e69274afe998bec4c1eb1efce32b8447ad94d48f2a6fbed9b6a2a6029e7fdf1fef26c24ebb1c5789e575873accb9877a7a5b6c904c5cee46a44b6ba8ca10ef74160a589b5c68cc1f80a7b88384bc4f00bd88ae721156359a731cb155dd03aa6ce42f469698388ebb6d904786d1c2b0c7861c623fe09b8b26822936452f51573663b02bfde610a85059b78082cd55515ff6c22a1515bc6ea12c95e4501279af31441425d3da5c7be61be026b32563fe9d6efef61fa6db44b211a44d880ef13fe57d61a6a4d24b5b02eac2d429418c90227067c9d68edc2af0d2c4e3ebaee646975a4ef723f45552cebaa8903c3c5620e3a8d95be5b8679d8e65cfa6147f55e1a7c9f3df5314ab9860f5de5992e3337d1b99bd8f4db96a9794cf6c250fe14a6e57af1573a16923ec52671fbfc06ca0ac2865e059ab5fc3dbdfe121df6c5374cd8be9cb5999ab41d3f23a55d17d4ca4ce5e62b7085fabef3c9b0b07f220842ae1a7ee4e838bcdb903b7a434e8c8de73d2a4dc75239aeac868f34cd743d98e0c62f2752b5157940166b513654160183a97025cc8ed6808a856e2c942839d5c53b28fd91dea1077a5f585d05f51ed88308f0008963e39c9fb56e0cbb5cd969241e95750942639013929881d6c79c8e21d0154a4b3396292f25cf09d6e635a648682eda1cdc78df8979666ecb758f08977031fb99dd2a63ddfce52cb844451dce5b5c44868221c5643dbcd305d4dd56da11a485c68ef3e1f80f1ac72858b1808a284bcf098c02624008552609929857c7ea2b732bfad178d6b76f2497e106a5a141ff00d54322613f7dcd0e05178a36923b932034fe799e8b45f33ec40e8611affcbb4f1d766f1f869b3fd862a03d64c09718e3bc2ddaefa8c93b9594a368748bd92c2cb9ec4deb741514d69d4110f931687dc4ee1bb9eb483480b007f0d0b7108aeae0db4634ad1d5c8d68a81c60759ac536f17878ffb67ad3f68a182b42ff1339c73304f2dd67257b7c370133b9e5843087074b3d406d58c5facb153b1a81a39546504d0b01f733b43b6a71df031b0b6e678b0cbe2dc496639c2fbd1076a6938a94833de70ad03b9c5e932f2386ab4db8323c23e88c8f79bf5ec717de55bc7ac8698a9030dc28a7b83db6f46afcda599c5f424b96e4e034ef158174385d86cc315fd0529e2a26ddf39319bd9ba4cc17af8c8ca683aea8db186419f8766f7f94bcb8326e2a3fb448115541146d2cb94981a657180251f5b90fd826aac39e520ba6120a4af6447d1e7dffad9190ba327f4e6f8a2254a23a29321336f4940658360a270a7a87b67e087768360d2fc5aaf3f66116515140f390d70d3dd7da24a313b5341be9b135db56a64e39d8a4a93a2c3d879e954ea179fda4b049bb4edcaabba367e9bc50a68083b417211f2b4cae3b23cb02df239b9c8ca1e0df82bba4c846245bf969adc5a823feb0a224dbf8f9af839b2df721839a85999919eff89cbac9d32d4b8e978890121231359ea46c879c8002b4be3669fb5e76b2049d2a11453278666c2eb4667e699b4de0f6f330e4f6fe3ce9ad8d020813b3105b6df2b9632763e4030ec84902e697eb69fec5cd399149327eb1621c27c352d87da9d5fda6d19540bfd32a74920e1e25e1c9332b563c37193e051c6f1b348da2878e98465b747e5f34dd44b5e1b7e630284e7ecaa883d93a5c08f42631c3fba63c3483317597bf457e8cc070c78ed0af7fde154ee54a2ca8f049b490eea4924bd2dd41293503585a318ad32a259f028b4d8acc380e13297845f5764beec514642f11ffe25d292604965913c0a8e90a0a98ebe3214f9d8d25d4625964407c1a88d8cd67cb1c3376c69010c498b91601d0aa4da9ee10fb50ea6878cf04e1560cdd5670a936002cd2d05fcfc03d9dbf99d133d3a0351ca3aa03632a5c890ce1f5cafb017d99d46f9b817ad0b85d3d9462463f8ef4adf72b69a017fb9b57c2b2456f034844823801fac3d2bf8d8ac3eff119dce896a0473330e79c46c80aa97123af9a1a26b9e7979c177bdc3f433d0ed797602333645dfb00faf5b87bfd90fa1c00289eadfe5f553c0b988638b86e43194cca99514c7af74e066d80dec639c767075a437c774a9b5c36f3e68e31bf5c944fdd739773a88362d28c963d1d5357b2397fe191147e083a23e2ddabf444662d4a615ee79ad6438a3c65f79a17517ff647e27310964504d1990f85a834caf6ba44618d7691f749bb155bdec24e865dd64b8be91a54a9c4533a96c92f5f88957d3dfc81bd576123e7e5bf735b5cba3fa06963ef88788b40ff936d10f004ad0b9297ffd6fa674967fab9889c5452d2d72d7c36381bbf67da48a52eaf842b69d4f38afdb7a4dc1ec814bf72091988e93aa205b6f6f9dbe2cfa99d0650ad367444cf04a68d5b0bb0d5c475c4f8de3756f01f230562dca68bc1ef1409ce018ee428e585fefe6be78f9887baccfa92607bc12b86e69097082e1047fde987f560c447ed48d08d6ed2b381a49a3c105599663d0f2bde75c9e2f826d2a7bfc15c1ec53987da87feac39a85732962cd6f3edb8301c597ef4905d32959908b9266851a6322f662607b205d061adc1d2c42686d96d429d21a2b6aba54fa3fc903f08e7dd88e923c658211867c33ca9301d051e149cf99c4fec641a7087288e3ed3340445c44a39454710d8060866c405c6854080b7947b65579206aab02e9ada4d250d68d4a7c7c9d0263caab8b4b11deda4657176b249fba6eda4f8f198647f4246b748730bd5e9573c167f8cd30cc762d9ba186a1fca1614273f7b5c674f567d461bdbc9365ea20a00d3c1f562070fa515c4412997f8ce437093e98a6c5a6a5a8556407ceaf86f7d40ee3b5ef7d434b1929ee1f7e78762f747466a4fa920667b5392983dd46f4f01da17edf911d8502bceed08d139b07935ed0b8ed452db1c658f5230c18ce6e2d0311b5470abf68997ec92290d4979a9927f0c912ca891b860f5d5e37dad2010b9165f2f18222092cd5c5c3f9fc25905576c9f20a1f72f76ec01597431e76afb37874a5e0ac38e85c8ea95843c0c3cbc65ed55dcd7a17659adfb40373b0bf608dbf9995055c58a799c9bab6b4f2023b0e424c0010df35b7a4d3d3d0afea4aedbb8fe5ed8e0d757d7da9ef0f6f8dc7fc571dfb7677f10402dc76786b5bb020f91108b60977605efdbaad028f309456c96cdb978ae1a9a80b693c08f9934a485a0731f9f6bfe39ee6373e36e90e28291ff694923add4fbfe24e1e806e3a0fc9e14cdf3082c3ec56e1944a2ba82b760e9d22ba865d9dd0d2ba651aaa315fe6728bed51d7ca4068f2fd5bec60b235c58637789d86f2b9c6e857e7ef8b0ea16561a071865229e45b6e4a21dfa6c12e2997b95daac0e7601cfd1f1eeec1195c76a5a47b19114e6633824066ac9b999908b666f8b94b9dff7038cb4ee2a80d7a3a232346e6bbdc77aa9743a7024c4ad79d83d98bf87aed9045265c9827469344462e68bd20c9c934da723788f5b51d9f49ae49b3fc37ee5f16f062b1bdee4c5312221b6d649d5cfde331606a307e84e4a36776733172620b610d03d00b8490d9ac11f4cbcfa642162cbb87e6af941f64b8ea02c9e280880f462b920aa2b3bd1acc86bf93b8fc8a080e1c3510e9c0070f37b12a23bfd7e54837e1beb5f608e73c91612e3d30f6a5b4be41cd0cc25fbdcade7356c3f78f6f70060f97a6b1516781e54b7e0c86813be1370a337111ddaa8d19dc9015e5edf6237662d5005b082a9e751e87d7ff28a0797ea100db0cbf4f2cf77e38034bd1fe9494e448995cd0a7b16777e36a096e93a7bed9d14a180439e112d5bc4a36afcea601c61e5204608325a99f8e6bf1ea6c70b24e53315eea40906ad684de8613d3e8a6d2e0f79d8df83b16f862c128a2189a98ff4df15b15310d16dde87a43c16bd61449cc401f34f234a303f4350cc778bf6408a7cc8ac13882dce71f3718cfb6214ce45f5bb97f4309afa5a592aecf0f9685c3a83bfab1224be1c9dddc8f2e737b0c10f8ac89551cb82f30c232dac84e46a6359b6bb885387b935acd09d4bad74f5cc9aa0914bcf20713397a88bced4f530eed46d6dd9a6090aa0542139ec15e8aa11a5952f18018ba56fa28704567b0e37957f6202b0334a1ad1240425e5dc6704c39071b863e1e369f826c89da16126786914035fa0f066c389fef81f0fb275a9016c1c0d526a59f42b346439d60942a154be7fdf9c68fadbc63fc382bd94b886dd26c41f37747b6350f519df0d579066be7388d93362601f27df11b0dc5a189d3634e2f9968906c303924cf361f39166e57f0ce8d6a0b8fb77d8fecb0f957bde5c1a0ce131e067eb044a54000e1039194836d5410d71f8cb8f859a1ca9d2f2687e77565294605356dfd37427aeb2b57ad6d7b292a0d39bf1fa5a4f4a43cd4af54aa05a7ef485ee58c88269db017d1040be3af5a9e3321abf216025d0845fd957ea0f7e9899ab42d166a98fb0f28c96da7d62b4213f98f506b801ee8472bafe8c4370dec281240c503db507039041184b21945ca7a4308fda9f6456418498718761e38f1876290ebb8b6ab76022bdd5f64c487d39e7fb4be7bd3c92c3094830a8dea4c4206236405cb443afb61cb53ca2a6ead790043a43e356d129d6eee690debb481955d3ae88d79d6e7fa89a16d5f62a4", 0xe80}], 0x2}}], 0x1, 0x40084)
r3 = accept4$unix(r2, 0x0, 0x0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
recvfrom$unix(r3, &(0x7f0000000180)=""/235, 0x1ffd4, 0x0, 0x0, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xfd20, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02002d000b02d25a806f8c6394f9031a04000a740100053503000000000000800c6400f01700d1bd00000000", 0x33fe0}], 0x1}, 0x0)
write$FUSE_NOTIFY_STORE(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB='/'], 0x2)
mount$fuse(0x20000000, &(0x7f00000000c0)='./file0\x00', 0x0, 0xa6d214, 0x0)
umount2(&(0x7f0000000040)='./file0\x00', 0x0)

2.478363818s ago: executing program 5 (id=2685):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, 0x0, 0x0, 0x7d7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000001, 0x20010, r0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write(0xffffffffffffffff, &(0x7f0000000300)='(', 0x1)
ioctl$KVM_CAP_HYPERV_SEND_IPI(0xffffffffffffffff, 0x4068aea3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
creat(0x0, 0xecf86c37d53049cc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, 0x0}, 0x0)
ioctl$PPPIOCGCHAN(0xffffffffffffffff, 0x80047437, &(0x7f0000001f00))
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1f, 0x1}}, 0x3c)
getpid()

2.478076086s ago: executing program 4 (id=2686):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000040)={0x2, "7d0ed813ac83f75083b8fbf0869ef6626a723c6226476dcc398345d6ecbe225e"})
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300), 0xffffffffffffffff)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2)
r5 = syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2)
read(r5, &(0x7f0000001e80)=""/96, 0x60)
read(r4, &(0x7f0000001e80)=""/96, 0x60)
shutdown(r3, 0x2)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x30, r2, 0x1, 0x0, 0x0, {{}, {}, {0x14, 0x19, {0xfffffffe, 0x0, 0x0, 0xc1}}}}, 0x30}}, 0x20040010)

1.968797515s ago: executing program 6 (id=2687):
r0 = socket(0x2, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x1, 0x10012, r1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0xa00000000000000, 0x80, &(0x7f00000000c0)=@broute={'broute\x00', 0x20, 0x1, 0x990, [0x0, 0x0, 0x0, 0x0, 0x0, 0x20000e00], 0x0, 0x0, &(0x7f0000000e00)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000000b00000000000000000062726964676530000000000000000000766c616e300000000000000000000000736974300000000000000000000000007465716c3000000000000000000000000000000000000000000000000180c20000000000000000000000b8080000b808000030090000616d6f6e670000000000000000000000000000002000000000000000000000002008000000000000140400000c000000000000000a000000000000040000000000000000000000000000080000000000000000000000000000b085da05d603888318a0cce400000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000fdffffffff00000000000000000000e4ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000005000000000000000000000000000000000000000000000000000000000000000000006fb7cd02b734bcce41ef6e95bd000000008000000000000000000000000000000000000000000000000000000000000000eeff3f000000008fc7660c490587b3ab213098a6767c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001f8f0000000000000000dbd5a834b3ab2a0cc27081310000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000440a05000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000f18a0afe993500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4f016fa70c1255400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008c7f8f1b44f000000000feffffff00000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000062f75a00627f34dd71012eed00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e0ffffff00000000000000000000000000000000000000000000001b00000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000f200000000000000000000000000000000000000000000000000000000000000fffffff90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f2573bd04a330000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000ff7f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000cb33322c9c564ae5f8eef74d5aa7cc9c000000000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000003f7f1c00000000000000000000000000000000ecffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000afe96d981b6f119c000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d3d2e85100000000000000000000000000000000000000000000000000844caab24e79bd260000000000000000000000000000000000000000005080000000000000000000000000000000010000a600a9e85725d89818472e65aba21d9bbc1b20e8331c6fd24a5aceaeefe102e42a013ac2c00eeb782c34eab997013e0506220c21a44cc58ff5bc83d5e4066c7700"/2448]}, 0xa08)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x13, 0x7, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000fdffffff0000000000000000186800001000800000000000ff0f000085000000000000000000000029a10000010000007ba1be4a"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x74, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@can_newroute={0x34, 0x18, 0x1, 0x20, 0x0, {}, [@CGW_MOD_SET={0x15, 0x4, {{{}, 0x0, 0x0, 0x0, 0x0, "8b893b21c1f3344a"}, 0x5}}, @CGW_CS_XOR={0x8, 0x5, {0x5, 0xfffffffffffffffa, 0xfffffffffffffff9, 0x5}}]}, 0x34}}, 0x0)
ioctl$TUNSETCARRIER(0xffffffffffffffff, 0x400454e2, &(0x7f0000000000)=0x4b)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000180)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = fsopen(&(0x7f0000000000)='devtmpfs\x00', 0x0)
fsconfig$FSCONFIG_SET_FLAG(r3, 0x6, 0x0, 0x0, 0x0)
iopl(0x3)
semctl$SETALL(0x0, 0x0, 0xe, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
bind$l2tp(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_open_dev$sg(&(0x7f0000000100), 0x0, 0x189202)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040))
ioctl$SCSI_IOCTL_SEND_COMMAND(r4, 0x1, &(0x7f00000000c0)=ANY=[@ANYBLOB="800000000000000058"])
r5 = syz_io_uring_setup(0x1f8c, &(0x7f0000000080)={0x0, 0x9294, 0x13580, 0x0, 0x8}, &(0x7f0000000100), &(0x7f0000000280))
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0xfffd}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @xfrm={{0x9}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_XFRM_DREG={0x8, 0x1, 0x1, 0x0, 0x1d}, @NFTA_XFRM_DIR={0x5, 0x3, 0x2}, @NFTA_XFRM_KEY={0x8, 0x2, 0x1, 0x0, 0x6}]}}}]}]}], {0x14}}, 0xcc}}, 0x0)
io_uring_enter(r5, 0x54, 0x0, 0x1, 0x0, 0x0)
r7 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000034276d20402002c68e010000000109021200010000000009040001"], 0x0)
r8 = epoll_create1(0x80000)
r9 = openat$mice(0xffffffffffffff9c, &(0x7f0000000000), 0x2)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13d, 0x2}}, 0x20)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r9, &(0x7f0000000040))
fcntl$dupfd(r7, 0x0, r7)

1.968284522s ago: executing program 3 (id=2688):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0xa, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6a0ac4ff00000000711084000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
openat$6lowpan_control(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r0, 0x4068aea3, 0x0)
unshare(0xc000400)
r1 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r1, &(0x7f0000000180)={0x18, 0x0, {0x2, @local, 'wg2\x00'}}, 0x1e)
sendmmsg(r1, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}}], 0x3e8, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$EBT_SO_SET_COUNTERS(0xffffffffffffffff, 0x0, 0x81, 0x0, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x78, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x6, '\x00', 0xa2e, 0x40, 0xe, 0x6}}}}]}, 0x48}}, 0x0)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)={0x30, r7, 0x1, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ID={0x5, 0x2, 0x1}, @MPTCP_PM_ADDR_ATTR_PORT={0x6}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1a}]}]}, 0x30}}, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000280)={'wg2\x00'})

1.76610862s ago: executing program 4 (id=2689):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x3, &(0x7f0000001600)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
close(r1)
prctl$PR_MCE_KILL(0x44, 0x8, 0x7fffffffeffe)
tee(r0, r2, 0x8000000000081, 0x0)
close(0xffffffffffffffff)

1.721517956s ago: executing program 5 (id=2690):
r0 = syz_open_dev$loop(0x0, 0x75f, 0xa382)
sendfile(r0, r0, 0x0, 0x24002de8)

1.684933532s ago: executing program 1 (id=2691):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r1 = landlock_create_ruleset(&(0x7f00000002c0)={0x3f2e}, 0x8, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000040), 0x1, 0x2800)
ioctl$SNDRV_PCM_IOCTL_RESET(r0, 0x4141, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r1, 0x1, &(0x7f0000000000)={0x292e, r0}, 0x0)
socket$inet6_dccp(0xa, 0x6, 0x0)
socket(0x10, 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x11, r2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000001280)=ANY=[@ANYBLOB="1b00000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB="0000000000279dbd00"/23, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
r6 = io_uring_setup(0x4112, &(0x7f0000000200)={0x0, 0x9d, 0x4})
r7 = eventfd2(0x0, 0x0)
io_uring_register$IORING_REGISTER_EVENTFD(r6, 0x4, &(0x7f0000000000)=r7, 0x1)
io_uring_register$IORING_REGISTER_BUFFERS2(r6, 0xf, &(0x7f0000001580)={0x3, 0x0, 0x0, &(0x7f00000014c0)=[{0x0}, {0x0}, {&(0x7f0000000280)=""/4096, 0x1000}], &(0x7f0000001540)=[0x0, 0x0, 0x4]}, 0x20)
read$eventfd(r7, &(0x7f0000000040), 0x8)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r6, 0x10, &(0x7f0000001b00)={0x0, 0x0, &(0x7f0000001a80)=[{0x0}, {0x0}, {0x0}], 0x0, 0x3}, 0x20)
syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
syz_io_uring_setup(0x1549, &(0x7f00000000c0)={0x0, 0xbf51, 0x8, 0x2, 0x38f, 0x0, r3}, &(0x7f0000000140), &(0x7f0000000200))
syz_io_uring_setup(0x2911, &(0x7f0000000240)={0x0, 0x2d2d, 0x1, 0x2, 0x379}, &(0x7f0000000300), &(0x7f0000000340))
r8 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r9=>0x0, &(0x7f00000001c0)=<r10=>0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
sendmsg$inet(r11, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x33fe0}], 0x1}, 0x3)
r12 = io_uring_register$IORING_REGISTER_PERSONALITY(r8, 0x9, 0x0, 0x0)
syz_io_uring_submit(r9, r10, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r11, 0x0, &(0x7f0000000100)='4', 0x1, 0x0, 0x0, {0x0, r12}})

1.619656356s ago: executing program 5 (id=2692):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_ADD_RULE(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2c040000"], 0x42c}, 0x1, 0x0, 0x0, 0x8000}, 0x4)

1.614758222s ago: executing program 5 (id=2693):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
faccessat(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000000), 0x20000007d, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000080), 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3, 0x12, r4, 0x0)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_CMAP(r5, 0x4bfa, 0x0)

1.594568332s ago: executing program 4 (id=2694):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
add_key$user(&(0x7f00000001c0), &(0x7f0000000240)={'syz', 0x3}, &(0x7f0000000480)="60a4a797cb900133ff3ecbb71652f806e73e77374c39d41d9f756d9ce98062822f5d200d95faec24d9d638b727db462b17c66acc0e99c0cd7bd37e53b2f6df33ea3b9bfe8dde3f856c2b7f4e5a99760a10a1acc9dcf005e08cc7e182aa3b8e1eaab588a831bb78668870fa20077eff8cd84433ee8afdd981e0568e3aa745a344e727ef4b035e2c0da0b4a7795bbd4fb3227dd3e7cc6895e121c76dd0f41aae4408", 0xa1, 0xfffffffffffffff8)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
preadv(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000001a80)=""/102400, 0x12}], 0x1, 0x0, 0x0)
shutdown(r1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a35f2", 0x14, 0x6, 0x0, @remote={0xfe, 0x50}, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0xc2}}}}}}}, 0x0)
io_setup(0x5, &(0x7f0000000180))
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x25, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x70}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={<r5=>0x0, 0x0, &(0x7f00000002c0)}, &(0x7f0000000440)=0x10)
getsockopt$inet_sctp6_SCTP_STATUS(r1, 0x84, 0x10, &(0x7f0000000580)={r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @private2}}, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}}, &(0x7f0000000080)=0xb0)
getsockopt$bt_BT_POWER(r0, 0x112, 0xf, 0x0, &(0x7f0000000100))
ioctl$FIOCLEX(r0, 0x5451)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='mqueue\x00', 0x41001, 0x0)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r6)

431.558896ms ago: executing program 5 (id=2695):
r0 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet6(r0, &(0x7f0000000040)={&(0x7f00000000c0)={0xa, 0x4e20, 0xfffffff7, @dev={0xfe, 0x80, '\x00', 0x20}, 0x9b6e}, 0x1c, 0x0, 0x0, &(0x7f0000000400)=[@dstopts_2292={{0x47, 0x29, 0x4, {0x4}}}, @tclass={{0x14}}], 0x30}, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x4002, 0x1)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

431.033781ms ago: executing program 3 (id=2696):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
unshare(0x22020400)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x20082, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x1d, &(0x7f0000000000)=0xb, 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000000f00)=[{{0x0, 0x0, 0x0}}, {{&(0x7f00000000c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000380)=""/31, 0x1f}, {&(0x7f0000000840)=""/233, 0xe9}, {&(0x7f0000001100)=""/206, 0xce}, {0x0}], 0x4, &(0x7f0000000500)=""/49, 0x31}, 0x729a93c0}, {{&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff}}, 0x80, 0x0, 0x0, &(0x7f0000000ec0)=""/54, 0x36}, 0x8}], 0x3, 0x0, 0x0)
syz_emit_ethernet(0x26, &(0x7f0000001300)=ANY=[@ANYBLOB="aaaaaaaaaa00b44f784044cf88a8000081000000000c000000000000000000000000000000001bdadcab02766f2420845cb1055e6992e9d48091ba46d9f310d4f48259561705d16b9140235102541195ac1985e52477f00c168a00f8d0a33c9377a7e5969098d569ddde79e48fe4121449e695801bf777e0f748bbfbf2e3c2b351bb88d65a4edf2dfc8973438d80a1b74bc5cc6f0f63d57fdc8fe12f7e2498dbad8231bc9c47adbeab58b970f920c59060f2fd6723be8754bd493c085d76b5734919af5cfbef71c4317f5cc3fb13"], 0x0)
write$binfmt_elf32(r1, &(0x7f0000000400)=ANY=[@ANYBLOB="7f454c460400000000000300060010000000f2008020000100470081007f00000000000600000005000000f5ffffff0600040002000000ffff0000ff0f000004000000"], 0x54)
write$sequencer(r1, &(0x7f0000000b00)=ANY=[@ANYRESHEX=0x0, @ANYRESDEC=r0, @ANYRESHEX, @ANYRESOCT=r2, @ANYRES32=0x0, @ANYRES32=r2, @ANYRESOCT=r0, @ANYRESHEX=r1], 0x8)
r3 = syz_io_uring_setup(0x7e3c, &(0x7f0000000980)={0x0, 0xd26e, 0x200}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x80003})
io_uring_enter(r3, 0x2def, 0x0, 0xefcfe759004e173a, 0x0, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r6, &(0x7f00000002c0)={0x2, 0x0, @multicast2}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$TUNGETVNETLE(r7, 0xc0189436, &(0x7f0000001940))
sendmmsg(r6, &(0x7f0000007fc0), 0x800001d, 0x0)
ioctl$SNDCTL_SEQ_SYNC(r1, 0x5101)
r8 = syz_open_dev$loop(&(0x7f0000000080), 0x8b9, 0x80981)
ioctl$LOOP_CHANGE_FD(r8, 0x4c00, 0xffffffffffffffff)
ioctl$LOOP_SET_STATUS(r8, 0x4c02, &(0x7f0000000200)={0x0, {}, 0x0, {}, 0x400000b, 0x0, 0x0, 0x0, "4b8b3ea46929dfed0b2f34380d308f95a023d009852471dd5a94a9fe9549918ae7fd1f0ece5b861375b108403362cfe0f4fccffb1b6a2115354d4df1172e9008", "23639aabe426e78edc0000008000000000fb80c92dc817d44dcdec00"})
ioctl$LOOP_SET_CAPACITY(r8, 0x4c07)
r9 = fsmount(0xffffffffffffffff, 0x0, 0x4)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000640)=@broute={'broute\x00', 0x20, 0x1, 0x170, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200006c0], 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0000000000000000ff0000000000000000d17d000000000000000000000000000000000000000000ffffffff0000000000000000000000000000001200000000000000000000000000080000000000000800000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff01000000110000000000000000006e72300000000000000000000000000079616d3000000001000000000000b40079616d30000000000000000000000000766574b7708ad56f5f7465616d0000000180c2000000000000000000aaaaaaaaaa000000000000000000b0000000b0000000e000000071756f746100000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000a00000000000000000000004155444954"]}, 0x1bd)
write$binfmt_script(r10, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r10, 0x0)
r11 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r11, 0x0, 0x80, &(0x7f0000000640)=@broute={'broute\x00', 0x20, 0x1, 0x170, [], 0x0, 0x0, 0x0}, 0x1e8)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000140)={'veth1_to_bond\x00'})

372.849703ms ago: executing program 1 (id=2697):
sendmsg$IEEE802154_LLSEC_ADD_SECLEVEL(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYRES16, @ANYRES16=0x0, @ANYRESHEX=0x0, @ANYRES64], 0x34}}, 0x0)
creat(&(0x7f0000000240)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
getrlimit(0x8, &(0x7f0000000100))
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000500)={0x11, 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="18000000000000ff000000850000000f000000850000005000"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x1e, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9, @void, @value}, 0x94)
socket$key(0xf, 0x3, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x6, &(0x7f0000000140)=ANY=[@ANYBLOB="18060000000000000000000000000000851000000200000040000000000000009500007b842963af9500000000000000"], &(0x7f00000000c0)='GPL\x00', 0xa, 0x92, &(0x7f0000000300)=""/146, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001480), 0x42002, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
r4 = dup(r3)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
write$FUSE_BMAP(r4, 0x0, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r4, &(0x7f00000000c0)={0x14c}, 0x137)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020207025000000002dba513d7b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000008fd8850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='kfree\x00', r5}, 0x10)
r6 = mq_open(&(0x7f0000000540)='\r\x00elinu\xef\xe3elinux\x00\x96\xf6\x92\n#*\xac\x05\xce\xf8D\\\x9a\xe6[]L+\xf6\v\xe8\xf2\xd3\b\x15\n\xb8F!Q9o\x1f#\xbdt\r\xfb\"\x18%\xfdM\xaf_t\xd2\xdcJ\x10\a\xbab\x1a\xdf\xb1\xbdU\xd7Lo\xe7\xac\x81\x10k\xce-\xf5@\x9b\x9d;\xe8\xf6\xffQ\x04\xaai\x92k\x1b;\xddM\xa2\xe1-\x0e\xd8\xde\x00\xff\x18\xdd\bL\xfb\xa2.\xb6{\xb5\x85#\x88\xdc\xf0\x0f\x05\xf1\xc4 \xdeV\x80q\xf7\x04\xf5\x85T\x1f\xc2S]*\xc9lw\xd3J\xc5\xe8\x02\xcb\xbbAHxr\xac\xb77F\xdf\x1c\xcb\xd4\xce\x88L\xf1\xf9[\x98\xd4+pTx\x95\xb5\x1b]x\x1a\x95\xe1c83\xb7n#\xe0\xc1_\xff\xba\xde\a\x8b\xc5\x86woo\xbc\x1c\xa3r\x82\xf3enp-\x90/\xed\xff\xad+\x03\x10\t\xda\xfd\xa2\xd0\xef4\n%\xf1\xd8', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000140)={0x0, 0x1, 0x5})
mq_getsetattr(r6, &(0x7f0000000300)={0x800, 0x0, 0x1}, 0x0)
mq_timedreceive(r6, &(0x7f0000000080)=""/92, 0x5c, 0x0, 0x0)

6.977986ms ago: executing program 34 (id=2696):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
unshare(0x22020400)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x20082, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x1d, &(0x7f0000000000)=0xb, 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000000f00)=[{{0x0, 0x0, 0x0}}, {{&(0x7f00000000c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @remote}}}, 0x80, &(0x7f0000000940)=[{&(0x7f0000000380)=""/31, 0x1f}, {&(0x7f0000000840)=""/233, 0xe9}, {&(0x7f0000001100)=""/206, 0xce}, {0x0}], 0x4, &(0x7f0000000500)=""/49, 0x31}, 0x729a93c0}, {{&(0x7f0000000540)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff}}, 0x80, 0x0, 0x0, &(0x7f0000000ec0)=""/54, 0x36}, 0x8}], 0x3, 0x0, 0x0)
syz_emit_ethernet(0x26, &(0x7f0000001300)=ANY=[@ANYBLOB="aaaaaaaaaa00b44f784044cf88a8000081000000000c000000000000000000000000000000001bdadcab02766f2420845cb1055e6992e9d48091ba46d9f310d4f48259561705d16b9140235102541195ac1985e52477f00c168a00f8d0a33c9377a7e5969098d569ddde79e48fe4121449e695801bf777e0f748bbfbf2e3c2b351bb88d65a4edf2dfc8973438d80a1b74bc5cc6f0f63d57fdc8fe12f7e2498dbad8231bc9c47adbeab58b970f920c59060f2fd6723be8754bd493c085d76b5734919af5cfbef71c4317f5cc3fb13"], 0x0)
write$binfmt_elf32(r1, &(0x7f0000000400)=ANY=[@ANYBLOB="7f454c460400000000000300060010000000f2008020000100470081007f00000000000600000005000000f5ffffff0600040002000000ffff0000ff0f000004000000"], 0x54)
write$sequencer(r1, &(0x7f0000000b00)=ANY=[@ANYRESHEX=0x0, @ANYRESDEC=r0, @ANYRESHEX, @ANYRESOCT=r2, @ANYRES32=0x0, @ANYRES32=r2, @ANYRESOCT=r0, @ANYRESHEX=r1], 0x8)
r3 = syz_io_uring_setup(0x7e3c, &(0x7f0000000980)={0x0, 0xd26e, 0x200}, &(0x7f0000000180)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x80003})
io_uring_enter(r3, 0x2def, 0x0, 0xefcfe759004e173a, 0x0, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r6, &(0x7f00000002c0)={0x2, 0x0, @multicast2}, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$TUNGETVNETLE(r7, 0xc0189436, &(0x7f0000001940))
sendmmsg(r6, &(0x7f0000007fc0), 0x800001d, 0x0)
ioctl$SNDCTL_SEQ_SYNC(r1, 0x5101)
r8 = syz_open_dev$loop(&(0x7f0000000080), 0x8b9, 0x80981)
ioctl$LOOP_CHANGE_FD(r8, 0x4c00, 0xffffffffffffffff)
ioctl$LOOP_SET_STATUS(r8, 0x4c02, &(0x7f0000000200)={0x0, {}, 0x0, {}, 0x400000b, 0x0, 0x0, 0x0, "4b8b3ea46929dfed0b2f34380d308f95a023d009852471dd5a94a9fe9549918ae7fd1f0ece5b861375b108403362cfe0f4fccffb1b6a2115354d4df1172e9008", "23639aabe426e78edc0000008000000000fb80c92dc817d44dcdec00"})
ioctl$LOOP_SET_CAPACITY(r8, 0x4c07)
r9 = fsmount(0xffffffffffffffff, 0x0, 0x4)
r10 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000640)=@broute={'broute\x00', 0x20, 0x1, 0x170, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200006c0], 0x0, 0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0000000000000000ff0000000000000000d17d000000000000000000000000000000000000000000ffffffff0000000000000000000000000000001200000000000000000000000000080000000000000800000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff01000000110000000000000000006e72300000000000000000000000000079616d3000000001000000000000b40079616d30000000000000000000000000766574b7708ad56f5f7465616d0000000180c2000000000000000000aaaaaaaaaa000000000000000000b0000000b0000000e000000071756f746100000000000000000000000000000000000000000000000000000018000000000000000000000000000000000000000a00000000000000000000004155444954"]}, 0x1bd)
write$binfmt_script(r10, &(0x7f0000000000), 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r10, 0x0)
r11 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r11, 0x0, 0x80, &(0x7f0000000640)=@broute={'broute\x00', 0x20, 0x1, 0x170, [], 0x0, 0x0, 0x0}, 0x1e8)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000140)={'veth1_to_bond\x00'})

1.477566ms ago: executing program 5 (id=2699):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
sendmmsg$inet(r0, &(0x7f0000003f80)=[{{0x0, 0x0, 0x0}}, {{&(0x7f0000000100)={0x1e, 0x204, @rand_addr=0x1000000}, 0x10, 0x0}}], 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/partitions\x00', 0x0, 0x0)
r6 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
sendfile(r6, r5, &(0x7f00000000c0)=0x58, 0x9)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, 0x0, 0x0)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000000)={<r7=>0x0, 0x1c, &(0x7f00000000c0)=[@in6={0xa, 0x4e21, 0x3, @private0}]}, &(0x7f0000000380)=0x10)
r8 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_MCAST_JOIN_GROUP(r8, 0x0, 0x2a, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r8, 0x84, 0x10, &(0x7f0000000040)=@sack_info={r7, 0x9, 0x3}, &(0x7f0000000080)=0xc)
r9 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000001400000014000000b3c5"], 0x0, 0x36, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8b04, &(0x7f0000000000)={'wlan1\x00'})
r10 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYRES8=r0], 0x0)
syz_usb_control_io(r10, 0x0, 0x0)
syz_usb_control_io(r10, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r10, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r10, 0x0, 0x0)

792.457µs ago: executing program 6 (id=2700):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(0xffffffffffffffff, 0x82307202, &(0x7f0000000300)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}])
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, 0x0, &(0x7f0000000180)=0x24)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x40201)
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f0000000740)={0x30}, 0x30)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r4, 0xc0045540, &(0x7f0000000080))
syz_init_net_socket$ax25(0x3, 0x2, 0x0)

0s ago: executing program 4 (id=2701):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
socket$igmp6(0xa, 0x3, 0x2)
sendmsg$NL80211_CMD_TRIGGER_SCAN(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=ANY=[@ANYBLOB="34000400", @ANYRES16=0x0, @ANYBLOB="000200000000000000002100000008000300", @ANYRES32=0x0, @ANYBLOB="14002c8008"], 0x34}}, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x0, 0x0, @remote, 0x1}, 0x1c)
sendmsg(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x952f, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xfff2}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendmmsg$inet(r0, &(0x7f0000004bc0)=[{{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000f00)="f5e022a4d2ed0cf5f8b2e9857cb9af98da7aa60f7a1582aadeaef336f9139f6768452f868624c7e6ce0948f33f1a63e0fcf0f2df28a3f1f4de26a8b575ccb465985e48f65b9a7fcc93c0a5be8b16774f7c7ca9848a182d6ee7c0f2b9c0e7030ed93ee34214c25cb51279b18c8e5bfbc52152be37f5e2b783e2149be25180430ac63ee1bbe01fbb6125e65839ae5b02d542a97d1bfb1ca420b5405baaaf5ec6ad96af2814dbbea5a064f2ab6fc0904c07f02cbfadfb96866d962e6e21d3a0a0276a36e01b6eda", 0xc6}], 0x1}}, {{0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f0000000700)="acc841985992b79554acfc02163bb0fb2bb293e68702bb40b6b870bde5", 0x1d}], 0x1}}, {{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000001bc0)="5c89eeb1aa86c6f680f09cc1c1d4bc5fc6a067d295afd3aa97af3d777b81db48f9ceb270e506af840503c6fbf20760e4cd8df9c220cd0728585229123d5c61507d00561b8f1a15e64fa2779be424fdeff46058eaee7acfc80b2ae9840e9ac1e33ac8378c98695a08bdb8f2a756b1704c036e3b0ff2d1e9d397a82e24debd371e6855b7dc2dea47d57a9dfbf4fb2ccb3f975c3851c6b5399ab80c4ba95604f70a69674cfe820d82fb06b243625a8a9e4ee52e7c2ec4d63241fb00efd1a485a3", 0xbf}], 0x1}}], 0x3, 0x0)
request_key(&(0x7f0000000480)='dns_resolver\x00', &(0x7f0000000500)={'syz', 0x0}, &(0x7f0000000700)='^\x00', 0x0)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)

kernel console output (not intermixed with test programs):

643] R10: 000000000000003a R11: 0000000000000246 R12: 0000000000000001
[  826.982046][T14643] R13: 0000000000000000 R14: 00007f905e936058 R15: 00007ffcdd148878
[  826.990033][T14643]  </TASK>
[  827.704788][T14647] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  828.332990][T14649] netlink: 9396 bytes leftover after parsing attributes in process `syz.4.2162'.
[  828.472759][ T5881] input: gspca_pac7302 as /devices/platform/dummy_hcd.3/usb4/4-1/input/input21
[  828.706108][T14661] FAULT_INJECTION: forcing a failure.
[  828.706108][T14661] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  828.743453][T14661] CPU: 1 UID: 0 PID: 14661 Comm: syz.4.2167 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  828.754268][T14661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  828.764335][T14661] Call Trace:
[  828.767639][T14661]  <TASK>
[  828.770590][T14661]  dump_stack_lvl+0x241/0x360
[  828.775303][T14661]  ? __pfx_dump_stack_lvl+0x10/0x10
[  828.780532][T14661]  ? __pfx__printk+0x10/0x10
[  828.785155][T14661]  ? __pfx_lock_release+0x10/0x10
[  828.790220][T14661]  should_fail_ex+0x3b0/0x4e0
[  828.794930][T14661]  _copy_from_user+0x2f/0xc0
[  828.799544][T14661]  copy_msghdr_from_user+0xae/0x680
[  828.804770][T14661]  ? __pfx___might_resched+0x10/0x10
[  828.810091][T14661]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  828.815922][T14661]  ? rcu_is_watching+0x15/0xb0
[  828.820712][T14661]  ? __might_fault+0xaa/0x120
[  828.825419][T14661]  __sys_sendmmsg+0x36d/0x730
[  828.830134][T14661]  ? __pfx___sys_sendmmsg+0x10/0x10
[  828.835371][T14661]  ? __pfx_lock_release+0x10/0x10
[  828.840415][T14661]  ? kstrtouint_from_user+0x128/0x190
[  828.845828][T14661]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  828.851745][T14661]  ? ksys_write+0x229/0x2b0
[  828.856258][T14661]  ? __pfx_lock_release+0x10/0x10
[  828.861291][T14661]  ? vfs_write+0x730/0xd30
[  828.865709][T14661]  ? __mutex_unlock_slowpath+0x21d/0x750
[  828.871345][T14661]  ? __fget_files+0x3f3/0x470
[  828.876053][T14661]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  828.882037][T14661]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  828.888367][T14661]  ? do_syscall_64+0x100/0x230
[  828.893134][T14661]  __x64_sys_sendmmsg+0xa0/0xb0
[  828.897989][T14661]  do_syscall_64+0xf3/0x230
[  828.902491][T14661]  ? clear_bhb_loop+0x35/0x90
[  828.907166][T14661]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  828.913058][T14661] RIP: 0033:0x7f905e77e719
[  828.917475][T14661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  828.937075][T14661] RSP: 002b:00007f905cbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  828.945508][T14661] RAX: ffffffffffffffda RBX: 00007f905e935f80 RCX: 00007f905e77e719
[  828.953478][T14661] RDX: 040000000000009f RSI: 00000000200002c0 RDI: 0000000000000003
[  828.961445][T14661] RBP: 00007f905cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  828.969412][T14661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  828.977375][T14661] R13: 0000000000000000 R14: 00007f905e935f80 R15: 00007ffcdd148878
[  828.985351][T14661]  </TASK>
[  830.062390][ T5931] usb 4-1: USB disconnect, device number 62
[  830.104642][T14675] fuse: Unknown parameter ''
[  831.457310][T14697] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  832.125196][T14698] ieee802154 phy1 wpan1: encryption failed: -22
[  833.167658][T14715] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2181'.
[  833.414301][T14727] fuse: Bad value for 'user_id'
[  833.418982][T14713] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  833.433958][T14727] fuse: Bad value for 'user_id'
[  833.604988][T14725] Invalid ELF header magic: != ELF
[  833.671104][T14732] fuse: Unknown parameter ''
[  834.776766][T14748] ieee802154 phy1 wpan1: encryption failed: -22
[  836.257221][ T5931] usb 2-1: new low-speed USB device number 70 using dummy_hcd
[  836.421888][T14776] netlink: 9396 bytes leftover after parsing attributes in process `syz.4.2198'.
[  837.276133][ T5931] usb 2-1: config 7 has an invalid interface number: 252 but max is 0
[  837.284792][ T5931] usb 2-1: config 7 has no interface number 0
[  837.291573][ T5931] usb 2-1: config 7 interface 252 has no altsetting 0
[  837.304345][ T5931] usb 2-1: string descriptor 0 read error: -22
[  837.310829][ T5931] usb 2-1: New USB device found, idVendor=0681, idProduct=0005, bcdDevice=56.c0
[  837.321768][ T5931] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  837.398332][T14792] fuse: Unknown parameter ''
[  837.580100][T14759] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2195'.
[  837.684569][ T5931] usb 2-1: USB disconnect, device number 70
[  837.890457][T13652] Bluetooth: hci2: command 0x0405 tx timeout
[  838.370563][T14800] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  839.309420][   T29] audit: type=1400 audit(1731746370.875:128): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=14809 comm="syz.6.2212" daddr=fe80::bb
[  839.363718][   T29] audit: type=1400 audit(1731746370.905:129): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=14813 comm="syz.1.2211" daddr=ff02::1
[  839.757731][T14835] netlink: 9396 bytes leftover after parsing attributes in process `syz.4.2215'.
[  840.268215][T14836] FAULT_INJECTION: forcing a failure.
[  840.268215][T14836] name failslab, interval 1, probability 0, space 0, times 0
[  840.344013][T14836] CPU: 1 UID: 0 PID: 14836 Comm: syz.6.2218 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  840.354826][T14836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  840.364902][T14836] Call Trace:
[  840.368202][T14836]  <TASK>
[  840.371148][T14836]  dump_stack_lvl+0x241/0x360
[  840.375853][T14836]  ? __pfx_dump_stack_lvl+0x10/0x10
[  840.381075][T14836]  ? __pfx__printk+0x10/0x10
[  840.385684][T14836]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  840.391161][T14836]  ? __pfx___might_resched+0x10/0x10
[  840.396477][T14836]  should_fail_ex+0x3b0/0x4e0
[  840.401182][T14836]  should_failslab+0xac/0x100
[  840.405872][T14836]  ? rtnl_newlink+0xf2/0x20a0
[  840.410582][T14836]  __kmalloc_cache_noprof+0x6c/0x2c0
[  840.415883][T14836]  ? __pfx_lock_acquire+0x10/0x10
[  840.420954][T14836]  rtnl_newlink+0xf2/0x20a0
[  840.425492][T14836]  ? bpf_trace_run2+0x1fc/0x540
[  840.430471][T14836]  ? bpf_trace_run2+0x36e/0x540
[  840.435356][T14836]  ? __mutex_trylock_common+0x183/0x2e0
[  840.440935][T14836]  ? __pfx_bpf_trace_run2+0x10/0x10
[  840.446158][T14836]  ? __pfx_rtnl_newlink+0x10/0x10
[  840.451208][T14836]  ? __pfx___mutex_trylock_common+0x10/0x10
[  840.457141][T14836]  ? rcu_is_watching+0x15/0xb0
[  840.461938][T14836]  ? trace_contention_end+0x3c/0x120
[  840.467245][T14836]  ? __mutex_lock+0x2ef/0xd70
[  840.471914][T14836]  ? rcu_read_unlock+0x87/0xa0
[  840.476672][T14836]  ? __dev_queue_xmit+0x171d/0x3ed0
[  840.481874][T14836]  ? rtnetlink_rcv_msg+0x6e6/0xcf0
[  840.486972][T14836]  ? __pfx_lock_release+0x10/0x10
[  840.491994][T14836]  ? __pfx___mutex_lock+0x10/0x10
[  840.497020][T14836]  ? __pfx_rtnl_newlink+0x10/0x10
[  840.502073][T14836]  rtnetlink_rcv_msg+0x73f/0xcf0
[  840.507047][T14836]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  840.512190][T14836]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  840.517677][T14836]  ? ref_tracker_free+0x643/0x7e0
[  840.522740][T14836]  netlink_rcv_skb+0x1e3/0x430
[  840.527549][T14836]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  840.533034][T14836]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  840.538373][T14836]  ? netlink_deliver_tap+0x2e/0x1b0
[  840.543590][T14836]  netlink_unicast+0x7f6/0x990
[  840.548374][T14836]  ? __pfx_netlink_unicast+0x10/0x10
[  840.553681][T14836]  ? __virt_addr_valid+0x183/0x530
[  840.558819][T14836]  ? __check_object_size+0x48e/0x900
[  840.564131][T14836]  netlink_sendmsg+0x8e4/0xcb0
[  840.568939][T14836]  ? __pfx_netlink_sendmsg+0x10/0x10
[  840.574274][T14836]  ? __pfx_netlink_sendmsg+0x10/0x10
[  840.579602][T14836]  __sock_sendmsg+0x221/0x270
[  840.584310][T14836]  ____sys_sendmsg+0x52a/0x7e0
[  840.589113][T14836]  ? __pfx_____sys_sendmsg+0x10/0x10
[  840.594451][T14836]  __sys_sendmsg+0x292/0x380
[  840.599074][T14836]  ? __pfx___sys_sendmsg+0x10/0x10
[  840.604227][T14836]  ? __pfx_vfs_write+0x10/0x10
[  840.609051][T14836]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  840.615422][T14836]  ? do_syscall_64+0x100/0x230
[  840.620234][T14836]  ? do_syscall_64+0xb6/0x230
[  840.624941][T14836]  do_syscall_64+0xf3/0x230
[  840.629470][T14836]  ? clear_bhb_loop+0x35/0x90
[  840.634177][T14836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  840.640100][T14836] RIP: 0033:0x7f3fe0d7e719
[  840.644536][T14836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  840.664177][T14836] RSP: 002b:00007f3fe1adf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  840.672624][T14836] RAX: ffffffffffffffda RBX: 00007f3fe0f36058 RCX: 00007f3fe0d7e719
[  840.680621][T14836] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 000000000000000c
[  840.688616][T14836] RBP: 00007f3fe1adf090 R08: 0000000000000000 R09: 0000000000000000
[  840.696612][T14836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  840.704616][T14836] R13: 0000000000000000 R14: 00007f3fe0f36058 R15: 00007fff42bdf388
[  840.712622][T14836]  </TASK>
[  841.128278][T14855] x_tables: eb_tables: AUDIT.0 target: invalid size 8 (kernel) != (user) 0
[  841.728767][T14872] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  843.191935][   T29] audit: type=1400 audit(1731746374.365:130): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=14863 comm="syz.5.2229" daddr=fe80::bb
[  843.452822][T14879] FAULT_INJECTION: forcing a failure.
[  843.452822][T14879] name failslab, interval 1, probability 0, space 0, times 0
[  843.532058][T14879] CPU: 1 UID: 0 PID: 14879 Comm: syz.6.2233 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  843.542888][T14879] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  843.552975][T14879] Call Trace:
[  843.556279][T14879]  <TASK>
[  843.559233][T14879]  dump_stack_lvl+0x241/0x360
[  843.563949][T14879]  ? __pfx_dump_stack_lvl+0x10/0x10
[  843.569177][T14879]  ? __pfx__printk+0x10/0x10
[  843.573795][T14879]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[  843.579369][T14879]  ? __pfx___might_resched+0x10/0x10
[  843.584753][T14879]  should_fail_ex+0x3b0/0x4e0
[  843.589472][T14879]  ? security_file_alloc+0x32/0x310
[  843.594684][T14879]  should_failslab+0xac/0x100
[  843.599372][T14879]  ? security_file_alloc+0x32/0x310
[  843.604583][T14879]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  843.609966][T14879]  security_file_alloc+0x32/0x310
[  843.614997][T14879]  init_file+0x93/0x1e0
[  843.619160][T14879]  alloc_empty_file+0xb8/0x1d0
[  843.623929][T14879]  alloc_file_pseudo+0x1da/0x290
[  843.628872][T14879]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  843.634332][T14879]  ? __local_bh_enable_ip+0x168/0x200
[  843.639717][T14879]  ? bpf_link_prime+0x7a/0x240
[  843.644479][T14879]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  843.650204][T14879]  anon_inode_getfile+0xc8/0x180
[  843.655146][T14879]  bpf_link_prime+0xff/0x240
[  843.659737][T14879]  bpf_raw_tp_link_attach+0x3c4/0x6e0
[  843.665114][T14879]  ? __pfx_bpf_raw_tp_link_attach+0x10/0x10
[  843.671022][T14879]  ? fput+0x1a8/0x230
[  843.675002][T14879]  bpf_raw_tracepoint_open+0x177/0x1f0
[  843.680461][T14879]  __sys_bpf+0x3c0/0x810
[  843.684703][T14879]  ? __pfx___sys_bpf+0x10/0x10
[  843.689474][T14879]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  843.695460][T14879]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  843.701794][T14879]  ? do_syscall_64+0x100/0x230
[  843.706559][T14879]  __x64_sys_bpf+0x7c/0x90
[  843.711063][T14879]  do_syscall_64+0xf3/0x230
[  843.715566][T14879]  ? clear_bhb_loop+0x35/0x90
[  843.720246][T14879]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  843.726135][T14879] RIP: 0033:0x7f3fe0d7e719
[  843.730547][T14879] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  843.750149][T14879] RSP: 002b:00007f3fe1b00038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  843.758563][T14879] RAX: ffffffffffffffda RBX: 00007f3fe0f35f80 RCX: 00007f3fe0d7e719
[  843.766532][T14879] RDX: 0000000000000010 RSI: 0000000020000040 RDI: 0000000000000011
[  843.774500][T14879] RBP: 00007f3fe1b00090 R08: 0000000000000000 R09: 0000000000000000
[  843.782466][T14879] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  843.790434][T14879] R13: 0000000000000000 R14: 00007f3fe0f35f80 R15: 00007fff42bdf388
[  843.798412][T14879]  </TASK>
[  843.983322][T14893] FAULT_INJECTION: forcing a failure.
[  843.983322][T14893] name failslab, interval 1, probability 0, space 0, times 0
[  844.033445][T14893] CPU: 0 UID: 0 PID: 14893 Comm: syz.4.2240 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  844.044267][T14893] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  844.054348][T14893] Call Trace:
[  844.057637][T14893]  <TASK>
[  844.060571][T14893]  dump_stack_lvl+0x241/0x360
[  844.065255][T14893]  ? __pfx_dump_stack_lvl+0x10/0x10
[  844.070456][T14893]  ? __pfx__printk+0x10/0x10
[  844.075053][T14893]  ? fs_reclaim_acquire+0x93/0x130
[  844.080168][T14893]  ? __pfx___might_resched+0x10/0x10
[  844.085459][T14893]  should_fail_ex+0x3b0/0x4e0
[  844.090137][T14893]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  844.095859][T14893]  should_failslab+0xac/0x100
[  844.100533][T14893]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  844.106260][T14893]  __kmalloc_noprof+0xd8/0x400
[  844.111029][T14893]  tomoyo_realpath_from_path+0xcf/0x5e0
[  844.116587][T14893]  tomoyo_path_number_perm+0x23a/0x880
[  844.122050][T14893]  ? tomoyo_path_number_perm+0x208/0x880
[  844.127685][T14893]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  844.133697][T14893]  ? __fget_files+0x29/0x470
[  844.138308][T14893]  ? __fget_files+0x3f3/0x470
[  844.142996][T14893]  security_file_ioctl+0xc6/0x2a0
[  844.148023][T14893]  __se_sys_ioctl+0x47/0x170
[  844.152613][T14893]  do_syscall_64+0xf3/0x230
[  844.157123][T14893]  ? clear_bhb_loop+0x35/0x90
[  844.161814][T14893]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  844.167703][T14893] RIP: 0033:0x7f905e77e719
[  844.172114][T14893] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  844.191720][T14893] RSP: 002b:00007f905cbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  844.200136][T14893] RAX: ffffffffffffffda RBX: 00007f905e935f80 RCX: 00007f905e77e719
[  844.208107][T14893] RDX: 0000000020000b00 RSI: 00000000000089f1 RDI: 0000000000000004
[  844.216072][T14893] RBP: 00007f905cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  844.224045][T14893] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  844.232058][T14893] R13: 0000000000000000 R14: 00007f905e935f80 R15: 00007ffcdd148878
[  844.240040][T14893]  </TASK>
[  844.266104][T14891] x_tables: eb_tables: AUDIT.0 target: invalid size 8 (kernel) != (user) 0
[  844.286131][T14890] x_tables: eb_tables: AUDIT.0 target: invalid size 8 (kernel) != (user) 0
[  844.360811][T14893] ERROR: Out of memory at tomoyo_realpath_from_path.
[  844.376260][T14896] netlink: 199836 bytes leftover after parsing attributes in process `syz.5.2241'.
[  844.585995][   T29] audit: type=1400 audit(1731746376.115:131): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=14910 comm="syz.1.2243" daddr=fe80::aa dest=128
[  845.607959][ T5971] usb 7-1: new high-speed USB device number 35 using dummy_hcd
[  845.807575][ T5971] usb 7-1: Using ep0 maxpacket: 16
[  845.816207][ T5971] usb 7-1: config 0 has an invalid interface number: 218 but max is 0
[  845.825216][ T5971] usb 7-1: config 0 has no interface number 0
[  845.836849][ T5971] usb 7-1: New USB device found, idVendor=05ac, idProduct=0263, bcdDevice=ae.46
[  845.901424][ T5971] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  845.949433][T14926] FAULT_INJECTION: forcing a failure.
[  845.949433][T14926] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  845.978841][ T5971] usb 7-1: Product: syz
[  845.983056][ T5971] usb 7-1: Manufacturer: syz
[  846.043442][ T5971] usb 7-1: SerialNumber: syz
[  846.050830][   T29] audit: type=1400 audit(1731746377.505:132): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=14921 comm="syz.1.2246" daddr=fe80::bb
[  846.057377][T14926] CPU: 0 UID: 0 PID: 14926 Comm: syz.5.2247 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  846.078289][T14926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  846.088381][T14926] Call Trace:
[  846.091680][T14926]  <TASK>
[  846.094632][T14926]  dump_stack_lvl+0x241/0x360
[  846.099343][T14926]  ? __pfx_dump_stack_lvl+0x10/0x10
[  846.104577][T14926]  ? __pfx__printk+0x10/0x10
[  846.109192][T14926]  ? snprintf+0xda/0x120
[  846.113443][T14926]  should_fail_ex+0x3b0/0x4e0
[  846.118126][T14926]  _copy_to_user+0x31/0xb0
[  846.122542][T14926]  simple_read_from_buffer+0xca/0x150
[  846.127920][T14926]  proc_fail_nth_read+0x1e9/0x250
[  846.132944][T14926]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  846.138493][T14926]  ? rw_verify_area+0x55e/0x6f0
[  846.143345][T14926]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  846.148895][T14926]  vfs_read+0x1fc/0xb70
[  846.153050][T14926]  ? fdget_pos+0x24e/0x320
[  846.157468][T14926]  ? __pfx_vfs_read+0x10/0x10
[  846.162150][T14926]  ? __fget_files+0x3f3/0x470
[  846.166833][T14926]  ? fdget_pos+0x24e/0x320
[  846.171253][T14926]  ksys_read+0x183/0x2b0
[  846.175497][T14926]  ? __pfx_ksys_read+0x10/0x10
[  846.180261][T14926]  ? do_syscall_64+0x100/0x230
[  846.185027][T14926]  ? do_syscall_64+0xb6/0x230
[  846.189708][T14926]  do_syscall_64+0xf3/0x230
[  846.194213][T14926]  ? clear_bhb_loop+0x35/0x90
[  846.198894][T14926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  846.204875][T14926] RIP: 0033:0x7fb59af7d15c
[  846.209288][T14926] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  846.228894][T14926] RSP: 002b:00007fb59bd87030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  846.237315][T14926] RAX: ffffffffffffffda RBX: 00007fb59b135f80 RCX: 00007fb59af7d15c
[  846.245308][T14926] RDX: 000000000000000f RSI: 00007fb59bd870a0 RDI: 0000000000000003
[  846.253298][T14926] RBP: 00007fb59bd87090 R08: 0000000000000000 R09: 0000000000000000
[  846.261279][T14926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  846.269255][T14926] R13: 0000000000000000 R14: 00007fb59b135f80 R15: 00007ffe30167a48
[  846.277241][T14926]  </TASK>
[  846.288259][ T5971] usb 7-1: config 0 descriptor??
[  846.298829][ T5971] input: bcm5974 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.218/input/input22
[  846.500574][T14898] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2239'.
[  846.637825][T14898] lo: entered promiscuous mode
[  846.657798][T14898] netlink: 'syz.6.2239': attribute type 2 has an invalid length.
[  846.670406][T14898] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  846.752871][T14942] ieee802154 phy1 wpan1: encryption failed: -22
[  846.879754][T14944] ieee802154 phy1 wpan1: encryption failed: -22
[  846.922655][ T5189] bcm5974 7-1:0.218: could not read from device
[  846.943819][ T5189] bcm5974 7-1:0.218: could not read from device
[  846.964826][ T5971] usb 7-1: USB disconnect, device number 35
[  847.667267][   T29] audit: type=1400 audit(1731746378.625:133): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=14939 comm="syz.4.2253" daddr=fe80::aa dest=128
[  847.900573][T14952] FAULT_INJECTION: forcing a failure.
[  847.900573][T14952] name failslab, interval 1, probability 0, space 0, times 0
[  847.900607][T14952] CPU: 0 UID: 0 PID: 14952 Comm: syz.1.2258 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  847.900630][T14952] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  847.900644][T14952] Call Trace:
[  847.900652][T14952]  <TASK>
[  847.900662][T14952]  dump_stack_lvl+0x241/0x360
[  847.900695][T14952]  ? __pfx_dump_stack_lvl+0x10/0x10
[  847.900720][T14952]  ? __pfx__printk+0x10/0x10
[  847.900746][T14952]  ? __kmalloc_noprof+0xb0/0x400
[  847.900768][T14952]  ? __pfx___might_resched+0x10/0x10
[  847.900797][T14952]  should_fail_ex+0x3b0/0x4e0
[  847.900823][T14952]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  847.900851][T14952]  should_failslab+0xac/0x100
[  847.900872][T14952]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  847.900900][T14952]  __kmalloc_noprof+0xd8/0x400
[  847.900925][T14952]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  847.900959][T14952]  genl_rcv_msg+0x802/0xec0
[  847.900984][T14952]  ? mark_lock+0x9a/0x360
[  847.901012][T14952]  ? __pfx_genl_rcv_msg+0x10/0x10
[  847.901063][T14952]  ? __pfx_lock_acquire+0x10/0x10
[  847.901088][T14952]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  847.901108][T14952]  ? __pfx_nl80211_channel_switch+0x10/0x10
[  847.901131][T14952]  ? __pfx_nl80211_post_doit+0x10/0x10
[  847.901152][T14952]  ? __pfx___might_resched+0x10/0x10
[  847.901194][T14952]  netlink_rcv_skb+0x1e3/0x430
[  847.901217][T14952]  ? __pfx_genl_rcv_msg+0x10/0x10
[  847.901247][T14952]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  847.901283][T14952]  ? __netlink_deliver_tap+0x77e/0x7c0
[  847.901320][T14952]  genl_rcv+0x28/0x40
[  847.901345][T14952]  netlink_unicast+0x7f6/0x990
[  847.901375][T14952]  ? __pfx_netlink_unicast+0x10/0x10
[  847.901394][T14952]  ? __virt_addr_valid+0x183/0x530
[  847.901418][T14952]  ? __check_object_size+0x48e/0x900
[  847.901443][T14952]  netlink_sendmsg+0x8e4/0xcb0
[  847.901479][T14952]  ? __pfx_netlink_sendmsg+0x10/0x10
[  847.901515][T14952]  ? __pfx_netlink_sendmsg+0x10/0x10
[  847.901537][T14952]  __sock_sendmsg+0x221/0x270
[  847.901562][T14952]  ____sys_sendmsg+0x52a/0x7e0
[  847.901596][T14952]  ? __pfx_____sys_sendmsg+0x10/0x10
[  847.901638][T14952]  __sys_sendmsg+0x292/0x380
[  847.901665][T14952]  ? __pfx___sys_sendmsg+0x10/0x10
[  847.901703][T14952]  ? __pfx_vfs_write+0x10/0x10
[  847.901754][T14952]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  847.901783][T14952]  ? do_syscall_64+0x100/0x230
[  847.901810][T14952]  ? do_syscall_64+0xb6/0x230
[  847.901837][T14952]  do_syscall_64+0xf3/0x230
[  847.901861][T14952]  ? clear_bhb_loop+0x35/0x90
[  847.901887][T14952]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  847.901909][T14952] RIP: 0033:0x7f8105f7e719
[  847.901927][T14952] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  847.901944][T14952] RSP: 002b:00007f8106de7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  847.901968][T14952] RAX: ffffffffffffffda RBX: 00007f8106135f80 RCX: 00007f8105f7e719
[  847.901983][T14952] RDX: 0000000000000000 RSI: 0000000020000200 RDI: 0000000000000004
[  847.901997][T14952] RBP: 00007f8106de7090 R08: 0000000000000000 R09: 0000000000000000
[  847.902011][T14952] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  847.902025][T14952] R13: 0000000000000000 R14: 00007f8106135f80 R15: 00007ffe848d4d58
[  847.902056][T14952]  </TASK>
[  847.943719][T14954] vim2m vim2m.0: Fourcc format (0x47524247) invalid.
[  848.942002][T14963] FAULT_INJECTION: forcing a failure.
[  848.942002][T14963] name failslab, interval 1, probability 0, space 0, times 0
[  848.942037][T14963] CPU: 0 UID: 0 PID: 14963 Comm: syz.5.2261 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  848.942060][T14963] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  848.942074][T14963] Call Trace:
[  848.942083][T14963]  <TASK>
[  848.942093][T14963]  dump_stack_lvl+0x241/0x360
[  848.942126][T14963]  ? __pfx_dump_stack_lvl+0x10/0x10
[  848.942153][T14963]  ? __pfx__printk+0x10/0x10
[  848.942179][T14963]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  848.942202][T14963]  ? __pfx___might_resched+0x10/0x10
[  848.942232][T14963]  should_fail_ex+0x3b0/0x4e0
[  848.942260][T14963]  should_failslab+0xac/0x100
[  848.942280][T14963]  ? genl_start+0x1cb/0x6d0
[  848.942307][T14963]  __kmalloc_cache_noprof+0x6c/0x2c0
[  848.942335][T14963]  genl_start+0x1cb/0x6d0
[  848.942370][T14963]  __netlink_dump_start+0x45c/0x790
[  848.942403][T14963]  genl_rcv_msg+0x88c/0xec0
[  848.942428][T14963]  ? mark_lock+0x9a/0x360
[  848.942457][T14963]  ? __pfx_genl_rcv_msg+0x10/0x10
[  848.942490][T14963]  ? __pfx_genl_start+0x10/0x10
[  848.942514][T14963]  ? __pfx_genl_dumpit+0x10/0x10
[  848.942539][T14963]  ? __pfx_genl_done+0x10/0x10
[  848.942581][T14963]  ? __pfx_lock_acquire+0x10/0x10
[  848.942606][T14963]  ? __pfx_ethnl_default_start+0x10/0x10
[  848.942629][T14963]  ? __pfx_ethnl_default_dumpit+0x10/0x10
[  848.942651][T14963]  ? __pfx_ethnl_default_done+0x10/0x10
[  848.942675][T14963]  ? __pfx___might_resched+0x10/0x10
[  848.942711][T14963]  netlink_rcv_skb+0x1e3/0x430
[  848.942735][T14963]  ? __pfx_genl_rcv_msg+0x10/0x10
[  848.942765][T14963]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  848.942819][T14963]  genl_rcv+0x28/0x40
[  848.942844][T14963]  netlink_unicast+0x7f6/0x990
[  848.942874][T14963]  ? __pfx_netlink_unicast+0x10/0x10
[  848.942894][T14963]  ? __virt_addr_valid+0x183/0x530
[  848.942924][T14963]  ? __check_object_size+0x48e/0x900
[  848.942950][T14963]  netlink_sendmsg+0x8e4/0xcb0
[  848.942986][T14963]  ? __pfx_netlink_sendmsg+0x10/0x10
[  848.943024][T14963]  ? __pfx_netlink_sendmsg+0x10/0x10
[  848.943046][T14963]  __sock_sendmsg+0x221/0x270
[  848.943071][T14963]  ____sys_sendmsg+0x52a/0x7e0
[  848.943105][T14963]  ? __pfx_____sys_sendmsg+0x10/0x10
[  848.943148][T14963]  __sys_sendmsg+0x292/0x380
[  848.943175][T14963]  ? __pfx___sys_sendmsg+0x10/0x10
[  848.943213][T14963]  ? __pfx_vfs_write+0x10/0x10
[  848.943267][T14963]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  848.943297][T14963]  ? do_syscall_64+0x100/0x230
[  848.943324][T14963]  ? do_syscall_64+0xb6/0x230
[  848.943351][T14963]  do_syscall_64+0xf3/0x230
[  848.943375][T14963]  ? clear_bhb_loop+0x35/0x90
[  848.943402][T14963]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  848.943424][T14963] RIP: 0033:0x7fb59af7e719
[  848.943443][T14963] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  848.943461][T14963] RSP: 002b:00007fb59bd87038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  848.943485][T14963] RAX: ffffffffffffffda RBX: 00007fb59b135f80 RCX: 00007fb59af7e719
[  848.943500][T14963] RDX: 0000000000000000 RSI: 00000000200005c0 RDI: 0000000000000005
[  848.943514][T14963] RBP: 00007fb59bd87090 R08: 0000000000000000 R09: 0000000000000000
[  848.943529][T14963] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  848.943542][T14963] R13: 0000000000000000 R14: 00007fb59b135f80 R15: 00007ffe30167a48
[  848.943574][T14963]  </TASK>
[  849.147193][   T29] audit: type=1400 audit(1731746380.705:134): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=14965 comm="syz.5.2262" daddr=fe88::6 dest=65531
[  849.153546][   T29] audit: type=1400 audit(1731746380.715:135): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=14965 comm="syz.5.2262" daddr=fc02::
[  849.163268][   T29] audit: type=1400 audit(1731746380.725:136): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=14965 comm="syz.5.2262" daddr=fe80::20 dest=20003
[  849.182239][T14949] tty tty29: ldisc open failed (-12), clearing slot 28
[  849.623158][T14973] ieee802154 phy1 wpan1: encryption failed: -22
[  849.695572][T14975] netlink: 9396 bytes leftover after parsing attributes in process `syz.6.2263'.
[  849.877546][ T5931] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[  850.045484][ T5931] usb 2-1: Using ep0 maxpacket: 32
[  850.092747][ T5931] usb 2-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  850.096467][T14985] netlink: 'syz.5.2272': attribute type 3 has an invalid length.
[  850.109722][T14986] FAULT_INJECTION: forcing a failure.
[  850.109722][T14986] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  850.110212][T14985] netlink: 3 bytes leftover after parsing attributes in process `syz.5.2272'.
[  850.123321][ T5931] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  850.174697][ T5931] usb 2-1: Product: syz
[  850.186020][ T5931] usb 2-1: Manufacturer: syz
[  850.193943][ T5931] usb 2-1: SerialNumber: syz
[  850.215286][ T5931] usb 2-1: config 0 descriptor??
[  850.219960][T14986] CPU: 0 UID: 0 PID: 14986 Comm: syz.4.2270 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  850.231017][T14986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  850.241089][T14986] Call Trace:
[  850.244383][T14986]  <TASK>
[  850.247332][T14986]  dump_stack_lvl+0x241/0x360
[  850.252035][T14986]  ? __pfx_dump_stack_lvl+0x10/0x10
[  850.257262][T14986]  ? __pfx__printk+0x10/0x10
[  850.261883][T14986]  ? snprintf+0xda/0x120
[  850.266155][T14986]  should_fail_ex+0x3b0/0x4e0
[  850.270861][T14986]  _copy_to_user+0x31/0xb0
[  850.275304][T14986]  simple_read_from_buffer+0xca/0x150
[  850.280707][T14986]  proc_fail_nth_read+0x1e9/0x250
[  850.285771][T14986]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  850.291346][T14986]  ? rw_verify_area+0x55e/0x6f0
[  850.296219][T14986]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  850.301792][T14986]  vfs_read+0x1fc/0xb70
[  850.305983][T14986]  ? fdget_pos+0x24e/0x320
[  850.310427][T14986]  ? __pfx_vfs_read+0x10/0x10
[  850.315133][T14986]  ? __fget_files+0x3f3/0x470
[  850.319847][T14986]  ? fdget_pos+0x24e/0x320
[  850.324295][T14986]  ksys_read+0x183/0x2b0
[  850.328566][T14986]  ? __pfx_ksys_read+0x10/0x10
[  850.333354][T14986]  ? do_syscall_64+0x100/0x230
[  850.338145][T14986]  ? do_syscall_64+0xb6/0x230
[  850.342853][T14986]  do_syscall_64+0xf3/0x230
[  850.347398][T14986]  ? clear_bhb_loop+0x35/0x90
[  850.352105][T14986]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  850.358020][T14986] RIP: 0033:0x7f905e77d15c
[  850.362454][T14986] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  850.382085][T14986] RSP: 002b:00007f905cbf6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  850.390528][T14986] RAX: ffffffffffffffda RBX: 00007f905e935f80 RCX: 00007f905e77d15c
[  850.398525][T14986] RDX: 000000000000000f RSI: 00007f905cbf60a0 RDI: 0000000000000005
[  850.406516][T14986] RBP: 00007f905cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  850.414538][T14986] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  850.422553][T14986] R13: 0000000000000000 R14: 00007f905e935f80 R15: 00007ffcdd148878
[  850.430578][T14986]  </TASK>
[  850.478463][T14992] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for gretap1
[  850.490745][T14992] gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  850.500366][T14992] gretap1: entered promiscuous mode
[  850.506211][T14992] gretap1: entered allmulticast mode
[  850.555842][T15000] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2277'.
[  850.703922][ T5931] airspy 2-1:0.0: usb_control_msg() failed -71 request 0a
[  850.721109][ T5931] airspy 2-1:0.0: Could not detect board
[  850.872804][ T5931] airspy 2-1:0.0: probe with driver airspy failed with error -71
[  850.974065][T15009] fuse: Unknown parameter ''
[  852.437609][ T5931] usb 2-1: USB disconnect, device number 71
[  853.389671][T15016] netlink: 9396 bytes leftover after parsing attributes in process `syz.3.2280'.
[  854.001158][T15021] FAULT_INJECTION: forcing a failure.
[  854.001158][T15021] name failslab, interval 1, probability 0, space 0, times 0
[  854.013816][T15021] CPU: 0 UID: 0 PID: 15021 Comm: syz.3.2282 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  854.024565][T15021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  854.034610][T15021] Call Trace:
[  854.037880][T15021]  <TASK>
[  854.040798][T15021]  dump_stack_lvl+0x241/0x360
[  854.045467][T15021]  ? __pfx_dump_stack_lvl+0x10/0x10
[  854.050652][T15021]  ? __pfx__printk+0x10/0x10
[  854.055232][T15021]  ? __pfx_fib_rules_lookup+0x10/0x10
[  854.060612][T15021]  ? l3mdev_update_flow+0x29/0x5f0
[  854.065738][T15021]  ? l3mdev_update_flow+0x4a8/0x5f0
[  854.070940][T15021]  should_fail_ex+0x3b0/0x4e0
[  854.075614][T15021]  ? dst_alloc+0x12b/0x190
[  854.080027][T15021]  should_failslab+0xac/0x100
[  854.084693][T15021]  ? dst_alloc+0x12b/0x190
[  854.089100][T15021]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  854.094460][T15021]  ? __pfx_make_kuid+0x10/0x10
[  854.099217][T15021]  dst_alloc+0x12b/0x190
[  854.103464][T15021]  ip_route_input_rcu+0x24be/0x3910
[  854.108660][T15021]  ? __pfx_ip_route_input_rcu+0x10/0x10
[  854.114198][T15021]  ? __pfx_lock_acquire+0x10/0x10
[  854.119226][T15021]  ip_route_input_noref+0x170/0x260
[  854.124411][T15021]  ? ip_route_input_noref+0xb1/0x260
[  854.129700][T15021]  ? __pfx_ip_route_input_noref+0x10/0x10
[  854.135410][T15021]  ip_rcv_finish_core+0x5ab/0x1b40
[  854.140517][T15021]  ip_rcv_finish+0x14a/0x560
[  854.145091][T15021]  ? NF_HOOK+0x392/0x450
[  854.149322][T15021]  ? __pfx_ip_rcv_finish+0x10/0x10
[  854.154426][T15021]  NF_HOOK+0x3a4/0x450
[  854.158500][T15021]  ? NF_HOOK+0x9a/0x450
[  854.162657][T15021]  ? __pfx_NF_HOOK+0x10/0x10
[  854.167248][T15021]  ? ip_rcv_core+0x801/0xd10
[  854.171848][T15021]  ? __pfx_ip_rcv_finish+0x10/0x10
[  854.176952][T15021]  ? __pfx_ip_rcv+0x10/0x10
[  854.181443][T15021]  __netif_receive_skb+0x2bf/0x650
[  854.186548][T15021]  ? __pfx_lock_acquire+0x10/0x10
[  854.191573][T15021]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[  854.197802][T15021]  ? __pfx___netif_receive_skb+0x10/0x10
[  854.203434][T15021]  ? __kasan_slab_alloc+0x66/0x80
[  854.208448][T15021]  ? read_tsc+0x9/0x20
[  854.212520][T15021]  ? timekeeping_get_ns+0x2c0/0x420
[  854.217713][T15021]  ? netif_receive_skb+0x131/0x890
[  854.222816][T15021]  ? netif_receive_skb+0x131/0x890
[  854.227916][T15021]  netif_receive_skb+0x1e8/0x890
[  854.232848][T15021]  ? tun_rx_batched+0x160/0x8f0
[  854.237697][T15021]  ? __pfx_netif_receive_skb+0x10/0x10
[  854.243147][T15021]  ? tun_rx_batched+0x160/0x8f0
[  854.248006][T15021]  tun_rx_batched+0x1b7/0x8f0
[  854.252669][T15021]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  854.258988][T15021]  ? __pfx_lock_acquire+0x10/0x10
[  854.264019][T15021]  ? __pfx_tun_rx_batched+0x10/0x10
[  854.269218][T15021]  tun_get_user+0x3056/0x47e0
[  854.273887][T15021]  ? tun_get_user+0x2b44/0x47e0
[  854.278745][T15021]  ? __lock_acquire+0x1384/0x2050
[  854.283760][T15021]  ? __pfx_tun_get_user+0x10/0x10
[  854.289234][T15021]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  854.294683][T15021]  ? tun_get+0x1e/0x2f0
[  854.298827][T15021]  ? __pfx_lock_release+0x10/0x10
[  854.303860][T15021]  ? tun_get+0x1e/0x2f0
[  854.308005][T15021]  ? tun_get+0x27d/0x2f0
[  854.312234][T15021]  tun_chr_write_iter+0x10d/0x1f0
[  854.317260][T15021]  vfs_write+0xaeb/0xd30
[  854.321513][T15021]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  854.327060][T15021]  ? __pfx_vfs_write+0x10/0x10
[  854.331851][T15021]  ? fdget_pos+0x19a/0x320
[  854.336256][T15021]  ksys_write+0x183/0x2b0
[  854.340573][T15021]  ? __pfx_ksys_write+0x10/0x10
[  854.345410][T15021]  ? do_syscall_64+0x100/0x230
[  854.350184][T15021]  ? do_syscall_64+0xb6/0x230
[  854.354852][T15021]  do_syscall_64+0xf3/0x230
[  854.359353][T15021]  ? clear_bhb_loop+0x35/0x90
[  854.364014][T15021]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.369899][T15021] RIP: 0033:0x7f971137d1ff
[  854.374298][T15021] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 1c 8e 02 00 48
[  854.394245][T15021] RSP: 002b:00007f971221c000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  854.402649][T15021] RAX: ffffffffffffffda RBX: 00007f9711535f80 RCX: 00007f971137d1ff
[  854.410621][T15021] RDX: 0000000000000032 RSI: 0000000020000000 RDI: 00000000000000c8
[  854.418580][T15021] RBP: 00007f971221c090 R08: 0000000000000000 R09: 0000000000000000
[  854.426538][T15021] R10: 0000000000000032 R11: 0000000000000293 R12: 0000000000000001
[  854.434495][T15021] R13: 0000000000000001 R14: 00007f9711535f80 R15: 00007fff3c41fec8
[  854.442481][T15021]  </TASK>
[  854.480884][T15024] FAULT_INJECTION: forcing a failure.
[  854.480884][T15024] name failslab, interval 1, probability 0, space 0, times 0
[  854.507288][T15024] CPU: 0 UID: 0 PID: 15024 Comm: syz.1.2284 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  854.518117][T15024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  854.528298][T15024] Call Trace:
[  854.531607][T15024]  <TASK>
[  854.534557][T15024]  dump_stack_lvl+0x241/0x360
[  854.539267][T15024]  ? __pfx_dump_stack_lvl+0x10/0x10
[  854.544502][T15024]  ? __pfx__printk+0x10/0x10
[  854.549128][T15024]  ? __kmalloc_node_noprof+0xb7/0x440
[  854.554530][T15024]  ? __pfx___might_resched+0x10/0x10
[  854.559847][T15024]  should_fail_ex+0x3b0/0x4e0
[  854.564552][T15024]  should_failslab+0xac/0x100
[  854.569245][T15024]  __kmalloc_node_noprof+0xdf/0x440
[  854.574496][T15024]  ? qdisc_alloc+0x9a/0xa80
[  854.579038][T15024]  qdisc_alloc+0x9a/0xa80
[  854.583370][T15024]  ? bpf_trace_run2+0x1fc/0x540
[  854.588400][T15024]  qdisc_create+0x182/0x11a0
[  854.592994][T15024]  ? __pfx_qdisc_create+0x10/0x10
[  854.598022][T15024]  tc_modify_qdisc+0xa26/0x1e40
[  854.602879][T15024]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  854.608182][T15024]  ? __pfx_tc_modify_qdisc+0x10/0x10
[  854.613465][T15024]  rtnetlink_rcv_msg+0x73f/0xcf0
[  854.618401][T15024]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  854.623518][T15024]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  854.629005][T15024]  ? ref_tracker_free+0x643/0x7e0
[  854.634034][T15024]  netlink_rcv_skb+0x1e3/0x430
[  854.638801][T15024]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  854.644259][T15024]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  854.649566][T15024]  ? netlink_deliver_tap+0x2e/0x1b0
[  854.654771][T15024]  netlink_unicast+0x7f6/0x990
[  854.659547][T15024]  ? __pfx_netlink_unicast+0x10/0x10
[  854.664829][T15024]  ? __virt_addr_valid+0x183/0x530
[  854.669945][T15024]  ? __check_object_size+0x48e/0x900
[  854.675231][T15024]  netlink_sendmsg+0x8e4/0xcb0
[  854.680007][T15024]  ? __pfx_netlink_sendmsg+0x10/0x10
[  854.685304][T15024]  ? __pfx_netlink_sendmsg+0x10/0x10
[  854.690585][T15024]  __sock_sendmsg+0x221/0x270
[  854.695294][T15024]  ____sys_sendmsg+0x52a/0x7e0
[  854.700067][T15024]  ? __pfx_____sys_sendmsg+0x10/0x10
[  854.705366][T15024]  __sys_sendmsg+0x292/0x380
[  854.710222][T15024]  ? __pfx___sys_sendmsg+0x10/0x10
[  854.715342][T15024]  ? __pfx_vfs_write+0x10/0x10
[  854.720128][T15024]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  854.726459][T15024]  ? do_syscall_64+0x100/0x230
[  854.731246][T15024]  ? do_syscall_64+0xb6/0x230
[  854.735932][T15024]  do_syscall_64+0xf3/0x230
[  854.740438][T15024]  ? clear_bhb_loop+0x35/0x90
[  854.745115][T15024]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.751005][T15024] RIP: 0033:0x7f8105f7e719
[  854.755419][T15024] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  854.775021][T15024] RSP: 002b:00007f8106de7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  854.783441][T15024] RAX: ffffffffffffffda RBX: 00007f8106135f80 RCX: 00007f8105f7e719
[  854.791759][T15024] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  854.799729][T15024] RBP: 00007f8106de7090 R08: 0000000000000000 R09: 0000000000000000
[  854.807699][T15024] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  854.815668][T15024] R13: 0000000000000000 R14: 00007f8106135f80 R15: 00007ffe848d4d58
[  854.823646][T15024]  </TASK>
[  855.145553][T15037] ieee802154 phy1 wpan1: encryption failed: -22
[  856.056043][T15049] netlink: 2 bytes leftover after parsing attributes in process `syz.4.2293'.
[  856.154299][T15056] netlink: 9396 bytes leftover after parsing attributes in process `syz.1.2292'.
[  857.116916][   T29] audit: type=1400 audit(1731746388.675:137): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15068 comm="syz.3.2298" daddr=fe80::aa dest=128
[  858.212980][T15074] Bluetooth: hci1: Opcode 0x0401 failed: -22
[  858.594583][T15081] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present!
[  858.978729][ T5931] usb 7-1: new high-speed USB device number 36 using dummy_hcd
[  859.477451][ T5931] usb 7-1: Using ep0 maxpacket: 8
[  859.491793][ T5931] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  859.518715][ T5931] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  859.578382][ T5931] usb 7-1: New USB device found, idVendor=06f8, idProduct=0003, bcdDevice= e.dd
[  859.612906][ T5931] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  859.642970][ T5931] usb 7-1: config 0 descriptor??
[  859.805590][T15106] ieee802154 phy1 wpan1: encryption failed: -22
[  859.945502][ T5931] usb 7-1: USB disconnect, device number 36
[  860.063562][T15110] netlink: 9396 bytes leftover after parsing attributes in process `syz.4.2307'.
[  860.274308][ T5832] Bluetooth: hci1: command tx timeout
[  861.014106][   T29] audit: type=1400 audit(1731746392.575:138): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15120 comm="syz.4.2311" daddr=fe80::aa dest=128
[  861.617202][ T5931] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[  863.344785][ T5931] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  863.504370][ T5931] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  863.568374][ T5931] usb 4-1: config 0 descriptor??
[  863.747269][   T46] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  864.033318][   T46] usb 5-1: Using ep0 maxpacket: 8
[  864.055787][   T46] usb 5-1: too many configurations: 249, using maximum allowed: 8
[  864.972692][   T46] usb 5-1: New USB device found, idVendor=055f, idProduct=a800, bcdDevice=b3.ff
[  864.987270][   T46] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=2
[  865.050619][   T46] usb 5-1: Product: syz
[  865.054871][   T46] usb 5-1: Manufacturer: syz
[  865.128187][ T5931] usb 4-1: Cannot read MAC address
[  865.136914][ T5931] MOSCHIP usb-ethernet driver 4-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  865.152641][   T46] usb 5-1: SerialNumber: syz
[  865.189126][   T46] usb 5-1: config 0 descriptor??
[  865.216383][ T5931] usb 4-1: USB disconnect, device number 63
[  865.245989][T15168] FAULT_INJECTION: forcing a failure.
[  865.245989][T15168] name failslab, interval 1, probability 0, space 0, times 0
[  865.260058][T15168] CPU: 1 UID: 0 PID: 15168 Comm: syz.3.2320 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  865.270857][T15168] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  865.280930][T15168] Call Trace:
[  865.284228][T15168]  <TASK>
[  865.287176][T15168]  dump_stack_lvl+0x241/0x360
[  865.291878][T15168]  ? __pfx_dump_stack_lvl+0x10/0x10
[  865.297099][T15168]  ? __pfx__printk+0x10/0x10
[  865.301709][T15168]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  865.307705][T15168]  ? __pfx___might_resched+0x10/0x10
[  865.313016][T15168]  should_fail_ex+0x3b0/0x4e0
[  865.317720][T15168]  should_failslab+0xac/0x100
[  865.322414][T15168]  ? __alloc_skb+0x1c3/0x440
[  865.327022][T15168]  kmem_cache_alloc_node_noprof+0x71/0x320
[  865.332849][T15168]  __alloc_skb+0x1c3/0x440
[  865.337290][T15168]  ? __pfx___alloc_skb+0x10/0x10
[  865.342265][T15168]  ? netlink_ack_tlv_len+0x6e/0x200
[  865.347490][T15168]  netlink_ack+0x13f/0xa30
[  865.351924][T15168]  ? ____sys_sendmsg+0x52a/0x7e0
[  865.356875][T15168]  ? __sys_sendmsg+0x292/0x380
[  865.361656][T15168]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  865.367754][T15168]  netlink_rcv_skb+0x262/0x430
[  865.372541][T15168]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[  865.378020][T15168]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  865.383337][T15168]  ? cap_capable+0x1b4/0x250
[  865.387959][T15168]  ? safesetid_security_capable+0xb2/0x1d0
[  865.393817][T15168]  ? bpf_lsm_capable+0x9/0x10
[  865.398525][T15168]  ? security_capable+0x7e/0x2d0
[  865.403493][T15168]  nfnetlink_rcv+0x297/0x2ab0
[  865.408202][T15168]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  865.413953][T15168]  ? __dev_queue_xmit+0x2da/0x3ed0
[  865.419092][T15168]  ? __dev_queue_xmit+0x171d/0x3ed0
[  865.424317][T15168]  ? kasan_save_track+0x51/0x80
[  865.429195][T15168]  ? do_syscall_64+0xf3/0x230
[  865.433894][T15168]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  865.439025][T15168]  ? __dev_queue_xmit+0x2da/0x3ed0
[  865.444193][T15168]  ? __pfx___dev_queue_xmit+0x10/0x10
[  865.449611][T15168]  ? ref_tracker_free+0x643/0x7e0
[  865.454667][T15168]  ? __asan_memcpy+0x40/0x70
[  865.459295][T15168]  ? __pfx_ref_tracker_free+0x10/0x10
[  865.464708][T15168]  ? netlink_deliver_tap+0x2e/0x1b0
[  865.469937][T15168]  ? skb_clone+0x240/0x390
[  865.474386][T15168]  ? __pfx_lock_release+0x10/0x10
[  865.479438][T15168]  ? __netlink_deliver_tap+0x77e/0x7c0
[  865.484934][T15168]  ? netlink_deliver_tap+0x2e/0x1b0
[  865.490159][T15168]  netlink_unicast+0x7f6/0x990
[  865.494950][T15168]  ? __pfx_netlink_unicast+0x10/0x10
[  865.500253][T15168]  ? __virt_addr_valid+0x183/0x530
[  865.505387][T15168]  ? __check_object_size+0x48e/0x900
[  865.510695][T15168]  netlink_sendmsg+0x8e4/0xcb0
[  865.515492][T15168]  ? __pfx_netlink_sendmsg+0x10/0x10
[  865.520811][T15168]  ? __pfx_netlink_sendmsg+0x10/0x10
[  865.526113][T15168]  __sock_sendmsg+0x221/0x270
[  865.530812][T15168]  ____sys_sendmsg+0x52a/0x7e0
[  865.535605][T15168]  ? __pfx_____sys_sendmsg+0x10/0x10
[  865.540930][T15168]  __sys_sendmsg+0x292/0x380
[  865.545545][T15168]  ? __pfx___sys_sendmsg+0x10/0x10
[  865.550694][T15168]  ? __pfx_vfs_write+0x10/0x10
[  865.555500][T15168]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  865.561855][T15168]  ? do_syscall_64+0x100/0x230
[  865.566644][T15168]  ? do_syscall_64+0xb6/0x230
[  865.571343][T15168]  do_syscall_64+0xf3/0x230
[  865.575865][T15168]  ? clear_bhb_loop+0x35/0x90
[  865.580580][T15168]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  865.586585][T15168] RIP: 0033:0x7f971137e719
[  865.591013][T15168] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  865.610641][T15168] RSP: 002b:00007f971221c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  865.619083][T15168] RAX: ffffffffffffffda RBX: 00007f9711535f80 RCX: 00007f971137e719
[  865.627073][T15168] RDX: 0000000000004800 RSI: 0000000020000300 RDI: 0000000000000003
[  865.635057][T15168] RBP: 00007f971221c090 R08: 0000000000000000 R09: 0000000000000000
[  865.643043][T15168] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  865.651029][T15168] R13: 0000000000000000 R14: 00007f9711535f80 R15: 00007fff3c41fec8
[  865.659031][T15168]  </TASK>
[  865.760755][   T46] mdc800 5-1:0.0: probe fails -> wrong Number of Configuration
[  865.790902][   T46] usb 5-1: USB disconnect, device number 53
[  865.805567][   T29] audit: type=1400 audit(1731746397.365:139): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15173 comm="syz.5.2323" daddr=fe80::aa dest=128
[  866.580078][T15181] netlink: 9396 bytes leftover after parsing attributes in process `syz.3.2322'.
[  867.037255][T15189] FAULT_INJECTION: forcing a failure.
[  867.037255][T15189] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  867.123606][T15189] CPU: 0 UID: 0 PID: 15189 Comm: syz.6.2325 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  867.134432][T15189] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  867.144508][T15189] Call Trace:
[  867.147803][T15189]  <TASK>
[  867.150746][T15189]  dump_stack_lvl+0x241/0x360
[  867.155453][T15189]  ? __pfx_dump_stack_lvl+0x10/0x10
[  867.160670][T15189]  ? __pfx__printk+0x10/0x10
[  867.165300][T15189]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  867.171314][T15189]  ? __pfx_lock_release+0x10/0x10
[  867.176368][T15189]  ? cgroup_freezing+0x2a8/0x350
[  867.181305][T15189]  should_fail_ex+0x3b0/0x4e0
[  867.185986][T15189]  _copy_from_user+0x2f/0xc0
[  867.190566][T15189]  restore_altstack+0x99/0x150
[  867.195334][T15189]  ? __pfx_restore_altstack+0x10/0x10
[  867.200721][T15189]  ? __task_pid_nr_ns+0x28/0x450
[  867.205695][T15189]  __do_sys_rt_sigreturn+0x194/0x280
[  867.211108][T15189]  ? __pfx___do_sys_rt_sigreturn+0x10/0x10
[  867.216945][T15189]  ? do_syscall_64+0x100/0x230
[  867.221738][T15189]  ? do_syscall_64+0xb6/0x230
[  867.226442][T15189]  do_syscall_64+0xf3/0x230
[  867.230974][T15189]  ? clear_bhb_loop+0x35/0x90
[  867.235674][T15189]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  867.241599][T15189] RIP: 0033:0x7f3fe0d1a099
[  867.246039][T15189] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  867.265676][T15189] RSP: 002b:00007f3fe1affa80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[  867.274130][T15189] RAX: ffffffffffffffda RBX: 00007f3fe0f35f80 RCX: 00007f3fe0d1a099
[  867.282131][T15189] RDX: 00007f3fe1affa80 RSI: 00007f3fe1affbb0 RDI: 0000000000000021
[  867.290129][T15189] RBP: 00007f3fe1b00090 R08: 0000000000000000 R09: 0000000000000000
[  867.298155][T15189] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000001
[  867.306150][T15189] R13: 0000000000000000 R14: 00007f3fe0f35f80 R15: 00007fff42bdf388
[  867.314163][T15189]  </TASK>
[  867.812870][T15202] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  868.759071][T15205] vlan3: entered promiscuous mode
[  868.807192][T14369] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  869.428392][T15205] bridge0: entered promiscuous mode
[  869.454406][T15205] vlan3: entered allmulticast mode
[  869.476979][T15205] bridge0: entered allmulticast mode
[  869.571778][T15205] team0: Device vlan3 is up. Set it down before adding it as a team port
[  869.629795][T15205] bridge0: left allmulticast mode
[  869.637316][T15205] bridge0: left promiscuous mode
[  869.858641][T14369] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  869.868811][T14369] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  869.879414][T14369] usb 5-1: config 0 descriptor??
[  869.933143][   T29] audit: type=1400 audit(1731746401.475:140): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15220 comm="syz.3.2335" daddr=fe80::aa dest=128
[  870.288284][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  870.871478][T15196] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2330'.
[  872.777408][T15239] netlink: 9396 bytes leftover after parsing attributes in process `syz.5.2340'.
[  873.912205][T14369] usb 5-1: Cannot read MAC address
[  873.917650][T14369] MOSCHIP usb-ethernet driver 5-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  873.932822][T14369] usb 5-1: USB disconnect, device number 54
[  874.760362][T15256] x_tables: eb_tables: AUDIT.0 target: invalid size 8 (kernel) != (user) 0
[  875.165548][T15270] fuse: Unknown parameter ''
[  876.157324][   T29] audit: type=1400 audit(1731746406.755:141): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15268 comm="syz.5.2349" daddr=fe80::aa dest=128
[  877.256428][   T29] audit: type=1400 audit(1731746408.805:142): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15260 comm="syz.4.2346" daddr=fe80::bb
[  877.325967][T15275] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2350'.
[  877.773991][T15277] x_tables: eb_tables: AUDIT.0 target: invalid size 8 (kernel) != (user) 0
[  877.958364][T15284] ebt_among: src integrity fail: 300
[  878.035204][T15284] program syz.3.2353 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  878.204122][T15290] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2355'.
[  879.056377][T15300] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  879.137357][  T968] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[  879.688425][    T8] usb 7-1: new high-speed USB device number 37 using dummy_hcd
[  879.707154][  T968] usb 4-1: Using ep0 maxpacket: 32
[  879.714544][  T968] usb 4-1: config 0 interface 0 has no altsetting 0
[  879.721353][  T968] usb 4-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e
[  879.731175][  T968] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  879.749662][  T968] usb 4-1: config 0 descriptor??
[  879.758043][  T968] usb 4-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state
[  879.775497][  T968] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  879.811602][  T968] dvbdev: DVB: registering new adapter (HCW 126xxx)
[  879.832669][  T968] usb 4-1: media controller created
[  879.838265][    T8] usb 7-1: device descriptor read/64, error -71
[  879.885722][  T968] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  879.962963][  T968] set interface failed
[  879.963002][  T968] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  879.977438][T15311] x_tables: eb_tables: AUDIT.0 target: invalid size 8 (kernel) != (user) 0
[  879.995403][  T968] error writing reg: 0xff, val: 0x00
[  880.062245][  T968] dvb_usb_mxl111sf 4-1:0.0: probe with driver dvb_usb_mxl111sf failed with error -22
[  880.077422][    T8] usb 7-1: new high-speed USB device number 38 using dummy_hcd
[  880.121660][  T968] usb 4-1: USB disconnect, device number 64
[  880.375036][    T8] usb 7-1: device descriptor read/64, error -71
[  881.053491][    T8] usb usb7-port1: attempt power cycle
[  881.441947][T15324] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2362'.
[  881.451169][T15324] bridge_slave_1: left allmulticast mode
[  881.456854][T15324] bridge_slave_1: left promiscuous mode
[  881.462813][T15324] bridge0: port 2(bridge_slave_1) entered disabled state
[  881.481067][T15324] bridge_slave_0: left allmulticast mode
[  881.490388][T15324] bridge_slave_0: left promiscuous mode
[  881.496257][T15324] bridge0: port 1(bridge_slave_0) entered disabled state
[  881.636024][   T29] audit: type=1400 audit(1731746413.195:143): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15331 comm="syz.1.2365" daddr=fe80::aa dest=128
[  881.697218][   T46] usb 4-1: new full-speed USB device number 65 using dummy_hcd
[  881.854776][   T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  881.868186][   T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  882.058687][   T46] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  882.243330][   T46] usb 4-1: New USB device found, idVendor=045e, idProduct=83da, bcdDevice= 0.2c
[  882.356342][   T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  882.495749][   T46] usb 4-1: config 0 descriptor??
[  882.659445][T15346] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2367'.
[  882.732091][T15328] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  882.741285][T15328] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  882.939254][   T46] usbhid 4-1:0.0: can't add hid device: -71
[  882.945471][   T46] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  882.955924][   T46] usb 4-1: USB disconnect, device number 65
[  883.138725][T15350] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  884.982420][T15357] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2370'.
[  886.167927][   T29] audit: type=1400 audit(1731746417.715:144): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15371 comm="syz.5.2375" daddr=ff01::1
[  886.303048][T15380] FAULT_INJECTION: forcing a failure.
[  886.303048][T15380] name failslab, interval 1, probability 0, space 0, times 0
[  886.475201][T15380] CPU: 0 UID: 0 PID: 15380 Comm: syz.1.2374 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  886.486017][T15380] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  886.496094][T15380] Call Trace:
[  886.499388][T15380]  <TASK>
[  886.502340][T15380]  dump_stack_lvl+0x241/0x360
[  886.507061][T15380]  ? __pfx_dump_stack_lvl+0x10/0x10
[  886.512290][T15380]  ? __pfx__printk+0x10/0x10
[  886.516907][T15380]  ? kmem_cache_alloc_lru_noprof+0x49/0x2b0
[  886.522825][T15380]  ? __pfx___might_resched+0x10/0x10
[  886.528143][T15380]  should_fail_ex+0x3b0/0x4e0
[  886.532845][T15380]  ? __d_alloc+0x31/0x700
[  886.537205][T15380]  should_failslab+0xac/0x100
[  886.541910][T15380]  ? __d_alloc+0x31/0x700
[  886.546260][T15380]  kmem_cache_alloc_lru_noprof+0x71/0x2b0
[  886.552019][T15380]  __d_alloc+0x31/0x700
[  886.556200][T15380]  d_alloc_pseudo+0x1f/0xb0
[  886.560727][T15380]  alloc_file_pseudo+0x123/0x290
[  886.565693][T15380]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  886.571184][T15380]  ? alloc_fd+0x5a1/0x640
[  886.575551][T15380]  sock_alloc_file+0xb8/0x280
[  886.580250][T15380]  __sys_socket+0x1dd/0x3c0
[  886.584776][T15380]  ? __pfx___sys_socket+0x10/0x10
[  886.589823][T15380]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  886.596175][T15380]  ? exc_page_fault+0x590/0x8c0
[  886.601050][T15380]  __x64_sys_socket+0x7a/0x90
[  886.605749][T15380]  do_syscall_64+0xf3/0x230
[  886.610280][T15380]  ? clear_bhb_loop+0x35/0x90
[  886.614979][T15380]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  886.620892][T15380] RIP: 0033:0x7f8105f80637
[  886.625327][T15380] Code: f0 ff ff 77 06 c3 0f 1f 44 00 00 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 0f 1f 44 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  886.644955][T15380] RSP: 002b:00007f8106dc4fa8 EFLAGS: 00000286 ORIG_RAX: 0000000000000029
[  886.653399][T15380] RAX: ffffffffffffffda RBX: 00007f8106136058 RCX: 00007f8105f80637
[  886.661406][T15380] RDX: 0000000000000010 RSI: 0000000000000003 RDI: 0000000000000010
[  886.669397][T15380] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000000
[  886.677381][T15380] R10: 0000000020000100 R11: 0000000000000286 R12: 0000000000000001
[  886.685365][T15380] R13: 0000000000000000 R14: 00007f8106136058 R15: 00007ffe848d4d58
[  886.693369][T15380]  </TASK>
[  886.946122][   T29] audit: type=1400 audit(1731746418.445:145): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15382 comm="syz.3.2377" daddr=fe80::aa dest=128
[  887.885256][T15398] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2380'.
[  888.005124][T15405] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2383'.
[  888.202992][T15410] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  889.763273][T15419] netlink: 'syz.4.2386': attribute type 3 has an invalid length.
[  889.791670][T15419] FAULT_INJECTION: forcing a failure.
[  889.791670][T15419] name failslab, interval 1, probability 0, space 0, times 0
[  889.804482][T15419] CPU: 0 UID: 0 PID: 15419 Comm: syz.4.2386 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  889.815279][T15419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  889.825363][T15419] Call Trace:
[  889.828667][T15419]  <TASK>
[  889.831635][T15419]  dump_stack_lvl+0x241/0x360
[  889.836350][T15419]  ? __pfx_dump_stack_lvl+0x10/0x10
[  889.841580][T15419]  ? __pfx__printk+0x10/0x10
[  889.846216][T15419]  should_fail_ex+0x3b0/0x4e0
[  889.850966][T15419]  ? dst_alloc+0x12b/0x190
[  889.855382][T15419]  should_failslab+0xac/0x100
[  889.860067][T15419]  ? dst_alloc+0x12b/0x190
[  889.864510][T15419]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  889.869910][T15419]  ? __pfx_rt6_find_cached_rt+0x10/0x10
[  889.875490][T15419]  ? __pfx_ip6_dst_gc+0x10/0x10
[  889.880384][T15419]  dst_alloc+0x12b/0x190
[  889.884662][T15419]  ip6_pol_route+0xb87/0x15d0
[  889.889365][T15419]  ? ip6_pol_route+0x198/0x15d0
[  889.894240][T15419]  ? __pfx_ip6_pol_route+0x10/0x10
[  889.899403][T15419]  fib6_rule_lookup+0x58c/0x790
[  889.904289][T15419]  ? __pfx_ip6_pol_route_input+0x10/0x10
[  889.909948][T15419]  ? __pfx_fib6_rule_lookup+0x10/0x10
[  889.915359][T15419]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  889.921388][T15419]  inet6_rtm_getroute+0xcea/0x1a80
[  889.926523][T15419]  ? mark_lock+0x9a/0x360
[  889.928960][T15426] netlink: 9396 bytes leftover after parsing attributes in process `syz.1.2385'.
[  889.930861][T15419]  ? inet6_rtm_getroute+0xa2c/0x1a80
[  889.945311][T15419]  ? __pfx_inet6_rtm_getroute+0x10/0x10
[  889.950921][T15419]  ? rcu_read_unlock+0x87/0xa0
[  889.955713][T15419]  ? __dev_queue_xmit+0x171d/0x3ed0
[  889.960941][T15419]  ? __pfx_lock_release+0x10/0x10
[  889.966014][T15419]  ? __pfx_inet6_rtm_getroute+0x10/0x10
[  889.971594][T15419]  rtnetlink_rcv_msg+0x791/0xcf0
[  889.976565][T15419]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  889.981712][T15419]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  889.987208][T15419]  ? ref_tracker_free+0x643/0x7e0
[  889.992273][T15419]  netlink_rcv_skb+0x1e3/0x430
[  889.997073][T15419]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  890.002574][T15419]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  890.007912][T15419]  ? netlink_deliver_tap+0x2e/0x1b0
[  890.013154][T15419]  netlink_unicast+0x7f6/0x990
[  890.017959][T15419]  ? __pfx_netlink_unicast+0x10/0x10
[  890.023277][T15419]  ? __virt_addr_valid+0x183/0x530
[  890.028422][T15419]  ? __check_object_size+0x48e/0x900
[  890.033740][T15419]  netlink_sendmsg+0x8e4/0xcb0
[  890.038549][T15419]  ? __pfx_netlink_sendmsg+0x10/0x10
[  890.043879][T15419]  ? __pfx_netlink_sendmsg+0x10/0x10
[  890.049187][T15419]  __sock_sendmsg+0x221/0x270
[  890.053890][T15419]  ____sys_sendmsg+0x52a/0x7e0
[  890.058694][T15419]  ? __pfx_____sys_sendmsg+0x10/0x10
[  890.064023][T15419]  __sys_sendmsg+0x292/0x380
[  890.068644][T15419]  ? __pfx___sys_sendmsg+0x10/0x10
[  890.073799][T15419]  ? __pfx_vfs_write+0x10/0x10
[  890.078619][T15419]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  890.084976][T15419]  ? do_syscall_64+0x100/0x230
[  890.089769][T15419]  ? do_syscall_64+0xb6/0x230
[  890.094478][T15419]  do_syscall_64+0xf3/0x230
[  890.099012][T15419]  ? clear_bhb_loop+0x35/0x90
[  890.103719][T15419]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  890.109636][T15419] RIP: 0033:0x7f905e77e719
[  890.114071][T15419] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  890.133719][T15419] RSP: 002b:00007f905cbf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  890.142172][T15419] RAX: ffffffffffffffda RBX: 00007f905e935f80 RCX: 00007f905e77e719
[  890.150171][T15419] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  890.158169][T15419] RBP: 00007f905cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  890.166171][T15419] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  890.174168][T15419] R13: 0000000000000000 R14: 00007f905e935f80 R15: 00007ffcdd148878
[  890.182183][T15419]  </TASK>
[  890.187464][T14369] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[  890.778750][T14369] usb 4-1: device descriptor read/64, error -71
[  891.047091][T14369] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[  891.566190][   T29] audit: type=1400 audit(1731746423.125:146): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15439 comm="syz.4.2391" daddr=fe80::aa dest=128
[  892.466084][T15448] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2394'.
[  892.770662][T15455] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  894.217177][T15457] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  896.997635][   T29] audit: type=1400 audit(1731746427.675:147): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15489 comm="syz.3.2404" daddr=fe80::bb
[  897.092812][   T29] audit: type=1400 audit(1731746428.655:148): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15501 comm="syz.1.2405" daddr=fe80::aa dest=128
[  897.966937][T15509] ebt_among: src integrity fail: 300
[  897.981615][T15509] program syz.1.2408 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  898.016409][T15511] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2407'.
[  898.025759][ T5842] usb 7-1: new high-speed USB device number 40 using dummy_hcd
[  898.126880][T15512] x_tables: eb_tables: AUDIT.0 target: invalid size 8 (kernel) != (user) 0
[  898.171190][ T5842] usb 7-1: device descriptor read/64, error -71
[  898.371314][T14369] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[  898.492602][T15525] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  898.537283][T14369] usb 2-1: Using ep0 maxpacket: 32
[  898.564359][T14369] usb 2-1: config 0 interface 0 has no altsetting 0
[  898.592990][T14369] usb 2-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e
[  898.641073][T14369] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  898.775934][T14369] usb 2-1: config 0 descriptor??
[  898.877217][T14369] usb 2-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state
[  899.320391][T14369] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  899.359027][T14369] dvbdev: DVB: registering new adapter (HCW 126xxx)
[  899.403363][T14369] usb 2-1: media controller created
[  900.368614][T14369] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  900.576007][   T29] audit: type=1400 audit(1731746432.135:149): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15541 comm="syz.3.2415" daddr=fe80::bb
[  900.633569][T14369] set interface failed
[  900.633609][T14369] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  900.847830][   T29] audit: type=1400 audit(1731746432.395:150): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15551 comm="syz.4.2418" daddr=fe80::aa dest=128
[  900.888312][T14369] error writing reg: 0xff, val: 0x00
[  901.967342][ T5842] usb 7-1: new high-speed USB device number 42 using dummy_hcd
[  902.426784][T14369] dvb_usb_mxl111sf 2-1:0.0: probe with driver dvb_usb_mxl111sf failed with error -22
[  902.484737][T14369] usb 2-1: USB disconnect, device number 72
[  903.591882][T15562] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2419'.
[  903.692132][ T5842] usb 7-1: device descriptor read/all, error -71
[  903.897450][T15576] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2425'.
[  903.937201][ T5881] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[  904.045131][T15579] netlink: 'syz.4.2424': attribute type 1 has an invalid length.
[  904.053860][T15579] netlink: 'syz.4.2424': attribute type 4 has an invalid length.
[  904.061835][T15579] netlink: 192 bytes leftover after parsing attributes in process `syz.4.2424'.
[  904.072889][T15579] netlink: 'syz.4.2424': attribute type 1 has an invalid length.
[  904.082471][T15579] netlink: 'syz.4.2424': attribute type 2 has an invalid length.
[  904.095263][T15579] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2424'.
[  904.098048][ T5881] usb 4-1: device descriptor read/64, error -71
[  904.137138][T15579] futex_wake_op: syz.4.2424 tries to shift op by -1; fix this program
[  904.270890][T15593] ebt_among: src integrity fail: 300
[  904.302543][T15593] program syz.4.2428 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  904.357281][ T5881] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[  904.497213][ T5881] usb 4-1: device descriptor read/64, error -71
[  904.557291][ T5971] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  904.607609][ T5881] usb usb4-port1: attempt power cycle
[  904.707253][ T5971] usb 5-1: Using ep0 maxpacket: 32
[  904.713773][ T5971] usb 5-1: config 0 interface 0 has no altsetting 0
[  904.720799][ T5971] usb 5-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e
[  904.736037][ T5971] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  904.760566][ T5971] usb 5-1: config 0 descriptor??
[  904.772607][ T5971] usb 5-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state
[  904.800826][ T5971] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  904.811712][ T5971] dvbdev: DVB: registering new adapter (HCW 126xxx)
[  904.827158][ T5971] usb 5-1: media controller created
[  904.863585][ T5971] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  904.924032][T15595] kvm: emulating exchange as write
[  904.948174][ T5881] usb 4-1: new high-speed USB device number 70 using dummy_hcd
[  904.977355][ T5881] usb 4-1: device descriptor read/8, error -71
[  904.994711][ T5971] set interface failed
[  904.994747][ T5971] usb 5-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  905.014151][T15598] dccp_v6_rcv: dropped packet with invalid checksum
[  905.017098][ T5971] error writing reg: 0xff, val: 0x00
[  905.054312][ T5971] dvb_usb_mxl111sf 5-1:0.0: probe with driver dvb_usb_mxl111sf failed with error -22
[  905.096609][ T5971] usb 5-1: USB disconnect, device number 55
[  905.237331][ T5881] usb 4-1: new high-speed USB device number 71 using dummy_hcd
[  905.282955][ T5881] usb 4-1: device descriptor read/8, error -71
[  905.397571][ T5881] usb usb4-port1: unable to enumerate USB device
[  905.742987][T15609] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2433'.
[  905.993440][ T5881] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[  906.074110][T15614] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input23
[  906.263496][ T5881] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  906.341143][ T5881] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  906.448630][ T5881] usb 4-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  906.487432][ T5881] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  906.510066][ T5881] usb 4-1: config 0 descriptor??
[  906.597420][T15618] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2436'.
[  906.936424][ T5881] hid-thrustmaster 0003:044F:B65D.0005: unknown main item tag 0x0
[  906.967275][ T5881] hid-thrustmaster 0003:044F:B65D.0005: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.3-1/input0
[  906.985656][ T5881] hid-thrustmaster 0003:044F:B65D.0005: Wrong number of endpoints?
[  908.012460][    C0] hid-thrustmaster 0003:044F:B65D.0005: Unknown packet type 0x0, unable to proceed further with wheel init
[  908.997675][T15607] netlink: 168 bytes leftover after parsing attributes in process `syz.3.2432'.
[  909.115444][ T5881] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[  909.338785][ T5881] usb 5-1: device descriptor read/64, error -71
[  909.388880][T15650] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2445'.
[  909.400452][T15662] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2447'.
[  909.490127][T15667] netlink: 'syz.1.2446': attribute type 23 has an invalid length.
[  909.587296][ T5881] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  909.717350][ T5881] usb 5-1: device descriptor read/64, error -71
[  909.780647][T15679] tmpfs: Cannot change global quota limit on remount
[  909.838676][ T5881] usb usb5-port1: attempt power cycle
[  910.841510][T14369] usb 4-1: USB disconnect, device number 72
[  911.057241][T15697] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2459'.
[  911.347802][ T5881] usb usb5-port1: Cannot enable. Maybe the USB cable is bad?
[  911.537928][ T5881] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[  911.603064][ T5881] usb 5-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  911.633889][ T5881] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  911.665032][ T5881] usb 5-1: config 0 descriptor??
[  911.834237][   T29] audit: type=1400 audit(1731746443.395:151): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15713 comm="syz.1.2467" daddr=ff02::1 dest=20001
[  912.078127][T15699] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2460'.
[  912.087335][  T968] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[  912.278650][  T968] usb 2-1: Using ep0 maxpacket: 32
[  912.329951][  T968] usb 2-1: config 0 has an invalid interface number: 113 but max is 0
[  912.439819][  T968] usb 2-1: config 0 has no interface number 0
[  912.574932][  T968] usb 2-1: config 0 interface 113 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 1023
[  912.915228][  T968] usb 2-1: New USB device found, idVendor=0525, idProduct=1080, bcdDevice=58.5f
[  912.924499][  T968] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  912.948236][  T968] usb 2-1: Product: syz
[  912.952550][  T968] usb 2-1: Manufacturer: syz
[  912.958452][  T968] usb 2-1: SerialNumber: syz
[  912.985578][  T968] usb 2-1: config 0 descriptor??
[  912.995986][T15715] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  913.056720][ T5881] usb 5-1: Cannot read MAC address
[  913.062317][ T5881] MOSCHIP usb-ethernet driver 5-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  913.102128][ T5881] usb 5-1: USB disconnect, device number 59
[  913.132735][T15726] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2470'.
[  913.207537][T14369] usb 7-1: new high-speed USB device number 44 using dummy_hcd
[  913.234163][T15715] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  913.265335][  T968] net1080 2-1:0.113 usb0: register 'net1080' at usb-dummy_hcd.1-1, NetChip TurboCONNECT, 96:3d:46:a9:d6:e7
[  913.377812][T14369] usb 7-1: device descriptor read/64, error -71
[  913.495452][ T5971] usb 2-1: USB disconnect, device number 73
[  913.502679][ T5971] net1080 2-1:0.113 usb0: unregister 'net1080' usb-dummy_hcd.1-1, NetChip TurboCONNECT
[  913.542730][T15735] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  913.647274][T14369] usb 7-1: new high-speed USB device number 45 using dummy_hcd
[  913.807904][T14369] usb 7-1: device descriptor read/64, error -71
[  913.951976][T14369] usb usb7-port1: attempt power cycle
[  914.310084][T14369] usb 7-1: new high-speed USB device number 46 using dummy_hcd
[  914.361123][T14369] usb 7-1: device descriptor read/8, error -71
[  914.667182][T14369] usb 7-1: new high-speed USB device number 47 using dummy_hcd
[  914.697664][T15771] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2479'.
[  914.719558][T14369] usb 7-1: device descriptor read/8, error -71
[  914.880419][T15775] 9pnet_fd: Insufficient options for proto=fd
[  914.894527][T14369] usb usb7-port1: unable to enumerate USB device
[  914.973785][T15778] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  915.418925][T15786] MTD: Attempt to mount non-MTD device "/dev/nbd4"
[  915.426513][T15786] /dev/nbd4: Can't open blockdev
[  915.749605][T15794] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2482'.
[  917.327482][   T29] audit: type=1400 audit(1731746448.885:152): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15809 comm="syz.6.2487" daddr=fe80::bb
[  917.402272][   T29] audit: type=1400 audit(1731746448.955:153): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15814 comm="syz.1.2488" daddr=fe80::bb
[  917.468593][T15826] loop7: detected capacity change from 0 to 1036
[  919.331398][ T5881] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[  919.500669][ T5881] usb 2-1: device descriptor read/64, error -71
[  919.736743][T15849] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  920.227381][T15851] netlink: 9396 bytes leftover after parsing attributes in process `syz.6.2493'.
[  920.268708][ T5881] usb 2-1: new high-speed USB device number 75 using dummy_hcd
[  920.318366][T15854] FAULT_INJECTION: forcing a failure.
[  920.318366][T15854] name failslab, interval 1, probability 0, space 0, times 0
[  920.329230][T15855] FAULT_INJECTION: forcing a failure.
[  920.329230][T15855] name failslab, interval 1, probability 0, space 0, times 0
[  920.356659][T15854] CPU: 1 UID: 0 PID: 15854 Comm: syz.3.2496 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  920.367473][T15854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  920.377541][T15854] Call Trace:
[  920.380840][T15854]  <TASK>
[  920.383795][T15854]  dump_stack_lvl+0x241/0x360
[  920.388505][T15854]  ? __pfx_dump_stack_lvl+0x10/0x10
[  920.393730][T15854]  ? __pfx__printk+0x10/0x10
[  920.398352][T15854]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[  920.403933][T15854]  ? __pfx___might_resched+0x10/0x10
[  920.409261][T15854]  should_fail_ex+0x3b0/0x4e0
[  920.413972][T15854]  ? ptlock_alloc+0x20/0x70
[  920.418503][T15854]  should_failslab+0xac/0x100
[  920.423205][T15854]  ? ptlock_alloc+0x20/0x70
[  920.427737][T15854]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  920.433151][T15854]  ptlock_alloc+0x20/0x70
[  920.437511][T15854]  pte_alloc_one+0xd3/0x610
[  920.442125][T15854]  ? __pfx_pte_alloc_one+0x10/0x10
[  920.447261][T15854]  ? __lock_acquire+0x1384/0x2050
[  920.452316][T15854]  ? cgroup_rstat_updated+0x13b/0xc60
[  920.457715][T15854]  __pte_alloc+0x79/0x3c0
[  920.462084][T15854]  ? __pfx_cgroup_rstat_updated+0x10/0x10
[  920.467828][T15854]  ? __pfx___pte_alloc+0x10/0x10
[  920.472782][T15854]  ? mark_lock+0x9a/0x360
[  920.477127][T15854]  handle_pte_fault+0x50dd/0x6820
[  920.482186][T15854]  ? __pfx_handle_pte_fault+0x10/0x10
[  920.487593][T15854]  ? __pfx_lock_acquire+0x10/0x10
[  920.492651][T15854]  ? __pmd_alloc+0x54c/0x670
[  920.497259][T15854]  ? __pfx_lock_release+0x10/0x10
[  920.502299][T15854]  ? do_raw_spin_lock+0x14f/0x370
[  920.507345][T15854]  ? do_raw_spin_unlock+0x13c/0x8b0
[  920.510585][ T5881] usb 2-1: device descriptor read/64, error -71
[  920.512556][T15854]  ? _raw_spin_unlock+0x28/0x50
[  920.523703][T15854]  ? __pmd_alloc+0x54c/0x670
[  920.528329][T15854]  ? __pfx___pmd_alloc+0x10/0x10
[  920.533308][T15854]  handle_mm_fault+0x1053/0x1ad0
[  920.538309][T15854]  ? __pfx_handle_mm_fault+0x10/0x10
[  920.543641][T15854]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  920.550010][T15854]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  920.555320][T15854]  exc_page_fault+0x2b9/0x8c0
[  920.560032][T15854]  asm_exc_page_fault+0x26/0x30
[  920.564900][T15854] RIP: 0010:__put_user_4+0x11/0x20
[  920.570036][T15854] Code: 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <89> 01 31 c9 0f 01 ca c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90
[  920.589670][T15854] RSP: 0018:ffffc90000bf78f8 EFLAGS: 00050202
[  920.595862][T15854] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000020000280
[  920.603860][T15854] RDX: 0000000000000001 RSI: ffffffff8c0adc40 RDI: ffffffff8c6038e0
[  920.611867][T15854] RBP: ffffc9000d007000 R08: ffffffff901be06f R09: 1ffffffff2037c0d
[  920.619849][T15854] R10: dffffc0000000000 R11: fffffbfff2037c0e R12: ffff888068581278
[  920.627829][T15854] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000020000280
[  920.635829][T15854]  n_tty_ioctl+0x2df/0x320
[  920.640271][T15854]  ? __pfx_n_tty_ioctl+0x10/0x10
[  920.645233][T15854]  tty_ioctl+0x998/0xdc0
[  920.649501][T15854]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  920.655583][T15854]  ? __pfx_tty_ioctl+0x10/0x10
[  920.660372][T15854]  do_vfs_ioctl+0xec8/0x2e40
[  920.661825][ T5881] usb usb2-port1: attempt power cycle
[  920.664977][T15854]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  920.675378][T15854]  ? mark_lock+0x9a/0x360
[  920.679743][T15854]  ? tomoyo_path_number_perm+0x208/0x880
[  920.685413][T15854]  ? __pfx_lock_release+0x10/0x10
[  920.690461][T15854]  ? lockdep_hardirqs_on+0x99/0x150
[  920.695686][T15854]  ? kfree+0x1a0/0x440
[  920.699771][T15854]  ? tomoyo_path_number_perm+0x68d/0x880
[  920.705449][T15854]  ? tomoyo_path_number_perm+0x71a/0x880
[  920.711117][T15854]  ? tomoyo_path_number_perm+0x208/0x880
[  920.716773][T15854]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  920.722793][T15854]  ? __asan_memset+0x23/0x50
[  920.727395][T15854]  ? smack_file_ioctl+0x29e/0x3a0
[  920.732430][T15854]  ? __pfx_smack_file_ioctl+0x10/0x10
[  920.737824][T15854]  ? __fget_files+0x3f3/0x470
[  920.742526][T15854]  __se_sys_ioctl+0x81/0x170
[  920.747130][T15854]  do_syscall_64+0xf3/0x230
[  920.751654][T15854]  ? clear_bhb_loop+0x35/0x90
[  920.756352][T15854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  920.762272][T15854] RIP: 0033:0x7f971137e719
[  920.766708][T15854] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  920.786330][T15854] RSP: 002b:00007f971221c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  920.794757][T15854] RAX: ffffffffffffffda RBX: 00007f9711535f80 RCX: 00007f971137e719
[  920.802741][T15854] RDX: 0000000020000280 RSI: 000000000000541b RDI: 0000000000000003
[  920.810736][T15854] RBP: 00007f971221c090 R08: 0000000000000000 R09: 0000000000000000
[  920.818725][T15854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  920.826708][T15854] R13: 0000000000000000 R14: 00007f9711535f80 R15: 00007fff3c41fec8
[  920.834707][T15854]  </TASK>
[  920.843647][T15855] CPU: 1 UID: 0 PID: 15855 Comm: syz.4.2495 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  920.854448][T15855] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  920.864505][T15855] Call Trace:
[  920.867781][T15855]  <TASK>
[  920.870709][T15855]  dump_stack_lvl+0x241/0x360
[  920.875394][T15855]  ? __pfx_dump_stack_lvl+0x10/0x10
[  920.880594][T15855]  ? __pfx__printk+0x10/0x10
[  920.885196][T15855]  ? __kmalloc_noprof+0xb0/0x400
[  920.890142][T15855]  ? __pfx___might_resched+0x10/0x10
[  920.895448][T15855]  should_fail_ex+0x3b0/0x4e0
[  920.900128][T15855]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  920.906376][T15855]  should_failslab+0xac/0x100
[  920.911052][T15855]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  920.917297][T15855]  __kmalloc_noprof+0xd8/0x400
[  920.922064][T15855]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  920.928137][T15855]  genl_rcv_msg+0x802/0xec0
[  920.932648][T15855]  ? mark_lock+0x9a/0x360
[  920.936978][T15855]  ? __pfx_genl_rcv_msg+0x10/0x10
[  920.942029][T15855]  ? __pfx_lock_acquire+0x10/0x10
[  920.947059][T15855]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  920.952437][T15855]  ? __pfx_nl80211_join_mesh+0x10/0x10
[  920.957895][T15855]  ? __pfx_nl80211_post_doit+0x10/0x10
[  920.963353][T15855]  ? __pfx___might_resched+0x10/0x10
[  920.968645][T15855]  netlink_rcv_skb+0x1e3/0x430
[  920.973414][T15855]  ? __pfx_genl_rcv_msg+0x10/0x10
[  920.978442][T15855]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  920.983736][T15855]  ? __netlink_deliver_tap+0x77e/0x7c0
[  920.989205][T15855]  genl_rcv+0x28/0x40
[  920.993185][T15855]  netlink_unicast+0x7f6/0x990
[  920.997953][T15855]  ? __pfx_netlink_unicast+0x10/0x10
[  921.003235][T15855]  ? __virt_addr_valid+0x183/0x530
[  921.008345][T15855]  ? __check_object_size+0x48e/0x900
[  921.013630][T15855]  netlink_sendmsg+0x8e4/0xcb0
[  921.018401][T15855]  ? __pfx_netlink_sendmsg+0x10/0x10
[  921.024132][T15855]  ? __pfx_netlink_sendmsg+0x10/0x10
[  921.029420][T15855]  __sock_sendmsg+0x221/0x270
[  921.034096][T15855]  ____sys_sendmsg+0x52a/0x7e0
[  921.038951][T15855]  ? __pfx_____sys_sendmsg+0x10/0x10
[  921.044249][T15855]  __sys_sendmsg+0x292/0x380
[  921.048841][T15855]  ? __pfx___sys_sendmsg+0x10/0x10
[  921.053961][T15855]  ? __pfx_vfs_write+0x10/0x10
[  921.058744][T15855]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  921.065073][T15855]  ? do_syscall_64+0x100/0x230
[  921.069838][T15855]  ? do_syscall_64+0xb6/0x230
[  921.074512][T15855]  do_syscall_64+0xf3/0x230
[  921.079015][T15855]  ? clear_bhb_loop+0x35/0x90
[  921.083699][T15855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  921.089594][T15855] RIP: 0033:0x7f905e77e719
[  921.094009][T15855] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  921.113614][T15855] RSP: 002b:00007f905cbf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  921.122026][T15855] RAX: ffffffffffffffda RBX: 00007f905e935f80 RCX: 00007f905e77e719
[  921.129995][T15855] RDX: 000000002004c080 RSI: 0000000020000180 RDI: 0000000000000003
[  921.137965][T15855] RBP: 00007f905cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  921.145929][T15855] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  921.153922][T15855] R13: 0000000000000000 R14: 00007f905e935f80 R15: 00007ffcdd148878
[  921.161905][T15855]  </TASK>
[  921.247278][ T5881] usb 2-1: new high-speed USB device number 76 using dummy_hcd
[  921.682202][ T5881] usb 2-1: device not accepting address 76, error -71
[  921.891934][   T29] audit: type=1400 audit(1731746453.335:154): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15870 comm="syz.3.2503" daddr=fe80::bb
[  923.214102][T15889] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  923.855590][T15898] netlink: 'syz.4.2505': attribute type 11 has an invalid length.
[  925.397962][T15912] ebt_among: src integrity fail: 300
[  925.691172][T15913] netlink: 9396 bytes leftover after parsing attributes in process `syz.6.2513'.
[  926.614678][T15912] program syz.3.2514 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  928.158255][ T5842] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[  928.174914][T15929] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2518'.
[  928.321817][T15932] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  928.441605][T15930] x_tables: eb_tables: AUDIT.0 target: invalid size 8 (kernel) != (user) 0
[  928.457437][ T5842] usb 4-1: Using ep0 maxpacket: 32
[  928.476504][ T5842] usb 4-1: config 0 interface 0 has no altsetting 0
[  928.497089][ T5842] usb 4-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e
[  928.506327][ T5842] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  928.527890][ T5842] usb 4-1: config 0 descriptor??
[  928.545538][ T5842] usb 4-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state
[  928.575778][   T29] audit: type=1400 audit(1731746460.135:155): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15938 comm="syz.5.2521" daddr=ff02::1
[  928.599314][T15942] FAULT_INJECTION: forcing a failure.
[  928.599314][T15942] name failslab, interval 1, probability 0, space 0, times 0
[  928.630170][ T5842] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  928.630998][T15942] CPU: 0 UID: 0 PID: 15942 Comm: syz.4.2522 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  928.651128][T15942] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  928.661215][T15942] Call Trace:
[  928.664491][T15942]  <TASK>
[  928.667424][T15942]  dump_stack_lvl+0x241/0x360
[  928.672125][T15942]  ? __pfx_dump_stack_lvl+0x10/0x10
[  928.677327][T15942]  ? __pfx__printk+0x10/0x10
[  928.681916][T15942]  ? __kmalloc_cache_noprof+0x44/0x2c0
[  928.687381][T15942]  ? __pfx___might_resched+0x10/0x10
[  928.692675][T15942]  should_fail_ex+0x3b0/0x4e0
[  928.697356][T15942]  should_failslab+0xac/0x100
[  928.702036][T15942]  ? rtnl_newlink+0xf2/0x20a0
[  928.706736][T15942]  __kmalloc_cache_noprof+0x6c/0x2c0
[  928.712022][T15942]  ? __pfx_lock_acquire+0x10/0x10
[  928.717061][T15942]  rtnl_newlink+0xf2/0x20a0
[  928.721586][T15942]  ? bpf_trace_run2+0x1fc/0x540
[  928.726432][T15942]  ? bpf_trace_run2+0x36e/0x540
[  928.731286][T15942]  ? __mutex_trylock_common+0x183/0x2e0
[  928.736832][T15942]  ? __pfx_bpf_trace_run2+0x10/0x10
[  928.742030][T15942]  ? __pfx_rtnl_newlink+0x10/0x10
[  928.747057][T15942]  ? __pfx___mutex_trylock_common+0x10/0x10
[  928.752959][T15942]  ? rcu_is_watching+0x15/0xb0
[  928.757723][T15942]  ? trace_contention_end+0x3c/0x120
[  928.763004][T15942]  ? __mutex_lock+0x2ef/0xd70
[  928.767684][T15942]  ? rcu_read_unlock+0x87/0xa0
[  928.772452][T15942]  ? __dev_queue_xmit+0x171d/0x3ed0
[  928.777673][T15942]  ? rtnetlink_rcv_msg+0x6e6/0xcf0
[  928.783256][T15942]  ? __pfx_lock_release+0x10/0x10
[  928.788286][T15942]  ? __pfx___mutex_lock+0x10/0x10
[  928.793316][T15942]  ? __pfx_rtnl_newlink+0x10/0x10
[  928.798345][T15942]  rtnetlink_rcv_msg+0x73f/0xcf0
[  928.803279][T15942]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[  928.808392][T15942]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  928.813853][T15942]  ? ref_tracker_free+0x643/0x7e0
[  928.818882][T15942]  netlink_rcv_skb+0x1e3/0x430
[  928.823649][T15942]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  928.829106][T15942]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  928.834401][T15942]  ? netlink_deliver_tap+0x2e/0x1b0
[  928.839610][T15942]  netlink_unicast+0x7f6/0x990
[  928.844378][T15942]  ? __pfx_netlink_unicast+0x10/0x10
[  928.849657][T15942]  ? __virt_addr_valid+0x183/0x530
[  928.854768][T15942]  ? __check_object_size+0x48e/0x900
[  928.860065][T15942]  netlink_sendmsg+0x8e4/0xcb0
[  928.864836][T15942]  ? __pfx_netlink_sendmsg+0x10/0x10
[  928.870128][T15942]  ? __pfx_netlink_sendmsg+0x10/0x10
[  928.875408][T15942]  __sock_sendmsg+0x221/0x270
[  928.880096][T15942]  ____sys_sendmsg+0x52a/0x7e0
[  928.884865][T15942]  ? __pfx_____sys_sendmsg+0x10/0x10
[  928.890160][T15942]  __sys_sendmsg+0x292/0x380
[  928.894751][T15942]  ? __pfx___sys_sendmsg+0x10/0x10
[  928.899872][T15942]  ? __pfx_vfs_write+0x10/0x10
[  928.904656][T15942]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  928.910986][T15942]  ? do_syscall_64+0x100/0x230
[  928.915751][T15942]  ? do_syscall_64+0xb6/0x230
[  928.920433][T15942]  do_syscall_64+0xf3/0x230
[  928.924946][T15942]  ? clear_bhb_loop+0x35/0x90
[  928.929625][T15942]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  928.935516][T15942] RIP: 0033:0x7f905e77e719
[  928.939934][T15942] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  928.959539][T15942] RSP: 002b:00007f905cbf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  928.967952][T15942] RAX: ffffffffffffffda RBX: 00007f905e935f80 RCX: 00007f905e77e719
[  928.975928][T15942] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000008
[  928.983894][T15942] RBP: 00007f905cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  928.991863][T15942] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  928.999830][T15942] R13: 0000000000000000 R14: 00007f905e935f80 R15: 00007ffcdd148878
[  929.007809][T15942]  </TASK>
[  929.012623][ T5842] dvbdev: DVB: registering new adapter (HCW 126xxx)
[  929.019818][ T5842] usb 4-1: media controller created
[  929.037346][ T5842] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  929.260835][ T5842] set interface failed
[  929.260923][ T5842] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  929.517771][ T5842] error writing reg: 0xff, val: 0x00
[  929.960805][ T5842] dvb_usb_mxl111sf 4-1:0.0: probe with driver dvb_usb_mxl111sf failed with error -22
[  930.057773][T15959] fuse: Unknown parameter ''
[  930.071902][ T5842] usb 4-1: USB disconnect, device number 73
[  930.527389][   T29] audit: type=1400 audit(1731746462.075:156): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=15961 comm="syz.6.2527" daddr=fe80::bb dest=20003
[  930.588519][T15963] vlan3: entered promiscuous mode
[  930.593604][T15963] syz_tun: entered promiscuous mode
[  930.885642][T15963] syz_tun: left promiscuous mode
[  931.842999][T15976] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  932.066958][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  932.834791][T15988] ebt_among: src integrity fail: 300
[  932.850157][T15988] program syz.1.2536 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  933.117633][ T5971] usb 2-1: new high-speed USB device number 78 using dummy_hcd
[  933.368738][ T5971] usb 2-1: Using ep0 maxpacket: 32
[  933.492852][ T5971] usb 2-1: config 0 interface 0 has no altsetting 0
[  933.635104][ T5971] usb 2-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e
[  933.759918][ T5971] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  933.794570][ T5971] usb 2-1: config 0 descriptor??
[  933.819767][ T5971] usb 2-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state
[  933.890802][T16001] netlink: 9396 bytes leftover after parsing attributes in process `syz.5.2531'.
[  934.396220][ T5971] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  934.406848][ T5971] dvbdev: DVB: registering new adapter (HCW 126xxx)
[  934.415812][ T5971] usb 2-1: media controller created
[  934.432656][ T5971] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  934.498853][T16013] fuse: Unknown parameter ''
[  934.730641][ T5971] set interface failed
[  934.730680][ T5971] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  935.070915][ T5971] error writing reg: 0xff, val: 0x00
[  936.127320][ T5971] dvb_usb_mxl111sf 2-1:0.0: probe with driver dvb_usb_mxl111sf failed with error -22
[  936.277433][ T5971] usb 2-1: USB disconnect, device number 78
[  936.595266][T16028] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  938.553330][T16052] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2553'.
[  940.641520][T16062] fuse: Unknown parameter ''
[  941.834490][T16067] ebt_among: src integrity fail: 300
[  941.887216][T16067] program syz.3.2556 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  942.378129][ T5842] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[  942.478832][T16081] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  942.539778][ T5842] usb 5-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  942.801167][ T5842] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  942.825204][ T5881] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[  942.833317][ T5842] usb 5-1: config 0 descriptor??
[  942.898775][ T5842] gspca_main: spca508-2.14.0 probing 8086:0110
[  943.407305][ T5842] gspca_spca508: reg_read err -110
[  944.117157][ T5881] usb 4-1: Using ep0 maxpacket: 32
[  944.169386][ T5881] usb 4-1: config 0 interface 0 has no altsetting 0
[  944.253173][ T5881] usb 4-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e
[  944.358225][ T5881] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  944.469424][ T5881] usb 4-1: config 0 descriptor??
[  944.480492][ T5881] usb 4-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state
[  944.516326][ T5881] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  944.563587][ T5881] dvbdev: DVB: registering new adapter (HCW 126xxx)
[  944.593058][ T5881] usb 4-1: media controller created
[  944.615869][ T5842] gspca_spca508: reg_read err -110
[  944.633208][ T5842] gspca_spca508: reg_read err -32
[  944.639101][ T5842] gspca_spca508: reg_read err -71
[  944.644483][ T5842] gspca_spca508: reg_read err -71
[  944.657117][ T5842] gspca_spca508: reg write: error -71
[  944.662576][ T5842] spca508 5-1:0.0: probe with driver spca508 failed with error -71
[  944.686102][ T5842] usb 5-1: USB disconnect, device number 60
[  944.741564][ T5881] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  944.811351][ T5881] set interface failed
[  944.811390][ T5881] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  944.835151][ T5881] error writing reg: 0xff, val: 0x00
[  944.836017][   T29] audit: type=1400 audit(1731746476.395:157): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=16097 comm="syz.6.2565" daddr=fe80::1b dest=16385
[  944.859049][ T5881] dvb_usb_mxl111sf 4-1:0.0: probe with driver dvb_usb_mxl111sf failed with error -22
[  944.863151][ T5881] usb 4-1: USB disconnect, device number 74
[  945.010531][T16100] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2567'.
[  947.367346][ T5881] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[  947.571985][ T5881] usb 5-1: device descriptor read/64, error -71
[  947.846030][T16134] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  947.897186][ T5881] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[  948.927164][ T5881] usb 5-1: device descriptor read/64, error -71
[  949.917169][ T5881] usb usb5-port1: attempt power cycle
[  950.356583][T16153] ebt_among: src integrity fail: 300
[  950.365224][T16153] program syz.6.2581 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  950.757211][ T5842] usb 7-1: new high-speed USB device number 48 using dummy_hcd
[  950.820364][T16162] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2582'.
[  950.927195][ T5842] usb 7-1: Using ep0 maxpacket: 32
[  950.960830][ T5842] usb 7-1: config 0 interface 0 has no altsetting 0
[  950.974874][ T5842] usb 7-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e
[  951.125193][ T5842] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  951.378023][ T5842] usb 7-1: config 0 descriptor??
[  951.388631][ T5842] usb 7-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state
[  951.433766][ T5842] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  951.475133][ T5842] dvbdev: DVB: registering new adapter (HCW 126xxx)
[  951.527197][ T5842] usb 7-1: media controller created
[  951.576346][ T5842] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  951.735430][ T5842] set interface failed
[  951.735470][ T5842] usb 7-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  951.766664][ T5842] error writing reg: 0xff, val: 0x00
[  951.832242][ T5842] dvb_usb_mxl111sf 7-1:0.0: probe with driver dvb_usb_mxl111sf failed with error -22
[  952.815762][ T5842] usb 7-1: USB disconnect, device number 48
[  953.299184][T16187] hfs: can't find a HFS filesystem on dev nullb0
[  953.893669][T16186] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  955.497888][T16199] FAULT_INJECTION: forcing a failure.
[  955.497888][T16199] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  955.503700][ T5842] usb 4-1: new full-speed USB device number 75 using dummy_hcd
[  955.522056][T16199] CPU: 1 UID: 0 PID: 16199 Comm: syz.5.2592 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  955.533031][T16199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  955.543089][T16199] Call Trace:
[  955.546366][T16199]  <TASK>
[  955.549293][T16199]  dump_stack_lvl+0x241/0x360
[  955.553979][T16199]  ? __pfx_dump_stack_lvl+0x10/0x10
[  955.559176][T16199]  ? __pfx__printk+0x10/0x10
[  955.563766][T16199]  ? snprintf+0xda/0x120
[  955.568011][T16199]  should_fail_ex+0x3b0/0x4e0
[  955.572686][T16199]  _copy_to_user+0x31/0xb0
[  955.577101][T16199]  simple_read_from_buffer+0xca/0x150
[  955.582485][T16199]  proc_fail_nth_read+0x1e9/0x250
[  955.587512][T16199]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  955.593057][T16199]  ? rw_verify_area+0x55e/0x6f0
[  955.597905][T16199]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  955.603449][T16199]  vfs_read+0x1fc/0xb70
[  955.607606][T16199]  ? fdget_pos+0x24e/0x320
[  955.612028][T16199]  ? __pfx_vfs_read+0x10/0x10
[  955.616705][T16199]  ? __fget_files+0x3f3/0x470
[  955.621388][T16199]  ? fdget_pos+0x24e/0x320
[  955.625817][T16199]  ksys_read+0x183/0x2b0
[  955.630062][T16199]  ? __pfx_ksys_read+0x10/0x10
[  955.634828][T16199]  ? do_syscall_64+0x100/0x230
[  955.639607][T16199]  ? do_syscall_64+0xb6/0x230
[  955.644304][T16199]  do_syscall_64+0xf3/0x230
[  955.648807][T16199]  ? clear_bhb_loop+0x35/0x90
[  955.653480][T16199]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  955.659367][T16199] RIP: 0033:0x7fb59af7d15c
[  955.663777][T16199] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 69 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[  955.683399][T16199] RSP: 002b:00007fb59bd87030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  955.691814][T16199] RAX: ffffffffffffffda RBX: 00007fb59b135f80 RCX: 00007fb59af7d15c
[  955.699779][T16199] RDX: 000000000000000f RSI: 00007fb59bd870a0 RDI: 0000000000000007
[  955.707742][T16199] RBP: 00007fb59bd87090 R08: 0000000000000000 R09: 0000000000000000
[  955.715705][T16199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  955.723670][T16199] R13: 0000000000000000 R14: 00007fb59b135f80 R15: 00007ffe30167a48
[  955.731652][T16199]  </TASK>
[  955.818905][ T5842] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  955.857087][ T5842] usb 4-1: New USB device found, idVendor=10c4, idProduct=81b9, bcdDevice= 0.00
[  955.876594][ T5842] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  955.914285][ T5842] usb 4-1: config 0 descriptor??
[  956.224737][T16209] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  956.225165][T16211] ebt_among: src integrity fail: 300
[  956.261952][T16211] program syz.4.2595 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  956.565886][ T5842] hid-generic 0003:10C4:81B9.0006: item fetching failed at offset 2/5
[  956.574829][ T5842] hid-generic 0003:10C4:81B9.0006: probe with driver hid-generic failed with error -22
[  956.987217][ T5931] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[  957.017767][   T29] audit: type=1804 audit(1731746488.295:158): pid=16219 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.1.2599" name="/newroot/121/bus/file1" dev="overlay" ino=662 res=1 errno=0
[  957.534552][ T5842] usb 4-1: USB disconnect, device number 75
[  957.887457][ T5931] usb 5-1: Using ep0 maxpacket: 32
[  957.897203][ T5931] usb 5-1: config 0 interface 0 has no altsetting 0
[  957.903839][ T5931] usb 5-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e
[  957.913903][ T5931] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  957.945816][ T5931] usb 5-1: config 0 descriptor??
[  957.966173][ T5931] usb 5-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state
[  957.992879][ T5931] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  958.020285][ T5931] dvbdev: DVB: registering new adapter (HCW 126xxx)
[  958.033868][ T5931] usb 5-1: media controller created
[  958.065439][ T5931] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  958.183511][ T5931] set interface failed
[  958.183551][ T5931] usb 5-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  958.210696][ T5931] error writing reg: 0xff, val: 0x00
[  958.241186][ T5931] dvb_usb_mxl111sf 5-1:0.0: probe with driver dvb_usb_mxl111sf failed with error -22
[  958.889232][ T5931] usb 5-1: USB disconnect, device number 64
[  959.297547][ T5842] usb 2-1: new high-speed USB device number 79 using dummy_hcd
[  959.427277][ T5842] usb 2-1: device descriptor read/64, error -71
[  959.633481][T16256] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  960.039232][ T5842] usb 2-1: new high-speed USB device number 80 using dummy_hcd
[  960.085592][  T968] hid-generic 0000:10003:0000.0007: unknown main item tag 0x0
[  960.097448][  T968] hid-generic 0000:10003:0000.0007: unknown main item tag 0x0
[  960.119820][T16255] random: crng reseeded on system resumption
[  960.135660][  T968] hid-generic 0000:10003:0000.0007: hidraw0: <UNKNOWN> HID va.c6 Device [syz0] on syz1
[  960.227342][ T5842] usb 2-1: device descriptor read/64, error -71
[  960.245871][T16259] FAULT_INJECTION: forcing a failure.
[  960.245871][T16259] name failslab, interval 1, probability 0, space 0, times 0
[  960.267166][T16259] CPU: 1 UID: 0 PID: 16259 Comm: syz.6.2608 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  960.277972][T16259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  960.288047][T16259] Call Trace:
[  960.291326][T16259]  <TASK>
[  960.294252][T16259]  dump_stack_lvl+0x241/0x360
[  960.298940][T16259]  ? __pfx_dump_stack_lvl+0x10/0x10
[  960.304149][T16259]  ? __pfx__printk+0x10/0x10
[  960.308743][T16259]  ? __kmalloc_noprof+0xb0/0x400
[  960.313675][T16259]  ? __pfx___might_resched+0x10/0x10
[  960.318961][T16259]  should_fail_ex+0x3b0/0x4e0
[  960.323635][T16259]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  960.329881][T16259]  should_failslab+0xac/0x100
[  960.334556][T16259]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  960.340799][T16259]  __kmalloc_noprof+0xd8/0x400
[  960.345563][T16259]  genl_family_rcv_msg_attrs_parse+0xa3/0x290
[  960.351635][T16259]  genl_rcv_msg+0x802/0xec0
[  960.356141][T16259]  ? mark_lock+0x9a/0x360
[  960.360473][T16259]  ? __pfx_genl_rcv_msg+0x10/0x10
[  960.365517][T16259]  ? __pfx_lock_acquire+0x10/0x10
[  960.370540][T16259]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  960.375905][T16259]  ? __pfx_nl80211_join_mesh+0x10/0x10
[  960.381358][T16259]  ? __pfx_nl80211_post_doit+0x10/0x10
[  960.386813][T16259]  ? __pfx___might_resched+0x10/0x10
[  960.392102][T16259]  netlink_rcv_skb+0x1e3/0x430
[  960.396869][T16259]  ? __pfx_genl_rcv_msg+0x10/0x10
[  960.401896][T16259]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  960.407186][T16259]  ? __netlink_deliver_tap+0x77e/0x7c0
[  960.412649][T16259]  genl_rcv+0x28/0x40
[  960.416657][T16259]  netlink_unicast+0x7f6/0x990
[  960.421451][T16259]  ? __pfx_netlink_unicast+0x10/0x10
[  960.426745][T16259]  ? __virt_addr_valid+0x183/0x530
[  960.431864][T16259]  ? __check_object_size+0x48e/0x900
[  960.437156][T16259]  netlink_sendmsg+0x8e4/0xcb0
[  960.441934][T16259]  ? __pfx_netlink_sendmsg+0x10/0x10
[  960.447227][T16259]  ? __pfx_netlink_sendmsg+0x10/0x10
[  960.452518][T16259]  __sock_sendmsg+0x221/0x270
[  960.457203][T16259]  ____sys_sendmsg+0x52a/0x7e0
[  960.461979][T16259]  ? __pfx_____sys_sendmsg+0x10/0x10
[  960.467272][T16259]  __sys_sendmsg+0x292/0x380
[  960.471861][T16259]  ? __pfx___sys_sendmsg+0x10/0x10
[  960.476981][T16259]  ? __pfx_vfs_write+0x10/0x10
[  960.481772][T16259]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  960.488101][T16259]  ? do_syscall_64+0x100/0x230
[  960.492865][T16259]  ? do_syscall_64+0xb6/0x230
[  960.497541][T16259]  do_syscall_64+0xf3/0x230
[  960.502040][T16259]  ? clear_bhb_loop+0x35/0x90
[  960.506717][T16259]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  960.512605][T16259] RIP: 0033:0x7f3fe0d7e719
[  960.517020][T16259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  960.536628][T16259] RSP: 002b:00007f3fe1b00038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  960.545046][T16259] RAX: ffffffffffffffda RBX: 00007f3fe0f35f80 RCX: 00007f3fe0d7e719
[  960.553012][T16259] RDX: 0000000004000000 RSI: 0000000020000400 RDI: 0000000000000004
[  960.560981][T16259] RBP: 00007f3fe1b00090 R08: 0000000000000000 R09: 0000000000000000
[  960.568950][T16259] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  960.576914][T16259] R13: 0000000000000000 R14: 00007f3fe0f35f80 R15: 00007fff42bdf388
[  960.584893][T16259]  </TASK>
[  960.637155][ T5842] usb usb2-port1: attempt power cycle
[  961.100526][ T5842] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[  961.143259][ T5842] usb 2-1: device descriptor read/8, error -71
[  962.826263][  T968] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[  963.028254][T16277] ebt_among: src integrity fail: 300
[  963.062854][T16277] program syz.4.2617 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  964.234983][  T968] usb 5-1: device descriptor read/64, error -71
[  964.621257][  T968] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[  964.887481][  T968] usb 5-1: Using ep0 maxpacket: 32
[  964.923662][  T968] usb 5-1: config 0 interface 0 has no altsetting 0
[  965.078901][  T968] usb 5-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e
[  965.334650][  T968] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  965.349698][  T968] usb 5-1: config 0 descriptor??
[  965.357938][  T968] usb 5-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state
[  965.366665][  T968] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  965.377593][  T968] dvbdev: DVB: registering new adapter (HCW 126xxx)
[  965.384238][  T968] usb 5-1: media controller created
[  965.683949][ T5971] usb 7-1: new high-speed USB device number 49 using dummy_hcd
[  965.767816][ T5842] usb 2-1: new high-speed USB device number 83 using dummy_hcd
[  965.887275][ T5971] usb 7-1: Using ep0 maxpacket: 32
[  965.908683][ T5842] usb 2-1: device descriptor read/64, error -71
[  965.944613][ T5971] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  966.074937][ T5971] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  966.107600][  T968] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  966.174876][T16306] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2623'.
[  966.258258][  T968] set interface failed
[  966.258297][  T968] usb 5-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  966.276286][ T5971] usb 7-1: New USB device found, idVendor=0079, idProduct=1801, bcdDevice= 0.00
[  966.285529][ T5971] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  966.296723][  T968] error writing reg: 0xff, val: 0x00
[  966.297783][ T5971] usb 7-1: config 0 descriptor??
[  966.483556][ T5842] usb 2-1: new high-speed USB device number 84 using dummy_hcd
[  966.492156][  T968] dvb_usb_mxl111sf 5-1:0.0: probe with driver dvb_usb_mxl111sf failed with error -22
[  966.504595][  T968] usb 5-1: USB disconnect, device number 66
[  970.289939][ T5971] usbhid 7-1:0.0: can't add hid device: -71
[  970.296163][ T5971] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  970.418187][ T5971] usb 7-1: USB disconnect, device number 49
[  970.438762][T16317] netlink: 'syz.1.2626': attribute type 10 has an invalid length.
[  970.457641][T16317] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2626'.
[  970.540110][T16320] FAULT_INJECTION: forcing a failure.
[  970.540110][T16320] name failslab, interval 1, probability 0, space 0, times 0
[  970.558859][T16320] CPU: 0 UID: 0 PID: 16320 Comm: syz.4.2628 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  970.569668][T16320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  970.579745][T16320] Call Trace:
[  970.583046][T16320]  <TASK>
[  970.586001][T16320]  dump_stack_lvl+0x241/0x360
[  970.590712][T16320]  ? __pfx_dump_stack_lvl+0x10/0x10
[  970.595942][T16320]  ? __pfx__printk+0x10/0x10
[  970.600563][T16320]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[  970.606122][T16320]  ? __pfx___might_resched+0x10/0x10
[  970.611428][T16320]  should_fail_ex+0x3b0/0x4e0
[  970.616120][T16320]  ? __kvm_mmu_topup_memory_cache+0x1e3/0x6b0
[  970.622179][T16320]  should_failslab+0xac/0x100
[  970.626850][T16320]  ? __kvm_mmu_topup_memory_cache+0x1e3/0x6b0
[  970.632908][T16320]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  970.638290][T16320]  __kvm_mmu_topup_memory_cache+0x1e3/0x6b0
[  970.644200][T16320]  kvm_mmu_load+0x115/0x26e0
[  970.648802][T16320]  ? __mutex_unlock_slowpath+0x21d/0x750
[  970.654470][T16320]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  970.660467][T16320]  ? __pfx_kvm_mmu_load+0x10/0x10
[  970.665484][T16320]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  970.671481][T16320]  ? vmx_flush_tlb_guest+0x331/0x5a0
[  970.676867][T16320]  ? vmx_flush_tlb_all+0xc6/0x3c0
[  970.681905][T16320]  ? __pfx_vmx_flush_tlb_guest+0x10/0x10
[  970.687543][T16320]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  970.693554][T16320]  ? kvm_apic_has_interrupt+0x9d4/0xa70
[  970.699105][T16320]  vcpu_run+0x6e5f/0x8930
[  970.703536][T16320]  ? __pfx_vcpu_run+0x10/0x10
[  970.708330][T16320]  ? __local_bh_enable_ip+0x168/0x200
[  970.713714][T16320]  ? lockdep_hardirqs_on+0x99/0x150
[  970.718931][T16320]  ? __pfx_lock_acquire+0x10/0x10
[  970.723948][T16320]  ? fpu_swap_kvm_fpstate+0x82/0x460
[  970.729236][T16320]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  970.734982][T16320]  ? xfd_validate_state+0x6e/0x150
[  970.740089][T16320]  ? rcu_is_watching+0x15/0xb0
[  970.744843][T16320]  ? rcu_is_watching+0x15/0xb0
[  970.749618][T16320]  kvm_arch_vcpu_ioctl_run+0xa73/0x19d0
[  970.755190][T16320]  ? mark_lock+0x9a/0x360
[  970.759545][T16320]  ? kvm_arch_vcpu_ioctl_run+0x1c9/0x19d0
[  970.765281][T16320]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  970.771265][T16320]  ? __pfx_lock_acquire+0x10/0x10
[  970.776303][T16320]  ? get_task_pid+0x23/0x310
[  970.780924][T16320]  ? __pfx_lock_release+0x10/0x10
[  970.785989][T16320]  ? kvm_vcpu_ioctl+0x1da/0xea0
[  970.790852][T16320]  ? get_task_pid+0x23/0x310
[  970.795455][T16320]  kvm_vcpu_ioctl+0x91a/0xea0
[  970.800145][T16320]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  970.805379][T16320]  ? smack_file_ioctl+0x353/0x3a0
[  970.810427][T16320]  ? __pfx_smack_file_ioctl+0x10/0x10
[  970.815817][T16320]  ? __fget_files+0x29/0x470
[  970.820428][T16320]  ? __fget_files+0x3f3/0x470
[  970.825138][T16320]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  970.830351][T16320]  __se_sys_ioctl+0xf9/0x170
[  970.834945][T16320]  do_syscall_64+0xf3/0x230
[  970.839468][T16320]  ? clear_bhb_loop+0x35/0x90
[  970.844161][T16320]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  970.850050][T16320] RIP: 0033:0x7f905e77e719
[  970.854463][T16320] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  970.874085][T16320] RSP: 002b:00007f905cbf6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  970.882532][T16320] RAX: ffffffffffffffda RBX: 00007f905e935f80 RCX: 00007f905e77e719
[  970.890498][T16320] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000006
[  970.898486][T16320] RBP: 00007f905cbf6090 R08: 0000000000000000 R09: 0000000000000000
[  970.906481][T16320] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  970.914730][T16320] R13: 0000000000000000 R14: 00007f905e935f80 R15: 00007ffcdd148878
[  970.922734][T16320]  </TASK>
[  971.250868][T16336] netlink: 9396 bytes leftover after parsing attributes in process `syz.1.2630'.
[  972.383167][T16354] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2635'.
[  972.414330][T16353] netlink: 'syz.4.2636': attribute type 3 has an invalid length.
[  972.904838][T16364] xt_l2tp: v2 doesn't support IP mode
[  972.912578][T16364] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2638'.
[  972.929040][T16367] ebt_among: src integrity fail: 300
[  972.940648][T16367] program syz.1.2639 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  973.258302][T14369] usb 2-1: new high-speed USB device number 85 using dummy_hcd
[  973.667324][T16370] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2640'.
[  973.777084][T14369] usb 2-1: Using ep0 maxpacket: 32
[  973.784164][T14369] usb 2-1: config 0 interface 0 has no altsetting 0
[  973.790873][T14369] usb 2-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e
[  973.830075][T14369] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  974.008659][T14369] usb 2-1: config 0 descriptor??
[  974.016309][T14369] usb 2-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state
[  974.030900][T14369] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  974.041748][T14369] dvbdev: DVB: registering new adapter (HCW 126xxx)
[  974.048820][T14369] usb 2-1: media controller created
[  974.823964][T14369] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  975.953195][T14369] set interface failed
[  975.953386][T14369] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  975.996453][T14369] error writing reg: 0xff, val: 0x00
[  976.078203][T14369] dvb_usb_mxl111sf 2-1:0.0: probe with driver dvb_usb_mxl111sf failed with error -22
[  976.131682][ T5971] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[  976.348445][ T5971] usb 5-1: device descriptor read/64, error -71
[  976.390454][T14369] usb 2-1: USB disconnect, device number 85
[  976.391455][   T29] audit: type=1400 audit(1731746507.955:159): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=16394 comm="syz.5.2648" daddr=fe80::2d dest=20000
[  976.582152][T16400] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2650'.
[  976.787136][ T5971] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[  977.017180][T14369] usb 2-1: new high-speed USB device number 86 using dummy_hcd
[  977.205997][T14369] usb 2-1: Using ep0 maxpacket: 16
[  977.279026][ T5971] usb usb5-port1: attempt power cycle
[  977.279397][T14369] usb 2-1: config index 0 descriptor too short (expected 42, got 18)
[  977.428494][T14369] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 219, using maximum allowed: 30
[  977.436351][   T29] audit: type=1326 audit(1731746508.995:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16391 comm="syz.6.2647" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3fe0d7e719 code=0x0
[  977.440410][T14369] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 219
[  977.530465][T14369] usb 2-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice= 7.06
[  977.597657][T14369] usb 2-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  977.617222][ T5971] usb 5-1: new full-speed USB device number 69 using dummy_hcd
[  977.665699][ T5971] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 10
[  977.669482][T14369] usb 2-1: Product: syz
[  977.693243][ T5971] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  977.736935][ T5971] usb 5-1: New USB device found, idVendor=06cd, idProduct=0115, bcdDevice=1a.1e
[  977.737013][T14369] usb 2-1: SerialNumber: syz
[  977.761454][T14369] r8152-cfgselector 2-1: Unknown version 0x0000
[  977.773440][ T5971] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  977.777073][T14369] r8152-cfgselector 2-1: config 0 descriptor??
[  977.799692][ T5971] usb 5-1: Product: syz
[  977.801589][T14369] hub 2-1:0.0: bad descriptor, ignoring hub
[  977.810214][T14369] hub 2-1:0.0: probe with driver hub failed with error -5
[  977.811477][ T5971] usb 5-1: Manufacturer: syz
[  977.877408][ T5971] usb 5-1: SerialNumber: syz
[  977.886091][ T5971] usb 5-1: config 0 descriptor??
[  977.906258][ T5971] keyspan 5-1:0.0: Keyspan 2 port adapter converter detected
[  977.937806][ T5971] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 87
[  977.945542][ T5971] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 7
[  978.298309][ T5971] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 81
[  978.306086][ T5971] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 1
[  978.314052][ T5971] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 2
[  978.321751][ T5971] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 85
[  978.329777][ T5971] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 5
[  978.393876][ T5971] usb 5-1: Keyspan 2 port adapter converter now attached to ttyUSB0
[  978.408153][ T5971] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 83
[  978.416188][ T5971] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 4
[  978.424163][ T5971] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 86
[  978.431962][ T5971] keyspan 5-1:0.0: found no endpoint descriptor for endpoint 6
[  978.445232][ T5971] usb 5-1: Keyspan 2 port adapter converter now attached to ttyUSB1
[  978.517149][T13922] usb 5-1: USB disconnect, device number 69
[  978.681297][T14369] r8152-cfgselector 2-1: USB disconnect, device number 86
[  978.824874][T13922] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0
[  978.837763][T13922] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1
[  978.851010][T13922] keyspan 5-1:0.0: device disconnected
[  979.960105][T16435] ebt_among: src integrity fail: 300
[  979.971905][T16435] program syz.3.2659 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  980.062940][T16437] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2661'.
[  980.674889][T16450] FAULT_INJECTION: forcing a failure.
[  980.674889][T16450] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  980.852074][T16450] CPU: 1 UID: 0 PID: 16450 Comm: syz.5.2664 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  980.862906][T16450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  980.872985][T16450] Call Trace:
[  980.876271][T16450]  <TASK>
[  980.879201][T16450]  dump_stack_lvl+0x241/0x360
[  980.883887][T16450]  ? __pfx_dump_stack_lvl+0x10/0x10
[  980.889083][T16450]  ? __pfx__printk+0x10/0x10
[  980.893671][T16450]  ? lockdep_hardirqs_on+0x99/0x150
[  980.898876][T16450]  should_fail_ex+0x3b0/0x4e0
[  980.903553][T16450]  _copy_from_user+0x2f/0xc0
[  980.908143][T16450]  move_addr_to_kernel+0x82/0x150
[  980.913175][T16450]  __sys_bind+0x162/0x2d0
[  980.917510][T16450]  ? __pfx___sys_bind+0x10/0x10
[  980.922367][T16450]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  980.928696][T16450]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  980.935025][T16450]  __x64_sys_bind+0x7a/0x90
[  980.939524][T16450]  do_syscall_64+0xf3/0x230
[  980.944027][T16450]  ? clear_bhb_loop+0x35/0x90
[  980.948709][T16450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  980.954598][T16450] RIP: 0033:0x7fb59af7e719
[  980.959012][T16450] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  980.978615][T16450] RSP: 002b:00007fb59bd87038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  980.987026][T16450] RAX: ffffffffffffffda RBX: 00007fb59b135f80 RCX: 00007fb59af7e719
[  980.994994][T16450] RDX: 000000000000000e RSI: 0000000020000000 RDI: 0000000000000004
[  981.002961][T16450] RBP: 00007fb59bd87090 R08: 0000000000000000 R09: 0000000000000000
[  981.010926][T16450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  981.018894][T16450] R13: 0000000000000000 R14: 00007fb59b135f80 R15: 00007ffe30167a48
[  981.026871][T16450]  </TASK>
[  981.114000][ T5881] usb 4-1: new high-speed USB device number 76 using dummy_hcd
[  981.437069][ T5881] usb 4-1: Using ep0 maxpacket: 32
[  981.449763][ T5881] usb 4-1: config 0 interface 0 has no altsetting 0
[  981.456526][ T5881] usb 4-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e
[  981.465384][T16456] x_tables: eb_tables: AUDIT.0 target: invalid size 8 (kernel) != (user) 0
[  981.470712][ T5881] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  981.488099][T16461] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  981.528484][ T5881] usb 4-1: config 0 descriptor??
[  981.543732][ T5881] usb 4-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state
[  981.557545][ T5881] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  981.568778][ T5881] dvbdev: DVB: registering new adapter (HCW 126xxx)
[  981.576884][ T5881] usb 4-1: media controller created
[  981.594233][ T5881] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  982.592104][   T29] audit: type=1400 audit(1731746514.155:161): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=16477 comm="syz.1.2672" daddr=2001::2 dest=2
[  982.627261][ T5881] set interface failed
[  982.627306][ T5881] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  982.632531][T16480] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2673'.
[  982.660709][ T5881] error writing reg: 0xff, val: 0x00
[  983.032065][T16483] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2674'.
[  983.460722][ T5881] dvb_usb_mxl111sf 4-1:0.0: probe with driver dvb_usb_mxl111sf failed with error -22
[  983.553595][ T5881] usb 4-1: USB disconnect, device number 76
[  985.664957][ T5832] Bluetooth: hci2: link tx timeout
[  985.676318][ T5832] Bluetooth: hci2: killing stalled connection 11:aa:aa:aa:aa:aa
[  985.782514][T16505] x_tables: eb_tables: AUDIT.0 target: invalid size 8 (kernel) != (user) 0
[  987.505803][T16526] ebt_among: src integrity fail: 300
[  987.514842][T16526] program syz.6.2687 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  987.728121][ T5832] Bluetooth: hci2: command 0x0405 tx timeout
[  987.797565][T14369] usb 7-1: new high-speed USB device number 50 using dummy_hcd
[  988.158125][T14369] usb 7-1: Using ep0 maxpacket: 32
[  988.261442][T14369] usb 7-1: config 0 interface 0 has no altsetting 0
[  988.268387][T14369] usb 7-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e
[  988.278790][T14369] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  988.296354][T14369] usb 7-1: config 0 descriptor??
[  988.493412][T14369] usb 7-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state
[  988.502468][T14369] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  988.513705][T14369] dvbdev: DVB: registering new adapter (HCW 126xxx)
[  988.521284][T14369] usb 7-1: media controller created
[  988.535242][T14369] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  988.644240][T14369] set interface failed
[  988.645325][T14369] usb 7-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  988.663613][T14369] error writing reg: 0xff, val: 0x00
[  989.104620][T14369] dvb_usb_mxl111sf 7-1:0.0: probe with driver dvb_usb_mxl111sf failed with error -22
[  989.167080][   T29] audit: type=1400 audit(1731746520.725:162): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="<0" requested=w pid=16548 comm="syz.5.2695" daddr=fe80::20 dest=20000
[  989.181603][T14369] usb 7-1: USB disconnect, device number 50
[  989.296235][ T3519] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  990.548756][ T3519] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  991.599494][T16561] ==================================================================
[  991.607610][T16561] BUG: KASAN: slab-use-after-free in move_to_new_folio+0x231/0x1330
[  991.615623][T16561] Read of size 8 at addr ffff888024bdd328 by task syz.5.2699/16561
[  991.623538][T16561] 
[  991.625877][T16561] CPU: 0 UID: 0 PID: 16561 Comm: syz.5.2699 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  991.636652][T16561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  991.646730][T16561] Call Trace:
[  991.650022][T16561]  <TASK>
[  991.652981][T16561]  dump_stack_lvl+0x241/0x360
[  991.657685][T16561]  ? __pfx_dump_stack_lvl+0x10/0x10
[  991.662910][T16561]  ? __pfx__printk+0x10/0x10
[  991.667513][T16561]  ? _printk+0xd5/0x120
[  991.671674][T16561]  ? __virt_addr_valid+0x183/0x530
[  991.676790][T16561]  ? __virt_addr_valid+0x183/0x530
[  991.681901][T16561]  print_report+0x169/0x550
[  991.686406][T16561]  ? __virt_addr_valid+0x183/0x530
[  991.691509][T16561]  ? __virt_addr_valid+0x183/0x530
[  991.696608][T16561]  ? __virt_addr_valid+0x45f/0x530
[  991.701718][T16561]  ? __phys_addr+0xba/0x170
[  991.706212][T16561]  ? move_to_new_folio+0x231/0x1330
[  991.711406][T16561]  kasan_report+0x143/0x180
[  991.715910][T16561]  ? move_to_new_folio+0x231/0x1330
[  991.721105][T16561]  kasan_check_range+0x282/0x290
[  991.726042][T16561]  move_to_new_folio+0x231/0x1330
[  991.731061][T16561]  ? page_ext_get+0x1d6/0x2a0
[  991.735741][T16561]  ? __pfx_move_to_new_folio+0x10/0x10
[  991.741193][T16561]  ? post_alloc_hook+0x206/0x230
[  991.746123][T16561]  ? compaction_alloc+0x3381/0x3960
[  991.751329][T16561]  ? __pfx_validate_chain+0x10/0x10
[  991.756525][T16561]  ? __pfx___might_resched+0x10/0x10
[  991.761804][T16561]  ? __pfx___folio_put+0x10/0x10
[  991.766730][T16561]  ? __pfx_validate_chain+0x10/0x10
[  991.771924][T16561]  migrate_pages_batch+0x266b/0x36d0
[  991.777204][T16561]  ? __lock_acquire+0x1384/0x2050
[  991.782236][T16561]  ? __pfx_compaction_free+0x10/0x10
[  991.787526][T16561]  ? __pfx_migrate_pages_batch+0x10/0x10
[  991.793151][T16561]  ? __lock_acquire+0x1384/0x2050
[  991.798174][T16561]  ? cgroup_rstat_updated+0x13b/0xc60
[  991.803540][T16561]  ? mark_lock+0x9a/0x360
[  991.807862][T16561]  ? __pfx_compaction_free+0x10/0x10
[  991.813146][T16561]  migrate_pages+0x2062/0x3560
[  991.817908][T16561]  ? __pfx_compaction_free+0x10/0x10
[  991.823190][T16561]  ? __pfx_compaction_alloc+0x10/0x10
[  991.828559][T16561]  ? __pfx_migrate_pages+0x10/0x10
[  991.833661][T16561]  ? isolate_migratepages_block+0x4f2b/0x5820
[  991.839730][T16561]  ? isolate_migratepages_block+0x2031/0x5820
[  991.845797][T16561]  ? __pfx_isolate_migratepages_block+0x10/0x10
[  991.852032][T16561]  compact_zone+0x3404/0x4af0
[  991.856727][T16561]  ? __pfx_compact_zone+0x10/0x10
[  991.861752][T16561]  ? __lock_acquire+0x1384/0x2050
[  991.866779][T16561]  sysctl_compaction_handler+0x5a3/0x990
[  991.872410][T16561]  ? __pfx_sysctl_compaction_handler+0x10/0x10
[  991.878569][T16561]  ? __virt_addr_valid+0x183/0x530
[  991.883673][T16561]  ? __virt_addr_valid+0x183/0x530
[  991.888774][T16561]  ? __virt_addr_valid+0x45f/0x530
[  991.893874][T16561]  ? __check_object_size+0x48e/0x900
[  991.899149][T16561]  ? __pfx_sysctl_compaction_handler+0x10/0x10
[  991.905304][T16561]  proc_sys_call_handler+0x550/0x8b0
[  991.910590][T16561]  ? __pfx_proc_sys_call_handler+0x10/0x10
[  991.916425][T16561]  iter_file_splice_write+0xbfa/0x1510
[  991.921890][T16561]  ? __pfx_iter_file_splice_write+0x10/0x10
[  991.927782][T16561]  ? rcu_read_lock_any_held+0xb7/0x160
[  991.933256][T16561]  ? __pfx_iter_file_splice_write+0x10/0x10
[  991.939144][T16561]  direct_splice_actor+0x11b/0x220
[  991.944252][T16561]  splice_direct_to_actor+0x586/0xc80
[  991.949627][T16561]  ? __pfx_direct_splice_actor+0x10/0x10
[  991.955254][T16561]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  991.961142][T16561]  ? __fget_files+0x29/0x470
[  991.965729][T16561]  ? __pfx_lock_release+0x10/0x10
[  991.970752][T16561]  do_splice_direct+0x289/0x3e0
[  991.975599][T16561]  ? __pfx_do_splice_direct+0x10/0x10
[  991.980969][T16561]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  991.986858][T16561]  ? rw_verify_area+0x1c3/0x6f0
[  991.991711][T16561]  do_sendfile+0x561/0xe10
[  991.996120][T16561]  ? __might_fault+0xaa/0x120
[  992.000792][T16561]  ? __pfx_do_sendfile+0x10/0x10
[  992.005721][T16561]  ? __might_fault+0xc6/0x120
[  992.010394][T16561]  __se_sys_sendfile64+0x100/0x1e0
[  992.015501][T16561]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  992.021126][T16561]  ? do_syscall_64+0x100/0x230
[  992.025888][T16561]  ? do_syscall_64+0xb6/0x230
[  992.030561][T16561]  do_syscall_64+0xf3/0x230
[  992.035064][T16561]  ? clear_bhb_loop+0x35/0x90
[  992.039735][T16561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  992.045622][T16561] RIP: 0033:0x7fb59af7e719
[  992.050032][T16561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  992.069640][T16561] RSP: 002b:00007fb59bd45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  992.078053][T16561] RAX: ffffffffffffffda RBX: 00007fb59b136130 RCX: 00007fb59af7e719
[  992.086016][T16561] RDX: 00000000200000c0 RSI: 0000000000000008 RDI: 0000000000000009
[  992.093985][T16561] RBP: 00007fb59aff175e R08: 0000000000000000 R09: 0000000000000000
[  992.101950][T16561] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000
[  992.109913][T16561] R13: 0000000000000000 R14: 00007fb59b136130 R15: 00007ffe30167a48
[  992.117885][T16561]  </TASK>
[  992.120896][T16561] 
[  992.123208][T16561] Allocated by task 27:
[  992.127349][T16561]  kasan_save_track+0x3f/0x80
[  992.132025][T16561]  __kasan_slab_alloc+0x66/0x80
[  992.136876][T16561]  kmem_cache_alloc_lru_noprof+0x139/0x2b0
[  992.142673][T16561]  shmem_alloc_inode+0x28/0x40
[  992.147429][T16561]  alloc_inode+0x65/0x1a0
[  992.151768][T16561]  new_inode+0x22/0x1d0
[  992.155910][T16561]  shmem_get_inode+0x34a/0xd70
[  992.160667][T16561]  shmem_mknod+0x5f/0x1e0
[  992.164990][T16561]  vfs_mknod+0x36d/0x3b0
[  992.169233][T16561]  devtmpfs_work_loop+0x963/0x1040
[  992.174337][T16561]  devtmpfsd+0x4c/0x50
[  992.178397][T16561]  kthread+0x2f0/0x390
[  992.182456][T16561]  ret_from_fork+0x4b/0x80
[  992.186869][T16561]  ret_from_fork_asm+0x1a/0x30
[  992.191633][T16561] 
[  992.193946][T16561] Freed by task 6016:
[  992.197913][T16561]  kasan_save_track+0x3f/0x80
[  992.202586][T16561]  kasan_save_free_info+0x40/0x50
[  992.207604][T16561]  __kasan_slab_free+0x59/0x70
[  992.212361][T16561]  kmem_cache_free+0x1a2/0x420
[  992.217552][T16561]  rcu_core+0xaaa/0x17a0
[  992.221828][T16561]  handle_softirqs+0x2c5/0x980
[  992.226597][T16561]  __irq_exit_rcu+0xf4/0x1c0
[  992.231194][T16561]  irq_exit_rcu+0x9/0x30
[  992.235468][T16561]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  992.241107][T16561]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  992.247100][T16561] 
[  992.249425][T16561] Last potentially related work creation:
[  992.255133][T16561]  kasan_save_stack+0x3f/0x60
[  992.259807][T16561]  __kasan_record_aux_stack+0xac/0xc0
[  992.265171][T16561]  call_rcu+0x167/0xa70
[  992.269321][T16561]  evict+0x83c/0x9b0
[  992.273213][T16561]  do_unlinkat+0x512/0x830
[  992.277639][T16561]  __x64_sys_unlink+0x47/0x50
[  992.282313][T16561]  do_syscall_64+0xf3/0x230
[  992.286815][T16561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  992.292703][T16561] 
[  992.295019][T16561] The buggy address belongs to the object at ffff888024bdce60
[  992.295019][T16561]  which belongs to the cache shmem_inode_cache of size 1544
[  992.309674][T16561] The buggy address is located 1224 bytes inside of
[  992.309674][T16561]  freed 1544-byte region [ffff888024bdce60, ffff888024bdd468)
[  992.323640][T16561] 
[  992.325955][T16561] The buggy address belongs to the physical page:
[  992.332363][T16561] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff888024bddb70 pfn:0x24bd8
[  992.342419][T16561] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  992.350922][T16561] memcg:ffff88806f56a301
[  992.355167][T16561] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  992.363683][T16561] page_type: f5(slab)
[  992.367664][T16561] raw: 00fff00000000240 ffff888140ab0280 ffffea0001911e10 ffffea0001fbc810
[  992.376243][T16561] raw: ffff888024bddb70 0000000000130012 00000001f5000000 ffff88806f56a301
[  992.384822][T16561] head: 00fff00000000240 ffff888140ab0280 ffffea0001911e10 ffffea0001fbc810
[  992.393486][T16561] head: ffff888024bddb70 0000000000130012 00000001f5000000 ffff88806f56a301
[  992.402148][T16561] head: 00fff00000000003 ffffea000092f601 ffffffffffffffff 0000000000000000
[  992.410807][T16561] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000
[  992.419481][T16561] page dumped because: kasan: bad access detected
[  992.425912][T16561] page_owner tracks the page as allocated
[  992.431623][T16561] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 27, tgid 27 (kdevtmpfs), ts 6358848102, free_ts 0
[  992.451430][T16561]  post_alloc_hook+0x1f3/0x230
[  992.456203][T16561]  get_page_from_freelist+0x363e/0x3790
[  992.461749][T16561]  __alloc_pages_noprof+0x292/0x710
[  992.466946][T16561]  alloc_pages_mpol_noprof+0x3e8/0x680
[  992.472414][T16561]  alloc_slab_page+0x6a/0x140
[  992.477089][T16561]  allocate_slab+0x5a/0x2f0
[  992.481590][T16561]  ___slab_alloc+0xcd1/0x14b0
[  992.486262][T16561]  __slab_alloc+0x58/0xa0
[  992.490586][T16561]  kmem_cache_alloc_lru_noprof+0x1c5/0x2b0
[  992.496383][T16561]  shmem_alloc_inode+0x28/0x40
[  992.501141][T16561]  alloc_inode+0x65/0x1a0
[  992.505469][T16561]  new_inode+0x22/0x1d0
[  992.509622][T16561]  shmem_get_inode+0x34a/0xd70
[  992.514379][T16561]  shmem_mknod+0x5f/0x1e0
[  992.518703][T16561]  vfs_mknod+0x36d/0x3b0
[  992.522943][T16561]  devtmpfs_work_loop+0x963/0x1040
[  992.528050][T16561] page_owner free stack trace missing
[  992.533406][T16561] 
[  992.535719][T16561] Memory state around the buggy address:
[  992.541339][T16561]  ffff888024bdd200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  992.549389][T16561]  ffff888024bdd280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  992.557439][T16561] >ffff888024bdd300: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  992.565484][T16561]                                   ^
[  992.570843][T16561]  ffff888024bdd380: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  992.578894][T16561]  ffff888024bdd400: fb fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc
[  992.586944][T16561] ==================================================================
[  992.658341][T16561] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  992.665579][T16561] CPU: 0 UID: 0 PID: 16561 Comm: syz.5.2699 Not tainted 6.12.0-rc7-syzkaller-00187-gf868cd251776 #0
[  992.676358][T16561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  992.686434][T16561] Call Trace:
[  992.689728][T16561]  <TASK>
[  992.692676][T16561]  dump_stack_lvl+0x241/0x360
[  992.697380][T16561]  ? __pfx_dump_stack_lvl+0x10/0x10
[  992.702598][T16561]  ? __pfx__printk+0x10/0x10
[  992.707209][T16561]  ? preempt_schedule+0xe1/0xf0
[  992.712077][T16561]  ? vscnprintf+0x5d/0x90
[  992.716429][T16561]  panic+0x349/0x880
[  992.720346][T16561]  ? check_panic_on_warn+0x21/0xb0
[  992.725472][T16561]  ? __pfx_panic+0x10/0x10
[  992.729913][T16561]  ? _raw_spin_unlock_irqrestore+0x130/0x140
[  992.735910][T16561]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  992.742255][T16561]  ? print_report+0x502/0x550
[  992.746959][T16561]  check_panic_on_warn+0x86/0xb0
[  992.751917][T16561]  ? move_to_new_folio+0x231/0x1330
[  992.757136][T16561]  end_report+0x77/0x160
[  992.761405][T16561]  kasan_report+0x154/0x180
[  992.765936][T16561]  ? move_to_new_folio+0x231/0x1330
[  992.771157][T16561]  kasan_check_range+0x282/0x290
[  992.776121][T16561]  move_to_new_folio+0x231/0x1330
[  992.781164][T16561]  ? page_ext_get+0x1d6/0x2a0
[  992.785871][T16561]  ? __pfx_move_to_new_folio+0x10/0x10
[  992.791350][T16561]  ? post_alloc_hook+0x206/0x230
[  992.796308][T16561]  ? compaction_alloc+0x3381/0x3960
[  992.801549][T16561]  ? __pfx_validate_chain+0x10/0x10
[  992.806771][T16561]  ? __pfx___might_resched+0x10/0x10
[  992.812084][T16561]  ? __pfx___folio_put+0x10/0x10
[  992.817046][T16561]  ? __pfx_validate_chain+0x10/0x10
[  992.822265][T16561]  migrate_pages_batch+0x266b/0x36d0
[  992.827571][T16561]  ? __lock_acquire+0x1384/0x2050
[  992.832631][T16561]  ? __pfx_compaction_free+0x10/0x10
[  992.837942][T16561]  ? __pfx_migrate_pages_batch+0x10/0x10
[  992.843602][T16561]  ? __lock_acquire+0x1384/0x2050
[  992.848657][T16561]  ? cgroup_rstat_updated+0x13b/0xc60
[  992.854053][T16561]  ? mark_lock+0x9a/0x360
[  992.858397][T16561]  ? __pfx_compaction_free+0x10/0x10
[  992.863702][T16561]  migrate_pages+0x2062/0x3560
[  992.868489][T16561]  ? __pfx_compaction_free+0x10/0x10
[  992.873793][T16561]  ? __pfx_compaction_alloc+0x10/0x10
[  992.879188][T16561]  ? __pfx_migrate_pages+0x10/0x10
[  992.884312][T16561]  ? isolate_migratepages_block+0x4f2b/0x5820
[  992.890400][T16561]  ? isolate_migratepages_block+0x2031/0x5820
[  992.896487][T16561]  ? __pfx_isolate_migratepages_block+0x10/0x10
[  992.902758][T16561]  compact_zone+0x3404/0x4af0
[  992.907477][T16561]  ? __pfx_compact_zone+0x10/0x10
[  992.912526][T16561]  ? __lock_acquire+0x1384/0x2050
[  992.917591][T16561]  sysctl_compaction_handler+0x5a3/0x990
[  992.923260][T16561]  ? __pfx_sysctl_compaction_handler+0x10/0x10
[  992.929454][T16561]  ? __virt_addr_valid+0x183/0x530
[  992.934589][T16561]  ? __virt_addr_valid+0x183/0x530
[  992.939722][T16561]  ? __virt_addr_valid+0x45f/0x530
[  992.944854][T16561]  ? __check_object_size+0x48e/0x900
[  992.950158][T16561]  ? __pfx_sysctl_compaction_handler+0x10/0x10
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  992.956339][T16561]  proc_sys_call_handler+0x550/0x8b0
[  992.961653][T16561]  ? __pfx_proc_sys_call_handler+0x10/0x10
[  992.967496][T16561]  iter_file_splice_write+0xbfa/0x1510
[  992.972990][T16561]  ? __pfx_iter_file_splice_write+0x10/0x10
[  992.978908][T16561]  ? rcu_read_lock_any_held+0xb7/0x160
[  992.984385][T16561]  ? __pfx_iter_file_splice_write+0x10/0x10
[  992.990294][T16561]  direct_splice_actor+0x11b/0x220
[  992.995427][T16561]  splice_direct_to_actor+0x586/0xc80
[  993.000828][T16561]  ? __pfx_direct_splice_actor+0x10/0x10
[  993.006483][T16561]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  993.012400][T16561]  ? __fget_files+0x29/0x470
[  993.017016][T16561]  ? __pfx_lock_release+0x10/0x10
[  993.022067][T16561]  do_splice_direct+0x289/0x3e0
[  993.026938][T16561]  ? __pfx_do_splice_direct+0x10/0x10
[  993.032330][T16561]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  993.038247][T16561]  ? rw_verify_area+0x1c3/0x6f0
[  993.043117][T16561]  do_sendfile+0x561/0xe10
[  993.047554][T16561]  ? __might_fault+0xaa/0x120
[  993.052250][T16561]  ? __pfx_do_sendfile+0x10/0x10
[  993.057202][T16561]  ? __might_fault+0xc6/0x120
[  993.061910][T16561]  __se_sys_sendfile64+0x100/0x1e0
[  993.067038][T16561]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  993.072685][T16561]  ? do_syscall_64+0x100/0x230
[  993.077473][T16561]  ? do_syscall_64+0xb6/0x230
[  993.082167][T16561]  do_syscall_64+0xf3/0x230
[  993.086688][T16561]  ? clear_bhb_loop+0x35/0x90
[  993.091385][T16561]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  993.097296][T16561] RIP: 0033:0x7fb59af7e719
[  993.101721][T16561] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  993.121430][T16561] RSP: 002b:00007fb59bd45038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  993.129874][T16561] RAX: ffffffffffffffda RBX: 00007fb59b136130 RCX: 00007fb59af7e719
[  993.137864][T16561] RDX: 00000000200000c0 RSI: 0000000000000008 RDI: 0000000000000009
[  993.145846][T16561] RBP: 00007fb59aff175e R08: 0000000000000000 R09: 0000000000000000
[  993.153832][T16561] R10: 0000000000000009 R11: 0000000000000246 R12: 0000000000000000
[  993.161821][T16561] R13: 0000000000000000 R14: 00007fb59b136130 R15: 00007ffe30167a48
[  993.169815][T16561]  </TASK>
[  993.173393][T16561] Kernel Offset: disabled
[  993.177726][T16561] Rebooting in 86400 seconds..