last executing test programs: 18.682420289s ago: executing program 4 (id=514): socket$packet(0x11, 0x3, 0x300) syz_open_dev$sndpcmp(&(0x7f0000000000), 0x2, 0x440) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000300)={0x76, 0x0, 0x1, 0x9, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4, 0x4, 0x0, 0x1, [{0x0, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x18, 0xc, 0x0, 0x1, [{0xfffffdc9, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6d2c}]}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x0) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454c8, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x144000, 0x7fe2, 0x1}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r4, &(0x7f0000000180), 0x20000000}, 0x20) bpf$MAP_LOOKUP_ELEM(0x3, &(0x7f0000000000)={r4, &(0x7f0000000180), 0x0}, 0x20) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r8}, &(0x7f0000000240), &(0x7f00000003c0)=r5}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r9, r6, 0x25, 0x2, @val=@tcx}, 0x40) syz_emit_ethernet(0x22, &(0x7f0000000100)=ANY=[], 0x0) 17.401377896s ago: executing program 4 (id=517): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00'}) mkdir(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000005c0)={'batadv0\x00', 0x10}) mount(&(0x7f0000000340)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='msdos\x00', 0x1018000, &(0x7f0000000240)='b\xb1Fs\t\xb5\xda\xec,\xdb\xe0\xb0\xe0\xe8*\xd4\x00\x00\x00\x00\x00\x00\x00\x00F*\x0f\xdd\xe3\rb\xf9,\x196\xb2\x92\x9d\x94\xd4\x96\xbc9))\xef\xdeW\x86\xf4\xd8(\x13\x81') sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1}, 0x48) move_mount(r2, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, 0x0, 0x0) open_tree(r1, &(0x7f0000000300)='./file0\x00', 0x89000) socket$caif_seqpacket(0x25, 0x5, 0x0) syz_io_uring_setup(0x5169, &(0x7f0000000400)={0x0, 0x0, 0x4, 0xfffffffe, 0x1b8}, &(0x7f0000000100), &(0x7f0000000680)) syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) r3 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mlock2(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x0) r4 = io_uring_setup(0x74cb, &(0x7f0000000080)) io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) close(r3) 17.252625449s ago: executing program 3 (id=520): syz_emit_vhci(0x0, 0x22) syz_emit_vhci(&(0x7f0000000080)=ANY=[@ANYBLOB="043b0affffffffffff10000000"], 0xd) syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB], 0xd) syz_emit_vhci(0x0, 0x0) ioctl$MON_IOCX_GET(0xffffffffffffffff, 0x40189206, &(0x7f00000002c0)={0x0, &(0x7f0000000340)=""/121, 0x79}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000024c0), 0x0, 0x0) preadv(r0, &(0x7f0000000240), 0x0, 0x8, 0x1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000023c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095b8930d2e7ac3cb5908d926116efe6c28a4b937a7395bc782c71f86a140fc1f85243e2ff3bb2dffaf7c0c680a72db716490b86fac9aebb4974e3ceb610d3d36d98826279a42a39d0a73ab52b76be2fbcb21d37b8791cec6e150aaec25b9146fcb1e0c758eed7438696ac3befd7b7303da0f7702ab7fd82d36127fc72d66c1c9a90f46d9bca14856eac98e4ed83d4c6ff684eba2e31d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) syz_emit_vhci(0x0, 0x0) syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043e1f22"], 0x22) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x4) socket$inet_tcp(0x2, 0x1, 0x0) bind$inet6(0xffffffffffffffff, 0x0, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r1, &(0x7f00000039c0)=[{&(0x7f0000002500)=""/129, 0x81}, {&(0x7f00000025c0)=""/160, 0xa0}, {&(0x7f0000002680)=""/142, 0xffffff49}, {&(0x7f0000000300)=""/14, 0xe}, {&(0x7f0000002740)=""/253, 0xfd}, {&(0x7f0000002840)=""/4096, 0x1000}, {&(0x7f00000038c0)=""/66}, {&(0x7f0000003940)=""/70}], 0x6, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000880)=@base={0x2, 0x1000, 0x3, 0x1, 0x1d48, 0xffffffffffffffff, 0x5fff, '\x00', 0x0, r1, 0x0, 0x1, 0x4}, 0x48) syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000003c0)="057e30aae10df4f97559054b9a301ecfe91b645115e1421774006df60cb393573839b0078ce169ec2fde0afea66b5bbefa9d4f3cd8c2458336ceb1f0efe647d6d7b1cdbd12c9b8e3a822cbd51494bf79a1dbe5c22338ce37ed467a1d3d616564cbb81faa2e935b2697c12efb0ed141fa2eaad4747725c4bf20f8975e402b03eb77d1aa3f10f512397b5037b1b4cd4b7c08c03dc5e52a066e5982969fa044125ae251f46c26e2536cc8b77e8edb251378be4beedfb8dca0d449123f57677ca3da5bdebf91b195f1a5d49d7c292f20f58d490de36d8ee0e8a86bd04c3165549465cbee7891fc747d7def370ce644db894b56bd53af0d0e261bcfa6bf72a684dafc5bcafe07ece74cbd1d5fa32716dd03f7acd4f32d935438c91e033beaf49e3963e13d05e7a8334a858639636799f04a9033193e7d18a2a4b20bcc96811bb5efe476db70a76b7456ac4e71f3e89c00da0c7761c188570c7902bf2fee1be273be8a9f7a2d7508ef2188d3ba1db4fa9d1533d2f2a288cdfe3b0c50908d56ba69e81386e7e979e9d7ff78685ffb8de6baea2451762736a2bbafa11d541790b0564aef9b0b80fa24832090b84341a9fdf712d3296f911020f8021eda8130befaaab01cbe91dfc5768e6ff31ec50dd88596832a9f5fd4f558d367f40e454d3c97ad16a7f30b93629ee2def77b99f8a17c157529b0782fd847a4c75a2302ca96bbdcff660c2cca753e1a8c60dbcfb319a1594565a2e15bb6124316e196e3cafaf1a29eef84a0908d1dc80af7e333c65736699f1254addf2ab582f5c87c4f6ca234d7ca9673dc29444044b95abdaea958274e39aeb163ee2d05bc2ade5c33a0466e14fbdf8aa70ca2964c06ee5bc57b894b0143a7a503cc43574a07958940b029678df44d6c82fa2e6937ea6aeb5b8f33c21628e3b0d623c23c2e5a3546194fea742d90c1d61f343a005b9e58c3e8292b256fd0ecca81cda433f3bb0ed633607f0b635cdd8b4919bfa37c1e99df087d3f8f3ba5dec7930657eb3a4d8febb5234e048881fbfc499fe5eb6a0ce34546f7010ae2291e6731d0798ca451387a123998e68f6f577ba4e556bb9a119011a191a6bbcf55beb1fb0b8252deeed5721b271b964534a04462720c4c03e8ea7f120cfa1be630e7fc680d1f6e067075c72f642babcacf6b00cd3fdb9f3200e4ff8935b17ebe222053c78c3752666088017c2150dd014b9578af6adb15527a483eff5bb623710ca7b37ed49ff7cf1525f296af6f27846524e4aaea7476a2d08dceeca84a1ab11e2767abff12d10deaf63681dcabe9b1fb9ebe207d8e3793dba9a73a02ebea4e3a072397a88c47795d5e88b2040c9fe3f96f66f8f7d593547c8fc8f4e75a1c20962ecf2dd1e7bddf896f2a6c5f37a8784e2bc5b10cef2feab3b6eee7430908eeadd372248041a09b0c29385cd7a75754d2c429e72bf5fdac34097bbbbb3790f86399c60cb5054fbeb8eb1241608b506beb135091c18110c1d10d9a80f4adb11a6fd3001957cae0b4f8f730cc4fa4a7328e23f390caab014cfeec0ebfd0e14021f47fe330a68680678d23e7ca1ff18e7e242f4c1e3cca51dec73c58b596c2a92267ee76d3657c1e2b34102b09fa4c59c2619148440bf26802c6f858b8eee6d8c697bad2c4d5a0f76c6a4cdd3b8fdc21e447920491ef40578b68a7a5dfda04fa235fac01ad4e824b627137dc48807100e52ec5ae2f3a3fd84d68b824033b4f0ee28a9e72333b4e209ae905d0781e4fe8116e03b1ca5c3b1ea84974cabaa0214ed15bfe01e974491e8a20f9d03ed1b73799b083f3a65e809c3ff3cf126288fc1627409d46f78b5fe8b8ba0b3ddc3ac79aecd6eee2e0cc59826e5798f48f80f0c7f549b3a656e9acbc5e51bdc3becef93533166c1d9ffe4335ec973d3d27ce5987d150f554c4095650528578fe4858b670b0786f23c886612191f89ec57970dbc0e33cd62b57a08fa940b339577fd12d07dec2ac50e9e0b27f0716b3233803153389a95df956637af8d9778e27bce49ab0a832978712a074d3f7516ad512ed0d9b43049b5990c841a7b7146a24c62fb70645b8d85b6c8863d5c6aab03638ffa4e30c8de24383cf320eee735a4fd37262d473076f495da8b2f0f028b8f178c238010738d6afb1dc2e48089e80f6a7658ad3496f1a1f7f78abdcf934c733d22abb0671a0d41b9b33a5faf99d7b82166e27df0f97a7953dcc1fb364478200253757e8311ba61cb4c78a380cdd820553c7296816210f64b34619966f1540a407c8d6e8e30788909de19ede4116d09a14ce26ad59957add80b90602855c0134ba7fe8afd4493f7cd9ced61fda7d0ae02505c046acf68d68ecd9b1507a4d4eba4c2c834777b2c3c5a8b3c06677fe468072dcab48c1ac9deec30265c7f6c5864df89e25bba52715c82e9921db601b3935f5047b8cc07351b9965b1a1f6ef36c1fba89d9d96e332eacc1e8a78e09d7d6ba30845866449ed5264f763735d4e7cc133dba4b296b2dd9331efea01e5b3d05f38055e41c49993d679ef133b9b1af435fd0ac5fad33f571c76d02c40d4e301110b4442aa134364f0456da0cf362b2c27ebd667c0969ae09dad18becba9d6918fb1e741f685735cc7078f0e6328181a83da67516fac31522f9d9fc64a4b769e57e76bfff6f9867fa2fee1e7dddd11128322210e44eeef6db7269dfa1bfbd9099dd6f8219d585c22c20483251447772719a6115ccb690609de352989610a138110c884562b65de3cf63c3ebe9adfeb53c6e4ecc637c98b60161f71952b84c6fc4cea6af0ed533144bde4f8fbab2d3ffe0b2a5d0c55ec9979ea85a25045ad3a84becf0e891b89c1a83178d7368aea4bdfa0ebd46b8e110a2972c8ac96e10ac630e89f8d76bf35b03b5ecd393d1986fc61318e08ef02721e5f2cd2fe098ebcd1bd30a8f87b2a5650b51dd50d0d78ab7fe66490f5827372f1779d3d389e9fa66bd0296f0203af010d8f76783837cdde2555a90be577626a12de47d4da638efd0017750a230485f6ade34a27284d85dd87f9db8a832c571106d8296629418777b4d933fa049f0f4e5958c193e889305074091be14c66a4bf02cdfe1e8d26a5d21fa78c5628a7ee3d7a0c550296b2f0625e2dd18d45f2d45bee6746d4462c92bc3cf50503c7479bd121393821afe1cd7144ea37f4e8e5ee21f739024ad25af9430dee006b76617725556ff8a820b767fa821629819732f086a5fdf2ccb4edae0aceb3d6dea698e798ead905a2eef9065d633b007271e93101a71cbe385f56e32b3a8fb081c5c1ab09b729f89294a0007df3a3b8e93686020d993b812c6f85fe1618db897cd67be6cd5053dc8490bbebee133d140503c4aa51eea0c156523a1d81ae849dbe5a273bfc0de94836f8160ea9f146147fc02dd7b55dca6a2a43692268ee98f51fcd2d3faa76071d9716e877b2a3dcb51a51d5359a2ee705da52b43306f1f3caf33342fc281bc9c58d1ce05ecdeca371e3a788542f8fa999e4d8e10e66f0b6053d7d4cfc6acb815628bc2409b3dec01726121c267b3ee85fd61bbbdda68ae2c13026863e4a54b93d956fe692707a179411c841ca7d2f33a5223181b18b7ba2eebdd7c2a8dec3ac2a317b5fbd996e8598c394ee627308f0e887480a8dcd59b0256b636f4c62566501a733fa74232945ba1d9e2bae347391bf9ae2da4d3af2b262b772421fd3a5cab46862ea6049f5c9c76dd8549ce0e6c31c792b81b6b21f0bcca18bb2fa6a9d4d6e0a837bb119e2e002a69d6ca95a4b2acc463076c2e05731ef0cfaea84387a6baf6737cc14a25f5329ea924090311213344625a69ee382dd4bc72e00e63329956f3e021092585c9affa06a95bd0ef653ae9ff0abed5ee561ada4f83d8ef202d9c0b2225ebe8660cc408859d45e0332f4f78f6a339bce9d12ca2bc5116a8fd4007c485f5c1c41af96c41d96db35411842d7babc05c8b228066dccb9b67f348974363be521e41fa94d2034a0bc1e87360a80606e1e1bfa8e6399601b30bf93ac41129869158bc2b791b50e51519133ab58afd4023d4d721129b1307f054103a47c49e0524ac4df511c3409fa62d8b5c1a897794600f53efdcc987e06bffd77c9fc75fb7221ef29ed2f7e3e8abcb4a1875b85bd5176a6fba9a361d8684876508443bd50e630f4c684002b15930cf81d740b880eed25d22d8de8c00066790df084fea7c5021184a210a6d24f9bc862c4e3eafbb1782fa240ecfa5959d7a681bae84e8a96a5ff45dea4f9e16dd2cff2dccc6cf4042b44b7ad1f55dc1db5998ed40a409c0e67e1e64fab423d2c00fabb8976d9dacf0c82530e356a99f75082f3411adddfe4ab1ad3b55599fa15450dd5feee23591f1ce398e4c5ae8aad71ad26ea189c333c8467d1eaba9589bb8c41bbfe8c0c173e5446bc06b578c1db849fabe5fcd8fe0fca94bdc799b53b897249826037499e8b6213d640724fda1bcc9341ac61fbea02c8f39a53c496902d5c7922f678a273cdf5ffff38ea028ae19dc72f0b0688f2b9b7d5a9c04153c10ff4168cf9f243dea03b336be778f6c79d67a2d0ade82863eaf95d6fc7f745569864f369f4b39177c356c8c393bded485df28622f01251e58f3d39498520ff90e6c670f0dce5b494cb1d78dfad108406dc5857086d386bd42bd03fe716f049407e5e55caa0e73e96c1a4f6d5791ce7195b2ce72de52ed617ecefaeeabfa9350af49d1d91f9a4b97dc0808869b916f34ee242c40fe8c8aee57b6ddb69f9a10636e481dfa059ef001bad7020266f0d74b14edce6c18ffef854768a60885bad798658a6b9d0b438c483ba159346d5ce0771f53ff18e0bd47d8583bd56237f8da2747ac7eb2a87b6e26c4820d4fe18b76e06bb6e0c0cdf478b4aecd381c2a6ca9f10ec433f0aca63a66d04f70557baf9f2844005351a21664c2430fb0002cd03bcf0b2004068a2567f91a9fbee8c6d948fb35d48527b23e1398ce9f535e2b0b33c2bc31ab737ba4b980f46f5d424e33892c8093f3cd18510a3157afc023f63ad3ba999e950747c78c06ab141a26d74ffc049a6f76c465f9f9f03a8d339a8e61fef26a5239fbc11c01a87800c81efd7b9f28ee2ab2ed88a383f5013bfd6671ea3086121b235a0cc45ccb300c02588895f8d13ec7e00a3aaaa8b0e739f666fd1b13a90b23998704859c9c76108ed7ecdc63770e6ebaa0aeb9208b92ec4e948ac7fc81cc6f305f06c2f2d8c9267463af92e185ff627eed54313fa2ee0bff2cfa8be411982fd19fa88db5ec99f238f88782f8c7a957bef14f79351b63799a4cce160357c068987a5516b04c79644c140850cddc8bd5541fcca9e30826aad864240f434bd1fc67b58e3d664f782e9e46edcb34e2db98a39c23e334e51c71c9fa466470992cc1fbc36c3c8ff4340be67f9b85a74c9114cb9fe5ca4dcbb641ea17a54ba4658aeaa515109e117625a6196dd66d3584d293b468fce63b5a9c4b9461700c74ae955539bfbbe3eccfa7d9c9f737792a9d4b978baa2e92819e88340b73c88c2900b723248b18ae9414cb37a64ef8cb8ca85cda9677d9f1e71a6b70fe3ad17f2d13c1df48d93bfa50fd939a72ea26f9fbeaa6f8af2eec91b04a8fa7dc14fec0f54fcd1c5c848b4432f979f10e661cd2d7f8ff669ce99f9813fc5440fbbeb35f1a5e5115f5ca35dcc270bdbcae07a9ae8e22aabf8178379dee08874ec7840de27815890a88fc9a3bcfa88a33f9baef9af0ae01b2bd34a907f1151cb14bc8b396bc43a60f884f425e4a04348cc645aae68db49980139ddad0fed303e40b124fd654b36c961a56c44cc3686a7529b1f1ee47da3a0f1158542337df15780444790a2ff1b57e062f0db66730c9f98de395f939f44188225211c514447f67fcbf320a34c43ce09ed272bb992db3a35ae2c3c491c36f2de88984129fcea1ffd235aff7bef7fa95d65894db9a5f1b348efcb571a81b3d73ccd07cbef052389001e4d456800e05ca53bcf3485ce05791ff65a9f7913416ae26972f34f51a3270580b81307ce31c98eda06f3b35890ce317e79a16d728cd0bb6a3835667555c0c5138cfa5305a91db1f873b2a75b82ffcb27616ee67777708f7dc2ed9ddbeb38a60f446d3ac88ded25265c25ef38b0755a9d34bab5e669b6501d8c9787aae7eced9945cad3d4d1c32fa68b48a1d773750f814631db3e088c1b5e7ffa854ea1343d94ec1343918d7a1c5a095bb72b00eb3bff210aeec0b8a581a2a13429b83a193f4d447059265b63c4b8f8ea1b9494f65e79844d956c5d80780849dc086506e9eba002e682a1bae1543f8289588c574bb6ca9a2e57b908aaffed23ecf3536abaf96fe08291f3d70773288b4698e972b0187385dfff4cba59175814e75e7e5146205c7f2d2f749583b393f46c448c152d8be50d60ed8d8bdb30fc7925656a0f90b1de967c729980815e5f19ed453fbefcff67832cb90d753410a0b18eb7504600b11b0360c3d3594d48d832160d357afc1f17dc71dccabef7bbcf1fdd55b48cb02135c32650ab07b902f36b48be9376b2dd68343eacfe80d9dab3205a393a4c6ffd405f6db323dea11be4f22ce50df1e0cfec9e9b1e23acb94d66ea787d08f615a7c7288cdf1921a13a85d885e47cf1067d89ebad5b92ce5000000008d74bd2d5b78366f998cc35bf35e45d06128f1c5984fabee7542642bbf6d981b60759d3e7900e5b3d1d7310f90df0c88a600ff2f39932bf7411e61c692c9444dc9ae0dff28c0b94292c430ac4464e83ce8a29b886f45c98b8396667740c5be51e592eac0250d6e479505d36e930ca3a32cb671d58707d25b10e2660cd5e661b08e268c8bf1b3cbceb2d995a2a6fdfe5475cccc965f71baa7c84054e3bb6cbcb7167b06c708cd72ad4301e943dd1b2b2c325f682be3eaae730a8ed8bc3134b28d1ce04543bc66a529744561c42d25e65c7b5cc2a17875ebf35e53aa46e1edec29ff8d046a7e01459d9639c10d1df998cd9a12d7e50b2dc71ee7338cf71beb72d5020dc69eeafc354bf822d65ee0328eb07d04ac0d266fdb53227a158411da5ded254b3c359ee710e0278e1a06f06002538e108450fd6b11949fdc618a29baf34f232aa192230ddb318aa6d59d122257e50713fe73e6c0059399589c382dc901a8c3381139436f7331b69f457bbb38ed54daaa07a52cceb053c32690836c664b73d86261216b8610fc7b4d53dd3e5d9bcb3e25528e132911cac37e7f2618274c733b5ae02f9c27638d9e11988f1dfbb281ffd8cddf8558a481861cbe9d53a4ad8282d3587449cd51759ca397eda122d286e117d01539359870b94c98a3ce383ed1d280bcceb228acf73193e87fd3650e4dfd563cc55bfbc8626a41293cc90ef76e28e2dedaf968602d2997ae1c2752a0febe3a78f3756d40201ae13074091238324422caabe22c66b7866065264261fc2c3e0569493468d1c1c36259aedd5f078a231e72decd70f4de8532f6753287435296f33a096bc1c8b0ebb68c9f783881e45ac54159ec1c2f9e1f5cb48f96729a62d1b4fdaa89ef5de8741bca04e953534dc977e881a61281812af435206378eff173d7929ab4967e511bdc14e6d49cba517b0563c14fcd6ba38ef32bc48a00643416d7e34f7465b3e6240589d854db4d9714e998f2edf3a03986598a52aaf647d938f4a8e07c1c29615803af6cd403d261ad6da3c1c804034b4a4eef3ea1cc8db39d9e171b3f6dd074388577a4eb901c25c8031e4592cea80b6354850657f53b2acd910ec2c5a7db6abb0153e051dadfbcdf047e35591b96b5657ca55d99ef6fb48e07c34321cd20c40b30a646132f8afcb9426fe84a790567fb847076a8762ca29cfb037e0c948edc12122a1160a55d465f5c912406a10dc0d3c1156cd207e9ffe906d267c9c870521934e1c56af460c0ad0dea9c929acf85768e22bb65eca6e25e4ec8e6edb7a6215e8c7e5fdb56c7131b156ab6a78fc808f8f17a2708ff68b37778c00b3b546004fb2b2c588d8ca8276d281026bfe896698569814410422f27421b8fc5c09d47635f17ddf6b9f56a203c991514678c18a4afabe1eeca6fce1187fffcb6ebdacfc6cac9750766ed40c80e7eceb342a3fa6f86d014949f9d111bfd96e2a39d364f2e2722f2d9ab0577befe26055890161d780e52eff4022461c1d3b019b86af28c4f02fd1f7496d8c141344ad5756bcdc45158f3af7aac227c8853f607cae412db6fa924c039859fe455857bd5fde66cc1b773c12f516401a31c80d750079247c128a103361e7f0a392d21b4b1b594307ff6b37e5a242666209ec517561e04645b92e7cf3cff1a6c76c900d12d9556e2962c535401b1e61fa85e06551ed678703fb3bf8590f2608ae3c278b8d1ac286af38061afbbc3cb27ee7adc6ad299151cd00a84506e6a97648ff99f2a9d35d8421e71589437406fa8e6def8ce34c9abe5de3481c492887176d4485dac794b84567d5ebaf68d0007cb2256a0f1ce4318f6891f750fa9696fed3525059688cf973e70d688b1759cd0f3dfb0b2a7078174b978767cbdbfc3f7d5850e2f7772e2bd6e3ed69ef13cc141238b5ee04b6615e33c42fcd6cf979a0ac848458b713b9a988c1e3fc32f2a182fc0cab2e6933e9aa5c2d77db8c6a1802b43bd8220ff0ca92229fc26a44761d00eeebec834e5f7d382b4f58a2759c56e53b163dae034ffa1970acc57165746e575470e13c4044f392ae4bea93e7d666256436507bb987a247785301274d4f262f94989cdc94b209b7499bd0cb4437525b72be79c87c6076533e4a14799a60bd3563d46ee4767108bed7e637cfed6f3139637bb01f36385dc5873eed726fbec9a87da294cc11db8b49fe45b798ae74e1a8cb0f2907eb0178d2baf5f0f88f654baab9f147741945c496ddea1cfed65a82e913a131c4ac7bb6f0d8d5d28225dab8a33c6e60c0d2b2d5dbd8c35089f13f9a2ae81ec9addaefea9b8ddabc8cdeb6437381ce346db6e14d9d1e8bb4662b508d61da77fc8d9ebebceb1c23be5d0a7bba4a48c0591333ab7779bae78ff23c4bbf8a8cf30f3120a5b63a047064d7ed7d37191cf39b6d1e8ffe3b47379767bd691cb855a9c938e9a0235a5ec9c316a6dceca63fa5fe6df0b9f0d6b38add216aaf2726d3377ab827b00b4cbf490708a0f679b8cd7caadb3dee40cc98f778917d6a6263fcc0747bf75fd676d84abb7d10087da323f95c2571139fd4c9826ad5db6ee4c246b9da20592cae11f9264bd2945aa1a427b2acefb514a2daafbbae35ff761eb1e3b98b4a1dfca348b8c4ff96325a618d677180ceb7e916654ecc2deecb4e61d01080f44b98776b1b43aebeffe2c14006dd1d78c8babf1179f42fd20d87654d3246d41e9dc633eac1741be44f8d751d8c9fd57316fe06d60872939b7a2906bb27a299a3408a51d74e5d98417f05f85fc1b332e103e79203e9fe344dc1d1572de39d914c5270c839870d2b33da5a6efc08c4f0c8227cc35a7f77c6a55f80ceef90e217c80e5ecb4c236685f5219787b01612cfbac90794e8269c07fb7ca4f7dba4defb2aae2b37f7b1696e78de15dbb1b6d4ee0cc4c0fae274b2c2de9343862de1d9847515ad235b1837daa9b814f19e895ae3966ed262e3e7add9f19009e6b61462917b29502b67e124c43538a6bcab7296529e01bb26ab8b3ef094ed057383c4f92790b6f705ae9d943c4e8dad84f6ef82b54d062713c16960fb475d74d46a1b16062563da3391cc6ff5185162c31ff7339e4837e38adab8ab911abaaa006e313dd19a1f92b4f7bede4525b154e1b9f796136a85f3602da011ae2232be902347e08ce0bbf3d23d91c4aac11c8824caafa1d1ff0343ce655802c1915f3ae7c0c670b18e56e139be66a33613afcb3b1928613b3afba9d635070af678216d57023d1911f0eb7ebddefc96f0efd8e9dc10e8a87a68393e19733ef900c6264722940750ae16f664e445414e85e98570303c6d87d7f265cfae0a1e9314fc14674c2871c0d59bbe2eddaf9330a4e2a28673af73910d6cb90790f800e89d55a2930910a8430ade9551819d83d5ea6da4e58326b7ce555d01da86ea78200f0219ec92473da95cd5a632c525ca9fbcddebb8168881cdb2f5da787d0e31881e2b17d78184f3a0bed8662486d3937dab275d050b9dd5a2ce904208a91a467afc33e10fb6c1ca788a5ef30d6e8b615ec0ae1503fea7006569559b7b155c31b196b85881c5671173c06fc5373e9fd973e7111ed45874609bf3c88c6db732210a3ea04cb68662bbc2048bb55d811482af5c658e29bd18c57ffa25e88d7297cd20d4c2b13007cfae89f4dcd90177a0806a2ceb2095333b58f828c093b9bf63cd07e3d56a446fd12e755fd651211bc160948836939c17623b317b9e935307044bab2c11879a62288e7ecbbb97f10f52516f517b7b8e44cff5964fdfaf8044065056b48db13b1365004c336afa3535af1242c9b7271b8b1ba2213fcbb80926bcd394815cd7c27e3aeb2348dc45f5e06e32f5bd56d1c472f41b564ec0939cd012028412883cc098d086fd43858747b746be72b979d175f6a6447fc5908616dec7fc6c962e12e96e09bd068acd2fcf0ce1cc26d9f82b2b91bc9aafcbf8435011f73b6a8ea1bb2f3289b23236136b31656600762feff53e607df8cf3c9a7f257b212630c19f142e4cf5094250b629cabb145c77f1f14ad60ab7617078f810a766cfa341fb7c16086609bc0a768fb1cd782606f32b83a0a55d883269a05b80275612dc571cb993ea9e447b4d32570d412203ab4c8b050b63bb5ac0f8d6f4e9a1644e4b622587b2ae125c2093bd363493d58544d6303a0de17780fcd83e993aa83f4432274eee1e6333fcdc77bcfdea95b8b9ed787723e35b71f1dbe89ff1e3e6fde146c05b6fe9eae52b472624e412253a63e7fcf1b77dbff7509eec5a55501e222f66bd84d36663cd244fa1556bd34b4c9957a93a71e63961ffc7700c5545acdd3e79da41e1cfaca0956d4978222cda23a574d691dbb6c6bd083c70c2782c045bbbe0fcaa10efbc002af6832e3fa7dda0ec8ff6ded69302d55d5a62a7ec213f16ecc5e3304a83103d1c2b21e04e3f5f3730339a630a407e8cc6a5afd2f2ed78ff992035a3783a2708195a46e565a9113be8c228ccaae3510363b475732ad48fe8ff34801f4c35132359d4c5c5bff65141f4a8684d462cf5d97b44496440fff3f7a28d28bbaa8e6db2a6064cbe9fca4679afe8ca6dd27a25c56f3e58165040f19a0455199a0ece4583f060979427f2f3495f40a83bc6ee3eaadab18705d464662b8aba9c7aa2f29114f7acc247548a85bd44723064abeee18f7f558f6d0d74fa08103dd906124454745d23005c425b260b0034372123b642a0cbebbc1a0bcf0cfc3639876eceac5f9734057ff659cfd35b1a3eaa768b86d66244aabc23a45676a59d492614f1c0011c9253e53fc7bb3e20d303afdb5b6614dcc7bbf72a339e414672aac23c2e2983083f08dbc34e3452def00f402598b6aaa4f0d896d1648b1442621993b7d0c930560cb6152b9ce59f94356726816a224fca84da5dbde6675d20f546a3e4635e82ff9575cac9160e6819f", 0xfffffffffffffd8a, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1e, 0xe, &(0x7f0000001600)=ANY=[@ANYBLOB="b702000000000000bfa30000000000001403000000feffff7a0af0ff1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7040000050000006a0af2fe00000000850000007c000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da487130d5f24bf901115e17392ac66ad029d1c000006146001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad229e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d6f4ea6bf97f2f33e2ea2e534300bcb3fdc4b4861004eefbda7f54f82a804d4a69bf9bc5fa77ee293fbd165a5a7c31de7910d1ed4065a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db3503680e5e5971ff4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dacfeb47479321a0574fb304bc2a1681989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f3de8726c2a61ec45c19f97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c5f573c6d294d3665016ac59dda0fde0745db06753a7ac7fe13cab6692422a46e9ffe2d4a2d32f7528751313694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9bdce38c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c5f1e24d9f679e4fbe948dfb4cc4af05c28308241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5490f6589880ed6eea7b9c670012be05e7de0940313c5870786554df2623d58f5ace92d028f2c71a6ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c31539b22809e1d7f0cda06a9fa87d64cb77962a2cd8a104e16b77d5f7f13b1640d43e11801140caf1a8b1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b905fa02208d304d455c36300000000022320178b00cc6ed7966130b547dbf8b497af0a77fbcf2cd1d0000002000000001c800000000000000000000000928ee53595a779d243a48cea769470424d28804c026ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf34117a82a96b2ced73abb8e4bb718d6ee7aebf9ef40662d7836d252c566f5ee938a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c74f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec7eee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab50fe82d5a96b09c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cdfba05e3633be3f00000001762e5f5a3a0bc33fdbe28a5ffc83f2f08544eb2794e7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5d81e750d50515a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f85d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d801002653c4d9818708e27c89b552d3fcd11ebce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff2a8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290af4000000000000000749efd3763655500344bae34137f5ab0d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b850580994484305d7a1759782ae57773e0d8b0ab900edf5e9020c09ab004321610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af0bd91e328b6a6f732a91f0e2e9120be61e58c79d497247d278888901d44bf77ff246605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c2d0836395fe39f0e11c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc71300000000000021000000b12f0ec0412268860027c9a46157a3609b6fd9843ee19ec647249a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b50f3ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861ddb54684cb73e7aeefae47fa09fd88e6043bd52ae84c1bb0c8a6b769f952283a1f4e3842edb3d42c68a2102fa1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e81163bde261fd00000000007271e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d1b8b90bc0df4c4b51b1f922a44ec675203bf8d1548e49262727c3de6daab3b4ed15aa99802e45d0620617e839b5237ddfcf103c91e61d174e3be6c9fd47398797e3b814e751ff31ecb42de6dd9d6b88121aaa680c236a303914e00150e1ec3f144ebc28287d5b51cfb8cabb844d12b140767d0fc24425590024b2e431722392489e3d43b3e31438a0138988083c47c61384d54e9a40fba01cac6e59ec82edc764840fe551c1d57442970cd8e59b9f41094e158c0a1ee855d8515599685486c2a21fa1c107531a0db8306441e8408b34aa90e9736e672d74cb8e78f8bdb93a23d024fc200796836ab396911a56231e953efad6cd83db32ffc595d970108e9547ea0000002730d5d1b70fe8b458ac1651135037b6cb9c8053299f77ab84c5b9fd2f764c3caa9c69377c397d310ddc7bc4bfa165def7b49e28ef196ae263b6829a8419d8860f56c86c288964ac4bc19839d96ff24b981c3a4fd6f93a000000ea9d6b06dafae4c91177"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffedf, 0x10, &(0x7f0000000040)}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x20, 0x0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x0, 0x100}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000180)=ANY=[@ANYBLOB="05000000000000007111ab00000000008510000002000000850000000700000095000000000000009500a50500000000d86f894ddd8ca6ff240a54d810057bb4b9e974dfdc1217c7306fa9c1697d91424e6d4249f617e13229998cf6bef567cc3704aae2f47a6b8c921e40c2fe45003ec86aa697187fe8d6646dd363a5cf9175691ebcb28b38f794ca6fe9846379c5cfac7100dc5a37fcc756451d39"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x6}, 0x70) syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="040e06"], 0xa) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000200001c0012800b00010067656e65766500000c0002"], 0x44}}, 0x0) 16.387800208s ago: executing program 0 (id=523): ioctl$SIOCRSSL2CALL(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)=@null={0x40, 0x2}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.current\x00', 0x26e1, 0x3a0ffffffff) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000580)={0x103, 0x29, 0x0, {0x2f, [{{0x80, 0x2, 0x5}, 0x2, 0x4, 0x7, './file0'}, {{0x8, 0x0, 0x8}, 0x0, 0x60, 0x7, './file0'}, {{0x0, 0x3, 0x4}, 0x5, 0x0, 0x7, './file0'}, {{0x0, 0x0, 0x2}, 0x5, 0x0, 0x7, './file0'}, {{0x0, 0x1, 0x8}, 0xfffffffffffffffe, 0x0, 0x7, './file0'}, {{0x20, 0x1, 0x1}, 0x8, 0x99, 0x7, './file0'}, {{0x10, 0x2}, 0x4, 0x6, 0x7, './file0'}, {{0x4, 0x3}, 0x0, 0x6, 0x7, './file0'}]}}, 0x103) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$VHOST_VDPA_GET_STATUS(0xffffffffffffffff, 0x8001af71, &(0x7f00000000c0)) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'vxcan1\x00', 0x0}) bind$can_raw(0xffffffffffffffff, &(0x7f0000000340)={0x1d, r0}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) read$FUSE(r3, &(0x7f0000000480)={0x2020}, 0x2020) lseek(r3, 0xfffffffffffffff5, 0x1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xc, 0x0, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_emit_ethernet(0x5e, &(0x7f0000000540)=ANY=[@ANYBLOB="ffffffffffffa2aaaaaaaa0086dd602e5cea00283c0020010000000000000000000000000002ff020000000000000000000000000001000100000000000004b2007f00050200000000000000000000000000001090780200000000000000"], 0x0) sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x8) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newtaction={0x64, 0x30, 0x9e54f29ff072a93b, 0x0, 0x0, {}, [{0x50, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000003c0)='pim6reg\x00', 0x10) utimensat(r4, 0x0, 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000140)={0x20, 0x0, 0x0, 0x8000}) sendmsg$SEG6_CMD_SETHMAC(r5, &(0x7f0000002500)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000024c0)={&(0x7f0000000400)={0x34, 0x0, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x40}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x4}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xfffffffc}]}, 0x34}, 0x1, 0x0, 0x0, 0x8010}, 0x8011) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000380), 0x101bf) 12.770564342s ago: executing program 0 (id=527): socket$alg(0x26, 0x5, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5) socket$inet6_udplite(0xa, 0x2, 0x88) syz_open_dev$loop(&(0x7f0000000100), 0x3, 0x0) syz_open_dev$loop(&(0x7f00000000c0), 0x0, 0x880) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) r3 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000140)={0x6, 0xfffffffd, 0x4, {0x1, @raw_data="3d924b8271394fa4ec01eb92492ff84715d1a004d08b012a7cafe27a5f313d31bbdae5b411ca5be6bfe92437ed0d21b5180e375be56b3b9306d7dbb26bf9f22de7ac7681cca450055250217bdf1113b4258293ba4efed32147bda8454dd115bd5ba066ba06f2854cc96db9a98055cbde9fd084a1223ada91ed2e832907a01ab5ee65f997b617f73d1aa5a6dfc47acdc5eb834f8e448469d235e4380cbcc3314c94970349a3c1374ffec96177b67caa0656f9664277cadb8597e7d911ad1da457ef9744b0993c57a7"}}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x7) ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0x5402, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0) bind$alg(r4, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-avx\x00'}, 0x58) r5 = accept4(r4, 0x0, 0x0, 0x0) sendmsg$kcm(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000940)="d744784ca67c0398246d848e6df22054de2bd8ca3da64dfdea7d8eb74ffe057d7469066c6ca034a2677ce0c1c25e2b2a825d677e0fbac312a7da165cd5db94fa38cdf3a3f3f93b912a7515e0b1e441a3be644a296bcc765e7adc9ddb4d14376a69cbfcd2ddd156ba432349e96debeda26ee8914c28f4", 0x7ffff000}, {&(0x7f00000009c0)="d86e5c29ab2c0dce2b79f95d543a0d6b45dec9dab7afbc0d6d678feb7a652e67638c3ee007937917fad76308e99818f8f112b73a3c3e3c5ed80c49fab6e0593e95008b4a47aebdde3e28cea1cec26385f3d03b872970dfb69a63a6384a9be5b9419ff8ea6d9c2a730307894adb589d11a1ec59255d10acb1fbef", 0x7a}], 0x2}, 0x0) 12.619817283s ago: executing program 1 (id=528): syz_emit_ethernet(0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000180)={0xfdc, 0x8000, {r0}, {}, 0x1, 0x6bd4}) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000080)) ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000500)=0x19) sendfile(r7, r8, 0x0, 0x20000023896) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000040)=ANY=[@ANYRES32=r0], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) socket(0x8, 0x0, 0x1f) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000140), 0x2, 0x0) 12.539571593s ago: executing program 3 (id=529): bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) sendmsg$NL80211_CMD_SET_PMKSA(0xffffffffffffffff, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e751d"], 0x24) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYRES8], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90) r0 = socket$vsock_stream(0x28, 0x1, 0x0) setsockopt$packet_fanout(r0, 0x107, 0x12, 0x0, 0x28b3) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_io_uring_setup(0xd2, 0x0, &(0x7f0000000040)=0x0, &(0x7f0000000080)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x0, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r3, 0x11af, 0xdfd2, 0x0, 0x0, 0x0) ioctl$SIOCGSTAMPNS(r1, 0x8907, 0x0) shutdown(r1, 0x1) recvmmsg(r1, &(0x7f0000000840)=[{{0x0, 0x0, 0x0}}], 0x414, 0x0, 0x0) r6 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000880)=@nat={'nat\x00', 0x19, 0x2, 0x348, [0x20000280, 0x0, 0x0, 0x200002b0, 0x200002e0], 0x2, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="00000000000000000000000000000021000000000000000000000000000000000000000000000000ffffffff0000000000000000100000000000000000000000000000000000000000000000000000000400000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff020000000300000000000000ffff0000000000000000000000000000000062726983676530000000000000000000736974300000000000000000000000007465616d300000000000000000000000aaaaaaaaaaaa000000000000aaaaaaaaaabb0000000000000000d8010000e501000010020000636f6d6d656e7400000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000003f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073746174697374696300000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000ffffffff000000001b0000000000000000007465616d5f736c6176655f310000000069726c616e300000000000000000000069726c616e3000e575dd73000000000073797a6b616c6c6572300000000000000180c2000000000000000000f646793b7b3900000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000000000000000000001000000000000000aaaaaaaaaa000000edffffff00000000"]}, 0x3c0) syz_emit_ethernet(0x70, &(0x7f00000000c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @dev, @val={@void, {0x8100, 0x0, 0x0, 0x4}}, {@ipv4={0x800, @tipc={{0xe, 0x4, 0x1, 0x19, 0x5e, 0x66, 0x0, 0x2, 0x6, 0x0, @multicast2, @multicast1, {[@rr={0x7, 0xf, 0x6a, [@private=0xa010101, @multicast2, @broadcast]}, @ssrr={0x89, 0x7, 0xe5, [@initdev={0xac, 0x1e, 0x1, 0x0}]}, @noop, @timestamp_prespec={0x44, 0xc, 0xc4, 0x3, 0x9, [{@empty, 0xfffffc00}]}, @noop]}}, @payload_direct={{{{0x26, 0x0, 0x1, 0x0, 0x1, 0x8, 0x2, 0x2, 0x7f, 0x0, 0x3, 0xd, 0x4, 0x3, 0x5, 0xd, 0x1, 0x4e24, 0x4e21}, 0x2, 0x3}}, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}}}}}, 0x0) 12.531397752s ago: executing program 2 (id=530): socket$packet(0x11, 0x3, 0x300) syz_open_dev$sndpcmp(&(0x7f0000000000), 0x2, 0x440) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000300)={0x76, 0x0, 0x1, 0x9, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4, 0x4, 0x0, 0x1, [{0x0, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x18, 0xc, 0x0, 0x1, [{0xfffffdc9, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6d2c}]}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x0) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454c8, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x144000, 0x7fe2, 0x1}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r4, &(0x7f0000000180), 0x20000000}, 0x20) bpf$MAP_LOOKUP_ELEM(0x3, &(0x7f0000000000)={r4, &(0x7f0000000180), 0x0}, 0x20) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r8}, &(0x7f0000000240), &(0x7f00000003c0)=r5}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r9, r6, 0x25, 0x2, @val=@tcx}, 0x40) syz_emit_ethernet(0x22, &(0x7f0000000100)=ANY=[], 0x0) 7.558777411s ago: executing program 0 (id=531): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="04040a00000000000054679202ce9eaa48b326b038d97544c8b681bad547412afab3663029531077c8c4fa2f7501610d4eae6214096ae92430cd63486f07b04d9c519ab15a6e842e1352398f95ff35f5115a2c6c50f63336179b5e6b1f774a63506e8cb76bba42c6bee078240ec871a2bcf7dd5691833ac53a02f3614eae3afb9549df1b77ce0baebc9f6306644f6f08bbd3ca3229d272acd3483bf3ae4228f7a2b839594856918b10ca47ad4dc249d99c244aba277d101b5ac305"], 0xd) syz_emit_vhci(&(0x7f00000000c0)=ANY=[], 0x14) write$binfmt_script(0xffffffffffffffff, &(0x7f0000000780), 0x208e24b) openat$kvm(0xffffffffffffff9c, 0x0, 0x4e8802, 0x0) close(0xffffffffffffffff) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=@base={0x0, 0x0, 0x0, 0x8000, 0x2460, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x48) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_open_dev$dri(0x0, 0x0, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4}) syz_open_dev$dri(0x0, 0x1ff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x6000, 0x1) r2 = open$dir(&(0x7f0000000040)='.\x00', 0x0, 0x0) statx(r2, &(0x7f0000000440)='./file0\x00', 0x0, 0x2000, &(0x7f0000000480)) mlock(&(0x7f0000bff000/0x400000)=nil, 0x400000) sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0) r3 = add_key$keyring(&(0x7f00000002c0), &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) shmget$private(0x0, 0x4000, 0x78000000, &(0x7f0000f39000/0x4000)=nil) r4 = add_key$user(&(0x7f0000000480), &(0x7f0000000280)={'syz', 0x0}, &(0x7f0000000a00)="c218b8fb4f2711662cda1925942565487e7d348d3cb55586a0b8af4c8b0e15dd9b6a54e2b1949a11fd43529b6d7178ad1bca2c14db39ff5a5cc5653035257088bc479654863b4172cad06d296711c31da28fd6ee8733d014bdff64c5adb64d1df761b14bf856875d2ccbe1d4559c3a7600ffffff237a5aa929be91720ce0468e265d13f9ce80c2d474cff4fabd20cfa00fdc867ccd24521a769b61fd609b55a3672c221fc7ad9d29bb5a826e9e7fc46139e19be09c2528fdfba998dd047e8115c02807698c6c824a940100000000000000636c88246f7df2ea55c356a3f2ff7136e7f1cc7dc8a6500d08b554a0932784e08369203b220e9d7109cee984e6c620739f594cd4e06742cad50cc162b30348ab2082176734522f00f9b1baec7e6aeed020c10affa1d20a79dde91f42882b766be08d1a9b39060af788a357b05120948857f8dde09dbde139ec000000000000177c19e9d794dbc1fedae6b4fe888eb81797573c", 0x164, r3) r5 = add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f00000003c0)='X', 0x1, 0xfffffffffffffffe) r6 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000100)={r5, r6, r4}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'crct10dif\x00\x00\x00 \x00\x00\x00+\xcc\xff%\xd2cTH,\x00'}}) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f000000b500), 0xffffffffffffffff) r8 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000100)={'wlan0\x00'}) sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f000000d040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="c39200000000000000008900000008000300", @ANYBLOB="7438a76b363d6f634fb9ae85f962f8b602f07403d8985d", @ANYBLOB="180007c18f00000000000000000000000000000000000000b3378f9ca53d6470e4c70ca7c4a3dbaa28c51e769987d0d4cd806b5c9e3585f28c45d41ef217e64262a2ccc60c7937d861255ea4953063331c781228368d3cee1b1617efb2d2fdab9afbf1982bc0b4102e89506446f221993a4e8567f4c5e70ecf9857cc3daeb0d527d1aa3510c12902b821f727e15022acea4ffd0479330f2aa59da6672c"], 0x34}}, 0x20000004) 7.557299786s ago: executing program 1 (id=532): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000900)=ANY=[@ANYBLOB="000000000007010000f8ffffffb70200000300cd00bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c868b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc8734c295cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14bb2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e840000000000000059efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e5d7186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda27a7e0d7aec6b79e30cbd128f54c2d3335457acf37331766e472337e358c3b377327ac9ecc34f244a3c307145452ce64dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e4941988e4fde1f7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29d06000000000000002172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c65070020d7df0abc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00000000000000000000000000d6d953a2b882129f1e5575b96244d34b4b375d45b81ff5937f0374780916fc6ce762f41c045ed5738d8cf872b9581d10243ea70900013730ca0561b8b877285c4b5ffb4be9faae92d57c61bbf4c5c0b9ce060bbd0fef"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x7}, 0x8, 0x10, &(0x7f0000000640)={0x0, 0x1}, 0x10}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000500)='rcu_utilization\x00', r0}, 0x10) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x1f, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) symlink(&(0x7f0000000280)='./bus\x00', &(0x7f0000000600)='./file1\x00') mmap(&(0x7f0000400000/0x3000)=nil, 0x3000, 0xa, 0x4d032, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.current\x00', 0x275a, 0x0) socket$key(0xf, 0x3, 0x2) mmap(&(0x7f000068f000/0x1000)=nil, 0x1000, 0x0, 0x4000010, r2, 0x5a5a6000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x2, &(0x7f0000000480)=ANY=[@ANYBLOB="500085da410da52e0a358fe9dd3a2137b284dc5cd4e5dd11e7a8c7cb75547f11ce4ef65cca1ff9c3b88340d0382bfede47ebcb1351ddaa36327e4533036194d02305882f1ea9d450bb8c089bff1b04a9"], &(0x7f00000008c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x11}, 0x90) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x5) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0xa2802, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@xino_off}, {@nfs_export_off}]}) chdir(&(0x7f00000003c0)='./bus\x00') timer_create(0x2, &(0x7f00000002c0)={0x0, 0x2c, 0x0, @thr={&(0x7f0000002780)="95d199129eec9d2d77259e0b7bdc3edf79a982ae1cdb52844d4f9f671135a9ceda6c9cb27269e882f161cd9d6d3db193f940b677a31e4f6517a441f4f7b72ad495d9cf2cfc5ab587e3f79ab9b5b9a09d7609842ac90152c3303be3748081c2c338eb613f53bda377c1cef2c4d071415a087f4e2122bb06b901d93120aa8b3a6322533b1cd1c919b8c2289007a874046a7c2ad49e484d8d4272e9799a3b6d49431efdffc3793d4dbe18ef48e44d2f8ee28e8f9bf7cb9a5263986e25b42e1e644c8bb0ccbc42e01f0945856acaea8c3602b480013198aa4c8144c17fe377f70c588724c3fb9087850da029be44dbc35e446a5da6aa5ad5faaa88fa5fb0ce7d89f2127ded21109f268da378095d78988e20220d540b6b747afd7dafb197eb3dfd832326d083e9da6abbf953ae0d8e3c5ae789b4d7d8b325f130dd81bda8fddfe9165a66d9840e6cd86e886a1e3b8ec136ff01c015c7ac267304b261e67e85dbda2b0f00e6b8734c4c6a32ce47b76496e306049ffecfddecb356b189becdbb6fa5c057b11b61b379e3484c41e3e927f94177e2ae96954e0090d45b3d82d782fbf669284ad5c2066dd896767c863780d7dd32a7cf27f2ead362aa959b71116ab4b24907aaf5a042c0fa630c12ba84d66b3b042425919f443e498bc380fd5b3989cffb64acc9e32df9b856a392bf0f1ac3b3fe61f4bba301bd0c7a7ac4c9c6935283fbcda4767ca66d9ca1af47391654a6ea20dd7fb7dfd2e9e6382ecfd64edcbf8aabeee66181bbe8a4546daa91700f2f89cc243cc773595fe90db52419badc9843c77395641b685691fb8ad9316ff917b4db4e6d1faab0e9edb2833e3d9caba195cbd19ad3b3b44953ea29506c615ac4bb54d592af0394c6d09abad23558ec0e65bd73a0517039c66ea4b77f262c0b6d039e010d28bf7f02defbec8d35dba052ced651b1da92f0038774ccf5f6379022996c73ad759ec4593109d25af106b8439a161e080f7aaf8d4a2478875f4283ab0ebac855cc175c4879fb3d3d33651010ce5d58604263685df70cb35487a6cf3ef44b26394a1230bb3b2b401d2cfb7d6307d1fc61b835e04e7c256ac3a816f62235118a689c4216f9d1340fd5fb6734b9f376d0aa3bf9bff1f32bbe9999c1da13c13f2cef18f92b0869e915ed8e09671b8710f0e73857fade6d89367468f57e3adcad251940bff0620119f6ea8900ec820ac6583c8e2f49d677902b8c9cb53539c1b8d826a63e282f47d19adbe7579f5847de7aa51598ddff82caed68dfc49446f5ef714b7904962bf64c267527240bf4835e05da91372b587166660bc9c49dd652cf97667987b8630839d5b2737b136b4ea96d5966e8ea11c464d71911569c9c4a9fb51cd8ec6663e3fcad37551bb2296c666be4b77f904091c63d20265a5f5288b10ceef69063f9325249352b09a1c5a81d95fbfb51800951b2a7c655add25b96aea12353a20943f811c0dbd413cba86b3cbb8009df02115ddd47ca5ad2d36fbe189b62498038097cb6abbcf4d34ba90f26ecf6d345f3e45f0d7bd5fca8cc1b19e905ac8a39150759e84e003afc470136aa529c96e62d8d04b0612f00dda6d6a3e7450f1b6019300fa66002da7875bfe5af9f3aa76226cc83b57c2b4bf78729246b1b42186ff8c60c38ef0723bc5cd80e6885d667e15a2726812558e4213cc0d0d2cb24854120190af4a5a3a7756532a2246a6b1a2dd00c4e328a4114ce3fcfbf233c1c5cfaafbbab7e370d72fd640259bd3f068c11b3d5089a7bd4636088b5c86d7394a336826f3c7d5473fbc6ad2d29d962e681e694ea6dfe47406dbc2c3a311bca0b99bfabb212240c98cc0df06d71b4b7b09e032f53677199201d58beda623392879766287c0d9a1a7a306ae3a2cd1678dec5b2dd2f16300b3362c4123ff5355f370903012e0f9f2aa8d07a0bd3ed164abee26b87912cc3abf716301f7d12c112efdeade0fec213865c9734979a4c74918109db520c5bcd40fac4b58c37ff129fb734d36a90b699a20a34b3120e3a15525399124e665043ac58fca2f739853482c59657445b411d6bae58d0a34686280e5a54ce1898aa35804159dcaf26ea7b4a11aa425d18dee80d7299b42687ad3ac852b53af9318598e717d1074459f1cb08b80b223ca9212e0fa3f86f550c13cd4804cbcf8ef3d6a2881d37989dfffdc040dc6d3a4a9d2443b1bbbc81277ae49f7530f484d16f17ea3e1def69aa3a0c26d08f9d0566134f15a9ef3bcf812b40ce18490728a7b9424abb41d58fbc6b53d9056e6f29ab10816066363d0389bb5c8a305b88890d53e0b7657f55a3d5a2828e399e60ebae80a3ed9f800ae1d88ab9ce411ccee1be3ddc0adee02e6aa455b2e8d6da0141e5cec3078935cd0f5f9b5deb0872fd27b7ca9e316f9fb201ce2cf83fc2dd8daf19a84e9f44e65444a32de3d8d019acc3e5480ca24c6c8cffa7472dcc382abb6efe273f0a385bbacf9c94d689b5f273d00fe0cd5a1499c1bec494a9072342f9ced5eb7c230e596920dd4bf2c97ce0c1ae010669749f0ad32edf53c276a26f9a654a632b4686f4c4352f25dedff2cd46ece899e77b4630939dcb3f24672c5b0a3e4798cfaf84c58afc50e79d20bbd22ba33f7ced4ff8b01b536b04f84b2d5da150da6eadcae90d4fc4854999b363bb808a98e33796beb60783bce645b6c087550314190ec9a0d3f3693ebbd62696ca1b333c1f77ec50328d46104756393fd7a1903e16f13d0dbdd8c9bc3b4c86cc2f83f65dcbd8f7840e4a110d726c2bc79c8cdf70fbfece3becf9e04e54d0bd221176fe55c769c8d93f19bed5bb4242fda5481441456cf9965a1673c1b6eef6c7afc68cc2a85c92ffe4a02499f4bbbf4d41050d7b5af58004fc1146069ca67540e9c5de61c57a6f64490d7c2f1761441d15f30f14524a15cc9cacca676487443c38c7dfc18c8096f5dfc4687bb64eed3a479c5f8592cf68bda00c42c3b5bb6e78d69d67572581dd211e7ab183fe216672710d25d4c415d466c9b75fac5dcf01043980defafc9dbd6de27da5d09917e2b82f8b0f7d6e85c0b4f54fa583b9a686922ec19fa1395cbf855d541ae4225a4c578a4eeca3540ab60a3f9b38811c6e27c9dcdd08a38e2c9b2c498d5af5fc09d6965e012ab09f1693385a9e077d614b729a36c638eff25b640578ef839baadf0118ab9b8351367ecf482fe2ee60584a7ce15e90f795e4330b79a13ceffe7b852f12959084ca9eb23b722d4f45794cdd92994f82ebdc3e627fb5d20b70e26487afe83d107da8fff7e90e174bdba927572322aac50cb762f28efb21e050f84a3c575ee8fbad28cd2ecd0282de6cafa9828617f5b59b86c59c07c4776fa9d79a3f7060eca7ad48247f95378b3e57fc75c79d46331f0f2c3d38b4df39f896b26ed471719f9eca42254224b13117accbae7809afff1c73a865e9cbf047921ae5a721d3e19d6c083771e8e1850f59a4018142161f832d8d6891a302672592073c79689b856b2cb777515816a87c0d12a48eb06d9217e8990de736d44a40dd5aedc3170cf9ef3ada51febcfc38f8e22e3e72d175cb33dfd7a3c922ce01d675f335b792895482efcf0e872240c8526bf82abcc7db08968cee4fa2953749bd3f5cb7e677a42e262ff3e6da0c9d6bafb259c4b221aac05e3b664511c8d12928d62097ec6a54c86abf0652235c89e91295a106e64004072474be5585602eb1a3a678606a68d0c81d0330f67c45a103d5be76457e0f7f5a26ca0872c294e4de44076d6f5ebae4b339423462765205508c045ffb3ab310a9397e6057c2bc3803769993631a9bb2514c5ea20677cea66bfd8a56cfa0159aa97f04c32eb84e0affffc0dca322e7b4882ca801527d6509cc1e853f650c7a6dd4054927b3140fc6f82521ddabbb70689c1d26660793a7eaca99e561149449aa3aba8edb13aebe41598c13c65199bf29ff1a1f822cad7f2d0e9d0ef60fa3de5b66318b925d3a224e8a55ad60f534935e390ac03c8d6536cd92e8c5bdbd035811dbf45e1fe5423e11155b334e04a3b339565be18d9cc3e111000c163779e1684bb3596254eb852fd62a2601931c8b16539a97a83e5c07c0d35c00e920c43dfc02204a08df6e58fcfb730e46a0dacd2df8bd6aa473086aaba3fc291fb195c681dc8e7846fa9654054e2631dcfda9389211f8a5e6a72d868fbfbbe2e2493de6a0b3a806e7e567a37f921edba661f00f117686502c4ce8ae4e86953d57bd526abf2ee8a73cd43f8b324543c4b537ae397dec0d73d08b4cf639c0f810d2ec8c24c52068b991cfcbf15e98315db3ca0836672a47a7c3c64dfb8f4351b331144793b0deac2ca88814cfb0e652a0a44a70783f64c693e902e4b651cbca986851efa5a1257522a4cd24c33a800e7042b380d50f510015cfaf1da23f760af78a71c1d5197f6d35338456bf92e2e776ff4cee0b6bbccea22971db0dc6f728951e2c50e4671fe92686f8e1f23f0a909b5ca0063be22b284f3eefb97bf567ab26680a52fc78ed57f9d0e985d13bd4cbd24ab79dff1b4a474d7e991ef3ddef61bcd3e3e3ea3c99366d633b2c8eb44163615a42b3a5b669d0ab36de62ac448268dc51ecdf008f6b9d51599f0f7c922dca9dabc61b0d4f73682adb9e4b929083d14823b171624a27258cd3274e082f3c3692a4360628d6166dc75b98479998ca95bbb3836a1dd011a94c6af17f9c058f431190d4372f48380b542efa0679d97c05d7e00956ebe6146910ba9d17f37d4af0eb76140d600d3e429b88ac61ccae0419f3d15748c9804a0c8ff1e25edce399031dbedb0b80fe18998cb85f32d5eca07ff66d0ff0cd66d1ee593587abfe5c514dd5f61360e342a129aa63135e17c0d1f256591aa45e4dbd20866f2331f88d0bc3de756cae0635ce4938866dad66e23be0e10ac399064bcfa4a9a26a1f4dc90715634fef6ffa3ed631deacc043ec6110414c821e80b0a7d7b3d98ba5365ea8b790ae7d2bb90df94cd541c46109bb1f8f56ea4e408d9de9deebaf2572f251e0b7b4ad45cde9047343cd0b3301addec8ea1f19dbe11ca7dc7f1d55acc23bc62cb6a63c1da4937b945762d699539fce229bcc9acfe33ff75e30e047296d8639bf1d41ba0f8e43d4d7f3883a9c079350b4755ac3d80238d38176f7d46b539dc064e061cdbdd98eb0f4c7f1cf563fdeed1f344c3531056ebc5faa454115cc2fe2bb3e412441dd8730312d65d75c193dfdc926e9b627e5b90208b8c3cd7888d79897ce413509daefb4af4ed3ef368dc5716f97034d503641c785a3047cbddd2c3f48cab1e02ef8ce04c31a71cd1a7d78e645f29d348fa0d4d61927fdb7d78db283f7f1ac9eed885a62dbcf26f2c845212bc653def8b9d02831fb5046a62a4a32448feb62a1a1ec40a9e7312c6a484366d0404273879029b8269daab031475f8f611f2b4c795b8f87d310ad2b54330f6f7f489493f728fca522e731a8bb75a8d032fbec387861eaf08e6ac65bbbe6750017bc9066656c81f08efcfc7f5c61ea10c38dea07fff9df2b0eeaee3d536cb2ed358afa9b145128f65ec19e145bc1d6dbe47d6346dd0a6935b7f46aff743c1b46095fc016222d97c86d449b3e1f74730cbb47db24f378ba125fca3446c6414b534b79d954859cb1c1128d52a470febbdec5d29469a90a73b5c1285bb740e01f2fbddcf0b218e0c8c01fef1fc635d6b173a654c67bd43793c79448f084177842d161cb36a57354e94805b891e7a820fb569515f93eae378931536467d65e004489cd14d7b0158070cc6c653af28c788cdaced568912fd856a5c3770023f6fdcf0e43e31eff6557f33e1affd0b64e", &(0x7f0000000740)="8b4cf1726077ce98dc3f2faac486b6fa696d1737d9431023e10a9e6ebc726d1d7e63efc251d687b8ef88da6d5675802ed9c6e1ce713dac33568564d1ca08b25d0fc9d8aeac04e3e11587078e0743e915a8791aec3136b9b9e4a48bb62374adaf61a4fd7f49fd16c04a6093e794b229e1c25405fb6526a17b25b0716ca060cdd5da2608c3c030a27deb620208c73c3920bf9f1799b965fe7e7fec1b029837ef8b3404b08289de57a9e7c7971716eb2561448a0bd36e5722ec01fc774ff7633b89cfc092c345fa2049ef7a01f38ccf3b104ae9a2ce3d41961e52dfa84697f6f3eb8c22db6aae463ad78189a62f5c0104c147aa40ea59f54c4d4ed621758b3464"}}, &(0x7f0000000000)) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x11, 0x200000000000025f, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000100)='syzkaller\x00', 0x2, 0x0, 0x0, 0x41000, 0x60, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xae8}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='br_fdb_external_learn_add\x00', r3}, 0x10) r4 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000440)="2e0400001c008102e00f80ecdb4cb9f207c804a00d00000088081afb0a0002000a0ada1b40d80800c500c50083b8", 0x2e}], 0x1, 0x0, 0x0, 0x5865}, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0) r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) ioctl$SNDCTL_DSP_SETFMT(r5, 0xc0045005, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x200, 0x0) mmap$dsp(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x3, 0x12, r5, 0x0) ioctl$SNDCTL_DSP_GETOPTR(r5, 0x5008, 0x0) sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000680)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x10000010}, 0x4000000) syz_io_uring_setup(0x78ba, &(0x7f0000000140)={0x0, 0x0, 0x9ad65c881b4e349a, 0x2, 0x25f}, &(0x7f0000000400), &(0x7f0000000200)) socket(0x0, 0x0, 0x0) bind$bt_hci(0xffffffffffffffff, 0x0, 0x0) setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000240)="417d0b8e55fd932ace3be0ed35dfd3aa98e3b597599d7efcee0f907366fa5377d90cc256dc3d6ce48ffb46d9acd0e330", 0x30) 7.556443697s ago: executing program 4 (id=533): socket$inet(0x2, 0x6, 0x8) unshare(0x26020480) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, 0x0, 0x0) 7.527696477s ago: executing program 2 (id=534): syz_io_uring_setup(0x7b, &(0x7f0000000240)={0x0, 0x4, 0x80, 0x10000000}, &(0x7f00000001c0), &(0x7f0000000100)) syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="04040affffff"], 0xd) syz_emit_vhci(0x0, 0x0) syz_emit_vhci(0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x10) syz_emit_vhci(&(0x7f0000000180)=@HCI_SCODATA_PKT={0x3, {0x5d97b804a0c1e2cd, 0x12}, "2a69725159dfa39259c25cba29f6de9155ce"}, 0x16) pipe(0x0) syz_emit_vhci(&(0x7f00000002c0)=ANY=[@ANYBLOB="04140602c90004990b"], 0x9) geteuid() syz_emit_vhci(&(0x7f0000000380)=@HCI_ACLDATA_PKT={0x2, {0xc8, 0x3, 0x1, 0x10}, @l2cap_cid_le_signaling={{0xc}, @l2cap_conn_param_update_req={{0x12, 0x9, 0x8}, {0x0, 0x4719}}}}, 0x15) r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x201, 0x0) ioctl$SNDCTL_TMR_CONTINUE(r0, 0x5404) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x8, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000730133000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) write$sequencer(r0, &(0x7f0000000000)=[@l={0x92, 0x0, 0xc0}], 0x8) ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(0xffffffffffffffff, 0x6, 0x21, &(0x7f0000001240)="e1559a5e60105410b305c60625655dff", 0x10) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x3f, 0x1}]}) add_key(&(0x7f0000000080)='.request_key_auth\x00', &(0x7f00000000c0)={'syz', 0x2}, &(0x7f0000000300)="5ea6a58c52f8ac1df9ea63ac32004673c8c51bde6722e926c732a44ade2c4c153562a0fb8fa191dbc1281c98cd6db089948928dd54ca34205bf05e988aaf8bca87b56c1e3907e8dfa10077ed7bd211e3be5e42d5e1", 0x55, 0x0) r1 = socket$inet6(0xa, 0x806, 0x0) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23}, 0x1c) listen(r1, 0x3) r2 = socket$inet_dccp(0x2, 0x6, 0x0) connect$inet(r2, &(0x7f0000772000)={0x2, 0x4e23}, 0x10) r3 = accept4(r1, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$ethtool(&(0x7f0000000140), r3) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f00000003c0)={0x0, 0x0, 0xffffffffffffffff}) ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000400)={0x13}) sendmmsg(r3, &(0x7f0000001500), 0x588, 0x0) memfd_create(&(0x7f0000000700)='\xc0\x87:*\x18\xc1k\xa7\x87[\xa0o8\xaaK\xa5\xd3\v\x86\xca<\x7f\xfd6\x8d}\xd8\xf2G\x82E6\x8f\xee\x88e\x7f\b\xe0\xfa\xb1\xd8N\xb2W\xcb\x8d}3lm8\xa57\xc9\x00HOA\xc8\x80k\xde%\x00\xb1\x9aF\xe2\xba[\xc7%\x88 \xeeQR\x9f\x81\x8b\xdc\xc7\xdc\xdem\xbe\x7f2\x11)W\x9c\x82\x91\x17\xd8\xda@4\x9f\xc5\xe3\x8d.\xd1=\xcf\xbf\x81\xb5\x8d%K\x1d\xe7_\xda\x87\xdd\xc1\xf0\x91\x1a!\x9c\xd3\v\xc9\x95d\xe3*\xa9\xfa\x99\x9d\xc0\x89>\xc9\xf2/\x13{\x1a\x7f\x00\x00\x00\x00+$\xedX\xb7KV\x90\xc3D\x82`\xea\x16\xc6\xcef\xab\x05\x19\x96\xb9_6*-\xf3\x8c\x9a\x15\x9c\xf5\xb4O\x17@d\x81+\xf6\xe6+\xed\r\xd2\xb3\xaa\x9b\x7fC\'\xa2\xf6\x12\xa1\x15Punfo\x7f\x92G\x0e.\xcekh\xb9p2\xccC\xbaH\xc4\xdc\xe2\xa1%)\x85\xc7O]\'9\x92\xad\xfbJ\x02\x1d\x91-\xc99\t&\xbdq\x06`T\xc8\x9f\t5\x06\xdd\xaf\x84\xf4\"\x13\xcf\xe5\x93D\xad~F\xe5\x19\xaa\xaa\xb2\xb1\x03m\x82+\x06\x1bF^\xd3n\xc4F\xc1\xc08\x94\xe6\xe5\x1f\xa7\xf6\xcaA\x90T\x1b\xe6\xb9\xe7\xff\xc5H\x04\x8d\xca\xad\x17UlY\x9a}\r4\xac\x93\xac\v2\xc6\xf9\xbe\xfeI\x8b\xd0/`\xab\x1e\xcf\x7f\b\x94 2.{\xc1\xbe\x80th~\xcb\xb9E\x10W\xed\xed51[\xc5\xeb\xb1ux\x94\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xdem\xe3+q:3\xfa*\x98o\'f\xbcY\x8e?\xf9\x84y\x89Y\x1c]\xad$\x7fp\xf1\xa3\xff\xff\xff\x1f\x94\xc2\xdb\xbaG\xa6UD\x88YY\xd4\xff\x00\x9a{]\xe2\x98W\xb9\x13\x17<\x8b!?\x8e\xbc\xae\xf9\xcc\b\x90n\x15\x7f\xd5WS\xfbN\xec)B\xe7R\xa5\xd7O\x83\x80}\xcc7\x99\xdb\xd6\xbd\x9c\x05l\xfc.\xf4\xbbeF\xa3\xea}\xf1\x86z\xca\xad\x82\xd9IRV5\xa77\'\x1a\x1c\x89\xef:\xee\x10\xb2\xd6\xc8\xf4\xb5\xdd\xd8c!@JRYX\xfc\xd4D\x13\"\xb2\x06\xbd&\xf86\xddXv\xc9\x1322L\xd6\xded\x16A!\x8b#1\xf9\x05\x00G\x02\xa3\xe6Bl\xd2\x02\xfb[\x82J\xca\xdf:\x8ft\xe0\xf8\a\x00\x00\x00\x00\x00\x00\x00\x00\xde-U\xd8\xc5\x85\x9d\xb6~p;\xe3\"`\x83\x12\xc1\xa5\xa7\tf\xf2\xde\xe2\x01\xcc\xf7\x1cjq0\x90\xa9g{\x9b6\xc4cN\xcd\xc6\xfbw\x01\xe3Z\x02\xed\xab\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\r?\x1e\xee,\xca\xffn\x1eq\xd6\xccs\x92;\xf5*\xa3\xe6_S\f12+\xf7\x98\x9a\xc0{j\xbb\x1c\x05k\xea#2\xa2U\xfc\xd3c\xe0E\xcc\'\xe7s\xa2\x7f\xd1 ,\x91\x8b(L\x00\xc0\xaf\xd2\xc5', 0x2) 7.45132891s ago: executing program 3 (id=535): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$nl_route(0x10, 0x3, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) write$RDMA_USER_CM_CMD_MIGRATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x12, 0x10, 0xfa00, {&(0x7f0000005480)}}, 0x18) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x48) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x28, 0x9, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x10}}, 0x50}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000500)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x3d, 0x4, 0x0, 0x0, 0xf4, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @ssrr={0x89, 0x1f, 0x7f, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, @dev={0xac, 0x14, 0x14, 0x2d}, @loopback, @rand_addr=0x64010102, @empty, @empty]}, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r5, 0x0) r6 = dup(r4) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r7, 0xae9a) ioctl$KVM_RUN(r7, 0xae80, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r2}, 0x38) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="280000001000012ef7948d555877dd9c653ec4f2de7a8c72fbd9a64da7bae49a06d92bc0e9a667cec58a9e54d264f501bbaa04cdbb8d72db89b7f66822ad2aa303d6356a10dd00de5f41ecad103d7c33513bee5c86ee5d4658b5eeda4dcaae7b6d99160a9b4adaad8c734f592036770bbc422f7ba901cf0a718ea9844afcb46cfeb6ceed5fdbd2cd200c868ea49500"/170, @ANYRES32=0x0, @ANYBLOB="000000000000000008001b0000000000"], 0x28}}, 0x0) 6.729791025s ago: executing program 4 (id=536): sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x8d, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0xa, 0x400, 0x3, 0xff, 0x0, 0x1}, 0x48) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newtaction={0x84, 0x30, 0xffff, 0x0, 0x0, {}, [{0x70, 0x1, [@m_police={0x6c, 0x1, 0x0, 0x0, {{0xb}, {0x40, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0xffffffffffffffff}}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x84}}, 0x0) r3 = openat(0xffffffffffffffff, 0x0, 0x0, 0x42) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r3, 0x84, 0x1a, 0x0, &(0x7f0000000080)) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f00000004c0)={0x0, 0x5}, &(0x7f0000000600)=0x8) syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0) close_range(r3, 0xffffffffffffffff, 0x2) sendmsg(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="e8000000000000000b210000ff3f7c081e0f315b91fcaec7bf495d5c618332756cbb1bb9ce6d12b9d976d1f33aca41e50a3342bcd67c311f7885a05c3fcf2ae21f1498ec481e7ca2c3ca4c7b3bf94448f62e111e5a79929b9182cc977ba6ae766ce37bdaac6da997fbc15f0c79f42155b99a280667b51fdc7902d7be5ef41f953fedb32aceeada13250626957eff13d5b12cc916541ccbeb0d4060a4dd89664eaba2f6b4ede0c9e3dc1c9446d9284ebe0e46eee7bc145ff0a2779c025553298812978ea53a8c60f254f23344a80a0aac7b141787bad6b0ba090000005f2f3158f0d200000000000070000000000000000701000040000000afbb30c2946e41ef3167d1f6ed47aa1f52bad114a89dbed741f74a23cd8d915e2dcc74a4932646b90f90a9d3956d5cadb642ac79fcb0aae3654482188263abd27e9d57cc28032453dc75f333e1f367ab38b7e7719805a454e79802d07ec60c00b0000000000000000100000001"], 0x208}, 0x0) socketpair(0x2b, 0x0, 0x0, &(0x7f0000000240)) setxattr$trusted_overlay_upper(&(0x7f0000000540)='./file0\x00', &(0x7f0000000580), &(0x7f00000006c0)=ANY=[@ANYBLOB="00fb160709c9f3348de32645fb5e7319e19d599cb4fabb3484cace922751daa258c8c3dfbec2f113ac580945baff6892e4767bc5c7cc4e8ede9504d7bc19ea64386154412bc9b898e38e13d56bb7a7a6d4fc651ddff18dc973f07fed769047a3fb82cafbffffffffffffffd9bf82a745ed6afa79ab4bc65fecd8a8dfe5973862435827366e3f46fb333e9ba2a75e7eb70d484995fd348d61800a16c35d094f23fe7f36647613ad0e45"], 0x16, 0x0) r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c) bind$bt_hci(r4, &(0x7f0000001a40)={0x1f, 0xffff}, 0x6) syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$EVIOCGEFFECTS(r3, 0x80044584, &(0x7f0000000300)=""/20) write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0) write(r4, &(0x7f0000000000), 0x0) recvmmsg(r4, &(0x7f0000002e80), 0x0, 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r1, 0xc4c85512, &(0x7f00000001c0)={{0xa, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, 0x20, 0x0, 0xffffffffffffffff, 0x0, 0x0, 'syz1\x00', 0x0}) fsopen(&(0x7f0000000040)='erofs\x00', 0x0) 6.611188558s ago: executing program 2 (id=537): ioctl$SIOCRSSL2CALL(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)=@null={0x40, 0x2}) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.current\x00', 0x26e1, 0x3a0ffffffff) write$P9_RREADDIR(0xffffffffffffffff, &(0x7f0000000580)={0x103, 0x29, 0x0, {0x2f, [{{0x80, 0x2, 0x5}, 0x2, 0x4, 0x7, './file0'}, {{0x8, 0x0, 0x8}, 0x0, 0x60, 0x7, './file0'}, {{0x0, 0x3, 0x4}, 0x5, 0x0, 0x7, './file0'}, {{0x0, 0x0, 0x2}, 0x5, 0x0, 0x7, './file0'}, {{0x0, 0x1, 0x8}, 0xfffffffffffffffe, 0x0, 0x7, './file0'}, {{0x20, 0x1, 0x1}, 0x8, 0x99, 0x7, './file0'}, {{0x10, 0x2}, 0x4, 0x6, 0x7, './file0'}, {{0x4, 0x3}, 0x0, 0x6, 0x7, './file0'}]}}, 0x103) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$VHOST_VDPA_GET_STATUS(0xffffffffffffffff, 0x8001af71, &(0x7f00000000c0)) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'vxcan1\x00', 0x0}) bind$can_raw(0xffffffffffffffff, &(0x7f0000000340)={0x1d, r0}, 0x10) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.numa_stat\x00', 0x275a, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0) read$FUSE(r3, &(0x7f0000000480)={0x2020}, 0x2020) lseek(r3, 0xfffffffffffffff5, 0x1) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0xc, 0x0, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) syz_emit_ethernet(0x5e, &(0x7f0000000540)=ANY=[@ANYBLOB="ffffffffffffa2aaaaaaaa0086dd602e5cea00283c0020010000000000000000000000000002ff020000000000000000000000000001000100000000000004b2007f00050200000000000000000000000000001090780200000000000000"], 0x0) sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0) socket$netlink(0x10, 0x3, 0x8) r6 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newtaction={0x64, 0x30, 0x9e54f29ff072a93b, 0x0, 0x0, {}, [{0x50, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}}, 0x0) setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000003c0)='pim6reg\x00', 0x10) utimensat(r4, 0x0, 0x0, 0x0) ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000140)={0x20, 0x0, 0x0, 0x8000}) sendmsg$SEG6_CMD_SETHMAC(r5, &(0x7f0000002500)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000024c0)={&(0x7f0000000400)={0x34, 0x0, 0x400, 0x70bd26, 0x25dfdbfe, {}, [@SEG6_ATTR_ALGID={0x5, 0x6, 0x40}, @SEG6_ATTR_SECRETLEN={0x5, 0x5, 0x4}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xfffffffc}]}, 0x34}, 0x1, 0x0, 0x0, 0x8010}, 0x8011) write$cgroup_int(0xffffffffffffffff, &(0x7f0000000380), 0x101bf) 6.535707824s ago: executing program 1 (id=538): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000300)=[@acquire], 0x0, 0x0, 0x0}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8) preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000100)) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) io_setup(0x0, 0x0) r5 = dup3(r4, r3, 0x0) r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r6, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r6, 0x4018620d, &(0x7f0000000040)) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f00000004c0)={@flat=@weak_binder={0x77622a85, 0x0, 0xfffffffffffffffe}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0}) r7 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0) read$FUSE(r7, &(0x7f0000005180)={0x2020}, 0x2020) timerfd_create(0x0, 0x0) openat$udambuf(0xffffffffffffff9c, &(0x7f00000003c0), 0x2) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021501700001e0a05010000000000000000070000000900020073797a31000000000900010073797a300000000024170380300000802c000180250001007bb0c03ce8ed22d039cce454fd98ae614b08a9f3d4ddf1f742d55995afac076948000000f01600800c00054000000000000000000c00054000000000000000000c00044000000000000000000c00044000000000000000000600064019d20000ac0201802800028008000340000000000900020073797a3100000000080003400000000008000180000000003800028008000340000000000800018000000000080003400000000008000340000000000900020073797a300000000008000340000000002c00028008000340000000000900020073797a31000000000900020073797a32000000000800034000000000d0000100b408b1e286b5c8f7a7321d1f80c982b3c96b4dac7dead86aceee30544dfdb289f2cae899fc3fe86ee3f122505d76d6b5878270ecb40c37908d60b9ed31d97a3e"], 0x17d4}}, 0x0) r8 = memfd_create(&(0x7f0000000140)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11X\x0e\xa1\xcf\x1a\x98S7\xc9\x00'/47, 0x2) ftruncate(r8, 0xffff) 6.06868542s ago: executing program 0 (id=539): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@newtaction={0x74, 0x30, 0x9, 0x0, 0x0, {}, [{0x60, 0x1, [@m_mpls={0x5c, 0x1, 0x0, 0x0, {{0x9}, {0x30, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{}, 0x5}}, @TCA_MPLS_LABEL={0x8}, @TCA_MPLS_TC={0x5}]}, {0x4, 0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x74}}, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0) ioctl$VIDIOC_S_STD(r1, 0x40085618, &(0x7f0000000080)=0x40004) 5.986688891s ago: executing program 0 (id=540): openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) capset(&(0x7f0000000080)={0x399f1316}, &(0x7f0000000040)={0x4, 0x0, 0x10, 0x0, 0x0, 0xfffffffd}) prlimit64(0x0, 0x0, &(0x7f0000000140)={0xc, 0x8b}, 0x0) pread64(0xffffffffffffffff, &(0x7f0000000300)=""/110, 0x6e, 0x10001) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x101001, 0x0) ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000240)) bind$unix(0xffffffffffffffff, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f00000002c0)=ANY=[]) syz_genetlink_get_family_id$devlink(0x0, r1) ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, 0x0) syz_genetlink_get_family_id$SEG6(0x0, 0xffffffffffffffff) syz_emit_ethernet(0x1c6, 0x0, 0x0) landlock_create_ruleset(0x0, 0x0, 0x0) mount$nfs4(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='rdma']) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), 0xffffffffffffffff) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_emit_ethernet(0x52, &(0x7f0000000480)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd608a35f2001c0600fe8000000000000000000000000000bbfe8000000000000000000000000000aa020004206400000000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="590000ffff780000b61cd9a102249179015d52be42ba71a71a3756d20fdd87d3858063fee7b94de94b8a351def91963d4a77e2860fc168308a6bcd3dbf25f4b24958d5f3eb9b209fefa66067bc02c76f483f6acd59c749c8999958b9f859ff24a3b3771759b2f8c578f720c473741e19098305af97f0fdf5d539ed1d7e6ef3775f032fbdb059622955eaa9ac59e3e120e52d1ed23fa0a073ca7440ce5a"], 0x0) sendmsg$IPVS_CMD_NEW_DAEMON(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="0100000000000000000009000000440003800800010002000000140002007663616e300000000000000000000000080003000000000014000600ff010000000000000000000000000001060004000180"], 0x58}}, 0x0) acct(0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0) syz_io_uring_setup(0x800, &(0x7f0000000200)={0x0, 0x0, 0x0, 0xfffffffc, 0xfffffffd, 0x0, r4}, &(0x7f0000000100), &(0x7f0000000140)) r5 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) ioctl$sock_netrom_SIOCDELRT(r5, 0x890c, &(0x7f0000000180)={0x0, @default, @bpq0, 0x0, 'syz0\x00', @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, 0x0, [@null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}) socket$inet_sctp(0x2, 0x1, 0x84) 5.811481628s ago: executing program 3 (id=541): socket$alg(0x26, 0x5, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5) socket$inet6_udplite(0xa, 0x2, 0x88) syz_open_dev$loop(&(0x7f0000000100), 0x3, 0x0) syz_open_dev$loop(&(0x7f00000000c0), 0x0, 0x880) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0) r3 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$vim2m_VIDIOC_CREATE_BUFS(r3, 0xc100565c, &(0x7f0000000140)={0x6, 0xfffffffd, 0x4, {0x1, @raw_data="3d924b8271394fa4ec01eb92492ff84715d1a004d08b012a7cafe27a5f313d31bbdae5b411ca5be6bfe92437ed0d21b5180e375be56b3b9306d7dbb26bf9f22de7ac7681cca450055250217bdf1113b4258293ba4efed32147bda8454dd115bd5ba066ba06f2854cc96db9a98055cbde9fd084a1223ada91ed2e832907a01ab5ee65f997b617f73d1aa5a6dfc47acdc5eb834f8e448469d235e4380cbcc3314c94970349a3c1374ffec96177b67caa0656f9664277cadb8597e7d911ad1da457ef9744b0993c57a7"}}) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000080)=0x7) ioctl$BTRFS_IOC_QUOTA_CTL(0xffffffffffffffff, 0x5402, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x200000b, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0) bind$alg(r4, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha512-avx\x00'}, 0x58) r5 = accept4(r4, 0x0, 0x0, 0x0) sendmsg$kcm(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000940)="d744784ca67c0398246d848e6df22054de2bd8ca3da64dfdea7d8eb74ffe057d7469066c6ca034a2677ce0c1c25e2b2a825d677e0fbac312a7da165cd5db94fa38cdf3a3f3f93b912a7515e0b1e441a3be644a296bcc765e7adc9ddb4d14376a69cbfcd2ddd156ba432349e96debeda26ee8914c28f4", 0x7ffff000}, {&(0x7f00000009c0)="d86e5c29ab2c0dce2b79f95d543a0d6b45dec9dab7afbc0d6d678feb7a652e67638c3ee007937917fad76308e99818f8f112b73a3c3e3c5ed80c49fab6e0593e95008b4a47aebdde3e28cea1cec26385f3d03b872970dfb69a63a6384a9be5b9419ff8ea6d9c2a730307894adb589d11a1ec59255d10acb1fbef", 0x7a}], 0x2}, 0x0) 5.729712021s ago: executing program 4 (id=542): syz_emit_ethernet(0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000180)={0xfdc, 0x8000, {r0}, {}, 0x1, 0x6bd4}) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000080)) ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000500)=0x19) sendfile(r7, r8, 0x0, 0x20000023896) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000040)=ANY=[@ANYRES32=r0], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) socket(0x8, 0x0, 0x1f) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000140), 0x2, 0x0) 5.658178864s ago: executing program 0 (id=543): r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00'}) mkdir(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000005c0)={'batadv0\x00', 0x10}) mount(&(0x7f0000000340)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)='msdos\x00', 0x1018000, &(0x7f0000000240)='b\xb1Fs\t\xb5\xda\xec,\xdb\xe0\xb0\xe0\xe8*\xd4\x00\x00\x00\x00\x00\x00\x00\x00F*\x0f\xdd\xe3\rb\xf9,\x196\xb2\x92\x9d\x94\xd4\x96\xbc9))\xef\xdeW\x86\xf4\xd8(\x13\x81') sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901) bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0) bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x2, 0x1}, 0x48) move_mount(r2, &(0x7f0000000040)='.\x00', 0xffffffffffffff9c, 0x0, 0x0) open_tree(r1, &(0x7f0000000300)='./file0\x00', 0x89000) socket$caif_seqpacket(0x25, 0x5, 0x0) syz_io_uring_setup(0x5169, &(0x7f0000000400)={0x0, 0x0, 0x4, 0xfffffffe, 0x1b8}, &(0x7f0000000100), &(0x7f0000000680)) syz_init_net_socket$nfc_raw(0x27, 0x3, 0x0) r3 = syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mlock2(&(0x7f0000006000/0x3000)=nil, 0x3000, 0x0) r4 = io_uring_setup(0x74cb, &(0x7f0000000080)) io_uring_register$IORING_REGISTER_BUFFERS(r4, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) close(r3) 4.458920177s ago: executing program 3 (id=544): syz_emit_ethernet(0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f0000000180)={0xfdc, 0x8000, {r0}, {}, 0x1, 0x6bd4}) prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000080)) ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000100)) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$PROG_LOAD(0x5, 0x0, 0x0) r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r8 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/timer_list\x00', 0x0, 0x0) ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000500)=0x19) sendfile(r7, r8, 0x0, 0x20000023896) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000040)=ANY=[@ANYRES32=r0], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x43, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90) socket(0x8, 0x0, 0x1f) mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f0000000140), 0x2, 0x0) 4.444838738s ago: executing program 1 (id=545): syz_emit_vhci(&(0x7f00000003c0)=ANY=[], 0xd) openat$kvm(0xffffffffffffff9c, 0x0, 0x4e8802, 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=@base={0x0, 0x0, 0x0, 0x8000}, 0x48) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r0, &(0x7f00000001c0)={0x10, 0x0, 0x0, 0x100}, 0xc) socket$nl_route(0x10, 0x3, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r1, &(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc) r2 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r2, &(0x7f0000000280)={0x10, 0x0, 0x0, 0x800000}, 0xc) r3 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r3, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc) socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r3, &(0x7f0000000080)={0x10, 0x0, 0x0, 0x8}, 0xc) r4 = socket$nl_route(0x10, 0x3, 0x0) bind$netlink(r4, &(0x7f0000000280)={0x10, 0x0, 0x0, 0x4140045e}, 0xc) r5 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r5, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x22ffffffff}, 0xc) r6 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r6, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x400}, 0xc) r7 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r7, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x22ffffffff}, 0xc) r8 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r8, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x22ffffffff}, 0xc) r9 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r9, &(0x7f0000000340)={0x10, 0x0, 0x0, 0x1}, 0xc) r10 = socket$netlink(0x10, 0x3, 0x0) bind$netlink(r10, &(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000000}, 0xc) 4.441487379s ago: executing program 2 (id=546): socket$packet(0x11, 0x3, 0x300) syz_open_dev$sndpcmp(&(0x7f0000000000), 0x2, 0x440) r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000300)={0x76, 0x0, 0x1, 0x9, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4, 0x4, 0x0, 0x1, [{0x0, 0x3, 0x1}]}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8, 0x1, 0x3}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x18, 0xc, 0x0, 0x1, [{0xfffffdc9, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8}, @NLBL_CIPSOV4_A_MLSCATREM={0x8, 0xa, 0x6d2c}]}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x80}, 0x0) ioctl$TUNSETTXFILTER(0xffffffffffffffff, 0x400454c8, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0xa, 0x144000, 0x7fe2, 0x1}, 0x48) bpf$MAP_DELETE_ELEM(0x2, &(0x7f0000000400)={r4, &(0x7f0000000180), 0x20000000}, 0x20) bpf$MAP_LOOKUP_ELEM(0x3, &(0x7f0000000000)={r4, &(0x7f0000000180), 0x0}, 0x20) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syz_tun\x00', 0x0}) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r8 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48) r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000200)={{r8}, &(0x7f0000000240), &(0x7f00000003c0)=r5}, 0x20) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r9, r6, 0x25, 0x2, @val=@tcx}, 0x40) syz_emit_ethernet(0x22, &(0x7f0000000100)=ANY=[], 0x0) 3.906502464s ago: executing program 4 (id=547): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001140)='net\x00') prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) fstat(r1, &(0x7f0000000500)) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) socket$inet_sctp(0x2, 0x1, 0x84) connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c) sendmmsg$inet6(r2, &(0x7f0000005180)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="8252", 0x2}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="140000000000000028dd0000080000000000000000000000140000000000000029"], 0x30}}], 0x2, 0x4404c000) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}}) read$FUSE(r3, &(0x7f00000077c0)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r3, &(0x7f0000004200)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50) syz_fuse_handle_req(r3, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x0, {0x0, 0x1b}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r5 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x90000, 0x0) getdents64(r5, 0x0, 0x0) syz_fuse_handle_req(r3, &(0x7f00000021c0)="7b1713b4c6f02da7493fb6859f0143c68a58166f472c5078104b859bc37f9a49a8f85c9101df3b2736ff9bebcb1a3c2f570b28279b8ff7afdef7451b3d10b4578c2e81784b6e4f410800d997f0689546cee0852e9e9c64c1f95df7b136243cf7aee1b8e7a4e1d6e6fc01337370f0dfc098d975e9a6f90a08f5b845054d1e1fc81adadbf2836ff758bade0484377855b05b3556a91827599638458ad30baea03240b302638b88423ecaba6da1e40f6f1b24d60dde1652f2d5f818af43d49dd55c4eadea945e9b6aa744dca07ec2e00320bef5b045414836941469129670c4cdb953ed61efeeae2ced1b7cb3e7fa4c93cce5623a9e33c69d068b801fd1369aba759e2829c67c705853262fef6669aab956f0f733619dd361be5e1414c7e7ff6218e330156d609fa9f3244a0a4fb678a58e70b86f6dabc3331f755b786c42b4198149941a7a58c83f1f2811209025269c5ffcbe0c34ac98cc091cec2c993bca0aa8400ff9e39cc9fba8dda886f95357957bbad8bb850ab92f7aa9bebcdb0ef188749a1742e5597d199f3ccdc2d807bf757da45acc93e3e9645a1036cb041b3c38dafef367b8dae802bbbc03bacb905d40e1da78591687b416ee380103a670aa8f722c76e13f7f0e3effbb37f15a821b8315fe541e3ffc09289d96db1dfa8861e5da41c812b54ee20ca8b3180f2f46db56954791465cb572de0cce16d789d6fff216ca46977ed724dc0cc8cef7b295ebb2998a5c4662e32ae1001e59f3bfefcd72543bfe1aa6688d65c547089ec0fe1f1d9610095a5a4008b14f46775c368417376ee143856031947db71c455dc40eeeda210fbf258452781ce46e51f6df683a7918770f73d324d9401648d271cb9a7e919401567e400fec420cf363444a78eea03e73176abd6546e1657945aa88f64a21e07fc23edd74512cf89781e8ffe9bb1601ab25d31801332a6c5be9cebb6cb08207bb832106553ea9fc19b4b4f1f0cd55efc2925ffef75e9b12f06b5a7496506a274ca25f88398a1734b7013c3f78a2e49ef0d946a1aff362e37c9b5f5473de11401097722adda87944ee3eeb1bdde60e97484af4d2e5f8b0a9c63bb8bb99461b16edd824add1caf9d5247811cc4f6b48004774f1a4fe4dd125ddbfd8b69ff3ee314aeb445bee9f217a2f5a9e0e84ccd8718471f949086df6cdcbf95e568317e31dd01be1b826cf9a09373b16935fc864794a3886a2f4aacc42135db85f8921916a10aa7111a686979e2a5c9959cafc9774c416c4dfe0b9e06657feb2fbc31e7c11f6e2841680986557c1f2b1ec3c0fcc6a749a3c97a5b370550ab7110e25851b13c0b75a7fb0cd3c4659878209867659c216b467bdcf51e786a59fad084886490fc77e186ab827d844d0ac4682651fc4043f8e87b905532a53017ada44feee1f89f9bc6d2a8b144e721a479f7b90acb91033774f4c12df633548a9097c791ec7e80fa2607c86fce6e9abcae1296528b8488ccf18a4bb0fc9b50c15d294e8d380465465b4eeae26eb6800faba611785cd2ff95ca1923dfa47d5923f89e4eadb612002caceaebbe779c4e3a3833455752eae63689ab8dc03db63d82feeab7f1162eed5909b69ccd5abeb9c071da82cfc76cc692a51d99e0c4bdfa6c81c9878e893a77e1e7105e7910827ddb3353612fa8d5e547b43b5abfe50829c1eb7bfda1731db2a9a1e8f0fc298dfa7009679489f9d9323338b7e59f1e48419ca531d88170a5a1995f576aa125edae9e9ea26f6e9c4bc26323b7db0998c528a7b343ccd87ff44c77e6cfc0a324cc1d4ea79c30015f0caaeccd46e5db580aa5ce8030c2b13b37494557da58abbdc7ce9fc9afa49ce0e8a7a6fa058db210ed654203e7879cf5004ebec57522ed34481b749554b36cd7171209b0763e110096704604f2d3f28c5ddc66c877e3ab63f36137d5a67cbf872aa6af79cb3a66c9040009b5e1c7b718c1b8788156b82d6d800dbe9fc3d16c812a963c73599b79efb89aa74bdbd9b1a2dc0b8ad853f79c0867a3a45d7a1645059171877687a72dd5ed4213c0ab84ef6185e7935346a84450887bdb2b216883e907b13b03c133adc04ab3c5f60209bd90aad3d94443105f08f0ee1b2231e1a1f8cce71de74d5308b78b5d99ce4ad4573faba9fab48bc1615f14d453c67714b99f274de041512b07b885679e6f89f481c28b082084b853c9afcda31def2898284d6ca28fb124df67142821c9705e28093ded60992d9587fb466df839aa2a4973dd48f9372a55da6592646fc918e533955566a2d8dc59277308223aea4dbe0daf839f95516b8995e9eec87df1df9d38693e0824dca7423b08d553b0ae1c5c44533b918eaa02dd17b4c8ce515ae7de410970f670e17b5e3c0a207fb8464d5d442694a271d593fc23ac19619bac32ac17cc6705ce2e6262361eba24277a471602e7ca57cc614ee116e60a9e0b6ac5e3228ea2c650baf1a09e9e5c7a1b25a078d1d11a673d88f6ee33e50d036d7fe4b9c06adc70aede2e35c6738b255690ed3f7a8d2d14e36e360f3bb66978d6cfcfc41887c751c0efc9325d4485a2f561060413fe6af4ce40d87a476201f15a584fc7ba18ddfef5f1d729d5f544c2c6b06befccb444f0408451089f20b06f05ab7d6702b97819b0eff6fb090f21afb3076558e692920053702fc2348f8dade0cb2b007f38d6dcd4ed3bb42553b1bd684791743a1941e5bf2ed234f44be64a95b485a3e949538a40542f25ca4bfce44e291037ab282082f02157a96f4ca0a0c5cd39215fd07461093a4d87a7979f7aa97142bf5b9ef71db537f9acc90f22ca2ded5c1ecd1ba972d05db7f71e8466085c9b3e975fa3a948f2c4049d1a8e46f71157017a3a74ad25e215dcfe7a4c5cb0a7baea0b0ec60c5df82555c553ac60dd39174c721edc0304b836a4de539c3ee55401e13848018f889cc4a0fcd01d9f4978eb730fb1b4a94ede0283f8c95062f01c8c8a3169b2d5c50cdd4f3a248d80a26c950b4036fc6ffefaf5101269fe3594c2cc128220a1d0b5f9f23121f2b184894e129159eaa92d9a30e878839be44d20cbdff3c338cc95795c86121b2b498bd376e895c98d67f6a27eecb46a203aa9de744feedf27b6825cc17aaa098b5ca05cad6bdbe320908ed36bdc8a8f2c777eeb9b037b36c0e36019c264b3e36196501d6cc90e7b1899a72bea5c8a24a5ae62e3684a39a06208bd382cd32acfabd742c76334797fa0c09a2a2a7e1240974afe0f3d6eb44590cf171efb7602009a93bde85cea6701c765dbca7c6a879be41dd08847802d4f59e933df65f727cbb45e3a4a5019f503b6fad7e0338e653f8b2c87aa7f196444e0dc1be6d7c4f0c7ddd663d06ff1365a9c362384a33b0315adbfb2d73359c485cd5410d36d21044bd8d3771c5492803b19f7f3a1a5c3248e66786479fa4416a55855adebeb09528ff5add597790b97bddc16bb9b7b33a1f800701c4293e2c8428dc2684726cfe5539ae0a9bf89e1b6f1989fd0433cc865b308bd0c636402b4b285c290e2439b9ecf0eba156fb6b613ea7f97b04506fe28e9471343c854fdfd48945a7f564acc817e609be8f8a7fdee12e9b592fd8c5c08f51ba8cb95be12cfa497d1539a4b8217818d47ebb3cc669014261530205948fdb9983a0e5759afa9b290ce838102661750ab06d7fe65a39efa6af36c042d2dee36402a6686d58eb144b76033cab4482b8fbdd213a90170939ec98df1fdfca4b37b143a971b9b59fc351098942bba090056c20e8cfbfe8fcbe361d068c98a020f67e807b8db2e45cad83c9970907646c0049c05c1ed657d53d859f1a47bfe6f022be0689de224034d0160b1dbc878ba6dd685911288d7af22ff5eedc1634c36e25f51d0757c7b9c73d7937955da356dea68749d464a75f56c9f6ba36cc1ca8c2f3aa34beae14fba894ca705111cdb19094432c2f6caa0eac78ab09b0cee330f36b1b91a6a5d4896cd15d96c12547826559441cbf578f189f5f04526a4cf76d60144090c2386b747ad50f7962ef2950d2c6f4ff8477ad0681ab24c47ea7ded8c9accff0dfa30489f43f0f3182b88e757fd9a1d82e1c9bb4efe5215518a6e48c688b2dabbd15107c5c6245de0acfd740ea54e0ec212f405f25bc3aafc63009631a4e4749296d47c2bcf25cc95afceb0a1ddb3c6124208f5134981c30489b42eeb864b3123b03106c9b234a465d87c30ef36e00244390de36a5dd93794467ef37bd01b86387855d2ac24e05370212e845082bb22c8fcda0f0bc78ddf971b0b9d69fc50e0d907408e9c9ac4e5099f47db2d0c14d888e363ece768555362a08c408d0119c45f158aad695d455d28e223be2862c19262c9f43eff8855b5a9af4f2cede95e415e2f597bb64c8bb2d608f86b15950ffe2e6bea3cdb221cf8b7eb35e0bdf6638283b09c68cda0bf1ccb9e353a7f0afb58d806923e36b22db68615a7e4e04d0932d928afdc8af3963378ebd5e05058160ac67fadb7a7d9ec498e00f63671b84d880d196c93afb4fc823e7d6576ad824ffb4c90fc780b163a292899ccfcaed81dee2c992787a66800e206df3dfc4a6b441d54ccb1a19a587402a663d510e45a5b1aa96fc467efaf7e71cbbff087f3d2922a133466d5ae9f86b0bc39bb3093b87ac2db941b1fd9e40427402781425d6e8856a2c66cbdd274f4c689758db6dd58ec7d766b177739e8c9173f2b1946be5396aad6d7ed29d058ac231e8c2e6a9077b4a217df4580a2d72bcf0b73e4bd07465deb8798a55ee855b82f1fa7d3748a40485bd90fab94b617d92219c4b65efa022936895e51873058615a19b9d1347120c405c3254f290b4c8b99c8ea9dde3a749ec538421a29d27b48ccd83852abe1a461123e4d36e56508d1827880960362d10835df77f9d4be51f1447cac5ae2017a814de58cd99bcc0c194254b17114ea48f5a0cfe6547686088d527c65180474fd460ffea5d48767ceb65c6fa3d7d3c632591d2d9d65c6c3a35a6ae4dc56322cd84734b0e7a092a4c46c1c607afa6d0e477e8d04e4993e595ba708a0f4466cd8a89fbc06d3cd366007296a9f05b66cfdcd5b30b6745e71d513205d5dbe1e8516d9e9cf133caa994ec0ac2c543d107efd4b9a7d9ee1ee415830a6c2ea17114ea9683726f2c82741f9ad4ac1be6772f0809f18c13f4cfc82fd1b7b3bd29615336003c6784c03fbcae475a58a3c4d68099732c326dfb7643eb150f2354918077bb798b5ecf491cdd0765e3e1ed5d0a37840f1a28f7e188a021781f1896dae7153f9d6639bf66be0c7857d7eccd2a1e6c9fd0cc3594477bb005df9b29f680c966161e37bcec97fc2ef7a2c3bf64e4df5785c9b080c7f9c6d7c515408445d55da499c03ba66369a31157bb03588e84a5303c46cd393c5bd6fbbb8deed94b62d67a9351c259b263c6c4fa65a4dbdd7eee080d82cc5e478c885678edbc9cfce74169ab748d7f4a08aec3e114394fc1d5e361267b8f3fcf38a024928d58158560f7da427680e7611a9f1b8255c67e6ea6b597ebd31bed9fd6f85f9b6ee63d4374c1e50597d1c9f3c56b4266bc632ba66ebecc396f6bead40392dcc138098b4166ab7f8714bd4db0615480705dd200da92dc51ec215844d7599e0a6262e8d5dc6a9452db8994d8b8f19ad4029e0b41b5e13fd6b56230cecea57f3111fe6c78876b3e657fab112968e83a0b64ce9837b89f5dad0d5f0b8b410e3a9a56ab2e9143e90fe371a944989ee206eef777cf4a235333c647e45aab910af492bc7c2213246374251e23accf5818aa2f24823bcba12efe3658e1e2cb49a5d4ffd26453829739647eccd106605921641afe16bbe79c8739062eabeeda4d4a42cb70d84e1e1d3506c7bfba5f5135aaae85b03dc6518eb30d832175cedc5bdca95e600e04902d9eda90c1da4bdd3138ac889398c239068857103ad70b5d1d9fac27c8ccfbcfcf126d9a5441bc963bce4669047ac901a14ca7c7e76f94c77159cdbda5360e04bb539a9d5ccd16a8cc88bacaa5b952c86b163575d7f1cab58f0d612d796b570f3c5debd7d9abde7e24de2c252173f1edc93817192699bddad45eeb41ff398c1bee4d2194f38bf4d2b4ed3a8895476bc441f464753139e204ff5dee7f45ce639d7541c0d396141aeff30cbbfa7157a61993eec98a4356df98665546a1d1e8429fb0c78684000862aac50f7d9a1413e89958f4defd3f087769cafc32bcd6016e496b41b7754cfbe42b352346fd585fb19a80f4af9a19811311b5fc6ea8eb5519a3cf7dbc1a06eed41668e332224c1daa01776e0886044f5a95e5dffc8d9ccce7840eeae97e8cc916db95bdc33fb420e28030c6edb011d5281db1dbeac9bfcaf938a757e3939b025d339e69b9692c8c7352787d399f342e96096e37ca208609e5f93629e36ee442db9fb822ea236683f79875e7dc73ec97f98fe0795f9d83f473cc80a589043a7edd953473684ea4e80f698683a0fc1d8863adc44fc13c27a08921a681ca1ad76207b1a97f8fff7db247ea09b3a6407ea83d82d82d171fc80a8f5fb9f19cd7e94fe121a6a0ef9c4cff7a8689c0abf750dadcc7442c2ca5ed437af5e88e89b0a783a1164cd1eb2a33a64c919d9f08fe5aa7a775352ab6027a7b73d6fef51acebec5516c2a5f2b932b2621bbd2cdb415fce9ba1dbc3de205869fa0423adcedd5570ab0b4b64afafaa458b3840b48f018297aa46426d7893418033f00b5378eac6a70275ec860609b07851b88ecb5da05086adfb80f47c71a77301ca0f1520dfb7a800bc8421abf5eb94942ec818e3a1d45f09ff93e6549b3ef6152c6abe38231b4a82e355e27e363184df51418286d7073cf464eee02310e84b3eccabd2120fcca333130357e1967f67a69f437dcf6a20ca21797230aad086bd4c28348f58b80ec5d27626004533993b9f85897d00bc271a62ab67f92e2eed6d900000000549e8344ad90b47fb5c1ed5908bce94d03bbe98a87a1733b5031f89644c2d35d729e1375969a82f0252859219407c5c87f5d249d5eb8c17001fc7c6dc5d1825851b41e5e937f2c39d7f7196f38f83619da2cddce747bb0e906d0fc13a11fc6c2be3d140ea6da886cd5e194ca9dbff565d2a82e7e82dc5a36084bf02029ea05a9cfe1f3dc80489b426a14372232940ffad8124bd515f0a73fa85c2aa0cd51d76a0cc6e75ccc35b702a4fed4d2e2828d98939406ddc6df1048f0a22611859d6bfcbb0873d102e4b8a86b5d9af8056447f6c1552a603d9f67009fa070db73a01e1b4adbe4e841d0b9a92d148b626c386b25687817e5ec07dbbfa1d62d078578fe21d546414e3c5e29e8e086d7e542a2eb74a67127e7f171e076bbdd62767aae3db467db1df13b3121023bcee33f814d767a9ef14651f76ec89910ed33e9804df8619f69ad06bf0559b00d4efbf6f44e922d50a18ffa25d8ac58dec53a93642186c0ca81b07fe5c14c9c13397649a53ebfcec118e5bb84db053e6e505d07a09bb50f33906e7febac3c85ca337111dbfcb7b9becccaaefa3d857d48f0b3d8646d70fdcf2f1dfb89cc3ba1394cb5de24d999c88235418bc0f20d4036bd0113d298b91c44fe042d3b8e4070e3f828499972524601c4725389122c7fc3e38eb799f7b755f23bd5362880b9275e58eab2c8f42e583890cb84e17f35025d1d76dd28171bee561d21451b4b2ebf23b923221c9ea06b924815889d2b605af66539c3b0ffc30c7170a5581727f0faddb257cb6ab28b3456737d3588fa3bce0ba6a2a5c3c94301fa8a4e6db358731bd3a4a62b42181e04241010d7bc3e973b9fe428175ec8f8e6cbd4e53c8bd957621acb1e42504e6f8a7bb30c382058fc9dcd0cd0ba0b789c316cd58d7b5606cc2a66c872f10e6663346d572ecc37ad1c3d8146a137e35e54096ddc2a5e2d26765d75615fecd09b864b29adfe92763ab54272365f56feeb9b57059744e765485ee322cb879fd3c8fd8bc4727d860995c548bcd41852349f1b2227f5a1f39b24549693fb05c04ba8f190673d11eb27d0bf628489f9b8049f5f3a1e1fed97ba9881da0031ef5960b6b0af825cfae8252b931f6151cba9bf889a5c74051a176c56d3cbb8915d3f28f8f684629bd1e3f87f27909b4e8eca6b88cdd60f3b5bbe0641a469e396080fdd2feeac7a11703b758f1815f100ab2ca4403af34a655f4c35e62778c276c96bb94a3d9f58f3bbd7ae6c4f133f7c4199f18d02d66598a54769415b376bb04b520881f23b22b32685ea1ea0dc179ab2f33f07c7039d1a5eedd1905d2a8c7d3c9686758ba5aafdd74f36da7f5522aff5c40e565b50cdd92ce353c3d6c97ce87f0495bdb95d70ea52c8c26b87cd337fd2283b88d7301c32f26833451b8f7c2ee5f44eec58d9eef2a39b3021a29c8747d36a2dbca6c0c085399bb720000000000000009d67e17060abad89c7d8b8970244c2f11ad2f4ae878a3676659b77178a9b651b12cf9c21e658a32999d596af4648f636df4de8c037d1fa63b1a685e8850156bf99e00666dbc03d3e3b44018659743127f91d44c99b578b86a44f3bcf1523c8cb45accc3c5fedfd7796411eddfc3a7a6b7c57ae10fd4bd3fe9f662dc59747ac4b7cc2584ae3ce2e42a41066dd0d560f1b4c83edc57121dade5e397380bec5f40b5d0beb14aef21b2c68ccfd0eb4959b5e7f5b5779903963298e3c9a2141f145137de1d604d9124c3c4f60a4d54da38a7c32ef2632fe66a8ce8e95ee95a570e18e9fbd44884afe291550839dd61e65c952a3f5c6b61850d1c2a77e18fde734a305b407cf6dbf17afd66da6e42f0e8f66092df46c79b44711f6e8aafa831fa1188beea696672b0e94cc3cae584b30dccf053634f792c2d9f4c87e306991b407949f2870b525d123f9ca23142a0ee13d05f51ed4ff2653727ad5bf16453276b2d5e7d7a8a0a1c4847cb61ac4b08d9abee25165a120d156775a534a62f9af3a3b62726101b94ae1e14352262f017c5361b3341952d194a6a2d470e60df3fde61d343e0af8fdff36ad976af6732b732ceb69344550555174fa280153e08f74d81f4ee69c1eb44a3468e8cf78bf7c1663dae3d31553466faa207b8e9887cb54209fac0b6f6d12d9588351c76e6bad884799afe856a25b5fe737d0ba737a0f1a12b4eb3ede48a0c38e6787ab42fca1c7f2ab42fa6104d5a99aa36b73ac3622ccae122524c28a6557cb7d0a7c7eb5de795647dca0621fc2c9599441dae7cc2a8631252abb5e0f22e9355e0a156a1ab7b1641e345045e8303b5f6dda5c3c1cc2637700cea25c004460d101fc42ad78ae477739a4efbacc57272cfafae15292dc3b2800d9f42002c2062af9a1f329e11140f8317242c04ac1f11cdb45f5f9ab18877daa214c151fb9ac54e3e010b5e7944d7217442d5c4fc29956c1333cb932424096f5b6afe1128db53f7171be4372be8bae538bcb3e4a2eb29608678735a667135e0f2660956e9e2a3ed862209efe65d9ab2fbbf88e5d3384fb3362af00e1ec6b4d3ca40df442b70951026438877189c4b0ae136a9a35c131fdf19115e8dc1ee2b938bfbfdb3808aebbe7dfbbd3510c7070388f5813e8bc63be744b99116c4b84ea37d57c5da7a80cc883aa915d84a249ebfa78ceb124c63b3a0720b19483189ee50824e8581556f0520e434803204cd0f3dd09fc97c979f9a7e3f8e5eca8fccde98fc4939551338235c0c6378faade0d18f7050f29189485e01ec120239373c5478cd19ab27570921415a6680924baf9c5829f3f2115460d1fceb8a026fa1a0a0047fe1cd6fcf1861dd3784e006abfddfe79461c5001e4e32d99c5bc203c21f8c711c5ecccf8941093d95a8db73722bb7511443fb2670244cc1249492e92fc4bf7e06ec6f08c5c6931929d58232b551957b771ea5e4a932b037904b81916e662e3fe95af894e80f699e5c00ab664f381bd9c0bd41322a8b3cf367577429fa52c0f1c44ffc626c215e7103cba05bff4931d9a202c1eb9068f44983d1e0c6d9fb5fed738561651e854a3c1b362ae354a0b4a270386ed2dbef093bd82f07f25edfae31901cb86fd214576b25f769bcb215214c63026b2581a8d17779aae03ba310f3243b3631f4b01c9e3eb342c3bdb44d8e47cdc1683e3b1cfffef72e385cc8831f99425fc406575170e1c106618d5429144a436b9e92d241d8118b5cbe0dca5e8ddd86e671e13080eddcf8dee9e317d192a3a5386378de9b1ecd8cf5439cfbe9f65965e5a5f6c145627ac23fe30c2e06e623b0eca15b225b32b65ce568b656cec0e0d6752fdebffd39c7538472ad7a195b56fcad3fab80016ff006df6b01d785191e4fca143b14ce68b32571476a779515ccb14d35cf9aabd4849c03c9bf12a42cfc2a7146ed6c25892a9d1c48f95314f641142d38cd882e54534d69b3fcc18044309e6debef6dc79d7737956418b955d33737115b44360e0bac14b71e2e64f0c8aea428dce5b65e210c108f832a6041c0aab116488e5863cd1039dc8af537908be3541352bdad303de43387503d19d7c0f0390bdc5b95f1dfb0701fd0e14a22c210837cc0a1cb059de474f4476bfe9bddfe3e7977fb299e82d9eefb18111f7c4a5fbd406fca720fec69340d978f4c9832204d67f6fa5793325e04d4af84acde0b56158e4c606394286a4b3cfc04a426a665529b753e1ce2d6c613159844bd069a67b5b96cb8ec993f05a8e252ed3d8ed63d524af0845f519f9d47b85a773f37031cb91055fb963db50e6a1e368f10a82fa40ac055e0201c6d29661eadb76f8154ef9c1cc210ccf1ccb063e8c00324ed6a14fdefa0167a9abb04debbbf5e7b8a57a7772373c765947f0f67b5130d77a6ca6ab166147d4eba97b4ddf1465d25b02f4430227b5713a29fd84664bfdfa5fc450e48f5263eaca67c16033b79bf1cb819511cf16bae6ffd5d05a7d9cc93067b6f2512fea2424a9c7d178f653ffa7ce1c00924707e3817c7cd461cb2a8cc5eadc40821258eaad7720ee3976c5a60025c317480016e5e5bd884f3646651f3bdc1185ec1a4112eb24ba5b3b6f94ac66322042d4bc48cb5befabfcf950cf8a0165fba3fa019324b53fb56bbfaec7f4ec733e84c22f841c1c9c1dc51dd3ac4887e155ac4095a6b8846c8f401f3c2d48d4de18906193a9f05ed59e3b0add8bc27c0bad8418ccbb842123ce1d39fdeeaa7984dfba9ef121ab4d4d35de076262636f3815708e4bcf31e634a290b13317425b1a4a2e4ebf8537092c7e524c126faa9622bf1337168e003857805dd420a51816fea3cd37c34e483f64a2da3ab67442314ffff40727835a1bc7b9971ccb5f83183cf1a135defd468907b988d97028f904c4d9c712f7d0ed6abe4d80712a7b7e06efcbe6a5b83e32beb1556326af7a97437c35c6a706c6cf4403b98f5134547ac167fd1abcb9245ec3450202ab80e553952412032a6c3cfa64441d4aecabd1e182c50bf67801fd3b44b40648ac9926bbbd7095425a429f2a9550c2fd1267cbf6156897b705255cadf1c7f233f4effd788b3f446dba19e68bbf8b42ff6caf984a4eb51328ab5e2bc28366e8b4df4df967a166470a00", 0x2000, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001040)={0x10}, 0x0, 0x0}) sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=@getsa={0x3c, 0x12, 0x1, 0x0, 0x0, {@in6=@private2, 0x0, 0x2}, [@srcaddr={0x14, 0xd, @in=@private=0xa010102}]}, 0x3c}}, 0x0) 215.146508ms ago: executing program 1 (id=548): r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = dup2(r0, 0xffffffffffffffff) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) shutdown(r2, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f00000002c0)=[@in6={0xa, 0x0, 0x0, @private0}]}, &(0x7f0000000180)=0x10) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x71, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8) 212.944603ms ago: executing program 3 (id=549): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0241, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0x2}) r1 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff) r3 = socket(0x11, 0x2, 0x0) getsockopt$nfc_llcp(r3, 0x107, 0x11, 0x0, 0x20600000) write$binfmt_aout(r3, &(0x7f0000000280)={{0xcc, 0x3, 0x6, 0x265, 0x12a, 0x2, 0x19e, 0x1}, "241327c57856905db29e8c05422bd3e49b05e28669b7d9a6adb48deee31e48fb0bffb8fb1ab3aa62ec83010b6fdf1b77e7425be3f30eae28499957e204958510564193253ce141edaede949beae2bd03130c4472220b39cfbd4f435996ce29f63343c445c67120a20127b2617a4faf66e877a87e33116702c4bba8351c070e5cc2d3", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0x6a2) r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$SMC_PNETID_ADD(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000004000000000200000009000100737900"/38], 0x2c}}, 0x0) sendmsg$SMC_PNETID_DEL(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r2, 0xe27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0) write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="034886dd090032000300300000006000000001002f0081e949b93897bc3b0000000000007d01ff020000000000000000000000000001120022eb"], 0xfdef) r5 = socket(0x10, 0x802, 0x0) write(r5, &(0x7f0000000140)="fc00000018003f02ab092500090007000a100200000000060000369321000700ff2500000005d00000000000000398996c92770a11419da79bb94b46fe000000bc00020000036c6c256f1a272f2e117c22ebc205214000000000008934d07302ad031720d7d5bbc91a3e2e80772c05defd5a32e280fc83ab82f605f70c9ddefefe082038f4f8b29d3ef3d92c83170e5bba4a463ae4f5566f91cf190201ded815b2ccd243f295ed94e0ad91bd0734babc7c3f2eeb57d43dd16b17e583df150c3b880f411f46a6b567b4d5715587e658a1ad0a4f01731d05b0350b0041f0d48f6f0000080548deac270e33429fd3000175e63fb8d38a873cf1587c3b41", 0xfc) time(&(0x7f0000000040)) 135.990701ms ago: executing program 2 (id=550): r0 = socket$inet(0x2, 0x4000000805, 0x0) listen(r0, 0x7) sendmmsg(r0, &(0x7f0000000e40)=[{{&(0x7f0000000000)=@l2tp={0x2, 0x201, @local}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000100)='\x00', 0x1}], 0x1}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=[{0x10, 0x84}], 0x10}}], 0x2, 0x0) 122.692421ms ago: executing program 1 (id=551): bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x50) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000680)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x2, [@func_proto={0x0, 0x0, 0x0, 0xd, 0x3}, @func_proto, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x2, 0x2}}]}}, 0x0, 0x4a}, 0x20) r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x6, 0x3, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90) r3 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'syz_tun\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r2, r4}, 0x40) r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000001280)='/proc/sysvipc/sem\x00', 0x0, 0x0) read$hiddev(r1, &(0x7f0000002c80)=""/4124, 0xffffffffffffff87) preadv(r5, &(0x7f0000001c00)=[{&(0x7f0000001840)=""/104, 0x68}], 0x1, 0x0, 0x0) r6 = semget$private(0x0, 0x6, 0x0) read$hiddev(r5, &(0x7f0000001100)=""/234, 0xea) syz_emit_ethernet(0xe80, &(0x7f0000001200)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd602a843500140600fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5800400090780000ab0afc22efcb2f9d33d2448bfe731f"], 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x6, 0x4, 0x2}, 0x48) r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x6, &(0x7f0000000440), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xb, 0xffffffffffffffff, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0xfffffffffffffe66) r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f00000012c0)=ANY=[@ANYBLOB="f2e2a5aa36e1623adb68b765eda10159f26a738bf643169f133e9171150af073af3a928fe94fc35af6f2d2345cc58ce2284e9f9e88beae8b57fc64a3691cd4987d5c7ea93215783bf0908ed080665388e8224bbcaac7431c52a4a743c93d0d2f946cfa3ed9200ef2de711417f81518ed25c79f3d3224c0a0ad73567293a22e87301969bc1762cbed6bddc093e81501bc21b86db9fe688e8e154a23118194b29c9b46163ae865bd0fddbabd320fe9a9e68dd730435f61271e4891d4340fb1aa8b8cd852569cf18fdc391a008b28e400351da45edf797d76e1c81975c596ca009b6082b6c3", @ANYRESHEX=r6, @ANYRES64=r2, @ANYRES8=r0, @ANYRESDEC=r7], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r8, 0x2000000, 0xe, 0x0, &(0x7f0000000280)="0c78bca32c37898d78318e236899", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) socket$nl_route(0x10, 0x3, 0x0) syz_open_dev$video(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0) r9 = getpid() sched_setscheduler(r9, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r10, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r11, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x400000000000290, 0x40002122, 0x0) mount$afs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='\a']) 0s ago: executing program 2 (id=552): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$nl_route(0x10, 0x3, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) write$RDMA_USER_CM_CMD_MIGRATE_ID(0xffffffffffffffff, &(0x7f0000000180)={0x12, 0x10, 0xfa00, {&(0x7f0000005480)}}, 0x18) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x2, 0x4, 0x6, 0xbaa}, 0x48) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x28, 0x9, 0xa, 0x0, 0x0, 0x0, {}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x10}}, 0x50}}, 0x0) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f0000000500)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x3d, 0x4, 0x0, 0x0, 0xf4, 0x67, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x401, 0x5, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev, 0x65c}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100, 0x7}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @ssrr={0x89, 0x1f, 0x7f, [@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, @dev={0xac, 0x14, 0x14, 0x2d}, @loopback, @rand_addr=0x64010102, @empty, @empty]}, @noop, @lsrr={0x83, 0xf, 0xdc, [@private=0xa010102, @rand_addr=0x64010102, @multicast1]}, @rr={0x7, 0x17, 0x0, [@dev, @remote, @multicast1, @private=0xa010102, @remote]}]}}}}}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0) write$binfmt_script(r5, &(0x7f0000000240), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r5, 0x0) r6 = dup(r4) r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r7, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0) syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r4, 0x4010ae67, &(0x7f00000001c0)={0x0, 0xd000}) ioctl$KVM_NMI(r7, 0xae9a) ioctl$KVM_RUN(r7, 0xae80, 0x0) bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000200), 0xa7c, r2}, 0x38) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)=ANY=[@ANYBLOB="280000001000012ef7948d555877dd9c653ec4f2de7a8c72fbd9a64da7bae49a06d92bc0e9a667cec58a9e54d264f501bbaa04cdbb8d72db89b7f66822ad2aa303d6356a10dd00de5f41ecad103d7c33513bee5c86ee5d4658b5eeda4dcaae7b6d99160a9b4adaad8c734f592036770bbc422f7ba901cf0a718ea9844afcb46cfeb6ceed5fdbd2cd200c868ea49500"/170, @ANYRES32=0x0, @ANYBLOB="000000000000000008001b0000000000"], 0x28}}, 0x0) kernel console output (not intermixed with test programs): 101.311857][ T5284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.333984][ T5284] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 101.368483][ T5284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 101.391287][ T5284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.425039][ T5284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 101.456477][ T5284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.496488][ T5284] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 101.517864][ T5284] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 101.539014][ T5284] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 101.618682][ T5284] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.646541][ T5284] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.655293][ T5284] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.676865][ T5284] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 101.710064][ T5410] 8021q: adding VLAN 0 to HW filter on device bond0 [ 101.774903][ T5386] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 101.820512][ T5410] 8021q: adding VLAN 0 to HW filter on device team0 [ 101.848993][ T5640] binder: 5632:5640 ioctl 5514 0 returned -22 [ 101.866225][ T5138] bridge0: port 1(bridge_slave_0) entered blocking state [ 101.873434][ T5138] bridge0: port 1(bridge_slave_0) entered forwarding state [ 101.950205][ T5138] bridge0: port 2(bridge_slave_1) entered blocking state [ 101.957540][ T5138] bridge0: port 2(bridge_slave_1) entered forwarding state [ 102.007871][ T5641] kvm: emulating exchange as write [ 102.029341][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.040807][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.144341][ T1038] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 102.155362][ T5386] veth0_vlan: entered promiscuous mode [ 102.177840][ T1038] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 102.240449][ T5386] veth1_vlan: entered promiscuous mode [ 102.393633][ T5386] veth0_macvtap: entered promiscuous mode [ 102.468183][ T5386] veth1_macvtap: entered promiscuous mode [ 102.659569][ T5386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 102.679092][ T5386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.234225][ T5386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 103.575825][ T5386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.606570][ T5386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 103.677799][ T5386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.716520][ T5386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 103.741329][ T5386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.766372][ T5664] netlink: 100 bytes leftover after parsing attributes in process `syz.3.90'. [ 103.770961][ T5386] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 103.860279][ T5386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 103.884655][ T5386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.895146][ T5386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 103.907547][ T5386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.920887][ T5386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 103.933065][ T5386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 103.943643][ T5386] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 104.023327][ T5386] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 104.082590][ T5386] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 104.138415][ T5386] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.189190][ T5386] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.218794][ T5386] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.248691][ T5386] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 104.370128][ T5410] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 104.391306][ T5680] netlink: 100 bytes leftover after parsing attributes in process `syz.2.94'. [ 104.702536][ T2421] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.751928][ T2421] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 104.807719][ T2421] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 104.816195][ T2421] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 105.022743][ T5693] Bluetooth: MGMT ver 1.23 [ 105.043107][ T5138] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 105.287941][ T5138] usb 4-1: New USB device found, idVendor=07ca, idProduct=a309, bcdDevice= 9.4f [ 105.317747][ T5138] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.353266][ T5138] usb 4-1: config 0 descriptor?? [ 105.379792][ T5138] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-22 [ 105.390312][ T5138] dvb_usb_af9015 4-1:0.0: probe with driver dvb_usb_af9015 failed with error -22 [ 105.398575][ T5410] veth0_vlan: entered promiscuous mode [ 105.547647][ T5410] veth1_vlan: entered promiscuous mode [ 105.672890][ T5410] veth0_macvtap: entered promiscuous mode [ 105.744069][ T5410] veth1_macvtap: entered promiscuous mode [ 105.849026][ T5719] binder: 5710:5719 ioctl 5514 0 returned -22 [ 105.871942][ T5410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.884274][ T5410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.894946][ T5410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 105.934177][ T5410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 105.960511][ T5410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 106.011315][ T5410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.048469][ T5410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 106.068588][ T5410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.126726][ T5410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 106.154493][ T5410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.187599][ T5410] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 106.283581][ T5410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.373087][ T5410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.422627][ T5410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.632871][ T5410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.818805][ T5410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 106.854430][ T5410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 106.889908][ T5410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 107.520525][ T5410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.694086][ T5410] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 107.720739][ T5410] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 107.750058][ T5410] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 108.625204][ T5410] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.756174][ T5410] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 108.798332][ T5410] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 109.079500][ T5410] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 111.454516][ T5765] sched: RT throttling activated [ 114.364137][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.385939][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 114.415802][ T9] usb 4-1: USB disconnect, device number 6 [ 114.728815][ T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 114.779625][ T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 116.704423][ T5801] FAULT_INJECTION: forcing a failure. [ 116.704423][ T5801] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 116.780962][ T5801] CPU: 1 PID: 5801 Comm: syz.3.113 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 116.790737][ T5801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 116.800816][ T5801] Call Trace: [ 116.804233][ T5801] [ 116.807190][ T5801] dump_stack_lvl+0x241/0x360 [ 116.811907][ T5801] ? __pfx_dump_stack_lvl+0x10/0x10 [ 116.817140][ T5801] ? __pfx__printk+0x10/0x10 [ 116.821764][ T5801] ? __pfx_lock_release+0x10/0x10 [ 116.826823][ T5801] should_fail_ex+0x3b0/0x4e0 [ 116.831540][ T5801] _copy_to_user+0x2f/0xb0 [ 116.835990][ T5801] bpf_test_finish+0x22c/0x8b0 [ 116.840784][ T5801] ? __might_fault+0xaa/0x120 [ 116.845490][ T5801] ? __pfx_bpf_test_finish+0x10/0x10 [ 116.850807][ T5801] ? _copy_from_user+0xa6/0xe0 [ 116.855596][ T5801] ? bpf_test_init+0x15a/0x180 [ 116.860403][ T5801] bpf_prog_test_run_xdp+0x905/0x11b0 [ 116.865912][ T5801] ? __pfx_lock_release+0x10/0x10 [ 116.870972][ T5801] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 116.876809][ T5801] ? __fget_files+0x29/0x470 [ 116.881432][ T5801] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 116.887262][ T5801] bpf_prog_test_run+0x33a/0x3b0 [ 116.892208][ T5801] __sys_bpf+0x48d/0x810 [ 116.896450][ T5801] ? __pfx___sys_bpf+0x10/0x10 [ 116.901213][ T5801] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 116.907188][ T5801] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 116.913507][ T5801] ? do_syscall_64+0x100/0x230 [ 116.918355][ T5801] __x64_sys_bpf+0x7c/0x90 [ 116.922765][ T5801] do_syscall_64+0xf3/0x230 [ 116.927360][ T5801] ? clear_bhb_loop+0x35/0x90 [ 116.932031][ T5801] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 116.937951][ T5801] RIP: 0033:0x7fc56cf75b59 [ 116.942367][ T5801] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 116.962069][ T5801] RSP: 002b:00007fc56dcb6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 116.970488][ T5801] RAX: ffffffffffffffda RBX: 00007fc56d105f60 RCX: 00007fc56cf75b59 [ 116.978720][ T5801] RDX: 0000000000000050 RSI: 0000000020000340 RDI: 000000000000000a [ 116.986951][ T5801] RBP: 00007fc56dcb60a0 R08: 0000000000000000 R09: 0000000000000000 [ 116.995005][ T5801] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 117.002968][ T5801] R13: 000000000000000b R14: 00007fc56d105f60 R15: 00007ffe4ddb32c8 [ 117.010950][ T5801] [ 117.014771][ C1] vkms_vblank_simulate: vblank timer overrun [ 117.066287][ T5094] Bluetooth: hci0: command tx timeout [ 123.196641][ T5851] FAULT_INJECTION: forcing a failure. [ 123.196641][ T5851] name failslab, interval 1, probability 0, space 0, times 0 [ 123.272411][ T5851] CPU: 1 PID: 5851 Comm: syz.2.124 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 123.282183][ T5851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 123.292259][ T5851] Call Trace: [ 123.295548][ T5851] [ 123.298495][ T5851] dump_stack_lvl+0x241/0x360 [ 123.303199][ T5851] ? __pfx_dump_stack_lvl+0x10/0x10 [ 123.308427][ T5851] ? __pfx__printk+0x10/0x10 [ 123.313048][ T5851] ? _raw_spin_unlock_irqrestore+0xdd/0x140 [ 123.318990][ T5851] ? stack_trace_save+0x118/0x1d0 [ 123.324045][ T5851] should_fail_ex+0x3b0/0x4e0 [ 123.328751][ T5851] ? snd_pcm_hw_refine+0x965/0x1b40 [ 123.333976][ T5851] should_failslab+0x9/0x20 [ 123.338496][ T5851] __kmalloc_noprof+0xd8/0x400 [ 123.343283][ T5851] snd_pcm_hw_refine+0x965/0x1b40 [ 123.348322][ T5851] ? kmalloc_trace_noprof+0x19c/0x2c0 [ 123.353706][ T5851] ? snd_pcm_hw_param_near+0xea/0x740 [ 123.359090][ T5851] ? snd_pcm_oss_change_params_locked+0x1ff5/0x3d60 [ 123.365705][ T5851] ? __pfx_snd_pcm_hw_refine+0x10/0x10 [ 123.371214][ T5851] ? __kasan_kmalloc+0x98/0xb0 [ 123.376002][ T5851] ? snd_pcm_hw_param_near+0xea/0x740 [ 123.381390][ T5851] ? _snd_pcm_hw_param_min+0x586/0x870 [ 123.386913][ T5851] snd_pcm_hw_param_near+0x167/0x740 [ 123.392302][ T5851] ? _snd_pcm_hw_param_set+0x3c0/0x660 [ 123.397957][ T5851] ? __pfx_snd_pcm_hw_param_near+0x10/0x10 [ 123.403784][ T5851] snd_pcm_oss_change_params_locked+0x1ff5/0x3d60 [ 123.410311][ T5851] ? __pfx___might_resched+0x10/0x10 [ 123.415647][ T5851] ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10 [ 123.422440][ T5851] ? __pfx___mutex_lock+0x10/0x10 [ 123.427499][ T5851] ? smk_access+0x4ab/0x4e0 [ 123.432052][ T5851] snd_pcm_oss_get_active_substream+0x201/0x280 [ 123.438325][ T5851] snd_pcm_oss_ioctl+0x4e7/0xff0 [ 123.443284][ T5851] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 123.448759][ T5851] ? __fget_files+0x3f6/0x470 [ 123.453474][ T5851] ? __fget_files+0x29/0x470 [ 123.458363][ T5851] ? bpf_lsm_file_ioctl+0x9/0x10 [ 123.463408][ T5851] ? security_file_ioctl+0x87/0xb0 [ 123.468535][ T5851] ? __pfx_snd_pcm_oss_ioctl+0x10/0x10 [ 123.474016][ T5851] __se_sys_ioctl+0xfc/0x170 [ 123.478630][ T5851] do_syscall_64+0xf3/0x230 [ 123.483157][ T5851] ? clear_bhb_loop+0x35/0x90 [ 123.487947][ T5851] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 123.493862][ T5851] RIP: 0033:0x7f1e56f75b59 [ 123.498289][ T5851] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 123.518791][ T5851] RSP: 002b:00007f1e57cc8048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 123.527418][ T5851] RAX: ffffffffffffffda RBX: 00007f1e57105f60 RCX: 00007f1e56f75b59 [ 123.535839][ T5851] RDX: 0000000000000000 RSI: 0000000080045006 RDI: 0000000000000003 [ 123.543828][ T5851] RBP: 00007f1e57cc80a0 R08: 0000000000000000 R09: 0000000000000000 [ 123.551817][ T5851] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 123.560069][ T5851] R13: 000000000000000b R14: 00007f1e57105f60 R15: 00007ffedd6fd418 [ 123.568071][ T5851] [ 123.571112][ C1] vkms_vblank_simulate: vblank timer overrun [ 124.301049][ T5856] IPv6: Can't replace route, no match found [ 124.367906][ T5855] delete_channel: no stack [ 124.911672][ T5868] input: syz0 as /devices/virtual/input/input6 [ 125.182568][ T5880] netlink: 16 bytes leftover after parsing attributes in process `syz.0.134'. [ 125.388251][ T5888] cannot load conntrack support for proto=3 [ 125.430174][ T5880] netlink: 16 bytes leftover after parsing attributes in process `syz.0.134'. [ 127.312033][ T5909] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 127.501826][ T5910] sp0: Synchronizing with TNC [ 130.007515][ T5094] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 130.016265][ T5094] Bluetooth: hci0: Injecting HCI hardware error event [ 130.024503][ T5094] Bluetooth: hci0: hardware error 0x00 [ 130.215319][ T5913] input: syz0 as /devices/virtual/input/input7 [ 130.381410][ T5923] FAULT_INJECTION: forcing a failure. [ 130.381410][ T5923] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 130.406856][ T5923] CPU: 1 PID: 5923 Comm: syz.4.145 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 130.416528][ T5923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 130.426608][ T5923] Call Trace: [ 130.429908][ T5923] [ 130.432874][ T5923] dump_stack_lvl+0x241/0x360 [ 130.437593][ T5923] ? __pfx_dump_stack_lvl+0x10/0x10 [ 130.442829][ T5923] ? __pfx__printk+0x10/0x10 [ 130.447456][ T5923] ? __pfx_lock_release+0x10/0x10 [ 130.452527][ T5923] should_fail_ex+0x3b0/0x4e0 [ 130.457258][ T5923] strncpy_from_user+0x36/0x2e0 [ 130.462140][ T5923] ? kmem_cache_alloc_noprof+0x185/0x2a0 [ 130.467814][ T5923] getname_flags+0xf1/0x540 [ 130.472359][ T5923] __x64_sys_link+0x6a/0x90 [ 130.476897][ T5923] do_syscall_64+0xf3/0x230 [ 130.481529][ T5923] ? clear_bhb_loop+0x35/0x90 [ 130.486356][ T5923] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 130.492306][ T5923] RIP: 0033:0x7f1e55775b59 [ 130.496750][ T5923] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 130.513888][ T5928] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT [ 130.516365][ T5923] RSP: 002b:00007f1e564e6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000056 [ 130.516401][ T5923] RAX: ffffffffffffffda RBX: 00007f1e55905f60 RCX: 00007f1e55775b59 [ 130.516413][ T5923] RDX: 0000000000000000 RSI: 0000000020000bc0 RDI: 0000000020001240 [ 130.516423][ T5923] RBP: 00007f1e564e60a0 R08: 0000000000000000 R09: 0000000000000000 [ 130.555703][ T5923] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 130.563699][ T5923] R13: 000000000000000b R14: 00007f1e55905f60 R15: 00007fff1bab35e8 [ 130.571716][ T5923] [ 130.574926][ C1] vkms_vblank_simulate: vblank timer overrun [ 130.912923][ T5941] netlink: 100 bytes leftover after parsing attributes in process `syz.4.149'. [ 130.958119][ T5104] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0 [ 130.970025][ T5104] Bluetooth: hci1: Injecting HCI hardware error event [ 130.987113][ T55] Bluetooth: hci1: hardware error 0x00 [ 131.320087][ T5949] IPVS: Error joining to the multicast group [ 131.425987][ T5954] netdevsim netdevsim0 netdevsim1: Unsupported IPsec algorithm [ 131.613009][ T5958] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 131.656640][ T5958] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 132.254623][ T5094] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 132.992988][ T5973] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 133.006813][ T5972] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.038853][ T55] Bluetooth: hci1: Opcode 0x0c03 failed: -110 [ 133.046232][ T5972] bridge0: port 2(bridge_slave_1) entered disabled state [ 133.166851][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.183502][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.193936][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.203501][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.212406][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.220320][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.230982][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.239970][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.248990][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.260555][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.268564][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.286254][ T1250] ieee802154 phy0 wpan0: encryption failed: -22 [ 133.293969][ T1250] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.303320][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.313517][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.321891][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.330182][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.339066][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.350667][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.377153][ T47] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 133.377323][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.394427][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.408231][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.421970][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.456618][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.475956][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.491806][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.496522][ T5138] usb 4-1: new high-speed USB device number 7 using dummy_hcd [ 133.518751][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.531274][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.552764][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.572004][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.586796][ T47] usb 5-1: Using ep0 maxpacket: 8 [ 133.587756][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.611698][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.628816][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.643737][ T47] usb 5-1: config 0 has an invalid interface number: 143 but max is 0 [ 133.644395][ T9] hid-generic 0007:0000:0000.0003: unknown main item tag 0x0 [ 133.684143][ T47] usb 5-1: config 0 has no interface number 0 [ 133.704365][ T9] hid-generic 0007:0000:0000.0003: hidraw0: HID v0.00 Device [syz1] on syz0 [ 133.714946][ T47] usb 5-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=c1.9b [ 133.725997][ T5138] usb 4-1: config index 0 descriptor too short (expected 25970, got 36) [ 133.739628][ T47] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.765062][ T5138] usb 4-1: config 116 has too many interfaces: 99, using maximum allowed: 32 [ 133.813668][ T47] usb 5-1: config 0 descriptor?? [ 133.825633][ T5138] usb 4-1: config 116 has an invalid descriptor of length 0, skipping remainder of the config [ 133.870965][ T5138] usb 4-1: config 116 has 0 interfaces, different from the descriptor's value: 99 [ 133.914282][ T5138] usb 4-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00 [ 133.935353][ T5138] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 133.968587][ T47] viperboard 5-1:0.143: version 0.00 found at bus 005 address 003 [ 134.049110][ T47] viperboard-i2c viperboard-i2c.2.auto: failure setting i2c_bus_freq to 100 [ 134.247471][ T6003] sp0: Synchronizing with TNC [ 135.640122][ T47] viperboard-i2c viperboard-i2c.2.auto: probe with driver viperboard-i2c failed with error -5 [ 135.821976][ T6012] netlink: 100 bytes leftover after parsing attributes in process `syz.2.171'. [ 135.944252][ T47] usb 4-1: USB disconnect, device number 7 [ 135.982984][ T6017] IPVS: Error joining to the multicast group [ 136.134841][ T6020] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 136.153647][ T6020] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 136.184868][ T6020] openvswitch: netlink: Missing key (keys=44, expected=100) [ 136.870816][ T6031] FAULT_INJECTION: forcing a failure. [ 136.870816][ T6031] name fail_page_alloc, interval 1, probability 0, space 0, times 1 [ 137.032991][ T6031] CPU: 1 PID: 6031 Comm: syz.2.177 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 137.043185][ T6031] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 137.053405][ T6031] Call Trace: [ 137.056674][ T6031] [ 137.059594][ T6031] dump_stack_lvl+0x241/0x360 [ 137.064266][ T6031] ? __pfx_dump_stack_lvl+0x10/0x10 [ 137.069630][ T6031] ? __pfx__printk+0x10/0x10 [ 137.074362][ T6031] ? __lock_acquire+0x1346/0x1fd0 [ 137.079387][ T6031] should_fail_ex+0x3b0/0x4e0 [ 137.084344][ T6031] prepare_alloc_pages+0x1da/0x5d0 [ 137.089464][ T6031] __alloc_pages_noprof+0x166/0x6c0 [ 137.094693][ T6031] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 137.100422][ T6031] alloc_pages_mpol_noprof+0x3e8/0x680 [ 137.105882][ T6031] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 137.111919][ T6031] vma_alloc_folio_noprof+0xf3/0x1f0 [ 137.117286][ T6031] ? __pfx_vma_alloc_folio_noprof+0x10/0x10 [ 137.123165][ T6031] ? do_raw_spin_unlock+0x13c/0x8b0 [ 137.131136][ T6031] folio_prealloc+0x31/0x170 [ 137.135719][ T6031] do_wp_page+0x11cc/0x52f0 [ 137.140238][ T6031] ? __pfx_do_wp_page+0x10/0x10 [ 137.145087][ T6031] ? __pfx_lock_acquire+0x10/0x10 [ 137.150100][ T6031] ? do_raw_spin_lock+0x14f/0x370 [ 137.155144][ T6031] handle_pte_fault+0x117e/0x7090 [ 137.160174][ T6031] ? cgroup_rstat_updated+0x13b/0xc60 [ 137.165547][ T6031] ? __pfx_validate_chain+0x10/0x10 [ 137.170876][ T6031] ? __pfx_cgroup_rstat_updated+0x10/0x10 [ 137.176954][ T6031] ? mark_lock+0x9a/0x350 [ 137.181283][ T6031] ? __pfx_handle_pte_fault+0x10/0x10 [ 137.186930][ T6031] ? __lock_acquire+0x1346/0x1fd0 [ 137.192050][ T6031] ? mt_find+0x226/0x850 [ 137.196289][ T6031] handle_mm_fault+0xfb0/0x19d0 [ 137.201155][ T6031] ? __pfx_handle_mm_fault+0x10/0x10 [ 137.206448][ T6031] ? __pfx___up_read+0x10/0x10 [ 137.211210][ T6031] ? lock_mm_and_find_vma+0x9c/0x2f0 [ 137.216483][ T6031] exc_page_fault+0x2b9/0x8c0 [ 137.221160][ T6031] asm_exc_page_fault+0x26/0x30 [ 137.226005][ T6031] RIP: 0010:rep_movs_alternative+0x4a/0x70 [ 137.231793][ T6031] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1 [ 137.236740][ T55] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0 [ 137.251374][ T6031] RSP: 0018:ffffc9000306fcc0 EFLAGS: 00050206 [ 137.251467][ T6031] RAX: ffffffff84a81e01 RBX: 0000000020080180 RCX: 0000000000079180 [ 137.260037][ T55] Bluetooth: hci4: Injecting HCI hardware error event [ 137.266010][ T6031] RDX: 0000000000000000 RSI: ffff88805f206f80 RDI: 0000000020007000 [ 137.275623][ T55] Bluetooth: hci4: hardware error 0x00 [ 137.280712][ T6031] RBP: ffff88805f200000 R08: ffff88805f2800ff R09: 1ffff1100be5001f [ 137.280732][ T6031] R10: dffffc0000000000 R11: ffffed100be50020 R12: 0000000000080100 [ 137.280744][ T6031] R13: 0000000000000000 R14: 0000000020000080 R15: ffff88805f200000 [ 137.280767][ T6031] ? _copy_from_user+0x81/0xe0 [ 137.280797][ T6031] _copy_to_user+0x86/0xb0 [ 137.327414][ T6031] map_lookup_elem+0x5d0/0x7c0 [ 137.332178][ T6031] __sys_bpf+0x429/0x810 [ 137.336426][ T6031] ? __pfx___sys_bpf+0x10/0x10 [ 137.341225][ T6031] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 137.347206][ T6031] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 137.353542][ T6031] ? do_syscall_64+0x100/0x230 [ 137.358391][ T6031] __x64_sys_bpf+0x7c/0x90 [ 137.362790][ T6031] do_syscall_64+0xf3/0x230 [ 137.367279][ T6031] ? clear_bhb_loop+0x35/0x90 [ 137.371948][ T6031] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 137.377831][ T6031] RIP: 0033:0x7f1e56f75b59 [ 137.382232][ T6031] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 137.402908][ T6031] RSP: 002b:00007f1e57ca7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 137.411406][ T6031] RAX: ffffffffffffffda RBX: 00007f1e57106038 RCX: 00007f1e56f75b59 [ 137.419368][ T6031] RDX: 0000000000000020 RSI: 0000000020000600 RDI: 0000000000000001 [ 137.427684][ T6031] RBP: 00007f1e57ca70a0 R08: 0000000000000000 R09: 0000000000000000 [ 137.435660][ T6031] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 137.443740][ T6031] R13: 000000000000006e R14: 00007f1e57106038 R15: 00007ffedd6fd418 [ 137.451768][ T6031] [ 137.581906][ T47] usb 5-1: USB disconnect, device number 3 [ 137.779149][ T29] audit: type=1326 audit(1721396992.564:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6034 comm="syz.3.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc56cf75b59 code=0x7fc00000 [ 139.598718][ T55] Bluetooth: hci4: Opcode 0x0c03 failed: -110 [ 140.762664][ T29] audit: type=1326 audit(1721396993.764:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6034 comm="syz.3.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fc56cf75b59 code=0x7fc00000 [ 140.980043][ T29] audit: type=1326 audit(1721396995.934:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6034 comm="syz.3.180" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc56cf75b59 code=0x7fc00000 [ 141.207303][ T6049] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 141.371159][ T6060] netlink: 100 bytes leftover after parsing attributes in process `syz.3.186'. [ 141.375209][ T29] audit: type=1326 audit(1721396996.334:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6058 comm="syz.4.187" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1e55775b59 code=0x0 [ 141.522493][ T6062] netlink: 32 bytes leftover after parsing attributes in process `syz.1.188'. [ 141.544240][ T6062] netlink: 16 bytes leftover after parsing attributes in process `syz.1.188'. [ 141.608222][ T6062] netlink: 20 bytes leftover after parsing attributes in process `syz.1.188'. [ 141.912709][ T6066] Invalid ELF section header size [ 141.985747][ T6073] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 142.028221][ T6073] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 143.401884][ T29] audit: type=1326 audit(1721396998.364:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6089 comm="syz.3.197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc56cf75b59 code=0x7fc00000 [ 143.572814][ T29] audit: type=1326 audit(1721396998.394:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6089 comm="syz.3.197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fc56cf75b59 code=0x7fc00000 [ 144.099203][ T29] audit: type=1326 audit(1721396999.054:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6089 comm="syz.3.197" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc56cf75b59 code=0x7fc00000 [ 145.191992][ T6120] FAULT_INJECTION: forcing a failure. [ 145.191992][ T6120] name failslab, interval 1, probability 0, space 0, times 0 [ 145.205070][ T6120] CPU: 1 PID: 6120 Comm: syz.3.201 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 145.214800][ T6120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 145.224860][ T6120] Call Trace: [ 145.228260][ T6120] [ 145.231202][ T6120] dump_stack_lvl+0x241/0x360 [ 145.235988][ T6120] ? __pfx_dump_stack_lvl+0x10/0x10 [ 145.241196][ T6120] ? __pfx__printk+0x10/0x10 [ 145.245961][ T6120] should_fail_ex+0x3b0/0x4e0 [ 145.251087][ T6120] ? skb_clone+0x20c/0x390 [ 145.255492][ T6120] should_failslab+0x9/0x20 [ 145.260012][ T6120] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 145.265509][ T6120] skb_clone+0x20c/0x390 [ 145.269788][ T6120] ? dev_queue_xmit_nit+0x220/0xc10 [ 145.275121][ T6120] dev_queue_xmit_nit+0x419/0xc10 [ 145.280198][ T6120] ? dev_queue_xmit_nit+0x2b/0xc10 [ 145.285399][ T6120] ? validate_xmit_skb+0x9f9/0x1120 [ 145.290594][ T6120] dev_hard_start_xmit+0x15f/0x7e0 [ 145.295699][ T6120] ? __pfx_validate_xmit_skb+0x10/0x10 [ 145.301153][ T6120] __dev_queue_xmit+0x1b63/0x3e90 [ 145.306165][ T6120] ? kasan_save_track+0x51/0x80 [ 145.311008][ T6120] ? do_syscall_64+0xf3/0x230 [ 145.315677][ T6120] ? __dev_queue_xmit+0x2da/0x3e90 [ 145.320782][ T6120] ? __pfx___dev_queue_xmit+0x10/0x10 [ 145.326194][ T6120] ? __copy_skb_header+0x437/0x5b0 [ 145.331304][ T6120] ? __asan_memcpy+0x40/0x70 [ 145.336006][ T6120] ? __copy_skb_header+0x437/0x5b0 [ 145.341129][ T6120] ? __skb_clone+0x454/0x6c0 [ 145.345724][ T6120] ? skb_clone+0x240/0x390 [ 145.350147][ T6120] __netlink_deliver_tap+0x54d/0x7c0 [ 145.355428][ T6120] ? netlink_deliver_tap+0x2e/0x1b0 [ 145.360619][ T6120] netlink_deliver_tap+0x19d/0x1b0 [ 145.365736][ T6120] netlink_unicast+0x7be/0x990 [ 145.370503][ T6120] ? __pfx_netlink_unicast+0x10/0x10 [ 145.375786][ T6120] ? __virt_addr_valid+0x183/0x530 [ 145.380904][ T6120] ? __check_object_size+0x49c/0x900 [ 145.386203][ T6120] ? bpf_lsm_netlink_send+0x9/0x10 [ 145.391323][ T6120] netlink_sendmsg+0x8e4/0xcb0 [ 145.396156][ T6120] ? __pfx_netlink_sendmsg+0x10/0x10 [ 145.401438][ T6120] ? __import_iovec+0x536/0x820 [ 145.406301][ T6120] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 145.411607][ T6120] ? security_socket_sendmsg+0x87/0xb0 [ 145.417108][ T6120] ? __pfx_netlink_sendmsg+0x10/0x10 [ 145.422403][ T6120] __sock_sendmsg+0x221/0x270 [ 145.427145][ T6120] ____sys_sendmsg+0x525/0x7d0 [ 145.431922][ T6120] ? __pfx_____sys_sendmsg+0x10/0x10 [ 145.437206][ T6120] __sys_sendmsg+0x2b0/0x3a0 [ 145.441811][ T6120] ? __pfx___sys_sendmsg+0x10/0x10 [ 145.446925][ T6120] ? vfs_write+0x7c4/0xc90 [ 145.451363][ T6120] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 145.457694][ T6120] ? do_syscall_64+0x100/0x230 [ 145.462496][ T6120] ? do_syscall_64+0xb6/0x230 [ 145.467197][ T6120] do_syscall_64+0xf3/0x230 [ 145.471725][ T6120] ? clear_bhb_loop+0x35/0x90 [ 145.476647][ T6120] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 145.482560][ T6120] RIP: 0033:0x7fc56cf75b59 [ 145.486968][ T6120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 145.506566][ T6120] RSP: 002b:00007fc56dcb6048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 145.514964][ T6120] RAX: ffffffffffffffda RBX: 00007fc56d105f60 RCX: 00007fc56cf75b59 [ 145.522923][ T6120] RDX: 0000000000000000 RSI: 0000000020000600 RDI: 0000000000000004 [ 145.531029][ T6120] RBP: 00007fc56dcb60a0 R08: 0000000000000000 R09: 0000000000000000 [ 145.538991][ T6120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 145.546971][ T6120] R13: 000000000000000b R14: 00007fc56d105f60 R15: 00007ffe4ddb32c8 [ 145.554946][ T6120] [ 145.658278][ T6120] netlink: 'syz.3.201': attribute type 10 has an invalid length. [ 145.763646][ T6120] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 146.202793][ T6134] FAULT_INJECTION: forcing a failure. [ 146.202793][ T6134] name failslab, interval 1, probability 0, space 0, times 0 [ 146.215598][ T6134] CPU: 0 PID: 6134 Comm: syz.1.207 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 146.225344][ T6134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 146.235440][ T6134] Call Trace: [ 146.238758][ T6134] [ 146.241726][ T6134] dump_stack_lvl+0x241/0x360 [ 146.246441][ T6134] ? __pfx_dump_stack_lvl+0x10/0x10 [ 146.251675][ T6134] ? __pfx__printk+0x10/0x10 [ 146.256311][ T6134] ? __pfx___might_resched+0x10/0x10 [ 146.261666][ T6134] ? dynamic_dname+0x141/0x1b0 [ 146.266471][ T6134] should_fail_ex+0x3b0/0x4e0 [ 146.271198][ T6134] ? tomoyo_encode+0x26f/0x540 [ 146.275989][ T6134] should_failslab+0x9/0x20 [ 146.280516][ T6134] __kmalloc_noprof+0xd8/0x400 [ 146.285319][ T6134] tomoyo_encode+0x26f/0x540 [ 146.289942][ T6134] ? __pfx_anon_inodefs_dname+0x10/0x10 [ 146.295527][ T6134] tomoyo_realpath_from_path+0x59e/0x5e0 [ 146.301218][ T6134] tomoyo_path_number_perm+0x23a/0x880 [ 146.306734][ T6134] ? tomoyo_path_number_perm+0x208/0x880 [ 146.312489][ T6134] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 146.318515][ T6134] ? __fget_files+0x29/0x470 [ 146.323108][ T6134] ? __fget_files+0x3f6/0x470 [ 146.327800][ T6134] ? __fget_files+0x29/0x470 [ 146.332410][ T6134] security_file_ioctl+0x75/0xb0 [ 146.337520][ T6134] __se_sys_ioctl+0x47/0x170 [ 146.342124][ T6134] do_syscall_64+0xf3/0x230 [ 146.346644][ T6134] ? clear_bhb_loop+0x35/0x90 [ 146.351329][ T6134] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 146.357246][ T6134] RIP: 0033:0x7fcca5575b59 [ 146.361667][ T6134] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 146.381294][ T6134] RSP: 002b:00007fcca6413048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 146.390236][ T6134] RAX: ffffffffffffffda RBX: 00007fcca5705f60 RCX: 00007fcca5575b59 [ 146.398208][ T6134] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005 [ 146.406171][ T6134] RBP: 00007fcca64130a0 R08: 0000000000000000 R09: 0000000000000000 [ 146.414162][ T6134] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 146.422137][ T6134] R13: 000000000000000b R14: 00007fcca5705f60 R15: 00007ffced193c28 [ 146.430145][ T6134] [ 146.616851][ T6134] ERROR: Out of memory at tomoyo_realpath_from_path. [ 146.879925][ T6151] FAULT_INJECTION: forcing a failure. [ 146.879925][ T6151] name failslab, interval 1, probability 0, space 0, times 0 [ 146.965917][ T6151] CPU: 1 PID: 6151 Comm: syz.3.211 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 146.975603][ T6151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 146.985680][ T6151] Call Trace: [ 146.988971][ T6151] [ 146.991910][ T6151] dump_stack_lvl+0x241/0x360 [ 146.996643][ T6151] ? __pfx_dump_stack_lvl+0x10/0x10 [ 147.001879][ T6151] ? __pfx__printk+0x10/0x10 [ 147.006495][ T6151] ? __pfx___might_resched+0x10/0x10 [ 147.011983][ T6151] should_fail_ex+0x3b0/0x4e0 [ 147.016717][ T6151] ? skb_clone+0x20c/0x390 [ 147.021193][ T6151] should_failslab+0x9/0x20 [ 147.025821][ T6151] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 147.031521][ T6151] ? __virt_addr_valid+0x183/0x530 [ 147.036758][ T6151] skb_clone+0x20c/0x390 [ 147.041063][ T6151] pfkey_sendmsg+0x43d/0x1050 [ 147.045785][ T6151] ? __pfx_pfkey_sendmsg+0x10/0x10 [ 147.051000][ T6151] ? tomoyo_socket_sendmsg_permission+0x288/0x420 [ 147.057439][ T6151] ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10 [ 147.064223][ T6151] ? __pfx___might_resched+0x10/0x10 [ 147.069523][ T6151] ? __might_fault+0xaa/0x120 [ 147.074302][ T6151] ? __pfx_lock_release+0x10/0x10 [ 147.079338][ T6151] ? __import_iovec+0x536/0x820 [ 147.084304][ T6151] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 147.089602][ T6151] ? security_socket_sendmsg+0x87/0xb0 [ 147.095082][ T6151] ? __pfx_pfkey_sendmsg+0x10/0x10 [ 147.100211][ T6151] __sock_sendmsg+0x221/0x270 [ 147.105034][ T6151] ____sys_sendmsg+0x525/0x7d0 [ 147.109827][ T6151] ? __pfx_____sys_sendmsg+0x10/0x10 [ 147.115141][ T6151] ? __might_fault+0xaa/0x120 [ 147.119849][ T6151] __sys_sendmmsg+0x3b2/0x740 [ 147.124637][ T6151] ? __pfx___sys_sendmmsg+0x10/0x10 [ 147.129980][ T6151] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 147.135900][ T6151] ? ksys_write+0x23e/0x2c0 [ 147.140423][ T6151] ? __pfx_lock_release+0x10/0x10 [ 147.145477][ T6151] ? vfs_write+0x7c4/0xc90 [ 147.149916][ T6151] ? __mutex_unlock_slowpath+0x21d/0x750 [ 147.155560][ T6151] ? __pfx_vfs_write+0x10/0x10 [ 147.160370][ T6151] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 147.166466][ T6151] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 147.173024][ T6151] ? do_syscall_64+0x100/0x230 [ 147.177812][ T6151] __x64_sys_sendmmsg+0xa0/0xb0 [ 147.182705][ T6151] do_syscall_64+0xf3/0x230 [ 147.187228][ T6151] ? clear_bhb_loop+0x35/0x90 [ 147.191961][ T6151] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 147.197878][ T6151] RIP: 0033:0x7fc56cf75b59 [ 147.202298][ T6151] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 147.221906][ T6151] RSP: 002b:00007fc56dcb6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 147.230373][ T6151] RAX: ffffffffffffffda RBX: 00007fc56d105f60 RCX: 00007fc56cf75b59 [ 147.238459][ T6151] RDX: 00000000000003ef RSI: 0000000020000180 RDI: 0000000000000003 [ 147.246438][ T6151] RBP: 00007fc56dcb60a0 R08: 0000000000000000 R09: 0000000000000000 [ 147.254406][ T6151] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 147.262463][ T6151] R13: 000000000000000b R14: 00007fc56d105f60 R15: 00007ffe4ddb32c8 [ 147.270645][ T6151] [ 147.397603][ T29] audit: type=1326 audit(1721397002.364:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6153 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e56f75b59 code=0x7fc00000 [ 147.467107][ T29] audit: type=1326 audit(1721397002.364:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6153 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f1e56f75b59 code=0x7fc00000 [ 147.666758][ T4871] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 147.742706][ T29] audit: type=1326 audit(1721397002.704:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6153 comm="syz.2.212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e56f75b59 code=0x7fc00000 [ 147.891640][ T4871] usb 1-1: config 0 has an invalid interface number: 3 but max is 0 [ 147.925686][ T4871] usb 1-1: config 0 has no interface number 0 [ 147.959257][ T4871] usb 1-1: config 0 interface 3 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 147.998333][ T4871] usb 1-1: config 0 interface 3 altsetting 0 endpoint 0xD has invalid maxpacket 512, setting to 64 [ 148.038878][ T4871] usb 1-1: config 0 interface 3 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0 [ 148.092641][ T4871] usb 1-1: config 0 interface 3 altsetting 0 endpoint 0x9 has invalid maxpacket 911, setting to 64 [ 148.153137][ T4871] usb 1-1: config 0 interface 3 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 64 [ 148.188639][ T4871] usb 1-1: config 0 interface 3 altsetting 0 has a duplicate endpoint with address 0x81, skipping [ 148.289169][ T4871] usb 1-1: config 0 interface 3 altsetting 0 has a duplicate endpoint with address 0x9, skipping [ 148.358329][ T4871] usb 1-1: config 0 interface 3 altsetting 0 has an endpoint descriptor with address 0x56, changing to 0x6 [ 148.406186][ T4871] usb 1-1: config 0 interface 3 altsetting 0 has a duplicate endpoint with address 0x6, skipping [ 148.445694][ T4871] usb 1-1: config 0 interface 3 altsetting 0 endpoint 0x4 has invalid maxpacket 1024, setting to 64 [ 148.484155][ T4871] usb 1-1: config 0 interface 3 altsetting 0 has a duplicate endpoint with address 0x2, skipping [ 148.534643][ T4871] usb 1-1: New USB device found, idVendor=05c6, idProduct=9047, bcdDevice=9e.47 [ 148.564114][ T4871] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 148.637115][ T4871] usb 1-1: config 0 descriptor?? [ 148.666225][ T6160] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 150.742963][ T6212] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 150.926912][ T6212] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 151.625732][ T29] audit: type=1326 audit(1721397006.584:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6220 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca5575b59 code=0x7fc00000 [ 151.689185][ T29] audit: type=1326 audit(1721397006.584:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6220 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fcca5575b59 code=0x7fc00000 [ 151.972215][ T6230] overlayfs: overlapping lowerdir path [ 152.105311][ T6231] iommufd_mock iommufd_mock0: Adding to iommu group 0 [ 152.158044][ T6231] fuse: Bad value for 'fd' [ 152.279846][ T29] audit: type=1326 audit(1721397007.244:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6220 comm="syz.1.226" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca5575b59 code=0x7fc00000 [ 152.523594][ T5142] usb 1-1: USB disconnect, device number 6 [ 152.561859][ T6233] netdevsim netdevsim1 netdevsim1: Unsupported IPsec algorithm [ 153.454771][ T29] audit: type=1326 audit(1721397008.404:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6258 comm="syz.0.237" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ee2775b59 code=0x0 [ 154.066968][ T6264] program syz.3.239 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 155.629472][ T6280] netdevsim netdevsim1 netdevsim1: Unsupported IPsec algorithm [ 156.201989][ T6294] netlink: 4 bytes leftover after parsing attributes in process `syz.4.245'. [ 157.558887][ T6302] FAULT_INJECTION: forcing a failure. [ 157.558887][ T6302] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 157.572134][ T6302] CPU: 0 PID: 6302 Comm: syz.3.247 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 157.581880][ T6302] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 157.591962][ T6302] Call Trace: [ 157.595255][ T6302] [ 157.598199][ T6302] dump_stack_lvl+0x241/0x360 [ 157.602898][ T6302] ? __pfx_dump_stack_lvl+0x10/0x10 [ 157.608114][ T6302] ? __pfx__printk+0x10/0x10 [ 157.612730][ T6302] ? __pfx_lock_release+0x10/0x10 [ 157.617830][ T6302] ? __local_bh_enable_ip+0x168/0x200 [ 157.623311][ T6302] ? copy_fpstate_to_sigframe+0x175/0xd90 [ 157.629142][ T6302] should_fail_ex+0x3b0/0x4e0 [ 157.633848][ T6302] copy_fpstate_to_sigframe+0xa87/0xd90 [ 157.639420][ T6302] ? stack_depot_save_flags+0x29/0x830 [ 157.644913][ T6302] ? __pfx_copy_fpstate_to_sigframe+0x10/0x10 [ 157.651038][ T6302] ? get_signal+0xbbc/0x1740 [ 157.655676][ T6302] ? fpu__alloc_mathframe+0xab/0x130 [ 157.660990][ T6302] get_sigframe+0x55d/0x700 [ 157.665696][ T6302] ? __pfx_get_sigframe+0x10/0x10 [ 157.670742][ T6302] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 157.676750][ T6302] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 157.683118][ T6302] x64_setup_rt_frame+0x180/0xcc0 [ 157.688180][ T6302] ? lockdep_hardirqs_on+0x99/0x150 [ 157.693485][ T6302] ? _raw_spin_unlock_irq+0x2e/0x50 [ 157.698720][ T6302] ? __pfx_x64_setup_rt_frame+0x10/0x10 [ 157.704285][ T6302] ? __pfx_force_sig_fault+0x10/0x10 [ 157.709596][ T6302] arch_do_signal_or_restart+0x458/0x860 [ 157.715253][ T6302] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 157.721467][ T6302] ? irqentry_exit_to_user_mode+0x53/0x280 [ 157.727293][ T6302] irqentry_exit_to_user_mode+0x79/0x280 [ 157.732942][ T6302] exc_page_fault+0x590/0x8c0 [ 157.737668][ T6302] asm_exc_page_fault+0x26/0x30 [ 157.743602][ T6302] RIP: 0033:0x7fc56ce46797 [ 157.748057][ T6302] Code: c4 0f 85 83 03 00 00 48 8b 04 24 89 5c 24 14 c6 80 d0 00 00 00 01 80 3d 52 ef de 00 00 74 12 48 8b 04 24 48 8b 80 a8 00 00 00 <48> c7 00 00 00 00 00 48 8b 1c 24 48 c7 83 88 00 00 00 ff ff ff ff [ 157.767789][ T6302] RSP: 002b:00007fc56c9ff070 EFLAGS: 00010202 [ 157.773876][ T6302] RAX: 0000000000000000 RBX: 0000000000000007 RCX: 0000000000000000 [ 157.781862][ T6302] RDX: 00007fc56c9ff0a0 RSI: 00007fc56c9ff0a0 RDI: 00007fc56c9ff0a0 [ 157.789839][ T6302] RBP: 00007fc56c9ff0a0 R08: 0000000000000000 R09: 00007fc56c9fee07 [ 157.797831][ T6302] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001 [ 157.805817][ T6302] R13: 000000000000006e R14: 00007fc56d1061e8 R15: 00007ffe4ddb32c8 [ 157.813998][ T6302] [ 160.507396][ T5094] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1 [ 160.524060][ T5094] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9 [ 160.543516][ T5094] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9 [ 160.554581][ T5094] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4 [ 160.573358][ T5094] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3 [ 160.583491][ T5094] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2 [ 160.715716][ T29] audit: type=1326 audit(1721397015.674:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca5575b59 code=0x7ffc0000 [ 160.756058][ T29] audit: type=1326 audit(1721397015.714:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=87 compat=0 ip=0x7fcca5575b59 code=0x7ffc0000 [ 160.779119][ T29] audit: type=1326 audit(1721397015.714:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca5575b59 code=0x7ffc0000 [ 160.835285][ T29] audit: type=1326 audit(1721397015.714:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca5575b59 code=0x7ffc0000 [ 160.912542][ T29] audit: type=1326 audit(1721397015.714:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcca5575b59 code=0x7ffc0000 [ 160.960538][ T29] audit: type=1326 audit(1721397015.714:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca5575b59 code=0x7ffc0000 [ 161.002887][ T29] audit: type=1326 audit(1721397015.714:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcca5575b59 code=0x7ffc0000 [ 161.064528][ T29] audit: type=1326 audit(1721397015.714:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca5575b59 code=0x7ffc0000 [ 161.141810][ T29] audit: type=1326 audit(1721397015.714:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fcca5575b59 code=0x7ffc0000 [ 161.229619][ T29] audit: type=1326 audit(1721397015.714:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6325 comm="syz.1.256" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca5575b59 code=0x7ffc0000 [ 162.254183][ T5841] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.550687][ T5841] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.636673][ T5094] Bluetooth: hci6: command tx timeout [ 162.846690][ T5138] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 162.919450][ T5841] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.072258][ T5138] usb 1-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98 [ 163.116468][ T47] usb 4-1: new high-speed USB device number 8 using dummy_hcd [ 163.141146][ T5138] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.173470][ T5138] usb 1-1: config 0 descriptor?? [ 163.190726][ T5138] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected [ 163.202581][ T5138] ftdi_sio ttyUSB0: unknown device type: 0xc698 [ 163.305728][ T5841] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 163.308570][ T47] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 163.342321][ T47] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 163.355122][ T47] usb 4-1: New USB device found, idVendor=046d, idProduct=c086, bcdDevice= 0.00 [ 163.370269][ T47] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 163.392282][ T47] usb 4-1: config 0 descriptor?? [ 163.648063][ T928] usb 1-1: USB disconnect, device number 7 [ 163.912205][ T928] ftdi_sio 1-1:0.0: device disconnected [ 163.953244][ T6367] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 163.970760][ T6367] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 164.207589][ T6321] chnl_net:caif_netlink_parms(): no params data found [ 164.754495][ T5094] Bluetooth: hci6: command tx timeout [ 166.876867][ T5094] Bluetooth: hci6: command tx timeout [ 167.726629][ T5841] bridge_slave_1: left allmulticast mode [ 167.732415][ T5841] bridge_slave_1: left promiscuous mode [ 167.762338][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state [ 167.846020][ T6376] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 167.856825][ T5841] bridge_slave_0: left allmulticast mode [ 167.862593][ T5841] bridge_slave_0: left promiscuous mode [ 167.879628][ T55] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 167.890556][ T55] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 167.894270][ T6378] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 167.915096][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state [ 167.924306][ T55] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 167.925523][ T6376] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 167.950625][ T55] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 167.961607][ T55] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 167.977010][ T55] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 168.041824][ T6378] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 168.199051][ T47] usbhid 4-1:0.0: can't add hid device: -71 [ 168.219352][ T47] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 168.957448][ T55] Bluetooth: hci6: command tx timeout [ 169.362606][ T47] usb 4-1: USB disconnect, device number 8 [ 170.078403][ T55] Bluetooth: hci3: command tx timeout [ 171.340348][ T6388] 9pnet_fd: Insufficient options for proto=fd [ 171.578231][ T29] kauditd_printk_skb: 5 callbacks suppressed [ 171.578248][ T29] audit: type=1326 audit(1721397026.544:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6390 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc56cf75b59 code=0x7fc00000 [ 171.720949][ T29] audit: type=1326 audit(1721397026.674:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6393 comm="syz.0.272" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5ee2775b59 code=0x0 [ 171.823395][ T5841] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 171.835869][ T6395] netlink: 20 bytes leftover after parsing attributes in process `syz.0.272'. [ 171.846020][ T5841] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 171.863589][ T5841] bond0 (unregistering): Released all slaves [ 171.997071][ T6395] netlink: 68 bytes leftover after parsing attributes in process `syz.0.272'. [ 172.075952][ T6321] bridge0: port 1(bridge_slave_0) entered blocking state [ 172.092123][ T6402] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 172.097236][ T6321] bridge0: port 1(bridge_slave_0) entered disabled state [ 172.112978][ T6402] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 172.119172][ T6321] bridge_slave_0: entered allmulticast mode [ 172.136168][ T6321] bridge_slave_0: entered promiscuous mode [ 172.156655][ T55] Bluetooth: hci3: command tx timeout [ 172.193532][ T6321] bridge0: port 2(bridge_slave_1) entered blocking state [ 172.212642][ T6321] bridge0: port 2(bridge_slave_1) entered disabled state [ 172.229804][ T6321] bridge_slave_1: entered allmulticast mode [ 172.247261][ T6321] bridge_slave_1: entered promiscuous mode [ 172.341170][ T29] audit: type=1326 audit(1721397027.294:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6390 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fc56cf75b59 code=0x7fc00000 [ 172.369035][ T29] audit: type=1326 audit(1721397027.294:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6390 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc56cf75b59 code=0x7fc00000 [ 172.422229][ T29] audit: type=1326 audit(1721397027.294:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6390 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc56cf75b59 code=0x7fc00000 [ 172.462465][ T6321] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 172.499811][ T6321] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 172.509570][ T29] audit: type=1326 audit(1721397027.294:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6390 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc56cf75b59 code=0x7fc00000 [ 172.551037][ T29] audit: type=1326 audit(1721397027.294:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6390 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc56cf75b59 code=0x7fc00000 [ 172.579059][ T29] audit: type=1326 audit(1721397027.294:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6390 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc56cf75b59 code=0x7fc00000 [ 172.606676][ T29] audit: type=1326 audit(1721397027.294:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6390 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc56cf75b59 code=0x7fc00000 [ 172.633859][ T5841] hsr_slave_0: left promiscuous mode [ 172.649761][ T29] audit: type=1326 audit(1721397027.304:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6390 comm="syz.3.271" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc56cf75b59 code=0x7fc00000 [ 172.706974][ T5841] hsr_slave_1: left promiscuous mode [ 172.755667][ T5841] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 172.781652][ T5841] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 172.840180][ T5841] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 172.878654][ T5841] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 172.896753][ T6423] netlink: 16 bytes leftover after parsing attributes in process `syz.1.277'. [ 172.965980][ T5841] veth1_macvtap: left promiscuous mode [ 173.174646][ T5841] veth0_macvtap: left promiscuous mode [ 173.292307][ T5841] veth1_vlan: left promiscuous mode [ 173.401753][ T5841] veth0_vlan: left promiscuous mode [ 174.243418][ T55] Bluetooth: hci3: command tx timeout [ 176.317909][ T55] Bluetooth: hci3: command tx timeout [ 177.047566][ T5138] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 178.361572][ T5841] team0 (unregistering): Port device team_slave_1 removed [ 178.421743][ T5841] team0 (unregistering): Port device team_slave_0 removed [ 179.059124][ T6321] team0: Port device team_slave_0 added [ 179.606651][ T6321] team0: Port device team_slave_1 added [ 180.166709][ T47] usb 1-1: new high-speed USB device number 9 using dummy_hcd [ 180.721678][ T6321] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 180.757189][ T47] usb 1-1: Using ep0 maxpacket: 16 [ 180.859251][ T6321] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 180.931960][ T47] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024 [ 180.937855][ T6321] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 180.969669][ T47] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00 [ 180.982189][ T47] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 181.021603][ T47] usb 1-1: config 0 descriptor?? [ 181.088461][ T29] kauditd_printk_skb: 2 callbacks suppressed [ 181.088478][ T29] audit: type=1326 audit(1721397036.044:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6455 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca5575b59 code=0x7fc00000 [ 181.215139][ T6321] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 181.225377][ T6321] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 181.282508][ T6321] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 181.328789][ T6371] chnl_net:caif_netlink_parms(): no params data found [ 181.473176][ T6321] hsr_slave_0: entered promiscuous mode [ 181.480675][ T6321] hsr_slave_1: entered promiscuous mode [ 181.490240][ T6321] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 181.498554][ T6321] Cannot create hsr debugfs directory [ 181.603707][ T6475] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 181.647611][ T6475] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 181.661181][ T47] hid (null): invalid report_size 812540268 [ 181.673010][ T47] hid (null): unknown global tag 0x83 [ 181.687234][ T47] hid (null): unknown global tag 0xc [ 181.707404][ T47] hid-generic 0003:0158:0100.0004: unknown main item tag 0x1 [ 181.714968][ T47] hid-generic 0003:0158:0100.0004: unexpected long global item [ 181.724043][ T47] hid-generic 0003:0158:0100.0004: probe with driver hid-generic failed with error -22 [ 181.756979][ T29] audit: type=1326 audit(1721397036.714:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6455 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fcca5575b59 code=0x7fc00000 [ 181.902930][ T47] usb 1-1: USB disconnect, device number 9 [ 181.988530][ T6371] bridge0: port 1(bridge_slave_0) entered blocking state [ 181.996134][ T6371] bridge0: port 1(bridge_slave_0) entered disabled state [ 182.004503][ T6371] bridge_slave_0: entered allmulticast mode [ 182.019270][ T6371] bridge_slave_0: entered promiscuous mode [ 182.040680][ T6371] bridge0: port 2(bridge_slave_1) entered blocking state [ 182.056737][ T6371] bridge0: port 2(bridge_slave_1) entered disabled state [ 182.065776][ T6371] bridge_slave_1: entered allmulticast mode [ 182.097350][ T6371] bridge_slave_1: entered promiscuous mode [ 182.389245][ T5841] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 182.441339][ T6371] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 182.533984][ T5841] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 182.564122][ T47] usb 4-1: new high-speed USB device number 9 using dummy_hcd [ 182.715047][ T6371] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 183.528922][ T5841] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.749817][ T5841] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 183.912590][ T47] usb 4-1: Using ep0 maxpacket: 8 [ 184.635589][ T47] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config [ 184.646829][ T47] usb 4-1: config 0 has no interfaces? [ 184.654632][ T47] usb 4-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00 [ 184.664914][ T47] usb 4-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35 [ 184.673444][ T47] usb 4-1: Product: syz [ 184.680548][ T47] usb 4-1: SerialNumber: syz [ 184.687928][ T47] usb 4-1: config 0 descriptor?? [ 184.794499][ T6371] team0: Port device team_slave_0 added [ 184.842360][ T6371] team0: Port device team_slave_1 added [ 185.825556][ T5138] usb 4-1: USB disconnect, device number 9 [ 185.965705][ T29] audit: type=1326 audit(1721397040.914:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6519 comm="syz.0.293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ee2775b59 code=0x7fc00000 [ 186.070450][ T6371] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 186.098277][ T6371] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.154618][ T6371] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 186.277005][ T6371] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 186.301485][ T6371] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 186.331667][ T6371] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 186.347901][ T5841] bridge_slave_1: left allmulticast mode [ 186.353664][ T5841] bridge_slave_1: left promiscuous mode [ 186.373171][ T5841] bridge0: port 2(bridge_slave_1) entered disabled state [ 186.402425][ T5841] bridge_slave_0: left allmulticast mode [ 186.408645][ T5841] bridge_slave_0: left promiscuous mode [ 186.415796][ T5841] bridge0: port 1(bridge_slave_0) entered disabled state [ 186.637497][ T5094] Bluetooth: hci2: command 0x0406 tx timeout [ 186.660983][ T6532] process 'syz.3.296' launched './file1' with NULL argv: empty string added [ 186.722156][ T29] audit: type=1326 audit(1721397041.674:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6519 comm="syz.0.293" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f5ee2775b59 code=0x7fc00000 [ 187.981300][ T5841] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 188.008571][ T5841] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 188.021646][ T5841] bond0 (unregistering): Released all slaves [ 192.623251][ T6371] hsr_slave_0: entered promiscuous mode [ 192.649748][ T6371] hsr_slave_1: entered promiscuous mode [ 192.666008][ T6371] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 192.681820][ T6371] Cannot create hsr debugfs directory [ 193.106646][ T9] usb 1-1: new high-speed USB device number 10 using dummy_hcd [ 193.152040][ T5841] hsr_slave_0: left promiscuous mode [ 193.297093][ T5841] hsr_slave_1: left promiscuous mode [ 193.303582][ T5841] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 193.312362][ T5841] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 193.341776][ T5841] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 193.380379][ T5841] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 193.449709][ T9] usb 1-1: Using ep0 maxpacket: 32 [ 193.844825][ T5841] veth1_macvtap: left promiscuous mode [ 193.860981][ T5841] veth0_macvtap: left promiscuous mode [ 193.873227][ T5841] veth1_vlan: left promiscuous mode [ 193.899932][ T5841] veth0_vlan: left promiscuous mode [ 194.333291][ T9] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92 [ 194.347065][ T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 194.363760][ T9] usb 1-1: config 0 descriptor?? [ 194.378037][ T9] gspca_main: nw80x-2.14.0 probing 055f:d001 [ 194.497195][ T6580] netlink: 16 bytes leftover after parsing attributes in process `syz.1.306'. [ 194.724292][ T1250] ieee802154 phy0 wpan0: encryption failed: -22 [ 194.733454][ T1250] ieee802154 phy1 wpan1: encryption failed: -22 [ 195.354460][ T9] gspca_nw80x: reg_w err -110 [ 195.359827][ T9] nw80x 1-1:0.0: probe with driver nw80x failed with error -110 [ 195.586109][ T5841] team0 (unregistering): Port device team_slave_1 removed [ 195.628908][ T5841] team0 (unregistering): Port device team_slave_0 removed [ 196.045439][ T6321] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 196.231362][ T6321] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 196.277138][ T6321] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 196.298929][ T928] usb 1-1: USB disconnect, device number 10 [ 196.334175][ T6580] syz.1.306 (6580) used greatest stack depth: 18768 bytes left [ 196.455611][ T6321] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 200.405663][ T6321] 8021q: adding VLAN 0 to HW filter on device bond0 [ 200.552348][ T6321] 8021q: adding VLAN 0 to HW filter on device team0 [ 200.603416][ T4871] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.610666][ T4871] bridge0: port 1(bridge_slave_0) entered forwarding state [ 200.658486][ T4871] bridge0: port 2(bridge_slave_1) entered blocking state [ 200.665665][ T4871] bridge0: port 2(bridge_slave_1) entered forwarding state [ 200.880839][ T6321] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 200.903106][ T6321] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 201.045097][ T6371] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 201.191888][ T6371] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 201.243659][ T6371] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 201.305932][ T6371] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 201.354345][ T6684] netlink: 'syz.0.328': attribute type 10 has an invalid length. [ 201.373425][ T6684] netlink: 55 bytes leftover after parsing attributes in process `syz.0.328'. [ 201.429190][ T6681] netlink: 4 bytes leftover after parsing attributes in process `syz.1.327'. [ 201.614059][ T6321] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 201.651753][ T6371] 8021q: adding VLAN 0 to HW filter on device bond0 [ 201.724030][ T6371] 8021q: adding VLAN 0 to HW filter on device team0 [ 201.845842][ T47] bridge0: port 1(bridge_slave_0) entered blocking state [ 201.853111][ T47] bridge0: port 1(bridge_slave_0) entered forwarding state [ 201.902732][ T47] bridge0: port 2(bridge_slave_1) entered blocking state [ 201.909968][ T47] bridge0: port 2(bridge_slave_1) entered forwarding state [ 201.990418][ T6321] veth0_vlan: entered promiscuous mode [ 202.118528][ T6321] veth1_vlan: entered promiscuous mode [ 202.353854][ T6321] veth0_macvtap: entered promiscuous mode [ 202.450517][ T6321] veth1_macvtap: entered promiscuous mode [ 202.589877][ T6321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.645203][ T6321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.663458][ T6321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.699975][ T6321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.710087][ T6321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.721633][ T6321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.732318][ T6321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 202.787314][ T6321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.836125][ T6321] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 202.882222][ T6321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 202.897992][ T6725] Bluetooth: MGMT ver 1.23 [ 202.927215][ T6321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 202.944849][ T6321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 202.989283][ T6321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.018383][ T6321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 203.046208][ T6321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.058837][ T6321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 203.070086][ T6321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 203.088880][ T6321] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 203.133883][ T6321] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.145665][ T6321] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.155180][ T6321] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.168170][ T6321] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 203.245537][ T6371] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 203.631946][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 203.688860][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 203.819516][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 203.846648][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 204.103929][ T6754] sp0: Synchronizing with TNC [ 205.291907][ T6760] Zero length message leads to an empty skb [ 205.381244][ T6371] veth0_vlan: entered promiscuous mode [ 205.435923][ T6371] veth1_vlan: entered promiscuous mode [ 205.593900][ T6371] veth0_macvtap: entered promiscuous mode [ 205.631371][ T6371] veth1_macvtap: entered promiscuous mode [ 205.734411][ T6371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 205.795444][ T6371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.807574][ T29] audit: type=1326 audit(1721397060.774:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6770 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca5575b59 code=0x7fc00000 [ 205.845654][ T6371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 205.889279][ T6371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 205.892127][ T29] audit: type=1326 audit(1721397060.804:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6770 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fcca5575b59 code=0x7fc00000 [ 205.932365][ T6371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 205.976281][ T6371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.023041][ T6371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 206.068740][ T6371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.108104][ T6371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 206.141237][ T6371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.189890][ T6371] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 206.284772][ T5094] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1 [ 206.299033][ T5094] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9 [ 206.308330][ T5094] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9 [ 206.324421][ T5094] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4 [ 206.332386][ T5094] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3 [ 206.340011][ T5094] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2 [ 206.482982][ T29] audit: type=1326 audit(1721397061.444:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6770 comm="syz.1.344" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcca5575b59 code=0x7fc00000 [ 206.562639][ T6371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 206.613272][ T6371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.638381][ T6371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 206.666245][ T6371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.753694][ T6371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 206.778803][ T6796] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 206.796935][ T6371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.820070][ T6800] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 206.836731][ T6371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 206.862363][ T6371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.891427][ T6371] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 206.929444][ T6371] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 206.983278][ T6371] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 207.213149][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 207.236658][ T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.306814][ T6371] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.332507][ T6371] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.352847][ T6371] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.390961][ T6371] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 207.543568][ T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.709262][ T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 207.949803][ T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 208.015816][ T6831] netlink: 47 bytes leftover after parsing attributes in process `syz.0.351'. [ 208.432876][ T6847] netdevsim netdevsim0 netdevsim1: Unsupported IPsec algorithm [ 208.482354][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 208.545180][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 208.571673][ T55] Bluetooth: hci5: command tx timeout [ 208.662915][ T12] bridge_slave_1: left allmulticast mode [ 208.669820][ T12] bridge_slave_1: left promiscuous mode [ 208.675904][ T12] bridge0: port 2(bridge_slave_1) entered disabled state [ 208.700057][ T12] bridge_slave_0: left allmulticast mode [ 208.713601][ T12] bridge_slave_0: left promiscuous mode [ 208.729211][ T12] bridge0: port 1(bridge_slave_0) entered disabled state [ 209.025889][ T6871] netlink: 4 bytes leftover after parsing attributes in process `syz.3.358'. [ 209.080366][ T6871] FAULT_INJECTION: forcing a failure. [ 209.080366][ T6871] name failslab, interval 1, probability 0, space 0, times 0 [ 209.093062][ T6871] CPU: 0 PID: 6871 Comm: syz.3.358 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 209.102712][ T6871] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 209.112829][ T6871] Call Trace: [ 209.116160][ T6871] [ 209.119119][ T6871] dump_stack_lvl+0x241/0x360 [ 209.123929][ T6871] ? __pfx_dump_stack_lvl+0x10/0x10 [ 209.129181][ T6871] ? __pfx__printk+0x10/0x10 [ 209.133833][ T6871] should_fail_ex+0x3b0/0x4e0 [ 209.138676][ T6871] ? skb_clone+0x20c/0x390 [ 209.143216][ T6871] should_failslab+0x9/0x20 [ 209.147759][ T6871] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 209.153173][ T6871] skb_clone+0x20c/0x390 [ 209.157457][ T6871] ? dev_queue_xmit_nit+0x220/0xc10 [ 209.162708][ T6871] dev_queue_xmit_nit+0x419/0xc10 [ 209.167780][ T6871] ? dev_queue_xmit_nit+0x2b/0xc10 [ 209.172936][ T6871] ? validate_xmit_skb+0x9f9/0x1120 [ 209.178523][ T6871] dev_hard_start_xmit+0x15f/0x7e0 [ 209.183860][ T6871] ? __pfx_validate_xmit_skb+0x10/0x10 [ 209.189381][ T6871] __dev_queue_xmit+0x1b63/0x3e90 [ 209.194438][ T6871] ? kasan_save_track+0x51/0x80 [ 209.199335][ T6871] ? do_syscall_64+0xf3/0x230 [ 209.204051][ T6871] ? __dev_queue_xmit+0x2da/0x3e90 [ 209.209218][ T6871] ? __pfx___dev_queue_xmit+0x10/0x10 [ 209.214652][ T6871] ? __copy_skb_header+0x437/0x5b0 [ 209.219805][ T6871] ? __asan_memcpy+0x40/0x70 [ 209.224436][ T6871] ? __copy_skb_header+0x437/0x5b0 [ 209.229764][ T6871] ? __skb_clone+0x454/0x6c0 [ 209.234859][ T6871] ? skb_clone+0x240/0x390 [ 209.239421][ T6871] __netlink_deliver_tap+0x54d/0x7c0 [ 209.244763][ T6871] ? netlink_deliver_tap+0x2e/0x1b0 [ 209.250009][ T6871] netlink_deliver_tap+0x19d/0x1b0 [ 209.255177][ T6871] netlink_unicast+0x7be/0x990 [ 209.259992][ T6871] ? __pfx_netlink_unicast+0x10/0x10 [ 209.265314][ T6871] ? __virt_addr_valid+0x183/0x530 [ 209.270999][ T6871] ? __check_object_size+0x49c/0x900 [ 209.276418][ T6871] ? bpf_lsm_netlink_send+0x9/0x10 [ 209.281573][ T6871] netlink_sendmsg+0x8e4/0xcb0 [ 209.286386][ T6871] ? __pfx_netlink_sendmsg+0x10/0x10 [ 209.291890][ T6871] ? __import_iovec+0x536/0x820 [ 209.296865][ T6871] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 209.302177][ T6871] ? security_socket_sendmsg+0x87/0xb0 [ 209.307765][ T6871] ? __pfx_netlink_sendmsg+0x10/0x10 [ 209.313178][ T6871] __sock_sendmsg+0x221/0x270 [ 209.318357][ T6871] ____sys_sendmsg+0x525/0x7d0 [ 209.323259][ T6871] ? __pfx_____sys_sendmsg+0x10/0x10 [ 209.328626][ T6871] __sys_sendmsg+0x2b0/0x3a0 [ 209.333443][ T6871] ? __pfx___sys_sendmsg+0x10/0x10 [ 209.338686][ T6871] ? vfs_write+0x7c4/0xc90 [ 209.343187][ T6871] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 209.349563][ T6871] ? do_syscall_64+0x100/0x230 [ 209.354991][ T6871] ? do_syscall_64+0xb6/0x230 [ 209.359748][ T6871] do_syscall_64+0xf3/0x230 [ 209.364821][ T6871] ? clear_bhb_loop+0x35/0x90 [ 209.369883][ T6871] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 209.375816][ T6871] RIP: 0033:0x7fc56cf75b59 [ 209.380368][ T6871] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 209.400529][ T6871] RSP: 002b:00007fc56dcb6048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 209.409071][ T6871] RAX: ffffffffffffffda RBX: 00007fc56d105f60 RCX: 00007fc56cf75b59 [ 209.417578][ T6871] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000006 [ 209.426945][ T6871] RBP: 00007fc56dcb60a0 R08: 0000000000000000 R09: 0000000000000000 [ 209.435429][ T6871] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 209.444231][ T6871] R13: 000000000000000b R14: 00007fc56d105f60 R15: 00007ffe4ddb32c8 [ 209.452769][ T6871] [ 209.957131][ T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 209.970479][ T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 209.990240][ T12] bond0 (unregistering): Released all slaves [ 210.012605][ T6786] chnl_net:caif_netlink_parms(): no params data found [ 210.224966][ T5841] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 210.251131][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 210.260695][ T5841] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 210.529633][ T6922] program syz.0.365 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 210.587203][ T6786] bridge0: port 1(bridge_slave_0) entered blocking state [ 210.610385][ T6786] bridge0: port 1(bridge_slave_0) entered disabled state [ 210.637322][ T55] Bluetooth: hci5: command tx timeout [ 210.644670][ T6786] bridge_slave_0: entered allmulticast mode [ 210.669083][ T6786] bridge_slave_0: entered promiscuous mode [ 210.771828][ T6786] bridge0: port 2(bridge_slave_1) entered blocking state [ 210.787489][ T6786] bridge0: port 2(bridge_slave_1) entered disabled state [ 210.803644][ T6786] bridge_slave_1: entered allmulticast mode [ 210.821559][ T6786] bridge_slave_1: entered promiscuous mode [ 210.900974][ T6786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 210.932529][ T12] hsr_slave_0: left promiscuous mode [ 210.950107][ T12] hsr_slave_1: left promiscuous mode [ 210.962673][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 210.973777][ T12] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 210.987979][ T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 210.998257][ T12] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 211.052952][ T12] veth1_macvtap: left promiscuous mode [ 211.059663][ T12] veth0_macvtap: left promiscuous mode [ 211.070293][ T12] veth1_vlan: left promiscuous mode [ 211.080993][ T12] veth0_vlan: left promiscuous mode [ 211.326792][ T6934] netdevsim netdevsim3 netdevsim1: Unsupported IPsec algorithm [ 211.473571][ T6938] fuse: Bad value for 'fd' [ 211.922882][ T6961] hub 9-0:1.0: USB hub found [ 211.938855][ T6961] hub 9-0:1.0: 8 ports detected [ 212.329575][ T29] audit: type=1326 audit(1721397067.284:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6965 comm="syz.4.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5235575b59 code=0x7fc00000 [ 212.353035][ T29] audit: type=1326 audit(1721397067.294:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6965 comm="syz.4.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f5235575b59 code=0x7fc00000 [ 212.504956][ T12] team0 (unregistering): Port device team_slave_1 removed [ 212.576947][ T12] team0 (unregistering): Port device team_slave_0 removed [ 212.728883][ T5094] Bluetooth: hci5: command tx timeout [ 213.021179][ T29] audit: type=1326 audit(1721397067.984:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6965 comm="syz.4.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5235575b59 code=0x7fc00000 [ 213.056144][ T29] audit: type=1326 audit(1721397067.984:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6965 comm="syz.4.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f5235575b59 code=0x7fc00000 [ 213.293689][ T6973] netdevsim netdevsim4 netdevsim1: Unsupported IPsec algorithm [ 213.367012][ T6786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 213.601336][ T6786] team0: Port device team_slave_0 added [ 213.633101][ T6786] team0: Port device team_slave_1 added [ 213.693376][ T6979] FAULT_INJECTION: forcing a failure. [ 213.693376][ T6979] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 213.708297][ T6979] CPU: 0 PID: 6979 Comm: syz.4.383 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 213.717982][ T6979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 213.728064][ T6979] Call Trace: [ 213.731367][ T6979] [ 213.734326][ T6979] dump_stack_lvl+0x241/0x360 [ 213.739044][ T6979] ? __pfx_dump_stack_lvl+0x10/0x10 [ 213.744272][ T6979] ? __pfx__printk+0x10/0x10 [ 213.748871][ T6979] ? snprintf+0xda/0x120 [ 213.753115][ T6979] should_fail_ex+0x3b0/0x4e0 [ 213.757810][ T6979] _copy_to_user+0x2f/0xb0 [ 213.762422][ T6979] simple_read_from_buffer+0xca/0x150 [ 213.767816][ T6979] proc_fail_nth_read+0x1e9/0x250 [ 213.772956][ T6979] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 213.778512][ T6979] ? rw_verify_area+0x520/0x6b0 [ 213.783355][ T6979] ? __pfx_proc_fail_nth_read+0x10/0x10 [ 213.788919][ T6979] vfs_read+0x204/0xbc0 [ 213.793092][ T6979] ? __pfx_lock_release+0x10/0x10 [ 213.798129][ T6979] ? do_sock_setsockopt+0x3e2/0x720 [ 213.804453][ T6979] ? __pfx_vfs_read+0x10/0x10 [ 213.809132][ T6979] ? __fget_files+0x29/0x470 [ 213.813984][ T6979] ? __fget_files+0x3f6/0x470 [ 213.818670][ T6979] ksys_read+0x1a0/0x2c0 [ 213.822915][ T6979] ? __pfx_ksys_read+0x10/0x10 [ 213.827671][ T6979] ? do_syscall_64+0x100/0x230 [ 213.832442][ T6979] ? do_syscall_64+0xb6/0x230 [ 213.837122][ T6979] do_syscall_64+0xf3/0x230 [ 213.841622][ T6979] ? clear_bhb_loop+0x35/0x90 [ 213.846291][ T6979] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 213.852183][ T6979] RIP: 0033:0x7f523557463c [ 213.856593][ T6979] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48 [ 213.876455][ T6979] RSP: 002b:00007f5236267040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 213.884870][ T6979] RAX: ffffffffffffffda RBX: 00007f5235705f60 RCX: 00007f523557463c [ 213.892841][ T6979] RDX: 000000000000000f RSI: 00007f52362670b0 RDI: 0000000000000004 [ 213.900805][ T6979] RBP: 00007f52362670a0 R08: 0000000000000000 R09: 0000000000000000 [ 213.908771][ T6979] R10: 0000000020000080 R11: 0000000000000246 R12: 0000000000000001 [ 213.916743][ T6979] R13: 000000000000000b R14: 00007f5235705f60 R15: 00007ffdd2368ce8 [ 213.924851][ T6979] [ 214.042473][ T6786] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 214.082915][ T6786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 214.143932][ T6786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 214.167119][ T6786] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 214.174290][ T6786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 214.211724][ T6786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 214.271280][ T6990] xt_TCPMSS: Only works on TCP SYN packets [ 214.414371][ T6786] hsr_slave_0: entered promiscuous mode [ 214.425231][ T6786] hsr_slave_1: entered promiscuous mode [ 214.446564][ T6786] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 214.462689][ T6786] Cannot create hsr debugfs directory [ 214.529271][ T7002] 9pnet_fd: Insufficient options for proto=fd [ 214.808426][ T5094] Bluetooth: hci5: command 0x0419 tx timeout [ 215.279249][ T7003] ======================================================= [ 215.279249][ T7003] WARNING: The mand mount option has been deprecated and [ 215.279249][ T7003] and is ignored by this kernel. Remove the mand [ 215.279249][ T7003] option from the mount to silence this warning. [ 215.279249][ T7003] ======================================================= [ 215.303155][ T6992] syzkaller0: entered promiscuous mode [ 215.375036][ T6992] syzkaller0: entered allmulticast mode [ 215.423360][ T7010] netdevsim netdevsim0 netdevsim1: Unsupported IPsec algorithm [ 215.629608][ T7017] FAULT_INJECTION: forcing a failure. [ 215.629608][ T7017] name failslab, interval 1, probability 0, space 0, times 0 [ 215.679442][ T7017] CPU: 0 PID: 7017 Comm: syz.3.395 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 215.689126][ T7017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 215.699214][ T7017] Call Trace: [ 215.702638][ T7017] [ 215.705601][ T7017] dump_stack_lvl+0x241/0x360 [ 215.710766][ T7017] ? __pfx_dump_stack_lvl+0x10/0x10 [ 215.716008][ T7017] ? __pfx__printk+0x10/0x10 [ 215.720614][ T7017] ? tipc_msg_build+0x150/0x1070 [ 215.725585][ T7017] ? __sys_accept4+0x11e/0x1c0 [ 215.730385][ T7017] ? do_syscall_64+0xf3/0x230 [ 215.735096][ T7017] ? entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.741198][ T7017] should_fail_ex+0x3b0/0x4e0 [ 215.745882][ T7017] ? __alloc_skb+0x1c3/0x440 [ 215.746568][ T4871] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 215.750461][ T7017] should_failslab+0x9/0x20 [ 215.762658][ T7017] kmem_cache_alloc_node_noprof+0x71/0x320 [ 215.768613][ T7017] __alloc_skb+0x1c3/0x440 [ 215.773417][ T7017] ? __pfx___alloc_skb+0x10/0x10 [ 215.778478][ T7017] __pskb_copy_fclone+0xb7/0x11e0 [ 215.783542][ T7017] tipc_clone_to_loopback+0xf7/0x4a0 [ 215.788851][ T7017] tipc_node_xmit+0xde3/0x1020 [ 215.793644][ T7017] ? tipc_msg_build+0x42a/0x1070 [ 215.798682][ T7017] ? __check_object_size+0x98/0x900 [ 215.803997][ T7017] ? tipc_msg_build+0x4b3/0x1070 [ 215.808955][ T7017] ? __pfx_tipc_node_xmit+0x10/0x10 [ 215.814261][ T7017] ? kasan_save_track+0x51/0x80 [ 215.819142][ T7017] ? kasan_save_track+0x3f/0x80 [ 215.824063][ T7017] ? kasan_save_free_info+0x40/0x50 [ 215.829293][ T7017] ? __kasan_slab_free+0x37/0x60 [ 215.834261][ T7017] __tipc_sendstream+0xcab/0x14e0 [ 215.839325][ T7017] ? __pfx___tipc_sendstream+0x10/0x10 [ 215.844805][ T7017] ? __pfx_woken_wake_function+0x10/0x10 [ 215.850451][ T7017] ? tipc_accept+0xad9/0x12a0 [ 215.855127][ T7017] ? kmem_cache_free+0x145/0x350 [ 215.860082][ T7017] ? iov_iter_kvec+0x4e/0x180 [ 215.864805][ T7017] tipc_accept+0xe49/0x12a0 [ 215.869751][ T7017] ? __pfx_tipc_accept+0x10/0x10 [ 215.874696][ T7017] ? __pfx_woken_wake_function+0x10/0x10 [ 215.880344][ T7017] ? stream_open+0xd/0x60 [ 215.884669][ T7017] ? bpf_lsm_socket_accept+0x9/0x10 [ 215.889957][ T7017] do_accept+0x4bf/0x6c0 [ 215.894304][ T7017] ? __pfx_do_accept+0x10/0x10 [ 215.899122][ T7017] __sys_accept4+0x11e/0x1c0 [ 215.903749][ T7017] ? __pfx___sys_accept4+0x10/0x10 [ 215.908883][ T7017] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 215.915206][ T7017] ? do_syscall_64+0x100/0x230 [ 215.920150][ T7017] __x64_sys_accept4+0x9a/0xb0 [ 215.924922][ T7017] do_syscall_64+0xf3/0x230 [ 215.929437][ T7017] ? clear_bhb_loop+0x35/0x90 [ 215.934402][ T7017] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 215.940319][ T7017] RIP: 0033:0x7fc56cf75b59 [ 215.944875][ T7017] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 215.956623][ T4871] usb 5-1: Using ep0 maxpacket: 8 [ 215.964568][ T7017] RSP: 002b:00007fc56dcb6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000120 [ 215.964599][ T7017] RAX: ffffffffffffffda RBX: 00007fc56d105f60 RCX: 00007fc56cf75b59 [ 215.964613][ T7017] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004 [ 215.964624][ T7017] RBP: 00007fc56dcb60a0 R08: 0000000000000000 R09: 0000000000000000 [ 215.964637][ T7017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 215.964648][ T7017] R13: 000000000000000b R14: 00007fc56d105f60 R15: 00007ffe4ddb32c8 [ 215.964676][ T7017] [ 216.003425][ T4871] usb 5-1: config 0 has no interfaces? [ 216.082020][ T4871] usb 5-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00 [ 216.096359][ T4871] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 216.134057][ T4871] usb 5-1: SerialNumber: syz [ 216.221105][ T4871] usb 5-1: config 0 descriptor?? [ 216.305761][ T7034] FAULT_INJECTION: forcing a failure. [ 216.305761][ T7034] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 216.376048][ T7034] CPU: 1 PID: 7034 Comm: syz.0.397 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 216.385788][ T7034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 216.395866][ T7034] Call Trace: [ 216.399140][ T7034] [ 216.402240][ T7034] dump_stack_lvl+0x241/0x360 [ 216.406926][ T7034] ? __pfx_dump_stack_lvl+0x10/0x10 [ 216.412116][ T7034] ? __pfx__printk+0x10/0x10 [ 216.416693][ T7034] ? __pfx_lock_release+0x10/0x10 [ 216.421907][ T7034] should_fail_ex+0x3b0/0x4e0 [ 216.426708][ T7034] _copy_to_user+0x2f/0xb0 [ 216.431150][ T7034] bpf_verifier_vlog+0x31e/0x860 [ 216.436410][ T7034] __btf_verifier_log+0xd5/0x120 [ 216.441738][ T7034] ? bpf_verifier_vlog+0x32b/0x860 [ 216.446874][ T7034] ? __pfx___btf_verifier_log+0x10/0x10 [ 216.452520][ T7034] ? btf_parse_hdr+0x1e3/0x710 [ 216.457285][ T7034] btf_parse_hdr+0x3dd/0x710 [ 216.461879][ T7034] btf_new_fd+0x391/0xd30 [ 216.466212][ T7034] ? safesetid_security_capable+0xb2/0x1d0 [ 216.472040][ T7034] ? __pfx_btf_new_fd+0x10/0x10 [ 216.477337][ T7034] ? bpf_btf_load+0xcf/0x1a0 [ 216.482024][ T7034] __sys_bpf+0x6ef/0x810 [ 216.486358][ T7034] ? __pfx___sys_bpf+0x10/0x10 [ 216.491152][ T7034] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 216.497246][ T7034] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 216.503583][ T7034] ? do_syscall_64+0x100/0x230 [ 216.508899][ T7034] __x64_sys_bpf+0x7c/0x90 [ 216.513310][ T7034] do_syscall_64+0xf3/0x230 [ 216.517906][ T7034] ? clear_bhb_loop+0x35/0x90 [ 216.522578][ T7034] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 216.528479][ T7034] RIP: 0033:0x7f5ee2775b59 [ 216.532894][ T7034] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 216.552683][ T7034] RSP: 002b:00007f5ee34c7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141 [ 216.561299][ T7034] RAX: ffffffffffffffda RBX: 00007f5ee2905f60 RCX: 00007f5ee2775b59 [ 216.569260][ T7034] RDX: 0000000000000020 RSI: 0000000020000000 RDI: 0000000000000012 [ 216.577246][ T7034] RBP: 00007f5ee34c70a0 R08: 0000000000000000 R09: 0000000000000000 [ 216.585408][ T7034] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 216.593843][ T7034] R13: 000000000000000b R14: 00007f5ee2905f60 R15: 00007ffd96268398 [ 216.601830][ T7034] [ 216.876519][ T55] Bluetooth: hci5: command 0x0419 tx timeout [ 217.042931][ T6992] netlink: 56 bytes leftover after parsing attributes in process `syz.4.389'. [ 217.206577][ T928] usb 4-1: new high-speed USB device number 10 using dummy_hcd [ 217.315901][ T6786] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 217.332828][ T9] usb 5-1: USB disconnect, device number 4 [ 217.409630][ T928] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 217.429010][ T928] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 217.440607][ T928] usb 4-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00 [ 217.451149][ T928] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.500258][ T928] usb 4-1: config 0 descriptor?? [ 217.889684][ T7067] FAULT_INJECTION: forcing a failure. [ 217.889684][ T7067] name failslab, interval 1, probability 0, space 0, times 0 [ 217.908713][ T7067] CPU: 1 PID: 7067 Comm: syz.1.404 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 217.918398][ T7067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 217.928997][ T7067] Call Trace: [ 217.932281][ T7067] [ 217.935209][ T7067] dump_stack_lvl+0x241/0x360 [ 217.939894][ T7067] ? __pfx_dump_stack_lvl+0x10/0x10 [ 217.945088][ T7067] ? __pfx__printk+0x10/0x10 [ 217.949698][ T7067] should_fail_ex+0x3b0/0x4e0 [ 217.954381][ T7067] ? sctp_add_bind_addr+0x89/0x3a0 [ 217.959495][ T7067] should_failslab+0x9/0x20 [ 217.963997][ T7067] kmalloc_trace_noprof+0x6c/0x2c0 [ 217.969116][ T7067] sctp_add_bind_addr+0x89/0x3a0 [ 217.974051][ T7067] sctp_copy_local_addr_list+0x311/0x500 [ 217.979680][ T7067] ? sctp_copy_local_addr_list+0xab/0x500 [ 217.985393][ T7067] ? __pfx_sctp_copy_local_addr_list+0x10/0x10 [ 217.991801][ T7067] ? sctp_v4_is_any+0x35/0x60 [ 217.996480][ T7067] sctp_bind_addr_copy+0xad/0x3b0 [ 218.001502][ T7067] ? sctp_assoc_set_bind_addr_from_ep+0x75/0x190 [ 218.007830][ T7067] sctp_connect_new_asoc+0x2f3/0x6c0 [ 218.013123][ T7067] ? __pfx_sctp_connect_new_asoc+0x10/0x10 [ 218.018928][ T7067] ? sctp_sendmsg+0xbb9/0x3520 [ 218.023705][ T7067] ? bpf_lsm_sctp_bind_connect+0x9/0x10 [ 218.029270][ T7067] ? security_sctp_bind_connect+0x90/0xb0 [ 218.034992][ T7067] sctp_sendmsg+0x219a/0x3520 [ 218.039777][ T7067] ? __pfx_sctp_sendmsg+0x10/0x10 [ 218.044828][ T7067] ? __pfx_lock_release+0x10/0x10 [ 218.049882][ T7067] ? inet_sendmsg+0x330/0x390 [ 218.054570][ T7067] __sock_sendmsg+0x1a6/0x270 [ 218.059258][ T7067] ____sys_sendmsg+0x525/0x7d0 [ 218.064119][ T7067] ? __pfx_____sys_sendmsg+0x10/0x10 [ 218.069426][ T7067] __sys_sendmmsg+0x3b2/0x740 [ 218.074118][ T7067] ? __pfx___sys_sendmmsg+0x10/0x10 [ 218.079348][ T7067] ? __pfx_rcu_read_lock_any_held+0x10/0x10 [ 218.085239][ T7067] ? ksys_write+0x23e/0x2c0 [ 218.089737][ T7067] ? __pfx_lock_release+0x10/0x10 [ 218.094765][ T7067] ? vfs_write+0x7c4/0xc90 [ 218.099180][ T7067] ? __mutex_unlock_slowpath+0x21d/0x750 [ 218.104810][ T7067] ? __pfx_vfs_write+0x10/0x10 [ 218.109681][ T7067] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 218.115665][ T7067] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 218.122011][ T7067] ? do_syscall_64+0x100/0x230 [ 218.126784][ T7067] __x64_sys_sendmmsg+0xa0/0xb0 [ 218.131640][ T7067] do_syscall_64+0xf3/0x230 [ 218.136149][ T7067] ? clear_bhb_loop+0x35/0x90 [ 218.140832][ T7067] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 218.146814][ T7067] RIP: 0033:0x7fcca5575b59 [ 218.151224][ T7067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 218.171006][ T7067] RSP: 002b:00007fcca63f2048 EFLAGS: 00000246 ORIG_RAX: 0000000000000133 [ 218.179424][ T7067] RAX: ffffffffffffffda RBX: 00007fcca5706038 RCX: 00007fcca5575b59 [ 218.187390][ T7067] RDX: 0000000000000002 RSI: 0000000020000e40 RDI: 0000000000000003 [ 218.195367][ T7067] RBP: 00007fcca63f20a0 R08: 0000000000000000 R09: 0000000000000000 [ 218.203334][ T7067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 218.211296][ T7067] R13: 000000000000006e R14: 00007fcca5706038 R15: 00007ffced193c28 [ 218.219365][ T7067] [ 218.422384][ T7075] netdevsim netdevsim1 netdevsim1: Unsupported IPsec algorithm [ 220.411636][ T7103] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 220.422668][ T7103] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 220.474412][ T928] usbhid 4-1:0.0: can't add hid device: -71 [ 220.501017][ T928] usbhid 4-1:0.0: probe with driver usbhid failed with error -71 [ 220.532725][ T928] usb 4-1: USB disconnect, device number 10 [ 220.565869][ T7108] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 220.622855][ T7109] netdevsim netdevsim0 netdevsim1: Unsupported IPsec algorithm [ 220.626806][ T7108] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 220.723480][ T7111] FAULT_INJECTION: forcing a failure. [ 220.723480][ T7111] name failslab, interval 1, probability 0, space 0, times 0 [ 220.736255][ T7111] CPU: 0 PID: 7111 Comm: syz.3.417 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 220.745908][ T7111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 220.755957][ T7111] Call Trace: [ 220.759229][ T7111] [ 220.762154][ T7111] dump_stack_lvl+0x241/0x360 [ 220.766836][ T7111] ? __pfx_dump_stack_lvl+0x10/0x10 [ 220.772030][ T7111] ? __pfx__printk+0x10/0x10 [ 220.776707][ T7111] ? __pfx___might_resched+0x10/0x10 [ 220.781989][ T7111] should_fail_ex+0x3b0/0x4e0 [ 220.786661][ T7111] ? tomoyo_realpath_from_path+0xcf/0x5e0 [ 220.792385][ T7111] should_failslab+0x9/0x20 [ 220.796890][ T7111] __kmalloc_noprof+0xd8/0x400 [ 220.801736][ T7111] ? kfree+0x4e/0x360 [ 220.805720][ T7111] tomoyo_realpath_from_path+0xcf/0x5e0 [ 220.811268][ T7111] tomoyo_path_number_perm+0x23a/0x880 [ 220.816892][ T7111] ? tomoyo_path_number_perm+0x208/0x880 [ 220.822546][ T7111] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 220.828682][ T7111] ? __pfx_hook_file_ioctl+0x10/0x10 [ 220.833977][ T7111] ? __se_sys_ioctl+0x30/0x170 [ 220.838775][ T7111] ? hook_file_ioctl+0x32/0x2d0 [ 220.843676][ T7111] security_file_ioctl+0x75/0xb0 [ 220.848645][ T7111] __se_sys_ioctl+0x47/0x170 [ 220.853243][ T7111] do_syscall_64+0xf3/0x230 [ 220.857755][ T7111] ? clear_bhb_loop+0x35/0x90 [ 220.862429][ T7111] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 220.868317][ T7111] RIP: 0033:0x7fc56cf75b59 [ 220.872727][ T7111] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 220.892332][ T7111] RSP: 002b:00007fc56dc74048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 220.900751][ T7111] RAX: ffffffffffffffda RBX: 00007fc56d106110 RCX: 00007fc56cf75b59 [ 220.908728][ T7111] RDX: 0000000020000140 RSI: 0000000000003ba0 RDI: 0000000000000005 [ 220.916695][ T7111] RBP: 00007fc56dc740a0 R08: 0000000000000000 R09: 0000000000000000 [ 220.924669][ T7111] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 220.932643][ T7111] R13: 000000000000006e R14: 00007fc56d106110 R15: 00007ffe4ddb32c8 [ 220.940629][ T7111] [ 220.945385][ T7111] ERROR: Out of memory at tomoyo_realpath_from_path. [ 222.528606][ T7119] Falling back ldisc for ptm0. [ 222.761343][ T7123] hugetlbfs: Unknown parameter 'hugetlbfs' [ 222.894280][ T7123] netlink: 'syz.3.419': attribute type 11 has an invalid length. [ 223.838411][ T6786] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 223.848461][ T6786] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 223.896490][ T6786] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 224.161783][ T7145] TCP: TCP_TX_DELAY enabled [ 224.250180][ T6786] 8021q: adding VLAN 0 to HW filter on device bond0 [ 224.309748][ T6786] 8021q: adding VLAN 0 to HW filter on device team0 [ 224.400823][ T25] bridge0: port 1(bridge_slave_0) entered blocking state [ 224.408147][ T25] bridge0: port 1(bridge_slave_0) entered forwarding state [ 224.494739][ T25] bridge0: port 2(bridge_slave_1) entered blocking state [ 224.501965][ T25] bridge0: port 2(bridge_slave_1) entered forwarding state [ 224.790306][ T5094] Bluetooth: hci3: link tx timeout [ 224.795938][ T5094] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa [ 224.952107][ T7187] NILFS (loop4): device size too small [ 224.973796][ T7181] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 225.010420][ T7181] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 225.068911][ T7181] netlink: 56 bytes leftover after parsing attributes in process `syz.1.435'. [ 225.243994][ T7196] FAULT_INJECTION: forcing a failure. [ 225.243994][ T7196] name failslab, interval 1, probability 0, space 0, times 0 [ 225.277821][ T7196] CPU: 0 PID: 7196 Comm: syz.3.438 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 225.287513][ T7196] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 225.297589][ T7196] Call Trace: [ 225.300897][ T7196] [ 225.303644][ T6786] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 225.303838][ T7196] dump_stack_lvl+0x241/0x360 [ 225.315305][ T7196] ? __pfx_dump_stack_lvl+0x10/0x10 [ 225.320539][ T7196] ? __pfx__printk+0x10/0x10 [ 225.325173][ T7196] should_fail_ex+0x3b0/0x4e0 [ 225.329942][ T7196] ? alloc_empty_file+0x9e/0x1d0 [ 225.334907][ T7196] should_failslab+0x9/0x20 [ 225.339449][ T7196] kmem_cache_alloc_noprof+0x6c/0x2a0 [ 225.344871][ T7196] alloc_empty_file+0x9e/0x1d0 [ 225.349669][ T7196] path_openat+0x105/0x3470 [ 225.354294][ T7196] ? handle_mm_fault+0x1688/0x19d0 [ 225.359492][ T7196] ? __lock_acquire+0x1346/0x1fd0 [ 225.364561][ T7196] ? __pfx_path_openat+0x10/0x10 [ 225.369560][ T7196] do_filp_open+0x235/0x490 [ 225.374099][ T7196] ? __pfx_do_filp_open+0x10/0x10 [ 225.379266][ T7196] ? _raw_spin_unlock+0x28/0x50 [ 225.384159][ T7196] ? alloc_fd+0x5a1/0x640 [ 225.388533][ T7196] do_sys_openat2+0x13e/0x1d0 [ 225.393248][ T7196] ? __pfx___mutex_unlock_slowpath+0x10/0x10 [ 225.399261][ T7196] ? __pfx_do_sys_openat2+0x10/0x10 [ 225.404495][ T7196] ? __fget_files+0x3f6/0x470 [ 225.409218][ T7196] __x64_sys_openat+0x247/0x2a0 [ 225.410436][ T6786] veth0_vlan: entered promiscuous mode [ 225.414085][ T7196] ? __pfx___x64_sys_openat+0x10/0x10 [ 225.424935][ T7196] ? do_syscall_64+0x100/0x230 [ 225.429736][ T7196] ? do_syscall_64+0xb6/0x230 [ 225.433553][ T6786] veth1_vlan: entered promiscuous mode [ 225.434429][ T7196] do_syscall_64+0xf3/0x230 [ 225.434460][ T7196] ? clear_bhb_loop+0x35/0x90 [ 225.449096][ T7196] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 225.455040][ T7196] RIP: 0033:0x7fc56cf75b59 [ 225.459485][ T7196] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 225.479119][ T7196] RSP: 002b:00007fc56dcb6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101 [ 225.485530][ T6786] veth0_macvtap: entered promiscuous mode [ 225.487714][ T7196] RAX: ffffffffffffffda RBX: 00007fc56d105f60 RCX: 00007fc56cf75b59 [ 225.487734][ T7196] RDX: 0000000000040241 RSI: 0000000020000000 RDI: ffffffffffffff9c [ 225.487747][ T7196] RBP: 00007fc56dcb60a0 R08: 0000000000000000 R09: 0000000000000000 [ 225.487758][ T7196] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 225.487769][ T7196] R13: 000000000000000b R14: 00007fc56d105f60 R15: 00007ffe4ddb32c8 [ 225.487798][ T7196] [ 225.502631][ T6786] veth1_macvtap: entered promiscuous mode [ 225.792330][ T6786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.832999][ T6786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.875622][ T6786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.906785][ T6786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.936566][ T6786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 225.954574][ T6786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 225.978484][ T6786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 226.007247][ T6786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.043514][ T6786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 226.072198][ T6786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.122150][ T6786] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 226.168766][ T6786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.187376][ T6786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.207643][ T6786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.239055][ T6786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.276472][ T6786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.300018][ T6786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.310759][ T6786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.338912][ T6786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.376246][ T6786] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 226.387440][ T7239] netlink: 4 bytes leftover after parsing attributes in process `syz.3.448'. [ 226.396330][ T6786] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 226.419087][ T6786] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 226.489712][ T6786] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.522790][ T6786] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.546878][ T6786] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 226.585080][ T6786] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 227.108068][ T55] Bluetooth: hci3: command 0x0406 tx timeout [ 227.622877][ T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.663345][ T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 227.827343][ T2401] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 227.843248][ T2401] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 228.004227][ T7274] syz.3.457 uses obsolete (PF_INET,SOCK_PACKET) [ 228.694572][ T7287] syzkaller0: entered promiscuous mode [ 228.731465][ T7287] syzkaller0: entered allmulticast mode [ 229.220155][ T25] usb 4-1: new high-speed USB device number 11 using dummy_hcd [ 229.422003][ T25] usb 4-1: Using ep0 maxpacket: 8 [ 229.472901][ T25] usb 4-1: config 0 has no interfaces? [ 229.482445][ T25] usb 4-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00 [ 229.514653][ T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 229.552462][ T25] usb 4-1: SerialNumber: syz [ 229.583814][ T25] usb 4-1: config 0 descriptor?? [ 229.633413][ T7311] netlink: 8 bytes leftover after parsing attributes in process `syz.2.466'. [ 230.151653][ T7287] netlink: 56 bytes leftover after parsing attributes in process `syz.3.459'. [ 230.386930][ T5138] usb 4-1: USB disconnect, device number 11 [ 230.467691][ T7335] FAULT_INJECTION: forcing a failure. [ 230.467691][ T7335] name failslab, interval 1, probability 0, space 0, times 0 [ 230.526519][ T7335] CPU: 1 PID: 7335 Comm: syz.0.473 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 230.536381][ T7335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 230.546477][ T7335] Call Trace: [ 230.549771][ T7335] [ 230.552714][ T7335] dump_stack_lvl+0x241/0x360 [ 230.557416][ T7335] ? __pfx_dump_stack_lvl+0x10/0x10 [ 230.563066][ T7335] ? __pfx__printk+0x10/0x10 [ 230.567678][ T7335] ? __pfx___might_resched+0x10/0x10 [ 230.573003][ T7335] should_fail_ex+0x3b0/0x4e0 [ 230.577726][ T7335] ? nfs_alloc_fhandle+0x4a/0xa0 [ 230.582691][ T7335] should_failslab+0x9/0x20 [ 230.587223][ T7335] kmalloc_trace_noprof+0x6c/0x2c0 [ 230.592380][ T7335] nfs_alloc_fhandle+0x4a/0xa0 [ 230.597174][ T7335] nfs_init_fs_context+0x69/0xf60 [ 230.602242][ T7335] alloc_fs_context+0x68a/0x800 [ 230.607127][ T7335] __se_sys_fsopen+0xa3/0x2c0 [ 230.611842][ T7335] do_syscall_64+0xf3/0x230 [ 230.616455][ T7335] ? clear_bhb_loop+0x35/0x90 [ 230.621205][ T7335] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 230.627157][ T7335] RIP: 0033:0x7f5ee2775b59 [ 230.631607][ T7335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 230.651507][ T7335] RSP: 002b:00007f5ee34c7048 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae [ 230.659946][ T7335] RAX: ffffffffffffffda RBX: 00007f5ee2905f60 RCX: 00007f5ee2775b59 [ 230.668632][ T7335] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000100 [ 230.676709][ T7335] RBP: 00007f5ee34c70a0 R08: 0000000000000000 R09: 0000000000000000 [ 230.684701][ T7335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001 [ 230.692674][ T7335] R13: 000000000000000b R14: 00007f5ee2905f60 R15: 00007ffd96268398 [ 230.700742][ T7335] [ 231.977081][ T7349] netlink: 4 bytes leftover after parsing attributes in process `syz.2.477'. [ 232.010534][ T7349] netlink: 8 bytes leftover after parsing attributes in process `syz.2.477'. [ 232.087097][ T7354] netlink: 'syz.3.479': attribute type 10 has an invalid length. [ 232.122596][ T7354] netlink: 181292 bytes leftover after parsing attributes in process `syz.3.479'. [ 232.160016][ T7354] openvswitch: netlink: Message has 4 unknown bytes. [ 232.597661][ T4871] usb 4-1: new high-speed USB device number 12 using dummy_hcd [ 232.816609][ T4871] usb 4-1: Using ep0 maxpacket: 16 [ 232.839449][ T4871] usb 4-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06 [ 232.870463][ T4871] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 232.919660][ T4871] usb 4-1: Product: syz [ 232.950555][ T4871] usb 4-1: Manufacturer: syz [ 232.957880][ T4871] usb 4-1: SerialNumber: syz [ 232.990248][ T4871] r8152-cfgselector 4-1: Unknown version 0x0000 [ 232.996983][ T4871] r8152-cfgselector 4-1: config 0 descriptor?? [ 233.243299][ T7367] netlink: 'syz.3.484': attribute type 1 has an invalid length. [ 233.268875][ T4871] r8152-cfgselector 4-1: Unknown version 0x0000 [ 233.281246][ T4871] r8152-cfgselector 4-1: bad CDC descriptors [ 233.474067][ T9] r8152-cfgselector 4-1: USB disconnect, device number 12 [ 234.864068][ T7396] syz.0.489 uses old SIOCAX25GETINFO [ 235.122413][ T7405] netlink: 24 bytes leftover after parsing attributes in process `syz.2.493'. [ 235.176043][ T7405] netlink: 28 bytes leftover after parsing attributes in process `syz.2.493'. [ 235.366241][ T7411] netlink: 'syz.4.494': attribute type 10 has an invalid length. [ 235.391323][ T7411] netlink: 181292 bytes leftover after parsing attributes in process `syz.4.494'. [ 235.415755][ T7411] openvswitch: netlink: Message has 4 unknown bytes. [ 235.416113][ T7414] FAULT_INJECTION: forcing a failure. [ 235.416113][ T7414] name fail_page_alloc, interval 1, probability 0, space 0, times 0 [ 235.453582][ T29] audit: type=1326 audit(1721397090.374:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7415 comm="syz.1.497" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcca5575b59 code=0x0 [ 235.500262][ T7414] CPU: 0 PID: 7414 Comm: syz.3.495 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 235.510120][ T7414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 235.520472][ T7414] Call Trace: [ 235.523775][ T7414] [ 235.526749][ T7414] dump_stack_lvl+0x241/0x360 [ 235.531463][ T7414] ? __pfx_dump_stack_lvl+0x10/0x10 [ 235.536705][ T7414] ? __pfx__printk+0x10/0x10 [ 235.541351][ T7414] should_fail_ex+0x3b0/0x4e0 [ 235.546065][ T7414] prepare_alloc_pages+0x1da/0x5d0 [ 235.551224][ T7414] __alloc_pages_noprof+0x166/0x6c0 [ 235.556448][ T7414] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 235.562195][ T7414] ? __pfx___might_resched+0x10/0x10 [ 235.567494][ T7414] __folio_alloc_noprof+0x18/0x210 [ 235.572710][ T7414] migrate_pages_batch+0x7e3/0x3960 [ 235.577950][ T7414] ? __pfx_validate_chain+0x10/0x10 [ 235.583249][ T7414] ? __pfx_alloc_migration_target+0x10/0x10 [ 235.589153][ T7414] ? __pfx_migrate_pages_batch+0x10/0x10 [ 235.594846][ T7414] ? follow_page_pte+0xeb2/0x1ee0 [ 235.599872][ T7414] migrate_pages+0x1fb0/0x3550 [ 235.604691][ T7414] ? mark_lock+0x9a/0x350 [ 235.609044][ T7414] ? __pfx_alloc_migration_target+0x10/0x10 [ 235.614963][ T7414] ? __pfx_migrate_pages+0x10/0x10 [ 235.620142][ T7414] move_pages_and_store_status+0x181/0x300 [ 235.625966][ T7414] ? __pfx_move_pages_and_store_status+0x10/0x10 [ 235.632311][ T7414] ? _raw_spin_unlock_irq+0x2e/0x50 [ 235.637561][ T7414] ? __might_fault+0xaa/0x120 [ 235.642250][ T7414] ? __might_fault+0xc6/0x120 [ 235.646937][ T7414] __se_sys_move_pages+0x1d17/0x1e60 [ 235.652344][ T7414] ? __pfx___se_sys_move_pages+0x10/0x10 [ 235.658010][ T7414] ? __fget_files+0x3f6/0x470 [ 235.662723][ T7414] ? lockdep_hardirqs_on_prepare+0x43d/0x780 [ 235.668805][ T7414] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 235.675131][ T7414] ? do_syscall_64+0x100/0x230 [ 235.679921][ T7414] ? __x64_sys_move_pages+0x21/0xf0 [ 235.685343][ T7414] do_syscall_64+0xf3/0x230 [ 235.689859][ T7414] ? clear_bhb_loop+0x35/0x90 [ 235.694631][ T7414] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 235.700527][ T7414] RIP: 0033:0x7fc56cf75b59 [ 235.705038][ T7414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 235.724645][ T7414] RSP: 002b:00007fc56dcb6048 EFLAGS: 00000246 ORIG_RAX: 0000000000000117 [ 235.733150][ T7414] RAX: ffffffffffffffda RBX: 00007fc56d105f60 RCX: 00007fc56cf75b59 [ 235.741119][ T7414] RDX: 0000000020000140 RSI: 0000000000000010 RDI: 0000000000000000 [ 235.749101][ T7414] RBP: 00007fc56dcb60a0 R08: 0000000000000000 R09: 0000000000000000 [ 235.757081][ T7414] R10: 0000000020000040 R11: 0000000000000246 R12: 0000000000000001 [ 235.765046][ T7414] R13: 000000000000000b R14: 00007fc56d105f60 R15: 00007ffe4ddb32c8 [ 235.773035][ T7414] [ 239.608935][ T7440] msdos: Unknown parameter 'b±Fs µÚì' [ 242.689234][ T7458] FAULT_INJECTION: forcing a failure. [ 242.689234][ T7458] name failslab, interval 1, probability 0, space 0, times 0 [ 242.759957][ T7458] CPU: 1 PID: 7458 Comm: syz.0.509 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 242.769727][ T7458] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 242.779800][ T7458] Call Trace: [ 242.783086][ T7458] [ 242.786024][ T7458] dump_stack_lvl+0x241/0x360 [ 242.790737][ T7458] ? __pfx_dump_stack_lvl+0x10/0x10 [ 242.795956][ T7458] ? __pfx__printk+0x10/0x10 [ 242.800577][ T7458] should_fail_ex+0x3b0/0x4e0 [ 242.805271][ T7458] ? __alloc_skb+0x1c3/0x440 [ 242.809881][ T7458] should_failslab+0x9/0x20 [ 242.814407][ T7458] kmem_cache_alloc_node_noprof+0x71/0x320 [ 242.820248][ T7458] __alloc_skb+0x1c3/0x440 [ 242.824701][ T7458] ? __pfx___alloc_skb+0x10/0x10 [ 242.829761][ T7458] ? netlink_ack_tlv_len+0x6e/0x200 [ 242.835063][ T7458] netlink_ack+0x13f/0xa30 [ 242.839520][ T7458] ? __pfx_lock_acquire+0x10/0x10 [ 242.844574][ T7458] ? __pfx_nl80211_trigger_scan+0x10/0x10 [ 242.850297][ T7458] ? __pfx_nl80211_post_doit+0x10/0x10 [ 242.855801][ T7458] netlink_rcv_skb+0x262/0x430 [ 242.860591][ T7458] ? __pfx_genl_rcv_msg+0x10/0x10 [ 242.865695][ T7458] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 242.870997][ T7458] ? __netlink_deliver_tap+0x77e/0x7c0 [ 242.876474][ T7458] genl_rcv+0x28/0x40 [ 242.880541][ T7458] netlink_unicast+0x7f0/0x990 [ 242.885340][ T7458] ? __pfx_netlink_unicast+0x10/0x10 [ 242.890643][ T7458] ? __virt_addr_valid+0x183/0x530 [ 242.895770][ T7458] ? __check_object_size+0x49c/0x900 [ 242.901149][ T7458] ? bpf_lsm_netlink_send+0x9/0x10 [ 242.906258][ T7458] netlink_sendmsg+0x8e4/0xcb0 [ 242.911032][ T7458] ? __pfx_netlink_sendmsg+0x10/0x10 [ 242.916330][ T7458] ? __import_iovec+0x536/0x820 [ 242.921193][ T7458] ? bpf_lsm_socket_sendmsg+0x9/0x10 [ 242.926688][ T7458] ? security_socket_sendmsg+0x87/0xb0 [ 242.932151][ T7458] ? __pfx_netlink_sendmsg+0x10/0x10 [ 242.937432][ T7458] __sock_sendmsg+0x221/0x270 [ 242.942195][ T7458] ____sys_sendmsg+0x525/0x7d0 [ 242.946959][ T7458] ? __pfx_____sys_sendmsg+0x10/0x10 [ 242.952251][ T7458] __sys_sendmsg+0x2b0/0x3a0 [ 242.956847][ T7458] ? __pfx___sys_sendmsg+0x10/0x10 [ 242.961955][ T7458] ? vfs_write+0x7c4/0xc90 [ 242.966405][ T7458] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 242.972736][ T7458] ? do_syscall_64+0x100/0x230 [ 242.977499][ T7458] ? do_syscall_64+0xb6/0x230 [ 242.982185][ T7458] do_syscall_64+0xf3/0x230 [ 242.986685][ T7458] ? clear_bhb_loop+0x35/0x90 [ 242.991360][ T7458] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 242.997340][ T7458] RIP: 0033:0x7f5ee2775b59 [ 243.001835][ T7458] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 243.021643][ T7458] RSP: 002b:00007f5ee34c7048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e [ 243.030151][ T7458] RAX: ffffffffffffffda RBX: 00007f5ee2905f60 RCX: 00007f5ee2775b59 [ 243.038126][ T7458] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003 [ 243.046089][ T7458] RBP: 00007f5ee34c70a0 R08: 0000000000000000 R09: 0000000000000000 [ 243.054058][ T7458] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002 [ 243.062022][ T7458] R13: 000000000000000b R14: 00007f5ee2905f60 R15: 00007ffd96268398 [ 243.070007][ T7458] [ 243.145739][ T7460] IPVS: Error joining to the multicast group [ 243.354054][ T29] audit: type=1326 audit(1721397098.304:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7461 comm="syz.3.511" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc56cf75b59 code=0x0 [ 244.767583][ T7490] msdos: Unknown parameter 'b±Fs µÚì' [ 245.017475][ T7497] netlink: 4 bytes leftover after parsing attributes in process `syz.0.519'. [ 245.610572][ T7492] netlink: 8 bytes leftover after parsing attributes in process `syz.2.518'. [ 245.631881][ T7505] netlink: 8 bytes leftover after parsing attributes in process `syz.3.520'. [ 245.649391][ T7505] netlink: 8 bytes leftover after parsing attributes in process `syz.3.520'. [ 246.024394][ T7514] IPVS: Error joining to the multicast group [ 254.558387][ T5094] Bluetooth: hci5: SCO packet for unknown connection handle 717 [ 254.586803][ T29] audit: type=1326 audit(1721397109.544:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7535 comm="syz.2.534" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fec48175b59 code=0x0 [ 255.742544][ T7560] netlink: 24 bytes leftover after parsing attributes in process `syz.0.531'. [ 255.751595][ T7571] binder: BINDER_SET_CONTEXT_MGR already set [ 255.774481][ T7571] binder: 7566:7571 ioctl 4018620d 20000100 returned -16 [ 255.802250][ T7571] binder: BINDER_SET_CONTEXT_MGR already set [ 255.811000][ T7571] binder: 7566:7571 ioctl 4018620d 20000040 returned -16 [ 256.072675][ T7545] netlink: 8 bytes leftover after parsing attributes in process `syz.3.535'. [ 256.159025][ T1250] ieee802154 phy0 wpan0: encryption failed: -22 [ 256.165614][ T1250] ieee802154 phy1 wpan1: encryption failed: -22 [ 256.254202][ T7576] IPVS: Error joining to the multicast group [ 256.739440][ T5094] Bluetooth: hci5: command 0x0419 tx timeout [ 257.600057][ T7585] msdos: Unknown parameter 'b±Fs µÚì' [ 261.931934][ T29] audit: type=1326 audit(1721397116.874:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7596 comm="syz.4.547" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f5235575b59 code=0x0 [ 262.046900][ T7603] netlink: 12 bytes leftover after parsing attributes in process `syz.3.549'. [ 262.225495][ C1] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI [ 262.238532][ C1] KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007] [ 262.246936][ C1] CPU: 1 PID: 7606 Comm: syz.1.551 Not tainted 6.10.0-syzkaller-08280-g68b59730459e #0 [ 262.257013][ C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024 [ 262.267711][ C1] RIP: 0010:__dev_flush+0x5b/0x160 [ 262.272840][ C1] Code: 48 89 ef e8 67 7c 3a 00 48 8b 5d 00 48 39 eb 0f 84 ff 00 00 00 48 89 2c 24 49 89 dd 49 c1 ed 03 48 b8 00 00 00 00 00 fc ff df <41> 80 7c 05 00 00 74 08 48 89 df e8 35 7c 3a 00 48 8b 03 48 89 44 [ 262.293162][ C1] RSP: 0018:ffffc90000a18af0 EFLAGS: 00010246 [ 262.299311][ C1] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffff8880266a8000 [ 262.307636][ C1] RDX: 0000000080000101 RSI: 0000000000000010 RDI: ffffc900032cf810 [ 262.315626][ C1] RBP: ffffc900032cf810 R08: ffffffff895eeb1a R09: 1ffffffff1f5b375 [ 262.323601][ C1] R10: dffffc0000000000 R11: fffffbfff1f5b376 R12: 0000000000000000 [ 262.331586][ C1] R13: 0000000000000000 R14: 0000000000000010 R15: ffffc900032cf810 [ 262.339731][ C1] FS: 00007fcca64136c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 262.348744][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 262.355333][ C1] CR2: 0000000000000000 CR3: 00000000287ca000 CR4: 00000000003506f0 [ 262.363389][ C1] Call Trace: [ 262.366675][ C1] [ 262.369542][ C1] ? __die_body+0x88/0xe0 [ 262.373869][ C1] ? die_addr+0x108/0x140 [ 262.378259][ C1] ? exc_general_protection+0x3dd/0x5d0 [ 262.383913][ C1] ? asm_exc_general_protection+0x26/0x30 [ 262.389835][ C1] ? xdp_do_check_flushed+0x10a/0x240 [ 262.395302][ C1] ? __dev_flush+0x5b/0x160 [ 262.400696][ C1] xdp_do_check_flushed+0x129/0x240 [ 262.406618][ C1] __napi_poll+0xe4/0x490 [ 262.411163][ C1] net_rx_action+0x89b/0x1240 [ 262.415868][ C1] ? __pfx_net_rx_action+0x10/0x10 [ 262.421171][ C1] ? sched_clock+0x4a/0x70 [ 262.426482][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 262.433059][ C1] handle_softirqs+0x2c4/0x970 [ 262.437827][ C1] ? __irq_exit_rcu+0xf4/0x1c0 [ 262.443053][ C1] ? __pfx_handle_softirqs+0x10/0x10 [ 262.448517][ C1] ? irqtime_account_irq+0xd4/0x1e0 [ 262.453732][ C1] __irq_exit_rcu+0xf4/0x1c0 [ 262.458318][ C1] ? __pfx___irq_exit_rcu+0x10/0x10 [ 262.463521][ C1] irq_exit_rcu+0x9/0x30 [ 262.467787][ C1] common_interrupt+0xaa/0xd0 [ 262.472490][ C1] [ 262.475424][ C1] [ 262.478358][ C1] asm_common_interrupt+0x26/0x40 [ 262.483384][ C1] RIP: 0010:lock_acquire+0x264/0x550 [ 262.488684][ C1] Code: 2b 00 74 08 4c 89 f7 e8 ba bc 86 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25 [ 262.508475][ C1] RSP: 0018:ffffc900032cf100 EFLAGS: 00000206 [ 262.514550][ C1] RAX: 0000000000000001 RBX: 1ffff92000659e2c RCX: 0000000000000001 [ 262.522508][ C1] RDX: dffffc0000000000 RSI: ffffffff8bcadb20 RDI: ffffffff8c1f8760 [ 262.530560][ C1] RBP: ffffc900032cf248 R08: ffffffff92fae5c7 R09: 1ffffffff25f5cb8 [ 262.538626][ C1] R10: dffffc0000000000 R11: fffffbfff25f5cb9 R12: 1ffff92000659e28 [ 262.546691][ C1] R13: dffffc0000000000 R14: ffffc900032cf160 R15: 0000000000000246 [ 262.554761][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 262.559777][ C1] ? folio_try_get+0x1e/0x350 [ 262.564441][ C1] ? __pfx_lock_release+0x10/0x10 [ 262.569450][ C1] ? folio_try_get+0x1e/0x350 [ 262.574218][ C1] folio_try_get+0x3b/0x350 [ 262.578759][ C1] ? folio_try_get+0x1e/0x350 [ 262.583434][ C1] next_uptodate_folio+0x164/0xa40 [ 262.588655][ C1] filemap_map_pages+0x1338/0x1e70 [ 262.593846][ C1] ? filemap_map_pages+0x24f/0x1e70 [ 262.599047][ C1] ? __pfx_filemap_map_pages+0x10/0x10 [ 262.604522][ C1] ? handle_pte_fault+0x348/0x7090 [ 262.609615][ C1] ? __pfx_lock_release+0x10/0x10 [ 262.614716][ C1] ? pte_offset_map_nolock+0x137/0x1f0 [ 262.620167][ C1] ? handle_pte_fault+0x222c/0x7090 [ 262.625397][ C1] ? __pfx_filemap_map_pages+0x10/0x10 [ 262.630860][ C1] ? handle_pte_fault+0x222c/0x7090 [ 262.636195][ C1] handle_pte_fault+0x3b9b/0x7090 [ 262.641255][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 262.646551][ C1] ? __pfx_handle_pte_fault+0x10/0x10 [ 262.651915][ C1] ? do_raw_spin_lock+0x14f/0x370 [ 262.656945][ C1] ? follow_page_pte+0x29a/0x1ee0 [ 262.662046][ C1] ? follow_page_pte+0x83f/0x1ee0 [ 262.667052][ C1] ? __pfx_lock_release+0x10/0x10 [ 262.672156][ C1] ? count_memcg_event_mm+0x3c2/0x420 [ 262.677729][ C1] ? do_raw_spin_unlock+0x13c/0x8b0 [ 262.683200][ C1] ? folio_mark_accessed+0x6f6/0x11b0 [ 262.688613][ C1] handle_mm_fault+0xfb0/0x19d0 [ 262.693571][ C1] ? __pfx_handle_mm_fault+0x10/0x10 [ 262.698982][ C1] ? __pfx_find_vma+0x10/0x10 [ 262.703659][ C1] ? vma_is_secretmem+0xd/0x50 [ 262.708409][ C1] ? check_vma_flags+0x500/0x5a0 [ 262.713334][ C1] __get_user_pages+0x6ec/0x16a0 [ 262.718267][ C1] ? __pfx___get_user_pages+0x10/0x10 [ 262.723645][ C1] populate_vma_page_range+0x264/0x330 [ 262.729185][ C1] ? __pfx_populate_vma_page_range+0x10/0x10 [ 262.735151][ C1] ? userfaultfd_unmap_complete+0x30c/0x360 [ 262.741040][ C1] ? do_mmap+0x915/0xfa0 [ 262.745275][ C1] __mm_populate+0x27a/0x460 [ 262.749866][ C1] ? __pfx___mm_populate+0x10/0x10 [ 262.754967][ C1] vm_mmap_pgoff+0x2c3/0x3d0 [ 262.759544][ C1] ? __pfx_vm_mmap_pgoff+0x10/0x10 [ 262.764638][ C1] ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10 [ 262.770953][ C1] ? do_syscall_64+0x100/0x230 [ 262.775723][ C1] ? ksys_mmap_pgoff+0xdf/0x720 [ 262.780591][ C1] ? __x64_sys_mmap+0x7f/0x140 [ 262.785355][ C1] do_syscall_64+0xf3/0x230 [ 262.790043][ C1] ? clear_bhb_loop+0x35/0x90 [ 262.794739][ C1] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 262.800842][ C1] RIP: 0033:0x7fcca5575b59 [ 262.805443][ C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 262.825742][ C1] RSP: 002b:00007fcca6413048 EFLAGS: 00000246 ORIG_RAX: 0000000000000009 [ 262.834249][ C1] RAX: ffffffffffffffda RBX: 00007fcca5705f60 RCX: 00007fcca5575b59 [ 262.842314][ C1] RDX: b635773f06ebbeee RSI: 0000000000b36000 RDI: 0000000020000000 [ 262.850286][ C1] RBP: 00007fcca55e4e5d R08: ffffffffffffffff R09: 0000000000000000 [ 262.858245][ C1] R10: 0000000000008031 R11: 0000000000000246 R12: 0000000000000000 [ 262.866308][ C1] R13: 000000000000000b R14: 00007fcca5705f60 R15: 00007ffced193c28 [ 262.874277][ C1] [ 262.877322][ C1] Modules linked in: [ 262.881328][ C1] ---[ end trace 0000000000000000 ]--- [ 262.886816][ C1] RIP: 0010:__dev_flush+0x5b/0x160 [ 262.892114][ C1] Code: 48 89 ef e8 67 7c 3a 00 48 8b 5d 00 48 39 eb 0f 84 ff 00 00 00 48 89 2c 24 49 89 dd 49 c1 ed 03 48 b8 00 00 00 00 00 fc ff df <41> 80 7c 05 00 00 74 08 48 89 df e8 35 7c 3a 00 48 8b 03 48 89 44 [ 262.913001][ C1] RSP: 0018:ffffc90000a18af0 EFLAGS: 00010246 [ 262.920347][ C1] RAX: dffffc0000000000 RBX: 0000000000000000 RCX: ffff8880266a8000 [ 262.928934][ C1] RDX: 0000000080000101 RSI: 0000000000000010 RDI: ffffc900032cf810 [ 262.938006][ C1] RBP: ffffc900032cf810 R08: ffffffff895eeb1a R09: 1ffffffff1f5b375 [ 262.947328][ C1] R10: dffffc0000000000 R11: fffffbfff1f5b376 R12: 0000000000000000 [ 262.955438][ C1] R13: 0000000000000000 R14: 0000000000000010 R15: ffffc900032cf810 [ 262.963471][ C1] FS: 00007fcca64136c0(0000) GS:ffff8880b9500000(0000) knlGS:0000000000000000 [ 262.973219][ C1] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 262.979843][ C1] CR2: 0000000000000000 CR3: 00000000287ca000 CR4: 00000000003506f0 [ 262.988477][ C1] Kernel panic - not syncing: Fatal exception in interrupt [ 262.996020][ C1] Kernel Offset: disabled [ 263.000336][ C1] Rebooting in 86400 seconds..