last executing test programs:

3m44.573388532s ago: executing program 4 (id=330):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x204042, 0x0)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
mount(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f00000004c0)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
read$FUSE(r1, &(0x7f0000000580)={0x2020, 0x0, <r2=>0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
write$FUSE_DIRENTPLUS(r1, &(0x7f00000029c0)=ANY=[@ANYBLOB="5806000000000000", @ANYRES64=r2, @ANYBLOB="0000000000000000020000000000000001800000000000004600000000000000ff000000020000000600000000000000a90f000000000000f9ffffffffffffffff0f00000000000002000000000000000300000000000000040000000000000007ed000000a0000008000000", @ANYRES32=r3, @ANYRES32=0x0, @ANYBLOB="fd55000001000080000000000000000000000000030000000000000006000000050000007663616e30000000060000000000000000000000000000000500000000000000c0ffffffffffffff030000000002000003000000000000000200000000000000050000000000000001ffffffffffffff0f000000000000000700000000000000ffff00000200000001feffff0030000002000000", @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="05000000184c00000000000000000000000000000100010000000000080000000b000000257042202020200001000000000000000000000000000000ffffffff00000000070000000000000025f40000020000000600000000000000070000000000000002000000000000000f00000000000000ffffffffffffffff010000000000000002000000080000006194000000e0000007000000", @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="008000000080ff01000000000100000000000000a9d00000000000000a0000005e9a00002f6465762f6375736500000000000000060000000000000002000000000000005f0000000000000004000000000000000400000001000000000000000000000007000000000000000010000000000000f9ffffffffffffff018000000000000000000000000000000008000000000080830b000000c0000001000080", @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="8a020000070000000000000005000000000000000400000000000000010000000a000000000000000000000005000000000000000200000000000000080000000000000001800000000000000d00000006000000060000000000000084010000000000008705000000000000008000000000000008000000000000000000000000000000ffffffff0600000010000000002000000b000000", @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="000000800b000000000000000200000000000000080000000000000001000000a200000028000000000000000200000000000000010000000000000009000000000000000600000000000000f8ffffffff7f0000050000000000000001000000000000000c000000000000000a00000000000000060000000000000006000000000000000300000006000000070000000080000008000000", @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="0500000003000000000000000300000000000000020000000000000001000000090000002c0000000000000006000000000000000000000000000000d55d0000000000000300000000000000050000008100000003000000000000000100000001000500000000000000020000000000000001000000000000000200000000000000060000009e4f5069000000800020000006000000", @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="0600000005000000000000000000000000000000fcffffffffffffff060000000400000026272e3a262800000200000000000000010000000000000001040000000000000500000000000000800000000400000005000000000000000404000000000000050000000000000004000000000000000108000000000000ff0000000000000006000000a2d70000ff7f0000004000007f000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffff7fc60000000000000004000000000000000100000001000000040000004f0f00005c2d2d2c0000000005000000000000000100000000000000ff0700000000000004000000000000003d0000007f0000000600000000000000070000000000000005000000000000000300000000000000ec590000000000000500000000000000040000006c0f0000000000800040000080000000", @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="060000004a6a00000000000002000000000000004f0500000000000008000000ff0300006e6c3830323131000500000000000000020000000000000002000000000000009f04000000000000ff7f00006500000005000000000000004abe0000000000000707000000000000b304000000000000000000000000000003000000000000000100010000f8ffff06000000004000003eca", @ANYRES32=0xee00, @ANYRES32=r4, @ANYBLOB="01000000e262000000000000020000000000000001010000000000000100000003000000ad00000000000000"], 0x658)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x103280, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0xd5)
openat$cgroup_ro(r5, &(0x7f0000000040)='cpu.stat\x00', 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

3m44.408242646s ago: executing program 4 (id=332):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
ioctl$IOCTL_VMCI_CTX_REMOVE_NOTIFICATION(0xffffffffffffffff, 0x7b0, 0x0)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000202000000000000000000006000000ff00000000bfa100000000000007010000f8ffffffb702000008000000b703801e43aa26670fd7bfea3592b68c53000000000000850000000600000095"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a54000000060a09040000000000000000020000002800048024000180090001006d6574610000000054000280080001400000001b080002400000000b0900010073797a30000000000900020073797a3200000000140000001100010000000000000000000200000a"], 0x7c}, 0x1, 0x0, 0x0, 0x44}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000400)='rcu_utilization\x00', r3, 0x0, 0x1}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0}, 0x18)
r4 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents(r4, &(0x7f0000001fc0)=""/184, 0xb8)

3m43.461233757s ago: executing program 4 (id=333):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r0, 0x104, 0x2, &(0x7f0000000040)=0x9, 0x4)
socket$nl_route(0x10, 0x3, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x89901)
unshare(0x22020600)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000140)={0xffffffff, "030000000000000023000000debd12ffff00000000000000000020000400"})
pselect6(0x40, &(0x7f0000000080)={0x3, 0x5, 0xf, 0x5, 0x1000, 0x7, 0x0, 0x80}, &(0x7f00000000c0)={0x38, 0xd, 0xffff, 0x7, 0x3ff, 0x9, 0x2b27a4b1, 0x1}, 0x0, 0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x109200, 0x0)
r2 = syz_open_dev$sg(&(0x7f0000000000), 0xf9ba, 0x501)
ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000000480)={0x0, 0x9, 0x8f})

3m43.368939322s ago: executing program 4 (id=334):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
chdir(&(0x7f0000000240)='./file0\x00')
r0 = open(&(0x7f0000000040)='./bus\x00', 0x80242, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ftruncate(r0, 0x2007ffc)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = socket$phonet(0x23, 0x2, 0x1)
ioctl$sock_FIOGETOWN(r4, 0x8903, &(0x7f00000000c0))
fchdir(0xffffffffffffffff)
sendfile(r0, r0, 0x0, 0x800000009)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)

3m43.243805816s ago: executing program 4 (id=335):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f000001b700)=""/102400, 0x19000)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000040)={0x0, 0x0}, 0x10)
sendmmsg(r1, &(0x7f0000001c00), 0x400000000000159, 0x40840) (fail_nth: 3)

3m43.03434937s ago: executing program 4 (id=337):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1895fbe8de83e5e1873593bfa36e0611d0d5aec9b269af2d02c3795c88c3e44e18000000009c8cb4185ade3bef78af53332fb23792ddeba1b800b9f54624192ead8452f44784496cd022803591115407d6cf30a00e08e641cd06415a0b719965f6c878e263022013c80eec17f72ebd19ad159858b9bc8dfaa6fbe18989b4e5bc59382ae0f67b8d03ab1700d03f2b76014886d19627589d2fe45b077155dc87662bb16a"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
syz_usb_connect(0x2, 0x440, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000780)=@nat={'nat\x00', 0x19, 0x0, 0x90, [0x2000000006c0, 0x0, 0x0, 0x2000000006f0, 0x200000000720], 0x0, 0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="000000000000000000000000000c0000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000002000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000946b8273c67b79ee1f6e9cac7ca996dbda01db13b77a1fb06ac9f2c41aefc2bbfb501a75668fffa9d7f48e6cb3cf9de6b550da3ca91397713c198358d3ddf90428e3bd48eea471d590b748574420c9a861a547ef9686303ef2fc51eedaf247ee4a2a80e511d3980364c059fcad5ecce8b485a73c6a12bab953d1fa5775070c2f9c93ac22e24049fd8839a0a82e8c4b1e0b7431ec2bf76ebad4a3295337951801b9d24c98c0a2b0696b9ea5e95e3344b93e51aa28fa014a85b1d2b6193560ae2cff3d2c209b5f54eb383993809b489ec44a656a17bdb8667d671668fa05d816db38182ea628da95a5a141fee8c2c936405ae015767113dae574bd77cace773af1487570058ee9d04bca61694ccce7dafcff2ffedc1e4d9a93a8c1387ee6d5fbcf1ef40b6d0d1424e97eb027fb918e821ca0ba56351afd3015acf53fb94e8ecf7da2fc1f4ed45eb9178702c238daeafcebd673e39f4225485e3877f2835063c6cc8220ca99beae929fdde06989282b96a65cc97cd8d67c58fe10aff2af18541262a4ddc2f97078e2cdee8e8973072e7beb857485c9473157cecc30ad3fc8b056f154"]}, 0x2a9)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, 0x0, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, 0x0, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x8, @dev={0xfe, 0x80, '\x00', 0x44}, 0x1ff}, {0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x3ff}}}, 0x48)

3m42.752479s ago: executing program 32 (id=337):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1895fbe8de83e5e1873593bfa36e0611d0d5aec9b269af2d02c3795c88c3e44e18000000009c8cb4185ade3bef78af53332fb23792ddeba1b800b9f54624192ead8452f44784496cd022803591115407d6cf30a00e08e641cd06415a0b719965f6c878e263022013c80eec17f72ebd19ad159858b9bc8dfaa6fbe18989b4e5bc59382ae0f67b8d03ab1700d03f2b76014886d19627589d2fe45b077155dc87662bb16a"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
syz_usb_connect(0x2, 0x440, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000780)=@nat={'nat\x00', 0x19, 0x0, 0x90, [0x2000000006c0, 0x0, 0x0, 0x2000000006f0, 0x200000000720], 0x0, 0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="000000000000000000000000000c0000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000002000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff00000000946b8273c67b79ee1f6e9cac7ca996dbda01db13b77a1fb06ac9f2c41aefc2bbfb501a75668fffa9d7f48e6cb3cf9de6b550da3ca91397713c198358d3ddf90428e3bd48eea471d590b748574420c9a861a547ef9686303ef2fc51eedaf247ee4a2a80e511d3980364c059fcad5ecce8b485a73c6a12bab953d1fa5775070c2f9c93ac22e24049fd8839a0a82e8c4b1e0b7431ec2bf76ebad4a3295337951801b9d24c98c0a2b0696b9ea5e95e3344b93e51aa28fa014a85b1d2b6193560ae2cff3d2c209b5f54eb383993809b489ec44a656a17bdb8667d671668fa05d816db38182ea628da95a5a141fee8c2c936405ae015767113dae574bd77cace773af1487570058ee9d04bca61694ccce7dafcff2ffedc1e4d9a93a8c1387ee6d5fbcf1ef40b6d0d1424e97eb027fb918e821ca0ba56351afd3015acf53fb94e8ecf7da2fc1f4ed45eb9178702c238daeafcebd673e39f4225485e3877f2835063c6cc8220ca99beae929fdde06989282b96a65cc97cd8d67c58fe10aff2af18541262a4ddc2f97078e2cdee8e8973072e7beb857485c9473157cecc30ad3fc8b056f154"]}, 0x2a9)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, 0x0, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r5, 0x0, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x8, @dev={0xfe, 0x80, '\x00', 0x44}, 0x1ff}, {0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x3ff}}}, 0x48)

13.255056506s ago: executing program 1 (id=1191):
r0 = socket(0xa, 0x3, 0x3a)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x5, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x44840)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0x0, 0x0, 0x0)
move_mount(0xffffffffffffffff, 0x0, 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x224)
ioctl$BINDER_GET_NODE_INFO_FOR_REF(r2, 0xc018620c, &(0x7f00000000c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="120000002f0000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000700), &(0x7f0000000740)=r3}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={r5, &(0x7f0000000300), 0x0}, 0x20)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
mbind(&(0x7f00001e7000/0x2000)=nil, 0x2000, 0x8003, &(0x7f0000000000)=0x9, 0x3, 0x2)
r6 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps_rollup\x00')
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
read$FUSE(r6, &(0x7f00000007c0)={0x2020}, 0x2020)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000000)={0x0, 0x1}, 0xc)
setsockopt$MRT6_DEL_MIF(r0, 0x29, 0xcb, &(0x7f0000000040), 0xc)

11.006609022s ago: executing program 3 (id=1197):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000580), 0xa, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
r1 = syz_open_procfs(0x0, 0x0)
r2 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000280)={@multicast2, @local, @local}, 0xc)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x488c4}, 0x0)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f00000004c0)=<r3=>0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000640)={{{@in6=@ipv4={""/10, ""/2, @local}, @in6=@private2}}, {{@in6}, 0x0, @in=@initdev}}, &(0x7f0000000400)=0xe8)
r4 = openat$sysfs(0xffffffffffffff9c, 0x0, 0x121200, 0x128)
cachestat(r4, 0x0, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$VIDIOC_DQBUF(0xffffffffffffffff, 0xc0585611, &(0x7f0000000500)=@multiplanar_overlay={0xb, 0x3, 0x4, 0x10000, 0x2, {0x77359400}, {0x1, 0x8, 0x4, 0x5, 0x86, 0x5}, 0x7, 0x3, {&(0x7f00000002c0)=[{0x0, 0x44c52898, {0x4000}, 0x2}, {0x8, 0x3, {}, 0xffffffff}]}, 0x2, 0x0, r0})
syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r5, 0x8933, &(0x7f0000000080)={'wg2\x00'})
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS(r7, 0x4068aea3, &(0x7f0000000240)={0x74, 0x0, 0x7eacfa71abeb3756})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x7)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioprio_set$pid(0x3, r3, 0x0)
timer_create(0x3, &(0x7f0000000000)={0x0, 0x38, 0x2, @thr={&(0x7f0000000740)="62be75e0a5066f748c73259d1e3ce289b40be4cb7a0e4c50374ada152d87f5455a3973a36b1857c131c7643f4fa91dbe3ff463315fcea442fed8565ef928470ede0f66a63f69df91e8bae2597ec98a23ac70ebce539881944733383a0e55fe4702d0a8f065b0b65a61af2df214275a5c8db810188e1b29dc452d2c20ba6e2dc0145be711a03c8821e10b26b4e1e0e6b047da4f321aede795e5ec4a631ca4b76a8052e1d239843824b6c3d9030712d8ae786ce61af33f66cffdfccd108671e3603d54c206dbd40aa7c14201074fc61b395d3f6b92f50d8bc06835aab76edf696a21dd3e", &(0x7f0000000440)="62e74d5407abdb1f7357a96771ff35ec0ceb83c802c1bc98ebe9e82730ad02d37058686bdcba6cf9863f4a352bd825e4f5e6c06bb1a5d2c9fb7a5a1a21442e8c931d09bebd92b5c2ee8cf4b4ffe20572eebfaa020962e3c5647b99"}}, &(0x7f00000001c0)=<r9=>0x0)
clock_gettime(0x0, &(0x7f0000000200)={<r10=>0x0, <r11=>0x0})
timer_settime(r9, 0x0, &(0x7f0000000340)={{r10, r11+60000000}}, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x60680, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000008c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000006"], &(0x7f0000000880)=""/47, 0x2a, 0x2f, 0x0, 0x1, 0x0, @void, @value}, 0x28)
creat(&(0x7f0000000180)='./bus\x00', 0x11)

7.41055472s ago: executing program 3 (id=1198):
r0 = socket(0x8, 0x1, 0x800)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000d80)={&(0x7f0000000c80)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000060000000400000000000008000000000000000061"], 0x0, 0x2a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
bpf$MAP_CREATE(0xe4ffffff00000000, &(0x7f0000001000)=@base={0x8, 0x4, 0x4, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r2, 0x0, 0x1, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
r4 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000600)={'team0\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0xc8, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r5, {0x0, 0x2}, {0xffff, 0xffff}, {0x0, 0xb}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x1], 0x0, [0x8, 0x4, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x400]}}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000001}]}]}]}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x16, 0x5, 0x1, 0x6, 0x0, 0xffffffff, 0x7fffffff}}, {0x4}}]}]}, 0xc8}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r7 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r7, 0xc008561c, &(0x7f0000000400)={0xf0f01f})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x50, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x10, "000000000010000000000000000010dc"}}}, @TCA_INGRESS_BLOCK={0x8}]}, 0x50}}, 0x0)

6.583895049s ago: executing program 1 (id=1202):
syz_usb_connect(0x3, 0x64, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000cb8be7406d04230848390102030109025200010000000009044000000e0100000a240608000b0201020006000400"], 0x0)
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
writev(r0, &(0x7f0000000000)=[{0x0}, {0x0}], 0x2)
ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5393, 0x0)

6.380934651s ago: executing program 3 (id=1206):
prlimit64(0x0, 0x7, &(0x7f0000000ec0), 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000190091c8b14a0778a8123d181d"], 0xfe33)
syz_io_uring_setup(0x16c2, &(0x7f0000000480)={0x0, 0xbd12, 0x2, 0x1, 0x327}, 0x0, 0x0)

6.303685217s ago: executing program 3 (id=1208):
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x14e22, 0x80000000, @empty}, 0x1c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000))
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c) (async)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @mcast2}, 0x1c)

6.228034784s ago: executing program 3 (id=1210):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x80800)
sendmmsg$alg(r2, &(0x7f0000003780)=[{0x0, 0x0, &(0x7f0000001a80)=[{&(0x7f0000000940)="a6baa2c67c6c4f6f1fac61f63f9f1a4d", 0x10}], 0x1, 0x0, 0x0, 0x200008c0}], 0x1, 0x4044841)
recvmsg$can_j1939(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000280)=""/3, 0x3}, {&(0x7f0000000540)=""/128, 0x80}], 0x2}, 0x1)
r3 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
pwritev2(r3, &(0x7f0000000640)=[{&(0x7f0000000800)='i', 0x1}], 0x1, 0x7, 0x7, 0x38)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000480)={'filter\x00', 0x5, 0x4, 0x418, 0x220, 0x0, 0x110, 0x330, 0x330, 0x330, 0x4, 0x0, {[{{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @private, @empty}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@dev={'\xaa\xaa\xaa\xaa\xaa', 0x22}, @empty, @local, @private}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@link_local, @mac=@random="81180b004b23", @dev={0xac, 0x14, 0x14, 0xf}, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x1}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x468)

5.754498267s ago: executing program 0 (id=1211):
r0 = memfd_create(&(0x7f0000000280)='/dev/loop#\x00', 0x3)
fallocate(r0, 0x0, 0x0, 0x200401)
fcntl$addseals(r0, 0x409, 0x4)
fallocate(r0, 0x0, 0x0, 0x4)

5.621280326s ago: executing program 0 (id=1213):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000340)=ANY=[@ANYBLOB="340000000201010200000000000000000700000708000840000000050800154000000001080003"], 0x34}, 0x1, 0x0, 0x0, 0x40884}, 0x4040000)
r1 = syz_io_uring_setup(0x10d2, &(0x7f0000000340)={0x0, 0x6bf6, 0x80, 0x5, 0x12}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f0000000300)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2d, 0x0, 0x0, 0x1000004}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x47bc, 0x0, 0x0, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r5}})
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
unshare(0x22020400)
quotactl_fd$Q_GETINFO(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$KVM_CAP_DIRTY_LOG_RING_ACQ_REL(r6, 0x4068aea3, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_RUN(r7, 0xae80, 0x0)

5.620988076s ago: executing program 3 (id=1214):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x70, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x18, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x70}, 0x1, 0x0, 0x0, 0x4041}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1895fbe8de83e5e1873593bfa36e0611d0d5aec9b269af2d02c3795c88c3e44e18000000009c8cb4185ade3bef78af53332fb23792ddeba1b800b9f54624192ead8452f44784496cd022803591115407d6cf30a00e08e641cd06415a0b719965f6c878e263022013c80eec17f72ebd19ad159858b9bc8dfaa6fbe18989b4e5bc59382ae0f67b8d03ab1700d03f2b76014886d19627589d2fe45b077155dc87662bb16a"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
syz_usb_connect(0x2, 0x440, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="a00000000001050500000000000000000a000005440002802c00018014000300ff01000000000000000000000000000114000400ff0200000000000000000000000000010c000280050001000000000006000340000000003c0001800c00028005000100000000002c00018014000300ff0200000000000000000000000000011400040020010000000000000040fb0000000001080007400000000004000680"], 0xa0}}, 0x0)

5.535835193s ago: executing program 5 (id=1215):
r0 = gettid()
prctl$PR_SCHED_CORE(0x3e, 0x2, r0, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x80002)
sched_setscheduler(r1, 0x2, &(0x7f0000000100)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000001c0), 0x691, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
uname(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r6 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x2, 0x800)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r6, {0x9}}, './file0\x00'})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
openat$kvm(0xffffffffffffff9c, 0x0, 0x80, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000400)={'wlan1\x00', <r9=>0x0})
r10 = syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/net\x00')
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(r7, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000300)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="ed52db86734d000100007e000000310000000c0099000500000052000000906cc328b2515eed8f2d99ad18b65dbf26860202559e2b653e211a1ace0417c59bf817cf040a15011fea05f3de156d495609642e4a2c0f19801fdf3e7fa1891607127e8e23a6ae3dfad3e519363786cc5958e9706722649b3de5b306832965f75d276c0eaaac1c9668da64d7980093eb200f422fbf620553644839f3326e5200cdd9", @ANYRES32=r9, @ANYBLOB="0800db00", @ANYRES32=r10, @ANYBLOB], 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r11 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r11, 0x2, &(0x7f0000000200)=0x4)

5.120300095s ago: executing program 0 (id=1217):
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x7, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xc000, 0x0)
futex(&(0x7f000000cffc)=0x4, 0x10b, 0x4, 0x0, &(0x7f0000048000), 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8810, r0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e1e}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000280), 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000000380)={0x10, 0x0, 0x25dfdbff, 0x40000}, 0xc)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r7, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

5.120181864s ago: executing program 2 (id=1218):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x8, 0x300}})

4.451247198s ago: executing program 2 (id=1219):
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="a00000000001050500000000000000000a000005440002802c00018014000300ff01000000000000000000000000000114000400ff0200000000000000000000000000010c000280050001000000000006000340000000003c0001800c00028005000100000000002c00018014000300ff0200000000000000000000000000011400040020010000000000000040fb0000000001080007400000000004000680"], 0xa0}}, 0x0)

4.219080237s ago: executing program 5 (id=1220):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_IOVA_RANGES(r0, 0x3b84, &(0x7f0000000100)={0x20, r1, 0x2, 0x0, &(0x7f0000000140)=[{}, {}]})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000180)={0x20, r1, 0x2, 0x0, &(0x7f00000001c0)=[{0x0, 0x1}, {0x3, 0x5}]})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000200)={0x28, 0x7, r1, 0x0, &(0x7f0000000240)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1c, 0x1c})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000280)={0x18, r1})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f00000002c0)={0x28, 0x7, r1, 0x0, &(0x7f0000000300)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1c, 0x2})
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000340)={0x18, r1, 0x2, 0x1c})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000380)={0x28, 0x7, r1, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000000)={0x64, r1})
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000400)={0xc, 0x0, <r2=>0x0})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000440)={0x28, 0x7, r1, 0x0, &(0x7f0000000480)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1c, 0x2})
ioctl$IOMMU_IOAS_COPY(r0, 0x3b83, &(0x7f00000004c0)={0x28, 0x7, r2, r1, 0x1c, 0x3, 0x2})
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000500)={0x18, r2, 0x3, 0x1c})
ioctl$IOMMU_DESTROY$ioas(r0, 0x3b80, &(0x7f0000000540)={0x8, r2})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000580)={0x18, r1})
ioctl$IOMMU_OPTION$IOMMU_OPTION_RLIMIT_MODE(r0, 0x3b87, &(0x7f00000005c0)={0x18, 0x0, 0x1})
ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r0, 0x3b87, &(0x7f0000000600)={0x18, 0x1, 0x1, 0x0, r1})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000640)={0x20, r1, 0x0, 0x0, &(0x7f0000000680)})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r0, 0x3ba0, &(0x7f00000006c0)={0x48, 0x1, r1, 0x0, 0x1000, 0x2000})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r1, 0x0, <r3=>0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000007c0)={0x28, 0x7, r1, 0x0, &(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1004000})
ioctl$IOMMU_TEST_OP_MD_CHECK_MAP(r0, 0x3ba0, &(0x7f0000000800)={0x48, 0x3, r4, 0x0, 0x1004000, 0x1000, &(0x7f0000ffc000)})
ioctl$IOMMU_TEST_OP_MD_CHECK_REFS(r0, 0x3ba0, &(0x7f0000000880)={0x48, 0x4, 0x0, 0x0, 0x1000, &(0x7f0000ffc000), 0x1})
ioctl$IOMMU_IOAS_UNMAP(r0, 0x3b86, &(0x7f0000000900)={0x18, r1, 0x1000, 0x1004000})
ioctl$IOMMU_DESTROY$stdev(r0, 0x3b80, &(0x7f0000000940)={0x8, r3})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000980)={0x48, 0x5, r1, 0x0, <r5=>0x0, 0x1})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f0000000a00)={0x28, 0x7, r1, 0x0, &(0x7f00000a0000)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL', 0x1000})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES(r0, 0x3ba0, &(0x7f0000000a40)={0x48, 0x7, r5, 0x0, 0x0, <r6=>0x0, 0x0, 0x1000})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r0, 0x3ba0, &(0x7f0000000ac0)={0x48, 0x8, r5, 0x0, 0x0, 0x10, &(0x7f0000000b40)='LLLLLLLLLLLLLLLLLLLLLLLLLLLL'})
ioctl$IOMMU_TEST_OP_DESTROY_ACCESS_PAGES(r0, 0x3ba0, &(0x7f0000000b80)={0x48, 0x6, r5, 0x0, r6})
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000c00)={0x18, r1})
close(r5)
ioctl$IOMMU_IOAS_UNMAP$ALL(r0, 0x3b86, &(0x7f0000000c40)={0x18, r1})
ioctl$IOMMU_TEST_OP_SET_TEMP_MEMORY_LIMIT(r0, 0x3ba0, &(0x7f0000000c80)={0x48, 0x9, 0x0, 0x0, 0x10})
ioctl$IOMMU_DESTROY$ioas(r0, 0x3b80, &(0x7f0000000d00)={0x8, r1})
close(r0)

3.4746064s ago: executing program 2 (id=1221):
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x60042, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', 0x0, 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RSTATu(r0, &(0x7f00000005c0)={0x54c, 0x7d, 0x4002, {{0x500, 0x1f8, 0xfffd, 0x40, {0x0, 0x0, 0x2}, 0x0, 0x1, 0xc, 0x0, 0x10f, '\x04nodZ=\xbfd`\xd2\xc2\x97D,\x027\xfcb%\xff\xff\xff\x80\x05\x00\x00\x00\x00\x00\x00\xff\x03\xff\x92\xe9\x16\x00\x05\x00\x00\x00,\x93\xcb=\xb6\xc21\xd1\x19\xaa\xa1ou\xc5\x8f\xa6\x88\x9f\xf3\xc8\xf7\xab\xc6\x1bY\xa1\xd2o\fJ\xf8\xe2\x93\xd3\xf8l\xcd\xc6o\xf5{\xe9\x00\x00\x00\x00\x00\x00\x00\x03\xd5\x89-\x8e\xfe\xbb\x9e\x05\xac\nk\xc5)`z\xc6\x8a8\x13\xaf\xe7\x9e\x85cj\xfdl]\x15\xb2\xae\xbb\xb7\xee;\x1e\xae\x8a\x7f\xbe.\x85\x88s\x14\xcb\xec\xf0\xa1\xa5\x124z\x8c\x15\xb3 \xd1\xe1\xc0\x10Uz\xaaw\x16^Q`208^|\'\x01\x00\xacB3\x00D\xa9\b=\xe5\xbe\xd8\xe0\xbd(h\"\x94\xf68\xc3\x8e%uj\xb0\xb0\x7fe\xdb\xd6$\xee\x95_}\xa7\x8e\xe1\x96I7?0\xe3\xf7\xb9d\xf0\xa2f\xc3\xac\x9ePwS\xa3\xc4\x03\xc8{\xf1Jv\x87%\x91h\xb4[\xbdz\x1f\xd8`\x0e\xa1.\x00\xdb\xfeL\x1a\xfe\xea\xaf\x9d{\xb4\xa7Z\x1c\x82\x18\x93\xf7\xf4|<Pq\x8c\xc3', 0x2b, 'p\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x35, '\xcf`7-a\xcc\xea\xb8\xc8\x86A\xeb\x93\xb4\xcc\xf6\x00*\xb8{\xfc\x01\'\x96\t?h0\\M\" \x83~\x01\b\xe2\xe7HP\x1cQHK\xa0/\x10\x9c\xaa\xf9\x15\t\xa2', 0x56, '\xf8\xf6i\xfbqk\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x15\xbe6\xf4\xfd\x1aL\xdb\x80\xe8\xd4\a\x00\x00\x007\x00C'}, 0x33f, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\fA\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaau\xf8$k\xccB\xea\xa8\xc61\xc0\xc5\x00\x95\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy\xa6\x91\xb6\xf8\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xcda\xb0\xd7#\x85\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x033\xa8\x82F}+1\xaa\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xc0\xfbNL\x90W\np\x04\x9f9\x9f\a\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xdd\x1aA\xdd=\xe3\x04\xbd|~\xd0\x81\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xc2\x00\x00\x000\xe4\xee+\xfc\x7f\x80P\x85\x11C\xe5\x16\x1a\xcdG\x15\n\xcb\xaft8\"\xdf\xe2\x03\xb1\b\xd3~\x91M\xc1\xe5>#LP\x9e\xcaA\a\xa1q,\xaa\x9d\xa5=\x05\x1c6\x88Ly\x18&a\xf3\xca6\xbc\xdb\xfb\xbd&q\t\xf81\x11\x03\x06U\xf5biO\x03\x00=\x19B\x1bJ\x19\xef\x8b\x8bL\xe9\xc9\x93\xc7\xd6\xcb0\fNezNP\xa3[\\\xc1k\x8c\x16\x1a\x8e=\xf9\x03k\xbc\xf2\x8a\xdc\xd1\x9alL)\x17\t\xae\xe5\xab>[\xc5\xae)\xf4u\xe4\xd2D\b\xb5\x16}\x0f\xaf_\xc1Vkp\\\x8b`\xaf\xa8\xac\xa4/~\x04i\x18\x8a\x0e\xf0b\xca\x18\xe3\x8f\x9e\xe1\n\xc7}+~\xb9\xd6\x0e\xa7\x9f\xdbUd\x11H[\x1b\x13\xdb\xb8\xa2\xa6b.\xbc\xf8Lio\xa4\xda!\xba\xd22\r\rh\xe9\xbfCF\xf0ha\x19\xa3\x9e@\x03\x95\xc8\xf2\x82^\xa0i\xae\x0e\x14;\xd1\xa4Ay\xedlTp,^\x9a\x19\xcc\x7f\xfaP\x0f\xa4\x1bl\x80I\xbd\xe4X\'\xd5N\xc9\x01\xd2z\xd1%\x05h\x89\xb33k?\x06\x83\x8c[fz\xe2.\xfe;\xc1[\x82_\x7f\xbc\xe4\x80\'(\x1c\xf9\xfe\x8f\xc2\x1f\xc7|$=\xe2g\x051\x0e\xb8\x1c\xf7M\xe0)1\x92\xa1?j\xd0W\xdea\xfd\x8a\xba\x8e\xf4C\x9b\xc0jE\xb2\xb01bQZ#C:\xfe\xb5*\xed\xb5\xabo3FS8\x05\x15\xf7y\xf3]\xc8\xa7\x8c7w$\x92\xa2(L!\xd2\x13V\xd4s\xf0\x0f\x85\x13|{\xf0cou}5\x1a\x86\x9b?\x00w5\xcf\xf8\\\x9d\x97\x8b\xf5]\xcc&\xd6-%\xe3\b\xf0\x88\'\xa9\x1f\xf4{\xec\x92\xf8\xe9\x1ey\bfT\x00\xaaN9\xb3Y\x86#\x9d\\{\x94\x92\b\xbb&\xbcU\xb5[I\xedpHnn}\xa3\x8c \x84P\xf9\xf7\x9e\x1bA\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0f\b\rxi\x19\xca\x8bg\x80\xe2\xbf\xb5\x03\xb4\xe6\xd8\xfaF\x8a\x90\xd3m6\xb8={\xe6\xa6\x8d\x80A\xc2\xef\x14\x87\xb2C\xe2\x85=g`\xaf\xef\xde\x9c\xe1\xb1W\v\x93[\n>\xa4\'\xfc\x81S\x99\x0eu\x98\xa4\xc8,)\x87\xf7\x9a\x17\x15c', 0xffffffffffffffff, 0xee01}}, 0x54c)

3.34097168s ago: executing program 5 (id=1222):
socket$inet_sctp(0x2, 0x5, 0x84)
accept4$vsock_stream(0xffffffffffffffff, 0x0, 0x0, 0x800)
socket(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
add_key$keyring(&(0x7f0000000400), &(0x7f0000000380)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
sched_setscheduler(0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
close_range(r0, r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x22004001, 0x0, 0x0)
sendto$inet6(r1, &(0x7f0000000080)='\x00', 0x1, 0x40880c0, 0x0, 0x0)
shutdown(r1, 0x1)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f00000004c0)={0x2, {{0x2, 0x0, @multicast2}}, {{0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x108)
setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x42, 0x0, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r3, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c)

3.34016223s ago: executing program 1 (id=1223):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_SETSEL(r0, 0x541c, &(0x7f00000000c0)={0x2, {0x2, 0x0, 0x300, 0x0, 0x8, 0x300}}) (fail_nth: 2)

2.714459921s ago: executing program 2 (id=1224):
socket$inet_sctp(0x2, 0x5, 0x84)
accept4$vsock_stream(0xffffffffffffffff, 0x0, 0x0, 0x800)
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
setsockopt$sock_timeval(r0, 0x1, 0x42, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x6400, 0x0, @loopback}, 0x1c)
sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, 0x0, 0x28000010)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, 0x0, 0x0)

2.404704502s ago: executing program 5 (id=1225):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000140)=0x15)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000002c0)=0x7e)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000540)=0x9)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0x3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000300))
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x9)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x7e)

2.32455271s ago: executing program 0 (id=1226):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f00000000c0)={0x5, 0x10, 0x0, 0x0, 0x10001, 0x3, 0x8, 0x3, <r3=>0x0}, &(0x7f0000000100)=0x20)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900"], 0xc4}}, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000200)={<r5=>0x0, 0x20, &(0x7f00000001c0)=[@in={0x2, 0x4e22, @remote}, @in={0x2, 0x4e22, @loopback}]}, &(0x7f0000000240)=0x10)
getsockopt$inet_sctp6_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f00000002c0)={r3, 0x10, 0x4, 0x914f, 0xc, 0x4, 0x9170, 0x7, {r5, @in={{0x2, 0x4e20, @broadcast}}, 0x619, 0x1, 0xb9a9, 0xf, 0x1}}, &(0x7f0000000380)=0xb0)
bind$inet(r1, &(0x7f00000003c0)={0x2, 0x4e20, @private=0xa010100}, 0x29)
r6 = syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r6, 0x13)
tkill(r6, 0x12)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = socket$inet(0xa, 0x801, 0x84)
setsockopt$inet_MCAST_MSFILTER(r8, 0x0, 0x30, &(0x7f0000000080)=ANY=[@ANYBLOB="0bf100000000000002004e21ac1414300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000002004e23"], 0x190)
r9 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r9, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r10=>0x0}, &(0x7f0000cab000)=0xc)
setgroups(0x1, &(0x7f00000001c0)=[r10])
setregid(0xffffffffffffffff, r10)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005240)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000400)="9ac5426b25748763a0439e83e0c8ccb6d08b74294635f3b1e88c957b5bd4e6f70297df251a5b66904b785d32def1b277f1526c6c2675a42fe046751885dea8b1aa1320408e61204819ae18622016a3a3bb85c11c506af733471f3943d44f8b196a5ced8f67e60d9e971b1435bc6795e0060e683f05f77abc1d383cfcb48e7727c67b15e8d27f3262a44507f1747908c9edecf3c4a02a13b66d4b8bc5288275658d6fe9d43243fcb4cfc6a5d99d675b0d", 0xb0}, {&(0x7f00000005c0)="421bb02be35788791f7a489dd3aa5f8c42ca766d2a50c6c8e2718c70fa669926ca5ea4082d9f2639ffe9b63cc2ee9a483d934dfa5e339b074ca645280e14faf204f9a52e1ef19072a47fe6033f1e304f3d161a75dd9eb4ecc67443feb9c93d38edc5ec754644d840f62a7b0497e121bb97301320ac19300744bf3e4e8d02e51479c9b50b6afdf817c747f2c88450aa5438db1f3b", 0x94}, {&(0x7f0000000680)="92e34f4df1d0972b6006f009554da403d0a3955c5a02d35ba13747bc27d2df824e8ce7da2d39dab62499bc779a9c5ad7f7b42f072e9d8fed297a75ce79a6b6938d6914177dcbc5ac9e91235815a9f61129af1656337a200274edfe4202df887029ad164cc6b94082a5cf1f6d238fac6cd76e73d3de41e842b20b70b6b6c8b2dea5d978c14c7b5afa21c6e8633398388afc03ffa23001601044225d5600662a8435ac4881ccb984d1b4ae56ec75", 0xad}, {&(0x7f0000000740)="b239b2ffd76063ba17e937d62478df576e7c041f93fc101d288d332ddbae0341fd9f41ac08901f27c09290f5b7ed3fb28afd9d1ae6973b699f31377a5403a100a4572d924412f65788cee3f2b755fbd66fdb3e64e2a057116eff942d24c8a1e41e784794fd8b95d997857b786cf690", 0x6f}], 0x4, 0x0, 0x0, 0x8010}}, {{&(0x7f00000007c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000a40)=[{&(0x7f0000000840)="0ad5a6e27f1feffc5a4fef19fd5aed2cab1247bcc827dfe6ec2df244a02f580e744ac5b9f9ef00e21fc557f5754affc2b3fefca16631162e110db62c0bbaabc1a194d508b3e4505182b702eb72d301eedb5968f0e813f66fe3f4461bc5d7de407b717d076c1eee54d4e54d700c6eb2b54a5e2fbee65a286ea5e7f153a144eb0e494fa00e0d595ff8fc329a62ba7c015976e9c5a2f23e5c9d60f204a0572b75cb236f2bb2a76f2a46f21e369923571479b273b4d9ddd431", 0xb7}, {&(0x7f0000000900)="7f31d9889fa84c4a9d56a0590de85b81741110a9e66d7aefc242a301d1a74e841a0a0bc27d8daa92bc464dc7c9cdc75d72f1", 0x32}, {&(0x7f0000000940)="d139b12c70f8f44c49e0b4fc8ce7874066b9bde8af5bd414e533a5f4008d05df2c7f51c76e66d0c94335356f2b1ff1077f0ffa5f398d60533feddc364891453228b20aa71fbccd4aa11966827ec855cc4d4e9bd829db40e83ac7ce8451c96692a275d19c03a543d27acbf7867c9228668e57ef71e5bcaebf9500074c5bc5bbe907ef91c7b0818d216342d327505095dedc6361aaf57727ddce3ec45515e24db1c37cbc237e4ff59b12036de8502a6c5aa632efaa121d4d397d644855373990b571ce22125cb407806f694f7537004d", 0xcf}], 0x3, &(0x7f0000000a80)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r6, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r6, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000020000000000000000100000001000000fa89f812d91c389cea36d9dfdb4aed2c9a3f4e46596060b44c6c800fc367d19fa990d16d904d39a1473d216e49e47bf2b29496811969466fd618ded1bb93aeb6760ac6ebd2dd3aedc8ecafd977f3e0787ab85713b126a8e7b3cd3bda31e3c2a0c55eaadb4746185d2a1b85aa529105da0809", @ANYRES32, @ANYRES32, @ANYRES32=r8, @ANYRES32=r8, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0x80, 0x4001}}, {{&(0x7f0000000e80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001480)=[{&(0x7f0000000f00)="dec87344e88e3501fb48687d6545128fa6a4cc51321ca00263d703dbbad649a74ae4dee94b643dc4bd3c960f55d77b9121a44283b337ec4d3307", 0x3a}, {&(0x7f0000000f40)="f3480732d7cbaa5ea0d8e5c87eed519d40272372a18ea56798d85cbd3cd7fe8a41be4dd380cdb725d94fb86156c43bf47e53874e87cbde3b3f5b69b90128761d452497fe908c87edebd6910f968a281229d5b803bff1e349099d1944df08a620e7743c9e855e05fa795cd99e7c16b2dc2388a2fc7c9ad7122dee7ab4bd652d0be71913c30a54680798b5f33983ab15eb678da3a50c7ec7cf3fcb73b5438ed8f5205a727e5dd680f67c050cd29046a5911407c01442", 0xb5}, {&(0x7f0000001000)="b0d6bdf744", 0x5}, {&(0x7f0000001180)="0e5a340bfdfcd322aec30efc4954f4ed9ded3ac4177a0ba444b252545deed21210ab8e57134dc3c35807c5761fbdae80c71a8aa60719b5ce46df8e68111d6ffb11b7417ad5152a84bca2e2063809eec74cdba9af581e4d4f70aa6a71a9411ca93362a54dabba0445cdcd8c35594c2745a183af525c2e4fe7ddbe5e0a0913097eaadfc04a795e05589e4c73485162fd7aa8e79f60a02c07107a2142154e8684f8aa865a3920c16b37287785bc77706d2ca4551074a31cc4e15439e94d3ae356833605e0df64f8a1ad80250673c274bb4a24367bc6e58a6eafba063fa838610e0ea5b3cfea9e9a7ad54864bbf64523909a21fc3e", 0xf3}, {&(0x7f0000001040)="364cce480752d2b7778f520ee5ec7a98cce23e7b791f66a100d0748dfb1b7ebbf6b605bec92fafa4f3fa5b554276e2c99888d14522c3ddebc22923ed", 0x3c}, {&(0x7f0000001280)="91020d55f67a433260cb215628d338364ccce9f4604fe9098558e5436e681af0c08f761b4ee062c34ef31f0286b972229d06db8471a5b3da27a661bbc2084a1afcec20e6d03063383406fd8e48cd94314679b325a17b9aa11968e0fa3c01658dfd113c45ec7f7b73d517f0c3b019762b4b8aa7e860eac0029f23c420cef9fbc7c629040f8535c29375fbaeebf22891425a419d300c9a3f1175d7d4d7be5468aa4334e009eade089c3992006fbc340c526d7759854c16d532617437e45db78edb82e4837261a89afeec43780e5e9ac336b937b0a8a8e6836884949a17f40a628752abf9d0b830368494ade8e988510570e7c38f6cf8f7", 0xf6}, {&(0x7f0000001380)="8f5b88fefa4ff5a998d85444fb6652b5e1e283956b0b2177887e1362c90b89d7f2df28163c15b989527dbfb15794160a79663f787a6516c3e23d392a4b2ab6b73c910c3c4ad1ec2e414a8ed6c603a2ac39b60d4a1a1c98ddc04428ac474f21e6b4ce1818efd4ade615c093b40a8db810147a983cb6d67ab882cede28f2b785629d63cb6d5f7295789afb5253d193011f495726c61ca4b5cb0cf6d19bba8f0ebbba9d329b4485bf91421f5c8f17a4521af482b49708cec7b09cd32c7d32306b99b43be70e", 0xc4}, {&(0x7f0000001080)}], 0x8, &(0x7f00000015c0)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r7, r0, r2, r7, r4, r1]}}, @cred={{0x1c, 0x1, 0x2, {r6}}}], 0x50, 0x1}}, {{&(0x7f0000001640)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000001b80)=[{&(0x7f00000016c0)="84c431308eb80961f6b7fa7140670cdda68fd1ff334ba699f74fe0458ac31c82f2ff97de9bee8df5bb9c8dc3af26b18ed8a87a2c51478dcdcf4e970bb7408d1a7f6bf32bb788392402abb0fd3bbc7916585337ae136eb903a7330fd6cda3582488dc37c4c774edc651312b037d11a4c1f89817cad2d23efdb4df040130b836ff8470b6206d0574c04125985db1a9dac80630a24cb63fdeb95b91794a", 0x9c}, {&(0x7f0000001780)="c8851be1e5570b99b65a146aa6049eb9b82b820d0e65baf0d9096ab94685dbff68c839d6ab", 0x25}, {&(0x7f00000017c0)="90cf7a2241210a4581fd35ead79aeaf0901016c746ad3886367fbb9bf3908d82b440d4350f2af35c59b2397fb0bfd0d121e4b01006ab3a1b2c600ace557c1d95fdc0626d88835fdf92d03d1da1d9d1781ba7e292be9993a08c8648e6fe12a9873d69a713027e3ad0551e97f81425b5af38fe1ddadc2b5c9dd2a7234af5962cd2a3da4ff73ce7fdf07056a0b9b5209aba47686506", 0x94}, {&(0x7f0000001880)="7f9c5cd2db4ec94d084902d2f1ead4ebc04a7b0c9dcaef87420699", 0x1b}, {&(0x7f00000018c0)="8513b8e0fd62c411af60573be07671adefaef1398912c44764b67ee73067a8d7a8ab1e94f83df78c194d818d94b2f5237001295b13ac5029a2ec421031c3df6e9cc138b401e0809cbee6931017fc73cca0896ac57811b2788475040dffe09a8a37ec73e49e0f0683a974b7b1485be561596ff30694a7f6b8c90c444d1f7485928ecb7ba5421ae16b4c0e8d6a1e4a482f9f5d759cca3c625901783e8a49972d6762004c763d766215a1", 0xa9}, {&(0x7f0000001980)="e02cbebe1d97e593aef9341b3bad15756f930ed3657814262857a6d699c0da02c958478cd5193a0bd81960a8b1c41756bfdb1ffab3139a743588d0486e2afbb1fe63d7477e1ef9262b", 0x49}, {&(0x7f0000001a00)="996fe60098e2177badf16eb34a12ea", 0xf}, {&(0x7f0000001a40)="7dfda22727f3d037a19089788f16583d2d268a778128ed7dc971a57c3d7bcf9dda8093e165e39422c277e82fec0afad35028c1a388c2c7c925b2374b70179e8fb294415cc65d7f4182314d18aa526efce347ef1bfda485d788ef362f32207ef9354533983e4b3312b57914415cbcc3872e1342c1a6884d7f387922768c", 0x7d}, {&(0x7f0000001ac0)="c29f628a1a89314883a7274f2847253ce896d5d791ce0b9fc63dd6a1e8d50b95090e056bd94f72a78149ac284dfdff91509560a8726bf7a4ce654f4aecc5a8be625649a5a239c7c2d1c65fa80765a76be1bfb3d95ef3c6f0469a15a76fdcc547c2d8b8", 0x63}, {&(0x7f0000001b40)}], 0xa, &(0x7f0000001cc0)=[@rights={{0x34, 0x1, 0x1, [r2, r1, r2, r2, r1, r2, r8, r4, r8]}}, @cred={{0x1c, 0x1, 0x2, {r6}}}, @rights={{0x20, 0x1, 0x1, [r0, r2, 0xffffffffffffffff, r2]}}, @rights={{0x1c, 0x1, 0x1, [r2, r1, r0]}}], 0x98, 0x40004}}, {{&(0x7f0000001d80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002340)=[{&(0x7f0000001e00)="ec478efbd1b4f21fd015687c40b1780f4fc9e2a834e91de7e58d47c393fc19b0e62cf8fe6dd9d0416ccac3c69adda08a377f83bf5c126933150054e7f4e7ead79b5acdc6c497cd4d7975368fa4440c3b1d6bfbb2bd6f9b05be4602529ad0aeed086fb1211c10ba2f3b64a5ca61e34d9fdfab6af555a85b9dd2c648", 0x7b}, {&(0x7f0000001e80)="bb16c54559c64a2eca48209ee05dfc329992dce7d61b5b8f3ff07fa29cec4cb1644af8b05ad1de1e4d6cd783e678030cc36fa02709428f05b8390c140dbe715d1cfc4811ab69bfb59de585f1d53f1d96d38757cac7926247ac73b12b4d36576dc08fa127878b0fe178511618b7d71e044e49e84b8153e52dd5eb454cac906fbdcac751c833f44665093a6bafbe7ea5", 0x8f}, {&(0x7f0000001f40)="fa22396f9dd15264e2a81aa0e1210f2b6e5500b1a76ee1519463ea177b81b01677a3d0760a1d0e871459e135717ab7bc5774c45496738d0c803797efc97de88f1a34ca55c069cb2589e0a168784c7527df5717ce4574acbd0d1a5a5fd3dc2cfd2def0b0a834119e75f92db5c1d7c0bb15f75f1be27275c188da63c10b086513d50998850594662c8faa7250a3954c27efa7aa4ed347df1f210d84b547c1fa53e76bb681834401682fc65c500cd9dd6f35430fb689021ee2f40ce6c6bcccb37fdf0a12ae3b33a9c001ab780ae2bfb951f9498b50d643012018e14437d9fc49b7a0d5663a7c7d55841008fcca1fd32ab1a2e", 0xf1}, {&(0x7f0000002040)="5d3c9d1baa7192fca0b047c3a300556dd8075ca299e8a737be", 0x19}, {&(0x7f0000002080)="09720f5e55f1ef16b980797686d9da7c5687f03ee5a39e6e86437bad0e7fb95de1863cb517effd691ac26dcea6bbf429b897cfa375709aba2727ebe1b8eff9d4d7a82f9b0ab3899b3af25de11af15bc4f1c2ff4cb8635c914a55dded5bed8d132a25ed78e4538385b22258763abd074331e2354dd0915a7219e28d31f89b5eed971e5f4ce82693dc3e3037c94e458fe0e9f52d625dd082af38122ae5252b0d", 0x9f}, {&(0x7f0000002140)="dd8528ef7052e6a22f26e41a3cb59ebf255011ebbfc0f689e07cfa87e1fd424a6774127d83bd9efa", 0x28}, {&(0x7f0000002180)="c58e72066bb4119da32091a42b008f2f030e932b672842c5154230c5e607cfadc1a14b42380a1a1f1676a92fb7300359bcac90d44e6a142376ede2936f28c4cd9190236ad00571a60164a14107b6d0e346697ba3de13ff1f5ef4b4873d1a9ab25dc8a2a963da22e3ecdb42b5c753dc8b718246f2eb8b15097eab0569e5a6901e1ee1f3f61017cd6d5d176b4455923f02291cca19f273a7ba99b5f1f5356c596f0c0304b6fb9cf796f3db97de9358caf1f1795eb8f537cbc15d9edaa9b0d257aee02a7921617420b5b34c1dbde099b016c36d6f3700c473d60a8e90c99271fec2", 0xe0}, {&(0x7f0000002280)="9db93260c741d6d0e4c2fe4da3efcc9c2a8f7d4d776d044d66329990034cc43296ca9bc1ba75467e64c4054ed1a34389ecab58e98e8e96316aef80", 0x3b}], 0x8, &(0x7f00000044c0)=[@cred={{0x1c, 0x1, 0x2, {r6, 0xffffffffffffffff}}}, @rights={{0x18, 0x1, 0x1, [r8, r2]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r6}}}, @rights={{0x14, 0x1, 0x1, [r4]}}], 0x90, 0x800}}, {{0x0, 0x0, &(0x7f00000047c0)=[{&(0x7f0000004580)="450dfea91668967defb2adea7539bcbcaac00debef4c3979a6fb0e270f9759fab39e83ea164cea3c34f0a78f54cf9dfb4635290f", 0x34}, {&(0x7f00000045c0)="c58a5a67687c7c8f2ebd052017ddb6cfe879c7c0b83ef100ca03aacb57e4982f08d41a66685c8f5ac099b1e153db247b37cd4d", 0x33}, {&(0x7f0000004600)="39e0fb3afb7218eaf2c1e1d679c693457cd72e13aab6b63441175fb394331513f7fe8e95d0799bb967688d59a1a6819c798b9e403366f4d3cc53e591e3519f0890e55bbf2b7b2a06a81d68a48045645a73472b93ad191544b7fc0b14553ba482d541cb66837df6cd581014ebb98e273d972f57069b0f1bd2a85077ffbab673295c1ffebc63989d429281309f4c3ccce7a52ef27c354844c032c4a64910de8ddb045d3e092aa69cc9fd82b07a1db407edf53acd4aa43b7a688675b329152b913ed3efc80fa14059698cab6550a27f2bc4fc037c21cfd4096105d2387b52031fa6d82d", 0xe2}, {&(0x7f0000004700)="33eeb90a1acb2b4ddc4bcef34ce38567d219b130f74468e2fed043fa58feb1a1d4f2b80111618d54d28e9878fba9660e47fcdb9e8ef512530b8876e16e0b946d3445122ff2d323a98895baaac739e5d9ef02f50dbb23ed866d74858a754f49237e037b7e5fa048722fabc17a2bd13eeca15ef3598b988e5de1db3cb4512665e3", 0x80}, {&(0x7f0000004780)="5a57479211303c9f", 0x8}], 0x5, 0x0, 0x0, 0x10}}, {{&(0x7f0000004840)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f0000004cc0)=[{&(0x7f00000048c0)="6170b281208f76bcb0a6cab322c542a0d46aa6b43a7249d82bdf31eb4e11e81b5f59019455134dda701def93b19a293dc4bf66e5415ccaebfdbf5c19c86d17", 0x3f}, {&(0x7f0000004900)="f16318fee379893b0b4effe41d752b32a4f1b647970f6ad818d4e76021b1419d55acecc978100d72bfa22a4a564f870a7ed93852848ab0f6a49253c265eaaa9d3f77090e689cf40c9d358cea3ea33e455135e3265d357442de8f1e79ca0f64185079bb870506102c10b48411fbe1176c9be362c686bb74cbe4b131d49b25158f3e54eec903e04a0e012b765a27f6b62deeb94f11e4a17566ccb1058b51b43a621155f1265713e265d11b9aed0b", 0xad}, {&(0x7f00000049c0)="dcc62644349ed85ad092de", 0xb}, {&(0x7f0000004a00)="9b36b78c230cb39ede", 0x9}, {&(0x7f0000004a40)="4ce86b0a25f3540321281f5c1770d145dd286e5f0878eaec1995e59004bf8d4a0093c9e42774ae3c38d8e88fa6d6a06c897ef23952b078f40c7ef4f943045a6c359b15678a3e68a8d7425b0277459fa4", 0x50}, {&(0x7f0000004ac0)="9ea6cb7ee1bd9dedc602e70d6118a792e6588aae333ac7cdd64f169d653ff448d900022732e12547bf57fa9bdf0dbb48db9dd4b36b0848e1576403adde8ef576ea098fe7d161a82361b29611b2997f7e9d47df6b5398625f32b7b4ad44a33e1c16ac43ba772e30b9d39ffa32b7cae20492697e723c2432", 0x77}, {&(0x7f0000004b40)="fcb0d51d2f5c38574381c048e88ae04bdb7414aee02adfaa4db51cdd6708c51f76d20561ac1dfef3dcb4645be1effbd7be33bf94d46deb2c88bd2500a99629ee28574654c766cbab6d6583afe2a34b2d565c73a4d082f9f797d6cbc8554937b769a2461508ed212bb985df79d823ad8fbf194735298ccf4f3752e82e1fbee88d2d5c6f0becda77d83cc089374eff0ca942f8c1692ee14b094c7fb853077619a534d25c7300c3f240591e044787a23ef43faa4eff68310c9866e8698fab11457eb314644c24ce87898f37cc6aecc16a936f52acc3ab6ba21cae809e18f8b78e", 0xdf}, {&(0x7f0000004c40)="f812bb31bf3a9c8c571c11736da57657d78efa8da4212a1df2cab3ba6ac9438d867930ccae2fa9f57c4a8cceb8687c313cbf5bd39a7ea97865e7a51eff22296b928d78f08ff8fac671a4e26d18f22f2b57175d8e356b8ec0162ae29d64c6bc6f649330fa827b6bddacef", 0x6a}], 0x8, &(0x7f0000004d40)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r6, @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32=r1, @ANYRES32=r8, @ANYRES32, @ANYRES32=r7, @ANYRES32=r7, @ANYRES32=r1, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r6, @ANYRES32=0x0, @ANYRES32=r10, @ANYBLOB="06000004"], 0x68, 0x10}}, {{&(0x7f0000004dc0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000005180)=[{&(0x7f0000004e40)="c5f1a7cb677cb6fe8f4f571c30f50d6798b52d22c54de3acd105a75470360e318b70de2ddac193d5ab159cd300c977245d555775b7f95f6d16a1bd8c7d72ff439e0201b918b948cd", 0x48}, {&(0x7f0000004ec0)="26103a2f9edb2ebb6deb0ea255cdb01d526c184aed87c5d1885b32a632c7881412c6869846a27938638197b89de451fb5c08b13348286108c9e28550347a8e47828800013a3a941faddc1bd24723459024a96ab3c40c29d8fe90e3e3b641ff3b76aac1c10f114ab4a4e29d77c36bdc098c9013565e8dfcadd0e487f1473cbbbe4ee2ecf8399a78fa441d39485be1bd1aebe0cbe577", 0x95}, {&(0x7f0000004f80)="67613041834c1717b416e2f4bcdc7dba12903bebb0dce843a086cddf5a5bb4b8ed39f88cb10b5833434d2a32ef02174c85b1856fe95853185e6e5a289713e56a2e4bfe0e66bb70b5350203000c71bf1a5f4d39eb701740a5797ed1c4724966d5deca960696df1531811801934b38dabadf2f5eb698fc97bce4f20d3b2b641fb61c6a56ed7de90b88feaf6c7837a575f70eb914d7beec389828f61d782baadc1c48a37bc302e7bcc5392af9996749942fea55254b80dcb555807f2afd", 0xbc}, {&(0x7f0000005040)="c69aa900d9a1766372c4268a7dea926a23adc5cc14c454e5f8c616e2d7c8a817681a84b2bab69e57812fc8a4adc8e86dccaed9ebc0e37ab87f3d77d33d4e7428b3d34e", 0x43}, {&(0x7f00000050c0)="faf26ae0eeed41fa573787ed7462cc311f69696da26fcf88302448f1314da0d06b413861fc0b63be27", 0x29}, {&(0x7f0000005100)="c65b70a50ca16d91104a0f5f5195100dbf9ad4ae07659dcefb5e40f61b7770650ad2977f65432dbcbcd91de54ee3152affc65469b0b4f4214258533a084d4a9736426e643c475df773c0ccfbc8eed9492e867be68e09ff549a1f30017848cb", 0x5f}], 0x6, &(0x7f0000005200), 0x0, 0x40}}], 0x8, 0x4008000)
sendmsg$NFT_BATCH(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000010900010073797a310000000054000000030a01040000000000000000010000000900030073797a31000000000900010073797a310000000028000480080001"], 0xc4}, 0x1, 0x0, 0x0, 0x20004000}, 0x24000010)
syz_emit_ethernet(0x86, &(0x7f00000010c0)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x4, 0x0, 0x0, @broadcast=0x1000000, {0x17, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @private=0x4000, @empty, {[@timestamp_addr={0x44, 0xc, 0x2, 0x1, 0x5, [{@remote, 0x4e20fffc}]}, @timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@multicast1}, {}, {@remote}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@empty, 0x800}, {@multicast2}, {@dev, 0x4}]}]}}}}}}}, 0x0)
r11 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r11, 0x29, 0x20, &(0x7f0000000280)={@mcast2, 0x800, 0x0, 0x103, 0x1}, 0x20)
ioperm(0x0, 0x0, 0x7)
setsockopt$inet6_int(r11, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
sendmsg$inet6(r11, &(0x7f0000000140)={&(0x7f0000000080)={0xa, 0x4e26, 0x80000, @mcast2}, 0x1c, 0x0, 0x0, &(0x7f0000002300)=[@hopopts_2292={{0x18, 0x29, 0x36, {0x2b}}}, @hopopts={{0x18, 0x29, 0x3b, {0x85}}}], 0x30}, 0x810)
write(r0, &(0x7f0000000000)="3b000300010006", 0x7)

1.862028284s ago: executing program 1 (id=1227):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x900, &(0x7f0000000200)=@base={0x5, 0x1ff003, 0x81, 0xffff, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0xfffffffc, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

1.791930527s ago: executing program 2 (id=1228):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x4, 0x0, 0x400, 0x0, 0x30}, 0x9c)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a40)=@newtaction={0x32c, 0x30, 0x300, 0x71bd22, 0x25dfdbff, {}, [{0x4}, {0x314, 0x1, [@m_bpf={0xa4, 0x6, 0x0, 0x0, {{0x8}, {0x18, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x6}, @TCA_ACT_BPF_NAME={0xc, 0x6, './file0\x00'}]}, {0x66, 0x6, "bfb48d1c9cbd39c403490f71e7c26903a2429639badf09f7f1460a1a37776d69ba43d012403ff817b805f05e15fda7d5abfefd6f88a71220a3dc2a66604265b59ed90ce6980eda6d48215f2ed37642646c6855209b52b2022e8a84579e285da1af65"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2}}}}, @m_csum={0x140, 0x10, 0x0, 0x0, {{0x9}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x9, 0x6, 0x4, 0x6}, 0x32}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x800, 0x2, 0x8, 0xb, 0x7}, 0xe}}]}, {0xd9, 0x6, "51faf7335320ed7b354230acb137694145a70ec11e2f79535356bbabe75c1cf43e9599937f1222c821355d08c9296f647da3cee86f1d1307ada4d0439b9958f20eb60a1d09a36a8e8fe2b40dee67235407cc32d0443c90f719783f20e6af042b71dbe4822e96811047bc3dc33abb68997d8c395fcfde396685e34c9745023c01b8034c2a377139cd8f089779ee6e63205ae08445df2b7bc020bf93d087ce5855407ce1b50c7b8c9863ecdc8c8c115836bfc1cca102463d7fbd85dfbc9582fff4b7a15f5512df23731e9dd64cc418f9d0d8411afd63"}, {0xc}, {0xc, 0x8, {0x3, 0x2}}}}, @m_csum={0x4c, 0x19, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0xe215, 0x7fffffff, 0x5, 0x7, 0xd}, 0x70}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}, @m_ct={0xe0, 0x1b, 0x0, 0x0, {{0x7}, {0x4}, {0xb5, 0x6, "77b227832b90d1ff89f7a47093e4fcd6469c1b0a38a78e003c28c0247261b6866b44c2243e65a09e57be964fc0687b627bbda1f8bb6cacd9cf613adc84e00b323e932cbec11bfdac677d727e7547301900bdc7e317fc3b634794c43c0613b919323039d6099d9f9f41e0f9da2176ba0bb6dd198d0c2f84f876aceee9a631a5585232049c053fd7bbe1393ecb0aa735b3b1d360493f2ae18bbe6abade7594754d54413afc4df70a136895bf22a05abef0e8"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x2}}}}]}]}, 0x32c}, 0x1, 0x0, 0x0, 0x4000810}, 0x20040850)
r1 = socket(0x10, 0x803, 0x0)
sendto(r1, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x20008000, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0x80, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x64}, {&(0x7f0000000280)=""/80, 0x50}, {&(0x7f0000000fc0)=""/4080, 0xff0}, {&(0x7f00000000c0)=""/106, 0x6a}, {&(0x7f0000000980)=""/73, 0x49}, {&(0x7f0000000040)=""/77, 0x4d}, {&(0x7f00000007c0)=""/144, 0x90}, {&(0x7f00000001c0)=""/17, 0x11}], 0x8, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x0, &(0x7f0000003700)={0x0, 0x989680})
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r2 = syz_open_dev$cec(&(0x7f00000000c0), 0x0, 0x82002)
poll(&(0x7f0000000240)=[{r2, 0x5141}], 0x1, 0x4)
close(r0)

1.739917056s ago: executing program 5 (id=1229):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = io_uring_setup(0x355b, &(0x7f0000000140)={0x0, 0xe24b, 0x10, 0x5, 0x4000020})
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x80000000005, 0x100000001000087}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r4, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r5, 0x0, 0x0, 0x0, <r6=>0x0})
ioctl$IOMMU_HWPT_ALLOC$NONE(r4, 0x3b89, &(0x7f00000001c0)={0x28, 0x0, r6, r5, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000180)={0x28, 0x4, r5, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x7})
memfd_create(0x0, 0x6)
close_range(r1, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000500), r0)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, r7, 0x3, 0x0)
sendmsg$NFC_CMD_DISABLE_SE(r0, 0x0, 0x40000)
r8 = syz_open_dev$dri(0x0, 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r8, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r3, 0xc01064b5, &(0x7f00000000c0)={&(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0], 0x4})
ioctl$DRM_IOCTL_MODE_GETPLANE(r8, 0xc02064b6, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_SETPROPERTY(r3, 0xc01864ba, 0x0)
mount$9p_virtio(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0xb404e9, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=virtio,loose,uname=*%,access=user,fscache,access=any,uid<', @ANYRESDEC=0x0, @ANYBLOB=',y'])

1.617506168s ago: executing program 1 (id=1230):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000280)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
waitid$P_PIDFD(0x3, 0xffffffffffffffff, 0x0, 0x8, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
epoll_create(0x5)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000006c0)=ANY=[@ANYBLOB="0500000001000000080000000800000042000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000be366a922659f223dc55b2efd8c63134fbc722e4a988c851b415ffbda1296d99e045a2237b630ab2ce9441b60a0ac8da44db9d33cf13dc3aa07a875179fb7fe8e590e7e1723ccc301e3adf9de41eef9309dead9217bfd0f009fd8a07a80e76bec1b498fe44fb5d63722fc9f907e8b05d48b62ed125351d1b6548a9e6a79587a2758f4a2bd9cf097f84c6536dbfc9508bb28a99db51"], 0x48)
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2b, 0x0, 0x0)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0x2d}, 0x4e20, 0x3, 'wrr\x00', 0x1, 0x2, 0x6e}, 0x2c)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000aac020000060a0b040000000000000000020000003c020480380201800a0001006d6174636800000028020280080002400000000114020300d67a8527f76ec1d39e537c4c3060c6a405106c72848aa8bcb429b3a20d532452032d5f166334739d1719a5778bd4f724ee4ca57f2527aeeb0c75755d68fc6fa55f4825682ee95e581039823e5963beedcf65b8b005623d90772b8b6ebd2498b0aff725a3eabb6c99cb2edfe10b9c33be8a971e08401bc0807e75a2ff376b7934473bc1f02bb512b77414daf260c9c7d4e1f0758b56ec5823892af310e6252fcfb1d9dbad362baa26f43f12f831fd221926d6536eeff641db46920ae0e48f3ff5de599714ba6510ce479d4116a519792281736f39c9fc0e10ef557392c43389271cebcf36543fcf6f83bf74b93ee4eb5e8c82e35bb4784cc1ed0ad291b16e8368487589f7590bf5896f340a36555a1cf69736da230a809176dbdfba3d47efb9a6932e5503d277532b7d4e6f7c7373a298e5843a9f74d5fd07fbc6ad22bc644ba9b3c94ec3c8f0b9321b16e5826b1f058f781760a5d4b6a8880202b41689139c37cd51f65a92d883f8901add03b650c9ec182fb565a4d657ebba9d6a5eb426b22d5933b72362e6ec327fb679aa8034b8b3b6680ad138be47652a3e77981187d2921cebfc1639aa280e3d38dba9b1af49ceded79c78a2d656b3a3e946e17e6257def6679f70f11aa01a2d906aecf4dbc7d1a332a8932ed719ce7eecb5450f494f944b3f6b637502ddba609c6e45dcfad1db7c7dda3e2c8d5ddcf27132985442e9b8df16f96c82e72e3e2491856d07756b9f08000100627066000900010073797a30000000000900020073797a3200000000440005800800024000000002080001"], 0x2d4}}, 0x4048010)
setsockopt$IP_VS_SO_SET_ADDDEST(r4, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010101, 0x4e21, 0x3, 'lc\x00', 0x7, 0x5, 0x77}, {@remote, 0x4e23, 0x1, 0xcd, 0x12d5f, 0x3}}, 0x44)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000740), 0xff67)
sendfile(r7, 0xffffffffffffffff, &(0x7f0000000040), 0xffff)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x8)
lseek(0xffffffffffffffff, 0x0, 0x4)

1.614707779s ago: executing program 0 (id=1231):
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x2, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="a00000000001050500000000000000000a000005440002802c00018014000300ff01000000000000000000000000000114000400ff0200000000000000000000000000010c000280050001000000000006000340000000003c0001800c00028005000100000000002c00018014000300ff0200000000000000000000000000011400040020010000000000000040fb0000000001080007400000000004000680"], 0xa0}}, 0x0)

1.312684409s ago: executing program 2 (id=1232):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
connect$inet6(r0, 0x0, 0x0) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000002180)={0x0, &(0x7f0000000380)})
ioprio_set$uid(0x0, 0x0, 0x6000) (async)
r1 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r1, 0x402, 0x8000003d) (async)
r2 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r2, 0x402, 0x8000003d) (async)
r3 = open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x36)
close_range(r1, r2, 0x0) (async)
r4 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1a34, 0x802, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0xf, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x1000, 0x6, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xd, 0x2}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0) (async)
r5 = syz_usb_connect$hid(0x5, 0x3f, &(0x7f0000000040)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x10, 0x56a, 0x9a, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x5, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0xf7, 0x2, 0x3, 0x1, 0x2, 0x2, {0x9, 0x21, 0x3, 0x7, 0x1, {0x22, 0x358}}, {{{0x9, 0x5, 0x81, 0x3, 0x430, 0x3, 0x8, 0xd}}, [{{0x9, 0x5, 0x2, 0x3, 0x840, 0x4, 0x5, 0x2}}]}}}]}}]}}, &(0x7f00000001c0)={0xa, &(0x7f00000000c0)={0xa, 0x6, 0x201, 0x5, 0xe, 0x8, 0x60, 0xf}, 0x19, &(0x7f00000002c0)=ANY=[@ANYBLOB="050f190001141004052b2b916ed0821188171488a2927b0049c407b8f23fc72854c8f5c6c0d919bd3c4af0aa01f63086272cc58fdfb665ad71a25be8faadef2b9fb2a0c47d46c53141af2137f4719d8e5ef732cdcdd8cd53da67d89dc0fc36a3557cd258a90aba8459ccf11d0dc519094d03f8b7"], 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x180a}}]})
syz_usb_control_io$hid(r4, &(0x7f0000000100)={0x24, 0x0, 0x0, &(0x7f0000000240)=ANY=[@ANYRESDEC=r5], 0x0}, 0x0)

130.442248ms ago: executing program 0 (id=1233):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd5e, 0x240000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
write$char_usb(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@newtaction={0x64, 0x30, 0x1, 0x0, 0xfffffffd, {}, [{0x50, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x40, 0x8, 0x20000000, 0x1ff, 0x8}, 0x41}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x81}, 0x0)
r2 = socket$rxrpc(0x21, 0x2, 0x4)
setsockopt$RXRPC_SECURITY_KEY(r2, 0x110, 0x1, &(0x7f0000000240)='[-$*\x00', 0x5)
pipe2$9p(0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x42, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
clock_adjtime(0x0, &(0x7f0000000480)={0xd54, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000})

36.86309ms ago: executing program 1 (id=1234):
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x60042, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', 0x0, 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
write$P9_RSTATu(r0, &(0x7f00000005c0)={0x54c, 0x7d, 0x4002, {{0x500, 0x1f8, 0xfffd, 0x40, {0x0, 0x0, 0x2}, 0x0, 0x1, 0xc, 0x0, 0x10f, '\x04nodZ=\xbfd`\xd2\xc2\x97D,\x027\xfcb%\xff\xff\xff\x80\x05\x00\x00\x00\x00\x00\x00\xff\x03\xff\x92\xe9\x16\x00\x05\x00\x00\x00,\x93\xcb=\xb6\xc21\xd1\x19\xaa\xa1ou\xc5\x8f\xa6\x88\x9f\xf3\xc8\xf7\xab\xc6\x1bY\xa1\xd2o\fJ\xf8\xe2\x93\xd3\xf8l\xcd\xc6o\xf5{\xe9\x00\x00\x00\x00\x00\x00\x00\x03\xd5\x89-\x8e\xfe\xbb\x9e\x05\xac\nk\xc5)`z\xc6\x8a8\x13\xaf\xe7\x9e\x85cj\xfdl]\x15\xb2\xae\xbb\xb7\xee;\x1e\xae\x8a\x7f\xbe.\x85\x88s\x14\xcb\xec\xf0\xa1\xa5\x124z\x8c\x15\xb3 \xd1\xe1\xc0\x10Uz\xaaw\x16^Q`208^|\'\x01\x00\xacB3\x00D\xa9\b=\xe5\xbe\xd8\xe0\xbd(h\"\x94\xf68\xc3\x8e%uj\xb0\xb0\x7fe\xdb\xd6$\xee\x95_}\xa7\x8e\xe1\x96I7?0\xe3\xf7\xb9d\xf0\xa2f\xc3\xac\x9ePwS\xa3\xc4\x03\xc8{\xf1Jv\x87%\x91h\xb4[\xbdz\x1f\xd8`\x0e\xa1.\x00\xdb\xfeL\x1a\xfe\xea\xaf\x9d{\xb4\xa7Z\x1c\x82\x18\x93\xf7\xf4|<Pq\x8c\xc3', 0x2b, 'p\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x06\xb4\x94\xe1', 0x35, '\xcf`7-a\xcc\xea\xb8\xc8\x86A\xeb\x93\xb4\xcc\xf6\x00*\xb8{\xfc\x01\'\x96\t?h0\\M\" \x83~\x01\b\xe2\xe7HP\x1cQHK\xa0/\x10\x9c\xaa\xf9\x15\t\xa2', 0x56, '\xf8\xf6i\xfbqk\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x15\xbe6\xf4\xfd\x1aL\xdb\x80\xe8\xd4\a\x00\x00\x007\x00C'}, 0x33f, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\fA\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaau\xf8$k\xccB\xea\xa8\xc61\xc0\xc5\x00\x95\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy\xa6\x91\xb6\xf8\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xcda\xb0\xd7#\x85\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x033\xa8\x82F}+1\xaa\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xc0\xfbNL\x90W\np\x04\x9f9\x9f\a\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xdd\x1aA\xdd=\xe3\x04\xbd|~\xd0\x81\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xc2\x00\x00\x000\xe4\xee+\xfc\x7f\x80P\x85\x11C\xe5\x16\x1a\xcdG\x15\n\xcb\xaft8\"\xdf\xe2\x03\xb1\b\xd3~\x91M\xc1\xe5>#LP\x9e\xcaA\a\xa1q,\xaa\x9d\xa5=\x05\x1c6\x88Ly\x18&a\xf3\xca6\xbc\xdb\xfb\xbd&q\t\xf81\x11\x03\x06U\xf5biO\x03\x00=\x19B\x1bJ\x19\xef\x8b\x8bL\xe9\xc9\x93\xc7\xd6\xcb0\fNezNP\xa3[\\\xc1k\x8c\x16\x1a\x8e=\xf9\x03k\xbc\xf2\x8a\xdc\xd1\x9alL)\x17\t\xae\xe5\xab>[\xc5\xae)\xf4u\xe4\xd2D\b\xb5\x16}\x0f\xaf_\xc1Vkp\\\x8b`\xaf\xa8\xac\xa4/~\x04i\x18\x8a\x0e\xf0b\xca\x18\xe3\x8f\x9e\xe1\n\xc7}+~\xb9\xd6\x0e\xa7\x9f\xdbUd\x11H[\x1b\x13\xdb\xb8\xa2\xa6b.\xbc\xf8Lio\xa4\xda!\xba\xd22\r\rh\xe9\xbfCF\xf0ha\x19\xa3\x9e@\x03\x95\xc8\xf2\x82^\xa0i\xae\x0e\x14;\xd1\xa4Ay\xedlTp,^\x9a\x19\xcc\x7f\xfaP\x0f\xa4\x1bl\x80I\xbd\xe4X\'\xd5N\xc9\x01\xd2z\xd1%\x05h\x89\xb33k?\x06\x83\x8c[fz\xe2.\xfe;\xc1[\x82_\x7f\xbc\xe4\x80\'(\x1c\xf9\xfe\x8f\xc2\x1f\xc7|$=\xe2g\x051\x0e\xb8\x1c\xf7M\xe0)1\x92\xa1?j\xd0W\xdea\xfd\x8a\xba\x8e\xf4C\x9b\xc0jE\xb2\xb01bQZ#C:\xfe\xb5*\xed\xb5\xabo3FS8\x05\x15\xf7y\xf3]\xc8\xa7\x8c7w$\x92\xa2(L!\xd2\x13V\xd4s\xf0\x0f\x85\x13|{\xf0cou}5\x1a\x86\x9b?\x00w5\xcf\xf8\\\x9d\x97\x8b\xf5]\xcc&\xd6-%\xe3\b\xf0\x88\'\xa9\x1f\xf4{\xec\x92\xf8\xe9\x1ey\bfT\x00\xaaN9\xb3Y\x86#\x9d\\{\x94\x92\b\xbb&\xbcU\xb5[I\xedpHnn}\xa3\x8c \x84P\xf9\xf7\x9e\x1bA\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0f\b\rxi\x19\xca\x8bg\x80\xe2\xbf\xb5\x03\xb4\xe6\xd8\xfaF\x8a\x90\xd3m6\xb8={\xe6\xa6\x8d\x80A\xc2\xef\x14\x87\xb2C\xe2\x85=g`\xaf\xef\xde\x9c\xe1\xb1W\v\x93[\n>\xa4\'\xfc\x81S\x99\x0eu\x98\xa4\xc8,)\x87\xf7\x9a\x17\x15c', 0xffffffffffffffff, 0xee01}}, 0x54c)

0s ago: executing program 5 (id=1235):
r0 = syz_socket_connect_nvme_tcp() (fail_nth: 18)
close(r0)

kernel console output (not intermixed with test programs):

8 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  335.867325][ T9044] RSP: 002b:00007f8c62493038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  335.867343][ T9044] RAX: ffffffffffffffda RBX: 00007f8c617b5fa0 RCX: 00007f8c6158e929
[  335.867356][ T9044] RDX: 0000200000000000 RSI: 00000000c0386106 RDI: 0000000000000003
[  335.867367][ T9044] RBP: 00007f8c62493090 R08: 0000000000000000 R09: 0000000000000000
[  335.867378][ T9044] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  335.867388][ T9044] R13: 0000000000000000 R14: 00007f8c617b5fa0 R15: 00007fffbe6794a8
[  335.867415][ T9044]  </TASK>
[  336.112440][ T9044] ERROR: Out of memory at tomoyo_realpath_from_path.
[  336.138077][ T9046] 9pnet_fd: p9_fd_create_tcp (9046): problem connecting socket to 127.0.0.1
[  336.634062][ T5907] usb 2-1: New USB device found, idVendor=04b4, idProduct=8613, bcdDevice=95.8f
[  336.643268][ T5907] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  336.653524][ T5907] usb 2-1: Product: syz
[  336.667875][ T5907] usb 2-1: Manufacturer: syz
[  336.676664][ T5907] usb 2-1: SerialNumber: syz
[  336.693041][ T5907] usb 2-1: config 0 descriptor??
[  336.745283][ T5907] usbtest 2-1:0.0: FX2 device
[  336.758500][ T5907] usbtest 2-1:0.0: high-speed {control bulk-in bulk-out} tests (+alt)
[  336.867768][ T9064] FAULT_INJECTION: forcing a failure.
[  336.867768][ T9064] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  336.902225][ T9064] CPU: 1 UID: 0 PID: 9064 Comm: syz.2.877 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  336.902251][ T9064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  336.902262][ T9064] Call Trace:
[  336.902269][ T9064]  <TASK>
[  336.902277][ T9064]  dump_stack_lvl+0x189/0x250
[  336.902306][ T9064]  ? __pfx____ratelimit+0x10/0x10
[  336.902331][ T9064]  ? __pfx_dump_stack_lvl+0x10/0x10
[  336.902356][ T9064]  ? __pfx__printk+0x10/0x10
[  336.902374][ T9064]  ? __might_fault+0xb0/0x130
[  336.902405][ T9064]  should_fail_ex+0x414/0x560
[  336.902438][ T9064]  _copy_from_user+0x2d/0xb0
[  336.902455][ T9064]  userfaultfd_ioctl+0x313/0x4bc0
[  336.902474][ T9064]  ? kasan_save_track+0x4f/0x80
[  336.902491][ T9064]  ? kasan_save_free_info+0x46/0x50
[  336.902515][ T9064]  ? __kasan_slab_free+0x62/0x70
[  336.902533][ T9064]  ? kfree+0x18e/0x440
[  336.902549][ T9064]  ? tomoyo_path_number_perm+0x47a/0x5a0
[  336.902568][ T9064]  ? security_file_ioctl+0xcb/0x2d0
[  336.902588][ T9064]  ? __se_sys_ioctl+0x47/0x170
[  336.902605][ T9064]  ? do_syscall_64+0xfa/0x3b0
[  336.902628][ T9064]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.902656][ T9064]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  336.902685][ T9064]  ? do_vfs_ioctl+0x12ba/0x1990
[  336.902706][ T9064]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  336.902730][ T9064]  ? kasan_quarantine_put+0xdd/0x220
[  336.902757][ T9064]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  336.902779][ T9064]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  336.902800][ T9064]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[  336.902819][ T9064]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  336.902842][ T9064]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  336.902861][ T9064]  ? smack_log+0xef/0x3f0
[  336.902878][ T9064]  ? __pfx_smack_log+0x10/0x10
[  336.902906][ T9064]  ? smk_access+0x14c/0x4e0
[  336.902938][ T9064]  ? smk_tskacc+0x2fc/0x370
[  336.902959][ T9064]  ? smack_file_ioctl+0x2a9/0x340
[  336.902980][ T9064]  ? __pfx_smack_file_ioctl+0x10/0x10
[  336.903009][ T9064]  ? __fget_files+0x2a/0x420
[  336.903031][ T9064]  ? __fget_files+0x3a0/0x420
[  336.903053][ T9064]  ? __fget_files+0x2a/0x420
[  336.903077][ T9064]  ? bpf_lsm_file_ioctl+0x9/0x20
[  336.903100][ T9064]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  336.903119][ T9064]  __se_sys_ioctl+0xfc/0x170
[  336.903140][ T9064]  do_syscall_64+0xfa/0x3b0
[  336.903164][ T9064]  ? lockdep_hardirqs_on+0x9c/0x150
[  336.903188][ T9064]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.903210][ T9064]  ? clear_bhb_loop+0x60/0xb0
[  336.903231][ T9064]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.903248][ T9064] RIP: 0033:0x7ff72818e929
[  336.903263][ T9064] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  336.903278][ T9064] RSP: 002b:00007ff728f8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  336.903297][ T9064] RAX: ffffffffffffffda RBX: 00007ff7283b5fa0 RCX: 00007ff72818e929
[  336.903310][ T9064] RDX: 0000200000000040 RSI: 00000000c028aa05 RDI: 0000000000000004
[  336.903322][ T9064] RBP: 00007ff728f8f090 R08: 0000000000000000 R09: 0000000000000000
[  336.903333][ T9064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  336.903343][ T9064] R13: 0000000000000000 R14: 00007ff7283b5fa0 R15: 00007fff1ce0a5b8
[  336.903369][ T9064]  </TASK>
[  337.246926][ T9055] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  337.259216][ T9055] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  337.448096][ T5900] usb 2-1: USB disconnect, device number 31
[  337.497703][ T9079] FAULT_INJECTION: forcing a failure.
[  337.497703][ T9079] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  337.511628][ T9079] CPU: 1 UID: 0 PID: 9079 Comm: syz.5.884 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  337.511645][ T9079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  337.511653][ T9079] Call Trace:
[  337.511658][ T9079]  <TASK>
[  337.511663][ T9079]  dump_stack_lvl+0x189/0x250
[  337.511686][ T9079]  ? __pfx____ratelimit+0x10/0x10
[  337.511705][ T9079]  ? __pfx_dump_stack_lvl+0x10/0x10
[  337.511723][ T9079]  ? __pfx__printk+0x10/0x10
[  337.511735][ T9079]  ? __might_fault+0xb0/0x130
[  337.511758][ T9079]  should_fail_ex+0x414/0x560
[  337.511786][ T9079]  _copy_from_user+0x2d/0xb0
[  337.511803][ T9079]  kvm_arch_vcpu_ioctl+0xcff/0x2a40
[  337.511826][ T9079]  ? __lock_acquire+0xab9/0xd20
[  337.511847][ T9079]  ? kvm_arch_vcpu_ioctl+0xcbf/0x2a40
[  337.511862][ T9079]  ? __pfx_kvm_arch_vcpu_ioctl+0x10/0x10
[  337.511879][ T9079]  ? __lock_acquire+0xab9/0xd20
[  337.511907][ T9079]  ? is_bpf_text_address+0x26/0x2b0
[  337.511928][ T9079]  ? is_bpf_text_address+0x292/0x2b0
[  337.511945][ T9079]  ? is_bpf_text_address+0x26/0x2b0
[  337.511964][ T9079]  ? kernel_text_address+0xa5/0xe0
[  337.511979][ T9079]  ? __kernel_text_address+0xd/0x40
[  337.511993][ T9079]  ? unwind_get_return_address+0x4d/0x90
[  337.512010][ T9079]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  337.512023][ T9079]  ? arch_stack_walk+0xfc/0x150
[  337.512049][ T9079]  ? stack_trace_save+0x9c/0xe0
[  337.512063][ T9079]  ? stack_depot_save_flags+0x40/0x900
[  337.512084][ T9079]  ? kasan_save_track+0x4f/0x80
[  337.512096][ T9079]  ? kasan_save_track+0x3e/0x80
[  337.512115][ T9079]  ? __lock_acquire+0xab9/0xd20
[  337.512136][ T9079]  ? __mutex_trylock_common+0x153/0x260
[  337.512157][ T9079]  ? __pfx___mutex_trylock_common+0x10/0x10
[  337.512180][ T9079]  ? rcu_is_watching+0x15/0xb0
[  337.512198][ T9079]  ? trace_contention_end+0x39/0x120
[  337.512210][ T9079]  ? __mutex_lock+0x330/0xe80
[  337.512230][ T9079]  ? kasan_quarantine_put+0xdd/0x220
[  337.512246][ T9079]  ? kvm_vcpu_ioctl+0x22e/0xe90
[  337.512259][ T9079]  ? __pfx___mutex_lock+0x10/0x10
[  337.512278][ T9079]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  337.512295][ T9079]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  337.512310][ T9079]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  337.512330][ T9079]  kvm_vcpu_ioctl+0x74d/0xe90
[  337.512346][ T9079]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  337.512371][ T9079]  ? __lock_acquire+0xab9/0xd20
[  337.512389][ T9079]  ? __asan_memset+0x22/0x50
[  337.512401][ T9079]  ? smack_file_ioctl+0x302/0x340
[  337.512416][ T9079]  ? __pfx_smack_file_ioctl+0x10/0x10
[  337.512436][ T9079]  ? __fget_files+0x2a/0x420
[  337.512452][ T9079]  ? __fget_files+0x3a0/0x420
[  337.512467][ T9079]  ? __fget_files+0x2a/0x420
[  337.512485][ T9079]  ? bpf_lsm_file_ioctl+0x9/0x20
[  337.512502][ T9079]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  337.512521][ T9079]  __se_sys_ioctl+0xfc/0x170
[  337.512536][ T9079]  do_syscall_64+0xfa/0x3b0
[  337.512554][ T9079]  ? lockdep_hardirqs_on+0x9c/0x150
[  337.512571][ T9079]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.512583][ T9079]  ? clear_bhb_loop+0x60/0xb0
[  337.512600][ T9079]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.512612][ T9079] RIP: 0033:0x7f092098e929
[  337.512623][ T9079] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  337.512634][ T9079] RSP: 002b:00007f09218bc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  337.512647][ T9079] RAX: ffffffffffffffda RBX: 00007f0920bb5fa0 RCX: 00007f092098e929
[  337.512656][ T9079] RDX: 00002000000002c0 RSI: 00000000c008ae88 RDI: 0000000000000006
[  337.512664][ T9079] RBP: 00007f09218bc090 R08: 0000000000000000 R09: 0000000000000000
[  337.512672][ T9079] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  337.512679][ T9079] R13: 0000000000000000 R14: 00007f0920bb5fa0 R15: 00007ffff9a84768
[  337.512698][ T9079]  </TASK>
[  337.570391][ T5907] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  337.573041][ T5893] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  338.005582][ T5907] usb 3-1: config 0 has an invalid interface number: 64 but max is 0
[  338.014354][ T5907] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  338.028096][ T5907] usb 3-1: config 0 has no interface number 0
[  338.036976][ T5907] usb 3-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  338.046612][ T5907] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  338.054793][ T5907] usb 3-1: Product: syz
[  338.059291][ T5907] usb 3-1: Manufacturer: syz
[  338.064171][ T5907] usb 3-1: SerialNumber: syz
[  338.071884][ T5893] usb 1-1: config 0 has an invalid interface number: 64 but max is 0
[  338.082296][ T5907] usb 3-1: config 0 descriptor??
[  338.084771][ T5893] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  338.098691][ T5893] usb 1-1: config 0 has no interface number 0
[  338.109045][ T5893] usb 1-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  338.119371][ T5893] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  338.128878][ T5893] usb 1-1: Product: syz
[  338.134063][ T5893] usb 1-1: Manufacturer: syz
[  338.138683][ T5893] usb 1-1: SerialNumber: syz
[  338.145936][ T5893] usb 1-1: config 0 descriptor??
[  338.295804][ T5893] usb 3-1: USB disconnect, device number 26
[  338.319956][ T5900] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  338.401557][ T9088] netlink: 8 bytes leftover after parsing attributes in process `syz.1.888'.
[  338.418829][ T5907] usb 1-1: USB disconnect, device number 27
[  338.480780][ T5900] usb 6-1: Using ep0 maxpacket: 32
[  338.490027][ T5900] usb 6-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  338.504398][ T5900] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  338.529103][ T5900] usb 6-1: config 0 descriptor??
[  338.556211][ T5900] as10x_usb: device has been detected
[  338.562299][ T5900] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  338.587683][ T5900] usb 6-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  338.627022][ T5900] as10x_usb: error during firmware upload part1
[  338.637415][ T5900] Registered device nBox DVB-T Dongle
[  338.671768][ T9091] netlink: 20 bytes leftover after parsing attributes in process `syz.3.889'.
[  338.686331][ T9091] openvswitch: netlink: Flow actions attr not present in new flow.
[  338.758721][ T5900] usb 6-1: USB disconnect, device number 13
[  338.785980][ T5900] Unregistered device nBox DVB-T Dongle
[  338.787413][ T5900] as10x_usb: device has been disconnected
[  339.585998][ T9104] FAULT_INJECTION: forcing a failure.
[  339.585998][ T9104] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  339.607929][ T9104] CPU: 1 UID: 0 PID: 9104 Comm: syz.2.893 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  339.607953][ T9104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  339.607964][ T9104] Call Trace:
[  339.607971][ T9104]  <TASK>
[  339.607980][ T9104]  dump_stack_lvl+0x189/0x250
[  339.608009][ T9104]  ? __pfx____ratelimit+0x10/0x10
[  339.608035][ T9104]  ? __pfx_dump_stack_lvl+0x10/0x10
[  339.608060][ T9104]  ? __pfx__printk+0x10/0x10
[  339.608079][ T9104]  ? fs_reclaim_acquire+0x7d/0x100
[  339.608112][ T9104]  should_fail_ex+0x414/0x560
[  339.608145][ T9104]  prepare_alloc_pages+0x213/0x610
[  339.608178][ T9104]  __alloc_frozen_pages_noprof+0x123/0x370
[  339.608208][ T9104]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  339.608243][ T9104]  ? policy_nodemask+0x27c/0x720
[  339.608270][ T9104]  alloc_pages_mpol+0x232/0x4a0
[  339.608297][ T9104]  folio_alloc_mpol_noprof+0x39/0x70
[  339.608321][ T9104]  __read_swap_cache_async+0x166/0x510
[  339.608358][ T9104]  swap_cluster_readahead+0x305/0x5f0
[  339.608391][ T9104]  ? __pfx_swap_cluster_readahead+0x10/0x10
[  339.608434][ T9104]  ? get_vma_policy+0x27c/0x3c0
[  339.608458][ T9104]  swapin_readahead+0x17d/0xb50
[  339.608484][ T9104]  ? __pfx_filemap_get_entry+0x10/0x10
[  339.608512][ T9104]  ? __pfx_swapin_readahead+0x10/0x10
[  339.608543][ T9104]  ? __filemap_get_folio+0x9a6/0xaf0
[  339.608570][ T9104]  ? swap_cache_get_folio+0xae/0x3b0
[  339.608600][ T9104]  do_swap_page+0x525/0x5ac0
[  339.608624][ T9104]  ? __lock_acquire+0xab9/0xd20
[  339.608660][ T9104]  ? do_swap_page+0x184/0x5ac0
[  339.608677][ T9104]  ? __pfx_do_swap_page+0x10/0x10
[  339.608697][ T9104]  ? __pfx_default_wake_function+0x10/0x10
[  339.608721][ T9104]  ? ___pte_offset_map+0x21f/0x2c0
[  339.608745][ T9104]  ? pte_offset_map_rw_nolock+0xea/0x160
[  339.608769][ T9104]  __handle_mm_fault+0xf3e/0x5620
[  339.608806][ T9104]  ? __pfx___handle_mm_fault+0x10/0x10
[  339.608842][ T9104]  ? find_vma+0xe7/0x160
[  339.608861][ T9104]  ? __pfx_find_vma+0x10/0x10
[  339.608879][ T9104]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  339.608906][ T9104]  handle_mm_fault+0x2d5/0x7f0
[  339.608955][ T9104]  do_user_addr_fault+0x764/0x1390
[  339.609015][ T9104]  exc_page_fault+0x76/0xf0
[  339.609047][ T9104]  asm_exc_page_fault+0x26/0x30
[  339.609066][ T9104] RIP: 0010:io_msg_copy_hdr+0x1a5/0x870
[  339.609096][ T9104] Code: 00 48 89 df 4c 8b 7c 24 18 4c 89 fe e8 04 b3 09 fd 4c 39 fb 49 be 00 00 00 00 00 fc ff df 0f 82 64 05 00 00 0f 01 cb 0f ae e8 <49> 8b 1f 4c 8b 64 24 10 4c 89 e0 48 c1 e8 03 42 80 3c 30 00 74 08
[  339.609114][ T9104] RSP: 0018:ffffc90002ec7820 EFLAGS: 00050206
[  339.609141][ T9104] RAX: ffffffff84b69b7c RBX: 00007ffffffff000 RCX: ffff888027153c00
[  339.609158][ T9104] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 00007ffffffff000
[  339.609172][ T9104] RBP: ffffc90002ec7950 R08: ffffc90002ec7a17 R09: 0000000000000000
[  339.609186][ T9104] R10: ffffc90002ec79e0 R11: fffff520005d8f43 R12: ffff8880787fb008
[  339.609201][ T9104] R13: ffff888058db7440 R14: dffffc0000000000 R15: 0000200000000240
[  339.609227][ T9104]  ? io_msg_copy_hdr+0x18c/0x870
[  339.609273][ T9104]  ? __pfx_io_msg_copy_hdr+0x10/0x10
[  339.609325][ T9104]  io_sendmsg_setup+0x115/0x520
[  339.609352][ T9104]  ? __asan_memset+0x22/0x50
[  339.609372][ T9104]  ? io_cache_alloc_new+0x90/0x100
[  339.609404][ T9104]  ? __pfx_io_sendmsg_setup+0x10/0x10
[  339.609453][ T9104]  io_submit_sqes+0x90f/0x1c50
[  339.609510][ T9104]  __se_sys_io_uring_enter+0x2df/0x2b20
[  339.609556][ T9104]  ? ksys_write+0x1cb/0x250
[  339.609584][ T9104]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  339.609606][ T9104]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  339.609637][ T9104]  ? __pfx_vfs_write+0x10/0x10
[  339.609663][ T9104]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  339.609698][ T9104]  ? __fget_files+0x3a0/0x420
[  339.609734][ T9104]  ? fput+0xa0/0xd0
[  339.609764][ T9104]  ? ksys_write+0x22a/0x250
[  339.609789][ T9104]  ? __pfx_ksys_write+0x10/0x10
[  339.609809][ T9104]  ? rcu_is_watching+0x15/0xb0
[  339.609843][ T9104]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  339.609870][ T9104]  do_syscall_64+0xfa/0x3b0
[  339.609900][ T9104]  ? lockdep_hardirqs_on+0x9c/0x150
[  339.609927][ T9104]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.609947][ T9104]  ? clear_bhb_loop+0x60/0xb0
[  339.609972][ T9104]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  339.609992][ T9104] RIP: 0033:0x7ff72818e929
[  339.610010][ T9104] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  339.610027][ T9104] RSP: 002b:00007ff728f8f038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  339.610048][ T9104] RAX: ffffffffffffffda RBX: 00007ff7283b5fa0 RCX: 00007ff72818e929
[  339.610063][ T9104] RDX: 0000000000000000 RSI: 0000000000000092 RDI: 0000000000000003
[  339.610089][ T9104] RBP: 00007ff728f8f090 R08: 0000000000000000 R09: 0000000000000000
[  339.610102][ T9104] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  339.610114][ T9104] R13: 0000000000000000 R14: 00007ff7283b5fa0 R15: 00007fff1ce0a5b8
[  339.610167][ T9104]  </TASK>
[  341.042727][ T5977] IPVS: starting estimator thread 0...
[  341.154037][ T9125] IPVS: using max 30 ests per chain, 72000 per kthread
[  341.238709][ T6476] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.307501][ T9131] netlink: 32 bytes leftover after parsing attributes in process `syz.5.902'.
[  341.499418][ T6476] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.684996][ T9139] netlink: 8 bytes leftover after parsing attributes in process `syz.0.904'.
[  341.694002][ T5977] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  341.697706][ T6476] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.761891][ T9143] netlink: 28 bytes leftover after parsing attributes in process `syz.0.904'.
[  341.809980][ T6476] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.835092][ T9143] netlink: 4 bytes leftover after parsing attributes in process `syz.0.904'.
[  341.874859][ T5977] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  341.903346][ T5977] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  341.934077][ T5977] usb 6-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00
[  341.944508][ T5907] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  341.970687][ T5977] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.012035][ T5977] usb 6-1: config 0 descriptor??
[  342.110981][ T5907] usb 3-1: Using ep0 maxpacket: 32
[  342.120160][ T5907] usb 3-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  342.132612][ T5907] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.141128][ T6476] bridge_slave_1: left allmulticast mode
[  342.146805][ T6476] bridge_slave_1: left promiscuous mode
[  342.168645][ T5907] usb 3-1: config 0 descriptor??
[  342.173956][ T6476] bridge0: port 2(bridge_slave_1) entered disabled state
[  342.220484][ T5907] as10x_usb: device has been detected
[  342.237917][ T5907] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  342.258637][ T6476] bridge_slave_0: left allmulticast mode
[  342.271541][ T6476] bridge_slave_0: left promiscuous mode
[  342.277363][ T6476] bridge0: port 1(bridge_slave_0) entered disabled state
[  342.304952][ T5820] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  342.313608][ T9159] FAULT_INJECTION: forcing a failure.
[  342.313608][ T9159] name failslab, interval 1, probability 0, space 0, times 0
[  342.326382][ T9159] CPU: 0 UID: 0 PID: 9159 Comm: syz.0.911 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  342.326404][ T9159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  342.326415][ T9159] Call Trace:
[  342.326423][ T9159]  <TASK>
[  342.326431][ T9159]  dump_stack_lvl+0x189/0x250
[  342.326459][ T9159]  ? __pfx____ratelimit+0x10/0x10
[  342.326485][ T9159]  ? __pfx_dump_stack_lvl+0x10/0x10
[  342.326510][ T9159]  ? __pfx__printk+0x10/0x10
[  342.326531][ T9159]  ? __lock_acquire+0xab9/0xd20
[  342.326557][ T9159]  should_fail_ex+0x414/0x560
[  342.326577][ T9159]  should_failslab+0xa8/0x100
[  342.326597][ T9159]  kmem_cache_alloc_noprof+0x73/0x3c0
[  342.326613][ T9159]  ? skb_clone+0x212/0x3a0
[  342.326629][ T9159]  ? run_filter+0x23/0x270
[  342.326649][ T9159]  skb_clone+0x212/0x3a0
[  342.326665][ T9159]  ? packet_rcv+0x567/0x1590
[  342.326683][ T9159]  packet_rcv+0x6d6/0x1590
[  342.326703][ T9159]  ? __pfx_packet_rcv+0x10/0x10
[  342.326720][ T9159]  __netif_receive_skb_core+0x3132/0x4180
[  342.326748][ T9159]  ? __kernel_text_address+0xd/0x40
[  342.326764][ T9159]  ? unwind_get_return_address+0x4d/0x90
[  342.326783][ T9159]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  342.326806][ T9159]  ? __pfx___netif_receive_skb_core+0x10/0x10
[  342.326827][ T9159]  ? stack_trace_save+0x9c/0xe0
[  342.326852][ T9159]  ? netif_receive_skb+0x115/0x790
[  342.326880][ T9159]  ? netif_receive_skb+0x115/0x790
[  342.326901][ T9159]  __netif_receive_skb+0x72/0x380
[  342.326926][ T9159]  ? netif_receive_skb+0x115/0x790
[  342.326945][ T9159]  netif_receive_skb+0x1cb/0x790
[  342.326964][ T9159]  ? __pfx___local_bh_disable_ip+0x10/0x10
[  342.326985][ T9159]  ? __pfx_netif_receive_skb+0x10/0x10
[  342.327008][ T9159]  ? tun_rx_batched+0x160/0x730
[  342.327030][ T9159]  tun_rx_batched+0x1b9/0x730
[  342.327048][ T9159]  ? __lock_acquire+0xab9/0xd20
[  342.327069][ T9159]  ? __pfx_tun_rx_batched+0x10/0x10
[  342.327091][ T9159]  ? tun_get_user+0x2549/0x3ce0
[  342.327121][ T9159]  tun_get_user+0x298e/0x3ce0
[  342.327142][ T9159]  ? tun_get_user+0x693/0x3ce0
[  342.327160][ T9159]  ? tun_get_user+0x2549/0x3ce0
[  342.327189][ T9159]  ? __pfx_tun_get_user+0x10/0x10
[  342.327214][ T9159]  ? __lock_acquire+0xab9/0xd20
[  342.327235][ T9159]  ? ref_tracker_alloc+0x318/0x460
[  342.327251][ T9159]  ? __lock_acquire+0xab9/0xd20
[  342.327270][ T9159]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  342.327291][ T9159]  ? tun_get+0x1c/0x2f0
[  342.327314][ T9159]  ? tun_get+0x1c/0x2f0
[  342.327332][ T9159]  ? tun_get+0x1c/0x2f0
[  342.327358][ T9159]  tun_chr_write_iter+0x113/0x200
[  342.327384][ T9159]  vfs_write+0x548/0xa90
[  342.327408][ T9159]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  342.327432][ T9159]  ? __pfx_vfs_write+0x10/0x10
[  342.327461][ T9159]  ? __fget_files+0x2a/0x420
[  342.327493][ T9159]  ksys_write+0x145/0x250
[  342.327515][ T9159]  ? __pfx_ksys_write+0x10/0x10
[  342.327533][ T9159]  ? rcu_is_watching+0x15/0xb0
[  342.327562][ T9159]  ? do_syscall_64+0xbe/0x3b0
[  342.327590][ T9159]  do_syscall_64+0xfa/0x3b0
[  342.327614][ T9159]  ? lockdep_hardirqs_on+0x9c/0x150
[  342.327638][ T9159]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.327655][ T9159]  ? clear_bhb_loop+0x60/0xb0
[  342.327676][ T9159]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  342.327693][ T9159] RIP: 0033:0x7f8c6158d3df
[  342.327708][ T9159] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  342.327722][ T9159] RSP: 002b:00007f8c62493000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  342.327738][ T9159] RAX: ffffffffffffffda RBX: 00007f8c617b5fa0 RCX: 00007f8c6158d3df
[  342.327748][ T9159] RDX: 0000000000000032 RSI: 0000200000000300 RDI: 00000000000000c8
[  342.327757][ T9159] RBP: 00007f8c62493090 R08: 0000000000000000 R09: 0000000000000000
[  342.327766][ T9159] R10: 0000000000000032 R11: 0000000000000293 R12: 0000000000000001
[  342.327774][ T9159] R13: 0000000000000000 R14: 00007f8c617b5fa0 R15: 00007fffbe6794a8
[  342.327795][ T9159]  </TASK>
[  342.728686][ T5820] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  342.744586][ T5820] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  342.756524][ T5820] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  342.764892][ T5820] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  342.777738][ T5823] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  342.786872][ T5823] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  342.796779][ T5823] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  342.806265][ T5823] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  342.817171][ T5823] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  342.860645][ T5907] usb 3-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  342.876292][ T5907] as10x_usb: error during firmware upload part1
[  342.886992][ T5907] Registered device nBox DVB-T Dongle
[  342.890616][ T5907] usb 3-1: USB disconnect, device number 27
[  342.966664][ T5907] Unregistered device nBox DVB-T Dongle
[  342.976128][ T5907] as10x_usb: device has been disconnected
[  343.007793][ T5977] steelseries 0003:1038:12B6.0007: reserved main item tag 0xe
[  343.017142][ T5977] steelseries 0003:1038:12B6.0007: hidraw0: USB HID v0.00 Device [HID 1038:12b6] on usb-dummy_hcd.5-1/input0
[  343.206681][ T9161] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  343.225468][ T9161] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  343.326129][ T6476] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  343.339653][ T6476] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  343.364767][ T6476] bond0 (unregistering): Released all slaves
[  343.491988][ T5977] steelseries 0003:1038:12B6.0007: hid_hw_raw_request() failed with -71
[  343.510918][ T5977] usb 6-1: USB disconnect, device number 14
[  343.655878][ T6476] hsr_slave_0: left promiscuous mode
[  343.663729][ T6476] hsr_slave_1: left promiscuous mode
[  343.672398][ T6476] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  343.680093][ T6476] batman_adv: batadv0: Removing interface: batadv_slave_0
[  343.688326][ T6476] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  343.697356][ T6476] batman_adv: batadv0: Removing interface: batadv_slave_1
[  343.730125][ T5893] usb 3-1: new low-speed USB device number 28 using dummy_hcd
[  343.746412][ T6476] veth1_macvtap: left promiscuous mode
[  343.753882][ T6476] veth0_macvtap: left promiscuous mode
[  343.759565][ T6476] veth1_vlan: left promiscuous mode
[  343.765339][ T6476] veth0_vlan: left promiscuous mode
[  343.883697][ T5893] usb 3-1: unable to get BOS descriptor or descriptor too short
[  343.901166][ T5893] usb 3-1: config 7 has an invalid interface number: 83 but max is 0
[  343.909281][ T5893] usb 3-1: config 7 has no interface number 0
[  343.926552][ T5893] usb 3-1: config 7 interface 83 altsetting 254 endpoint 0x7 has invalid maxpacket 16, setting to 0
[  343.941533][ T5893] usb 3-1: No eUSB2 isoc ep 7 companion for config 7 interface 83 altsetting 254
[  343.957955][ T5893] usb 3-1: config 7 interface 83 has no altsetting 0
[  343.993122][ T5893] usb 3-1: string descriptor 0 read error: -22
[  343.999450][ T5893] usb 3-1: New USB device found, idVendor=19d2, idProduct=0145, bcdDevice=44.f5
[  344.013492][ T5893] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  344.056630][ T5893] option 3-1:7.83: GSM modem (1-port) converter detected
[  344.267792][ T5893] usb 3-1: USB disconnect, device number 28
[  344.284314][ T5893] option 3-1:7.83: device disconnected
[  344.435802][ T9192] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  344.720768][ T6476] team0 (unregistering): Port device team_slave_1 removed
[  344.767568][ T6476] team0 (unregistering): Port device team_slave_0 removed
[  344.916930][ T5820] Bluetooth: hci4: command tx timeout
[  345.121364][ T5893] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  345.324132][ T5893] usb 3-1: Using ep0 maxpacket: 32
[  345.336742][ T5893] usb 3-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  345.365520][ T9156] chnl_net:caif_netlink_parms(): no params data found
[  345.385849][ T5893] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  345.466037][ T5893] usb 3-1: config 0 descriptor??
[  345.479204][ T5893] as10x_usb: device has been detected
[  345.486357][ T5893] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  345.507695][ T5893] usb 3-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  345.520030][ T5893] as10x_usb: error during firmware upload part1
[  345.527036][ T5893] Registered device nBox DVB-T Dongle
[  345.709723][ T5893] usb 3-1: USB disconnect, device number 29
[  345.757338][ T9156] bridge0: port 1(bridge_slave_0) entered blocking state
[  345.765978][ T9156] bridge0: port 1(bridge_slave_0) entered disabled state
[  345.781388][ T9156] bridge_slave_0: entered allmulticast mode
[  345.793841][ T9156] bridge_slave_0: entered promiscuous mode
[  345.803869][ T5893] Unregistered device nBox DVB-T Dongle
[  345.805289][ T5893] as10x_usb: device has been disconnected
[  346.144025][ T9212] netlink: 'syz.5.927': attribute type 39 has an invalid length.
[  346.160040][ T9156] bridge0: port 2(bridge_slave_1) entered blocking state
[  346.167211][ T9156] bridge0: port 2(bridge_slave_1) entered disabled state
[  346.211290][ T9156] bridge_slave_1: entered allmulticast mode
[  346.221772][ T9156] bridge_slave_1: entered promiscuous mode
[  346.298372][ T9218] netlink: 'syz.0.929': attribute type 10 has an invalid length.
[  346.315204][ T9156] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  346.327578][ T9218] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  346.333324][ T9156] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  346.379396][ T9156] team0: Port device team_slave_0 added
[  346.392585][ T9156] team0: Port device team_slave_1 added
[  346.429174][ T9156] batman_adv: batadv0: Adding interface: batadv_slave_0
[  346.437291][ T9156] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  346.470137][ T6671] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  346.482939][ T9156] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  346.498078][ T9156] batman_adv: batadv0: Adding interface: batadv_slave_1
[  346.509072][ T9156] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  346.539401][ T9156] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  346.594677][ T9221] overlayfs: failed to resolve './file1': -2
[  346.682675][ T9156] hsr_slave_0: entered promiscuous mode
[  346.688591][ T6671] usb 6-1: config 1 has an invalid descriptor of length 246, skipping remainder of the config
[  346.690300][ T9156] hsr_slave_1: entered promiscuous mode
[  346.708189][ T9156] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  346.716397][ T9156] Cannot create hsr debugfs directory
[  346.720806][ T6671] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  346.764538][ T6671] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  346.795978][ T6671] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  346.805038][ T6671] usb 6-1: Product: syz
[  346.821111][ T6671] usb 6-1: Manufacturer: syz
[  346.826829][ T6671] usb 6-1: SerialNumber: syz
[  346.848962][ T6671] cdc_ether 6-1:1.0: skipping garbage
[  346.858451][ T6671] usb 6-1: bad CDC descriptors
[  346.989919][ T5820] Bluetooth: hci4: command tx timeout
[  347.010849][ T9236] netlink: 'syz.2.936': attribute type 3 has an invalid length.
[  347.467131][ T6671] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  347.754328][ T9156] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  347.772026][ T9156] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  347.788704][ T9156] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  347.799738][ T9156] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  347.893529][ T6671] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  347.910517][ T9156] 8021q: adding VLAN 0 to HW filter on device bond0
[  347.918623][ T6671] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  347.939188][ T6671] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  347.954712][ T9156] 8021q: adding VLAN 0 to HW filter on device team0
[  347.962758][ T6671] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  347.983602][ T6671] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  347.985689][ T1004] bridge0: port 1(bridge_slave_0) entered blocking state
[  347.993458][ T6671] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  348.000047][ T1004] bridge0: port 1(bridge_slave_0) entered forwarding state
[  348.008279][ T6671] usb 1-1: Manufacturer: syz
[  348.028987][ T6671] usb 1-1: config 0 descriptor??
[  348.032816][ T1004] bridge0: port 2(bridge_slave_1) entered blocking state
[  348.041226][ T1004] bridge0: port 2(bridge_slave_1) entered forwarding state
[  348.336047][ T9255] sctp: [Deprecated]: syz.2.940 (pid 9255) Use of struct sctp_assoc_value in delayed_ack socket option.
[  348.336047][ T9255] Use struct sctp_sack_info instead
[  348.640130][ T5977] usb 6-1: USB disconnect, device number 15
[  348.686879][ T9240] Bluetooth: MGMT ver 1.23
[  348.934857][ T6671] appleir 0003:05AC:8243.0008: unknown main item tag 0x0
[  348.953617][ T6671] appleir 0003:05AC:8243.0008: No inputs registered, leaving
[  348.965918][ T6671] appleir 0003:05AC:8243.0008: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[  349.070155][ T5820] Bluetooth: hci4: command tx timeout
[  349.075778][ T9156] 8021q: adding VLAN 0 to HW filter on device batadv0
[  349.115153][ T9156] veth0_vlan: entered promiscuous mode
[  349.126687][ T9156] veth1_vlan: entered promiscuous mode
[  349.192347][ T9156] veth0_macvtap: entered promiscuous mode
[  349.202632][ T9156] veth1_macvtap: entered promiscuous mode
[  349.223363][ T9156] batman_adv: batadv0: Interface activated: batadv_slave_0
[  349.232711][ T9240] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  349.239247][ T9156] batman_adv: batadv0: Interface activated: batadv_slave_1
[  349.241306][ T5918] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  349.253020][ T9156] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  349.266281][ T9240] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  349.268109][ T9156] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  349.279402][ T5977] usb 1-1: USB disconnect, device number 28
[  349.288335][ T9156] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  349.300764][ T9156] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  349.443114][ T9267] FAULT_INJECTION: forcing a failure.
[  349.443114][ T9267] name failslab, interval 1, probability 0, space 0, times 0
[  349.455944][ T9267] CPU: 0 UID: 0 PID: 9267 Comm: syz.5.943 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  349.455961][ T9267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  349.455969][ T9267] Call Trace:
[  349.455974][ T9267]  <TASK>
[  349.455979][ T9267]  dump_stack_lvl+0x189/0x250
[  349.456001][ T9267]  ? __pfx____ratelimit+0x10/0x10
[  349.456019][ T9267]  ? __pfx_dump_stack_lvl+0x10/0x10
[  349.456037][ T9267]  ? __pfx__printk+0x10/0x10
[  349.456053][ T9267]  ? __pfx___might_resched+0x10/0x10
[  349.456075][ T9267]  should_fail_ex+0x414/0x560
[  349.456092][ T9267]  should_failslab+0xa8/0x100
[  349.456110][ T9267]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  349.456126][ T9267]  ? __alloc_skb+0x112/0x2d0
[  349.456141][ T9267]  __alloc_skb+0x112/0x2d0
[  349.456157][ T9267]  netlink_sendmsg+0x5c6/0xb30
[  349.456177][ T9267]  ? __pfx_netlink_sendmsg+0x10/0x10
[  349.456201][ T9267]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  349.456216][ T9267]  ? __pfx_netlink_sendmsg+0x10/0x10
[  349.456230][ T9267]  __sock_sendmsg+0x21c/0x270
[  349.456250][ T9267]  ____sys_sendmsg+0x505/0x830
[  349.456268][ T9267]  ? __pfx_____sys_sendmsg+0x10/0x10
[  349.456288][ T9267]  ? import_iovec+0x74/0xa0
[  349.456302][ T9267]  ___sys_sendmsg+0x21f/0x2a0
[  349.456318][ T9267]  ? __pfx____sys_sendmsg+0x10/0x10
[  349.456355][ T9267]  ? __fget_files+0x2a/0x420
[  349.456371][ T9267]  ? __fget_files+0x3a0/0x420
[  349.456393][ T9267]  __x64_sys_sendmsg+0x19b/0x260
[  349.456410][ T9267]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  349.456431][ T9267]  ? __pfx_ksys_write+0x10/0x10
[  349.456444][ T9267]  ? rcu_is_watching+0x15/0xb0
[  349.456466][ T9267]  ? do_syscall_64+0xbe/0x3b0
[  349.456487][ T9267]  do_syscall_64+0xfa/0x3b0
[  349.456504][ T9267]  ? lockdep_hardirqs_on+0x9c/0x150
[  349.456521][ T9267]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.456534][ T9267]  ? clear_bhb_loop+0x60/0xb0
[  349.456549][ T9267]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  349.456561][ T9267] RIP: 0033:0x7f092098e929
[  349.456571][ T9267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  349.456581][ T9267] RSP: 002b:00007f09218bc038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  349.456594][ T9267] RAX: ffffffffffffffda RBX: 00007f0920bb5fa0 RCX: 00007f092098e929
[  349.456604][ T9267] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000007
[  349.456611][ T9267] RBP: 00007f09218bc090 R08: 0000000000000000 R09: 0000000000000000
[  349.456618][ T9267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  349.456625][ T9267] R13: 0000000000000000 R14: 00007f0920bb5fa0 R15: 00007ffff9a84768
[  349.456644][ T9267]  </TASK>
[  349.456809][ T5918] usb 3-1: Using ep0 maxpacket: 32
[  349.474444][ T7863] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  349.482661][ T5918] usb 3-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  349.587019][ T7863] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  349.755893][ T5918] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  349.766913][ T5918] usb 3-1: config 0 descriptor??
[  349.780458][ T5918] as10x_usb: device has been detected
[  349.786847][ T5918] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  349.816145][ T5918] usb 3-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  349.849503][ T7863] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  349.857581][ T7863] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  349.869418][ T9274] netlink: 452 bytes leftover after parsing attributes in process `syz.5.944'.
[  349.895457][ T5918] as10x_usb: error during firmware upload part1
[  349.910516][ T5918] Registered device nBox DVB-T Dongle
[  349.983854][ T5918] usb 3-1: USB disconnect, device number 30
[  350.026598][ T5918] Unregistered device nBox DVB-T Dongle
[  350.028663][ T5918] as10x_usb: device has been disconnected
[  351.086755][ T9299] netlink: 8 bytes leftover after parsing attributes in process `syz.5.952'.
[  351.106057][ T9299] netlink: 4 bytes leftover after parsing attributes in process `syz.5.952'.
[  351.142116][ T5820] Bluetooth: hci4: command tx timeout
[  351.188767][ T9309] netlink: 8 bytes leftover after parsing attributes in process `syz.1.951'.
[  351.219176][ T9309] bridge0: port 2(bridge_slave_1) entered disabled state
[  351.227729][ T9309] bridge0: port 1(bridge_slave_0) entered disabled state
[  351.598310][   T30] audit: type=1800 audit(1750656044.995:1683): pid=9323 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.3.957" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  351.828415][ T9326] netlink: 452 bytes leftover after parsing attributes in process `syz.3.958'.
[  351.910043][ T6671] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  352.084151][ T6671] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  352.146105][ T6671] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  352.186261][ T6671] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  352.198292][ T6671] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  352.295967][ T6671] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  352.320965][ T6671] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  352.329192][ T6671] usb 1-1: Manufacturer: syz
[  352.383131][ T6671] usb 1-1: config 0 descriptor??
[  352.835759][ T6671] appleir 0003:05AC:8243.0009: unknown main item tag 0x0
[  352.851824][ T6671] appleir 0003:05AC:8243.0009: No inputs registered, leaving
[  352.891968][ T6671] appleir 0003:05AC:8243.0009: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[  352.969923][ T5907] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  353.116598][ T9324] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  353.129870][ T5907] usb 3-1: Using ep0 maxpacket: 32
[  353.141051][ T9324] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  353.151281][ T5907] usb 3-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  353.169599][ T5907] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  353.184799][ T5907] usb 3-1: config 0 descriptor??
[  353.186458][ T5893] usb 1-1: USB disconnect, device number 29
[  353.202974][ T5907] as10x_usb: device has been detected
[  353.212428][ T5907] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  353.282531][ T5907] usb 3-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  353.311632][ T5907] as10x_usb: error during firmware upload part1
[  353.325221][ T5907] Registered device nBox DVB-T Dongle
[  353.422378][ T5907] usb 3-1: USB disconnect, device number 31
[  353.462255][ T5907] Unregistered device nBox DVB-T Dongle
[  353.467790][ T5907] as10x_usb: device has been disconnected
[  354.339986][ T5893] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  354.492603][ T5893] usb 3-1: config 0 has an invalid interface number: 64 but max is 0
[  354.505920][ T5893] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  354.525011][ T5893] usb 3-1: config 0 has no interface number 0
[  354.537518][ T5893] usb 3-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  354.547053][ T5893] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  354.558725][ T5893] usb 3-1: Product: syz
[  354.563072][ T5893] usb 3-1: Manufacturer: syz
[  354.567899][ T5893] usb 3-1: SerialNumber: syz
[  354.575437][ T5893] usb 3-1: config 0 descriptor??
[  354.798114][ T5893] usb 3-1: USB disconnect, device number 32
[  355.999614][ T9381] netlink: 'syz.2.977': attribute type 16 has an invalid length.
[  356.169900][ T5907] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  356.260021][   T48] usb 2-1: new full-speed USB device number 32 using dummy_hcd
[  356.380160][ T9388] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(6)
[  356.386880][ T9388] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  356.953861][ T5907] usb 1-1: Using ep0 maxpacket: 8
[  356.980546][ T9388] vhci_hcd vhci_hcd.0: Device attached
[  356.990807][ T5907] usb 1-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  357.000053][ T9389] vhci_hcd: connection closed
[  357.002570][ T5907] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.003624][   T12] vhci_hcd: stop threads
[  357.008292][ T5907] usb 1-1: Product: syz
[  357.008308][ T5907] usb 1-1: Manufacturer: syz
[  357.041898][   T12] vhci_hcd: release socket
[  357.046354][   T12] vhci_hcd: disconnect device
[  357.062990][   T48] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  357.076704][   T48] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  357.087032][   T48] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  357.106449][   T48] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  357.117773][   T48] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 101, setting to 64
[  357.154877][ T5907] usb 1-1: SerialNumber: syz
[  357.172101][ T5907] usb 1-1: config 0 descriptor??
[  357.184798][   T48] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  357.215198][   T48] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  357.250677][   T48] usb 2-1: Product: syz
[  357.260007][   T48] usb 2-1: Manufacturer: syz
[  357.270088][ T9384] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  357.280953][   T48] cdc_wdm 2-1:1.0: skipping garbage
[  357.286189][   T48] cdc_wdm 2-1:1.0: skipping garbage
[  357.307926][   T48] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  357.314297][   T48] cdc_wdm 2-1:1.0: Unknown control protocol
[  357.392038][ T5907] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  357.505253][   T48] usb 2-1: USB disconnect, device number 32
[  357.776224][ T9399] netlink: 28 bytes leftover after parsing attributes in process `syz.5.982'.
[  357.988442][ T9409] FAULT_INJECTION: forcing a failure.
[  357.988442][ T9409] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  358.002349][ T9409] CPU: 0 UID: 0 PID: 9409 Comm: syz.5.985 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  358.002373][ T9409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  358.002384][ T9409] Call Trace:
[  358.002391][ T9409]  <TASK>
[  358.002399][ T9409]  dump_stack_lvl+0x189/0x250
[  358.002428][ T9409]  ? __pfx____ratelimit+0x10/0x10
[  358.002454][ T9409]  ? __pfx_dump_stack_lvl+0x10/0x10
[  358.002478][ T9409]  ? __pfx__printk+0x10/0x10
[  358.002492][ T9409]  ? __might_fault+0xb0/0x130
[  358.002516][ T9409]  should_fail_ex+0x414/0x560
[  358.002536][ T9409]  _copy_from_user+0x2d/0xb0
[  358.002549][ T9409]  ___sys_recvmsg+0x12e/0x510
[  358.002566][ T9409]  ? rcu_is_watching+0x15/0xb0
[  358.002589][ T9409]  ? __pfx____sys_recvmsg+0x10/0x10
[  358.002633][ T9409]  ? __might_fault+0xb0/0x130
[  358.002651][ T9409]  do_recvmmsg+0x307/0x770
[  358.002674][ T9409]  ? __pfx_do_recvmmsg+0x10/0x10
[  358.002699][ T9409]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  358.002732][ T9409]  __x64_sys_recvmmsg+0x190/0x240
[  358.002751][ T9409]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  358.002772][ T9409]  ? do_syscall_64+0xbe/0x3b0
[  358.002794][ T9409]  do_syscall_64+0xfa/0x3b0
[  358.002815][ T9409]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.002828][ T9409]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  358.002841][ T9409]  ? clear_bhb_loop+0x60/0xb0
[  358.002857][ T9409]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.002870][ T9409] RIP: 0033:0x7f092098e929
[  358.002882][ T9409] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  358.002894][ T9409] RSP: 002b:00007f092187a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  358.002909][ T9409] RAX: ffffffffffffffda RBX: 00007f0920bb6160 RCX: 00007f092098e929
[  358.002920][ T9409] RDX: 0000000000000700 RSI: 0000200000001140 RDI: 0000000000000006
[  358.002928][ T9409] RBP: 00007f092187a090 R08: 0000000000000000 R09: 0000000000000000
[  358.002937][ T9409] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  358.002944][ T9409] R13: 0000000000000000 R14: 00007f0920bb6160 R15: 00007ffff9a84768
[  358.002965][ T9409]  </TASK>
[  358.429844][   T48] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  358.701076][   T48] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  358.719863][   T48] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  358.739995][   T48] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  358.803965][   T48] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  358.845021][ T5977] hid-generic 0000:0000:0000.000A: unknown main item tag 0x0
[  358.879724][ T5977] hid-generic 0000:0000:0000.000A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  358.942294][   T48] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  358.961780][   T48] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  358.977238][   T48] usb 2-1: Product: syz
[  358.982560][   T48] usb 2-1: Manufacturer: syz
[  359.023759][   T48] cdc_wdm 2-1:1.0: skipping garbage
[  359.034935][ T9414] netlink: 20 bytes leftover after parsing attributes in process `syz.5.986'.
[  359.060002][   T48] cdc_wdm 2-1:1.0: skipping garbage
[  359.083338][   T48] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  359.089285][   T48] cdc_wdm 2-1:1.0: Unknown control protocol
[  359.112621][   T48] usb 2-1: USB disconnect, device number 33
[  359.150052][ T5907] gspca_sunplus: reg_r err -110
[  359.165191][ T5907] sunplus 1-1:0.0: probe with driver sunplus failed with error -110
[  359.441887][   T48] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  359.482457][ T6671] usb 1-1: USB disconnect, device number 30
[  359.582993][ T9423] netlink: 8 bytes leftover after parsing attributes in process `syz.3.988'.
[  359.595206][ T9423] netlink: 4 bytes leftover after parsing attributes in process `syz.3.988'.
[  359.626059][   T48] usb 2-1: config 0 has an invalid interface number: 64 but max is 0
[  359.669578][   T48] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  359.684003][   T48] usb 2-1: config 0 has no interface number 0
[  359.692866][   T48] usb 2-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  359.712762][   T48] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  359.736874][   T48] usb 2-1: Product: syz
[  359.747252][   T48] usb 2-1: Manufacturer: syz
[  359.757926][   T48] usb 2-1: SerialNumber: syz
[  359.775846][   T48] usb 2-1: config 0 descriptor??
[  359.809904][ T6671] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  359.990008][ T6671] usb 3-1: Using ep0 maxpacket: 32
[  360.000102][ T5907] usb 2-1: USB disconnect, device number 34
[  360.046074][ T6671] usb 3-1: config 1 has an invalid interface number: 237 but max is 1
[  360.072057][ T6671] usb 3-1: config 1 has an invalid interface number: 129 but max is 1
[  360.109835][ T6671] usb 3-1: config 1 has an invalid descriptor of length 36, skipping remainder of the config
[  360.109896][ T5977] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  360.158314][ T6671] usb 3-1: config 1 has no interface number 0
[  360.171687][ T6671] usb 3-1: config 1 has no interface number 1
[  360.191456][ T6671] usb 3-1: config 1 interface 237 has no altsetting 0
[  360.224398][ T6671] usb 3-1: config 1 interface 129 has no altsetting 0
[  360.248535][ T6671] usb 3-1: New USB device found, idVendor=0bfd, idProduct=000f, bcdDevice=99.7c
[  360.276202][ T6671] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  360.280150][ T5977] usb 6-1: Using ep0 maxpacket: 8
[  360.292912][ T5977] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  360.301416][ T5977] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  360.314532][ T6671] usb 3-1: Product: syz
[  360.324064][ T6671] usb 3-1: Manufacturer: syz
[  360.328780][ T5977] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  360.338881][ T6671] usb 3-1: SerialNumber: syz
[  360.400348][ T5977] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  360.446431][ T5977] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  360.494543][ T5977] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  360.719246][ T5977] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  360.899376][ T5893] Process accounting resumed
[  361.004590][ T5977] usb 6-1: usb_control_msg returned -32
[  361.010375][ T5977] usbtmc 6-1:16.0: can't read capabilities
[  362.121815][ T9422] sp0: Synchronizing with TNC
[  362.128166][ T9432] netlink: 32 bytes leftover after parsing attributes in process `syz.1.992'.
[  362.145431][ T9436] syz_tun: entered allmulticast mode
[  362.151131][ T9436] syz_tun: left allmulticast mode
[  362.245063][ T9442] netlink: 44 bytes leftover after parsing attributes in process `syz.0.994'.
[  362.391912][ T9447] tipc: Started in network mode
[  362.403635][ T9447] tipc: Node identity ac14140f, cluster identity 4711
[  362.422771][ T9447] tipc: Enabled bearer <udp:syz2>, priority 10
[  362.460108][   T48] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  362.569063][ T9449] vivid-001: disconnect
[  362.598473][ T9448] vivid-001: reconnect
[  362.627278][ T9451] netlink: 8 bytes leftover after parsing attributes in process `syz.3.998'.
[  362.636223][ T9451] netlink: 12 bytes leftover after parsing attributes in process `syz.3.998'.
[  362.645124][ T9451] netlink: 'syz.3.998': attribute type 13 has an invalid length.
[  362.689923][   T48] usb 2-1: Using ep0 maxpacket: 8
[  362.707577][   T48] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  362.736933][   T48] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  362.759413][   T48] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  362.777449][   T48] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  362.788733][   T48] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  362.802064][   T48] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  362.811887][   T48] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  362.937581][ T5977] usb 6-1: USB disconnect, device number 16
[  363.055222][ T9455] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1000'.
[  363.089940][   T48] usb 2-1: usb_control_msg returned -32
[  363.096039][   T48] usbtmc 2-1:16.0: can't read capabilities
[  363.910851][ T6671] kvaser_usb 3-1:1.237: error -ENODEV: Cannot get usb endpoint(s)
[  363.964295][ T6671] kvaser_usb 3-1:1.129: error -ENODEV: Cannot get usb endpoint(s)
[  364.008643][ T5854] tipc: Node number set to 2886997007
[  364.021113][ T6671] usb 3-1: USB disconnect, device number 33
[  364.088588][ T9464] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1001'.
[  364.433823][ T5854] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  364.780543][ T5977] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  365.071045][ T5977] usb 3-1: too many configurations: 151, using maximum allowed: 8
[  365.189106][ T5854] usb 1-1: config 0 has an invalid interface number: 64 but max is 0
[  365.223212][ T9482] netlink: 'syz.5.1008': attribute type 16 has an invalid length.
[  365.231476][ T9482] netlink: 'syz.5.1008': attribute type 17 has an invalid length.
[  365.574644][ T5854] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  365.599308][ T5854] usb 1-1: config 0 has no interface number 0
[  365.607237][ T5977] usb 3-1: New USB device found, idVendor=04d8, idProduct=0082, bcdDevice=ce.b7
[  365.617145][ T5977] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=130
[  365.631729][ T5854] usb 1-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  365.643481][ T5977] usb 3-1: Product: syz
[  365.647752][ T5854] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  365.648941][   T48] usb 2-1: USB disconnect, device number 35
[  365.656388][ T5977] usb 3-1: Manufacturer: syz
[  365.668150][ T5854] usb 1-1: Product: syz
[  365.674204][ T5854] usb 1-1: Manufacturer: syz
[  365.690687][ T5977] usb 3-1: SerialNumber: syz
[  365.696926][ T5854] usb 1-1: SerialNumber: syz
[  365.703350][ T5977] usb 3-1: config 0 descriptor??
[  365.713819][ T5854] usb 1-1: config 0 descriptor??
[  365.809927][   T30] audit: type=1326 audit(1750656059.205:1684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9484 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48f678e929 code=0x7ffc0000
[  365.836234][   T30] audit: type=1326 audit(1750656059.205:1685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9484 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f48f678e929 code=0x7ffc0000
[  365.873652][   T30] audit: type=1326 audit(1750656059.205:1686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9484 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48f678e929 code=0x7ffc0000
[  365.897065][   T30] audit: type=1326 audit(1750656059.205:1687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9484 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f48f678e929 code=0x7ffc0000
[  365.925101][   T30] audit: type=1326 audit(1750656059.205:1688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9484 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48f678e929 code=0x7ffc0000
[  367.931199][   T30] audit: type=1326 audit(1750656059.205:1689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9484 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f48f678e929 code=0x7ffc0000
[  367.986336][   T30] audit: type=1326 audit(1750656059.205:1690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9484 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48f678e929 code=0x7ffc0000
[  368.095649][   T30] audit: type=1326 audit(1750656059.205:1691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9484 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f48f678d3df code=0x7ffc0000
[  368.284531][   T30] audit: type=1326 audit(1750656059.205:1692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9484 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f48f678e929 code=0x7ffc0000
[  368.569531][   T30] audit: type=1326 audit(1750656059.205:1693): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9484 comm="syz.1.1009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f48f678e929 code=0x7ffc0000
[  368.633399][ T5900] usb 1-1: USB disconnect, device number 31
[  368.704317][   T48] kernel read not supported for file /sequencer (pid: 48 comm: kworker/1:1)
[  369.202076][ T5977] usb 3-1: USB disconnect, device number 34
[  370.224678][ T9511] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1015'.
[  371.602175][ T5900] IPVS: starting estimator thread 0...
[  371.613020][ T9525] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  371.721597][ T9534] IPVS: using max 31 ests per chain, 74400 per kthread
[  372.850010][ T5977] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  373.602063][ T5977] usb 1-1: config 0 has an invalid interface number: 64 but max is 0
[  373.615592][ T5977] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  373.630431][ T5977] usb 1-1: config 0 has no interface number 0
[  373.639104][ T5977] usb 1-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  373.652737][ T5977] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  373.661037][ T5977] usb 1-1: Product: syz
[  373.666714][ T5977] usb 1-1: Manufacturer: syz
[  373.671670][ T5977] usb 1-1: SerialNumber: syz
[  373.678721][ T5977] usb 1-1: config 0 descriptor??
[  373.893049][ T5977] usb 1-1: USB disconnect, device number 32
[  374.755656][ T9569] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  374.761934][ T9569] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  374.773413][ T9569] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  375.147186][ T9584] 9pnet_fd: Insufficient options for proto=fd
[  376.242082][ T9590] FAULT_INJECTION: forcing a failure.
[  376.242082][ T9590] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  376.255376][ T9590] CPU: 1 UID: 0 PID: 9590 Comm: syz.1.1037 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  376.255400][ T9590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  376.255414][ T9590] Call Trace:
[  376.255425][ T9590]  <TASK>
[  376.255432][ T9590]  dump_stack_lvl+0x189/0x250
[  376.255462][ T9590]  ? __pfx____ratelimit+0x10/0x10
[  376.255487][ T9590]  ? __pfx_dump_stack_lvl+0x10/0x10
[  376.255512][ T9590]  ? __pfx__printk+0x10/0x10
[  376.255529][ T9590]  ? __might_fault+0xb0/0x130
[  376.255560][ T9590]  should_fail_ex+0x414/0x560
[  376.255584][ T9590]  _copy_from_iter+0x575/0x16f0
[  376.255627][ T9590]  ? __pfx__copy_from_iter+0x10/0x10
[  376.255650][ T9590]  ? __lock_acquire+0xab9/0xd20
[  376.255671][ T9590]  ? smack_socket_sendmsg+0x1a7/0x520
[  376.255697][ T9590]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  376.255728][ T9590]  bcm_sendmsg+0x15b/0x6a0
[  376.255754][ T9590]  ? __lock_acquire+0xab9/0xd20
[  376.255775][ T9590]  ? __pfx_bcm_sendmsg+0x10/0x10
[  376.255807][ T9590]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  376.255828][ T9590]  ? __pfx_bcm_sendmsg+0x10/0x10
[  376.255851][ T9590]  __sock_sendmsg+0x21c/0x270
[  376.255879][ T9590]  ____sys_sendmsg+0x52d/0x830
[  376.255904][ T9590]  ? __pfx_____sys_sendmsg+0x10/0x10
[  376.255933][ T9590]  ? import_iovec+0x74/0xa0
[  376.255952][ T9590]  ___sys_sendmsg+0x21f/0x2a0
[  376.255975][ T9590]  ? __pfx____sys_sendmsg+0x10/0x10
[  376.256029][ T9590]  ? __fget_files+0x2a/0x420
[  376.256051][ T9590]  ? __fget_files+0x3a0/0x420
[  376.256083][ T9590]  __sys_sendmmsg+0x227/0x430
[  376.256108][ T9590]  ? __pfx___sys_sendmmsg+0x10/0x10
[  376.256126][ T9590]  ? __mutex_unlock_slowpath+0x1cd/0x700
[  376.256177][ T9590]  ? ksys_write+0x22a/0x250
[  376.256198][ T9590]  ? __pfx_ksys_write+0x10/0x10
[  376.256215][ T9590]  ? rcu_is_watching+0x15/0xb0
[  376.256246][ T9590]  __x64_sys_sendmmsg+0xa0/0xc0
[  376.256268][ T9590]  do_syscall_64+0xfa/0x3b0
[  376.256292][ T9590]  ? lockdep_hardirqs_on+0x9c/0x150
[  376.256315][ T9590]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.256332][ T9590]  ? clear_bhb_loop+0x60/0xb0
[  376.256352][ T9590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  376.256369][ T9590] RIP: 0033:0x7f48f678e929
[  376.256384][ T9590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  376.256399][ T9590] RSP: 002b:00007f48f7641038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  376.256417][ T9590] RAX: ffffffffffffffda RBX: 00007f48f69b5fa0 RCX: 00007f48f678e929
[  376.256429][ T9590] RDX: 040000000000003a RSI: 0000200000001b00 RDI: 0000000000000003
[  376.256441][ T9590] RBP: 00007f48f7641090 R08: 0000000000000000 R09: 0000000000000000
[  376.256451][ T9590] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  376.256462][ T9590] R13: 0000000000000000 R14: 00007f48f69b5fa0 R15: 00007ffc90425778
[  376.256489][ T9590]  </TASK>
[  376.830299][ T5820] Bluetooth: hci4: command 0x0c1a tx timeout
[  377.411864][ T5977] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  377.446500][ T6671] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  377.470322][ T9610] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1044'.
[  377.535673][ T9614] FAULT_INJECTION: forcing a failure.
[  377.535673][ T9614] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  377.550357][ T9614] CPU: 1 UID: 0 PID: 9614 Comm: syz.0.1046 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  377.550383][ T9614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  377.550395][ T9614] Call Trace:
[  377.550402][ T9614]  <TASK>
[  377.550411][ T9614]  dump_stack_lvl+0x189/0x250
[  377.550443][ T9614]  ? __pfx____ratelimit+0x10/0x10
[  377.550478][ T9614]  ? __pfx_dump_stack_lvl+0x10/0x10
[  377.550505][ T9614]  ? __pfx__printk+0x10/0x10
[  377.550523][ T9614]  ? __might_fault+0xb0/0x130
[  377.550556][ T9614]  should_fail_ex+0x414/0x560
[  377.550583][ T9614]  _copy_from_user+0x2d/0xb0
[  377.550600][ T9614]  ____sys_sendmsg+0x2fe/0x830
[  377.550629][ T9614]  ? __pfx_____sys_sendmsg+0x10/0x10
[  377.550660][ T9614]  ? import_iovec+0x74/0xa0
[  377.550679][ T9614]  ___sys_sendmsg+0x21f/0x2a0
[  377.550704][ T9614]  ? __pfx____sys_sendmsg+0x10/0x10
[  377.550770][ T9614]  ? __fget_files+0x2a/0x420
[  377.550792][ T9614]  ? __fget_files+0x3a0/0x420
[  377.550823][ T9614]  __x64_sys_sendmsg+0x19b/0x260
[  377.550846][ T9614]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  377.550876][ T9614]  ? __pfx_ksys_write+0x10/0x10
[  377.550893][ T9614]  ? rcu_is_watching+0x15/0xb0
[  377.550923][ T9614]  ? do_syscall_64+0xbe/0x3b0
[  377.550951][ T9614]  do_syscall_64+0xfa/0x3b0
[  377.550975][ T9614]  ? lockdep_hardirqs_on+0x9c/0x150
[  377.550998][ T9614]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.551015][ T9614]  ? clear_bhb_loop+0x60/0xb0
[  377.551035][ T9614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.551052][ T9614] RIP: 0033:0x7f8c6158e929
[  377.551067][ T9614] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  377.551082][ T9614] RSP: 002b:00007f8c62493038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  377.551100][ T9614] RAX: ffffffffffffffda RBX: 00007f8c617b5fa0 RCX: 00007f8c6158e929
[  377.551112][ T9614] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[  377.551123][ T9614] RBP: 00007f8c62493090 R08: 0000000000000000 R09: 0000000000000000
[  377.551134][ T9614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  377.551144][ T9614] R13: 0000000000000000 R14: 00007f8c617b5fa0 R15: 00007fffbe6794a8
[  377.551171][ T9614]  </TASK>
[  377.784859][ T5977] usb 3-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  377.797447][ T5977] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  377.808557][ T5977] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  377.824394][ T6671] usb 2-1: config 0 has an invalid interface number: 64 but max is 0
[  377.824620][ T5977] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  377.835899][ T6671] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  377.860074][ T6671] usb 2-1: config 0 has no interface number 0
[  377.869342][ T6671] usb 2-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  377.882520][ T6671] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  377.888046][ T5977] usb 3-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  377.890658][ T6671] usb 2-1: Product: syz
[  377.890684][ T6671] usb 2-1: Manufacturer: syz
[  377.903616][ T5977] usb 3-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  377.904192][ T6671] usb 2-1: SerialNumber: syz
[  377.921838][ T5977] usb 3-1: Manufacturer: syz
[  377.933947][ T6671] usb 2-1: config 0 descriptor??
[  377.933975][ T5977] usb 3-1: config 0 descriptor??
[  378.186340][ T5900] usb 2-1: USB disconnect, device number 36
[  378.425258][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  378.575062][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  378.613422][ T5977] appleir 0003:05AC:8243.000B: unknown main item tag 0x0
[  378.613727][ T9632] FAULT_INJECTION: forcing a failure.
[  378.613727][ T9632] name failslab, interval 1, probability 0, space 0, times 0
[  378.767268][ T9604] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  378.944761][ T9604] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  378.960613][ T5977] appleir 0003:05AC:8243.000B: No inputs registered, leaving
[  378.972065][ T5977] appleir 0003:05AC:8243.000B: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.2-1/input0
[  378.986185][ T9632] CPU: 0 UID: 0 PID: 9632 Comm: syz.0.1051 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  378.986217][ T9632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  378.986228][ T9632] Call Trace:
[  378.986236][ T9632]  <TASK>
[  378.986243][ T9632]  dump_stack_lvl+0x189/0x250
[  378.986272][ T9632]  ? __pfx____ratelimit+0x10/0x10
[  378.986297][ T9632]  ? __pfx_dump_stack_lvl+0x10/0x10
[  378.986321][ T9632]  ? __pfx__printk+0x10/0x10
[  378.986344][ T9632]  ? __pfx___might_resched+0x10/0x10
[  378.986368][ T9632]  ? fs_reclaim_acquire+0x7d/0x100
[  378.986396][ T9632]  should_fail_ex+0x414/0x560
[  378.986421][ T9632]  should_failslab+0xa8/0x100
[  378.986444][ T9632]  __kmalloc_cache_noprof+0x70/0x3d0
[  378.986464][ T9632]  ? __se_sys_mount+0x165/0x410
[  378.986485][ T9632]  ? memdup_user+0x99/0xd0
[  378.986513][ T9632]  __se_sys_mount+0x165/0x410
[  378.986544][ T9632]  ? __pfx___se_sys_mount+0x10/0x10
[  378.986564][ T9632]  ? rcu_is_watching+0x15/0xb0
[  378.986602][ T9632]  ? do_syscall_64+0xbe/0x3b0
[  378.986626][ T9632]  ? __x64_sys_mount+0x20/0xc0
[  378.986651][ T9632]  do_syscall_64+0xfa/0x3b0
[  378.986674][ T9632]  ? lockdep_hardirqs_on+0x9c/0x150
[  378.986699][ T9632]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.986716][ T9632]  ? clear_bhb_loop+0x60/0xb0
[  378.986737][ T9632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  378.986753][ T9632] RIP: 0033:0x7f8c6158e929
[  378.986769][ T9632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  378.986783][ T9632] RSP: 002b:00007f8c62472038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  378.986809][ T9632] RAX: ffffffffffffffda RBX: 00007f8c617b6080 RCX: 00007f8c6158e929
[  378.986821][ T9632] RDX: 0000200000000080 RSI: 0000200000000040 RDI: 0000000000000000
[  378.986833][ T9632] RBP: 00007f8c62472090 R08: 0000200000000480 R09: 0000000000000000
[  378.986843][ T9632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  378.986853][ T9632] R13: 0000000000000001 R14: 00007f8c617b6080 R15: 00007fffbe6794a8
[  378.986880][ T9632]  </TASK>
[  379.211728][ T5820] Bluetooth: hci4: command 0x0c1a tx timeout
[  379.318438][ T5919] usb 3-1: USB disconnect, device number 35
[  379.382484][ T9639] FAULT_INJECTION: forcing a failure.
[  379.382484][ T9639] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  379.395589][ T9639] CPU: 0 UID: 0 PID: 9639 Comm: syz.1.1052 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  379.395610][ T9639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  379.395621][ T9639] Call Trace:
[  379.395628][ T9639]  <TASK>
[  379.395636][ T9639]  dump_stack_lvl+0x189/0x250
[  379.395665][ T9639]  ? __pfx____ratelimit+0x10/0x10
[  379.395690][ T9639]  ? __pfx_dump_stack_lvl+0x10/0x10
[  379.395715][ T9639]  ? __pfx__printk+0x10/0x10
[  379.395744][ T9639]  should_fail_ex+0x414/0x560
[  379.395769][ T9639]  _copy_from_user+0x2d/0xb0
[  379.395786][ T9639]  sctp_setsockopt+0x19f/0x1200
[  379.395806][ T9639]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  379.395835][ T9639]  do_sock_setsockopt+0x25a/0x3e0
[  379.395857][ T9639]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  379.395881][ T9639]  ? __fget_files+0x2a/0x420
[  379.395911][ T9639]  __x64_sys_setsockopt+0x18b/0x220
[  379.395936][ T9639]  do_syscall_64+0xfa/0x3b0
[  379.395960][ T9639]  ? lockdep_hardirqs_on+0x9c/0x150
[  379.395983][ T9639]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  379.396000][ T9639]  ? clear_bhb_loop+0x60/0xb0
[  379.396021][ T9639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  379.396037][ T9639] RIP: 0033:0x7f48f678e929
[  379.396052][ T9639] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  379.396067][ T9639] RSP: 002b:00007f48f7641038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  379.396085][ T9639] RAX: ffffffffffffffda RBX: 00007f48f69b5fa0 RCX: 00007f48f678e929
[  379.396098][ T9639] RDX: 0000000000000009 RSI: 0000000000000084 RDI: 0000000000000003
[  379.396108][ T9639] RBP: 00007f48f7641090 R08: 000000000000009c R09: 0000000000000000
[  379.396118][ T9639] R10: 0000200000000a00 R11: 0000000000000246 R12: 0000000000000001
[  379.396134][ T9639] R13: 0000000000000000 R14: 00007f48f69b5fa0 R15: 00007ffc90425778
[  379.396160][ T9639]  </TASK>
[  379.871558][ T9648] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1057'.
[  380.035129][ T9658] 9pnet_fd: Insufficient options for proto=fd
[  380.317252][ T9670] input: syz0 as /devices/virtual/input/input6
[  380.343986][ T6671] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  380.496725][ T9675] xt_bpf: check failed: parse error
[  381.091550][ T5893] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  381.112254][ T6671] usb 2-1: Using ep0 maxpacket: 32
[  381.123886][ T6671] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  381.150260][ T6671] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  381.181820][ T6671] usb 2-1: config 0 descriptor??
[  381.196104][ T6671] gspca_main: nw80x-2.14.0 probing 055f:d001
[  381.230332][ T5820] Bluetooth: hci4: command 0x0c1a tx timeout
[  381.264406][ T5893] usb 3-1: config 0 has an invalid interface number: 64 but max is 0
[  381.277980][ T5893] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  381.290058][ T5893] usb 3-1: config 0 has no interface number 0
[  381.298641][ T5893] usb 3-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  381.307911][ T5893] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  381.324488][ T5893] usb 3-1: Product: syz
[  381.328709][ T5893] usb 3-1: Manufacturer: syz
[  381.333416][ T5893] usb 3-1: SerialNumber: syz
[  381.360618][ T5893] usb 3-1: config 0 descriptor??
[  381.391607][ T9654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  381.471236][ T9686] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1070'.
[  381.480362][ T9654] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  381.572056][ T5893] usb 3-1: USB disconnect, device number 36
[  381.835658][ T6671] gspca_nw80x: reg_w err -110
[  381.842039][ T6671] nw80x 2-1:0.0: probe with driver nw80x failed with error -110
[  383.694640][ T9698] FAULT_INJECTION: forcing a failure.
[  383.694640][ T9698] name failslab, interval 1, probability 0, space 0, times 0
[  383.730719][ T9698] CPU: 1 UID: 0 PID: 9698 Comm: syz.2.1072 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  383.730737][ T9698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  383.730746][ T9698] Call Trace:
[  383.730751][ T9698]  <TASK>
[  383.730757][ T9698]  dump_stack_lvl+0x189/0x250
[  383.730779][ T9698]  ? __pfx____ratelimit+0x10/0x10
[  383.730798][ T9698]  ? __pfx_dump_stack_lvl+0x10/0x10
[  383.730816][ T9698]  ? __pfx__printk+0x10/0x10
[  383.730832][ T9698]  ? __pfx___might_resched+0x10/0x10
[  383.730849][ T9698]  ? fs_reclaim_acquire+0x7d/0x100
[  383.730870][ T9698]  should_fail_ex+0x414/0x560
[  383.730888][ T9698]  should_failslab+0xa8/0x100
[  383.730905][ T9698]  __kmalloc_cache_noprof+0x70/0x3d0
[  383.730920][ T9698]  ? __se_sys_mount+0x165/0x410
[  383.730936][ T9698]  ? memdup_user+0x99/0xd0
[  383.730956][ T9698]  __se_sys_mount+0x165/0x410
[  383.730976][ T9698]  ? __pfx___se_sys_mount+0x10/0x10
[  383.730991][ T9698]  ? rcu_is_watching+0x15/0xb0
[  383.731012][ T9698]  ? do_syscall_64+0xbe/0x3b0
[  383.731030][ T9698]  ? __x64_sys_mount+0x20/0xc0
[  383.731049][ T9698]  do_syscall_64+0xfa/0x3b0
[  383.731066][ T9698]  ? lockdep_hardirqs_on+0x9c/0x150
[  383.731084][ T9698]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.731096][ T9698]  ? clear_bhb_loop+0x60/0xb0
[  383.731111][ T9698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.731130][ T9698] RIP: 0033:0x7ff72818e929
[  383.731141][ T9698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  383.731152][ T9698] RSP: 002b:00007ff728f8f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  383.731165][ T9698] RAX: ffffffffffffffda RBX: 00007ff7283b5fa0 RCX: 00007ff72818e929
[  383.731174][ T9698] RDX: 0000200000000080 RSI: 0000200000000040 RDI: 0000000000000000
[  383.731182][ T9698] RBP: 00007ff728f8f090 R08: 0000200000000480 R09: 0000000000000000
[  383.731190][ T9698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  383.731198][ T9698] R13: 0000000000000000 R14: 00007ff7283b5fa0 R15: 00007fff1ce0a5b8
[  383.731216][ T9698]  </TASK>
[  383.762400][ T5854] usb 2-1: USB disconnect, device number 37
[  383.786355][ T9700] 9pnet_fd: Insufficient options for proto=fd
[  384.769618][ T9711] FAULT_INJECTION: forcing a failure.
[  384.769618][ T9711] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  384.837193][ T9711] CPU: 0 UID: 0 PID: 9711 Comm: syz.0.1077 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  384.837221][ T9711] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  384.837232][ T9711] Call Trace:
[  384.837239][ T9711]  <TASK>
[  384.837247][ T9711]  dump_stack_lvl+0x189/0x250
[  384.837277][ T9711]  ? __pfx____ratelimit+0x10/0x10
[  384.837302][ T9711]  ? __pfx_dump_stack_lvl+0x10/0x10
[  384.837327][ T9711]  ? __pfx__printk+0x10/0x10
[  384.837344][ T9711]  ? __might_fault+0xb0/0x130
[  384.837375][ T9711]  should_fail_ex+0x414/0x560
[  384.837400][ T9711]  _copy_from_user+0x2d/0xb0
[  384.837417][ T9711]  __sys_connect+0x123/0x440
[  384.837435][ T9711]  ? __fget_files+0x3a0/0x420
[  384.837458][ T9711]  ? __pfx___sys_connect+0x10/0x10
[  384.837487][ T9711]  ? __pfx_ksys_write+0x10/0x10
[  384.837504][ T9711]  ? rcu_is_watching+0x15/0xb0
[  384.837536][ T9711]  __x64_sys_connect+0x7a/0x90
[  384.837555][ T9711]  do_syscall_64+0xfa/0x3b0
[  384.837579][ T9711]  ? lockdep_hardirqs_on+0x9c/0x150
[  384.837605][ T9711]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.837622][ T9711]  ? clear_bhb_loop+0x60/0xb0
[  384.837643][ T9711]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  384.837661][ T9711] RIP: 0033:0x7f8c6158e929
[  384.837676][ T9711] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  384.837692][ T9711] RSP: 002b:00007f8c62493038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  384.837711][ T9711] RAX: ffffffffffffffda RBX: 00007f8c617b5fa0 RCX: 00007f8c6158e929
[  384.837724][ T9711] RDX: 000000000000001c RSI: 0000200000000000 RDI: 0000000000000003
[  384.837735][ T9711] RBP: 00007f8c62493090 R08: 0000000000000000 R09: 0000000000000000
[  384.837746][ T9711] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  384.837756][ T9711] R13: 0000000000000000 R14: 00007f8c617b5fa0 R15: 00007fffbe6794a8
[  384.837791][ T9711]  </TASK>
[  385.344307][ T9719] FAULT_INJECTION: forcing a failure.
[  385.344307][ T9719] name failslab, interval 1, probability 0, space 0, times 0
[  385.367180][ T9719] CPU: 1 UID: 0 PID: 9719 Comm: syz.2.1079 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  385.367205][ T9719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  385.367216][ T9719] Call Trace:
[  385.367223][ T9719]  <TASK>
[  385.367230][ T9719]  dump_stack_lvl+0x189/0x250
[  385.367260][ T9719]  ? __pfx____ratelimit+0x10/0x10
[  385.367285][ T9719]  ? __pfx_dump_stack_lvl+0x10/0x10
[  385.367310][ T9719]  ? __pfx__printk+0x10/0x10
[  385.367332][ T9719]  ? __pfx___might_resched+0x10/0x10
[  385.367356][ T9719]  ? fs_reclaim_acquire+0x7d/0x100
[  385.367385][ T9719]  should_fail_ex+0x414/0x560
[  385.367410][ T9719]  should_failslab+0xa8/0x100
[  385.367434][ T9719]  __kmalloc_cache_noprof+0x70/0x3d0
[  385.367455][ T9719]  ? __se_sys_mount+0x165/0x410
[  385.367476][ T9719]  ? memdup_user+0x99/0xd0
[  385.367504][ T9719]  __se_sys_mount+0x165/0x410
[  385.367532][ T9719]  ? __pfx___se_sys_mount+0x10/0x10
[  385.367554][ T9719]  ? rcu_is_watching+0x15/0xb0
[  385.367583][ T9719]  ? do_syscall_64+0xbe/0x3b0
[  385.367606][ T9719]  ? __x64_sys_mount+0x20/0xc0
[  385.367631][ T9719]  do_syscall_64+0xfa/0x3b0
[  385.367654][ T9719]  ? lockdep_hardirqs_on+0x9c/0x150
[  385.367678][ T9719]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.367695][ T9719]  ? clear_bhb_loop+0x60/0xb0
[  385.367715][ T9719]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  385.367732][ T9719] RIP: 0033:0x7ff72818e929
[  385.367747][ T9719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  385.367762][ T9719] RSP: 002b:00007ff728f8f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  385.367780][ T9719] RAX: ffffffffffffffda RBX: 00007ff7283b5fa0 RCX: 00007ff72818e929
[  385.367793][ T9719] RDX: 0000200000000040 RSI: 0000200000000380 RDI: 0000000000000000
[  385.367804][ T9719] RBP: 00007ff728f8f090 R08: 0000200000000400 R09: 0000000000000000
[  385.367816][ T9719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  385.367826][ T9719] R13: 0000000000000000 R14: 00007ff7283b5fa0 R15: 00007fff1ce0a5b8
[  385.367853][ T9719]  </TASK>
[  385.654623][ T9720] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1081'.
[  386.025447][ T9736] 9pnet_fd: Insufficient options for proto=fd
[  386.119847][ T5893] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  386.286184][ T5893] usb 2-1: config 0 has an invalid interface number: 64 but max is 0
[  386.301117][ T5893] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  386.336904][ T5893] usb 2-1: config 0 has no interface number 0
[  386.359238][ T5893] usb 2-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  386.372218][ T5893] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  386.381428][ T5893] usb 2-1: Product: syz
[  386.385668][ T5893] usb 2-1: Manufacturer: syz
[  386.392450][ T5893] usb 2-1: SerialNumber: syz
[  386.403369][ T5893] usb 2-1: config 0 descriptor??
[  386.579292][ T9757] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1095'.
[  386.652175][ T5893] usb 2-1: USB disconnect, device number 38
[  386.762256][ T9765] trusted_key: encrypted_key: master key parameter 'defaultsyz' is invalid
[  386.846804][ T9765] IPv6: addrconf: prefix option has invalid lifetime
[  389.055504][ T9800] FAULT_INJECTION: forcing a failure.
[  389.055504][ T9800] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  389.068928][ T9800] CPU: 0 UID: 0 PID: 9800 Comm: syz.0.1107 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  389.068968][ T9800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  389.068979][ T9800] Call Trace:
[  389.068986][ T9800]  <TASK>
[  389.068993][ T9800]  dump_stack_lvl+0x189/0x250
[  389.069018][ T9800]  ? irqentry_exit+0x74/0x90
[  389.069041][ T9800]  ? __pfx_dump_stack_lvl+0x10/0x10
[  389.069077][ T9800]  should_fail_ex+0x414/0x560
[  389.069099][ T9800]  _copy_to_iter+0x3f5/0x16f0
[  389.069130][ T9800]  ? __pfx__copy_to_iter+0x10/0x10
[  389.069157][ T9800]  ? seq_read_iter+0x569/0xe10
[  389.069177][ T9800]  seq_read_iter+0xbeb/0xe10
[  389.069208][ T9800]  seq_read+0x2e2/0x3d0
[  389.069229][ T9800]  ? __pfx_seq_read+0x10/0x10
[  389.069245][ T9800]  ? __debugfs_file_get+0x5dd/0x710
[  389.069267][ T9800]  ? __pfx___debugfs_file_get+0x10/0x10
[  389.069294][ T9800]  full_proxy_read+0x153/0x220
[  389.069314][ T9800]  ? __pfx_full_proxy_read+0x10/0x10
[  389.069334][ T9800]  vfs_read+0x200/0x980
[  389.069356][ T9800]  ? __pfx___mutex_lock+0x10/0x10
[  389.069379][ T9800]  ? __pfx_vfs_read+0x10/0x10
[  389.069396][ T9800]  ? __fget_files+0x2a/0x420
[  389.069419][ T9800]  ? __fget_files+0x3a0/0x420
[  389.069437][ T9800]  ? __fget_files+0x2a/0x420
[  389.069463][ T9800]  ksys_read+0x145/0x250
[  389.069481][ T9800]  ? __pfx_ksys_read+0x10/0x10
[  389.069498][ T9800]  ? rcu_is_watching+0x15/0xb0
[  389.069520][ T9800]  ? trace_sys_enter+0x25/0x120
[  389.069543][ T9800]  do_syscall_64+0xfa/0x3b0
[  389.069566][ T9800]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.069579][ T9800]  ? asm_sysvec_call_function_single+0x1a/0x20
[  389.069594][ T9800]  ? clear_bhb_loop+0x60/0xb0
[  389.069618][ T9800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.069632][ T9800] RIP: 0033:0x7f8c6158e929
[  389.069645][ T9800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  389.069658][ T9800] RSP: 002b:00007f8c62472038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  389.069673][ T9800] RAX: ffffffffffffffda RBX: 00007f8c617b6080 RCX: 00007f8c6158e929
[  389.069684][ T9800] RDX: 0000000000000cac RSI: 00002000000034c0 RDI: 0000000000000006
[  389.069693][ T9800] RBP: 00007f8c62472090 R08: 0000000000000000 R09: 0000000000000000
[  389.069702][ T9800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  389.069710][ T9800] R13: 0000000000000000 R14: 00007f8c617b6080 R15: 00007fffbe6794a8
[  389.069733][ T9800]  </TASK>
[  390.172556][ T9816] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3630600679 (14522402716 ns) > initial count (9558228128 ns). Using initial count to start timer.
[  390.441117][ T5919] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  390.612575][ T5919] usb 3-1: config 0 has an invalid interface number: 64 but max is 0
[  391.176907][ T5919] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  391.189961][ T5919] usb 3-1: config 0 has no interface number 0
[  391.198283][ T5919] usb 3-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  391.235794][ T5919] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  391.260028][ T5919] usb 3-1: Product: syz
[  391.280258][ T5919] usb 3-1: Manufacturer: syz
[  391.294392][ T5919] usb 3-1: SerialNumber: syz
[  391.905144][ T5919] usb 3-1: config 0 descriptor??
[  392.170617][ T5919] usb 3-1: USB disconnect, device number 37
[  392.292152][ T9843] netlink: 'syz.0.1124': attribute type 2 has an invalid length.
[  392.673682][   T48] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  392.708090][ T9859] FAULT_INJECTION: forcing a failure.
[  392.708090][ T9859] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  392.721842][ T9859] CPU: 1 UID: 0 PID: 9859 Comm: syz.2.1129 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  392.721865][ T9859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  392.721876][ T9859] Call Trace:
[  392.721883][ T9859]  <TASK>
[  392.721891][ T9859]  dump_stack_lvl+0x189/0x250
[  392.721920][ T9859]  ? __pfx____ratelimit+0x10/0x10
[  392.721945][ T9859]  ? __pfx_dump_stack_lvl+0x10/0x10
[  392.721970][ T9859]  ? __pfx__printk+0x10/0x10
[  392.721986][ T9859]  ? __might_fault+0xb0/0x130
[  392.722025][ T9859]  should_fail_ex+0x414/0x560
[  392.722054][ T9859]  _copy_from_user+0x2d/0xb0
[  392.722071][ T9859]  do_sys_poll+0x242/0x1070
[  392.722108][ T9859]  ? __pfx_do_sys_poll+0x10/0x10
[  392.722194][ T9859]  ? rcu_read_lock_any_held+0xb3/0x120
[  392.722220][ T9859]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  392.722249][ T9859]  ? vfs_write+0x8d8/0xa90
[  392.722292][ T9859]  ? set_user_sigmask+0xc7/0x1b0
[  392.722317][ T9859]  ? __pfx_set_user_sigmask+0x10/0x10
[  392.722350][ T9859]  __se_sys_ppoll+0x1ff/0x260
[  392.722374][ T9859]  ? __pfx___se_sys_ppoll+0x10/0x10
[  392.722395][ T9859]  ? __pfx_ksys_write+0x10/0x10
[  392.722412][ T9859]  ? rcu_is_watching+0x15/0xb0
[  392.722440][ T9859]  ? do_syscall_64+0xbe/0x3b0
[  392.722463][ T9859]  ? __x64_sys_ppoll+0x20/0xc0
[  392.722486][ T9859]  do_syscall_64+0xfa/0x3b0
[  392.722509][ T9859]  ? lockdep_hardirqs_on+0x9c/0x150
[  392.722533][ T9859]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.722550][ T9859]  ? clear_bhb_loop+0x60/0xb0
[  392.722570][ T9859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.722587][ T9859] RIP: 0033:0x7ff72818e929
[  392.722602][ T9859] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  392.722616][ T9859] RSP: 002b:00007ff728f8f038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[  392.722634][ T9859] RAX: ffffffffffffffda RBX: 00007ff7283b5fa0 RCX: 00007ff72818e929
[  392.722647][ T9859] RDX: 0000000000000000 RSI: 20000000000000dc RDI: 00002000000000c0
[  392.722659][ T9859] RBP: 00007ff728f8f090 R08: 0000000000000000 R09: 0000000000000000
[  392.722670][ T9859] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  392.722680][ T9859] R13: 0000000000000000 R14: 00007ff7283b5fa0 R15: 00007fff1ce0a5b8
[  392.722706][ T9859]  </TASK>
[  393.091928][   T48] usb 6-1: config 0 descriptor has 1 excess byte, ignoring
[  393.099256][   T48] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  393.106915][ T9868] overlayfs: failed to resolve './file1': -2
[  393.111279][   T48] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  393.111320][   T48] usb 6-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  393.111341][   T48] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  393.145577][   T48] usb 6-1: config 0 descriptor??
[  393.165712][   T48] usbhid 6-1:0.0: can't add hid device: -22
[  393.171966][   T48] usbhid 6-1:0.0: probe with driver usbhid failed with error -22
[  393.269864][ T5919] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  393.303354][ T9878] kAFS: No cell specified
[  393.443823][ T5919] usb 3-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7
[  393.453251][ T5919] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  393.495957][ T5919] usb 3-1: Product: syz
[  393.506053][ T5919] usb 3-1: Manufacturer: syz
[  393.520025][ T5919] usb 3-1: SerialNumber: syz
[  393.537279][ T5919] usb 3-1: config 0 descriptor??
[  393.800158][ T5893] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  393.807805][   T48] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  393.942255][   T48] usb 2-1: device descriptor read/64, error -71
[  393.962356][ T5893] usb 1-1: config 0 has an invalid interface number: 64 but max is 0
[  393.973744][ T5893] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  393.985626][ T5893] usb 1-1: config 0 has no interface number 0
[  394.301133][   T48] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  394.436443][ T9897] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  394.448010][ T9897] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  394.457712][ T5893] usb 1-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  394.465064][ T5919] usb 3-1: f81604_read: reg: 105 failed: -EPROTO
[  394.468035][ T5893] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.480453][ T5919] f81604 3-1:0.0: Setting termination of CH#1 failed: -EPROTO
[  394.486165][ T5893] usb 1-1: Product: syz
[  394.489017][ T5919] f81604 3-1:0.0: probe with driver f81604 failed with error -71
[  394.493392][ T5893] usb 1-1: Manufacturer: syz
[  394.493410][ T5893] usb 1-1: SerialNumber: syz
[  394.498257][ T5893] usb 1-1: config 0 descriptor??
[  394.517376][ T5919] usb 3-1: USB disconnect, device number 38
[  394.590566][   T48] usb 2-1: device descriptor read/64, error -71
[  394.710791][   T48] usb usb2-port1: attempt power cycle
[  394.725578][ T5893] usb 1-1: USB disconnect, device number 33
[  395.050219][   T48] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  395.091336][   T48] usb 2-1: device descriptor read/8, error -71
[  395.144829][ T9903] FAULT_INJECTION: forcing a failure.
[  395.144829][ T9903] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  395.161936][ T9903] CPU: 0 UID: 0 PID: 9903 Comm: syz.2.1143 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  395.161961][ T9903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  395.161972][ T9903] Call Trace:
[  395.161979][ T9903]  <TASK>
[  395.161986][ T9903]  dump_stack_lvl+0x189/0x250
[  395.162016][ T9903]  ? __pfx____ratelimit+0x10/0x10
[  395.162042][ T9903]  ? __pfx_dump_stack_lvl+0x10/0x10
[  395.162067][ T9903]  ? __pfx__printk+0x10/0x10
[  395.162087][ T9903]  ? get_sigframe+0x596/0x7d0
[  395.162115][ T9903]  should_fail_ex+0x414/0x560
[  395.162140][ T9903]  _copy_to_user+0x31/0xb0
[  395.162158][ T9903]  copy_siginfo_to_user+0x22/0xc0
[  395.162185][ T9903]  x64_setup_rt_frame+0x777/0xd40
[  395.162225][ T9903]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  395.162256][ T9903]  arch_do_signal_or_restart+0x3dc/0x750
[  395.162277][ T9903]  ? __fget_files+0x3a0/0x420
[  395.162304][ T9903]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  395.162339][ T9903]  ? exit_to_user_mode_loop+0x40/0x110
[  395.162366][ T9903]  exit_to_user_mode_loop+0x75/0x110
[  395.162389][ T9903]  do_syscall_64+0x2bd/0x3b0
[  395.162414][ T9903]  ? lockdep_hardirqs_on+0x9c/0x150
[  395.162438][ T9903]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.162458][ T9903]  ? clear_bhb_loop+0x60/0xb0
[  395.162480][ T9903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  395.162496][ T9903] RIP: 0033:0x7ff72818e927
[  395.162511][ T9903] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  395.162527][ T9903] RSP: 002b:00007ff728f8f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000013
[  395.162546][ T9903] RAX: 0000000000000013 RBX: 00007ff7283b5fa0 RCX: 00007ff72818e929
[  395.162558][ T9903] RDX: 000000000000000e RSI: 0000200000000200 RDI: 0000000000000003
[  395.162569][ T9903] RBP: 00007ff728f8f090 R08: 0000000000000000 R09: 0000000000000000
[  395.162580][ T9903] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  395.162591][ T9903] R13: 0000000000000000 R14: 00007ff7283b5fa0 R15: 00007fff1ce0a5b8
[  395.162618][ T9903]  </TASK>
[  395.607381][ T6671] usb 6-1: USB disconnect, device number 17
[  395.759704][ T9915] 9pnet_fd: Insufficient options for proto=fd
[  395.830310][ T5918] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  395.866550][   T48] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  395.915966][   T48] usb 2-1: device descriptor read/8, error -71
[  396.035912][   T48] usb usb2-port1: unable to enumerate USB device
[  396.049871][ T5918] usb 3-1: Using ep0 maxpacket: 16
[  396.058009][ T5918] usb 3-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  396.080184][ T5918] usb 3-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  396.091649][ T5918] usb 3-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  396.105214][ T5918] usb 3-1: config 1 interface 0 has no altsetting 0
[  396.118754][ T5918] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  396.145596][ T5918] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  396.154943][ T5918] usb 3-1: Product: syz
[  396.159157][ T5918] usb 3-1: Manufacturer: syz
[  396.163830][ T5918] usb 3-1: SerialNumber: syz
[  396.216355][ T9925] bridge0: port 2(bridge_slave_1) entered disabled state
[  396.223745][ T9925] bridge0: port 1(bridge_slave_0) entered disabled state
[  396.270128][ T5880] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  396.450301][ T5880] usb 1-1: Using ep0 maxpacket: 8
[  397.290745][ T5880] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  397.301098][ T5880] usb 1-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e
[  397.311346][ T5880] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  397.341470][ T5880] usb 1-1: config 0 descriptor??
[  397.361160][ T5880] usb 1-1: bad CDC descriptors
[  397.366987][ T5880] cdc_acm 1-1:0.0: Control and data interfaces are not separated!
[  397.380191][ T5880] cdc_acm 1-1:0.0: This needs exactly 3 endpoints
[  397.389947][ T5880] cdc_acm 1-1:0.0: probe with driver cdc_acm failed with error -22
[  397.411317][ T5918] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 39 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  397.493654][ T9925] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  397.537198][ T9925] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  397.549458][ T5977] usb 3-1: USB disconnect, device number 39
[  397.557946][ T9923] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  397.567847][ T9923] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  397.576561][ T5977] usblp0: removed
[  397.810370][ T5880] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  397.871490][ T9952] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1157'.
[  398.534045][ T9925] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  398.543202][ T9925] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  398.554356][ T5880] usb 6-1: config 0 has an invalid interface number: 64 but max is 0
[  398.562790][ T5880] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  398.573291][ T5880] usb 6-1: config 0 has no interface number 0
[  398.579531][ T9925] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  398.592655][ T9925] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  398.604902][ T5880] usb 6-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  398.614039][ T5880] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  398.630894][ T9957] 9pnet_fd: Insufficient options for proto=fd
[  398.639564][ T5880] usb 6-1: Product: syz
[  398.643835][ T5880] usb 6-1: Manufacturer: syz
[  398.657407][ T5880] usb 6-1: SerialNumber: syz
[  398.670176][ T5880] usb 6-1: config 0 descriptor??
[  398.749640][ T9960] trusted_key: encrypted_key: insufficient parameters specified
[  398.886086][ T9966] FAULT_INJECTION: forcing a failure.
[  398.886086][ T9966] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  398.888733][   T48] usb 6-1: USB disconnect, device number 18
[  398.899303][ T9966] CPU: 0 UID: 0 PID: 9966 Comm: syz.2.1163 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  398.899335][ T9966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  398.899350][ T9966] Call Trace:
[  398.899361][ T9966]  <TASK>
[  398.899371][ T9966]  dump_stack_lvl+0x189/0x250
[  398.899410][ T9966]  ? __pfx____ratelimit+0x10/0x10
[  398.899457][ T9966]  ? __pfx_dump_stack_lvl+0x10/0x10
[  398.899490][ T9966]  ? __pfx__printk+0x10/0x10
[  398.899514][ T9966]  ? __might_fault+0xb0/0x130
[  398.899556][ T9966]  should_fail_ex+0x414/0x560
[  398.899588][ T9966]  _copy_from_iter+0x1db/0x16f0
[  398.899626][ T9966]  ? rcu_is_watching+0x15/0xb0
[  398.899660][ T9966]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  398.899690][ T9966]  ? __pfx__copy_from_iter+0x10/0x10
[  398.899724][ T9966]  ? __build_skb_around+0x257/0x3e0
[  398.899759][ T9966]  ? netlink_sendmsg+0x642/0xb30
[  398.899783][ T9966]  ? skb_put+0x11b/0x210
[  398.899812][ T9966]  netlink_sendmsg+0x6b2/0xb30
[  398.899848][ T9966]  ? __pfx_netlink_sendmsg+0x10/0x10
[  398.899883][ T9966]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  398.899910][ T9966]  ? __pfx_netlink_sendmsg+0x10/0x10
[  398.899937][ T9966]  __sock_sendmsg+0x21c/0x270
[  398.899974][ T9966]  ____sys_sendmsg+0x505/0x830
[  398.900008][ T9966]  ? __pfx_____sys_sendmsg+0x10/0x10
[  398.900046][ T9966]  ? import_iovec+0x74/0xa0
[  398.900071][ T9966]  ___sys_sendmsg+0x21f/0x2a0
[  398.900111][ T9966]  ? __pfx____sys_sendmsg+0x10/0x10
[  398.900187][ T9966]  ? __fget_files+0x2a/0x420
[  398.900212][ T9966]  ? __fget_files+0x3a0/0x420
[  398.900247][ T9966]  __x64_sys_sendmsg+0x19b/0x260
[  398.900273][ T9966]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  398.900306][ T9966]  ? __pfx_ksys_write+0x10/0x10
[  398.900325][ T9966]  ? rcu_is_watching+0x15/0xb0
[  398.900357][ T9966]  ? do_syscall_64+0xbe/0x3b0
[  398.900388][ T9966]  do_syscall_64+0xfa/0x3b0
[  398.900422][ T9966]  ? lockdep_hardirqs_on+0x9c/0x150
[  398.900448][ T9966]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.900467][ T9966]  ? clear_bhb_loop+0x60/0xb0
[  398.900490][ T9966]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.900510][ T9966] RIP: 0033:0x7ff72818e929
[  398.900526][ T9966] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  398.900542][ T9966] RSP: 002b:00007ff728f8f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  398.900562][ T9966] RAX: ffffffffffffffda RBX: 00007ff7283b5fa0 RCX: 00007ff72818e929
[  398.900577][ T9966] RDX: 0000000000000000 RSI: 00002000000007c0 RDI: 0000000000000004
[  398.900590][ T9966] RBP: 00007ff728f8f090 R08: 0000000000000000 R09: 0000000000000000
[  398.900601][ T9966] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  398.900613][ T9966] R13: 0000000000000000 R14: 00007ff7283b5fa0 R15: 00007fff1ce0a5b8
[  398.900642][ T9966]  </TASK>
[  399.076823][ T5977] usb 1-1: USB disconnect, device number 34
[  399.259609][ T9979] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  399.266163][ T9979] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  399.285357][ T9979] vhci_hcd vhci_hcd.0: Device attached
[  399.622922][ T5854] vhci_hcd: vhci_device speed not set
[  399.689879][ T5919] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  399.697683][ T5854] usb 37-1: new full-speed USB device number 2 using vhci_hcd
[  399.860081][ T5919] usb 3-1: Using ep0 maxpacket: 8
[  399.887610][ T5919] usb 3-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  399.922395][ T5919] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x93, changing to 0x83
[  399.998292][ T5919] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  400.022312][ T5919] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  400.060258][ T5919] usb 3-1: New USB device found, idVendor=15c2, idProduct=003b, bcdDevice=66.3e
[  400.069843][ T5919] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  400.083084][ T9996] FAULT_INJECTION: forcing a failure.
[  400.083084][ T9996] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  400.099644][ T5919] usb 3-1: Product: syz
[  400.104091][ T5919] usb 3-1: Manufacturer: syz
[  400.108762][ T5919] usb 3-1: SerialNumber: syz
[  400.113642][ T9996] CPU: 0 UID: 0 PID: 9996 Comm: syz.0.1172 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  400.113666][ T9996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  400.113676][ T9996] Call Trace:
[  400.113683][ T9996]  <TASK>
[  400.113691][ T9996]  dump_stack_lvl+0x189/0x250
[  400.113720][ T9996]  ? __pfx____ratelimit+0x10/0x10
[  400.113745][ T9996]  ? __pfx_dump_stack_lvl+0x10/0x10
[  400.113769][ T9996]  ? __pfx__printk+0x10/0x10
[  400.113787][ T9996]  ? __might_fault+0xb0/0x130
[  400.113818][ T9996]  should_fail_ex+0x414/0x560
[  400.113844][ T9996]  _copy_from_user+0x2d/0xb0
[  400.113860][ T9996]  ip_tunnel_parm_from_user+0xa2/0x380
[  400.113890][ T9996]  ? __pfx_ip_tunnel_parm_from_user+0x10/0x10
[  400.113913][ T9996]  ? kasan_save_free_info+0x46/0x50
[  400.113955][ T9996]  ip_tunnel_siocdevprivate+0x99/0x180
[  400.113983][ T9996]  ? __pfx_ip_tunnel_siocdevprivate+0x10/0x10
[  400.114015][ T9996]  ? __lock_acquire+0xab9/0xd20
[  400.114052][ T9996]  ipip6_tunnel_siocdevprivate+0x24e/0x1580
[  400.114080][ T9996]  ? __pfx___mutex_trylock_common+0x10/0x10
[  400.114107][ T9996]  ? __pfx_ipip6_tunnel_siocdevprivate+0x10/0x10
[  400.114131][ T9996]  ? rcu_is_watching+0x15/0xb0
[  400.114156][ T9996]  ? trace_contention_end+0x39/0x120
[  400.114172][ T9996]  ? __mutex_lock+0x330/0xe80
[  400.114200][ T9996]  ? __lock_acquire+0xab9/0xd20
[  400.114225][ T9996]  ? dev_ioctl+0x83c/0x1150
[  400.114240][ T9996]  ? full_name_hash+0x92/0xe0
[  400.114268][ T9996]  ? netdev_name_node_lookup+0xdf/0x120
[  400.114303][ T9996]  dev_ifsioc+0xb57/0xf00
[  400.114327][ T9996]  dev_ioctl+0x84c/0x1150
[  400.114347][ T9996]  sock_ioctl+0x719/0x790
[  400.114375][ T9996]  ? __pfx_sock_ioctl+0x10/0x10
[  400.114401][ T9996]  ? __fget_files+0x3a0/0x420
[  400.114423][ T9996]  ? __fget_files+0x2a/0x420
[  400.114448][ T9996]  ? bpf_lsm_file_ioctl+0x9/0x20
[  400.114471][ T9996]  ? __pfx_sock_ioctl+0x10/0x10
[  400.114494][ T9996]  __se_sys_ioctl+0xfc/0x170
[  400.114516][ T9996]  do_syscall_64+0xfa/0x3b0
[  400.114545][ T9996]  ? lockdep_hardirqs_on+0x9c/0x150
[  400.114569][ T9996]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.114587][ T9996]  ? clear_bhb_loop+0x60/0xb0
[  400.114608][ T9996]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.114625][ T9996] RIP: 0033:0x7f8c6158e929
[  400.114641][ T9996] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.114656][ T9996] RSP: 002b:00007f8c62493038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  400.114675][ T9996] RAX: ffffffffffffffda RBX: 00007f8c617b5fa0 RCX: 00007f8c6158e929
[  400.114688][ T9996] RDX: 0000200000001040 RSI: 00000000000089f1 RDI: 0000000000000008
[  400.114699][ T9996] RBP: 00007f8c62493090 R08: 0000000000000000 R09: 0000000000000000
[  400.114709][ T9996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  400.114720][ T9996] R13: 0000000000000000 R14: 00007f8c617b5fa0 R15: 00007fffbe6794a8
[  400.114747][ T9996]  </TASK>
[  400.462232][ T5919] usb 3-1: config 0 descriptor??
[  400.478583][ T5919] input: iMON Panel, Knob and Mouse(15c2:003b) as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input8
[  400.734726][ T5919] imon:send_packet: packet tx failed (-71)
[  400.736393][ T9980] vhci_hcd: connection reset by peer
[  400.900250][ T5919] imon 3-1:0.0: panel buttons/knobs setup failed
[  401.279950][   T13] vhci_hcd: stop threads
[  401.284261][   T13] vhci_hcd: release socket
[  401.313604][T10012] FAULT_INJECTION: forcing a failure.
[  401.313604][T10012] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  401.336893][   T13] vhci_hcd: disconnect device
[  401.375815][T10012] CPU: 0 UID: 0 PID: 10012 Comm: syz.1.1176 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  401.375841][T10012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  401.375857][T10012] Call Trace:
[  401.375865][T10012]  <TASK>
[  401.375873][T10012]  dump_stack_lvl+0x189/0x250
[  401.375905][T10012]  ? __pfx____ratelimit+0x10/0x10
[  401.375933][T10012]  ? __pfx_dump_stack_lvl+0x10/0x10
[  401.375960][T10012]  ? __pfx__printk+0x10/0x10
[  401.375978][T10012]  ? __might_fault+0xb0/0x130
[  401.376011][T10012]  should_fail_ex+0x414/0x560
[  401.376038][T10012]  _copy_from_iter+0x1db/0x16f0
[  401.376068][T10012]  ? rcu_is_watching+0x15/0xb0
[  401.376097][T10012]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[  401.376120][T10012]  ? __pfx__copy_from_iter+0x10/0x10
[  401.376148][T10012]  ? __build_skb_around+0x257/0x3e0
[  401.376172][T10012]  ? netlink_sendmsg+0x642/0xb30
[  401.376191][T10012]  ? skb_put+0x11b/0x210
[  401.376215][T10012]  netlink_sendmsg+0x6b2/0xb30
[  401.376244][T10012]  ? __pfx_netlink_sendmsg+0x10/0x10
[  401.376273][T10012]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  401.376302][T10012]  ? __pfx_netlink_sendmsg+0x10/0x10
[  401.376324][T10012]  __sock_sendmsg+0x21c/0x270
[  401.376366][T10012]  ____sys_sendmsg+0x505/0x830
[  401.376392][T10012]  ? __pfx_____sys_sendmsg+0x10/0x10
[  401.376422][T10012]  ? import_iovec+0x74/0xa0
[  401.376441][T10012]  ___sys_sendmsg+0x21f/0x2a0
[  401.376464][T10012]  ? __pfx____sys_sendmsg+0x10/0x10
[  401.376518][T10012]  ? __fget_files+0x2a/0x420
[  401.376540][T10012]  ? __fget_files+0x3a0/0x420
[  401.376572][T10012]  __x64_sys_sendmsg+0x19b/0x260
[  401.376596][T10012]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  401.376625][T10012]  ? __pfx_ksys_write+0x10/0x10
[  401.376644][T10012]  ? rcu_is_watching+0x15/0xb0
[  401.376671][T10012]  ? do_syscall_64+0xbe/0x3b0
[  401.376700][T10012]  do_syscall_64+0xfa/0x3b0
[  401.376723][T10012]  ? lockdep_hardirqs_on+0x9c/0x150
[  401.376747][T10012]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.376764][T10012]  ? clear_bhb_loop+0x60/0xb0
[  401.376784][T10012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.376801][T10012] RIP: 0033:0x7f48f678e929
[  401.376816][T10012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.376831][T10012] RSP: 002b:00007f48f7641038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  401.376849][T10012] RAX: ffffffffffffffda RBX: 00007f48f69b5fa0 RCX: 00007f48f678e929
[  401.376862][T10012] RDX: 0000000024040800 RSI: 0000200000000180 RDI: 0000000000000003
[  401.376873][T10012] RBP: 00007f48f7641090 R08: 0000000000000000 R09: 0000000000000000
[  401.376883][T10012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  401.376894][T10012] R13: 0000000000000000 R14: 00007f48f69b5fa0 R15: 00007ffc90425778
[  401.376920][T10012]  </TASK>
[  401.439470][T10016] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1175'.
[  401.530018][ T5919] rc_core: IR keymap rc-imon-pad not found
[  401.735717][ T5919] Registered IR keymap rc-empty
[  401.735871][ T5919] imon 3-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  401.735891][ T5919] imon 3-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  401.738969][ T5919] imon:send_packet: packet tx failed (-71)
[  401.752571][ T5919] imon 3-1:0.0: remote input dev register failed
[  401.755701][ T5919] imon 3-1:0.0: imon_init_intf0: rc device setup failed
[  402.127076][ T5893] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  402.238280][ T5919] imon 3-1:0.0: unable to initialize intf0, err 0
[  402.245011][ T5919] imon:imon_probe: failed to initialize context!
[  402.252009][ T5919] imon 3-1:0.0: unable to register, err -19
[  402.271924][ T5893] usb 2-1: config 0 has an invalid interface number: 64 but max is 0
[  402.280690][ T5893] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  402.306205][ T5893] usb 2-1: config 0 has no interface number 0
[  402.324801][ T5893] usb 2-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  402.353267][ T5919] usb 3-1: USB disconnect, device number 40
[  402.379872][ T5893] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  402.410945][ T5893] usb 2-1: Product: syz
[  402.415136][ T5893] usb 2-1: Manufacturer: syz
[  402.448621][ T5893] usb 2-1: SerialNumber: syz
[  402.578358][ T5893] usb 2-1: config 0 descriptor??
[  402.602285][T10036] FAULT_INJECTION: forcing a failure.
[  402.602285][T10036] name failslab, interval 1, probability 0, space 0, times 0
[  402.640418][T10036] CPU: 1 UID: 0 PID: 10036 Comm: syz.0.1185 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  402.640443][T10036] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  402.640454][T10036] Call Trace:
[  402.640461][T10036]  <TASK>
[  402.640470][T10036]  dump_stack_lvl+0x189/0x250
[  402.640500][T10036]  ? __pfx____ratelimit+0x10/0x10
[  402.640525][T10036]  ? __pfx_dump_stack_lvl+0x10/0x10
[  402.640550][T10036]  ? __pfx__printk+0x10/0x10
[  402.640571][T10036]  ? __pfx___might_resched+0x10/0x10
[  402.640595][T10036]  ? fs_reclaim_acquire+0x7d/0x100
[  402.640625][T10036]  should_fail_ex+0x414/0x560
[  402.640650][T10036]  should_failslab+0xa8/0x100
[  402.640674][T10036]  kmem_cache_alloc_noprof+0x73/0x3c0
[  402.640693][T10036]  ? security_file_alloc+0x34/0x330
[  402.640719][T10036]  security_file_alloc+0x34/0x330
[  402.640743][T10036]  init_file+0x93/0x2f0
[  402.640771][T10036]  alloc_empty_file+0x6e/0x1d0
[  402.640797][T10036]  path_openat+0x107/0x3830
[  402.640827][T10036]  ? is_bpf_text_address+0x26/0x2b0
[  402.640857][T10036]  ? is_bpf_text_address+0x292/0x2b0
[  402.640880][T10036]  ? is_bpf_text_address+0x26/0x2b0
[  402.640907][T10036]  ? kernel_text_address+0xa5/0xe0
[  402.640932][T10036]  ? __kernel_text_address+0xd/0x40
[  402.640952][T10036]  ? __pfx_path_openat+0x10/0x10
[  402.640968][T10036]  ? arch_stack_walk+0xfc/0x150
[  402.641010][T10036]  do_filp_open+0x1fa/0x410
[  402.641030][T10036]  ? __pfx_do_filp_open+0x10/0x10
[  402.641074][T10036]  ? __lock_acquire+0xab9/0xd20
[  402.641094][T10036]  ? do_open_execat+0x93/0x450
[  402.641116][T10036]  do_open_execat+0x135/0x450
[  402.641133][T10036]  ? __pfx_do_open_execat+0x10/0x10
[  402.641163][T10036]  alloc_bprm+0x28/0x5b0
[  402.641185][T10036]  do_execveat_common+0x1b3/0x6a0
[  402.641215][T10036]  __x64_sys_execveat+0xc4/0xe0
[  402.641238][T10036]  do_syscall_64+0xfa/0x3b0
[  402.641262][T10036]  ? lockdep_hardirqs_on+0x9c/0x150
[  402.641286][T10036]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.641303][T10036]  ? clear_bhb_loop+0x60/0xb0
[  402.641324][T10036]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  402.641346][T10036] RIP: 0033:0x7f8c6158e929
[  402.641361][T10036] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  402.641376][T10036] RSP: 002b:00007f8c62493038 EFLAGS: 00000246 ORIG_RAX: 0000000000000142
[  402.641394][T10036] RAX: ffffffffffffffda RBX: 00007f8c617b5fa0 RCX: 00007f8c6158e929
[  402.641407][T10036] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000004
[  402.641418][T10036] RBP: 00007f8c62493090 R08: 0000000000000000 R09: 0000000000000000
[  402.641429][T10036] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  402.641439][T10036] R13: 0000000000000000 R14: 00007f8c617b5fa0 R15: 00007fffbe6794a8
[  402.641465][T10036]  </TASK>
[  402.926610][    C1] vkms_vblank_simulate: vblank timer overrun
[  403.487101][ T5918] usb 2-1: USB disconnect, device number 43
[  403.890687][T10059] openvswitch: netlink: IP tunnel attribute has 16 unknown bytes.
[  403.946798][T10057] 9pnet_fd: Insufficient options for proto=fd
[  404.285917][T10062] FAULT_INJECTION: forcing a failure.
[  404.285917][T10062] name failslab, interval 1, probability 0, space 0, times 0
[  404.330221][T10062] CPU: 0 UID: 0 PID: 10062 Comm: syz.5.1189 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  404.330246][T10062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  404.330257][T10062] Call Trace:
[  404.330264][T10062]  <TASK>
[  404.330272][T10062]  dump_stack_lvl+0x189/0x250
[  404.330302][T10062]  ? __pfx____ratelimit+0x10/0x10
[  404.330327][T10062]  ? __pfx_dump_stack_lvl+0x10/0x10
[  404.330352][T10062]  ? __pfx__printk+0x10/0x10
[  404.330375][T10062]  ? __pfx___might_resched+0x10/0x10
[  404.330398][T10062]  ? fs_reclaim_acquire+0x7d/0x100
[  404.330426][T10062]  should_fail_ex+0x414/0x560
[  404.330452][T10062]  should_failslab+0xa8/0x100
[  404.330476][T10062]  __kmalloc_noprof+0xcb/0x4f0
[  404.330494][T10062]  ? kfree+0x4d/0x440
[  404.330510][T10062]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  404.330540][T10062]  tomoyo_realpath_from_path+0xe3/0x5d0
[  404.330566][T10062]  ? tomoyo_domain+0xda/0x130
[  404.330596][T10062]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  404.330617][T10062]  tomoyo_path_number_perm+0x1e8/0x5a0
[  404.330641][T10062]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  404.330664][T10062]  ? sb_end_write+0xe9/0x1c0
[  404.330689][T10062]  ? vfs_write+0x8d8/0xa90
[  404.330740][T10062]  ? ksys_write+0x1e1/0x250
[  404.330765][T10062]  security_file_ioctl+0xcb/0x2d0
[  404.330789][T10062]  __se_sys_ioctl+0x47/0x170
[  404.330809][T10062]  do_syscall_64+0xfa/0x3b0
[  404.330833][T10062]  ? lockdep_hardirqs_on+0x9c/0x150
[  404.330857][T10062]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.330874][T10062]  ? clear_bhb_loop+0x60/0xb0
[  404.330895][T10062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  404.330912][T10062] RIP: 0033:0x7f092098e929
[  404.330927][T10062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  404.330942][T10062] RSP: 002b:00007f09218bc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  404.330960][T10062] RAX: ffffffffffffffda RBX: 00007f0920bb5fa0 RCX: 00007f092098e929
[  404.330972][T10062] RDX: 0000000000000000 RSI: 0000000000004c0a RDI: 0000000000000003
[  404.330983][T10062] RBP: 00007f09218bc090 R08: 0000000000000000 R09: 0000000000000000
[  404.330993][T10062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  404.331004][T10062] R13: 0000000000000000 R14: 00007f0920bb5fa0 R15: 00007ffff9a84768
[  404.331031][T10062]  </TASK>
[  404.331038][T10062] ERROR: Out of memory at tomoyo_realpath_from_path.
[  404.859882][ T5880] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  404.900172][ T5854] vhci_hcd: vhci_device speed not set
[  405.260454][ T5880] usb 1-1: Using ep0 maxpacket: 8
[  405.408300][T10074] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1193'.
[  405.687279][ T5880] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  405.698882][ T5880] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.711277][ T5880] usb 1-1: config 0 descriptor??
[  406.485534][T10078] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  406.500274][T10078] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  406.588546][T10077] pim6reg: entered allmulticast mode
[  406.622490][T10077] pim6reg: left allmulticast mode
[  406.909823][ T5918] usb 6-1: new full-speed USB device number 19 using dummy_hcd
[  410.379899][ T5880] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  410.394595][ T5880] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write GPIO value 0x0080: ffffffb9
[  410.421116][ T5880] asix 1-1:0.0: probe with driver asix failed with error -71
[  410.432667][ T5880] usb 1-1: USB disconnect, device number 35
[  410.574964][T10094] sctp: [Deprecated]: syz.5.1200 (pid 10094) Use of struct sctp_assoc_value in delayed_ack socket option.
[  410.574964][T10094] Use struct sctp_sack_info instead
[  411.421966][ T5893] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  411.863292][ T5893] usb 2-1: config 0 has an invalid interface number: 64 but max is 0
[  411.913666][ T5893] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  411.936893][T10122] x_tables: duplicate underflow at hook 2
[  411.936977][ T5893] usb 2-1: config 0 has no interface number 0
[  411.999655][ T5893] usb 2-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[  412.042080][ T5893] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  412.079005][ T5893] usb 2-1: Product: syz
[  412.081846][T10131] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1213'.
[  412.097209][ T5893] usb 2-1: Manufacturer: syz
[  412.117918][ T5893] usb 2-1: SerialNumber: syz
[  412.147829][ T5893] usb 2-1: config 0 descriptor??
[  412.503105][ T5854] usb 2-1: USB disconnect, device number 44
[  413.165777][T10140] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1215'.
[  414.272948][T10157] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  414.919677][T10166] FAULT_INJECTION: forcing a failure.
[  414.919677][T10166] name failslab, interval 1, probability 0, space 0, times 0
[  414.995857][T10166] CPU: 1 UID: 0 PID: 10166 Comm: syz.1.1223 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  414.995884][T10166] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  414.995896][T10166] Call Trace:
[  414.995903][T10166]  <TASK>
[  414.995911][T10166]  dump_stack_lvl+0x189/0x250
[  414.995942][T10166]  ? __pfx____ratelimit+0x10/0x10
[  414.995967][T10166]  ? __pfx_dump_stack_lvl+0x10/0x10
[  414.995993][T10166]  ? __pfx__printk+0x10/0x10
[  414.996013][T10166]  ? __pfx___might_resched+0x10/0x10
[  414.996038][T10166]  ? fs_reclaim_acquire+0x7d/0x100
[  414.996068][T10166]  should_fail_ex+0x414/0x560
[  414.996093][T10166]  should_failslab+0xa8/0x100
[  414.996125][T10166]  __kmalloc_noprof+0xcb/0x4f0
[  414.996145][T10166]  ? tomoyo_encode+0x28b/0x550
[  414.996175][T10166]  tomoyo_encode+0x28b/0x550
[  414.996205][T10166]  tomoyo_realpath_from_path+0x58d/0x5d0
[  414.996241][T10166]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  414.996262][T10166]  tomoyo_path_number_perm+0x1e8/0x5a0
[  414.996286][T10166]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  414.996323][T10166]  ? __lock_acquire+0xab9/0xd20
[  414.996365][T10166]  ? __fget_files+0x2a/0x420
[  414.996390][T10166]  ? __fget_files+0x2a/0x420
[  414.996411][T10166]  ? __fget_files+0x3a0/0x420
[  414.996433][T10166]  ? __fget_files+0x2a/0x420
[  414.996459][T10166]  security_file_ioctl+0xcb/0x2d0
[  414.996483][T10166]  __se_sys_ioctl+0x47/0x170
[  414.996504][T10166]  do_syscall_64+0xfa/0x3b0
[  414.996528][T10166]  ? lockdep_hardirqs_on+0x9c/0x150
[  414.996553][T10166]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  414.996570][T10166]  ? clear_bhb_loop+0x60/0xb0
[  414.996592][T10166]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  414.996608][T10166] RIP: 0033:0x7f48f678e929
[  414.996624][T10166] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  414.996638][T10166] RSP: 002b:00007f48f7641038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  414.996657][T10166] RAX: ffffffffffffffda RBX: 00007f48f69b5fa0 RCX: 00007f48f678e929
[  414.996670][T10166] RDX: 00002000000000c0 RSI: 000000000000541c RDI: 0000000000000003
[  414.996681][T10166] RBP: 00007f48f7641090 R08: 0000000000000000 R09: 0000000000000000
[  414.996692][T10166] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  414.996701][T10166] R13: 0000000000000000 R14: 00007f48f69b5fa0 R15: 00007ffc90425778
[  414.996730][T10166]  </TASK>
[  414.996749][T10166] ERROR: Out of memory at tomoyo_realpath_from_path.
[  415.925317][T10171] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1226'.
[  416.212040][T10183] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  416.981105][T10192] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1230'.
[  417.609863][ T5918] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  418.013847][T10203] FAULT_INJECTION: forcing a failure.
[  418.013847][T10203] name failslab, interval 1, probability 0, space 0, times 0
[  418.026887][T10203] CPU: 0 UID: 0 PID: 10203 Comm: syz.5.1235 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  418.026911][T10203] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  418.026921][T10203] Call Trace:
[  418.026928][T10203]  <TASK>
[  418.026936][T10203]  dump_stack_lvl+0x189/0x250
[  418.026965][T10203]  ? __pfx____ratelimit+0x10/0x10
[  418.026991][T10203]  ? __pfx_dump_stack_lvl+0x10/0x10
[  418.027016][T10203]  ? __pfx__printk+0x10/0x10
[  418.027039][T10203]  ? __pfx___might_resched+0x10/0x10
[  418.027062][T10203]  ? fs_reclaim_acquire+0x7d/0x100
[  418.027090][T10203]  should_fail_ex+0x414/0x560
[  418.027114][T10203]  ? __pfx_sock_alloc_inode+0x10/0x10
[  418.027139][T10203]  should_failslab+0xa8/0x100
[  418.027162][T10203]  ? __pfx_sock_alloc_inode+0x10/0x10
[  418.027185][T10203]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[  418.027205][T10203]  ? sock_alloc_inode+0x28/0xc0
[  418.027232][T10203]  ? __pfx_sock_alloc_inode+0x10/0x10
[  418.027256][T10203]  sock_alloc_inode+0x28/0xc0
[  418.027279][T10203]  alloc_inode+0x67/0x1b0
[  418.027301][T10203]  __sock_create+0x12d/0x9f0
[  418.027329][T10203]  ? __pfx___se_sys_setns+0x10/0x10
[  418.027357][T10203]  __sys_socket+0xd7/0x1b0
[  418.027386][T10203]  __x64_sys_socket+0x7a/0x90
[  418.027413][T10203]  do_syscall_64+0xfa/0x3b0
[  418.027438][T10203]  ? lockdep_hardirqs_on+0x9c/0x150
[  418.027461][T10203]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.027479][T10203]  ? clear_bhb_loop+0x60/0xb0
[  418.027500][T10203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  418.027516][T10203] RIP: 0033:0x7f092098e929
[  418.027531][T10203] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  418.027546][T10203] RSP: 002b:00007f09218bbfe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  418.027565][T10203] RAX: ffffffffffffffda RBX: 00007f0920bb5fa0 RCX: 00007f092098e929
[  418.027578][T10203] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[  418.027588][T10203] RBP: 0000000000000004 R08: 0000000000000000 R09: 0000000000000000
[  418.027598][T10203] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  418.027609][T10203] R13: 0000000000000001 R14: 00007f0920bb5fa0 R15: 00007ffff9a84768
[  418.027636][T10203]  </TASK>
[  418.027644][T10203] socket: no more sockets
[  523.259716][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  523.266749][    C0] rcu: 	1-...!: (1 GPs behind) idle=13ac/1/0x4000000000000000 softirq=47514/47515 fqs=0
[  523.277352][    C0] rcu: 	(detected by 0, t=10505 jiffies, g=40625, q=97 ncpus=2)
[  523.285032][    C0] Sending NMI from CPU 0 to CPUs 1:
[  523.285063][    C1] NMI backtrace for cpu 1
[  523.285077][    C1] CPU: 1 UID: 0 PID: 10198 Comm: modprobe Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  523.285095][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  523.285105][    C1] RIP: 0010:check_preemption_disabled+0x1e/0x120
[  523.285135][    C1] Code: 90 90 90 90 90 90 90 90 90 90 90 90 55 41 57 41 56 53 48 83 ec 10 65 48 8b 05 7e 5e 3a 07 48 89 44 24 08 65 8b 05 86 5e 3a 07 <65> 8b 0d 7b 5e 3a 07 f7 c1 ff ff ff 7f 74 23 65 48 8b 0d 5b 5e 3a
[  523.285149][    C1] RSP: 0018:ffffc90000a08bc8 EFLAGS: 00000082
[  523.285162][    C1] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0952f55af25b5900
[  523.285172][    C1] RDX: 0000000000000000 RSI: ffffffff8db5a868 RDI: ffffffff8be1b8c0
[  523.285182][    C1] RBP: ffffffff81ae60d2 R08: 0000000000000000 R09: ffffffff81ae60d2
[  523.285192][    C1] R10: dffffc0000000000 R11: fffffbfff1f3fc1f R12: 0000000000000000
[  523.285202][    C1] R13: ffff8880b8727ad8 R14: 0000000000000001 R15: 0000000000000046
[  523.285212][    C1] FS:  00007f24de3b1c80(0000) GS:ffff888125d85000(0000) knlGS:0000000000000000
[  523.285225][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  523.285236][    C1] CR2: 0000200000029000 CR3: 0000000066216000 CR4: 00000000003526f0
[  523.285249][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  523.285258][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  523.285267][    C1] Call Trace:
[  523.285274][    C1]  <IRQ>
[  523.285279][    C1]  ? __hrtimer_run_queues+0x602/0xc60
[  523.285303][    C1]  ? __hrtimer_run_queues+0x602/0xc60
[  523.285322][    C1]  lock_acquire+0x130/0x360
[  523.285341][    C1]  ? advance_sched+0x9f8/0xc90
[  523.285358][    C1]  ? advance_sched+0x9f8/0xc90
[  523.285373][    C1]  ? advance_sched+0x9f8/0xc90
[  523.285392][    C1]  _raw_spin_lock_irq+0xa2/0xf0
[  523.285410][    C1]  ? __hrtimer_run_queues+0x602/0xc60
[  523.285429][    C1]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[  523.285451][    C1]  __hrtimer_run_queues+0x602/0xc60
[  523.285477][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  523.285497][    C1]  ? read_tsc+0x9/0x20
[  523.285516][    C1]  hrtimer_interrupt+0x45b/0xaa0
[  523.285545][    C1]  __sysvec_apic_timer_interrupt+0x10b/0x410
[  523.285567][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  523.285586][    C1]  </IRQ>
[  523.285591][    C1]  <TASK>
[  523.285597][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  523.285612][    C1] RIP: 0010:__sanitizer_cov_trace_cmp8+0x0/0x90
[  523.285629][    C1] Code: 7c 11 10 48 89 74 11 18 48 89 44 11 20 c3 cc cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <f3> 0f 1e fa 48 8b 04 24 65 48 8b 0c 25 08 b0 99 92 65 8b 15 98 61
[  523.285648][    C1] RSP: 0018:ffffc9000d1774f8 EFLAGS: 00000293
[  523.285660][    C1] RAX: ffffffff8b57eda5 RBX: 0000000000000009 RCX: ffff888031028000
[  523.285670][    C1] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000009
[  523.285679][    C1] RBP: ffffc9000d1776d0 R08: 0000000000000003 R09: 0000000000000004
[  523.285688][    C1] R10: dffffc0000000000 R11: fffffbfff33f6dd4 R12: 0000000000000000
[  523.285698][    C1] R13: ffff88802d899e98 R14: 0000000000000001 R15: 0000000000000001
[  523.285710][    C1]  ? mt_validate+0x765/0x4380
[  523.285734][    C1]  mt_validate+0x798/0x4380
[  523.285760][    C1]  ? __pfx_mt_validate+0x10/0x10
[  523.285783][    C1]  ? trace_ma_write+0x87/0x1f0
[  523.285802][    C1]  ? uprobe_mmap+0x177/0x1020
[  523.285823][    C1]  validate_mm+0xb6/0x4b0
[  523.285846][    C1]  ? __pfx_validate_mm+0x10/0x10
[  523.285869][    C1]  ? __pfx_uprobe_mmap+0x10/0x10
[  523.285884][    C1]  ? vma_complete+0x9e7/0xae0
[  523.285906][    C1]  ? vma_prepare+0x485/0x4b0
[  523.285926][    C1]  ? vma_adjust_trans_huge+0x286/0x370
[  523.285948][    C1]  __split_vma+0x8bd/0xa00
[  523.285966][    C1]  ? __pfx___split_vma+0x10/0x10
[  523.285983][    C1]  ? __schedule+0x16c0/0x4cb0
[  523.286001][    C1]  ? can_vma_merge_left+0x195/0x6b0
[  523.286025][    C1]  vma_modify+0x13b3/0x1970
[  523.286045][    C1]  vma_modify_flags+0x1e8/0x230
[  523.286059][    C1]  ? __pfx_vma_modify_flags+0x10/0x10
[  523.286078][    C1]  ? mas_next_slot+0xc20/0xcf0
[  523.286097][    C1]  mprotect_fixup+0x400/0x9b0
[  523.286121][    C1]  ? __pfx_mprotect_fixup+0x10/0x10
[  523.286145][    C1]  do_mprotect_pkey+0x8cd/0xce0
[  523.286166][    C1]  ? __lock_acquire+0xab9/0xd20
[  523.286187][    C1]  ? __pfx_do_mprotect_pkey+0x10/0x10
[  523.286222][    C1]  __x64_sys_mprotect+0x80/0x90
[  523.286242][    C1]  do_syscall_64+0xfa/0x3b0
[  523.286264][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  523.286277][    C1]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  523.286291][    C1]  ? clear_bhb_loop+0x60/0xb0
[  523.286307][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  523.286321][    C1] RIP: 0033:0x7f24de7482c7
[  523.286333][    C1] Code: 89 3d fd 3f 01 00 eb 90 0f 1f 00 f7 d8 89 05 f0 3f 01 00 48 c7 c0 ff ff ff ff eb 91 0f 1f 80 00 00 00 00 b8 0a 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8d 0d c9 3f 01 00 f7 d8 89 01 48 83
[  523.286345][    C1] RSP: 002b:00007ffd8f98d348 EFLAGS: 00000206 ORIG_RAX: 000000000000000a
[  523.286359][    C1] RAX: ffffffffffffffda RBX: 00007f24de71c0c0 RCX: 00007f24de7482c7
[  523.286370][    C1] RDX: 0000000000000001 RSI: 0000000000003000 RDI: 00007f24de718000
[  523.286379][    C1] RBP: 00007ffd8f98d610 R08: 0000000000000000 R09: 00007f24de699bf7
[  523.286389][    C1] R10: 00007f24de71c0c0 R11: 0000000000000206 R12: 0000000000000008
[  523.286399][    C1] R13: 000000d83561bcb2 R14: 0000000000000000 R15: 00007f24de75c310
[  523.286415][    C1]  </TASK>
[  523.287053][    C0] rcu: rcu_preempt kthread starved for 10505 jiffies! g40625 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  523.830082][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  523.840073][    C0] rcu: RCU grace-period kthread stack dump:
[  523.845975][    C0] task:rcu_preempt     state:R  running task     stack:25856 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00004000
[  523.859487][    C0] Call Trace:
[  523.862781][    C0]  <TASK>
[  523.865727][    C0]  __schedule+0x16a2/0x4cb0
[  523.870304][    C0]  ? schedule+0x165/0x360
[  523.874685][    C0]  ? __pfx___schedule+0x10/0x10
[  523.879575][    C0]  ? schedule+0x91/0x360
[  523.883857][    C0]  schedule+0x165/0x360
[  523.888044][    C0]  schedule_timeout+0x12b/0x270
[  523.892911][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  523.898301][    C0]  ? __pfx_process_timeout+0x10/0x10
[  523.903627][    C0]  ? prepare_to_swait_event+0x341/0x380
[  523.909205][    C0]  rcu_gp_fqs_loop+0x301/0x1540
[  523.914096][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[  523.919074][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  523.924301][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  523.929608][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[  523.934847][    C0]  rcu_gp_kthread+0x99/0x390
[  523.939460][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  523.944681][    C0]  ? __kthread_parkme+0x7b/0x200
[  523.949644][    C0]  ? __kthread_parkme+0x1a1/0x200
[  523.954701][    C0]  kthread+0x70e/0x8a0
[  523.958789][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  523.963998][    C0]  ? __pfx_kthread+0x10/0x10
[  523.968602][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  523.973817][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  523.979031][    C0]  ? __pfx_kthread+0x10/0x10
[  523.983661][    C0]  ret_from_fork+0x3fc/0x770
[  523.988274][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  523.993425][    C0]  ? __switch_to_asm+0x39/0x70
[  523.998199][    C0]  ? __switch_to_asm+0x33/0x70
[  524.002977][    C0]  ? __pfx_kthread+0x10/0x10
[  524.007579][    C0]  ret_from_fork_asm+0x1a/0x30
[  524.012371][    C0]  </TASK>
[  524.015410][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  524.021742][    C0] CPU: 0 UID: 0 PID: 13 Comm: kworker/u8:1 Not tainted 6.16.0-rc2-syzkaller-00378-gb67ec639010f #0 PREEMPT(full) 
[  524.033722][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  524.043789][    C0] Workqueue: events_unbound toggle_allocation_gate
[  524.050318][    C0] RIP: 0010:smp_call_function_many_cond+0xf6e/0x12d0
[  524.057014][    C0] Code: 89 ee 83 e6 01 31 ff e8 60 78 0b 00 41 83 e5 01 49 bd 00 00 00 00 00 fc ff df 75 07 e8 0b 74 0b 00 eb 37 f3 90 43 0f b6 04 2c <84> c0 75 10 41 f7 07 01 00 00 00 74 1e e8 f0 73 0b 00 eb e5 44 89
[  524.076629][    C0] RSP: 0018:ffffc900001276a0 EFLAGS: 00000293
[  524.082705][    C0] RAX: 0000000000000000 RBX: ffff8880b863b040 RCX: ffff88801d2a8000
[  524.090685][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[  524.098660][    C0] RBP: ffffc90000127800 R08: ffffffff8f9fe0f7 R09: 1ffffffff1f3fc1e
[  524.106638][    C0] R10: dffffc0000000000 R11: fffffbfff1f3fc1f R12: 1ffff110170e7f2d
[  524.114615][    C0] R13: dffffc0000000000 R14: 0000000000000001 R15: ffff8880b873f968
[  524.122593][    C0] FS:  0000000000000000(0000) GS:ffff888125c85000(0000) knlGS:0000000000000000
[  524.131529][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  524.138123][    C0] CR2: 0000001b3075ffff CR3: 000000000df38000 CR4: 00000000003526f0
[  524.146109][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  524.154090][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  524.162070][    C0] Call Trace:
[  524.165358][    C0]  <TASK>
[  524.168319][    C0]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[  524.174665][    C0]  ? __pfx_text_poke_memcpy+0x10/0x10
[  524.180051][    C0]  ? kmem_cache_alloc_bulk_noprof+0x148/0x790
[  524.186144][    C0]  ? __pfx___text_poke+0x10/0x10
[  524.191087][    C0]  ? rcu_is_watching+0x15/0xb0
[  524.195872][    C0]  ? trace_contention_end+0x39/0x120
[  524.201175][    C0]  ? __pfx_do_sync_core+0x10/0x10
[  524.206211][    C0]  on_each_cpu_cond_mask+0x3f/0x80
[  524.211340][    C0]  smp_text_poke_batch_finish+0x5e0/0x1100
[  524.217158][    C0]  ? __pfx___mutex_lock+0x10/0x10
[  524.222228][    C0]  ? __pfx_smp_text_poke_batch_finish+0x10/0x10
[  524.228488][    C0]  ? arch_jump_label_transform_queue+0x97/0x110
[  524.234748][    C0]  arch_jump_label_transform_apply+0x1c/0x30
[  524.240744][    C0]  static_key_enable_cpuslocked+0x128/0x250
[  524.246649][    C0]  static_key_enable+0x1a/0x20
[  524.251417][    C0]  toggle_allocation_gate+0xad/0x240
[  524.256723][    C0]  ? __pfx_toggle_allocation_gate+0x10/0x10
[  524.262631][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  524.268372][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  524.274110][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[  524.279856][    C0]  process_scheduled_works+0xade/0x17b0
[  524.285457][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  524.291469][    C0]  worker_thread+0x8a0/0xda0
[  524.296098][    C0]  kthread+0x70e/0x8a0
[  524.300207][    C0]  ? __pfx_worker_thread+0x10/0x10
[  524.305363][    C0]  ? __pfx_kthread+0x10/0x10
[  524.309979][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  524.315208][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  524.320429][    C0]  ? __pfx_kthread+0x10/0x10
[  524.325038][    C0]  ret_from_fork+0x3fc/0x770
[  524.329654][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  524.334795][    C0]  ? __switch_to_asm+0x39/0x70
[  524.339573][    C0]  ? __switch_to_asm+0x33/0x70
[  524.344355][    C0]  ? __pfx_kthread+0x10/0x10
[  524.348959][    C0]  ret_from_fork_asm+0x1a/0x30
[  524.353754][    C0]  </TASK>