last executing test programs:

14m22.135881376s ago: executing program 0 (id=546):
close(0xffffffffffffffff)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
munmap(&(0x7f0000003000/0x3000)=nil, 0x3000)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$xdp(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000004780)='8', 0x1}], 0x2, 0x0, 0x0, 0x48000}, 0x84)
socket$kcm(0x2, 0xa, 0x2)
r2 = socket$nl_route(0x10, 0x3, 0x0)
semtimedop(0x0, &(0x7f0000000040)=[{0x0, 0x1}], 0x1, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r3, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r3, 0x84, 0x15, &(0x7f0000000080)={0xf}, 0x1)
semop(0x0, &(0x7f00000000c0)=[{}, {}], 0x2)
semop(0x0, &(0x7f0000000180)=[{}, {}], 0x2)
semctl$IPC_RMID(0x0, 0x0, 0x0)
r4 = socket$inet(0x2b, 0x801, 0x0)
ioctl$int_in(r4, 0x5452, &(0x7f0000000280)=0x8)
poll(&(0x7f0000000140)=[{r4, 0x68}], 0x1, 0x200)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="280000001e000100fc2c8bffffff000000000700", @ANYRES8=r0, @ANYBLOB="ffb4cd2b0ecaff00000a"], 0x28}, 0x1, 0x0, 0x0, 0x4000000}, 0x4000)
r5 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}})
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, &(0x7f00000001c0)={&(0x7f0000004000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000000300)=""/241, 0xf1, 0x0, &(0x7f0000000440)=""/90, 0x5a}, &(0x7f0000000280)=0x40)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000680)={&(0x7f0000000480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x4, [@enum64={0x3, 0x0, 0x0, 0x13, 0x0, 0x2}]}, {0x0, [0x30, 0x2e]}}, 0x0, 0x28, 0x0, 0x1, 0x7, 0x0, @void, @value}, 0x28)
ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000000000)={'wlan1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
futex(&(0x7f00000000c0)=0x1, 0x6, 0x0, &(0x7f0000000100), 0x0, 0x0)
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001"], 0xfdef)
read$FUSE(0xffffffffffffffff, &(0x7f000000a3c0)={0x2020}, 0x2020)

14m20.809346147s ago: executing program 0 (id=553):
ioperm(0x0, 0x2, 0x2)
statx(0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0)

14m19.841072503s ago: executing program 0 (id=557):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="140100000000b2000500000000000000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x2c, r2, 0x1, 0x0, 0x0, {0x2, 0x2, 0x2}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x40030000000000}, 0x0)

14m19.198999902s ago: executing program 0 (id=560):
mkdir(&(0x7f00000009c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
acct(&(0x7f00000001c0)='./file0\x00')
acct(0x0)

14m19.040816779s ago: executing program 0 (id=561):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000002000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
timerfd_settime(0xffffffffffffffff, 0x0, 0x0, 0x0)
r4 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$PNPIPE_HANDLE(r4, 0x113, 0x3, &(0x7f0000000000)=0x85f1, 0x4)

14m18.896724011s ago: executing program 0 (id=562):
semtimedop(0x0, 0x0, 0x0, 0x0)
semtimedop(0x0, &(0x7f0000000040)=[{}], 0x1, 0x0)
semctl$GETZCNT(0x0, 0x0, 0xf, 0x0)

14m18.527518086s ago: executing program 32 (id=562):
semtimedop(0x0, 0x0, 0x0, 0x0)
semtimedop(0x0, &(0x7f0000000040)=[{}], 0x1, 0x0)
semctl$GETZCNT(0x0, 0x0, 0xf, 0x0)

3m25.241011368s ago: executing program 3 (id=2343):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000380)=@allocspi={0xf8, 0x16, 0x0, 0x0, 0x0, {{{@in=@local, @in6=@mcast1}, {@in=@broadcast}, @in6=@loopback, {}, {0x0, 0x48a9, 0x0, 0x1}}, 0x0, 0x800000}}, 0xf8}, 0x1, 0x0, 0x0, 0x20000840}, 0x0)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
r0 = syz_open_procfs(0x0, &(0x7f0000000540)='net/ip_mr_vif\x00')
preadv(r0, &(0x7f0000000900)=[{&(0x7f0000000580)=""/240, 0xf0}], 0x1, 0x47, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
r4 = socket$inet6(0x10, 0x2, 0x0)
write$binfmt_script(r0, &(0x7f0000000680)={'#! ', './cgroup/../file0', [{}, {0x20, '-'}, {0x20, '/dev/kvm\x00'}, {0x20, '-.^'}, {0x20, 'syzkaller\x00\x8b\xdcK\x80\xa8\x1e4\x1d{\xe7\b\xb3~y\t[&\xcf/\xc0\xd8\xd3\xcb\x01m\xf2\xcc\xbfM\xc3\xe57[\xaa\x10\xe2p\xd6w:[y\xb8\xb0\xb7\x10}j\xe0\xfe_X\xf3\xc7y\xfc\x90U8\x86R\xf3H\xe2\xdeWh\xe3\x82\xf1\xa2W~\xf8\xa2km\xa2rN\xe8\xdc\xa8\xcd\x80\x7f\xb7\x8b\xde\xec\va:]8T0\xc9~\f\x94\xba#5\xcb\xcd\xd4\xa0\x9a\x1a,\x95\x0e\xd5r\x89P\x84cI'}, {0x20, '/#&#:@:(^*,){!@.):'}, {0x20, '[//'}, {0x20, '/dev/kvm\x00'}, {0x20, 'net/ip_mr_vif\x00'}, {0x20, '/dev/kvm\x00'}], 0xa, "0eaebd01cd2ea397f100ccd60290808a0fe711"}, 0xfffffffffffffee0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
write(r4, &(0x7f0000000040)="1c00000021002551071c0165ff00fc020200000003100f000ee100", 0x1b)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r7, 0x4138ae84, &(0x7f0000000100)={{}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, {}, {0x1000}, {}, {}, {}, {}, 0xddfdffdb, 0x0, 0x0, 0x100130})
ioctl$KVM_RUN(r7, 0xae80, 0x0)
ioctl$KVM_TRANSLATE(r7, 0xc018ae85, &(0x7f0000000000))
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="14000000100001"], 0x7c}}, 0x0)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04230500c9"], 0x10)
ioctl$KVM_TRANSLATE(r0, 0xc018ae85, &(0x7f00000000c0)={0x5000, 0x6000, 0xfe})
bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r1, r3}, 0x10)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001800010000000000000000000a800000000000070000000014000100fe"], 0x30}}, 0x800)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040e0c00262040ad8a02000000844d908ac28506dd7ff86b4e75c64a6f73a7113c2cd2af1e0a28f6"], 0xf)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)

3m23.834825974s ago: executing program 3 (id=2348):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
socket$kcm(0x10, 0x2, 0x0)
pipe(&(0x7f0000000200))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
read(r1, &(0x7f00000000c0)=""/69, 0x45)
prlimit64(0x0, 0x7, &(0x7f0000000140)={0x8, 0x87}, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000003000200850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r3}, 0x10)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
readv(r4, &(0x7f0000000000)=[{&(0x7f0000001300)=""/244, 0x940}], 0x1)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x0)
socket(0xa, 0x2, 0x6)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
r7 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r7, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000480)=ANY=[@ANYBLOB="0213000002"], 0x10}}, 0x0)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a"], 0xfc}}, 0x0)
setsockopt$sock_int(r7, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, 0x0, &(0x7f0000000040))
sendmmsg$inet(r0, &(0x7f0000001500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x41)

3m21.7337008s ago: executing program 3 (id=2355):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x3)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$sndpcmp(0x0, 0x0, 0xa2c65)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, 0x0)
ioctl$TIOCSTI(r1, 0x5412, 0x0)
r2 = syz_open_dev$I2C(&(0x7f0000000180), 0x0, 0x1)
ioctl$I2C_SMBUS(r2, 0x720, &(0x7f0000000000)={0x0, 0x4, 0x5, &(0x7f0000000100)={0x0, "fd5a44512b7e1b0020ed2abb4301002700"}})
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000540)=0x9)
ioctl$TIOCSTI(r1, 0x5412, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_EPOLL_CTL=@add={0x1d, 0x21, 0x0, 0xffffffffffffffff, &(0x7f0000000280)={0xb0000010}, r1})
unshare(0x22020600)
io_uring_enter(0xffffffffffffffff, 0x47f6, 0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
dup(r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100), &(0x7f0000000140))
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)

3m19.849757473s ago: executing program 3 (id=2361):
openat$rfkill(0xffffffffffffff9c, &(0x7f00000004c0), 0x202, 0x0)
r0 = add_key$user(&(0x7f0000000080), &(0x7f0000000040)={'syz', 0x2}, &(0x7f0000000940)="0706675823b8a37f19b37e0f9f120663b78a1eb6d3a6cb301825eddc42c667fc68923d7df9f4c1843c5f11b63d2684fff43955079736fa4c80100487c31c09706b6bf145eb1baf416d2681491bd6a3098fe1a6741d65b085b4075db8419d9e6d17b1eec4dfb860a71d61af753459bcc5ea1f20d6c1c74afca3b0c08bf98886eaac01b08aa753b8727f25773c98cd6a78c06b758996b03b81e2e09cf103dc16a5658a3b58626b457ee4773d41b3548f2258a2e11cc22555da4ef9035cbfe8dc1e0e7b5a653c0a1b29a3d538309de0df3dc884a1bfed520689b0ebd40ed31208bad4a67978a062c07cd7214fb4ce2859e77dd6d72985c7b457a1da22c1af24b25550d7d4775011f47b9153b40d9b1a5b5ac6c88489f6a4a6d22093782ed7d97fe2ead5eb846b8381b2252734231c690dfdc7d26efce993a47a1129233c06ce", 0x13e, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@ipv4_newroute={0x34, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x6}, @RTA_ENCAP={0x10, 0x16, 0x0, 0x1, @LWT_BPF_OUT={0xc, 0x2, 0x0, 0x1, @LWT_BPF_PROG_FD={0x8}}}]}, 0x34}}, 0x0)
r2 = add_key$user(&(0x7f0000000180), &(0x7f0000000200)={'syz', 0x3}, &(0x7f0000000140)="04", 0x1, 0x0)
keyctl$dh_compute(0x17, &(0x7f00000001c0)={r2, r0, r2}, &(0x7f0000000440)=""/242, 0xf2, &(0x7f00000002c0)={&(0x7f0000000400)={'crct10dif-generic\x00'}})
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc000000190067"], 0xfc}}, 0x8000)
r4 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r4, 0x40045532, &(0x7f0000000000)=0x7)
mkdir(&(0x7f0000000180)='./file0\x00', 0x103)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='debugfs\x00', 0x0, 0x0)
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000440)='./file0\x00', &(0x7f00000003c0)='./file0/../file0/../file0/../file0\x00')
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000880)=ANY=[@ANYBLOB="a8000000020603000000000000000000000000005000078008000840000000780500030003000000050015000000000008001240000000050c0001800800014000000000050007007300000008000640fffffffe080012400000000808001340000000030900020073797a310000000014000780080013000000000008001240000000000500050002000000050004000000000011000300686173683a69702c706f727400f01c1176aa7910b6b66ce3aeee000000"], 0xa8}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f0000000600)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x60, 0x60, 0x6, [@fwd={0x6}, @array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x2, 0x9}}, @union={0x1, 0x4, 0x0, 0x5, 0x1, 0xfffffffc, [{0xc, 0x1, 0x8}, {0xc, 0x1}, {0x4, 0x4, 0xffffff81}, {0xa, 0x0, 0x3}]}]}, {0x0, [0x2e, 0x30, 0x0, 0x5f]}}, &(0x7f00000006c0)=""/133, 0x7e, 0x85, 0x0, 0x7, 0x0, @void, @value}, 0x28)
syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0)
r7 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r7, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
connect$inet6(r7, &(0x7f0000000000)={0xa, 0xe0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_opts(r7, 0x29, 0x37, &(0x7f00000000c0)=ANY=[], 0x8)
sendmmsg$inet6(r7, &(0x7f0000002940)=[{{0x0, 0x0, 0x0}}], 0x62, 0x0)
r8 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r8, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r8, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c)
shutdown(r8, 0x1)

3m19.577070963s ago: executing program 3 (id=2362):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000840)={0x40, r1, 0xc4fc9e906872338b, 0x0, 0x0, {{0x15}, {@val={0x8}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x24, 0x11d, 0x0, 0x1, [{0x20, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TX_RATE={0x1c, 0xd, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x0, [@NL80211_TXRATE_LEGACY={0x9, 0x1, [0x4, 0x48, 0x1, 0x12, 0x60]}, @NL80211_TXRATE_HE_GI={0x5, 0x6, 0x2}]}]}]}]}]}, 0x40}}, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000080)={@local, @private, <r2=>0x0}, &(0x7f0000000180)=0xc)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020786c2500000000002020f41d53a85cda9eee09fa3de7207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000b40300008500000006000000185000000800000000000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000140)='contention_begin\x00', r3, 0x0, 0x9}, 0x18)
timer_create(0x3, 0x0, &(0x7f0000000280)=<r4=>0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
openat$hwrng(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
io_setup(0x7, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{}, {0x0, 0x9}}, 0x0)
timer_settime(r4, 0x0, &(0x7f00000000c0)={{0x0, 0x989680}, {0x0, 0x3938700}}, &(0x7f0000000100))
io_getevents(0x0, 0x4, 0x3, &(0x7f00000003c0)=[{}, {}, {}], 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="4000000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="83efffff00000000180012800e0001007769726567756172640000000400028008000a00", @ANYRES32], 0x40}}, 0x0)
timer_settime(r4, 0x1, &(0x7f0000000300)={{0x0, 0x3938700}, {0x77359400}}, &(0x7f0000000380))

3m18.961542453s ago: executing program 3 (id=2368):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$inet6(0xa, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f00000010c0)=0x5, 0x4)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7ffffe01}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]})
setsockopt$packet_rx_ring(r2, 0x107, 0x5, 0x0, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
r3 = socket(0x10, 0x803, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r4)
sendmsg$NL80211_CMD_SET_REG(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="310928bd7000fbdbdf251a0000000600210062000000100022"], 0x2c}, 0x1, 0x0, 0x0, 0x2000014}, 0x8810)
sendmsg$NL80211_CMD_GET_COALESCE(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f00000001c0)={0x3, &(0x7f0000000100)=[{0x4, 0x5, 0x38, 0xe8}, {0x5, 0x8, 0xdf, 0x9}, {0x6, 0x2, 0xd, 0x7}]})
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f)
socket$pppoe(0x18, 0x1, 0x0)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r6, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES64=r7], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r6, {0xffe0}, {}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0)

3m18.301858869s ago: executing program 33 (id=2368):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$inet6(0xa, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f00000010c0)=0x5, 0x4)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7ffffe01}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]})
setsockopt$packet_rx_ring(r2, 0x107, 0x5, 0x0, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
r3 = socket(0x10, 0x803, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r4)
sendmsg$NL80211_CMD_SET_REG(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="310928bd7000fbdbdf251a0000000600210062000000100022"], 0x2c}, 0x1, 0x0, 0x0, 0x2000014}, 0x8810)
sendmsg$NL80211_CMD_GET_COALESCE(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f00000001c0)={0x3, &(0x7f0000000100)=[{0x4, 0x5, 0x38, 0xe8}, {0x5, 0x8, 0xdf, 0x9}, {0x6, 0x2, 0xd, 0x7}]})
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f)
socket$pppoe(0x18, 0x1, 0x0)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r6, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES64=r7], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r6, {0xffe0}, {}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0)

10.509838381s ago: executing program 1 (id=2933):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x100000)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0x4e24, 0x1, @loopback}, 0x1c)
r2 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io(r2, 0x0, &(0x7f0000000500)={0x84, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000100000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r2, &(0x7f0000000080)={0xc, &(0x7f0000000100)={0x20, 0x0, 0x2, {0x2, 0x1}}, 0x0}, 0x0)
socket$kcm(0x11, 0x2, 0x300)
r3 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0x0, 0xac14140c}}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x900}, 0x24000000)
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r4, 0x5b02, 0x0)
syz_usb_control_io$cdc_ncm(r2, &(0x7f0000000240)={0x14, &(0x7f0000000140)={0x0, 0x21, 0xe9, {0xe9, 0xb, "6b3ba2d375e721d6e6785035cf2e36b2c825b15881cb5da1543d9ca806363f6260fe5c0b29fc0abb695e6b2a8a38231406914206906c6f24d66760690b932f8f8e94589683e890f8f85e92fe4ee45c05035d588d8e8b56d134847a19e2fd2b5fb5eac9bb47220b762ce686f20b59a80568cc6812faaab8ae25e641e44affc5f9b2d69d84ef48f0d46fc45a8555bba794745692cf8cac712ec8124ec9884daead701148ab5866ddfccc17da9ea23739ea03ab794710120854fb1cc7dc00f0e95a28105b6559e1399e77acac1756bd7e0262a25f9616e94a1b6da8a2c8629f4776e5704d09182864"}}, &(0x7f0000000040)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000680)={0x44, &(0x7f0000000280)={0x40, 0x16, 0xfe, "40dcbe3b34d23ad718b4d6be90860c3be7c7883f585cb07fc15f32ca13b689a0bb6d176e94519aab2acdd6fc25d447be4e67ff39d4cac1c745df4d6fdfceb8b141267bc9cbc81c59480194605f857a72ee69be6f494d4b92828ae545ea2687778ea47b962369540b48095532189e369c3f0401fd4799595603d401450840fa7d9c27df5bc3e36fba1e957e74b2da6c0dede3f05728b6b8594b287e2b220e139469d30bd14fa66e9fce5d83ec82b95d376ea3a30bfad714f3dfd28245502a0a4f603513da20b4c0d593f653f5a834d0d0777f4020dc01ae51db85a11b15bf943d11ddf7c5059483eec9351b47943e01492b688d14d75fd9c0510310040693"}, &(0x7f00000003c0)={0x0, 0xa, 0x1, 0x7}, &(0x7f0000000400)={0x0, 0x8, 0x1, 0x3}, &(0x7f0000000440)={0x20, 0x80, 0x1c, {0x8, 0xeb, 0x8, 0x9, 0x4, 0xd3ad, 0xc, 0x2, 0x5, 0x4, 0x1, 0x28f}}, &(0x7f0000000480)={0x20, 0x85, 0x4, 0x5b1000}, &(0x7f00000005c0)={0x20, 0x83, 0x2}, &(0x7f0000000600)={0x20, 0x87, 0x2, 0xd}, &(0x7f0000000640)={0x20, 0x89, 0x2, 0x1}})

9.12420488s ago: executing program 2 (id=2937):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000380)=@allocspi={0xf8, 0x16, 0x0, 0x0, 0x0, {{{@in=@local, @in6=@mcast1}, {@in=@broadcast}, @in6=@loopback, {}, {0x0, 0x48a9, 0x0, 0x1}}, 0x0, 0x800000}}, 0xf8}, 0x1, 0x0, 0x0, 0x20000840}, 0x0)
rmdir(&(0x7f00000001c0)='./cgroup/../file0\x00')
r0 = syz_open_procfs(0x0, &(0x7f0000000540)='net/ip_mr_vif\x00')
preadv(r0, &(0x7f0000000900)=[{&(0x7f0000000580)=""/240, 0xf0}], 0x1, 0x47, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsmount(r1, 0x0, 0x0)
socket$inet6(0x10, 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_SREGS(r4, 0x4138ae84, &(0x7f0000000100)={{}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, {}, {0x1000}, {}, {}, {}, {}, 0xddfdffdb, 0x0, 0x0, 0x100130})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="14000000100001"], 0x7c}}, 0x0)
syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="04230500c9"], 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="300000001800010000000000000000000a800000000000070000000014000100fe"], 0x30}}, 0x800)

8.80912966s ago: executing program 2 (id=2938):
unshare(0x40600)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x11000000, 0x0, 'salsa20\x00'}, 0x58)

8.761551734s ago: executing program 2 (id=2939):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="05000000000500"/20, @ANYRES32, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x0, 0x40, &(0x7f0000000d00)=@filter={'filter\x00', 0x42, 0x4, 0x460, 0xffffffff, 0x98, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x3c8, 0x3c8, 0x3c8, 0xffffffff, 0x4, 0x0, {[{{@ip={@private, @remote, 0x0, 0x0, 'rose0\x00', 'wg2\x00'}, 0xa00, 0x70, 0x98, 0x0, {0x100000000000000}}, @REJECT={0x28}}, {{@uncond, 0x0, 0x1e8, 0x210, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0\x00', {0x0, 0x8, 0x0, 0x0, 0x0, 0x9, 0x1000}}}, @common=@socket0={{0x20}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0xc0, 0x120, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x0, 0x0, 0xc}}, @common=@socket0={{0x20}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@broadcast}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x4c0)
ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x8004587d, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r5, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4000000}, 0x50)
syz_usb_connect(0x0, 0x24, &(0x7f0000002480)={{0x12, 0x1, 0x0, 0xbd, 0x99, 0x2d, 0x40, 0x1943, 0x2250, 0x1, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x84, 0x6d, 0xcf}}]}}]}}, 0x0)

8.745041257s ago: executing program 6 (id=2940):
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="73c8"], 0x0)
socketpair(0x18, 0x20000000000001, 0x0, &(0x7f0000000140))
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000040)=0x81b)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000080)="dfa7", 0x2}, {&(0x7f0000000280)='wF', 0x2}], 0x2)

8.408389334s ago: executing program 4 (id=2944):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) (async)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(r1, 0x29, 0x41, &(0x7f0000000080)={'mangle\x00', 0x4, "d1a2d6e7"}, &(0x7f0000000180)=0x2c) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e) (async)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) (async)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) (async)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$ARPT_SO_SET_REPLACE(r5, 0x0, 0x60, &(0x7f0000000d40)={'filter\x00', 0xb001, 0x4, 0x3c8, 0x0, 0x1f0, 0xe8, 0x2e0, 0x2e0, 0x2e0, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28}}, {{@uncond, 0xc0, 0x108, 0x0, {0x0, 0x1e03}}, @unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x0, 'syz0\x00'}}}, {{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x418) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r4}, 0x10) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$inet6_udplite(0xa, 0x2, 0x88)
r6 = syz_open_dev$swradio(&(0x7f0000000a80), 0x0, 0x2)
ioctl$VIDIOC_G_TUNER(r6, 0xc054561d, &(0x7f0000000ac0)={0x1, "12f7f538cc9ad9f769d66b3d1dd9cd911e9a080bd3ae2ae3ea00"}) (async)
bind$alg(0xffffffffffffffff, &(0x7f00000023c0)={0x26, 'hash\x00', 0x0, 0x0, 'crc32\x00'}, 0x58) (async)
r7 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r7, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10) (async)
setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r7, 0x28, 0x2, &(0x7f0000000280), 0x8)
r8 = syz_open_dev$usbfs(&(0x7f0000000300), 0x77, 0x0) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$USBDEVFS_CONNECTINFO(r8, 0x80045503, &(0x7f0000002a40))
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) (async)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='devtmpfs\x00', 0x0, 0x0) (async)
r9 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x150800, 0x0)
getdents64(r9, &(0x7f00000000c0)=""/61, 0xfec4)

7.34103161s ago: executing program 4 (id=2947):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'macvlan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0xfe, &(0x7f00000000c0)={&(0x7f0000000040)=@newlink={0x5c, 0x10, 0x503, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x34, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x24, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x10}, @IFLA_MACVLAN_MACADDR_DATA={0x10, 0x5, 0x0, 0x1, [{0xa, 0x4, @remote}]}, @IFLA_MACVLAN_MACADDR_MODE={0x8, 0x3, 0x3}]}}}, @IFLA_LINK={0x8, 0x5, r2}]}, 0x5c}}, 0x0)

7.297240121s ago: executing program 6 (id=2948):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$inet6(0xa, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f0000000040)=0x91, 0x4)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f00000010c0)=0x5, 0x4)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000002c0)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7ffffe01}]})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, &(0x7f00000000c0)})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xe, &(0x7f0000000080)={0x1, &(0x7f0000000000)=[{0x6}]})
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000000)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0xf}, 0x1c)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x9}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
r3 = socket(0x10, 0x803, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000400), r4)
sendmsg$NL80211_CMD_SET_REG(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="310928bd7000fbdbdf251a0000000600210062"], 0x2c}, 0x1, 0x0, 0x0, 0x2000014}, 0x8810)
sendmsg$NL80211_CMD_GET_COALESCE(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x4, &(0x7f00000001c0)={0x3, &(0x7f0000000100)=[{0x4, 0x5, 0x38, 0xe8}, {0x5, 0x8, 0xdf, 0x9}, {0x6, 0x2, 0xd, 0x7}]})
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f)
socket$pppoe(0x18, 0x1, 0x0)
r7 = socket$can_j1939(0x1d, 0x2, 0x7)
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r6, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES64=r7], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r6, {0xffe0}, {}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0)

7.09681394s ago: executing program 4 (id=2949):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x3e, &(0x7f0000000500)={@local, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1}, @time_exceeded={0x4, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @dev, @dev}}}}}}, 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='tracefs\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
write$nbd(0xffffffffffffffff, 0x0, 0x8a)
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$smackfs_access(0xffffffffffffff9c, &(0x7f0000000100)='/sys/fs/smackfs/access\x00', 0x2, 0x0)
write$smackfs_access(r1, &(0x7f0000000300)={'/dev/cpu/#/msr\x00', 0x20, 'tracefs\x00', 0x20, 'rtb'}, 0x1d)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x2204c3b, &(0x7f0000001040)=ANY=[@ANYBLOB='gid=', @ANYRESHEX=0x0, @ANYBLOB=',uid=', @ANYRESHEX=0xee00])
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000000)={0x1f, 0x3}, 0x6)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000700)=[@text64={0x40, &(0x7f0000000380)="67660f0125fe66baf80cb8e4b69a81ef45db0eb000ee660f3882332641adc4a1b96af52642d35efcc4c17c10bf0000010048b808000000000000000f23d00f21f8353000000a0f23f88f69409326360f01cf", 0x52}], 0x1, 0x23, 0x0, 0x0)
pwritev(r0, &(0x7f0000000640)=[{&(0x7f0000000400)="666f743fe440464e3df332716db9ad69f791aeb90b1f1664abb5142f2ef50f4cae1534a00e278daac38ccbae82408d4a2b71f8e77a382827bba2adaa2867ad2c4bed605c303dd15a6e4d24b78ab50305a90d107f5c9c16d378c48e54fd2fce9632481b9831607730c69bf2eafe8c14b6db05cf4b83379758a8130457de0b9d00a33fbdf63731b9e4547c596ec3657ae74f01d6efcdc58b22b59a35d098195d40dacce679978d0a28279450022b4e12ef43a84a386c76cc01dc725c887681a6077529bd0e8c764e3a2e34a030a0489659e0", 0xd1}, {&(0x7f0000000080)="18a03f6b82316ac3104c2508c0362517c24129d2d9cd7e9de62fe7", 0x1b}, {&(0x7f0000000500)="0a68e9fe4ae156ec3f7b667b42464d31e1f9fb98993c716bd470ffddf9a5a6947c4da68863e4c90992e7e9c63b1214864ff047f82139a5b5c363e64b8c6721709e09bedc08e7fe1613c2e66ae08528ac1e698c1e013e29554aac535f11be115ed4ceeb75f9192256839657ae133820c9bb928d9df2d57c7f751a9eb5263104af9732b11f64fe4ac26680713da7dc9e0c56587ceee55a2ad19a2c9a11236e711575aee8c70b", 0xa5}, {&(0x7f00000000c0)='}', 0x1}, {&(0x7f0000001080)="7f68a80990c92cb36b1418d6709d234a7d8fef88b8f05716278b260b1e68c7b61d79c830a18ec6756c36fc2fa5baceb8c31e9b25e865e428abdb11206e4dfb3fd16700f72881217bb1d4286bb110e016d073fe47b4542ce6f8e02115650c75484fe6b2bc52568118ff3bbf6b2a1852b8373568888cc320283a7eaa9f35ac7a38a08a75e819a31b43432f5b2668877dc66bccdcb8a86e0eaa128663b4194f493d5552252bdde3015b112285ebdf83c05525c525f65a20e737f213d061a5a1600730772e859eb80e31c4370d55c8f04f05180acacf82c7b1a4029e8b90aea30fad01d4463950a5593fc9288b1671e8c0ff87d34e96f3d191a415a1fcd87bc394483e6e5bd271a6ecba217abfa5b8075f1a602975b988ec654287e3d8a62b6dcdf1e0b0d80a20e950ce47ed2618f61cf4dc6df97e977c25c65dce154a018784c66cb8665d581b20979d0d00586a8f32b376262168d6e6f547ad9e676e5d3b4a2a3e57aa3fe4c04ce1360e20757218905b8738938ffcf5becd4d19dbae1bf3a09af9c0ad5f269619396e6369b24bcfd5f411918064f10331435bafc560c6ea79d3a2ce2c0301cf6bb0377ceb54e251ff7e310e07f73093c6e14c3d680fc46645fe029b72f606f056b98174637ea4d1a47f59acd70baad3444072168d40a03cb1b68b172d911abfcabfd3dda7534ef494ef9b152345e5420f816227c73e9ed85853a185b07f6d0080ef93e23ff64784cf22a5074fcc30a05d1ce6d344d1423c10b6735380f2314c168a581804634ec0c922f423e5606f3dd209b5cd92b08c98685a9cb90c05d4f0f813abb7f8e6e52d2196e9da2a7cd30704e7a20f8e02d614a78c32dfcf2af9a013a9b2c2b63edffb5e95a8ce4632f7d4176309c2352c93dae047790100c3308bbc343a84160a54d6c2585e175cd2478b7a41e54a74892198cb14c67891788c7325adf530d73112d7cb90a416cd73b755fc51a9189e01baefc648ce17c1c4498614dee087fdd339dcb9fe363804fa83ca107ef4001f02b3504bdc1fe422c0254def8783a171b4a927b9772258f3e53989ce75d15a415b6d9d3ed244ee3b4e22c8446b9384acb31d2299ad7866aaa7da8ee7b7e1a6b3a09be9e5d6521c35d56ae8af8ee01ee19999338c15ce7d1e4f74f8febb8cf6a39511f2d07724c9691eb0159611d3dd58a922755967e16f08a3f8a6819d294cb4d062a8c16ad45736fced79f3be091ccf33bbdd74c1ec5b5489b3e5055631959b5c694cc8507558a65153e125e6aaf6e84d22afcfbcb5727f974055521a024fce1792d99c2e11c475b5ee6723184ee5a3df19534b423be8e1685f82bad34b5c9e346c5d0109e74e56b13403373260c98d11194b4b4e8061a6bdb9085362f8bb3619c7da77b2bee4972a919c047fe25db26ad289455d6ea04813c357914a364902379e22fb5c464f5bf5b5a43906f2bdaf24ad6c1c6fe14ce56be2e9aa91a8fc94701a62219b48ea5db0973047692b452557713f683f832a28dfa8af2822a56e5e81d64aea172dfb0e380f3fb8d299334af18aa6e16b8c470e4e61c096f8389b1bf7817ac8faed92ef75a3799614806843fc5531ca66712424669d4b95da924eed1170cb93e7156d4d86d5ca705e6e35f8e91d336fbd735ab8168e25ebdab43ca775e68a096b76c27754873969fed2fb35b344b36f85093b4048bcf24ec627dce779f4c0e07e210a13da08722b6c95029a7e30cbf2aad72d814e854c6740f495f520ebfa92c44f8025d749753c8de60fc68bef8933d5ca1ab7deb50cdee9ca56e6d4039d9e0cd50019d586e905867a0e7b150e69b29f7213c3134bb1f6e21f90be691374b4eb87a2102ef1f7c88a19a6d0ce4dd36058d34de5e17ba8af3b694a47d9a8bd1c8824a5ea4e2d9737acc4172308a890c20d6f20e147c1deb4892dda8fb78fc8792659c7963117a62b2a7de54e381a1b2741619739ca038b3077bb3309dee53b071d83a6f98f4f4cd976f873e88645fce1616533bcc27ed485fc5411ca0adcedaa9386dd79692b2436beb80ce6c9eb3ff2ebdb7e6570fb09d7934a86cc975c061e43dc3f372ec2b0b057e2f610a3566982cdd97693c6c00ec85c01305f04caf91c68037e7fd42fab331137dde318d0bbb64836cf18652d9b8f3fddb52658648bb7449a3fcfa646d9242dcf6d3500284edfd9f4b668785741bc51e31943e773107399edc9c5f71783e457abaca1d8b45ec3354c2e60c9374559c1464fbf97a9c5861f3c6b77767e7f2791981cb41963ed1a8b296db9aea6bee16ef6c64fc12aa3ed095ccb1697ecfbe4a647dcfe3d23ac385a723f33781bc137d4261255699b3bb6702bbe48d0fb4af45bbde18b7b1e4d7a8b47ac86a13e776f7fe557f4bed12f140e5d736ccb0136a61e309e0354b1be5937db952cdb2ac21c6f5ad3046843b43ae07ecaf308e9911e58fb8e8221c9266d8f6701a6d479588a42a5d008816eea50973a26fc6991306c3692fa1a7c373ab690c2bc950df91b85e74ede52c9a3da262d0aad24a09f969a613b12696b0cd311c180db888c99949f4c0ab6e72ac009cc01e4079071eb83ad51537e9773b365bb4bc76e174b447ec3d9eca1cd8dd2472213b57205a93f74d340d00ddaaf21dc9a5039f4492d825c68f1e87ff1b7b701faf08b42424097ab455c7c71dc5e2bdd43601c1fde6148e2dd0337054612b2d897bffc826e246fe34b517af7e0a33cfb948abd10a0c379aa865ea604ba33393bd59f3032fbb33975243396085f9d4f933d832f3ebb2ea9b6c0d3f9c056921d2ae4b3ff71c7438255ec9a54a80c1e836af59b77b794f7941909d98b056c685cd043f1356090f52153cf82b68d574e7d504cb5cbf7e87b3d162cc1475c05f769e2ce3c6e3c25c03230da3ef434a83e0996c601ab701e1fa9762ae4e807aac5722a17ed01b80a4a3d4aec82431b5a3d9342d6a67778ce507fb3e0af81b283626cd0cdbec9474347f6778ffbb7d0b99e49899059e3ced83345cfb3b0f5f7663f3ad921358f099a8f06a78a375f1e80190697dbeea6f3bb9a8153fc2875bf594f6f9e773129e217f5e42d3a89b0d9defa70750de4ed5c4ba56ac8a592a03a8e8968c31ad1f534871e42a03c1f7a5b1e1d2154c6ff0ceae0a1721be41afae6ca89413c9c994f45d5a7298e5c08aff7fd793f558456f232e9e204ba2a13acaa12a75a3ada205ac0888f428875c6ba17808bb5d75c8b9ebc02cf6d91d3b4daab4c297d915ea92937c3eab2e4355c604bb1b6b5c319a9d29b1750824fa03411f89cebf2437644cc9f7907b0c8ce26736b2873ecdfba7eefa78d84a2c78d92524c9cc827e4da11cc74e26081ebea72aa9c2eba9c2260907a5f543c627c5ededa099a5c7970b69b07076e77cadf31eec35f6273124b9aa11017963324a5f394ee46484022d398c0f63764a61d2ea44fa70d320db42ae93fa0402d5b73a807262b7e67b0429389c356f3068b193d0975a07be9b066031354c53f610a7bab92259f6c13d51f1b4451414f2a774cb777608cd644f567849cb9b92da71e8a0792940df509b052d61481d8605759c6500ba40a8d4e4ea3eec59831fa83013ac8e71cca754bbac68b778cbd99703b4592c46abd39489bbcbb158ee7e4656ca073b72e1db6ddcee09976191b99de99a56fe9f5dd1e171f56e7deedfc60960d21b9a15a2bdfd385442fd1efdf7f9dafd7724a4320aa9a1919739aa509b5ef2077adac32ceaf93989d6b5fcfcca01f866d3cba52128247a3f23f72610b252718eef4c41af66d25d59d29399b5a1b62d37e112737af4884db83f9791038c588e45afdde26022a6f9fdd82e8b386e38723d203a3bef7e41cb03ad2ec6c922e264c5acdeefe6c06ba24898738a35e60cf67b105e2f1431f85196dfa0aeb45fde9acca48e0ed20e526b394deb5c59bd1228c4cc491426debf07a2660ba02dd2406c1216be3abdf9917b611bdc0bbccb819c6a277e86177e9936c0e8d8a83779d3ae25629acbe5087c38ad8595564d4bd8b8efbfd7b67261b301c2365f0684b057ce354cf83959fefc5725a310839ad85f0d89597805c72ac6b895da0bb6face14e0b40ab2624ee6dd318ab771dc3dccca0a104ac0a0d7d7f65485bb714316ae4f0a2d50d70cc4baf6e3ae768843e00842dd7e0bc1a37851fe111b457a82843e79f059b0ba37a834b11acc05d0b46841b2609d0446f88c231e50bc13e136212da20eaa031e17ec891419520f06df47300a6f02b8cbcb15ecf79cd70242949baf494f40da599d1388c5fa8ed06ba0122aaa306da6e9888fa53f2dade7d1d5506c82c963553ebbcc0d49c320eaf2311f5e4af1fff2ae08327c84a7dba251285fa2ec39471349c87cd8abfb28752deccd2a1148799cd8a3895957d2a0f74120e927bdc16968d91895d30cb82f338e6c8c9a25e42345f748e22ee3e68611fc9393331862ba07db34bd1bd663215d42d78081c1d939d0415e35e370890d3c00605a742384114bbda27c35a4e45e2d2d030cb497e9612bf024eea63cfc521c656819f97914e918217451759a42541854787a8e0967777e64ec4251d652a1f5a0214fb743b9db77c763e3755c98276210de00332618d265a83f400103534d5925278199a1994e4f0a6b21f83a417f6a9c083651cc8120535dc4919bc68e3a26616f3c6ab8efd04b8959ab269f2cf5dc631a3398eecfe99d811e2a1dd85d605fa1bb5401b300aedee294d8ae2edd404f3c870e5ca96749a5426dfa753a42cac923d24cabb4edfcf7abbaa1ebb491108c53aaedfb50828da27d0ff754eaaf1e2ae3ac3edcf6480ae180b532839a4502621da96f24df828a289df2b34642a74bfa058a41643fe73bc4ac3666b21c2e1e92825dac233d1343e8f230143f37772aad23a1c35472dd2659554a23dafd529f62aff0406906f27e611df89f283e202c6fcf4f369f6ecd6229d0b3d31f93510a23d1ddfe09c153f49c189f3be9c9e25398b5278c5f3d4379b9726cfa36f4a1c9d5ad053fc4672fa51ff282bd10094586f9fd2036a0421631da9b05f942b682840adac9b0eecb45e42734057cb9875b30e7129437e59788c307a56da74e272a5c772ee8fb6e60c5c96a99f881c03af5df82e3c83657abea31a34255e6c06fc923367935fce6ec2284e6802b5fd1096278e261b41770c4b3d7bc5e391d31180b8a006bf30a89def64aa8f9b321c72b75e7539a7d5c4b6e16a5d3e10adb6f417b2c69d6c2a462bca9841468358fbe84cd155fc37b7559e4a67c2d01881310e766baa919a04be94896232da2477907b183648c06433368dbb10a49a5cb04758b5f7d7f375fd10878989db37816975398908d0a842c52119dd2afb24e94d4e0ce280f70abc1dc1438ae6f69de5103273346ce2f4db70ea8e95047c694440857625d5deb6267ae4017b994a6c6dd57dfa55888243c1a80f498a6cdbb8b278ad951aecd41b512c75dfe79fe7b36e57eaa917483819eb0829d07bf14d3c5cbf0bc01ba607b8b1a19f2d8cc4d9f77d3f1ad4ea9ef8495b5a0b5d6bc6e1e302b51eefe0f4edbfc954cf630be4168da8846e58e886b3bcbbff4bd8a7dc52d4dc26150946bb513ea98d9f5a2a7cbe831eb7005b20c34404c136e6940b9912fdf1a11444fa549690aa176c5dc7248e92cf8ecfdc005819e55488d42314387a3d2d4cb135cc3f58225757802fb65d9983c6911571cd74982f988c400efb46d49e9eed8b371a7331f58204f9f24d1bba1e252c40c57e8d523226f265ee16ef7c4a4023c0089c2b96e1f8e100", 0x1000}], 0x5, 0x6, 0x2000000)
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000000)={0xa, 0x4e20, 0xe, @dev={0xfe, 0x80, '\x00', 0x30}, 0x3}, 0x1c, 0x0}, 0x10)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
socket$can_raw(0x1d, 0x3, 0x1)

6.428821228s ago: executing program 1 (id=2950):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f00000000c0), 0x10)
r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udplite(0x2, 0x2, 0x88)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x200}}]}, &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000240)={0x3, 0xc, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000000280), 0x0, 0x10, 0xfffffffb, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
mmap(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000001, 0x2052, 0xffffffffffffffff, 0x4b000)
syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000002c0)={0xac, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @private0}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @local}, {0x14, 0x4, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x9}, @CTA_NAT_SRC={0x18, 0x6, 0x0, 0x1, [@CTA_NAT_V6_MINIP={0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}]}, 0xac}}, 0x0)
preadv(r2, &(0x7f0000000740)=[{0x0}, {&(0x7f0000000500)=""/97, 0x61}], 0x2, 0x0, 0x0)
dup3(r1, r0, 0x0)
r7 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r7, 0x8933, &(0x7f0000000100)={'vcan0\x00'})
socket$unix(0x1, 0x5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))

6.428234502s ago: executing program 5 (id=2951):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r1, &(0x7f00000000c0), 0x10)
r2 = dup3(r1, r0, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r4=>0x0})
connect$unix(r2, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
r5 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r5, 0x10e, 0x3, &(0x7f00000000c0)=0xffff, 0x4)
write(r5, &(0x7f0000000000)="240000001a005f0314f9f407000904000200000001000000000000000800040001000000", 0x24)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r5, 0x10e, 0x8, &(0x7f0000000040)=0x1, 0x4)
recvmmsg(r5, &(0x7f0000006340)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=""/7, 0x7}}], 0x4000000000001a1, 0x0, 0x0)
r6 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000280)=@getstat={0xe0, 0x15, 0x0, 0x0, 0x0, {{'hmac(sha256-avx2)\x00'}, '\x00', '\x00', 0x0, 0x2000}}, 0xe0}}, 0x0)
sendmsg$nl_crypto(r6, &(0x7f0000000200)={0x0, 0xffffffffffffffaf, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="e8000000110001"], 0xe8}, 0x1, 0x0, 0x0, 0x4000004}, 0x0)
r7 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r7, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @empty}, 0x1c)
sendto$inet6(r7, &(0x7f0000847fff)='X', 0x1, 0x10, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_PKTINFO(r7, 0x29, 0x32, 0x0, 0x0)
socket$unix(0x1, 0x5, 0x0)
r8 = socket$can_bcm(0x1d, 0x2, 0x2)
r9 = syz_genetlink_get_family_id$fou(&(0x7f00000001c0), r2)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000080)={'batadv_slave_0\x00', <r11=>0x0})
sendmsg$nl_route(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="480000001400030400000000000000000a3f0000", @ANYRES16=r4, @ANYBLOB="14000200ff230000000000000000000000000001140006"], 0x48}}, 0x0)
sendmsg$FOU_CMD_GET(r2, &(0x7f0000000680)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000640)={&(0x7f00000005c0)=ANY=[@ANYBLOB='p\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="100025bd7000fcdbdf250300000008000800e000000114000900fc0200000000000000000000000000000500030029000000060001004e2400000500cf4d5904597682f6b236f3ea020002000000050003001100000014000700fc02000000000000", @ANYRES32=r11, @ANYBLOB="04000500"], 0x70}, 0x1, 0x0, 0x0, 0x80}, 0xc080)
connect$can_bcm(r8, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r8, @ANYBLOB="3bf81bb9f9"], 0x20000600}}, 0x0)
sched_setaffinity(0xffffffffffffffff, 0x8, &(0x7f0000000240)=0x3)
sendmsg$can_bcm(r8, &(0x7f0000000080)={&(0x7f0000000340)={0x1d, r4, 0x3f420f00}, 0x10, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2}, 0x0)

5.675195081s ago: executing program 2 (id=2952):
socket$qrtr(0x2a, 0x2, 0x0)
write(0xffffffffffffffff, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f0000000000", 0x15)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000500)=@bpf_lsm={0xc, 0x3, &(0x7f0000000080)=@framed={{0x66, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x8c}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000100)={0x2, {0x2, 0x13d, 0x0, 0x0, 0x204}})
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000300)={0x2, {0x2, 0x0, 0x0, 0x101}})
ioctl$FUSE_DEV_IOC_CLONE(0xffffffffffffffff, 0x8004e500, &(0x7f0000000300))
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
munmap(&(0x7f0000002000/0x4000)=nil, 0x4000)
r2 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r2, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a00000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000100)=ANY=[@ANYBLOB="1201010200000020"], 0x0)
r3 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
writev(r3, &(0x7f0000000900)=[{&(0x7f00000001c0)="ff9d4084884c53bc2e62f128f35ce84665cf4de727462f2d0593a3f8353e5a2cbf29558f5e9abdbc70954c7509f4ea22b5e343252f506c736bf400ae", 0x3c}, {&(0x7f0000000000)="987aa19a2e0c51e9ddefe01dba3369a8ecbbee78da6ebb008c", 0x19}, {&(0x7f0000000980)="48c6a0f509da456bbdbd63899c062f021961f98566bc2ee069834aaf6ff437992a2675ad9494b63a59a0689f191655bdffe2725e692f24c35a30b5888cf4878454c036a9f35212bee0472ff13434db39170946b455a7e10a132d684832a36e222952c3de13fc5a875a9dff11f3d387bd39eaa3015b29ee8b47faa4fa6f1fefcd4c59e6adaa0c13261743bf30640771735f808d299dbf23a6fd", 0x99}, {&(0x7f0000003900)="1237b00b8b88aafd3ca7f63609e3bd52576bce7b733566132ea759e1132ca48af6135cc696d7cea68b3e929622019be65fa0bb744cd27b0b887f9ae56b1abbf43f12006bc9af6c556beb650281ff5eacb325c9641b3d91fe390876be60fbab8a2f6b6726e28a3f8bb5910dd45c2048118dec0ea4409da2c7cf3c4a93b0759d347871f3484e73fc945d93bb1af235fbeee980333462d3c414f578307f9c0ac08f2479f7a6d4a72f4b3cbca1c1290a9cb00777ea822cb9c451edb347cce60b731116dc8df1e3824fca0e6b6e7daa6a9c973bc3b6e5b3126d0a28069ec7725edbbc48ca2535844e5b5221ca5fd982c958f69365c7110e579193d1fba1c483f43a712f646d3bedda904d51a88c50ec12649cad7ff16225333583558056c3295c04cbb96d4577fc43f9d5dea5290d5a1137f336b28e66401111be742d73fe0b9e043260fb851df44c9dd9b888211f5ab7cb07701357a128b100a21d884fc3a0b14982584e55bad8575e1e27f5784d3ee88013e6daeea03cff5da28f122b569afc1551ecd258cc61a3273ecefe3f63f5aafa04f0a7515dcb98236b89942de64067e38f83a0bb8cd5ca72de2a4b3530610f6929be493c51d68a30bc3fc440f58160b48f021936caca5cabf885c9ed5ed52dbfc9b8f8e7a11f4bca816e7d8d98d06e48af93954a1083b22460deafc3d8b2165f37e636556c2f2948ca711097ac3268770202a68bde54cd87f69a426f0145101ed730530a6ad07c1f0d69cd18314ae9b6a986db37350882df8f900238e3347e2d6be331997edd5af7db7b8f7658531c41da03553ed5d575243569e679497b54e014cbb66fb6675acd180beef34dc7bf33de3f201fe32ad3af3d4914bf58a75d03a0ee26cac8f03f6b8dc581d68b7ae372772643a184770ba6e8e121a84d5735e375f1a747a59fdcaeb0be68e3aa7eb09f3a17f0121a0c38ee8e57ee96aee59e1497b54d05d6ca66c9abe6a10a952b0c9a9995266f1edc1615e54e4d989d15ca72417c11bd76686c237a35cf5c9ed37361383aac4135141be027152a9780cecb5d322fc7caace447c719d80e2e60e272a584b0dedd2a145f74848712d2c1b7cf197e79ec29b798181e75aae10e550cb82234b4be45eeed1f472e79d74bc29be680f16c3cc0eb48758d07952fcaab42103a763508661ecc39ad18a5db69f821ab13d53fca664c2c6609f5310aaafd3eb5c50f7939f25d90f8a71fc0973edf5f2c5be15e31824417605605bea0d7e8b5ab29bc0d349ec60ce9154932ee8f309db1d7a92ab4a9e29589c91a15551fb4ec5c68447077c43cf13cb66638df873e6249b80f4e6e923bcb0dda0b17a6b237602f216ce50a08de2e2884f1a15fef497eac20807483c6ac1e39b8a4f879a333992b1c5e14d5dd1f1990abf17974335249ce7751df8c090dce378769bc4210d8e8b15be1d3eb539f775725f1640e3f906f4c9c64cded2fb4b4441cb449c70853226b5e1c97b0b7f3134411a43e9840e482cc82db2d9b5f6539b7a1b6ab07701c30e4961487b64d439d6cd66bb759077cc1a24721ad8b74964714031e293d889c6198ad157bcba9bb19b45da337a00bf00d5c8df66384a4c2d9b00611ecd8c889c916d6e2bc96668bc7f6efe707f6830b66e3170ceea6b27b2103c491d8a947e24ddf8cdaff688a7f57babf32018f9e9b08cc7133fae02d2c96bf55c2552c2d4ffd9528f8306d52bc0f7b4a241fd6ff599564cf0f93b0d2f81e99b64a7277eb692cf12446c315083eb8c42199c5a1c7fb697da00e055c7a7dfcc8406a5a5c1fb103e8098f42f2a61645bcc5df5753f1f677fc49102ed9c11d0641020c936ea36b9d09e5328b3d0c0ccaca2a6a01e2651d1e94addb2e5526206037be46749a371358e304bc876fd1738119dfb6e043873ee88e17c6db5263318b6486ae7ae5b9eaee6626f8ff8ab689f5bc998a31fbfe3f6b7b162702a58342d33829078546f617a9309141b4a87291e220de7fe8389b64704a07421e7d81af0154fe8516d1a1c61ba1594c1454c47eb4ce1c6a6c42a1688e60b4cca465b4b7e660b0f03dac8cdc51cddcea6dec3dbe243ede1559940b8d7c59778629b3b2691d658008c4f7beb405bf20dc443276dfe133e3e93901a8891b039a4efb6df79ec781df37eee555b358d1c11185ca996bb9b32f794ae29b81fabbf857fdd42d722320c7dc85098a512598682f1a36b7f0468b33a46b82b72218bd8a5ab651ea2a45836e22e3a515ff483af3c2b00c7440b10c2937bba7ed80e2d035e349917c9faa09839bf9f01c6ff0436feab12ff2db88b056eabcb97629378bcbf4e52f3f6bce1271e352394f20aaca97aed7ba999686e5dd679fc52b79e42b0bbedd130eac4883d68a865854cc48065f8ff96bc01f1bd7bfb5df1e4d626863c306d889ea0c93b8ed46a7f4de03013c7630974e20ce6b4304e791499c9a38dec4406e11af176e2a4fcbee221ed5a3523b341c903e7a5f0d4d87fe480325971ccb0f83f6ad98e2a6c4bc9280e4f668a7de99b686ed4f5887b4e0c68d805d80c905bcf2b3f6302b0f7584a57832981723b329c550913cee6d45e7b3856320b6f4a8fbdfed2ed589fdd5a51b56ece4133c044e6fbe90a2ef671d34c3aaa17e7ce948f91e2b897108f1768394da58f069eb5f77d6f0a7c15b70e8daeeeae6936b39539dc4734df81d8bbcea59602513331cbd5632f23b0935f87c72c5b7576db557a5c604fedbf9ce442c5102d6d9835de8e8932dae878fc6273ab7ce0d973c5a60cd3be25d9d4c83a185399b99083cc98e5cc2918e13e0c92d431e41a533497e186379d51a90f407954a8a2e886145cac91f78e8e1a291384da9380389868e1fab955ab19e3f3fce5e926358a00e1ec7f169e06348756266ff1031fe34e873561c7483ff6b3ed3b00877f28d536ad12b5db472a82f721a6e0925ce19b105aef28ea9dddc78b9afa26e760ade723a69dfd6d1ec2e56cc10096ce60ea7c4df07e8ad8a00bc675c5824ce9e0b1a195ef9503efacec3b8974324376bc1652f5b53ab61435d4c0363cbe1234d6ee4793c0b2cd3886ed37b639384502f286c11823dd0bd7773a81c1c808da41b6018dab7a0a8a81956d2783e8c06f77ce7f9ef57bc5392cc3124a94d329849c333a7ea7c8780c94b7f6ad43926fcda8c42f311c240c8948342f1d0f9e1f33a10965891c6de1316c63b336eb116dae4fcea4f59014570d688fc8cf78deb140fd830915856cf957f3b8ec572bd5b168e137182a50377828af8426a4e55091b5345b726dc38e9afcd4c0cd1203aaa16b5f0093b29eea3b0ef9d22835847e045bed513f03786a9002ec3c66d1bf219bceff57452e197d286abe655e3dceeafb6ce28798e8cba47afc6474186a9b6b5dfd8af65999a76dec356faec82b9e8c2529abc113998c873765f8a09adde405139270a00f34899f200d5cf475c0251ed915af64b7e58f6967ad50be63238bf0ce7aad8df0ab9593389f1a138825bea477e7d7b10c251dfc0a7b20aa221cc6ba9a28124b21e8d7ee8c0d4670ff3b7cd56b1b9c4e6a21824f55c85ebb5342cda2fda6fadd54eb0ff7b35b9dcca390f68805b0636fec129dd5f2d586ab6ab148653134fc6a63d2894b02f62ba1dec63be41fd9cc8ae0b8be2cc06df4c8ad07d2f1e365f72875d5a25b601124622276215413f613f1f919c6eb96dcf68860326e97f2eeff7d89d77c6a65595887464ad5bc1774e534d1561005ec3ef8b499d593e55aec70027ae77ff1064234a47acc57c67be57cb3cb9046ca23b77c9a31cf4d457cc7768d6c23f46bb02203d6781668de3bfaf31e8722db179c9d1c2fd9e28125b5a78689d0f5e60df4305d5c84e8f91e3da86b6f3f869b2aa7184bf64f0199e0f7ee93ee1401da58b21eb0f57a684984dccefef092b5a99abbb29423a8b574b51a6e1e231f82556f5b3d4f993d251ad67d3f5cfc5b00550a8244e10ae43789b6f78d7ee2fee18e530f1fa8a8f60f8461f9dd6826d91bab0147a7ae225f22589bb1b8adebbbfcdcbaa6189213e5aca5e225946f5cb18243839cdc84d7a91d878ef263c4b8f7993e1df8ff6ccf57d9111fe8f061f8930f3465b2590244ee6210872508ac0d6f318d882e9bb31f598f3625aa9f47f2603e661aedeb1301b67e76f931cae600665a7a71c92d89a4dfb63d51a15a18b590d49e847e9c5e6aa8374804ad3b42484c90aff3724af27a5d98cd8c92983f1f72ac9a60fa68b465c71044470bc8aec4f8d6f4775006b70421ed8dbf0a93bfa777909911cebacf4bd36e7d6d174d6f0e251c54d99808b719e3ddc44dcab9c2c608aefbbd0cabfba2ccc915d9511abd5da7f0a39da99c586920a2ebf1aecf3e7b081ced88de3fc9cac5bcba1e8a0c188a0fb10a270e8e18ad5ddbf7b3b75e07181d4e4c328304c3f556b35f93892071c447b189f6df2a993878afa59d3f55d3b0db856f20f38f9ac770904e5244d55ad5db1c5a475bedfae10b1a462060e1839cb61d5e5df6136450273c81198b91c7bdc81299d63c025d4577d7c28aff55bcef2a3d46015ecfa5e9e73e4e303090d7a28d0d3f03ddc71394a57de35f799260139e5c969c227b0f9c4ff18e2879029aaa06f29da0a33f0d2f321ee6b02c787c7a554fa1283ecc90f8c36f32fa7681111bdb7bfc4933c28147523c4ca9580a5be630f033f166b42890fc750389f55143a3cbfeaceffd69f8708bb5d75381cc89fcd4331b4ab5e592a77aba83d3e042ad528ce2759fa78f3544231f3196ed890cab4fb95bb5e9a2b1c152c2811221c571269a72bd97efc2ae011a7199dcc2e61cccd49ccc0c3bc0258d6ff2669d1abe38c29259e87e409c2880d704f2382facfc33e1762da1ef0a005a0353b5f7e90edd4f8992c8046688374a0cdd1ea6bdfafe79400b9636a2b0e9f6530f66c4feb40ea478584b3f00bb8efdc2f84e3720a2896ab1c162f15ce01bf1f6b6050858259fdf452be4c527e59a692b761738b7b0f50ae86d0d7b8bb630c39da918287b1288e2d4dfb17a45c87160af00c0d4549f36b1f069f06ad5922d397e9a40e9e49a42a886d0f3b63c692e8639ca0196123460c640565fa748b1cfcf90dffce31c308172c3d8ba7b417ce9b494f8699e679fea24e315f4345a76cb08a2907c48d44c9721c7a482f3bea0bca59f17105bcbe49b79c5963fca435b756aca304afaf78033c4bd783a6598943956205be4056c592930ef7fe2b6be1a66ee4d81138c4448370bf4ebad3c3ff7a76e260b176d45e016fa9dd5c55b093a8d9e0d6c70a7d72fbf363aca0275513be952a6089ca62ac264ea39e7894ebe9b830f9e014a930c8b7854870c18cedf57c1171c4ce665f9ebb255eca379dae88c45c195ac9fa2ca7f7ecd1d8233398de8fba89b6034077e3801a3101ad11039ebb258aefd40f1652c31c3cf2f7dde31f926d2b751f9ba7c44bde1051d6d26313bf57e77c7e27aa8bcee77b8ee06f2d655d101de7790296b98aae6b274f0e947e265bd13c7f2e02f88bbc590ef5f37f6ebbe2d44ef49c4533032c821fb95e9a7d731a92a929115ad1f98576862863d243bcc01109183ccb7717d17f7d8b2e05b2b3ba400b42fc44809abb613551f9a35f35e89fd8f28010540e386b5409196dee1b8fa30a71d3922b716b17d4b6d351da73b980fa749438df3fc93d306d64e4586b959550ca5a754539507341255c9ead72c5a0480497a4008cf59daa4bdf7d8efa1d47ac244cf74d72b4be8b4b7d0631fd652aea4535d9db8f8ced8b3b8d5fa77ef5ebd5b28cae069aa88c4f6b2f193326db2e1194d609a81cd3cc0f7fcb8434ecf5c24055218b5209f17f659411cf5faebb29388a7a416f037b1dad6125788d12ea905f5953a9d7b0e7b89f2f307ae6164138d4466e2b892b336f615ba676c6fa5bbff6f6fedbe59cf6caf30d1fd1f8faae1922447b4a22b50fafdf18ad0a484e6ca0936eaba2329553842492a3eaf5240a4928542124865fd37b6b914c8fb2c02ed338d6c2243e6241d5e71969dc", 0x10ac}, {&(0x7f0000001900)="2cb8cdc7a0b6b59d1cbc8e97540fd247193fe96e3853210cace4dfb2d98cc6a51e01c24030ce9e2850bcb9520f48ef09a3b9dc7d6d4c66992b917197eaae6901b4be47b7fb673ef46b1b95304cde4ac477f563aac3f915a34ca24153cc785c92e6ea5d8b9a915a1d252d65d7b732c28b34a1dd5e8bdc819deeef3fb5ce11d84affd48f440e0a254045d34efd09c7a528764323e8ecc17897a0100fbf12a69d80c4d9c72ab2b383450378b9758114102e92dce30dc47ad15a0809301f5d84a9230c3b1b8ba0c0d6c7ed27eecd9a5390201f08d94748726d913d441c579eb280c8db27704b44577d0edff804dc7df922f9abf8bd1b921be1fb10ae0add3cf1f4c2a7d5cff2398db391a11e3da856744a84ff53067066184ba087d5ec887769b80310d1c431dff9df0f0229f65077a7f22643da26200b676c4cb01519d2acd8421bb19ba6ae559180ff77bb4cfb4eeeefe1e434d979b9a979429326401f2021ed60173b119f9cbad6f8c2df106cc9eb14045732c86edc7063bd30e5844d53355a6c17028859ec6b4baf024cff5d9d47136e038a83fb6c5e19b9bf6b2f203a89f5a72001ff7df7e2b4f8055cf2e40e0743e2b3c7064a496c121ec277934b1eab256bff8c615a94ecdea39ec5c9422975c1749b240c9a082ceedc79a1e12ed9dd50d5a1bac33b7c9a6b11f0722dbc2f9032911dea5fdca04e71eafdfb87a7e7eeccb5251c63d4f048ee32d684688ad7b0852ca1e69e0c22a6f297ea0cb4d2f820cfc0ca38a37ab28c75e94efa9a8cd07b015c039cc762db2ad95d9dfd463efd9bf3e974b58fe5ac56e5737dae7b43bdf20d1cf74027933a911fe0a6f5b1377b71411b99b2fc7a306e4696fe22be952ef268079f00a94af2bec782dda292e9f88f9032051972f93d7a99b47aea379395423ffe26f47ff6a65304774073e3ea0c0749c82c4b417f63ab5284d4549c7cfe844d6d9c84acc2760c85009b46afbe5d6a9a2acc1152a0dca489374b284e4a7de1375a0cddeaed36158acc92de7b985301c0c1492a691ba52d6c33afc89eebf57e05c718c4a2b0fcf5310c2100324062cd10f66be514128f23937463b67009bcf71c5f910829284fc1a3f73c07a3c50f81d39267bd713eccf96ddfbed8da4e268940efc8a47fecec1f1db32d6b51383f5144dc8474e80bb95938b855a1dac43720949fe231d121008d52f621888bb734b1b4b5f1c6326021ed23c0fee49d07acc6f6406e9f2362937b0fce6bebaa35ffe7f579d964328844d2cdc9abd4f20991ebb6d40d2b3a7e60a9c64aca93bde46cd85ef099cda2d58727527c328d6e31d8fbe82efd06c5fb28dcede6ab1574bc9debe565a8ae24487d4d0548e0abb378aa716ff15c957f2f114062ba1dd075a280d84e4e5d9537d75882c48c19923c19e0676fc44bcc25d679bfe72c9fdfe8d874eb2526c918429992b1ed366814e54047a6afc4be722f5e7ea24156ecf7028fb4e2621cebf363bd152d6542bd0649cd3bd0f56eb774587a6bbbd5e781a007b42b765ee2a98ce0fc8657300e265b2781c971e362c6e450885a2b4336b3dc49c1b204d5babb4605c269efc0287a8a136367bade569b90d3550713840ecdb2b696277b86c1781219d5ee08645ec905787ab10043f915a0c60eb31d2f6ac7f212f0a584d52a8a9c11e6d4461d44f845d77ad67af45530c061dc67a607f971e3c5eaa2191781e1f980f5696f72eb0869aba2af06f3856652f9160744d0e2ea7295ac083ba4740bcf8ebda9aaf4dca454640be4bfd67543dc8bdd2a5df905fffc7c4821292f9c108c4b8881cc43bc803b5be65dc258c2ab75dbb8a617b2897d18d242abe1d07cd610120b0208da8d7f3b418070eb3c6ffad6e09ad39ffaf821399e9dcffb913e98208ffda8d8ee85af1f8cfc32313e77a64c3cddf1b763520e589b8a4fda684f47dbf6e0aceda0a7ed24e605b9cf6367c3e56e55830de7fc301e4f22e53a4c46130dcf9f4f74f343e7a701dc1f686b4e65f8fe06f50cbc92ca1b3eb7ccf6ddc86dfdac8067ecd5850ca1b64a103a23b75b5bbd1274263d3fcd84fc0c2c8b2fe61c632183c98a6705dd0fea71b0995a8621045c1370793eddd6b29fab8aa57fcce999db3de9d40e7cb7dd7b2698bf0fb2a0454def6670f4be706239d0e442b06f42e5b213047dd92b926e2e554409582ca3d58773656eb3efd1f4f7f9d242280171cfbe5806ab5f923530917cb41ad32d11563f234b65c2f75df5ddc258be3a9a0431ae391c972c138a5d527e043ebfdd0bbef609bc8f048d6497f801e85858078fe9e6ce8edfedcc66f399e230fe9e26c177397582ed448c9eefb39ae81cec4f5b26a28483e950a4027aec8bf3daa903bb6b873a5b245c74e3ee5c2d537e4a15db45f5845d251ae2edf19c0828b058a4acbd8606abab2289625663694ee6f4dffd611e2701344fb8c9e1e863c60be1cb77efb928964e9934b894a512ed375ad3983ada4a1cd5d707e34f2d51acce9e956db0a78e5a193fd56ec9cd21ab6de9994eb12c213584b5ed0448dc0f4ad898e130a3c219ba0b764a0f5859d16f5c8b392623cbf1e3d75abb587d97a6ffc5c78f536ae5c59dd68e4a05cadd9ab8588fdffca013e9cd4041674cc100c1812e347d76900ed996169c2b1007a573a833dbcf69564778d6004b84c8c07d55c4401b037c6aa18ce541696be4383544c4017b7537d3823c7d5c7bc3c7e06f2386258be6263cc176247ee171dda017bb87851942244a692f1349aa0b9470eb8e5f91f5f1611723e63cc177283b887bebe2919e32f44b520fad485c1c39b24db7c46cb7a135e8317fd71903cd9e1351f5d8468f089d8a9180dcb971c57a5986bfcb9740cf56d867a1222206fa4789960c9319310e7a309e4c772513dd5bcf2545f50bc3a04872c383710054099a7abfb44452268ca42111545afaca096ac9e2ac3e82373b6a21b4316ef828214c7e92b1282ea7cf9aab52452781f17559c70b2f254a8f7a5ac2ffb2c98592e404319e766329a3135670422f9a3e5dea7d00607ea5f1caace689f01d79c0b95098ec428cd23ac3a83845d49e9b75b5ea5f982f8dcb77f7cea14054d8b8a5a2c8e2c1bf9017d476dd0d50916cce301f1bfa466224011b5326bf17d70fa38d71d3e6b79985da48e5b1c6298ede1cd46bacea81b8c017b918202038d8f0fe61e344382501a9dd67f13a8b858d33f9c3a5f7a848160c606081ea2df9fe756f38e6c543c56e6105c01c9ef571ba5493be2a2faaa02e42ca191fddb99dba00a2da8e62c34fae23a71333c5d5972b8d6459641a147c4537a4fe7bbdda3e56cae9ff0cb840c49c7be719cd5310422898809b49d4f0ea13ff62cfbc02e8d981c10ff4a29ce3426159e1516bc5fe10af03faa694ddbd9c13cf1a25425e1fcdba5187f310cc46083a86a270e3ad834144489a1067b915607b95f7b800607ec68fd969790f6d43ee772c2ddf61c50ee3a7a09ab96724f7173f362026ad0cf4aa7ca27474a4c74fd616cc7b48932a270a9ca0d021e3351401ba16ef7cd4cbf32f947216521830ae66f6ef949af6967d9bfca0d06e856a69c40c27e69edd15b86df66bd4107f2c7dc18a3b57c9909434d70593e55ac6455738b6cf7828a758606d99f6dd0faa0dc0a940ade5684b14290cac6749fef6c814110673905eb568ad061602a66826022e66711e7e340618486cbe32835ac48711c684681328e9242c78e44aba8695915e86f6a61893de37328725f8e622d2fd6c08885765a4f2b338c29321044eb02f577d51582141b2e77f3121144b52fd7a9629b57908d9ac4ecf3872b241c332b337a811a4c39e879a0cd10cb75a5aee69354e1d9c76bd59bb880e9571262c9d6b56958da35fc43a047d36d916e0d15e22c7af54bcbe45f47ab31727156189717b22568e8d50b3240d10c7ce30e8cc3c77c8ddf3c2668b6897d6d174b4457336672c295524fc5c7ceb654adac49cf42c7972dfe68b57abf04fac0be7a820562eadfdf0bd90185dda6e82ee4bb6ca48bc958e786a5866fe886c4d01fcabc92c422fee15bbe4da819841ed3b3a10c54b5fce4a4573d17fff1f341247e12e6b6a1f084c7f278a292fc7de95e7cc7809e4b540318cc9c1c0387098d4ec88c7d27585964c1a2b2f6b986ac84b634ff77b6869c5ab9db4f6569dfe8d25d5fb0a14580a3e3f33a59d92d52dbd91f7d0f34e8a98229e4ba7747380a070748e921bacfcf7d1ab97a7ffeee18258cc37119018ba095b086965a8c9a22259d13787610af09ea52a0236f72da1f378bbf860c126c84286db9eeb85455114a3d4a0a037a9f83a7f663f0921a1c851777b7e720e6dac972d7f6b5f754aa9697195e1ec4e3840bb7b4f89ac62d4ead5175948acb7c9038c43afb706ad0ded28ce9d17616208e3786afb8468fff25d94050749a1cd1a4e96acf4fa3da183b89651aee3a60e204477dc90d580cb9b0f94540c18dac78932b07641024fa0b3d087284c2fddaa87b4f276e9723aaf290c4d99a48154d1c6c93e99a8538ebb8d200018ce6165f560a16a972c1cbb322b5db647f9e4087e65d9df1b05c39bb8c67bf9593576428b79e41cf7a995f2c00752b8d3f89986793e7ffa64da34ee0ca4e095ba1a5f5915dfc8ea61d85ac187e97b89a28af34cd3b3076b35cfe07b3fd1d9f0c2b02eaba185597c7a2fed42af24cdeb2174e057fa9298616fcd84dc7fdefb83d98511ef983b0b18edc30c0ebe3a84ade6a76ff8cd209762832ba4466aa7c865892e815e0d413a7fae993d44576131fa39956c47492f455b4048ef47cf8a5af46bd77bfde64050b6c2d5491f39fd00a3fc9b88a742034dbeeabc7761d7768b5f405ff3c0fb1db7dfad67ff9367fd8d3f091698e5a7f2434a80ef54cba1aeb1789a9ba12d1dfe08f92caf6437693d2661ed5308722b41bf70b5dca0ee3b324a91c88edb1273e985e12c9b2d4dc5e88d5a8f4002ee4c702f244d837256b2f978ea8cbf806159efc315467f066359a40ea8e11d6957d47e488d95fe8d501724e808af7785fe612cbd45aa68757e0d14fe9781ba8121f92c1d7b1ac6d761b630c43e5faf07fb04f78a6a0d067583ca6160534f1197a107534566205629b5d7615cde7f1e2fd003bdbf3d8d85619c730b9b4121828e4284d583c15b4c85c38aa875d5ceda35a4f14269c4c1805210e897dcd270e9498a6b93d87e352e34bf69e3667139de87d7e083bec80e7468d935c24ca2b9880caa8afea9fa8f656daca055265cdd2078faee8b6aae45055753bdfe43b77fe33c6f476b95b5ed27ed05bb21d47710d1fa179270b99c018b5d6b8a4ac69e9ee068a29ba599fc232eebcd00966fb6a6be1eac750062a60dc0be227fbe47118f0e145227232d5cbe9a0dc1f17aa5267742825fb776e8e0b9b2bac07b74da2f01938004633b0bd94b6e042e44890e58cdf7fc0d9bdd481425afb8986908e89836f936813983f1ee4441f58127abf71a6eaf6aad80d03da63f7a17b09e53ebfe68726b02840a29f40c6e01a06d4dfb5ef14f2d30c8dd52fef0488f35e75793964aae3230368aa3d992455cd2efe41ab55881d9e2c677abc541423df3f9ee914c18a8d755f878e642f4b3bad281fe28d6d13ae619ebc57e5894cdaac50ed24f60f14968c12a33e6abf6354c26de18f3ae8ffbe123af9722588a37462603bbc5d11398793c1ae02ea45978ec35e215aa07fe91a163c05385476322c253ca8ed579cc3fa4c69fb94ae295628b5fd03136e1ac303b3150301c590c22d276ff00000000", 0x1000}, {&(0x7f0000002900)="797fb4aea177e69ebd59a0f5f3c606a3bddca6f4eee81c387578bbc916d2e39e98cfe5487dca01969898056b92e1f37457b65b9070fd99386d4aa44e263554d838d8063e2bc95dd3a5cdcb2fd5875b9a76ee70cc2e4250d35c81ec0eb56ce47d187370275ce6596cc4c8aa4565ac95f34651aa3628c1f4b1e007c826344f386ac6ef23e1350bdecc1c6bf7155456cc106b4779da12b7b573c7554f2ede1c3f4958607d6bef6f86d9a41a90346d84a81e3a27ed5a0493f7a82c484635bdbaea6398d8864db788155786bff7b00a692cfeaf9b7059c0d9a83d18c15222f72eb863900a3c2c626a4e14add1cf63a8f1eab29a443a92510a6790e8ecb5495d13e9b6c5e99f829de5e50a81f9288d98d38fec637497471e5b14e8291ac52a40b964a484267f429987e440666145bc5f86888a5cb77c5b49df710f5757ba852ad9f382836c0982b39e5a57d27a0c96c9cb5ccb1bbb38beb514a917855f8d46a3b0b75d2ef7f3d4073a1c9b4161af3097c4c4b17415800b05a4fb7e1c7d60134e4d44cbec7cd3e4b919af38f2d589f0d22b6aa61a309da3b172b11e46331b96683f543583d64afde53cacc2e1c9f6bc7bda7a319885904548416e77223350778c011bf2cc6c5824e4a76d8aed881b3519d86f42e572ba4cc4624d5799c4b2f09e9bb645a787f068d2a61b9cf0d394d4212004899d772428f1e0c2e3e15796dd36f851dcfc030664c538b55ec53412936151c278b2a70d4f19bf3d7042c7202b495ea4a285dcb0b2274dff6d61164fa740eac16336268a3f951fcf486229b4104a350055c9007d1b1493c20671e2b68bb660bb9fb3be9d59b3d0f8667aa5f10bada55ed54bd069d9359cb367712655800caa53753ad5ebe1bd24729114fd2ac6037b625d815a5efdd6073b931622e9f2f541c29c82470c44e152511d839724af252604a37e206fc96d0f4656eb1162f11ec3dacb24f4a2793f360f0844ced7ac29605793a508acec2ba2ae3340cc79b52322f4614477a380e5d9584e91b6af4f85514335320853f057a32f69c290d906466bab218d20610320871ae3f2400273f061695ce91ae2139778ba67fd728c0461de168b03e95d0af8bde0e1a70c6ad04d4bb45a5138f4c4d72f16c42f39772a95765d543ef636718bd08a182fb43947d6f94d516e7252eca9e3347c1a318c5d0135e89a990392ce257c24aaf2272c149ea017818952403b3f99da7960a2328adf3d92c249e31887344984dc813651953a714fd89bb9178469a264d9f259b98a4c8b05bf14fdb5a7dd471692ead1a813cce8c446088bcac0e23baa24988f2dee7b81f1205eb6df24dd1726cbb6795806a1d52108c218c8aab45cd2516af3ff6f70ed12cba82514b2912620cbb0a0e0c70368ede1dd175b5c9995124b231ba6817bf0f85d66cfac056209c1759dde2741469ba12ef8d71d463fcc49fcace9fd7e4d6b9301e27a5f2b5506efdc9b4de918057cd0e3f85b0d42b26547cd6ac24284a8bd8e99cd0c84b9272587b088e22916c64cbb04db2f5f0817a76d7becc4885a67da83eac8929b43cd6bc616d4b10ec3555211e49da0685806dbdaeadf05ba8d656118c92896a25afa7d091d4080ce7be884e0189ffa9540d533b6e6f3d1dd9180fcd485fe25f8aca438ebc603a76904bf4ce0cec09119ca3ba04d8875a15c5f7388887704a6e57e90daa225c9899bdb94d9573df0c79014c0917e97f10cfa65b1f54a5bddadf986ce26ede64f94ba02ead34a93260623eab9ccba37ee9a93d509c6047029ea5b3cafebb295e348cbcca78093767ed6981914a960ac8700cf45052066c6229a505d7d4fd58dca849526dfa5fe380a8f678acd04392fa914030d3afade155a9bdbf31b0bb3d9841912c8d6ebf3c0a221fcdc5c568f4a4161e97082716e48243d327f90318a5fbbee3778bcd1376d05aba632bb87d3c48860b570a26bde14cdfaab6015e6bc81f64ad508d91abc6a021c5b798a11413956b8ab63f245d81e0ed66c21115f4ce69a2c19b38acd4d43f85111a28fd8b505f890046b39a7e77ad2535f3e465f4b40afa1b6fbff8b0911ca44e124176b5402c8fc147b18269ca120094fc45d456effcd43a135d601cde514f43263283300e03f081f068df0935e91dbae0131cf5ea50896ad60becd0c0dfcf4aa3e7859104a251037464d99a0f22d5dfa76303a741625e007701a262828dfeb4504b94fa13f81c9f30613f171a75d1f41f8b1eecfead08adb077528dcbb2cb5f875882e57d7f42a9a8db8ce48598f4e265fe51dcc2c2968a32f0c24a066204184724cda2d3648b86c85e44fd31ae764d7fc39ab646e117279bbed734ed770db3d5ec65cb4274338ce7ec567b3897686d6829f11c1ca1b80cf71afad49b44d6ddf83c87eda38aa2287818e0db816d59395df0e56ee89b6075359be4b8c841b3aab661a214a2a466a2e1b5c185431a86c9edca1218895829678fcfff83e3b9cb54925f8142b61d1aad42131ab87cc0b0da1d69c13fa0387a90ddf536ebe53f0aaa5eaa17f58d34664f520e8464411b3e2723b181a7edad4c1eccb20a5d691b9bd71bb07aed266231f45b965658206d5d971142ba735f0d43bcbdeda5d8597ae8109fac56b25be846460e4ce7a9905a687f2a7613ac33a20bff6420d4c45c63028673a0845ca542df8ada94f72eac300709e01c22268f8bbdede4b2ae387dda94eefa50072db0d82157fb3b6cb88a8734cce586a793638405500a469b92756aa736332d82e5c032c04f151e31df66df180ec6fb552de9526e19a4352c57abdc27cc65166e11a76e96b77f5c49d60597fc69ac04cd7a240751c7207351882564e03e629eee35ade4d2df96a42d7174c1108d75a8444fac58dea5e5fef7fee7f1d1db030ae5118f2938b1447873ae891a750e9ec4aecc00875fc60f4acf1570e5594068aa66d1c46d6e83c04f1bc46f79a0982cf0075ae9fa9c4541cba334b96fb083c99472c8774f9f44259ce6dbc16725c823bca23102d5431c41eb1db8796fa51c56b017185e94a570644dbae3e72242a9f98757d5cf0343469c8cf789bcaaf467558506362eac1aee4f13d9b8ae5fdea46a093d05dab975e1df5dc9287b45e6bc15687c1512a63dbe3b973b213b7a4d0d34950a55a856bcf33fd75848316af76f2394ae389274e93667f9225e06222997800fcca4f2ce8632765681374d035bc24601d01fee679439a386fe9a2f9dd2486853ab0ad755f1c9fa9188b8c65baf08c9fd95f7ca5e7146bec6da895c413b3fcbe869ddacff9e7e5d29213bf03cb52b6030d94170672a318bc0c0023007bf471a8ab2f029fdd4fe53bfd30f8e3ade42e7ae42bd7804a7ee686c8410056a49cded8ad412f0f1d06d396c78dc1adc1184724bb22f757924952ac64f6ec3b786d8cde85804c59ab372226e9b23ff83095e6a64747e37f107aedcf2d517f71a3205aa1ff855437268c8dbe4fc232386606e40c0cb98ee10ff842eb7075982e3c511323914bfb72ea5a1df105b87943df0c0bdb8e1af9887d19798370604784874e77b45bb2db44052cdf9062190389b0113e7872d7d8d2416816dd31f0bce81c03158eda543a3e3c7ae804f1963f4c6c40575eb396b3da7a506e82c60ef97ee5a76041f2b7f5a3868258beb2e8655840da0463a0a114c43a71dcaa6ff26d3eca661303dbb0d48c23e5ab4ed58f577203611d5f8b060e50ccd6ba2713157d0aeb843eb3bfdff1656ba8ddd605b6c11d7354cd8d2ac633c39a324e5ad0b01e68fdab0591107b2a6c54f23efe9ebc0542d07ef7334ca2c72342e73b14e330a9d902b265e61cf5e68d446597a70278e87a79dfbaa1cd86fa4d2b68e65b2b0cd9a595e842af301ce7e213d416f4c6f80b937f01bc1495163446c9f09ef99f442b9d6e7ea48059eb0b2ebde7e148fb0b2af7cafca6c718be9c9cf3e91d1c2cedfe0074f7b2d249d08370305e5ef370b8a51a53de5a9c502c7e9d1a1f335bb7044ee31d3f89a8040e1c1eaaad4de3064a24a8f4d7e0aa247bde4336ed01eae3924a87f1b9da002df0cdfc2762d645bde4c2a2fbeec73105d9964ed0bd1d1a377788349789e6580f397b6d6d6c7fd2b39f7a37fa772318133c84d879d6954b7e9b7bd4d17013532b05952daa8004e06d90b3eabbb4af122528829d106caf4bffc2bc80364127a3624e41a47228233944db1356be302d4a12f476310b2beb5fe902cf8d1658b868e3fc951854feffade9edb99abedc0cfdd12774792c66817aebb23383000be04294e170df7dec1788abde3c5b335425ecc73c6b1ba8aab60e9a7a7dcd17259da54d6cf5c22980a76ddf5f2664075903be8bd7b29368734ace6908e6e16c6601ebe74b9e69f83810391430482ef0281b18c3fd969a372331bd444ecfabf76b8c3c5c00c0e370157e6404e61bfb9930324dd806c20e653e3f073679ccdfa5117da2853f18d2c8b8c20fb177c4f575efe899efc214f5bddbee46e0ac1d5fde5bb815cf08df0b5ad1944733e3f3bcafd5d3b3f53fc9d09e872a73d3dace7e51cfb78ac2fab5a582bcba85da5634c0e154a0b3a9709f0d7b2c4f364ec1e6fedafde4ed2a0359e1d9e901f016aa2043e1e3e6e22e17c0304aa259d05d0756b746c36e1d79fc94c86c6b641f36f0f40302f83e2ce45b04b3c7b900fab855b83e0e993b42e2aecab0803f52b98783f5f6add2c66b2c47ba202b0fdcd379b805bb4d490833db72bac5677e6810c6759b66e3287b96011c9268599631af7e3fceb6ac95a97404ce2b5381186b2cc96f4599a89d33a4faf99cb3cd8e32aa5102e690f24b027b1e5c76f26dc332b0c0db941fbeffadcdce04dd32f2fc147914ff5be235ff97eda70be0bea30abff59005551237bf05dd90ad4c15f85cbc78da7e6be5758ad601a3c23cf13275cde758967dca6d1901bc6359488662a0d6f2fd638bcb4ac8adb0ed25dd0c7afbfe03d6c8f8e076fe15f729aedcd2b86e347f8c917ff1b3f53711e7c3446ab04e83c66011f2116bf5d69346fb99a5351cb663e2f2712b45299ba07b250077dbeaf244d6cbab766f3ce34e3658dfd5db6b9e3bbc56100b4f653aa968c25f0f1e2abdc5c13353c3985a47da5b4fece72ce8f853c3faf89c71c46a0f7872fc0f54701edd8eba9b020ad28171b170e9d4fe382706a7463d5dbe46438011efbbc63475fb110a7767ede9f50a8e53d0efde66b7919bb8a7bd0086bfea95196d6ed56b033628aa5d2d4b0b51185aea3ea518e1d4c8044460b04d7dc4fb62dd5191bd2b76c0c05ef6790516a7d8ae0766d1a130727d0361247522dbeabc87fc7c2c113e25b08869c25800ba32619c72011b9be86941dfb0f428d73c2f13e40008ba37a44db668637f4d2ec787a82c50b193e3f2dbc256a12f8f44e12380998dfba01b61efa291ba16b35380e5dd44111a337ba32b204106bcca867354290e518f39b9bfdc5cb4e6dd99f2ef354769c128f3a9b277fa1bcd17ea99870777c0d6ef17595290082f44b8fdfb94b0f14e6b7c25c3c9556bd73346f9aa9b4515631f7c20691451f1af899c3dea3085b170c7cc10e6d6104875c90f33b537f129e5000d96575ccec85810540da0290156ecb2abd5c76b9cb3b4687913dae0b4c61d29169227314d01917389f959ebb069f65b7a045e4b5d2111c345866b511823f60b7d593e6462223ddff544332289b88b8bd9ae1e0e539fc488c4a48e00522009a853bfbea6a75ed2e406065f96410ca4924d1eb29361c590e6ce65c3b99d884cef8ca3c658bfc21a", 0xffc}], 0x6)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xd0, &(0x7f0000000000)=0x9, 0x4)
ptrace(0x10, r6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000280)={0x1, &(0x7f0000000180)=[{0x3, 0x0, 0x0, 0x7fc000fe}]})
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
ioctl$BTRFS_IOC_SNAP_CREATE(r7, 0x50002103, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="0000000020409500000000000000e4f9bc9281bd5a97dd0715b8765d94edc31b4c66435fce2c156117abd00ca82b0b6d36dadb782615e3855df8ded1d5ec231dcdb8496035a6424d81d15cbe43ca59cdde6f06a28191bd4f3f5b72abf384ed3fcdce3c85bb3bc9ee53013ac4a299977dccb8fbcdc6ad7cac911bbad16b6777630dbc5915f6f36de8ba28b09a123464c2b6f1820f225dbdd7f552371ebc28ee53d5e578aa47e8d02c5a1a81e5bb37316db9b21aa7add85844aeccf353200e6616"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r8}, 0x10)
syz_open_dev$loop(&(0x7f0000000300), 0x8b9, 0x80d81)
ptrace$pokeuser(0x6, 0x0, 0x4358, 0x4)
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYRESOCT=r4, @ANYRES16=r5, @ANYRES8=r5], 0x38}, 0x1, 0x0, 0x0, 0x40004}, 0x40080c0)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)

4.153422198s ago: executing program 1 (id=2953):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x0, 0x4}}, 0x20)
ioctl$SNDCTL_DSP_SYNC(r1, 0x5001, 0x0)
ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r2, 0xc0844123, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})
ioctl$SNDCTL_DSP_GETOSPACE(r1, 0x8010500c, &(0x7f00000000c0))
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r2, 0xc0884113, &(0x7f0000000280)={0x1, 0x956b, 0x3, 0xfffffffffffffff9, 0x1, 0x9, 0xfff, 0x6, 0x2, 0xffff, 0xc, 0x3})

3.888035192s ago: executing program 1 (id=2954):
openat$nullb(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r0 = openat$null(0xffffffffffffff9c, &(0x7f00000034c0), 0x902, 0x0)
pread64(r0, 0x0, 0x0, 0xe7)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000047000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000240)='ext4_load_inode\x00', r2, 0x0, 0x10000000000000e}, 0x57)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7, 0x2)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
r5 = dup3(r4, r3, 0x0)
sendmsg$key(r5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRES8=r2], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff00b70400000000000085000000030000009500"/72], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{r6}, 0x0, &(0x7f00000006c0)}, 0x20)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000300)=@o_path={&(0x7f00000002c0)='./file0\x00', 0x0, 0x8}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'team0\x00', <r7=>0x0})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r10, 0x4040aea0, &(0x7f0000000000)=@x86={0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfa, 0x2, 0x0, '\x00', 0x0, 0x8000})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000006c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="9fc88fecc806019b63000000000000000000000007000000002e3061003e007b64a6a947fdddb32e8f76588eabc9c3402f7d40b57ac5758588b976b5fbe5a5796c1a370fffffee41d0401a730e7a3e2b4964bb48c025bdf4a00cfc779db2bfc2a8f838698e2344e2432d592d7533b8ae0c4491747f958877fd93375120e020bc433ab0d21603c4b429709bc2"], &(0x7f0000001a00)=""/73, 0x1f, 0x49, 0x1, 0xfffffd59, 0x0, @void, @value}, 0x20)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r5, 0xc0189377, &(0x7f0000000200)={{0x1, 0x1, 0x18, r6, {0x1, 0x8}}, './file0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRES64=r7, @ANYRES32, @ANYBLOB="f9ffffff00000000fa00000000d4aeaa01010000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000100"/28], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x0, 0x3, &(0x7f00000005c0)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r11 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r11, 0x6, 0x0, 0x0, 0x0)
fsmount(r11, 0x1, 0x84)

3.844535314s ago: executing program 6 (id=2955):
r0 = fsopen(&(0x7f0000000080)='ocfs2\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='c:::\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r2, &(0x7f0000000440)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0x80, &(0x7f0000000680)=[{0x0, 0x60}, {&(0x7f0000000640)="25b2b3cb", 0x4}], 0x2, 0x0, 0x0, 0x900}, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r6, 0x7ac, &(0x7f0000000740)={&(0x7f0000000300)={{@my=0x0, 0x7fffffff}, {@host, 0x60a8}, 0x400, "77e86fc50bb6905d6746b4fed65b42f39a914134eeba3f15b582ce2d9af9a07622bf072c063351099b154c11dcf9d39fcc47bbd08f521bb6daadbd44b0ed57b6c319f625d0c90b30bf07e4c74f931968a18828130d3743ffab398ad6076b63ab6cd05df22a96ca716931c2a247feacfc5bb109adec1c68dfe02b3c705b4dc8d37abb19a6f83ac370b78bd49a102fce53e0fc336b10a83a5030452f83ada747cc2af916dd2440e5e438cd109ce9a92cdb7e21e53bd8467c15de7aa7d0d9cdf374fa3e1ca3af4c408194561d74a857a965821dbf75d65d75332970a690602d484f1fe68c79815761bf8b60be4c873b9c56c9e8fb9d0a7aea0ad527475e9e45ede356254f884c714398cd48438348654543ab81ac1fcceb35b39ad3e1a88cf1f1668fcc1873454ac66c09e900b6b1ae2dcafea5d62d365b34581fb660bfa8f721f2a53639ae9dd7995b4fbe1da88d29e41577fa71de1a4a9ec06b9ead01e331fb529ec337612ba61e1eb9d9703586f4c4bc3359e83919444b16354a219424c11ea8ad9f8880142702fa394a171da71a056fe1aa1c127da4ff96ac4418f0a358a9fecb11c7ea29ba9401c8defa38201c3f19043c46841527a008830e985cb31d6500d1c22a7c274fa05ad4c59cdb4828185ec3535665faaf340215d7988e944ac27afbca04b579095f402e152964b8cc38d3614d995dd32e9e38f71b8d7165062025f2d62650d1c5a205ea2e4fb6b0e0ca894b609f81ccb0b9e9ef2c3be07bfda99141cee59da3b8a9fa12aca2d8508cb8127aa657c3e626694aa62c41358345efe3418d82120b5c24d2515cb7e66ab3fbeba84ace2e0b722ebb37b0cc1d328dea5cfee6bf7d95aaa70507209c835d252595e3e0f7261b6bbbd4a087070b2e276be67c3a85ef6c6b4de72c815cfd8ef761eaef696f17d22fdedda7f78fc70bfed1c889d8d0eddc88d4bf9e900b6784bcc14b87f325d5216dba403b53b501a483c7acea612e711ae0990a3a46b0df5b601ac1b2da7016998f2f80861135f72910fc921adcfa4ea0bd1feb8eea72a9be629da2762f36145db35a90865e99d70b009863cc782abe9db813d70508b8761b91e19f46d712ff974eda817f92fe2983a354c4c767044fce0c314d400ca1e33725622baf0043bbfa19ecd26bb93d030599dcd8f90620d91b48e6f5ab6479c871209bb9cb3d2b8c8cf666f9f999bb562b57965111f8d21ba04f0bfc047a34148278d195deaa068c69ca5d42d9e9c828744e8cb561fb533c70e2d7c5bda13db8b95bf16a8b5368bc4aa1c36d9d8c4004f5afea062129170def6c8a2d9cc4a01cf1f01449c2fab6eb377a49405d4c92ef997f0f5f0ebf55507b408c731aab883cf56840fb05d29a48b566f7ce555bdbd5a17a08c8603b5b843e9b8968cb9e2edc122e7fde3d37ef77f3a054cc2fa6da1601686168"}, 0x418, 0xffff})
socket(0x40000000015, 0x5, 0x0)
r7 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x40, r7, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'geneve1\x00'}]}, 0x40}}, 0x0)
sendmsg$SMC_PNETID_DEL(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r7, 0xe27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)

3.768996221s ago: executing program 5 (id=2956):
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x18, 0x0, @fd_index=0x1, 0x0, 0x0, 0x0, 0x1})
syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$vim2m(&(0x7f0000000440), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f00000000c0)={0x3, 0x2, 0x2})
ioctl$vim2m_VIDIOC_EXPBUF(r3, 0xc0405668, 0x0)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r4, 0x5393, &(0x7f0000000000))
mount(0x0, 0x0, 0x0, 0xa0822, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000140)=""/65, 0x41}], 0x1)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r5, &(0x7f00000001c0)='\a', 0x1, 0x0, &(0x7f0000000280)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
shutdown(r5, 0x1)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r5, 0x84, 0xa, &(0x7f0000000240)={0xe, 0x0, 0x8200, 0xffff8001, 0x0, 0x0, 0x1000000, 0x7ff}, &(0x7f0000000100)=0x20)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'batadv0\x00'})
socket$netlink(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

2.737285595s ago: executing program 5 (id=2957):
mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x1, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000940)=@allocspi={0x224, 0x16, 0x1, 0x70bd2a, 0x25dfdbfd, {{{@in=@rand_addr=0x64010102, @in=@dev={0xac, 0x14, 0x14, 0x35}, 0x4e22, 0x10, 0x4e22, 0xf, 0x2, 0x80, 0x20, 0x1}, {@in6=@rand_addr=' \x01\x00', 0x4d5, 0x6c}, @in=@rand_addr=0x64010100, {0xffffffff, 0x4, 0xfffffffffffffff9, 0x7, 0x5, 0x2, 0x80000001, 0x1}, {0x9034, 0x2}, {0x9, 0xd, 0x4}, 0x70bd25, 0x3505, 0x2, 0x4, 0x5, 0xb0}, 0x0, 0x200}, [@etimer_thresh={0x8, 0xc, 0x1}, @algo_comp={0xcd, 0x3, {{'deflate\x00'}, 0x428, "c3b37f954ec8fdf2c93e4efd06e6d40a720537dbe9642d7510e65f85aa0891c89c4950bb242a1cc10a5adf8bc4f4117ac4007e9fb47c8fde3ed97b5c545a7c85026ee21129c097cc66184826525fa03f695073525446940b3c55c70bf1b7da1eea00908e6fe118bd42fdb607cf0203899809b381ebb4ce7517b4d32dfce0f88000cc6e3d70"}}, @offload={0xc, 0x1c, {0x0, 0x1}}, @address_filter={0x28, 0x1a, {@in6=@empty, @in6=@mcast2, 0xa, 0x78, 0x5}}, @sec_ctx={0x1d, 0x8, {0x19, 0x8, 0x1, 0x0, 0x11, "020b759a7df8d6bfe4edc0e75d56bc372e"}}]}, 0x224}, 0x1, 0x0, 0x0, 0x840}, 0x0)

2.598648632s ago: executing program 5 (id=2958):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x2c}, [@ldst={0x3, 0x0, 0x3, 0x1, 0x0, 0x10}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

2.550583092s ago: executing program 1 (id=2959):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
r1 = openat2(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x147440, 0xb, 0x20}, 0x18)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x101ff, 0x5, 0x4000, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f00000013c0)={0x3, 0x2, 0x2, {0x5, @vbi={0xb5, 0x0, 0x3, 0x0, [0x0, 0x8000000], [0x8200, 0x1]}}})
ioctl$VIDIOC_QBUF(r0, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x0, 0x10, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "001500"}, 0x0, 0x2, {}, 0x58603})
socket$inet_udp(0x2, 0x2, 0x0)

2.492684411s ago: executing program 6 (id=2960):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000003c40)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x101c008, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x482321cb74c946b6, 0x0)
syz_open_procfs(0x0, &(0x7f00000042c0)='mounts\x00')
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r1 = syz_io_uring_setup(0x6de, &(0x7f0000000480)={0x0, 0x6d02, 0x1000, 0x0, 0x323, 0x0, r0}, &(0x7f0000000100)=<r2=>0x0, &(0x7f00000000c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x4003, @fd=r0, 0x4, 0x0, 0x0, 0x0, 0x0, {0xffed}})
io_uring_enter(r1, 0x47ba, 0x0, 0x0, 0x0, 0x0)

2.485914552s ago: executing program 4 (id=2961):
read$qrtrtun(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ptrace$ARCH_MAP_VDSO_64(0x1e, r0, 0xffffffffd419f114, 0x2003)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(0xffffffffffffffff, 0x40186f40, 0x20000502)
sendmsg$AUDIT_GET(0xffffffffffffffff, 0x0, 0x20)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x25, &(0x7f0000000000)={0x0, @in={{0x2, 0x0, @empty}}}, 0x90)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_SETPLANE(r4, 0xc03064b7, &(0x7f0000000240)={r5, 0x0, 0x0, 0x7, 0x40, 0x4, 0x7, 0xaea8, 0x0, 0x8, 0x4, 0x6b})
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000015c0)={&(0x7f0000000200), 0xc, 0x0}, 0x0)
ioctl$DRM_IOCTL_MODE_ATOMIC(r4, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000001c0)=[r5], &(0x7f0000000180), &(0x7f0000000200), 0x0, 0x0, 0x2})
ioctl$SNDRV_TIMER_IOCTL_SELECT(r3, 0x40345410, &(0x7f00000083c0)={{0x1, 0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r3, 0x40505412, &(0x7f0000000240)={0x0, 0x8, 0x0, 0x0, 0x1d})

2.476637256s ago: executing program 2 (id=2962):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
chdir(0x0)
r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
fadvise64(r0, 0x0, 0x0, 0x600)

2.40181544s ago: executing program 5 (id=2963):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'crc32-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$inet(r1, &(0x7f0000001200)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f00000002c0)="2fd74a95b9", 0x5}], 0x1}}], 0x1, 0x200440d0)
getsockopt$inet_int(0xffffffffffffffff, 0x10d, 0xa, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001280)=ANY=[@ANYBLOB="3c00000010001ffe00989837a182138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000000000000140012800a00010076786c616e0000000400028008000a00", @ANYRESHEX], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
syz_emit_vhci(&(0x7f00000005c0)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}}}, 0x9)
syz_emit_vhci(&(0x7f0000000600)=@HCI_EVENT_PKT={0x4, @hci_ev_qos_setup_complete={{0xd, 0x14}, {0x5, 0xc8, {0x1, 0x7, 0x5, 0x400, 0x8d29}}}}, 0x17)
connect(0xffffffffffffffff, &(0x7f0000000680)=@ax25={{0x3, @bcast, 0x2}, [@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @null, @bcast, @default]}, 0x80)
syz_emit_vhci(&(0x7f0000001800)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x0, 0xc9, 0x9}}}, 0x7)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r2, 0x40605346, &(0x7f0000000040)={0x0, 0x0, {0x2}})
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc0bc5310, &(0x7f0000000100)={{}, 'port0\x00'})
r3 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r3, &(0x7f00000000c0), 0x492492492492627, 0x0)

2.320955734s ago: executing program 1 (id=2964):
r0 = fsopen(&(0x7f0000000080)='ocfs2\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='c:::\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r2, &(0x7f0000000440)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0x80, &(0x7f0000000680)=[{0x0, 0x60}, {&(0x7f0000000640)="25b2b3cb", 0x4}], 0x2, 0x0, 0x0, 0x900}, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r6, 0x7ac, &(0x7f0000000740)={&(0x7f0000000300)={{@my=0x0, 0x7fffffff}, {@host, 0x60a8}, 0x400, "77e86fc50bb6905d6746b4fed65b42f39a914134eeba3f15b582ce2d9af9a07622bf072c063351099b154c11dcf9d39fcc47bbd08f521bb6daadbd44b0ed57b6c319f625d0c90b30bf07e4c74f931968a18828130d3743ffab398ad6076b63ab6cd05df22a96ca716931c2a247feacfc5bb109adec1c68dfe02b3c705b4dc8d37abb19a6f83ac370b78bd49a102fce53e0fc336b10a83a5030452f83ada747cc2af916dd2440e5e438cd109ce9a92cdb7e21e53bd8467c15de7aa7d0d9cdf374fa3e1ca3af4c408194561d74a857a965821dbf75d65d75332970a690602d484f1fe68c79815761bf8b60be4c873b9c56c9e8fb9d0a7aea0ad527475e9e45ede356254f884c714398cd48438348654543ab81ac1fcceb35b39ad3e1a88cf1f1668fcc1873454ac66c09e900b6b1ae2dcafea5d62d365b34581fb660bfa8f721f2a53639ae9dd7995b4fbe1da88d29e41577fa71de1a4a9ec06b9ead01e331fb529ec337612ba61e1eb9d9703586f4c4bc3359e83919444b16354a219424c11ea8ad9f8880142702fa394a171da71a056fe1aa1c127da4ff96ac4418f0a358a9fecb11c7ea29ba9401c8defa38201c3f19043c46841527a008830e985cb31d6500d1c22a7c274fa05ad4c59cdb4828185ec3535665faaf340215d7988e944ac27afbca04b579095f402e152964b8cc38d3614d995dd32e9e38f71b8d7165062025f2d62650d1c5a205ea2e4fb6b0e0ca894b609f81ccb0b9e9ef2c3be07bfda99141cee59da3b8a9fa12aca2d8508cb8127aa657c3e626694aa62c41358345efe3418d82120b5c24d2515cb7e66ab3fbeba84ace2e0b722ebb37b0cc1d328dea5cfee6bf7d95aaa70507209c835d252595e3e0f7261b6bbbd4a087070b2e276be67c3a85ef6c6b4de72c815cfd8ef761eaef696f17d22fdedda7f78fc70bfed1c889d8d0eddc88d4bf9e900b6784bcc14b87f325d5216dba403b53b501a483c7acea612e711ae0990a3a46b0df5b601ac1b2da7016998f2f80861135f72910fc921adcfa4ea0bd1feb8eea72a9be629da2762f36145db35a90865e99d70b009863cc782abe9db813d70508b8761b91e19f46d712ff974eda817f92fe2983a354c4c767044fce0c314d400ca1e33725622baf0043bbfa19ecd26bb93d030599dcd8f90620d91b48e6f5ab6479c871209bb9cb3d2b8c8cf666f9f999bb562b57965111f8d21ba04f0bfc047a34148278d195deaa068c69ca5d42d9e9c828744e8cb561fb533c70e2d7c5bda13db8b95bf16a8b5368bc4aa1c36d9d8c4004f5afea062129170def6c8a2d9cc4a01cf1f01449c2fab6eb377a49405d4c92ef997f0f5f0ebf55507b408c731aab883cf56840fb05d29a48b566f7ce555bdbd5a17a08c8603b5b843e9b8968cb9e2edc122e7fde3d37ef77f3a054cc2fa6da1601686168"}, 0x418, 0xffff})
socket(0x40000000015, 0x5, 0x0)
r7 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x40, r7, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'geneve1\x00'}]}, 0x40}}, 0x0)
sendmsg$SMC_PNETID_DEL(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r7, 0xe27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0)
socket(0xa, 0x1, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)

2.196051465s ago: executing program 2 (id=2965):
r0 = syz_io_uring_setup(0x24f8, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
r3 = socket$inet6_dccp(0xa, 0x6, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x80, &(0x7f0000000200)=@in6={0xa, 0x0, 0x0, @dev}})
io_uring_enter(r0, 0x4e67, 0x0, 0x0, 0x0, 0xa2)
shutdown(r3, 0x0)

2.193433805s ago: executing program 6 (id=2966):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
close(r0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
munmap(&(0x7f0000003000/0x3000)=nil, 0x3000)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$xdp(r2, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)=[{0x0}, {&(0x7f0000004780)='8', 0x1}], 0x2, 0x0, 0x0, 0x48000}, 0x84)
socket$kcm(0x2, 0xa, 0x2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
semtimedop(0x0, &(0x7f0000000040)=[{0x0, 0x1}], 0x1, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r4, 0x84, 0x15, &(0x7f0000000080)={0xf}, 0x1)
semop(0x0, &(0x7f00000000c0)=[{}, {}], 0x2)
semop(0x0, &(0x7f0000000180)=[{}, {}], 0x2)
semctl$IPC_RMID(0x0, 0x0, 0x0)
r5 = socket$inet(0x2b, 0x801, 0x0)
ioctl$int_in(r5, 0x5452, &(0x7f0000000280)=0x8)
poll(&(0x7f0000000140)=[{r5, 0x68}], 0x1, 0x200)
sendmsg$nl_route(r3, 0x0, 0x4000)
r6 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}})
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r6, 0x6, 0x23, &(0x7f00000001c0)={&(0x7f0000004000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, &(0x7f0000000300)=""/241, 0xf1, 0x0, &(0x7f0000000440)=""/90, 0x5a}, &(0x7f0000000280)=0x40)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000680)={&(0x7f0000000480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x4, [@enum64={0x3, 0x0, 0x0, 0x13, 0x0, 0x2}]}, {0x0, [0x30, 0x2e]}}, 0x0, 0x28, 0x0, 0x1, 0x7, 0x0, @void, @value}, 0x28)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000000)={'wlan1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
futex(&(0x7f00000000c0)=0x1, 0x6, 0x0, &(0x7f0000000100), 0x0, 0x0)
write$tun(r1, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000"], 0xfdef)
read$FUSE(r0, &(0x7f000000a3c0)={0x2020}, 0x2020)

1.302795187s ago: executing program 4 (id=2967):
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000000)=@IORING_OP_FSYNC={0x3, 0x18, 0x0, @fd_index=0x1, 0x0, 0x0, 0x0, 0x1})
syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = syz_open_dev$vim2m(&(0x7f0000000440), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f00000000c0)={0x3, 0x2, 0x2})
ioctl$vim2m_VIDIOC_EXPBUF(r3, 0xc0405668, 0x0)
r4 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r4, 0x5393, &(0x7f0000000000))
mount(0x0, 0x0, 0x0, 0xa0822, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000140)=""/65, 0x41}], 0x1)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r5, &(0x7f00000001c0)='\a', 0x1, 0x0, &(0x7f0000000280)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
shutdown(r5, 0x1)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r5, 0x84, 0xa, &(0x7f0000000240)={0xe, 0x0, 0x8200, 0xffff8001, 0x0, 0x0, 0x1000000, 0x7ff}, &(0x7f0000000100)=0x20)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'batadv0\x00'})
socket$netlink(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

668.589373ms ago: executing program 5 (id=2969):
openat$nullb(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r0 = openat$null(0xffffffffffffff9c, &(0x7f00000034c0), 0x902, 0x0)
pread64(r0, 0x0, 0x0, 0xe7)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000047000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b7030000000000f7850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000240)='ext4_load_inode\x00', r2, 0x0, 0x10000000000000e}, 0x57)
set_mempolicy(0x4005, &(0x7f0000000080)=0x7, 0x2)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = socket$key(0xf, 0x3, 0x2)
r5 = dup3(r4, r3, 0x0)
sendmsg$key(r5, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=ANY=[@ANYRES8=r2], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffff00b70400000000000085000000030000009500"/72], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000700)={{r6}, 0x0, &(0x7f00000006c0)}, 0x20)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000300)=@o_path={&(0x7f00000002c0)='./file0\x00', 0x0, 0x8}, 0x18)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'team0\x00', <r7=>0x0})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r9, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r10 = ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r10, 0x4040aea0, &(0x7f0000000000)=@x86={0x1, 0x0, 0x0, 0x0, 0x0, 0x4, 0x10, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3, 0x0, 0xfa, 0x2, 0x0, '\x00', 0x0, 0x8000})
ioctl$KVM_RUN(r10, 0xae80, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000006c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="9fc88fecc806019b63000000000000000000000007000000002e3061003e007b64a6a947fdddb32e8f76588eabc9c3402f7d40b57ac5758588b976b5fbe5a5796c1a370fffffee41d0401a730e7a3e2b4964bb48c025bdf4a00cfc779db2bfc2a8f838698e2344e2432d592d7533b8ae0c4491747f958877fd93375120e020bc433ab0d21603c4b429709bc2"], &(0x7f0000001a00)=""/73, 0x1f, 0x49, 0x1, 0xfffffd59, 0x0, @void, @value}, 0x20)
ioctl$AUTOFS_DEV_IOCTL_FAIL(r5, 0xc0189377, &(0x7f0000000200)={{0x1, 0x1, 0x18, r6, {0x1, 0x8}}, './file0\x00'})
bpf$MAP_CREATE(0x0, &(0x7f0000000340)=ANY=[@ANYRES64=r7, @ANYRES32, @ANYBLOB="f9ffffff00000000fa00000000d4aeaa01010000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000100"/28], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x0, 0x3, &(0x7f00000005c0)=ANY=[], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r11 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r11, 0x6, 0x0, 0x0, 0x0)
fsmount(r11, 0x1, 0x84)

302.315376ms ago: executing program 4 (id=2970):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, &(0x7f0000000000)={0x8, 0xffeffe01, 0x3, 0xbf80, 0x6, "f20a8d58fbc7d35d0c8736ce0da464b18730ae"})
r1 = socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = open(&(0x7f00009e1000)='./file0\x00', 0x48141, 0x0)
fcntl$setlease(r5, 0x400, 0x0)
fcntl$getflags(r5, 0x401)
rt_sigaction(0x16, &(0x7f0000000080)={0x0, 0x73f90401a4ce04d2, 0x0}, 0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
clock_settime(0x0, &(0x7f0000003c80)={0x77359400})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@ipv4_getnetconf={0x1c, 0x52, 0x400, 0x70bd29, 0x25dfdbfc, {}, [@NETCONFA_FORWARDING={0x8, 0x2, 0x2}]}, 0x1c}}, 0x4000000)
write$binfmt_script(r0, &(0x7f0000000240), 0x208e24b)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r6 = getpid()
sched_setscheduler(r6, 0x2, 0x0)

0s ago: executing program 6 (id=2971):
r0 = fsopen(&(0x7f0000000080)='ocfs2\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='c:::\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r2, &(0x7f0000000440)={&(0x7f0000000100)=@l2tp6={0xa, 0x0, 0x0, @remote}, 0x80, &(0x7f0000000680)=[{0x0, 0x60}, {&(0x7f0000000640)="25b2b3cb", 0x4}], 0x2, 0x0, 0x0, 0x900}, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee6, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
ioctl$IOCTL_VMCI_DATAGRAM_RECEIVE(r6, 0x7ac, &(0x7f0000000740)={&(0x7f0000000300)={{@my=0x0, 0x7fffffff}, {@host, 0x60a8}, 0x400, "77e86fc50bb6905d6746b4fed65b42f39a914134eeba3f15b582ce2d9af9a07622bf072c063351099b154c11dcf9d39fcc47bbd08f521bb6daadbd44b0ed57b6c319f625d0c90b30bf07e4c74f931968a18828130d3743ffab398ad6076b63ab6cd05df22a96ca716931c2a247feacfc5bb109adec1c68dfe02b3c705b4dc8d37abb19a6f83ac370b78bd49a102fce53e0fc336b10a83a5030452f83ada747cc2af916dd2440e5e438cd109ce9a92cdb7e21e53bd8467c15de7aa7d0d9cdf374fa3e1ca3af4c408194561d74a857a965821dbf75d65d75332970a690602d484f1fe68c79815761bf8b60be4c873b9c56c9e8fb9d0a7aea0ad527475e9e45ede356254f884c714398cd48438348654543ab81ac1fcceb35b39ad3e1a88cf1f1668fcc1873454ac66c09e900b6b1ae2dcafea5d62d365b34581fb660bfa8f721f2a53639ae9dd7995b4fbe1da88d29e41577fa71de1a4a9ec06b9ead01e331fb529ec337612ba61e1eb9d9703586f4c4bc3359e83919444b16354a219424c11ea8ad9f8880142702fa394a171da71a056fe1aa1c127da4ff96ac4418f0a358a9fecb11c7ea29ba9401c8defa38201c3f19043c46841527a008830e985cb31d6500d1c22a7c274fa05ad4c59cdb4828185ec3535665faaf340215d7988e944ac27afbca04b579095f402e152964b8cc38d3614d995dd32e9e38f71b8d7165062025f2d62650d1c5a205ea2e4fb6b0e0ca894b609f81ccb0b9e9ef2c3be07bfda99141cee59da3b8a9fa12aca2d8508cb8127aa657c3e626694aa62c41358345efe3418d82120b5c24d2515cb7e66ab3fbeba84ace2e0b722ebb37b0cc1d328dea5cfee6bf7d95aaa70507209c835d252595e3e0f7261b6bbbd4a087070b2e276be67c3a85ef6c6b4de72c815cfd8ef761eaef696f17d22fdedda7f78fc70bfed1c889d8d0eddc88d4bf9e900b6784bcc14b87f325d5216dba403b53b501a483c7acea612e711ae0990a3a46b0df5b601ac1b2da7016998f2f80861135f72910fc921adcfa4ea0bd1feb8eea72a9be629da2762f36145db35a90865e99d70b009863cc782abe9db813d70508b8761b91e19f46d712ff974eda817f92fe2983a354c4c767044fce0c314d400ca1e33725622baf0043bbfa19ecd26bb93d030599dcd8f90620d91b48e6f5ab6479c871209bb9cb3d2b8c8cf666f9f999bb562b57965111f8d21ba04f0bfc047a34148278d195deaa068c69ca5d42d9e9c828744e8cb561fb533c70e2d7c5bda13db8b95bf16a8b5368bc4aa1c36d9d8c4004f5afea062129170def6c8a2d9cc4a01cf1f01449c2fab6eb377a49405d4c92ef997f0f5f0ebf55507b408c731aab883cf56840fb05d29a48b566f7ce555bdbd5a17a08c8603b5b843e9b8968cb9e2edc122e7fde3d37ef77f3a054cc2fa6da1601686168"}, 0x418, 0xffff})
socket(0x40000000015, 0x5, 0x0)
r7 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x40, r7, 0x1, 0x0, 0x0, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'geneve1\x00'}]}, 0x40}}, 0x0)
sendmsg$SMC_PNETID_DEL(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)={0x14, r7, 0xe27, 0x0, 0x0, {0x4, 0x7, 0x2}}, 0x14}, 0x1, 0x40030000000000}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

c_skb+0x10/0x10
[  938.445577][T15200]  ? netlink_autobind+0xd6/0x2f0
[  938.450503][T15200]  ? netlink_autobind+0x2b0/0x2f0
[  938.455535][T15200]  netlink_sendmsg+0x638/0xcb0
[  938.460292][T15200]  ? __pfx_netlink_sendmsg+0x10/0x10
[  938.465580][T15200]  ? __pfx_netlink_sendmsg+0x10/0x10
[  938.470868][T15200]  __sock_sendmsg+0x221/0x270
[  938.475550][T15200]  ____sys_sendmsg+0x52a/0x7e0
[  938.480312][T15200]  ? __pfx_____sys_sendmsg+0x10/0x10
[  938.485588][T15200]  ? __fget_files+0x2a/0x410
[  938.490176][T15200]  ? __fget_files+0x2a/0x410
[  938.494766][T15200]  __sys_sendmsg+0x269/0x350
[  938.499354][T15200]  ? __pfx_lock_release+0x10/0x10
[  938.504389][T15200]  ? __pfx___sys_sendmsg+0x10/0x10
[  938.509504][T15200]  ? __pfx_vfs_write+0x10/0x10
[  938.514285][T15200]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  938.520629][T15200]  ? do_syscall_64+0x100/0x230
[  938.525412][T15200]  ? do_syscall_64+0xb6/0x230
[  938.530093][T15200]  do_syscall_64+0xf3/0x230
[  938.534609][T15200]  ? clear_bhb_loop+0x35/0x90
[  938.539297][T15200]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  938.545188][T15200] RIP: 0033:0x7fd1fa780809
[  938.549614][T15200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  938.569232][T15200] RSP: 002b:00007fd1fb5e3058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  938.577655][T15200] RAX: ffffffffffffffda RBX: 00007fd1fa945fa0 RCX: 00007fd1fa780809
[  938.585623][T15200] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000004
[  938.593590][T15200] RBP: 00007fd1fb5e30a0 R08: 0000000000000000 R09: 0000000000000000
[  938.601560][T15200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  938.609527][T15200] R13: 0000000000000000 R14: 00007fd1fa945fa0 R15: 00007ffcdc86ac58
[  938.617507][T15200]  </TASK>
[  939.722110][T15194] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2369'.
[  940.857823][T15216] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2441'.
[  942.626608][T15229] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2445'.
[  943.954712][T15229] ubi: mtd0 is already attached to ubi0
[  944.270502][T15240] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  944.279601][T15240] xt_TPROXY: Can be used only with -p tcp or -p udp
[  944.833289][T15246] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2451'.
[  944.857822][T15246] macvtap7: entered promiscuous mode
[  944.863779][T15246] macvtap7: entered allmulticast mode
[  944.880395][T15246] 8021q: adding VLAN 0 to HW filter on device macvtap7
[  945.814919][T15249] netlink: 'syz.1.2446': attribute type 21 has an invalid length.
[  945.833263][T15249] netlink: 156 bytes leftover after parsing attributes in process `syz.1.2446'.
[  945.888959][T15257] ipvlan2: entered promiscuous mode
[  945.933698][T15259] netlink: 68 bytes leftover after parsing attributes in process `syz.6.2454'.
[  945.956439][T15260] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  945.969687][T15260] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  946.224272][T12428] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  947.056081][T12428] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  947.066625][T15269] FAULT_INJECTION: forcing a failure.
[  947.066625][T15269] name failslab, interval 1, probability 0, space 0, times 0
[  947.083935][T12428] usb 6-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config
[  947.105696][T15269] CPU: 1 UID: 0 PID: 15269 Comm: syz.6.2457 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  947.116162][T15269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  947.126412][T15269] Call Trace:
[  947.129701][T15269]  <TASK>
[  947.132645][T15269]  dump_stack_lvl+0x241/0x360
[  947.137344][T15269]  ? __pfx_dump_stack_lvl+0x10/0x10
[  947.142567][T15269]  ? __pfx__printk+0x10/0x10
[  947.147187][T15269]  ? __kmalloc_noprof+0xb5/0x4c0
[  947.152143][T15269]  ? __pfx___might_resched+0x10/0x10
[  947.157455][T15269]  should_fail_ex+0x3b0/0x4e0
[  947.162150][T15269]  should_failslab+0xac/0x100
[  947.166844][T15269]  __kmalloc_noprof+0xdd/0x4c0
[  947.171648][T15269]  ? iovec_from_user+0x87/0x240
[  947.176531][T15269]  iovec_from_user+0x87/0x240
[  947.181231][T15269]  __import_iovec+0x152/0x870
[  947.185944][T15269]  import_iovec+0xeb/0x120
[  947.190377][T15269]  copy_msghdr_from_user+0x52f/0x680
[  947.195665][T15269]  ? read_tsc+0x9/0x20
[  947.199737][T15269]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  947.205544][T15269]  ? __fget_files+0x2a/0x410
[  947.210140][T15269]  ? __fget_files+0x2a/0x410
[  947.214775][T15269]  do_recvmmsg+0x3bd/0xab0
[  947.219194][T15269]  ? __pfx_do_recvmmsg+0x10/0x10
[  947.224156][T15269]  ? __pfx___might_resched+0x10/0x10
[  947.229442][T15269]  ? __might_fault+0xaa/0x120
[  947.234115][T15269]  ? __pfx_lock_release+0x10/0x10
[  947.239135][T15269]  ? vfs_write+0x730/0xd30
[  947.243558][T15269]  ? get_timespec64+0x19c/0x280
[  947.248437][T15269]  __x64_sys_recvmmsg+0x1b8/0x250
[  947.253465][T15269]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  947.259006][T15269]  ? do_syscall_64+0x100/0x230
[  947.263762][T15269]  ? do_syscall_64+0xb6/0x230
[  947.268432][T15269]  do_syscall_64+0xf3/0x230
[  947.272931][T15269]  ? clear_bhb_loop+0x35/0x90
[  947.277605][T15269]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  947.283491][T15269] RIP: 0033:0x7fb67d980809
[  947.287904][T15269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  947.307508][T15269] RSP: 002b:00007fb67e757058 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  947.315919][T15269] RAX: ffffffffffffffda RBX: 00007fb67db45fa0 RCX: 00007fb67d980809
[  947.323888][T15269] RDX: 04000000000003b4 RSI: 00000000200037c0 RDI: 0000000000000003
[  947.331866][T15269] RBP: 00007fb67e7570a0 R08: 0000000020003700 R09: 0000000000000000
[  947.339831][T15269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  947.347793][T15269] R13: 0000000000000000 R14: 00007fb67db45fa0 R15: 00007ffc39f328a8
[  947.355772][T15269]  </TASK>
[  947.359748][T12428] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  947.368976][T12428] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9
[  947.379983][T12428] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8240, setting to 1024
[  947.393637][T12428] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  947.402874][T12428] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  947.411545][T12428] usb 6-1: Product: syz
[  947.421594][T12428] usb 6-1: Manufacturer: syz
[  947.444993][T12428] cdc_wdm 6-1:1.0: skipping garbage
[  947.450571][T12428] cdc_wdm 6-1:1.0: skipping garbage
[  947.472330][T12428] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  947.481073][T12428] cdc_wdm 6-1:1.0: Unknown control protocol
[  947.765850][T15277] block nbd6: NBD_DISCONNECT
[  947.813828][T15277] block nbd6: Send disconnect failed -107
[  947.878512][T15277] block nbd6: Disconnected due to user request.
[  947.974508][T15277] block nbd6: shutting down sockets
[  948.061904][ T2151] usb 6-1: USB disconnect, device number 17
[  948.339091][T15297] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2465'.
[  949.265569][T15297] macvtap7: entered promiscuous mode
[  949.306413][T15297] macvtap7: entered allmulticast mode
[  949.315222][T15297] 8021q: adding VLAN 0 to HW filter on device macvtap7
[  949.353835][T15306] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  949.371630][T15306] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  950.532000][   T54] Bluetooth: hci4: command 0x041b tx timeout
[  950.798009][   T46] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  951.063127][   T46] usb 7-1: config 0 has an invalid descriptor of length 132, skipping remainder of the config
[  951.121298][T15323] syz.1.2471 (15323) used obsolete PPPIOCDETACH ioctl
[  951.128703][   T46] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  951.138229][   T46] usb 7-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  951.161067][   T46] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  951.184678][   T46] usb 7-1: config 0 descriptor??
[  952.754434][T15338] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2476'.
[  952.951125][T15338] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2476'.
[  953.245077][T15189] usb 7-1: USB disconnect, device number 2
[  953.551464][T15348] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  953.592796][T15348] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  953.612447][T15348] FAULT_INJECTION: forcing a failure.
[  953.612447][T15348] name failslab, interval 1, probability 0, space 0, times 0
[  953.626115][ T8160] Bluetooth: hci5: received HCILL_GO_TO_SLEEP_ACK in state 1
[  953.644490][ T8160] Bluetooth: hci5: Frame reassembly failed (-84)
[  953.650979][T15348] CPU: 1 UID: 0 PID: 15348 Comm: syz.1.2480 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  953.661425][T15348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  953.671503][T15348] Call Trace:
[  953.674802][T15348]  <TASK>
[  953.677747][T15348]  dump_stack_lvl+0x241/0x360
[  953.682451][T15348]  ? __pfx_dump_stack_lvl+0x10/0x10
[  953.687680][T15348]  ? __pfx__printk+0x10/0x10
[  953.692305][T15348]  ? kmem_cache_alloc_noprof+0x48/0x380
[  953.697899][T15348]  ? __pfx___might_resched+0x10/0x10
[  953.703220][T15348]  should_fail_ex+0x3b0/0x4e0
[  953.707925][T15348]  should_failslab+0xac/0x100
[  953.712631][T15348]  ? security_file_alloc+0x32/0x310
[  953.717851][T15348]  kmem_cache_alloc_noprof+0x70/0x380
[  953.723256][T15348]  security_file_alloc+0x32/0x310
[  953.728308][T15348]  init_file+0x91/0x280
[  953.732577][T15348]  alloc_empty_file+0xb8/0x1d0
[  953.737368][T15348]  path_openat+0x107/0x3590
[  953.741902][T15348]  ? mark_lock+0x9a/0x360
[  953.746255][T15348]  ? __pfx_stack_trace_save+0x10/0x10
[  953.751669][T15348]  ? __lock_acquire+0x1397/0x2100
[  953.756724][T15348]  ? __pfx_path_openat+0x10/0x10
[  953.761713][T15348]  do_filp_open+0x27f/0x4e0
[  953.766252][T15348]  ? __pfx_do_filp_open+0x10/0x10
[  953.771304][T15348]  ? do_raw_spin_lock+0x14f/0x370
[  953.776392][T15348]  do_sys_openat2+0x13e/0x1d0
[  953.781094][T15348]  ? __pfx_do_sys_openat2+0x10/0x10
[  953.786316][T15348]  ? __fget_files+0x2a/0x410
[  953.790933][T15348]  ? __fget_files+0x2a/0x410
[  953.795556][T15348]  __x64_sys_openat+0x247/0x2a0
[  953.800437][T15348]  ? __pfx___x64_sys_openat+0x10/0x10
[  953.805843][T15348]  ? do_syscall_64+0x100/0x230
[  953.810723][T15348]  ? do_syscall_64+0xb6/0x230
[  953.815520][T15348]  do_syscall_64+0xf3/0x230
[  953.820044][T15348]  ? clear_bhb_loop+0x35/0x90
[  953.824748][T15348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  953.830666][T15348] RIP: 0033:0x7f131597f170
[  953.835098][T15348] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 8f 02 00 8b 44
[  953.854734][T15348] RSP: 002b:00007f1316746b90 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  953.863184][T15348] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f131597f170
[  953.871280][T15348] RDX: 0000000000000002 RSI: 00007f1316746c30 RDI: 00000000ffffff9c
[  953.879423][T15348] RBP: 00007f1316746c30 R08: 0000000000000000 R09: 00007f13167469a7
[  953.887854][T15348] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  953.895845][T15348] R13: 0000000000000000 R14: 00007f1315b45fa0 R15: 00007ffcdaabe928
[  953.903851][T15348]  </TASK>
[  954.825049][   T46] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  955.665256][   T54] Bluetooth: hci5: command 0x1003 tx timeout
[  955.672348][ T5855] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  956.146065][   T46] usb 6-1: config 0 has an invalid interface number: 117 but max is 0
[  956.246308][   T46] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  956.633465][T15377] loop6: detected capacity change from 0 to 1
[  956.650896][   T46] usb 6-1: config 0 has no interface number 0
[  956.650965][T15377] Dev loop6: unable to read RDB block 1
[  956.661138][   T46] usb 6-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  956.664501][T15378] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  956.694145][   T29] audit: type=1326 audit(1732804387.281:2155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15376 comm="syz.2.2489" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa780809 code=0x0
[  956.722051][T15377]  loop6: unable to read partition table
[  956.732546][   T46] usb 6-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  956.743514][T15377] loop6: partition table beyond EOD, 
[  956.749997][T15378] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  956.763553][T15377] truncated
[  956.775462][T15377] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[  956.775462][T15377] 
) failed (rc=-5)
[  956.791246][   T46] usb 6-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  956.820898][   T46] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  956.829987][   T46] usb 6-1: Product: syz
[  956.837975][   T46] usb 6-1: Manufacturer: syz
[  956.842612][   T46] usb 6-1: SerialNumber: syz
[  956.881534][   T46] usb 6-1: config 0 descriptor??
[  957.365435][   T29] audit: type=1400 audit(1732804387.931:2156): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=15385 comm="syz.1.2492"
[  957.430669][   T29] audit: type=1400 audit(1732804387.931:2157): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=15385 comm="syz.1.2492"
[  957.792455][T15354] vlan0: entered promiscuous mode
[  958.068874][   T46] usb 6-1: USB disconnect, device number 18
[  958.075290][   T29] audit: type=1400 audit(1732804388.661:2158): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=15353 comm="syz.5.2482" daddr=::ffff:172.20.20.187
[  958.253401][T15397] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  958.263158][T15397] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  958.337145][T15401] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2498'.
[  958.403635][T15403] No source specified
[  958.712811][ T2151] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  958.813442][T15409] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2500'.
[  959.724056][ T2151] usb 7-1: Using ep0 maxpacket: 32
[  959.773225][ T2151] usb 7-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  959.819137][ T2151] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  959.867417][ T2151] usb 7-1: Product: syz
[  959.885172][ T2151] usb 7-1: Manufacturer: syz
[  959.889811][ T2151] usb 7-1: SerialNumber: syz
[  959.903020][T15415] bridge1: entered promiscuous mode
[  959.923134][T15415] bridge1: entered allmulticast mode
[  960.164353][T12428] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  960.482190][ T2151] usb 7-1: config 0 descriptor??
[  960.487345][T12428] usb 6-1: Using ep0 maxpacket: 16
[  960.514852][T12428] usb 6-1: New USB device found, idVendor=0c72, idProduct=0013, bcdDevice=ba.be
[  960.530559][T12428] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  960.539652][T12428] usb 6-1: Product: syz
[  960.556974][T12428] usb 6-1: Manufacturer: syz
[  960.561728][T12428] usb 6-1: SerialNumber: syz
[  960.572398][T12428] usb 6-1: config 0 descriptor??
[  961.386489][T15433] overlayfs: conflicting options: nfs_export=on,index=off
[  961.433482][ T2151] airspy 7-1:0.0: Board ID: 00
[  961.441355][T12428] peak_usb 6-1:0.0: PEAK-System PCAN-Chip USB v169 fw v83.176.175 (1 channels)
[  961.451643][ T2151] airspy 7-1:0.0: Firmware version: 
[  961.471660][T12428] peak_usb 6-1:0.0 can0: unable to request usb[type=2 value=5] err=-71
[  961.481043][T12428] peak_usb 6-1:0.0: unable to tell PCAN-Chip USB driver is loaded (err -71)
[  961.692539][   T29] audit: type=1326 audit(1732804392.281:2159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15445 comm="syz.4.2510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[  961.812020][   T29] audit: type=1326 audit(1732804392.281:2160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15445 comm="syz.4.2510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[  962.123108][   T29] audit: type=1326 audit(1732804392.331:2161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15445 comm="syz.4.2510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=97 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[  962.182296][   T29] audit: type=1326 audit(1732804392.331:2162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15445 comm="syz.4.2510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[  962.271217][ T2151] airspy 7-1:0.0: usb_control_msg() failed -71 request 10
[  962.310089][T12428] peak_usb 6-1:0.0: probe with driver peak_usb failed with error -71
[  962.407078][ T2151] airspy 7-1:0.0: Registered as swradio24
[  962.414382][T12428] usb 6-1: USB disconnect, device number 19
[  962.423003][ T2151] airspy 7-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  962.433474][   T29] audit: type=1326 audit(1732804392.331:2163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15445 comm="syz.4.2510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[  962.488073][ T2151] usb 7-1: USB disconnect, device number 3
[  962.535268][   T29] audit: type=1326 audit(1732804392.331:2164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15445 comm="syz.4.2510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[  962.574308][   T29] audit: type=1326 audit(1732804392.331:2165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15445 comm="syz.4.2510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[  962.650524][   T29] audit: type=1326 audit(1732804392.331:2166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15445 comm="syz.4.2510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[  962.675927][   T29] audit: type=1326 audit(1732804392.331:2167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15445 comm="syz.4.2510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[  962.699758][   T29] audit: type=1326 audit(1732804392.331:2168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15445 comm="syz.4.2510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[  962.730504][   T29] audit: type=1326 audit(1732804392.331:2169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15445 comm="syz.4.2510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[  963.674067][T15468] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2513'.
[  963.939447][T12428] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  964.225443][T15472] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2517'.
[  964.238834][T12428] usb 6-1: config 0 has an invalid interface number: 117 but max is 0
[  964.415534][T12428] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  964.428268][T12428] usb 6-1: config 0 has no interface number 0
[  964.452696][T12428] usb 6-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  964.489474][T12428] usb 6-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  964.777307][T12428] usb 6-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  964.802689][T15476] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  964.817653][T15476] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  964.825655][T12428] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  964.928073][T12428] usb 6-1: Product: syz
[  965.104343][T12428] usb 6-1: Manufacturer: syz
[  965.122340][T12428] usb 6-1: SerialNumber: syz
[  965.368553][T12428] usb 6-1: config 0 descriptor??
[  965.376611][T15478] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2518'.
[  965.591586][T12428] usbtouchscreen 6-1:0.117: probe with driver usbtouchscreen failed with error -71
[  965.604052][T12428] usb 6-1: USB disconnect, device number 20
[  967.834824][T15505] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2528'.
[  967.843822][T15505] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  968.608861][T15505] batman_adv: batadv0: Removing interface: batadv_slave_0
[  968.883638][   T29] kauditd_printk_skb: 111 callbacks suppressed
[  968.883659][   T29] audit: type=1400 audit(1732804399.461:2281): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=15519 comm="syz.1.2532" daddr=::1c9a:e7ff:fe9a:6f34
[  968.975486][T12428] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  969.145802][T12428] usb 6-1: config 0 has an invalid interface number: 117 but max is 0
[  969.171424][T12428] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  969.212393][T12428] usb 6-1: config 0 has no interface number 0
[  969.229384][T12428] usb 6-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  969.252200][T12428] usb 6-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  969.317426][T12428] usb 6-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  969.348705][T12428] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  969.364094][T12428] usb 6-1: Product: syz
[  969.378824][T12428] usb 6-1: Manufacturer: syz
[  969.383475][T12428] usb 6-1: SerialNumber: syz
[  969.412354][T12428] usb 6-1: config 0 descriptor??
[  969.471585][T15536] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  969.501010][   T29] audit: type=1326 audit(1732804400.091:2282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15537 comm="syz.2.2539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa780809 code=0x7ffc0000
[  969.505056][T15536] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  969.566148][   T29] audit: type=1326 audit(1732804400.091:2283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15537 comm="syz.2.2539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd1fa780809 code=0x7ffc0000
[  969.613314][   T29] audit: type=1326 audit(1732804400.091:2284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15537 comm="syz.2.2539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa780809 code=0x7ffc0000
[  969.643304][   T29] audit: type=1326 audit(1732804400.091:2285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15537 comm="syz.2.2539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa780809 code=0x7ffc0000
[  969.681708][   T29] audit: type=1326 audit(1732804400.131:2286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15537 comm="syz.2.2539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd1fa780809 code=0x7ffc0000
[  969.711215][   T29] audit: type=1326 audit(1732804400.131:2287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15537 comm="syz.2.2539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa780809 code=0x7ffc0000
[  969.846148][   T29] audit: type=1326 audit(1732804400.131:2288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15537 comm="syz.2.2539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa780809 code=0x7ffc0000
[  969.873698][   T29] audit: type=1326 audit(1732804400.131:2289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15537 comm="syz.2.2539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd1fa77f170 code=0x7ffc0000
[  969.922461][   T29] audit: type=1326 audit(1732804400.141:2290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15537 comm="syz.2.2539" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fd1fa77f170 code=0x7ffc0000
[  970.138219][T15555] random: crng reseeded on system resumption
[  970.285327][T12428] usb 6-1: USB disconnect, device number 21
[  971.443477][T15572] FAULT_INJECTION: forcing a failure.
[  971.443477][T15572] name failslab, interval 1, probability 0, space 0, times 0
[  971.474086][T15572] CPU: 1 UID: 0 PID: 15572 Comm: syz.5.2549 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  971.484553][T15572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  971.494636][T15572] Call Trace:
[  971.497937][T15572]  <TASK>
[  971.500882][T15572]  dump_stack_lvl+0x241/0x360
[  971.505591][T15572]  ? __pfx_dump_stack_lvl+0x10/0x10
[  971.510811][T15572]  ? __pfx__printk+0x10/0x10
[  971.515432][T15572]  ? kmem_cache_alloc_lru_noprof+0x4d/0x390
[  971.521351][T15572]  ? __pfx___might_resched+0x10/0x10
[  971.526671][T15572]  ? register_lock_class+0x102/0x980
[  971.531975][T15572]  should_fail_ex+0x3b0/0x4e0
[  971.536652][T15572]  should_failslab+0xac/0x100
[  971.541337][T15572]  ? __d_alloc+0x31/0x700
[  971.545668][T15572]  kmem_cache_alloc_lru_noprof+0x75/0x390
[  971.551388][T15572]  __d_alloc+0x31/0x700
[  971.555545][T15572]  d_alloc_parallel+0xdf/0x1600
[  971.560396][T15572]  ? __asan_memset+0x23/0x50
[  971.564984][T15572]  ? __asan_memset+0x23/0x50
[  971.569568][T15572]  ? lockdep_init_map_type+0xa1/0x910
[  971.574942][T15572]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  971.580919][T15572]  ? __pfx_d_alloc_parallel+0x10/0x10
[  971.586299][T15572]  ? __init_waitqueue_head+0xae/0x150
[  971.591667][T15572]  __lookup_slow+0x117/0x3f0
[  971.596264][T15572]  ? __pfx___lookup_slow+0x10/0x10
[  971.601370][T15572]  ? __d_lookup+0x64/0x7b0
[  971.605789][T15572]  ? make_vfsuid+0x52/0xa0
[  971.610204][T15572]  ? link_path_walk+0xc60/0xea0
[  971.615055][T15572]  lookup_slow+0x53/0x70
[  971.619297][T15572]  walk_component+0x2e1/0x410
[  971.624013][T15572]  path_lookupat+0x16f/0x450
[  971.628619][T15572]  filename_lookup+0x2a3/0x670
[  971.633380][T15572]  ? __virt_addr_valid+0x183/0x530
[  971.638494][T15572]  ? __pfx_filename_lookup+0x10/0x10
[  971.643795][T15572]  ? strncpy_from_user+0x152/0x270
[  971.648912][T15572]  ? getname_flags+0x1e3/0x540
[  971.653674][T15572]  user_path_at+0x3a/0x60
[  971.658000][T15572]  do_utimes+0x112/0x270
[  971.662240][T15572]  ? __pfx_do_utimes+0x10/0x10
[  971.667001][T15572]  ? __might_fault+0xc6/0x120
[  971.671785][T15572]  __x64_sys_futimesat+0x164/0x320
[  971.676916][T15572]  ? __pfx___x64_sys_futimesat+0x10/0x10
[  971.682565][T15572]  ? do_syscall_64+0x100/0x230
[  971.687338][T15572]  ? do_syscall_64+0xb6/0x230
[  971.692014][T15572]  do_syscall_64+0xf3/0x230
[  971.696542][T15572]  ? clear_bhb_loop+0x35/0x90
[  971.701220][T15572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  971.707109][T15572] RIP: 0033:0x7fbcfd980809
[  971.711518][T15572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  971.731124][T15572] RSP: 002b:00007fbcfe867058 EFLAGS: 00000246 ORIG_RAX: 0000000000000105
[  971.739571][T15572] RAX: ffffffffffffffda RBX: 00007fbcfdb45fa0 RCX: 00007fbcfd980809
[  971.747553][T15572] RDX: 0000000020000080 RSI: 0000000020000000 RDI: 0000000000000003
[  971.755525][T15572] RBP: 00007fbcfe8670a0 R08: 0000000000000000 R09: 0000000000000000
[  971.763490][T15572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  971.771457][T15572] R13: 0000000000000000 R14: 00007fbcfdb45fa0 R15: 00007ffcd8342b28
[  971.779436][T15572]  </TASK>
[  972.229544][T15595] fuse: Unknown parameter 'P��ڶ��yLL"�x�X��ܾ[�Gwc�"I�lB�NXW�Y0��7���]���C
(2J�Ap������u3}�
[  972.229544][T15595] �Ů�1�Y-��gԐL�S/G��|������Gb0x0000000000000003'
[  972.825858][   T54] Bluetooth: hci4: command 0x041b tx timeout
[  978.594857][   T29] kauditd_printk_skb: 113 callbacks suppressed
[  978.594879][   T29] audit: type=1400 audit(1732804408.141:2404): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=15640 comm="syz.5.2574"
[  980.124169][   T29] audit: type=1400 audit(1732804408.141:2405): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=15640 comm="syz.5.2574"
[  980.140719][   T29] audit: type=1400 audit(1732804409.981:2406): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=15646 comm="syz.1.2575"
[  980.322897][T15654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  980.362868][   T29] audit: type=1400 audit(1732804410.201:2407): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=15646 comm="syz.1.2575"
[  980.387280][T15654] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  981.055763][   T29] audit: type=1800 audit(1732804411.641:2408): pid=15658 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.1.2576" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  981.152647][ T5855] Bluetooth: hci4: unexpected event for opcode 0x0c56
[  981.204436][ T5935] IPVS: starting estimator thread 0...
[  981.210939][T15654] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  981.219499][T15654] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  981.282415][T15669] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  981.314234][T15669] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  981.336436][T15673] IPVS: using max 24 ests per chain, 57600 per kthread
[  981.487268][T15684] kvm: user requested TSC rate below hardware speed
[  981.652869][   T29] audit: type=1400 audit(1732804412.241:2409): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=15689 comm="syz.4.2589" dest=2
[  982.695374][T15699] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2591'.
[  982.736255][T15699] Device name cannot be null; rc = [-22]
[  983.274547][T15708] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2592'.
[  983.334355][T15708] Device name cannot be null; rc = [-22]
[  984.089948][T14952] Bluetooth: hci4: command 0x041b tx timeout
[  985.681693][T15737] loop6: detected capacity change from 0 to 1
[  985.688744][T15738] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2605'.
[  985.716186][T15737] Dev loop6: unable to read RDB block 1
[  985.724529][T15741] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2607'.
[  985.834561][T15742] ubi: mtd0 is already attached to ubi0
[  986.169890][T15737]  loop6: unable to read partition table
[  986.196481][T15738] gtp0: entered promiscuous mode
[  986.201577][   T29] audit: type=1326 audit(1732804416.771:2410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15734 comm="syz.4.2604" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6095f80809 code=0x0
[  986.214180][T15737] loop6: partition table beyond EOD, truncated
[  986.244457][T15737] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[  986.244457][T15737] 
) failed (rc=-5)
[  986.253417][T15738] gtp0: entered allmulticast mode
[  986.381429][T15754] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2608'.
[  986.417092][  T972] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  986.773395][T15754] macvtap6: entered promiscuous mode
[  986.842969][T15754] macvtap6: entered allmulticast mode
[  986.868057][  T972] usb 7-1: Using ep0 maxpacket: 32
[  986.900111][T15754] 8021q: adding VLAN 0 to HW filter on device macvtap6
[  986.949709][  T972] usb 7-1: config 0 has an invalid interface number: 167 but max is 0
[  986.960544][  T972] usb 7-1: config 0 has no interface number 0
[  986.976969][  T972] usb 7-1: config 0 interface 167 altsetting 1 bulk endpoint 0xA has invalid maxpacket 1024
[  986.995100][  T972] usb 7-1: config 0 interface 167 altsetting 1 bulk endpoint 0x6 has invalid maxpacket 32
[  987.005643][  T972] usb 7-1: config 0 interface 167 has no altsetting 0
[  987.017798][  T972] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a4, bcdDevice=20.63
[  987.066875][  T972] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  987.085472][T15764] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2610'.
[  987.091004][  T972] usb 7-1: Product: syz
[  987.108701][  T972] usb 7-1: Manufacturer: syz
[  987.124946][  T972] usb 7-1: SerialNumber: syz
[  987.153133][  T972] usb 7-1: config 0 descriptor??
[  987.165906][T15764] macvtap8: entered promiscuous mode
[  987.168589][T15745] raw-gadget.3 gadget.6: fail, usb_ep_enable returned -22
[  987.171379][T15764] macvtap8: entered allmulticast mode
[  987.210126][T15764] 8021q: adding VLAN 0 to HW filter on device macvtap8
[  987.309551][T15745] raw-gadget.3 gadget.6: fail, usb_ep_enable returned -22
[  988.242728][  T972] usbtest 7-1:0.167: couldn't get endpoints, -22
[  988.282313][  T972] usbtest 7-1:0.167: probe with driver usbtest failed with error -22
[  988.308667][T15776] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  988.327326][  T972] usb 7-1: USB disconnect, device number 4
[  988.344397][T15778] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2616'.
[  988.353540][T15778] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2616'.
[  988.561184][T15784] netlink: 'syz.2.2616': attribute type 30 has an invalid length.
[  989.867337][T15784] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode balance-alb(6)
[  989.945022][T15778] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  990.374567][T15778] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  990.430052][T15792] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2619'.
[  990.738761][T15794] ubi: mtd0 is already attached to ubi0
[  991.149450][  T972] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[  991.616050][T15809] netlink: 46 bytes leftover after parsing attributes in process `syz.5.2621'.
[  991.669132][  T972] hid-generic 0000:0000:0000.0022: hidraw2: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  991.681446][T15799] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  991.715925][T15799] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  991.717579][T15811] loop6: detected capacity change from 0 to 1
[  991.731300][T15811] Dev loop6: unable to read RDB block 1
[  991.737416][T15811]  loop6: unable to read partition table
[  991.743403][T15811] loop6: partition table beyond EOD, truncated
[  991.752170][T15811] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[  991.752170][T15811] 
) failed (rc=-5)
[  991.772198][   T29] audit: type=1326 audit(1732804422.361:2411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15810 comm="syz.6.2623" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb67d980809 code=0x0
[  993.574528][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  993.580849][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  994.320343][T15858] FAULT_INJECTION: forcing a failure.
[  994.320343][T15858] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  994.401032][T15858] CPU: 0 UID: 0 PID: 15858 Comm: syz.6.2637 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[  994.411500][T15858] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  994.421565][T15858] Call Trace:
[  994.424851][T15858]  <TASK>
[  994.427792][T15858]  dump_stack_lvl+0x241/0x360
[  994.432488][T15858]  ? __pfx_dump_stack_lvl+0x10/0x10
[  994.437697][T15858]  ? __pfx__printk+0x10/0x10
[  994.442311][T15858]  ? __pfx_lock_release+0x10/0x10
[  994.447358][T15858]  should_fail_ex+0x3b0/0x4e0
[  994.452057][T15858]  _copy_from_user+0x2f/0xc0
[  994.456663][T15858]  ip6gre_tunnel_siocdevprivate+0x1a4/0x1460
[  994.462658][T15858]  ? __pfx___might_resched+0x10/0x10
[  994.467966][T15858]  ? __pfx_ip6gre_tunnel_siocdevprivate+0x10/0x10
[  994.474406][T15858]  ? trace_contention_end+0x3c/0x120
[  994.479713][T15858]  ? full_name_hash+0x93/0xe0
[  994.484409][T15858]  dev_ifsioc+0xaec/0xe70
[  994.488755][T15858]  ? __pfx_dev_ifsioc+0x10/0x10
[  994.493620][T15858]  ? dev_load+0x21/0x1f0
[  994.497877][T15858]  dev_ioctl+0x881/0x1340
[  994.502222][T15858]  sock_ioctl+0x7ef/0x8e0
[  994.506575][T15858]  ? __pfx_sock_ioctl+0x10/0x10
[  994.511462][T15858]  ? __pfx_sock_ioctl+0x10/0x10
[  994.516350][T15858]  __se_sys_ioctl+0xf5/0x170
[  994.520971][T15858]  do_syscall_64+0xf3/0x230
[  994.525496][T15858]  ? clear_bhb_loop+0x35/0x90
[  994.530192][T15858]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  994.536108][T15858] RIP: 0033:0x7fb67d980809
[  994.540539][T15858] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  994.560163][T15858] RSP: 002b:00007fb67e757058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  994.568603][T15858] RAX: ffffffffffffffda RBX: 00007fb67db45fa0 RCX: 00007fb67d980809
[  994.576587][T15858] RDX: 00000000200000c0 RSI: 00000000000089f1 RDI: 0000000000000003
[  994.584573][T15858] RBP: 00007fb67e7570a0 R08: 0000000000000000 R09: 0000000000000000
[  994.592556][T15858] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  994.600548][T15858] R13: 0000000000000000 R14: 00007fb67db45fa0 R15: 00007ffc39f328a8
[  994.608552][T15858]  </TASK>
[  996.488343][T14952] Bluetooth: hci4: command 0x041b tx timeout
[  996.943110][T15882] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  996.953354][T15882] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  997.422493][T15895] loop6: detected capacity change from 0 to 1
[  997.447273][T15895] Dev loop6: unable to read RDB block 1
[  997.453182][T15895]  loop6: unable to read partition table
[  997.462700][T15895] loop6: partition table beyond EOD, truncated
[  997.469470][T15895] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[  997.469470][T15895] 
) failed (rc=-5)
[  997.476491][   T29] audit: type=1326 audit(1732804428.071:2412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15894 comm="syz.6.2646" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb67d980809 code=0x0
[  998.847328][T15909] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2651'.
[  999.179375][T15909] Device name cannot be null; rc = [-22]
[ 1001.080953][T15917] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2653'.
[ 1002.076275][T15917] Device name cannot be null; rc = [-22]
[ 1004.174461][T15957] can0: slcan on ptm0.
[ 1004.202704][T15963] loop6: detected capacity change from 0 to 1
[ 1004.223132][T15963] Dev loop6: unable to read RDB block 1
[ 1004.332107][T15963]  loop6: unable to read partition table
[ 1004.338795][   T29] audit: type=1326 audit(1732804434.891:2413): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15962 comm="syz.2.2663" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa780809 code=0x0
[ 1004.344383][T15963] loop6: partition table beyond EOD, truncated
[ 1005.083773][T15963] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[ 1005.083773][T15963] 
) failed (rc=-5)
[ 1005.218846][T15969] FAULT_INJECTION: forcing a failure.
[ 1005.218846][T15969] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1005.232226][T15969] CPU: 1 UID: 0 PID: 15969 Comm: syz.6.2664 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[ 1005.242652][T15969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1005.252718][T15969] Call Trace:
[ 1005.256017][T15969]  <TASK>
[ 1005.258964][T15969]  dump_stack_lvl+0x241/0x360
[ 1005.263672][T15969]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1005.268894][T15969]  ? __pfx__printk+0x10/0x10
[ 1005.273521][T15969]  ? __pfx_lock_release+0x10/0x10
[ 1005.278578][T15969]  should_fail_ex+0x3b0/0x4e0
[ 1005.283279][T15969]  _copy_from_iter+0x21f/0x1e70
[ 1005.288152][T15969]  ? __virt_addr_valid+0x183/0x530
[ 1005.293284][T15969]  ? __pfx_lock_release+0x10/0x10
[ 1005.298321][T15969]  ? __alloc_skb+0x28f/0x440
[ 1005.302926][T15969]  ? __pfx__copy_from_iter+0x10/0x10
[ 1005.308227][T15969]  ? __virt_addr_valid+0x183/0x530
[ 1005.313329][T15969]  ? __virt_addr_valid+0x183/0x530
[ 1005.318441][T15969]  ? __virt_addr_valid+0x45f/0x530
[ 1005.323579][T15969]  ? __check_object_size+0x48e/0x900
[ 1005.328878][T15969]  netlink_sendmsg+0x73d/0xcb0
[ 1005.333649][T15969]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1005.338940][T15969]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1005.344221][T15969]  __sock_sendmsg+0x221/0x270
[ 1005.348897][T15969]  ____sys_sendmsg+0x52a/0x7e0
[ 1005.353659][T15969]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1005.358944][T15969]  ? __fget_files+0x2a/0x410
[ 1005.363531][T15969]  ? __fget_files+0x2a/0x410
[ 1005.368131][T15969]  __sys_sendmsg+0x269/0x350
[ 1005.372734][T15969]  ? __pfx_lock_release+0x10/0x10
[ 1005.377759][T15969]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1005.382876][T15969]  ? __pfx_vfs_write+0x10/0x10
[ 1005.387654][T15969]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1005.393977][T15969]  ? do_syscall_64+0x100/0x230
[ 1005.398734][T15969]  ? do_syscall_64+0xb6/0x230
[ 1005.403404][T15969]  do_syscall_64+0xf3/0x230
[ 1005.407901][T15969]  ? clear_bhb_loop+0x35/0x90
[ 1005.412574][T15969]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1005.418462][T15969] RIP: 0033:0x7fb67d980809
[ 1005.422871][T15969] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1005.442474][T15969] RSP: 002b:00007fb67e757058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1005.450882][T15969] RAX: ffffffffffffffda RBX: 00007fb67db45fa0 RCX: 00007fb67d980809
[ 1005.458846][T15969] RDX: 0000000000000000 RSI: 0000000020000400 RDI: 0000000000000005
[ 1005.466816][T15969] RBP: 00007fb67e7570a0 R08: 0000000000000000 R09: 0000000000000000
[ 1005.474789][T15969] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1005.482751][T15969] R13: 0000000000000000 R14: 00007fb67db45fa0 R15: 00007ffc39f328a8
[ 1005.490725][T15969]  </TASK>
[ 1005.614697][T15954] can0 (unregistered): slcan off ptm0.
[ 1007.526285][T15994] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1007.536066][T15994] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1007.541920][T15996] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1007.586044][T15996] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1007.597083][T15995] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1007.715131][T15996] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1007.730391][T15995] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1007.803416][T15996] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1008.394291][T14952] Bluetooth: hci4: command 0x041b tx timeout
[ 1008.861431][T16010] FAULT_INJECTION: forcing a failure.
[ 1008.861431][T16010] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1008.875353][T16010] CPU: 1 UID: 0 PID: 16010 Comm: syz.4.2675 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[ 1008.885794][T16010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1008.895847][T16010] Call Trace:
[ 1008.899120][T16010]  <TASK>
[ 1008.902053][T16010]  dump_stack_lvl+0x241/0x360
[ 1008.906729][T16010]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1008.911921][T16010]  ? __pfx__printk+0x10/0x10
[ 1008.916512][T16010]  ? snprintf+0xda/0x120
[ 1008.920750][T16010]  should_fail_ex+0x3b0/0x4e0
[ 1008.925421][T16010]  _copy_to_user+0x31/0xb0
[ 1008.929834][T16010]  simple_read_from_buffer+0xca/0x150
[ 1008.935201][T16010]  proc_fail_nth_read+0x1e9/0x250
[ 1008.940221][T16010]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1008.945761][T16010]  ? rw_verify_area+0x55e/0x6f0
[ 1008.950607][T16010]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1008.956157][T16010]  vfs_read+0x1fc/0xb70
[ 1008.960320][T16010]  ? __pfx___mutex_lock+0x10/0x10
[ 1008.965340][T16010]  ? __pfx_vfs_read+0x10/0x10
[ 1008.970022][T16010]  ? __fget_files+0x2a/0x410
[ 1008.974607][T16010]  ? __fget_files+0x395/0x410
[ 1008.979277][T16010]  ? __fget_files+0x2a/0x410
[ 1008.983869][T16010]  ksys_read+0x18f/0x2b0
[ 1008.988117][T16010]  ? __pfx_ksys_read+0x10/0x10
[ 1008.992882][T16010]  ? do_syscall_64+0x100/0x230
[ 1008.997639][T16010]  ? do_syscall_64+0xb6/0x230
[ 1009.002309][T16010]  do_syscall_64+0xf3/0x230
[ 1009.006804][T16010]  ? clear_bhb_loop+0x35/0x90
[ 1009.011479][T16010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1009.017365][T16010] RIP: 0033:0x7f6095f7f21c
[ 1009.021771][T16010] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[ 1009.041368][T16010] RSP: 002b:00007f6096ce1050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1009.049778][T16010] RAX: ffffffffffffffda RBX: 00007f6096145fa0 RCX: 00007f6095f7f21c
[ 1009.057748][T16010] RDX: 000000000000000f RSI: 00007f6096ce10b0 RDI: 0000000000000006
[ 1009.065716][T16010] RBP: 00007f6096ce10a0 R08: 0000000000000000 R09: 0000000000000000
[ 1009.073677][T16010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1009.081642][T16010] R13: 0000000000000000 R14: 00007f6096145fa0 R15: 00007fff3fa13c98
[ 1009.089623][T16010]  </TASK>
[ 1009.131174][T16014] loop6: detected capacity change from 0 to 1
[ 1009.150220][T16014] Dev loop6: unable to read RDB block 1
[ 1009.169512][T16014]  loop6: unable to read partition table
[ 1009.299453][T16014] loop6: partition table beyond EOD, truncated
[ 1009.328184][T16014] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[ 1009.328184][T16014] 
) failed (rc=-5)
[ 1009.364159][   T29] audit: type=1326 audit(1732804439.921:2414): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16012 comm="syz.1.2677" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1315980809 code=0x0
[ 1009.394693][T16023] usb usb8: usbfs: process 16023 (syz.5.2680) did not claim interface 0 before use
[ 1009.556130][T16029] smc: net device bond0 erased user defined pnetid S
[ 1010.044934][T16029] ceph: No mds server is up or the cluster is laggy
[ 1010.115090][ T5902] libceph: connect (1)[c::]:6789 error -101
[ 1010.122113][ T5902] libceph: mon0 (1)[c::]:6789 connect error
[ 1012.271881][T16065] netlink: 'syz.4.2689': attribute type 4 has an invalid length.
[ 1013.711432][T15189] hid-generic 0000:0000:0000.0023: unknown main item tag 0x0
[ 1013.793586][T15189] hid-generic 0000:0000:0000.0023: hidraw3: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1013.822479][T16071] usb usb9: usbfs: process 16071 (syz.1.2690) did not claim interface 1 before use
[ 1013.822527][T16071] FAULT_INJECTION: forcing a failure.
[ 1013.822527][T16071] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1013.822552][T16071] CPU: 1 UID: 0 PID: 16071 Comm: syz.1.2690 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[ 1013.822575][T16071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1013.822588][T16071] Call Trace:
[ 1013.822597][T16071]  <TASK>
[ 1013.822607][T16071]  dump_stack_lvl+0x241/0x360
[ 1013.822636][T16071]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1013.822657][T16071]  ? __pfx__printk+0x10/0x10
[ 1013.822690][T16071]  ? snprintf+0xda/0x120
[ 1013.822713][T16071]  should_fail_ex+0x3b0/0x4e0
[ 1013.822737][T16071]  _copy_to_user+0x31/0xb0
[ 1013.822764][T16071]  simple_read_from_buffer+0xca/0x150
[ 1013.822790][T16071]  proc_fail_nth_read+0x1e9/0x250
[ 1013.822814][T16071]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1013.822839][T16071]  ? rw_verify_area+0x55e/0x6f0
[ 1013.822864][T16071]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1013.822887][T16071]  vfs_read+0x1fc/0xb70
[ 1013.822921][T16071]  ? __pfx___mutex_lock+0x10/0x10
[ 1013.822944][T16071]  ? __pfx_vfs_read+0x10/0x10
[ 1013.822972][T16071]  ? __fget_files+0x2a/0x410
[ 1013.822996][T16071]  ? __fget_files+0x395/0x410
[ 1013.823017][T16071]  ? __fget_files+0x2a/0x410
[ 1013.823049][T16071]  ksys_read+0x18f/0x2b0
[ 1013.823076][T16071]  ? __pfx_ksys_read+0x10/0x10
[ 1013.823102][T16071]  ? do_syscall_64+0x100/0x230
[ 1013.823124][T16071]  ? do_syscall_64+0xb6/0x230
[ 1013.823147][T16071]  do_syscall_64+0xf3/0x230
[ 1013.823166][T16071]  ? clear_bhb_loop+0x35/0x90
[ 1013.823191][T16071]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1013.823212][T16071] RIP: 0033:0x7f131597f21c
[ 1013.823231][T16071] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[ 1013.823248][T16071] RSP: 002b:00007f1316747050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1013.823271][T16071] RAX: ffffffffffffffda RBX: 00007f1315b45fa0 RCX: 00007f131597f21c
[ 1013.823287][T16071] RDX: 000000000000000f RSI: 00007f13167470b0 RDI: 0000000000000004
[ 1013.823301][T16071] RBP: 00007f13167470a0 R08: 0000000000000000 R09: 0000000000000000
[ 1013.823315][T16071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1013.823329][T16071] R13: 0000000000000000 R14: 00007f1315b45fa0 R15: 00007ffcdaabe928
[ 1013.823360][T16071]  </TASK>
[ 1014.124113][T15189] usb 6-1: new full-speed USB device number 22 using dummy_hcd
[ 1014.327361][T16080] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1014.328029][T16080] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1014.936556][T16084] loop6: detected capacity change from 0 to 1
[ 1014.937844][T16084] Dev loop6: unable to read RDB block 1
[ 1014.937891][T16084]  loop6: unable to read partition table
[ 1014.938046][T16084] loop6: partition table beyond EOD, truncated
[ 1014.938066][T16084] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[ 1014.938066][T16084] 
) failed (rc=-5)
[ 1014.940609][   T29] audit: type=1326 audit(1732804445.531:2415): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16083 comm="syz.6.2693" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb67d980809 code=0x0
[ 1016.184129][T16094] netlink: 60 bytes leftover after parsing attributes in process `syz.6.2695'.
[ 1016.241515][T16094] netlink: 35 bytes leftover after parsing attributes in process `syz.6.2695'.
[ 1016.281311][T15189] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1016.294067][T15189] usb 6-1: no configurations
[ 1016.301922][T15189] usb 6-1: can't read configurations, error -22
[ 1016.372689][T16099] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2697'.
[ 1016.403651][T16099] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2697'.
[ 1016.434249][T16099] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2697'.
[ 1016.469907][T16099] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2697'.
[ 1016.626452][T16094] netlink: 'syz.6.2695': attribute type 11 has an invalid length.
[ 1016.790071][T16109] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1016.799093][T16109] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1016.810445][   T29] audit: type=1400 audit(1732804447.401:2416): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=16108 comm="syz.2.2701" daddr=::ffff:172.20.20.187
[ 1017.894463][T16115] FAULT_INJECTION: forcing a failure.
[ 1017.894463][T16115] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1017.936012][T16115] CPU: 1 UID: 0 PID: 16115 Comm: syz.1.2703 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[ 1017.946490][T16115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1017.956576][T16115] Call Trace:
[ 1017.959853][T16115]  <TASK>
[ 1017.962781][T16115]  dump_stack_lvl+0x241/0x360
[ 1017.967470][T16115]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1017.972687][T16115]  ? __pfx__printk+0x10/0x10
[ 1017.977283][T16115]  ? __pfx_lock_release+0x10/0x10
[ 1017.982307][T16115]  should_fail_ex+0x3b0/0x4e0
[ 1017.986981][T16115]  _copy_from_iter+0x21f/0x1e70
[ 1017.991828][T16115]  ? __virt_addr_valid+0x183/0x530
[ 1017.996943][T16115]  ? __pfx_lock_release+0x10/0x10
[ 1018.001971][T16115]  ? __alloc_skb+0x28f/0x440
[ 1018.006558][T16115]  ? __pfx__copy_from_iter+0x10/0x10
[ 1018.011842][T16115]  ? __virt_addr_valid+0x183/0x530
[ 1018.016947][T16115]  ? __virt_addr_valid+0x183/0x530
[ 1018.022052][T16115]  ? __virt_addr_valid+0x45f/0x530
[ 1018.027159][T16115]  ? __check_object_size+0x48e/0x900
[ 1018.032448][T16115]  netlink_sendmsg+0x73d/0xcb0
[ 1018.037217][T16115]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1018.042509][T16115]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1018.047787][T16115]  __sock_sendmsg+0x221/0x270
[ 1018.052479][T16115]  ____sys_sendmsg+0x52a/0x7e0
[ 1018.057251][T16115]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1018.062533][T16115]  ? __fget_files+0x2a/0x410
[ 1018.067128][T16115]  ? __fget_files+0x2a/0x410
[ 1018.071724][T16115]  __sys_sendmsg+0x269/0x350
[ 1018.076313][T16115]  ? __pfx_lock_release+0x10/0x10
[ 1018.081335][T16115]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1018.086457][T16115]  ? __pfx_vfs_write+0x10/0x10
[ 1018.091235][T16115]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1018.097557][T16115]  ? do_syscall_64+0x100/0x230
[ 1018.102316][T16115]  ? do_syscall_64+0xb6/0x230
[ 1018.106988][T16115]  do_syscall_64+0xf3/0x230
[ 1018.111487][T16115]  ? clear_bhb_loop+0x35/0x90
[ 1018.116163][T16115]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1018.122051][T16115] RIP: 0033:0x7f1315980809
[ 1018.126463][T16115] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1018.146060][T16115] RSP: 002b:00007f1316747058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1018.154473][T16115] RAX: ffffffffffffffda RBX: 00007f1315b45fa0 RCX: 00007f1315980809
[ 1018.162441][T16115] RDX: 0000000000000000 RSI: 0000000020000740 RDI: 0000000000000007
[ 1018.170416][T16115] RBP: 00007f13167470a0 R08: 0000000000000000 R09: 0000000000000000
[ 1018.178394][T16115] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1018.186370][T16115] R13: 0000000000000000 R14: 00007f1315b45fa0 R15: 00007ffcdaabe928
[ 1018.194347][T16115]  </TASK>
[ 1018.287948][T16120] loop6: detected capacity change from 0 to 1
[ 1018.302551][T16120] Dev loop6: unable to read RDB block 1
[ 1018.318800][T16120]  loop6: unable to read partition table
[ 1018.330656][T16120] loop6: partition table beyond EOD, truncated
[ 1018.339828][T16120] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[ 1018.339828][T16120] 
) failed (rc=-5)
[ 1018.573587][   T29] audit: type=1326 audit(1732804449.161:2417): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16118 comm="syz.2.2705" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa780809 code=0x0
[ 1019.627486][T16121] netlink: 'syz.5.2704': attribute type 30 has an invalid length.
[ 1019.635973][T16121] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode balance-alb(6)
[ 1019.698057][T16133] fuse: Unknown parameter '1844674407370955161500000000000000000000'
[ 1021.081746][T16143] FAULT_INJECTION: forcing a failure.
[ 1021.081746][T16143] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1021.096213][T16143] CPU: 0 UID: 0 PID: 16143 Comm: syz.2.2710 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[ 1021.106661][T16143] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1021.116734][T16143] Call Trace:
[ 1021.120027][T16143]  <TASK>
[ 1021.122970][T16143]  dump_stack_lvl+0x241/0x360
[ 1021.127671][T16143]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1021.132889][T16143]  ? __pfx__printk+0x10/0x10
[ 1021.137521][T16143]  ? __pfx_lock_release+0x10/0x10
[ 1021.142576][T16143]  should_fail_ex+0x3b0/0x4e0
[ 1021.147278][T16143]  _copy_from_user+0x2f/0xc0
[ 1021.151899][T16143]  __sys_bpf+0x1a4/0x810
[ 1021.156171][T16143]  ? __pfx___sys_bpf+0x10/0x10
[ 1021.160965][T16143]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1021.166969][T16143]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1021.173319][T16143]  ? do_syscall_64+0x100/0x230
[ 1021.178106][T16143]  __x64_sys_bpf+0x7c/0x90
[ 1021.182549][T16143]  do_syscall_64+0xf3/0x230
[ 1021.187066][T16143]  ? clear_bhb_loop+0x35/0x90
[ 1021.191762][T16143]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1021.197672][T16143] RIP: 0033:0x7fd1fa780809
[ 1021.202111][T16143] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1021.221739][T16143] RSP: 002b:00007fd1fb5e3058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1021.230178][T16143] RAX: ffffffffffffffda RBX: 00007fd1fa945fa0 RCX: 00007fd1fa780809
[ 1021.238171][T16143] RDX: 0000000000000028 RSI: 0000000020000280 RDI: 0000000000000012
[ 1021.246162][T16143] RBP: 00007fd1fb5e30a0 R08: 0000000000000000 R09: 0000000000000000
[ 1021.254154][T16143] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1021.262137][T16143] R13: 0000000000000001 R14: 00007fd1fa945fa0 R15: 00007ffcdc86ac58
[ 1021.270153][T16143]  </TASK>
[ 1021.685850][T16148] netlink: 'syz.1.2712': attribute type 4 has an invalid length.
[ 1022.244028][T15189] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[ 1023.244447][T16154] usb usb9: usbfs: process 16154 (syz.1.2714) did not claim interface 0 before use
[ 1024.324454][T16174] loop6: detected capacity change from 0 to 1
[ 1024.341555][T16174] Dev loop6: unable to read RDB block 1
[ 1024.348075][T16174]  loop6: unable to read partition table
[ 1024.354369][T16174] loop6: partition table beyond EOD, truncated
[ 1024.360658][T16174] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[ 1024.360658][T16174] 
) failed (rc=-5)
[ 1024.381635][   T29] audit: type=1326 audit(1732804454.971:2418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16173 comm="syz.4.2720" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6095f80809 code=0x0
[ 1024.450481][T16177] can0: slcan on pts0.
[ 1024.659820][T15947] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[ 1024.685435][T15947] hid-generic 0000:0000:0000.0024: hidraw3: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1024.754880][T16175] can0 (unregistered): slcan off pts0.
[ 1025.106951][T16196] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2726'.
[ 1025.742582][T15189] usb 6-1: new full-speed USB device number 25 using dummy_hcd
[ 1026.483050][T16208] FAULT_INJECTION: forcing a failure.
[ 1026.483050][T16208] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1026.515069][T16208] CPU: 0 UID: 0 PID: 16208 Comm: syz.6.2729 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[ 1026.525523][T16208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1026.535601][T16208] Call Trace:
[ 1026.538887][T16208]  <TASK>
[ 1026.541820][T16208]  dump_stack_lvl+0x241/0x360
[ 1026.546501][T16208]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1026.551699][T16208]  ? __pfx__printk+0x10/0x10
[ 1026.556290][T16208]  ? __pfx_lock_release+0x10/0x10
[ 1026.561317][T16208]  should_fail_ex+0x3b0/0x4e0
[ 1026.565996][T16208]  _copy_to_iter+0x4ae/0x1e70
[ 1026.570670][T16208]  ? __virt_addr_valid+0x183/0x530
[ 1026.575783][T16208]  ? __pfx__copy_to_iter+0x10/0x10
[ 1026.580893][T16208]  ? kasan_save_track+0x51/0x80
[ 1026.585752][T16208]  ? __virt_addr_valid+0x183/0x530
[ 1026.590856][T16208]  ? __virt_addr_valid+0x183/0x530
[ 1026.595959][T16208]  ? __virt_addr_valid+0x45f/0x530
[ 1026.601061][T16208]  ? __phys_addr_symbol+0x2f/0x70
[ 1026.606077][T16208]  ? __check_object_size+0x48e/0x900
[ 1026.611356][T16208]  __skb_datagram_iter+0x107/0x900
[ 1026.616465][T16208]  ? __pfx_simple_copy_to_iter+0x10/0x10
[ 1026.622097][T16208]  skb_copy_datagram_iter+0xd1/0x250
[ 1026.627379][T16208]  netlink_recvmsg+0x2d0/0x11d0
[ 1026.632229][T16208]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 1026.637504][T16208]  ? rcu_is_watching+0x15/0xb0
[ 1026.642265][T16208]  ? trace_kmalloc+0x1f/0xd0
[ 1026.646847][T16208]  ? __kmalloc_noprof+0x2a5/0x4c0
[ 1026.651886][T16208]  ? iovec_from_user+0x87/0x240
[ 1026.656741][T16208]  ? iovec_from_user+0x1b4/0x240
[ 1026.661683][T16208]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[ 1026.666974][T16208]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 1026.672343][T16208]  sock_recvmsg+0x22f/0x280
[ 1026.676859][T16208]  ____sys_recvmsg+0x1c6/0x480
[ 1026.681635][T16208]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1026.686929][T16208]  do_recvmmsg+0x426/0xab0
[ 1026.691346][T16208]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1026.696297][T16208]  ? __pfx___might_resched+0x10/0x10
[ 1026.701581][T16208]  ? __might_fault+0xaa/0x120
[ 1026.706270][T16208]  ? __pfx_lock_release+0x10/0x10
[ 1026.711306][T16208]  ? vfs_write+0x730/0xd30
[ 1026.715747][T16208]  ? get_timespec64+0x19c/0x280
[ 1026.720622][T16208]  __x64_sys_recvmmsg+0x1b8/0x250
[ 1026.725658][T16208]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1026.731205][T16208]  ? do_syscall_64+0x100/0x230
[ 1026.736406][T16208]  ? do_syscall_64+0xb6/0x230
[ 1026.741080][T16208]  do_syscall_64+0xf3/0x230
[ 1026.745583][T16208]  ? clear_bhb_loop+0x35/0x90
[ 1026.750290][T16208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1026.756177][T16208] RIP: 0033:0x7fb67d980809
[ 1026.760591][T16208] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1026.780222][T16208] RSP: 002b:00007fb67e757058 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1026.788635][T16208] RAX: ffffffffffffffda RBX: 00007fb67db45fa0 RCX: 00007fb67d980809
[ 1026.796602][T16208] RDX: 04000000000003b4 RSI: 00000000200037c0 RDI: 0000000000000003
[ 1026.804564][T16208] RBP: 00007fb67e7570a0 R08: 0000000020003700 R09: 0000000000000000
[ 1026.812529][T16208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1026.820506][T16208] R13: 0000000000000000 R14: 00007fb67db45fa0 R15: 00007ffc39f328a8
[ 1026.828489][T16208]  </TASK>
[ 1028.880219][T15189] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1029.010585][T15189] usb 6-1: no configurations
[ 1029.015600][T15189] usb 6-1: can't read configurations, error -22
[ 1029.023124][T15189] usb usb6-port1: attempt power cycle
[ 1029.152567][T16234] loop6: detected capacity change from 0 to 1
[ 1029.159775][T16234] Dev loop6: unable to read RDB block 1
[ 1029.196605][T16234]  loop6: unable to read partition table
[ 1029.223298][T16234] loop6: partition table beyond EOD, truncated
[ 1029.231718][   T29] audit: type=1326 audit(1732804459.821:2419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16233 comm="syz.5.2738" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbcfd980809 code=0x0
[ 1029.246644][T16240] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1029.261624][T16234] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[ 1029.261624][T16234] 
) failed (rc=-5)
[ 1029.283478][T16240] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1030.194877][T16245] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2740'.
[ 1031.265524][T16252] fuse: Unknown parameter '1844674407370955161500000000000000000000'
[ 1033.200827][T16291] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2751'.
[ 1033.296835][T16291] macvtap10: entered promiscuous mode
[ 1033.302657][T16291] macvtap10: entered allmulticast mode
[ 1033.335331][T16291] 8021q: adding VLAN 0 to HW filter on device macvtap10
[ 1033.546606][T16300] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2754'.
[ 1033.594526][T16300] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2754'.
[ 1033.617713][T16300] netlink: 5 bytes leftover after parsing attributes in process `syz.4.2754'.
[ 1035.347800][T16320] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1035.375560][T16320] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1035.759554][T16325] FAULT_INJECTION: forcing a failure.
[ 1035.759554][T16325] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1035.773207][T16325] CPU: 0 UID: 0 PID: 16325 Comm: syz.1.2760 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[ 1035.783647][T16325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1035.793718][T16325] Call Trace:
[ 1035.797012][T16325]  <TASK>
[ 1035.799975][T16325]  dump_stack_lvl+0x241/0x360
[ 1035.804684][T16325]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1035.809904][T16325]  ? __pfx__printk+0x10/0x10
[ 1035.814523][T16325]  ? __lock_acquire+0x1397/0x2100
[ 1035.819571][T16325]  should_fail_ex+0x3b0/0x4e0
[ 1035.824279][T16325]  prepare_alloc_pages+0x1da/0x5b0
[ 1035.829423][T16325]  __alloc_pages_noprof+0x16f/0x710
[ 1035.834643][T16325]  ? __pfx___alloc_pages_noprof+0x10/0x10
[ 1035.840396][T16325]  ? __pfx_lock_acquire+0x10/0x10
[ 1035.845459][T16325]  alloc_pages_mpol_noprof+0x3e8/0x680
[ 1035.850953][T16325]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[ 1035.856963][T16325]  vma_alloc_folio_noprof+0x12e/0x230
[ 1035.862360][T16325]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1035.868276][T16325]  folio_prealloc+0x2e/0x170
[ 1035.872887][T16325]  handle_pte_fault+0x2518/0x68a0
[ 1035.877946][T16325]  ? __pfx_validate_chain+0x10/0x10
[ 1035.883179][T16325]  ? mark_lock+0x9a/0x360
[ 1035.887543][T16325]  ? __pfx_handle_pte_fault+0x10/0x10
[ 1035.892935][T16325]  ? __lock_acquire+0x1397/0x2100
[ 1035.898017][T16325]  ? mt_find+0x2a9/0x920
[ 1035.902293][T16325]  ? __pfx_lock_release+0x10/0x10
[ 1035.907354][T16325]  handle_mm_fault+0x1053/0x1ad0
[ 1035.912342][T16325]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1035.917675][T16325]  ? lock_mm_and_find_vma+0x9c/0x2f0
[ 1035.923074][T16325]  exc_page_fault+0x2b9/0x8c0
[ 1035.927810][T16325]  ? __might_fault+0xaa/0x120
[ 1035.932685][T16325]  asm_exc_page_fault+0x26/0x30
[ 1035.937550][T16325] RIP: 0010:rep_movs_alternative+0x15/0x70
[ 1035.943393][T16325] Code: cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f 8a 06 <88> 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f 1f 84
[ 1035.963029][T16325] RSP: 0018:ffffc9000c8c7c88 EFLAGS: 00050202
[ 1035.969117][T16325] RAX: ffffffff84b87400 RBX: 0000000020bbe000 RCX: 0000000000000004
[ 1035.977206][T16325] RDX: 0000000000000000 RSI: ffffc9000c8c7d80 RDI: 0000000020bbdffc
[ 1035.985212][T16325] RBP: ffffc9000c8c7df0 R08: 0000000000000003 R09: fffff52001918fb0
[ 1035.993226][T16325] R10: dffffc0000000000 R11: fffff52001918fb0 R12: 0000000000000004
[ 1036.001220][T16325] R13: 00007ffffffff000 R14: ffffc9000c8c7d80 R15: 0000000020bbdffc
[ 1036.009227][T16325]  ? _copy_from_user+0xc0/0xc0
[ 1036.014026][T16325]  _copy_to_user+0x8b/0xb0
[ 1036.018474][T16325]  do_timer_create+0xd33/0x1350
[ 1036.023350][T16325]  ? do_timer_create+0x631/0x1350
[ 1036.028401][T16325]  ? __pfx_do_timer_create+0x10/0x10
[ 1036.033713][T16325]  ? __might_fault+0xc6/0x120
[ 1036.038423][T16325]  __x64_sys_timer_create+0x144/0x190
[ 1036.043824][T16325]  ? __pfx___x64_sys_timer_create+0x10/0x10
[ 1036.049737][T16325]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1036.055742][T16325]  ? do_syscall_64+0x100/0x230
[ 1036.060533][T16325]  ? do_syscall_64+0xb6/0x230
[ 1036.065228][T16325]  do_syscall_64+0xf3/0x230
[ 1036.069744][T16325]  ? clear_bhb_loop+0x35/0x90
[ 1036.074443][T16325]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1036.080449][T16325] RIP: 0033:0x7f1315980809
[ 1036.084888][T16325] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1036.104523][T16325] RSP: 002b:00007f1316705058 EFLAGS: 00000246 ORIG_RAX: 00000000000000de
[ 1036.112974][T16325] RAX: ffffffffffffffda RBX: 00007f1315b46160 RCX: 00007f1315980809
[ 1036.120979][T16325] RDX: 0000000020bbdffc RSI: 0000000020533fa0 RDI: 0000000000000000
[ 1036.128977][T16325] RBP: 00007f13167050a0 R08: 0000000000000000 R09: 0000000000000000
[ 1036.136964][T16325] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1036.144949][T16325] R13: 0000000000000000 R14: 00007f1315b46160 R15: 00007ffcdaabe928
[ 1036.152957][T16325]  </TASK>
[ 1036.177065][   T29] audit: type=1400 audit(1732804466.341:2420): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=16292 comm="syz.5.2753"
[ 1036.193152][   T29] audit: type=1400 audit(1732804466.341:2421): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=16292 comm="syz.5.2753"
[ 1036.404058][ T5902] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1036.527998][T16332] netlink: 'syz.2.2762': attribute type 30 has an invalid length.
[ 1036.544533][T16332] (unnamed net_device) (uninitialized): option arp_missed_max: mode dependency failed, not supported in mode balance-alb(6)
[ 1036.598200][T16334] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1036.623851][T16334] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1036.905483][ T5902] usb 7-1: config 1 has an invalid descriptor of length 101, skipping remainder of the config
[ 1036.918322][ T5902] usb 7-1: New USB device found, idVendor=05ac, idProduct=025b, bcdDevice= 0.40
[ 1036.927673][ T5902] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1036.944164][ T5902] usb 7-1: Product: syz
[ 1036.948346][ T5902] usb 7-1: Manufacturer: syz
[ 1036.952933][ T5902] usb 7-1: SerialNumber: syz
[ 1037.459311][ T5902] input: bcm5974 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.0/input/input16
[ 1037.492210][ T5902] usb 7-1: USB disconnect, device number 5
[ 1037.518467][ T5201] bcm5974 7-1:1.0: could not read from device
[ 1038.367111][T16351] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2767'.
[ 1038.392134][T16351] bond_slave_0: entered promiscuous mode
[ 1038.397881][T16351] bond_slave_1: entered promiscuous mode
[ 1038.404014][T16351] macvtap1: entered promiscuous mode
[ 1038.409328][T16351] bond0: entered promiscuous mode
[ 1038.415044][T16351] macvtap1: entered allmulticast mode
[ 1038.421310][T16351] bond0: entered allmulticast mode
[ 1038.426987][T16351] bond_slave_0: entered allmulticast mode
[ 1038.432739][T16351] bond_slave_1: entered allmulticast mode
[ 1038.440561][T16351] 8021q: adding VLAN 0 to HW filter on device macvtap1
[ 1038.541399][T16354] bond0: left allmulticast mode
[ 1038.547474][T16354] bond_slave_0: left allmulticast mode
[ 1038.552980][T16354] bond_slave_1: left allmulticast mode
[ 1038.570095][T16354] bond0: left promiscuous mode
[ 1038.584478][T16354] bond_slave_0: left promiscuous mode
[ 1038.590449][T16354] bond_slave_1: left promiscuous mode
[ 1041.344152][ T5855] Bluetooth: hci4: command 0x041b tx timeout
[ 1041.596412][T16377] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1041.605161][T16377] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1041.686031][T16383] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1041.713059][T16383] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1041.804695][T16387] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 1280
[ 1041.816231][T16387] FAULT_INJECTION: forcing a failure.
[ 1041.816231][T16387] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1041.830625][T16387] CPU: 1 UID: 0 PID: 16387 Comm: syz.4.2778 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[ 1041.841084][T16387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1041.843837][T16389] batman_adv: batadv0: Local translation table size (136) exceeds maximum packet size (-320); Ignoring new local tt entry: aa:aa:aa:aa:aa:2a
[ 1041.851139][T16387] Call Trace:
[ 1041.851152][T16387]  <TASK>
[ 1041.851161][T16387]  dump_stack_lvl+0x241/0x360
[ 1041.851186][T16387]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1041.851205][T16387]  ? __pfx__printk+0x10/0x10
[ 1041.851232][T16387]  ? __pfx_lock_release+0x10/0x10
[ 1041.873850][T16389] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2777'.
[ 1041.876411][T16387]  should_fail_ex+0x3b0/0x4e0
[ 1041.876442][T16387]  _copy_from_user+0x2f/0xc0
[ 1041.876468][T16387]  copy_msghdr_from_user+0xae/0x680
[ 1041.876498][T16387]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[ 1041.890407][T16389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1041.891351][T16387]  ? __fget_files+0x2a/0x410
[ 1041.900473][T16389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1041.904846][T16387]  ? __fget_files+0x2a/0x410
[ 1041.904882][T16387]  __sys_sendmsg+0x209/0x350
[ 1041.904903][T16387]  ? __pfx_lock_release+0x10/0x10
[ 1041.904925][T16387]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1041.904957][T16387]  ? __pfx_vfs_write+0x10/0x10
[ 1041.905006][T16387]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1041.905027][T16387]  ? do_syscall_64+0x100/0x230
[ 1041.905051][T16387]  ? do_syscall_64+0xb6/0x230
[ 1041.905072][T16387]  do_syscall_64+0xf3/0x230
[ 1041.905092][T16387]  ? clear_bhb_loop+0x35/0x90
[ 1041.905116][T16387]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1041.905137][T16387] RIP: 0033:0x7f6095f80809
[ 1041.905156][T16387] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1041.905174][T16387] RSP: 002b:00007f6096ce1058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1041.905197][T16387] RAX: ffffffffffffffda RBX: 00007f6096145fa0 RCX: 00007f6095f80809
[ 1041.905212][T16387] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000005
[ 1041.905227][T16387] RBP: 00007f6096ce10a0 R08: 0000000000000000 R09: 0000000000000000
[ 1041.905240][T16387] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1041.905252][T16387] R13: 0000000000000000 R14: 00007f6096145fa0 R15: 00007fff3fa13c98
[ 1041.905280][T16387]  </TASK>
[ 1041.974064][ T2151] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 1041.978959][T16389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1042.104210][T16389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1042.114124][T16389] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1042.124892][T16389] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1042.157018][ T2151] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1042.174093][ T2151] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1042.195436][ T2151] usb 7-1: Product: syz
[ 1042.204691][ T2151] usb 7-1: Manufacturer: syz
[ 1042.211800][ T2151] usb 7-1: SerialNumber: syz
[ 1042.238170][ T2151] usb 7-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1042.339591][   T46] usb 7-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1042.441869][T16399] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1042.442041][T16399] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1043.228822][T16406] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2782'.
[ 1043.424076][   T46] ath9k_htc 7-1:1.0: ath9k_htc: Target is unresponsive
[ 1043.431411][   T46] ath9k_htc: Failed to initialize the device
[ 1043.461227][T16406] macvtap8: entered promiscuous mode
[ 1043.467145][T16406] macvtap8: entered allmulticast mode
[ 1043.507984][T16406] 8021q: adding VLAN 0 to HW filter on device macvtap8
[ 1043.521490][   T46] usb 7-1: ath9k_htc: USB layer deinitialized
[ 1045.061732][T16431] blktrace: Concurrent blktraces are not allowed on sg0
[ 1047.372128][T16448] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1047.381447][T16448] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1047.395467][   T29] audit: type=1400 audit(1732804477.991:2422): lsm=SMACK fn=smk_ipv6_check action=denied subject="_" object="]-{" requested=w pid=16439 comm="syz.1.2789" daddr=::ffff:172.20.20.187
[ 1047.456691][ T5902] usb 7-1: USB disconnect, device number 6
[ 1047.575881][T16453] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1047.589825][T16453] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1047.617338][T16453] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1047.629459][T16453] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1047.695428][T16457] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2794'.
[ 1047.709184][T16459] syz.2.2792 uses old SIOCAX25GETINFO
[ 1047.722762][T16459] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1047.732865][T16457] bond_slave_0: entered promiscuous mode
[ 1047.738617][T16457] bond_slave_1: entered promiscuous mode
[ 1047.744697][T16459] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1047.757130][T16457] macvtap2: entered promiscuous mode
[ 1047.774001][T16457] bond0: entered promiscuous mode
[ 1047.780285][T16457] macvtap2: entered allmulticast mode
[ 1047.790978][T16457] bond0: entered allmulticast mode
[ 1047.798842][T16457] bond_slave_0: entered allmulticast mode
[ 1047.809852][T16457] bond_slave_1: entered allmulticast mode
[ 1047.818535][T16457] 8021q: adding VLAN 0 to HW filter on device macvtap2
[ 1047.837595][T16460] macvlan2: entered promiscuous mode
[ 1047.844045][T16460] team_slave_0: entered promiscuous mode
[ 1047.850278][T16460] team_slave_1: entered promiscuous mode
[ 1047.857549][T16460] netdevsim netdevsim5 netdevsim0: entered promiscuous mode
[ 1047.866650][T16460] team0: entered promiscuous mode
[ 1047.872415][T16460] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1047.880635][T16460] macvlan2: entered allmulticast mode
[ 1047.886236][T16460] team0: entered allmulticast mode
[ 1047.891373][T16460] team_slave_0: entered allmulticast mode
[ 1047.897260][T16460] team_slave_1: entered allmulticast mode
[ 1047.903003][T16460] netdevsim netdevsim5 netdevsim0: entered allmulticast mode
[ 1047.920652][T16460] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[ 1047.931620][T16455] bond0: left allmulticast mode
[ 1047.936766][T16455] bond_slave_0: left allmulticast mode
[ 1047.942318][T16455] bond_slave_1: left allmulticast mode
[ 1047.949611][T16455] bond0: left promiscuous mode
[ 1047.956278][T16455] bond_slave_0: left promiscuous mode
[ 1047.961737][T16455] bond_slave_1: left promiscuous mode
[ 1049.612643][T16479] blktrace: Concurrent blktraces are not allowed on sg0
[ 1050.398858][   T29] audit: type=1326 audit(1732804480.991:2423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16483 comm="syz.1.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1315980809 code=0x7ffc0000
[ 1050.422312][   T29] audit: type=1326 audit(1732804480.991:2424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16483 comm="syz.1.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1315980809 code=0x7ffc0000
[ 1050.450862][   T29] audit: type=1326 audit(1732804480.991:2425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16483 comm="syz.1.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1315980809 code=0x7ffc0000
[ 1050.498021][   T29] audit: type=1326 audit(1732804480.991:2426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16483 comm="syz.1.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1315980809 code=0x7ffc0000
[ 1050.504657][T16485] macvlan3: entered promiscuous mode
[ 1050.556452][   T29] audit: type=1326 audit(1732804480.991:2427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16483 comm="syz.1.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1315980809 code=0x7ffc0000
[ 1050.590396][   T29] audit: type=1326 audit(1732804480.991:2428): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16483 comm="syz.1.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1315980809 code=0x7ffc0000
[ 1050.623230][T16490] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1050.648711][T16490] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1050.657065][   T29] audit: type=1326 audit(1732804480.991:2429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16483 comm="syz.1.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1315980809 code=0x7ffc0000
[ 1050.790854][   T29] audit: type=1326 audit(1732804480.991:2430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16483 comm="syz.1.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1315980809 code=0x7ffc0000
[ 1051.190270][   T29] audit: type=1326 audit(1732804480.991:2431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16483 comm="syz.1.2803" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f131597f170 code=0x7ffc0000
[ 1051.641595][T16503] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1051.681468][T16503] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1053.250582][T16520] blktrace: Concurrent blktraces are not allowed on sg0
[ 1054.899146][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.905482][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[ 1055.349256][T16523] fuse: Unknown parameter '1844674407370955161500000000000000000000'
[ 1055.802160][T16536] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2817'.
[ 1059.195514][T16569] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2828'.
[ 1059.280836][T16571] blktrace: Concurrent blktraces are not allowed on sg0
[ 1060.526768][T16572] ubi: mtd0 is already attached to ubi0
[ 1060.705313][ T5855] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1060.751978][ T5855] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1060.783151][ T5855] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1060.817276][ T5855] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1060.836800][ T5855] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 1060.871293][ T5855] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1062.183094][T16596] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1062.227527][T16596] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1062.272682][T16573] chnl_net:caif_netlink_parms(): no params data found
[ 1062.444227][ T5902] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 1062.604147][ T5902] usb 7-1: Using ep0 maxpacket: 32
[ 1062.611149][ T5902] usb 7-1: too many configurations: 227, using maximum allowed: 8
[ 1062.618595][ T5902] usb 7-1: unable to read config index 0 descriptor/start: -61
[ 1062.618812][ T5902] usb 7-1: can't read configurations, error -61
[ 1062.747041][ T5902] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[ 1062.904887][ T5902] usb 7-1: Using ep0 maxpacket: 32
[ 1062.907386][ T5902] usb 7-1: too many configurations: 227, using maximum allowed: 8
[ 1062.928195][ T5902] usb 7-1: unable to read config index 0 descriptor/start: -61
[ 1062.928454][ T5902] usb 7-1: can't read configurations, error -61
[ 1062.929295][ T5902] usb usb7-port1: attempt power cycle
[ 1063.057363][T14952] Bluetooth: hci5: command tx timeout
[ 1063.185944][T16573] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1063.186077][T16573] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1063.186242][T16573] bridge_slave_0: entered allmulticast mode
[ 1063.187297][T16573] bridge_slave_0: entered promiscuous mode
[ 1063.189343][T16573] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1063.189468][T16573] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1063.189604][T16573] bridge_slave_1: entered allmulticast mode
[ 1063.190597][T16573] bridge_slave_1: entered promiscuous mode
[ 1063.218350][T16573] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1063.223844][T16573] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1063.276448][T16573] team0: Port device team_slave_0 added
[ 1063.325451][ T5902] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[ 1063.352307][ T5902] usb 7-1: Using ep0 maxpacket: 32
[ 1063.382569][T16573] team0: Port device team_slave_1 added
[ 1063.396617][ T5902] usb 7-1: too many configurations: 227, using maximum allowed: 8
[ 1063.456654][ T5902] usb 7-1: unable to read config index 0 descriptor/start: -61
[ 1063.464444][ T5902] usb 7-1: can't read configurations, error -61
[ 1063.497753][T16610] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2836'.
[ 1063.523759][T16573] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1063.564350][T16573] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1063.598728][ T5902] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[ 1063.995045][T16573] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1064.024651][ T5902] usb 7-1: Using ep0 maxpacket: 32
[ 1064.030741][ T5902] usb 7-1: too many configurations: 227, using maximum allowed: 8
[ 1064.040354][T16610] macvtap9: entered promiscuous mode
[ 1064.046227][T16610] macvtap9: entered allmulticast mode
[ 1064.060092][T16610] 8021q: adding VLAN 0 to HW filter on device macvtap9
[ 1064.079255][ T5902] usb 7-1: unable to read config index 0 descriptor/start: -61
[ 1064.091786][ T5902] usb 7-1: can't read configurations, error -61
[ 1064.098784][ T5902] usb usb7-port1: unable to enumerate USB device
[ 1064.122767][T16573] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1064.129965][T16573] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1064.180157][T16573] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1064.231556][   T29] kauditd_printk_skb: 59 callbacks suppressed
[ 1064.231575][   T29] audit: type=1326 audit(1732804494.821:2491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16617 comm="syz.5.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcfd980809 code=0x7ffc0000
[ 1064.265978][T16573] hsr_slave_0: entered promiscuous mode
[ 1064.269172][   T29] audit: type=1326 audit(1732804494.851:2492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16617 comm="syz.5.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbcfd980809 code=0x7ffc0000
[ 1064.294329][   T29] audit: type=1326 audit(1732804494.851:2493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16617 comm="syz.5.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcfd980809 code=0x7ffc0000
[ 1064.294858][T16573] hsr_slave_1: entered promiscuous mode
[ 1064.351285][T16573] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1064.360001][T16573] Cannot create hsr debugfs directory
[ 1064.364333][   T29] audit: type=1326 audit(1732804494.851:2494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16617 comm="syz.5.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcfd980809 code=0x7ffc0000
[ 1064.394671][   T29] audit: type=1326 audit(1732804494.851:2495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16617 comm="syz.5.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fbcfd980809 code=0x7ffc0000
[ 1064.419068][   T29] audit: type=1326 audit(1732804494.851:2496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16617 comm="syz.5.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcfd980809 code=0x7ffc0000
[ 1064.441286][   T29] audit: type=1326 audit(1732804494.851:2497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16617 comm="syz.5.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcfd980809 code=0x7ffc0000
[ 1064.468051][   T29] audit: type=1326 audit(1732804494.851:2498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16617 comm="syz.5.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbcfd97f170 code=0x7ffc0000
[ 1064.491775][   T29] audit: type=1326 audit(1732804494.851:2499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16617 comm="syz.5.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbcfd97f170 code=0x7ffc0000
[ 1064.587137][T16624] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2839'.
[ 1064.594123][   T29] audit: type=1326 audit(1732804494.851:2500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16617 comm="syz.5.2838" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbcfd980809 code=0x7ffc0000
[ 1065.104552][   T54] Bluetooth: hci5: command 0x041b tx timeout
[ 1065.233520][T16573] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1065.267361][T16628] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2840'.
[ 1066.451850][T16641] loop6: detected capacity change from 0 to 1
[ 1066.455349][T16573] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1066.459650][T16641] Dev loop6: unable to read RDB block 1
[ 1066.576354][T16643] blktrace: Concurrent blktraces are not allowed on sg0
[ 1067.073297][T16641]  loop6: unable to read partition table
[ 1067.080255][T16641] loop6: partition table beyond EOD, truncated
[ 1067.086738][T16641] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[ 1067.086738][T16641] 
) failed (rc=-5)
[ 1067.217792][ T5855] Bluetooth: hci5: command 0x041b tx timeout
[ 1067.376923][T16573] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1067.544369][T16639] FAULT_INJECTION: forcing a failure.
[ 1067.544369][T16639] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1067.557446][T16639] CPU: 1 UID: 0 PID: 16639 Comm: syz.5.2845 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[ 1067.567848][T16639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1067.577889][T16639] Call Trace:
[ 1067.581154][T16639]  <TASK>
[ 1067.584084][T16639]  dump_stack_lvl+0x241/0x360
[ 1067.588786][T16639]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1067.594005][T16639]  ? __pfx__printk+0x10/0x10
[ 1067.598600][T16639]  ? snprintf+0xda/0x120
[ 1067.602831][T16639]  should_fail_ex+0x3b0/0x4e0
[ 1067.607511][T16639]  _copy_to_user+0x31/0xb0
[ 1067.611946][T16639]  simple_read_from_buffer+0xca/0x150
[ 1067.617315][T16639]  proc_fail_nth_read+0x1e9/0x250
[ 1067.622334][T16639]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1067.627871][T16639]  ? rw_verify_area+0x55e/0x6f0
[ 1067.632727][T16639]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1067.638267][T16639]  vfs_read+0x1fc/0xb70
[ 1067.642428][T16639]  ? do_sys_openat2+0x17a/0x1d0
[ 1067.647298][T16639]  ? __pfx_vfs_read+0x10/0x10
[ 1067.651963][T16639]  ? do_sys_openat2+0x17a/0x1d0
[ 1067.656801][T16639]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1067.661994][T16639]  ksys_read+0x18f/0x2b0
[ 1067.666228][T16639]  ? __pfx_ksys_read+0x10/0x10
[ 1067.670982][T16639]  ? do_syscall_64+0x100/0x230
[ 1067.675824][T16639]  ? do_syscall_64+0xb6/0x230
[ 1067.680486][T16639]  do_syscall_64+0xf3/0x230
[ 1067.684973][T16639]  ? clear_bhb_loop+0x35/0x90
[ 1067.689636][T16639]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1067.695527][T16639] RIP: 0033:0x7fbcfd97f21c
[ 1067.699964][T16639] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[ 1067.719584][T16639] RSP: 002b:00007fbcfe867050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1067.727997][T16639] RAX: ffffffffffffffda RBX: 00007fbcfdb45fa0 RCX: 00007fbcfd97f21c
[ 1067.736049][T16639] RDX: 000000000000000f RSI: 00007fbcfe8670b0 RDI: 0000000000000006
[ 1067.744007][T16639] RBP: 00007fbcfe8670a0 R08: 0000000000000000 R09: 0000000000000000
[ 1067.752660][T16639] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1067.760621][T16639] R13: 0000000000000000 R14: 00007fbcfdb45fa0 R15: 00007ffcd8342b28
[ 1067.768597][T16639]  </TASK>
[ 1067.949344][T16658] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2847'.
[ 1068.051082][T16573] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1069.204974][T16658] macvtap9: entered promiscuous mode
[ 1069.255710][T16658] macvtap9: entered allmulticast mode
[ 1069.274187][ T5855] Bluetooth: hci5: command 0x041b tx timeout
[ 1069.288486][T16658] 8021q: adding VLAN 0 to HW filter on device macvtap9
[ 1069.464620][   T29] kauditd_printk_skb: 41 callbacks suppressed
[ 1069.464638][   T29] audit: type=1326 audit(1732804499.981:2542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16665 comm="syz.6.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67d980809 code=0x7ffc0000
[ 1069.493427][   T29] audit: type=1326 audit(1732804499.981:2543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16665 comm="syz.6.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67d980809 code=0x7ffc0000
[ 1069.517886][   T29] audit: type=1326 audit(1732804499.991:2544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16665 comm="syz.6.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb67d980809 code=0x7ffc0000
[ 1069.539750][   T29] audit: type=1326 audit(1732804500.001:2545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16665 comm="syz.6.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67d980809 code=0x7ffc0000
[ 1069.561828][   T29] audit: type=1326 audit(1732804500.001:2546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16665 comm="syz.6.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67d980809 code=0x7ffc0000
[ 1069.595217][   T29] audit: type=1326 audit(1732804500.001:2547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16665 comm="syz.6.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb67d980809 code=0x7ffc0000
[ 1069.617129][   T29] audit: type=1326 audit(1732804500.001:2548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16665 comm="syz.6.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67d980809 code=0x7ffc0000
[ 1069.640550][T16662] fuse: Unknown parameter 'fd1844674407370955161500000000000000000000'
[ 1069.649004][   T29] audit: type=1326 audit(1732804500.001:2549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16665 comm="syz.6.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb67d980809 code=0x7ffc0000
[ 1069.672701][   T29] audit: type=1326 audit(1732804500.001:2550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16665 comm="syz.6.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb67d97f170 code=0x7ffc0000
[ 1069.694584][   T29] audit: type=1326 audit(1732804500.041:2551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16665 comm="syz.6.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb67d97f170 code=0x7ffc0000
[ 1070.768893][T16573] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1070.827231][T16573] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1070.850632][T16573] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1070.860906][T16573] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1071.897451][ T5855] Bluetooth: hci5: command 0x041b tx timeout
[ 1072.278751][T16691] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2857'.
[ 1072.308103][T16573] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1072.531140][T16695] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2856'.
[ 1073.428300][T16573] 8021q: adding VLAN 0 to HW filter on device team0
[ 1073.772741][ T6461] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1073.779892][ T6461] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1073.811497][ T6461] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1073.818704][ T6461] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1074.151917][T16573] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1074.247634][T16573] veth0_vlan: entered promiscuous mode
[ 1074.265729][T16573] veth1_vlan: entered promiscuous mode
[ 1074.330063][T16573] veth0_macvtap: entered promiscuous mode
[ 1074.379159][T16573] veth1_macvtap: entered promiscuous mode
[ 1074.405881][T16715] FAULT_INJECTION: forcing a failure.
[ 1074.405881][T16715] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1074.410897][T16573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1074.438034][T16573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1074.451039][T16573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1074.464448][ T5897] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[ 1074.476442][T16715] CPU: 0 UID: 0 PID: 16715 Comm: syz.4.2862 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[ 1074.486890][T16715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1074.496963][T16715] Call Trace:
[ 1074.500251][T16715]  <TASK>
[ 1074.503181][T16715]  dump_stack_lvl+0x241/0x360
[ 1074.507867][T16715]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1074.513067][T16715]  ? __pfx__printk+0x10/0x10
[ 1074.517667][T16715]  ? __pfx_lock_release+0x10/0x10
[ 1074.522685][T16715]  ? __lock_acquire+0x1397/0x2100
[ 1074.527711][T16715]  should_fail_ex+0x3b0/0x4e0
[ 1074.532391][T16715]  _copy_from_user+0x2f/0xc0
[ 1074.536994][T16715]  kstrtouint_from_user+0xc6/0x190
[ 1074.542108][T16715]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 1074.547827][T16715]  ? __pfx_lock_acquire+0x10/0x10
[ 1074.552858][T16715]  proc_fail_nth_write+0xaa/0x2d0
[ 1074.557879][T16715]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1074.563777][T16715]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1074.569408][T16715]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 1074.575050][T16715]  vfs_write+0x2a3/0xd30
[ 1074.579309][T16715]  ? __pfx_vfs_write+0x10/0x10
[ 1074.584085][T16715]  ? __fget_files+0x2a/0x410
[ 1074.588689][T16715]  ? __fget_files+0x395/0x410
[ 1074.593367][T16715]  ? __fget_files+0x2a/0x410
[ 1074.597964][T16715]  ksys_write+0x18f/0x2b0
[ 1074.602299][T16715]  ? __pfx_ksys_write+0x10/0x10
[ 1074.607150][T16715]  ? do_syscall_64+0x100/0x230
[ 1074.611920][T16715]  ? do_syscall_64+0xb6/0x230
[ 1074.616597][T16715]  do_syscall_64+0xf3/0x230
[ 1074.621095][T16715]  ? clear_bhb_loop+0x35/0x90
[ 1074.625773][T16715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1074.631662][T16715] RIP: 0033:0x7f6095f7f2bf
[ 1074.636124][T16715] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 8d 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 8e 02 00 48
[ 1074.655732][T16715] RSP: 002b:00007f6096ce1050 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1074.664143][T16715] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f6095f7f2bf
[ 1074.672107][T16715] RDX: 0000000000000001 RSI: 00007f6096ce10b0 RDI: 0000000000000003
[ 1074.680069][T16715] RBP: 00007f6096ce10a0 R08: 0000000000000000 R09: 0000000000000000
[ 1074.688034][T16715] R10: 0000000000000036 R11: 0000000000000293 R12: 0000000000000001
[ 1074.696004][T16715] R13: 0000000000000001 R14: 00007f6096145fa0 R15: 00007fff3fa13c98
[ 1074.703999][T16715]  </TASK>
[ 1074.723867][T16573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1074.744500][T16573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1074.755478][T16573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1074.766840][T16573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1074.778367][T16573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1074.803413][T16573] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1074.951365][ T5897] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[ 1075.028356][ T5897] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[ 1075.173551][T16573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1075.186369][T16573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1075.196335][T16573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1075.207413][T16573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1075.217743][T16573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1075.228749][T16573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1075.238888][T16573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1075.244487][ T5897] usb 7-1: New USB device found, idVendor=2c7c, idProduct=030e, bcdDevice=81.28
[ 1075.249491][T16573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1075.269004][T16573] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1075.279818][T16573] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1075.289768][ T5897] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1075.297099][T16573] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1075.484418][ T5897] usb 7-1: Product: syz
[ 1075.488628][ T5897] usb 7-1: Manufacturer: syz
[ 1075.501327][ T5897] usb 7-1: SerialNumber: syz
[ 1075.510807][ T5897] usb 7-1: config 0 descriptor??
[ 1075.526464][T16573] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1075.535050][T16713] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1075.535709][T16573] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1075.542369][T16713] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1075.551333][T16573] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1075.567121][T16573] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1076.556490][ T5897] option 7-1:0.0: GSM modem (1-port) converter detected
[ 1076.665806][ T5897] usb 7-1: GSM modem (1-port) converter now attached to ttyUSB0
[ 1076.684176][ T5897] usb 7-1: USB disconnect, device number 11
[ 1076.735018][ T5897] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0
[ 1076.754912][ T5897] option 7-1:0.0: device disconnected
[ 1076.790014][T15948] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1076.812142][T15948] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1076.844925][T11935] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1076.856348][T11935] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1076.865969][   T29] kauditd_printk_skb: 39 callbacks suppressed
[ 1076.865983][   T29] audit: type=1800 audit(1732804507.461:2591): pid=16731 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.2.2865" name="/" dev="fuse" ino=1 res=0 errno=0
[ 1077.251911][T16730] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2866'.
[ 1077.929371][T16730] Device name cannot be null; rc = [-22]
[ 1079.442261][T16756] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2872'.
[ 1080.744966][T15947] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[ 1081.644020][T15947] usb 6-1: device descriptor read/64, error -71
[ 1081.860001][  T972] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[ 1081.871682][T16779] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1081.880506][T15189] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[ 1081.894056][T15947] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[ 1081.901936][T16779] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1081.925245][  T972] hid-generic 0000:0000:0000.0025: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1082.024496][T15189] usb 2-1: device descriptor read/64, error -71
[ 1082.130469][T15947] usb 6-1: device descriptor read/64, error -71
[ 1082.287079][T16791] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2881'.
[ 1083.076886][T15947] usb usb6-port1: attempt power cycle
[ 1083.169048][T15189] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[ 1084.550195][T15189] usb 2-1: device descriptor read/64, error -71
[ 1084.697036][T15189] usb usb2-port1: attempt power cycle
[ 1088.182377][T16844] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1088.191720][T16844] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1088.205583][T16844] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1088.215014][T16844] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1088.222800][T16848] loop6: detected capacity change from 0 to 1
[ 1088.382330][T16848] Dev loop6: unable to read RDB block 1
[ 1088.388613][T16848]  loop6: unable to read partition table
[ 1088.394829][   T29] audit: type=1326 audit(1732804518.971:2592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16847 comm="syz.4.2899" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6095f80809 code=0x0
[ 1088.780856][T16854] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2891'.
[ 1088.795407][T16848] loop6: partition table beyond EOD, truncated
[ 1089.071418][T16848] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[ 1089.071418][T16848] 
) failed (rc=-5)
[ 1091.765055][T16878] FAULT_INJECTION: forcing a failure.
[ 1091.765055][T16878] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1091.818374][T16878] CPU: 1 UID: 0 PID: 16878 Comm: syz.5.2903 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[ 1091.828855][T16878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1091.838921][T16878] Call Trace:
[ 1091.842192][T16878]  <TASK>
[ 1091.845118][T16878]  dump_stack_lvl+0x241/0x360
[ 1091.849804][T16878]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1091.855025][T16878]  ? __pfx__printk+0x10/0x10
[ 1091.859640][T16878]  ? snprintf+0xda/0x120
[ 1091.863877][T16878]  should_fail_ex+0x3b0/0x4e0
[ 1091.868559][T16878]  _copy_to_user+0x31/0xb0
[ 1091.872974][T16878]  simple_read_from_buffer+0xca/0x150
[ 1091.878355][T16878]  proc_fail_nth_read+0x1e9/0x250
[ 1091.883443][T16878]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1091.889019][T16878]  ? rw_verify_area+0x55e/0x6f0
[ 1091.893890][T16878]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1091.899447][T16878]  vfs_read+0x1fc/0xb70
[ 1091.903594][T16878]  ? __pfx___mutex_lock+0x10/0x10
[ 1091.908619][T16878]  ? __pfx_vfs_read+0x10/0x10
[ 1091.913314][T16878]  ? __fget_files+0x2a/0x410
[ 1091.917901][T16878]  ? __fget_files+0x395/0x410
[ 1091.922576][T16878]  ? __fget_files+0x2a/0x410
[ 1091.927165][T16878]  ksys_read+0x18f/0x2b0
[ 1091.931414][T16878]  ? __pfx_ksys_read+0x10/0x10
[ 1091.936177][T16878]  ? do_syscall_64+0x100/0x230
[ 1091.940934][T16878]  ? do_syscall_64+0xb6/0x230
[ 1091.945633][T16878]  do_syscall_64+0xf3/0x230
[ 1091.950132][T16878]  ? clear_bhb_loop+0x35/0x90
[ 1091.954804][T16878]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1091.960688][T16878] RIP: 0033:0x7fbcfd97f21c
[ 1091.965097][T16878] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[ 1091.984698][T16878] RSP: 002b:00007fbcfe825050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1091.993114][T16878] RAX: ffffffffffffffda RBX: 00007fbcfdb46160 RCX: 00007fbcfd97f21c
[ 1092.001083][T16878] RDX: 000000000000000f RSI: 00007fbcfe8250b0 RDI: 0000000000000006
[ 1092.009052][T16878] RBP: 00007fbcfe8250a0 R08: 0000000000000000 R09: 0000000000000000
[ 1092.017022][T16878] R10: 00000000200001c0 R11: 0000000000000246 R12: 0000000000000001
[ 1092.024983][T16878] R13: 0000000000000000 R14: 00007fbcfdb46160 R15: 00007ffcd8342b28
[ 1092.032961][T16878]  </TASK>
[ 1092.036064][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1093.914345][T16897] FAULT_INJECTION: forcing a failure.
[ 1093.914345][T16897] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1094.079200][T16894] siw: device registration error -23
[ 1094.087329][T16899] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[ 1094.100082][T16899] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 1094.104472][T16897] CPU: 1 UID: 0 PID: 16897 Comm: syz.6.2911 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[ 1094.117624][T16897] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1094.127695][T16897] Call Trace:
[ 1094.130965][T16897]  <TASK>
[ 1094.133885][T16897]  dump_stack_lvl+0x241/0x360
[ 1094.138590][T16897]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1094.143776][T16897]  ? __pfx__printk+0x10/0x10
[ 1094.148372][T16897]  ? snprintf+0xda/0x120
[ 1094.152603][T16897]  should_fail_ex+0x3b0/0x4e0
[ 1094.157271][T16897]  _copy_to_user+0x31/0xb0
[ 1094.161691][T16897]  simple_read_from_buffer+0xca/0x150
[ 1094.167059][T16897]  proc_fail_nth_read+0x1e9/0x250
[ 1094.172073][T16897]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1094.177623][T16897]  ? rw_verify_area+0x55e/0x6f0
[ 1094.182534][T16897]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1094.188073][T16897]  vfs_read+0x1fc/0xb70
[ 1094.192219][T16897]  ? do_sys_openat2+0x17a/0x1d0
[ 1094.197056][T16897]  ? __pfx_vfs_read+0x10/0x10
[ 1094.201720][T16897]  ? pipe_clear_nowait+0x196/0x220
[ 1094.206818][T16897]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1094.212045][T16897]  ? __pfx_do_splice+0x10/0x10
[ 1094.216799][T16897]  ksys_read+0x18f/0x2b0
[ 1094.221033][T16897]  ? __pfx_ksys_read+0x10/0x10
[ 1094.225785][T16897]  ? do_syscall_64+0x100/0x230
[ 1094.230534][T16897]  ? do_syscall_64+0xb6/0x230
[ 1094.235203][T16897]  do_syscall_64+0xf3/0x230
[ 1094.239704][T16897]  ? clear_bhb_loop+0x35/0x90
[ 1094.244368][T16897]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1094.250253][T16897] RIP: 0033:0x7fb67d97f21c
[ 1094.254656][T16897] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 8e 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 8e 02 00 48
[ 1094.274335][T16897] RSP: 002b:00007fb67e757050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1094.282731][T16897] RAX: ffffffffffffffda RBX: 00007fb67db45fa0 RCX: 00007fb67d97f21c
[ 1094.290691][T16897] RDX: 000000000000000f RSI: 00007fb67e7570b0 RDI: 0000000000000005
[ 1094.298651][T16897] RBP: 00007fb67e7570a0 R08: 0000000000000000 R09: 0000000000000000
[ 1094.306614][T16897] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1094.314657][T16897] R13: 0000000000000000 R14: 00007fb67db45fa0 R15: 00007ffc39f328a8
[ 1094.322660][T16897]  </TASK>
[ 1094.325725][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1094.486086][T16906] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1094.710773][T16906] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1095.245741][T16917] FAULT_INJECTION: forcing a failure.
[ 1095.245741][T16917] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1095.272841][T16917] CPU: 0 UID: 0 PID: 16917 Comm: syz.6.2917 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[ 1095.283279][T16917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1095.293350][T16917] Call Trace:
[ 1095.296646][T16917]  <TASK>
[ 1095.299587][T16917]  dump_stack_lvl+0x241/0x360
[ 1095.304286][T16917]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1095.309509][T16917]  ? __pfx__printk+0x10/0x10
[ 1095.314130][T16917]  ? __pfx_lock_release+0x10/0x10
[ 1095.319180][T16917]  should_fail_ex+0x3b0/0x4e0
[ 1095.323846][T16917]  _copy_to_iter+0x4ae/0x1e70
[ 1095.328528][T16917]  ? __virt_addr_valid+0x183/0x530
[ 1095.333658][T16917]  ? __pfx__copy_to_iter+0x10/0x10
[ 1095.338762][T16917]  ? kasan_save_track+0x51/0x80
[ 1095.343602][T16917]  ? __virt_addr_valid+0x183/0x530
[ 1095.348700][T16917]  ? __virt_addr_valid+0x183/0x530
[ 1095.353789][T16917]  ? __virt_addr_valid+0x45f/0x530
[ 1095.358885][T16917]  ? __phys_addr_symbol+0x2f/0x70
[ 1095.363902][T16917]  ? __check_object_size+0x48e/0x900
[ 1095.369184][T16917]  __skb_datagram_iter+0x107/0x900
[ 1095.374292][T16917]  ? __pfx_simple_copy_to_iter+0x10/0x10
[ 1095.379924][T16917]  skb_copy_datagram_iter+0xd1/0x250
[ 1095.385218][T16917]  netlink_recvmsg+0x2d0/0x11d0
[ 1095.390086][T16917]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 1095.395363][T16917]  ? rcu_is_watching+0x15/0xb0
[ 1095.400119][T16917]  ? trace_kmalloc+0x1f/0xd0
[ 1095.404697][T16917]  ? __kmalloc_noprof+0x2a5/0x4c0
[ 1095.409710][T16917]  ? iovec_from_user+0x87/0x240
[ 1095.414573][T16917]  ? iovec_from_user+0x1b4/0x240
[ 1095.419504][T16917]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[ 1095.424790][T16917]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 1095.430083][T16917]  sock_recvmsg+0x22f/0x280
[ 1095.434597][T16920] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2918'.
[ 1095.434595][T16917]  ____sys_recvmsg+0x1c6/0x480
[ 1095.434631][T16917]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1095.453570][T16917]  do_recvmmsg+0x426/0xab0
[ 1095.457986][T16917]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1095.462933][T16917]  ? __pfx___might_resched+0x10/0x10
[ 1095.468234][T16917]  ? __might_fault+0xaa/0x120
[ 1095.472926][T16917]  ? __pfx_lock_release+0x10/0x10
[ 1095.477975][T16917]  ? vfs_write+0x730/0xd30
[ 1095.482414][T16917]  ? get_timespec64+0x19c/0x280
[ 1095.487264][T16917]  __x64_sys_recvmmsg+0x1b8/0x250
[ 1095.492280][T16917]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1095.497833][T16917]  ? do_syscall_64+0x100/0x230
[ 1095.502626][T16917]  ? do_syscall_64+0xb6/0x230
[ 1095.507332][T16917]  do_syscall_64+0xf3/0x230
[ 1095.511881][T16917]  ? clear_bhb_loop+0x35/0x90
[ 1095.516565][T16917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1095.522453][T16917] RIP: 0033:0x7fb67d980809
[ 1095.526875][T16917] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1095.546581][T16917] RSP: 002b:00007fb67e757058 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1095.554999][T16917] RAX: ffffffffffffffda RBX: 00007fb67db45fa0 RCX: 00007fb67d980809
[ 1095.562976][T16917] RDX: 04000000000003b4 RSI: 00000000200037c0 RDI: 0000000000000003
[ 1095.570937][T16917] RBP: 00007fb67e7570a0 R08: 0000000020003700 R09: 0000000000000000
[ 1095.578912][T16917] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1095.586891][T16917] R13: 0000000000000000 R14: 00007fb67db45fa0 R15: 00007ffc39f328a8
[ 1095.594863][T16917]  </TASK>
[ 1097.860159][T16940] FAULT_INJECTION: forcing a failure.
[ 1097.860159][T16940] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1097.873363][T16940] CPU: 0 UID: 0 PID: 16940 Comm: syz.2.2924 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[ 1097.883865][T16940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1097.893930][T16940] Call Trace:
[ 1097.897211][T16940]  <TASK>
[ 1097.900130][T16940]  dump_stack_lvl+0x241/0x360
[ 1097.904802][T16940]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1097.909984][T16940]  ? __pfx__printk+0x10/0x10
[ 1097.914567][T16940]  ? __pfx_lock_release+0x10/0x10
[ 1097.919578][T16940]  should_fail_ex+0x3b0/0x4e0
[ 1097.924270][T16940]  _copy_from_user+0x2f/0xc0
[ 1097.928865][T16940]  core_sys_select+0x508/0x910
[ 1097.933619][T16940]  ? __pfx_core_sys_select+0x10/0x10
[ 1097.938908][T16940]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1097.944810][T16940]  ? __pfx_vfs_write+0x10/0x10
[ 1097.949564][T16940]  ? __pfx_set_user_sigmask+0x10/0x10
[ 1097.954925][T16940]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1097.960893][T16940]  ? __fget_files+0x2a/0x410
[ 1097.965484][T16940]  __se_sys_pselect6+0x323/0x3f0
[ 1097.970417][T16940]  ? __pfx___se_sys_pselect6+0x10/0x10
[ 1097.975859][T16940]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1097.982167][T16940]  ? do_syscall_64+0x100/0x230
[ 1097.986916][T16940]  ? __x64_sys_pselect6+0x21/0xf0
[ 1097.991928][T16940]  do_syscall_64+0xf3/0x230
[ 1097.996443][T16940]  ? clear_bhb_loop+0x35/0x90
[ 1098.001116][T16940]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1098.007004][T16940] RIP: 0033:0x7fd1fa780809
[ 1098.011434][T16940] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1098.031043][T16940] RSP: 002b:00007fd1fb5e3058 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1098.039454][T16940] RAX: ffffffffffffffda RBX: 00007fd1fa945fa0 RCX: 00007fd1fa780809
[ 1098.047418][T16940] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000040
[ 1098.055379][T16940] RBP: 00007fd1fb5e30a0 R08: 0000000000000000 R09: 0000000000000000
[ 1098.063341][T16940] R10: 00000000200002c0 R11: 0000000000000246 R12: 0000000000000001
[ 1098.071330][T16940] R13: 0000000000000000 R14: 00007fd1fa945fa0 R15: 00007ffcdc86ac58
[ 1098.079302][T16940]  </TASK>
[ 1098.870598][   T29] audit: type=1326 audit(1732804529.461:2593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16953 comm="syz.4.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[ 1098.897265][   T29] audit: type=1326 audit(1732804529.491:2594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16953 comm="syz.4.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[ 1098.990844][   T29] audit: type=1326 audit(1732804529.511:2595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16953 comm="syz.4.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[ 1098.990887][   T29] audit: type=1326 audit(1732804529.511:2596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16953 comm="syz.4.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[ 1098.990922][   T29] audit: type=1326 audit(1732804529.511:2597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16953 comm="syz.4.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[ 1098.990954][   T29] audit: type=1326 audit(1732804529.531:2598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16953 comm="syz.4.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[ 1098.990987][   T29] audit: type=1326 audit(1732804529.531:2599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16953 comm="syz.4.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[ 1098.991018][   T29] audit: type=1326 audit(1732804529.531:2600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16953 comm="syz.4.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6095f7f170 code=0x7ffc0000
[ 1098.991050][   T29] audit: type=1326 audit(1732804529.531:2601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16953 comm="syz.4.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6095f7f170 code=0x7ffc0000
[ 1098.991081][   T29] audit: type=1326 audit(1732804529.531:2602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16953 comm="syz.4.2929" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6095f80809 code=0x7ffc0000
[ 1100.076807][T15947] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[ 1100.162233][T15947] hid-generic 0000:0000:0000.0026: hidraw2: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1100.428122][T16980] fuse: Bad value for 'fd'
[ 1101.275815][T15189] usb 6-1: new full-speed USB device number 30 using dummy_hcd
[ 1101.521919][ T5897] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[ 1101.674037][ T5897] usb 2-1: Using ep0 maxpacket: 8
[ 1101.680925][ T5897] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[ 1101.689711][ T5897] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1101.699813][ T5897] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1101.710153][ T5897] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1101.720436][ T5897] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1101.734424][ T5897] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1101.749929][ T5897] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1101.975244][ T5897] usb 2-1: usb_control_msg returned -32
[ 1101.980873][ T5897] usbtmc 2-1:16.0: can't read capabilities
[ 1102.054355][T16996] xt_l2tp: wrong L2TP version: 0
[ 1102.069695][T16996] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1102.078416][T16996] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1102.224389][ T2151] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[ 1102.377049][ T2151] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1102.396039][ T2151] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1102.429122][ T2151] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1102.462041][ T2151] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1102.504706][ T2151] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1102.530037][ T2151] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1102.550109][ T2151] usb 7-1: Product: syz
[ 1102.566423][ T2151] usb 7-1: Manufacturer: syz
[ 1102.585587][ T2151] cdc_wdm 7-1:1.0: skipping garbage
[ 1102.761597][ T2151] cdc_wdm 7-1:1.0: skipping garbage
[ 1102.768150][ T2151] cdc_wdm 7-1:1.0: cdc-wdm1: USB WDM device
[ 1102.774189][ T2151] cdc_wdm 7-1:1.0: Unknown control protocol
[ 1102.839694][ T5897] usb 7-1: USB disconnect, device number 12
[ 1103.700993][T17022] fuse: Bad value for 'fd'
[ 1104.144533][T17023] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2948'.
[ 1104.197625][T15947] usb 2-1: USB disconnect, device number 16
[ 1104.877996][T17023] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2948'.
[ 1106.455652][T17023] bond_slave_0: entered promiscuous mode
[ 1106.461448][T17023] bond_slave_1: entered promiscuous mode
[ 1106.570898][T17023] macvtap3: entered promiscuous mode
[ 1106.576359][T17023] bond0: entered promiscuous mode
[ 1106.581915][T17023] macvtap3: entered allmulticast mode
[ 1106.588282][T17023] bond0: entered allmulticast mode
[ 1106.593578][T17023] bond_slave_0: entered allmulticast mode
[ 1106.614058][   T46] hid-generic 0000:0000:0000.0027: unknown main item tag 0x0
[ 1106.622461][T17035] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1106.624751][T15189] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1106.632154][   T46] hid-generic 0000:0000:0000.0027: hidraw3: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1106.664137][T17035] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1106.694114][T15189] usb 6-1: no configurations
[ 1106.698798][T15189] usb 6-1: can't read configurations, error -22
[ 1106.724034][T17023] bond_slave_1: entered allmulticast mode
[ 1106.730902][T17023] 8021q: adding VLAN 0 to HW filter on device macvtap3
[ 1106.764540][T17044] netlink: 48 bytes leftover after parsing attributes in process `syz.5.2951'.
[ 1106.872157][T15189] usb 6-1: new full-speed USB device number 31 using dummy_hcd
[ 1107.654957][T15189] usb 6-1: device descriptor read/64, error -32
[ 1107.848415][T17061] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[ 1107.955852][T15189] usb usb6-port1: attempt power cycle
[ 1108.383469][T17075] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1108.393478][T17075] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1108.402575][T17075] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1108.411812][T17075] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1108.420750][T15189] usb 6-1: new full-speed USB device number 32 using dummy_hcd
[ 1108.457249][T15189] usb 6-1: device descriptor read/8, error -32
[ 1108.515610][T17075] vxlan0: entered promiscuous mode
[ 1108.569413][T17075] vxlan0: entered allmulticast mode
[ 1108.584435][T17075] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1108.594033][T17075] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1108.602955][T17075] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1108.612580][T17075] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1109.434049][T15189] usb 6-1: new full-speed USB device number 33 using dummy_hcd
[ 1109.455232][T15189] usb 6-1: device descriptor read/8, error -32
[ 1109.684733][T15189] usb usb6-port1: unable to enumerate USB device
[ 1110.468900][ T7361] raw-gadget.2 gadget.2: failed to queue disconnect event
[ 1110.740841][T17105] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1110.749914][T17105] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1215.653915][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1215.660915][    C0] rcu: 	1-...!: (1 GPs behind) idle=2774/1/0x4000000000000000 softirq=60238/60247 fqs=6
[ 1215.672230][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=67401, q=364 ncpus=2)
[ 1215.679998][    C0] Sending NMI from CPU 0 to CPUs 1:
[ 1215.680041][    C1] NMI backtrace for cpu 1
[ 1215.680055][    C1] CPU: 1 UID: 0 PID: 17101 Comm: syz.4.2970 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[ 1215.680078][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1215.680088][    C1] RIP: 0010:match_held_lock+0x1/0xb0
[ 1215.680117][    C1] Code: 83 c4 10 5b 41 5e 41 5f c3 cc cc cc cc e8 07 f9 ff ff 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 55 <53> bd 01 00 00 00 48 39 77 10 74 67 48 89 fb 81 7f 20 00 00 20 00
[ 1215.680131][    C1] RSP: 0018:ffffc90000a18c18 EFLAGS: 00000097
[ 1215.680147][    C1] RAX: 0000000000000001 RBX: ffff88802681e4e0 RCX: ffff88802681da00
[ 1215.680160][    C1] RDX: ffff88802681da00 RSI: ffff888031cc9300 RDI: ffff88802681e4e0
[ 1215.680172][    C1] RBP: 0000000000000000 R08: ffffffff89ccfdc1 R09: fffff5200014317c
[ 1215.680184][    C1] R10: dffffc0000000000 R11: fffff5200014317c R12: 0000000000000046
[ 1215.680196][    C1] R13: ffff88802681da00 R14: 00000000ffffffff R15: ffff888031cc9300
[ 1215.680208][    C1] FS:  00007f6096ce16c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[ 1215.680223][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1215.680235][    C1] CR2: 0000000000000000 CR3: 000000006cf44000 CR4: 00000000003526f0
[ 1215.680249][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 00000000000000a1
[ 1215.680259][    C1] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1215.680270][    C1] Call Trace:
[ 1215.680278][    C1]  <NMI>
[ 1215.680287][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[ 1215.680328][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1215.680367][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1215.680422][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[ 1215.680469][    C1]  ? nmi_handle+0x14f/0x5a0
[ 1215.680507][    C1]  ? nmi_handle+0x2a/0x5a0
[ 1215.680546][    C1]  ? match_held_lock+0x1/0xb0
[ 1215.680592][    C1]  ? default_do_nmi+0x63/0x160
[ 1215.680634][    C1]  ? exc_nmi+0x123/0x1f0
[ 1215.680674][    C1]  ? end_repeat_nmi+0xf/0x53
[ 1215.680694][    C1]  ? advance_sched+0x131/0xca0
[ 1215.680713][    C1]  ? match_held_lock+0x1/0xb0
[ 1215.680739][    C1]  ? match_held_lock+0x1/0xb0
[ 1215.680759][    C1]  ? match_held_lock+0x1/0xb0
[ 1215.680778][    C1]  </NMI>
[ 1215.680784][    C1]  <IRQ>
[ 1215.680790][    C1]  lock_is_held_type+0xa9/0x190
[ 1215.680811][    C1]  ? __pfx_advance_sched+0x10/0x10
[ 1215.680828][    C1]  advance_sched+0x148/0xca0
[ 1215.680846][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1215.680867][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1215.680890][    C1]  ? __pfx_advance_sched+0x10/0x10
[ 1215.680908][    C1]  __hrtimer_run_queues+0x59b/0xd50
[ 1215.680934][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1215.680951][    C1]  ? sched_clock+0x4a/0x70
[ 1215.680970][    C1]  ? read_tsc+0x9/0x20
[ 1215.680988][    C1]  ? ktime_get_update_offsets_now+0x393/0x3b0
[ 1215.681008][    C1]  hrtimer_interrupt+0x403/0xa40
[ 1215.681034][    C1]  __sysvec_apic_timer_interrupt+0x110/0x420
[ 1215.681053][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[ 1215.681072][    C1]  </IRQ>
[ 1215.681078][    C1]  <TASK>
[ 1215.681084][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1215.681102][    C1] RIP: 0010:lock_acquire+0x264/0x550
[ 1215.681118][    C1] Code: 2b 00 74 08 4c 89 f7 e8 1a 84 8c 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[ 1215.681131][    C1] RSP: 0018:ffffc9001030f380 EFLAGS: 00000206
[ 1215.681145][    C1] RAX: 0000000000000001 RBX: 1ffff92002061e7c RCX: ffff88802681e4d8
[ 1215.681156][    C1] RDX: dffffc0000000000 RSI: ffffffff8c0aeb60 RDI: ffffffff8c6083a0
[ 1215.681169][    C1] RBP: ffffc9001030f4d8 R08: ffffffff942f0897 R09: 1ffffffff285e112
[ 1215.681181][    C1] R10: dffffc0000000000 R11: fffffbfff285e113 R12: 1ffff92002061e78
[ 1215.681194][    C1] R13: dffffc0000000000 R14: ffffc9001030f3e0 R15: 0000000000000246
[ 1215.681215][    C1]  ? __pfx_lock_acquire+0x10/0x10
[ 1215.681233][    C1]  ? mark_lock+0x9a/0x360
[ 1215.681251][    C1]  ? __lock_acquire+0x1397/0x2100
[ 1215.681271][    C1]  fs_reclaim_acquire+0x88/0x130
[ 1215.681290][    C1]  ? prepare_alloc_pages+0x147/0x5b0
[ 1215.681308][    C1]  prepare_alloc_pages+0x147/0x5b0
[ 1215.681335][    C1]  __alloc_pages_noprof+0x16f/0x710
[ 1215.681356][    C1]  ? __pfx___alloc_pages_noprof+0x10/0x10
[ 1215.681383][    C1]  alloc_pages_mpol_noprof+0x3e8/0x680
[ 1215.681402][    C1]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[ 1215.681420][    C1]  ? __pfx_lock_release+0x10/0x10
[ 1215.681438][    C1]  folio_alloc_mpol_noprof+0x36/0x50
[ 1215.681455][    C1]  shmem_alloc_and_add_folio+0x49b/0x13d0
[ 1215.681481][    C1]  ? __pfx_filemap_get_entry+0x10/0x10
[ 1215.681501][    C1]  ? __pfx_shmem_alloc_and_add_folio+0x10/0x10
[ 1215.681527][    C1]  ? shmem_allowable_huge_orders+0x580/0x660
[ 1215.681549][    C1]  shmem_get_folio_gfp+0x5a9/0x20a0
[ 1215.681576][    C1]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[ 1215.681599][    C1]  shmem_write_begin+0x17e/0x460
[ 1215.681621][    C1]  ? __pfx_shmem_write_begin+0x10/0x10
[ 1215.681643][    C1]  ? fault_in_iov_iter_readable+0x229/0x280
[ 1215.681664][    C1]  generic_perform_write+0x344/0x6d0
[ 1215.681685][    C1]  ? __pfx_generic_perform_write+0x10/0x10
[ 1215.681701][    C1]  ? _raw_spin_unlock+0x28/0x50
[ 1215.681745][    C1]  ? __mark_inode_dirty+0x5b2/0xe90
[ 1215.681765][    C1]  ? mnt_put_write_access_file+0xbf/0x100
[ 1215.681786][    C1]  ? file_update_time+0x3dd/0x450
[ 1215.681806][    C1]  shmem_file_write_iter+0xf9/0x120
[ 1215.681822][    C1]  vfs_write+0xaeb/0xd30
[ 1215.681843][    C1]  ? __pfx_shmem_file_write_iter+0x10/0x10
[ 1215.681858][    C1]  ? __pfx_vfs_write+0x10/0x10
[ 1215.681878][    C1]  ? __pfx_do_futex+0x10/0x10
[ 1215.681904][    C1]  ksys_write+0x18f/0x2b0
[ 1215.681925][    C1]  ? __pfx_ksys_write+0x10/0x10
[ 1215.681944][    C1]  ? do_syscall_64+0x100/0x230
[ 1215.681960][    C1]  ? do_syscall_64+0xb6/0x230
[ 1215.682022][    C1]  do_syscall_64+0xf3/0x230
[ 1215.682049][    C1]  ? clear_bhb_loop+0x35/0x90
[ 1215.682068][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1215.682085][    C1] RIP: 0033:0x7f6095f80809
[ 1215.682102][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1215.682117][    C1] RSP: 002b:00007f6096ce1058 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1215.682135][    C1] RAX: ffffffffffffffda RBX: 00007f6096145fa0 RCX: 00007f6095f80809
[ 1215.682148][    C1] RDX: 000000000208e24b RSI: 0000000020000240 RDI: 0000000000000003
[ 1215.682159][    C1] RBP: 00007f6095ff393e R08: 0000000000000000 R09: 0000000000000000
[ 1215.682171][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1215.682181][    C1] R13: 0000000000000000 R14: 00007f6096145fa0 R15: 00007fff3fa13c98
[ 1215.682200][    C1]  </TASK>
[ 1215.683045][    C0] rcu: rcu_preempt kthread starved for 10490 jiffies! g67401 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 1216.347430][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1216.357435][    C0] rcu: RCU grace-period kthread stack dump:
[ 1216.363338][    C0] task:rcu_preempt     state:R  running task     stack:25624 pid:17    tgid:17    ppid:2      flags:0x00004000
[ 1216.375102][    C0] Call Trace:
[ 1216.378391][    C0]  <TASK>
[ 1216.381339][    C0]  __schedule+0x17fb/0x4be0
[ 1216.385896][    C0]  ? __pfx___schedule+0x10/0x10
[ 1216.390769][    C0]  ? __pfx_lock_release+0x10/0x10
[ 1216.395815][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1216.402158][    C0]  ? schedule+0x90/0x320
[ 1216.406421][    C0]  schedule+0x14b/0x320
[ 1216.410598][    C0]  schedule_timeout+0x15a/0x290
[ 1216.415463][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 1216.420850][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 1216.426159][    C0]  ? prepare_to_swait_event+0x330/0x350
[ 1216.431724][    C0]  rcu_gp_fqs_loop+0x2df/0x1330
[ 1216.436587][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[ 1216.441816][    C0]  ? __pfx_rcu_watching_snap_recheck+0x10/0x10
[ 1216.447985][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1216.453297][    C0]  rcu_gp_kthread+0xa7/0x3b0
[ 1216.457903][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1216.463117][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1216.469031][    C0]  ? __kthread_parkme+0x169/0x1d0
[ 1216.474072][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1216.479284][    C0]  kthread+0x2f0/0x390
[ 1216.483365][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1216.488574][    C0]  ? __pfx_kthread+0x10/0x10
[ 1216.493172][    C0]  ret_from_fork+0x4b/0x80
[ 1216.497599][    C0]  ? __pfx_kthread+0x10/0x10
[ 1216.502210][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1216.507004][    C0]  </TASK>
[ 1216.510032][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 1216.516360][    C0] CPU: 0 UID: 0 PID: 6461 Comm: kworker/u8:10 Not tainted 6.12.0-syzkaller-10553-gb86545e02e8c #0
[ 1216.526958][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1216.537022][    C0] Workqueue: events_unbound toggle_allocation_gate
[ 1216.543545][    C0] RIP: 0010:smp_call_function_many_cond+0x19f3/0x2ca0
[ 1216.550324][    C0] Code: 45 8b 65 00 44 89 e6 83 e6 01 31 ff e8 36 ea 0b 00 41 83 e4 01 49 bc 00 00 00 00 00 fc ff df 75 07 e8 e1 e5 0b 00 eb 38 f3 90 <42> 0f b6 04 23 84 c0 75 11 41 f7 45 00 01 00 00 00 74 1e e8 c5 e5
[ 1216.569939][    C0] RSP: 0018:ffffc900056976e0 EFLAGS: 00000293
[ 1216.576021][    C0] RAX: ffffffff8189fe6b RBX: 1ffff110170e88b9 RCX: ffff88802d2f0000
[ 1216.584004][    C0] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000000
[ 1216.591985][    C0] RBP: ffffc900056978e0 R08: ffffffff8189fe3a R09: 1ffffffff285e110
[ 1216.599966][    C0] R10: dffffc0000000000 R11: fffffbfff285e111 R12: dffffc0000000000
[ 1216.608079][    C0] R13: ffff8880b87445c8 R14: ffff8880b863f940 R15: 0000000000000001
[ 1216.616065][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[ 1216.625003][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1216.631596][    C0] CR2: 0000001b316dac00 CR3: 000000000e738000 CR4: 00000000003526f0
[ 1216.639585][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1216.647567][    C0] DR3: 0000000000000016 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1216.655548][    C0] Call Trace:
[ 1216.658837][    C0]  <IRQ>
[ 1216.661691][    C0]  ? rcu_check_gp_kthread_starvation+0x278/0x310
[ 1216.668050][    C0]  ? print_other_cpu_stall+0x1481/0x15c0
[ 1216.673709][    C0]  ? __pfx_print_other_cpu_stall+0x10/0x10
[ 1216.679542][    C0]  ? kvm_check_and_clear_guest_paused+0x6a/0xd0
[ 1216.685802][    C0]  ? rcu_sched_clock_irq+0xa26/0x10e0
[ 1216.691197][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[ 1216.696867][    C0]  ? update_process_times+0x242/0x2f0
[ 1216.702259][    C0]  ? tick_nohz_handler+0x37c/0x500
[ 1216.707412][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[ 1216.712914][    C0]  ? __hrtimer_run_queues+0x551/0xd50
[ 1216.718362][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1216.724123][    C0]  ? sched_clock+0x4a/0x70
[ 1216.728565][    C0]  ? read_tsc+0x9/0x20
[ 1216.732653][    C0]  ? ktime_get_update_offsets_now+0x393/0x3b0
[ 1216.738758][    C0]  ? hrtimer_interrupt+0x403/0xa40
[ 1216.743922][    C0]  ? __sysvec_apic_timer_interrupt+0x110/0x420
[ 1216.750098][    C0]  ? sysvec_apic_timer_interrupt+0xa1/0xc0
[ 1216.755926][    C0]  </IRQ>
[ 1216.758881][    C0]  <TASK>
[ 1216.761833][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1216.768009][    C0]  ? smp_call_function_many_cond+0x19da/0x2ca0
[ 1216.774181][    C0]  ? smp_call_function_many_cond+0x1a0b/0x2ca0
[ 1216.780360][    C0]  ? smp_call_function_many_cond+0x19f3/0x2ca0
[ 1216.786544][    C0]  ? kmem_cache_alloc_bulk_noprof+0x156/0x7c0
[ 1216.792634][    C0]  ? __pfx_do_sync_core+0x10/0x10
[ 1216.797688][    C0]  ? __pfx___text_poke+0x10/0x10
[ 1216.802659][    C0]  ? process_scheduled_works+0x976/0x1850
[ 1216.808417][    C0]  ? __pfx_smp_call_function_many_cond+0x10/0x10
[ 1216.814763][    C0]  ? __pfx___might_resched+0x10/0x10
[ 1216.820067][    C0]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1216.825983][    C0]  ? __pfx_do_sync_core+0x10/0x10
[ 1216.831031][    C0]  on_each_cpu_cond_mask+0x3f/0x80
[ 1216.836164][    C0]  text_poke_bp_batch+0x352/0xb30
[ 1216.841210][    C0]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1216.847205][    C0]  ? arch_jump_label_transform_apply+0x17/0x30
[ 1216.853398][    C0]  ? __pfx_text_poke_bp_batch+0x10/0x10
[ 1216.858968][    C0]  ? arch_jump_label_transform_queue+0x9b/0x100
[ 1216.865232][    C0]  ? process_scheduled_works+0x976/0x1850
[ 1216.870971][    C0]  text_poke_finish+0x30/0x50
[ 1216.875662][    C0]  arch_jump_label_transform_apply+0x1c/0x30
[ 1216.881661][    C0]  static_key_enable_cpuslocked+0x136/0x260
[ 1216.887589][    C0]  static_key_enable+0x1a/0x20
[ 1216.892377][    C0]  toggle_allocation_gate+0xbc/0x260
[ 1216.897689][    C0]  ? __pfx_toggle_allocation_gate+0x10/0x10
[ 1216.903602][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1216.909959][    C0]  process_scheduled_works+0xa63/0x1850
[ 1216.915554][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1216.921565][    C0]  ? assign_work+0x364/0x3d0
[ 1216.926194][    C0]  worker_thread+0x870/0xd30
[ 1216.930814][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[ 1216.936738][    C0]  ? __kthread_parkme+0x169/0x1d0
[ 1216.941783][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1216.946910][    C0]  kthread+0x2f0/0x390
[ 1216.951010][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 1216.956185][    C0]  ? __pfx_kthread+0x10/0x10
[ 1216.960810][    C0]  ret_from_fork+0x4b/0x80
[ 1216.965424][    C0]  ? __pfx_kthread+0x10/0x10
[ 1216.970040][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1216.974852][    C0]  </TASK>