last executing test programs:

51.996735698s ago: executing program 2 (id=1085):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000440)={0x2, 0x5, 0x4})
syz_open_dev$dri(0x0, 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000002c0)={0x8, 0xd7, 0x8})
close_range(r0, 0xffffffffffffffff, 0x0)
r3 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
r4 = syz_usb_connect$hid(0x6, 0x3f, &(0x7f0000000100)=ANY=[@ANYBLOB="1201500200000020711e00204008010203010905000001ffff600809040069e1778c66fcfbbe90bbaf650307020362fb836cd67419582505ea1469ec0cbd8ead0d9ecf0103040921ffff060126b8d5af4a02ab49d8051aaa6fbe60d9cda7775aa76b08a84d281a75b4e99fc1e7faadb34b402e309d2f6c08b2e670331daae59a740dfb236b9dfe144da9c514dca2f7c8586841a4de1f4e83f65e904da54992bbc1f270483d118f3abebf1f3f4303754db28716"], &(0x7f00000000c0)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x110, 0x5, 0x1, 0xc2, 0x10, 0x1}, 0x8, &(0x7f0000000580)=ANY=[@ANYBLOB="050fa765e60e0a8a3b2d000b"]})
r5 = eventfd(0x0)
r6 = getpid()
r7 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$uinput_user_dev(r7, &(0x7f0000000100)={'syz0\x00', {}, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8, 0xfffffff8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x45c)
ioctl$UI_DEV_SETUP(r7, 0x5501, 0x0)
readv(r7, &(0x7f0000001900)=[{&(0x7f0000000040)=""/65, 0x41}], 0x1)
write$input_event(r7, &(0x7f0000000000)={{0x77359400}, 0x15}, 0xfe4f)
fcntl$lock(r5, 0x24, &(0x7f00000002c0)={0x0, 0x0, 0x2000000, 0xffffffffffff0797, r6})
syz_usb_control_io$cdc_ecm(r3, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f00000001c0)=ANY=[@ANYRESHEX=r4, @ANYRESDEC=r3, @ANYBLOB="8dc62ecb9c81073278ff0424825f36", @ANYRES32=r4, @ANYRESDEC=r4, @ANYRESDEC=r5], 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r3, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

51.507867697s ago: executing program 2 (id=1089):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000940)=ANY=[@ANYBLOB="12010000a6ff0540cdabeecdb9050000000309021b00010000020009040000010103510009050300000000"], 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000010140)={0x50, 0x2, 0x6, 0x301, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x0}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x50}}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
syz_open_procfs$pagemap(0x0, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(0xffffffffffffffff, 0x29, 0x45, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_usb_connect(0x0, 0x5a, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0x95, 0x3d, 0x1e, 0x8, 0xc10, 0x0, 0xbd3b, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xfa, 0xb7, 0xd6}}]}}]}}, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x31, &(0x7f0000000000)=0x7fff, 0x4)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_SET_QOS_MAP(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x34, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_QOS_MAP={0x18, 0xc7, {[{}, {}, {}, {}, {}, {}], "946cc03601a528c7"}}]}, 0x34}}, 0x0)
bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
r7 = socket(0x2, 0x1, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r7, 0x6, 0x2a, 0x0, &(0x7f00000011c0)=0xff7b)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r8 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
msync(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x0)
ioctl$EVIOCGPROP(r8, 0x40047438, &(0x7f0000000180)=""/246)
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/address_bits', 0x202, 0x0)
write$binfmt_misc(r9, &(0x7f0000000100)=ANY=[@ANYBLOB='\\'], 0x4c)

45.733880984s ago: executing program 2 (id=1099):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0xfffffffffffffe5e)
r0 = syz_open_dev$video4linux(&(0x7f0000000840), 0x7f, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r1, r2, 0x2, 0x0, 0x0, @prog_id}, 0x20)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r1, 0x2, 0x0, 0x0, &(0x7f0000000280)=[0x0], 0x1, 0x0, &(0x7f00000014c0), 0x0, 0x0}, 0x40)
ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc040563e, &(0x7f0000000300)={0xda1, 0x0, 0x4})
r3 = getpid()
r4 = socket$inet_udp(0x2, 0x2, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r5, 0x89f1, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000140)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x1c, 0x0, 0x0, @local, @rand_addr=0x64010101}}}})
socketpair$unix(0x1, 0x0, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x17, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000711203000000000095"], &(0x7f0000000140)='syzkaller\x00', 0x5}, 0x90)
fsopen(0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0xea, 0xc2, 0x74, 0x40, 0xfd9, 0x2c, 0x518f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x84, 0xea, 0xa4}}]}}]}}, 0x0)
process_vm_writev(r3, &(0x7f0000000140)=[{&(0x7f0000000040)=""/204, 0xcc}, {&(0x7f00000001c0)=""/235, 0xeb}], 0x2, &(0x7f00000002c0)=[{&(0x7f0000000380)=""/170, 0xaa}], 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
r7 = socket$inet(0x2, 0x80001, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
getsockopt$inet_sctp_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r6, 0x84, 0x74, &(0x7f00000003c0)={r8, 0x0, 0x10}, &(0x7f00000000c0)=0x18)
socket$nl_xfrm(0x10, 0x3, 0x6)

42.260487074s ago: executing program 2 (id=1105):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x420000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='hugetlbfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000380)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cgroup.controllers\x00', 0x275a, 0x0)

41.471999974s ago: executing program 2 (id=1107):
r0 = socket(0x0, 0x0, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100), &(0x7f00000001c0)=0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r1}, 0x10)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000140))
syz_emit_vhci(&(0x7f0000001800)=ANY=[@ANYBLOB="03c800a4e0ec62c122083e14aeaa774fee50006a43d42682c6e82cdd220e05e29fa3f79c7b52b61a7e6f41d7aa43b598739d826c249396af41527f8e5a7c4ff297919ed04f1a71c5ccae02a5b2ccd8000100124c70a9f4272923e50d1c98e119318d87e86909069b85fe955b12ed6a3118676eab414767f6a6bc2a99eb1f00cd9d14310e93e62b8f19271b74c4712203d8d1e3fd211f7812b283cbc2517b3aebe9cb39ba4f07d7b1fc48d2c48b715ef9a358ec0239e5d9a53750e2fb3b1720d73926445dda62ee410bc4ec0592ac3e31f5582ecc0aba0d055c0739887e498fae26d4827f4c248bd2ca5884878f8454f56c5a01c0e0bd2293630cba9d0ba8de11d05048082b12b58e265d6050f6f755b487094d4e3fa1587261a55734534f13d6dd771ad171a942314fe2e69f9ed2fc09e1a252b0bd1f1c255e99ab963dc2ad1a897968b42ae4d8d3d10e24aaf1d26f45ce95000000d7b2d5c7ab03043d664c734779822b628ac827c85585c0d53159d0a1ea628af56a242abf2ddb9cf8d0a5b60449d9f6b8a9d03cd8b7f65106dedb7ecc2c728ee87da803af1005fa27a480cabb708b47fbba5848b6e7e17e344783ca4622a6e9b9575838294f0696b853cfa004d684f51a00bc68c345c09cac8dd6e038c455bc3e60acea6b807fb3d9a35abc86e3cfbaa653c4b06643215fe072331aef1a033a49426d6e61fcc29ee8589e81d7e56857b14096d3cfa7325fe6cdce4f1d4fc337f748fde70cf3af399fcce542d9d9d18fdefe1737f7e4a7a31f489efec931b83e8b22e4c63b6f84f830585088c53ba4a8437ec2556804fde574683e0b3ddaeaeddf805dff5bfc7b74fd81350ee06846914d26e365164ee10531c14b6ae977"], 0xa8)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
r3 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_DQEVENT(r3, 0x80885659, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e0043244bc8000b664631461e24"], 0xf)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x55}, {0x6, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0x7, "d4e8bc", 0x30, 0x3}, {@any, 0x6a, 0x6, "c6414f", 0x5, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x0, 0x1, "669ef2", 0x7, 0x10}, {@none, 0x2, 0x8, "9d8975", 0x3, 0x8}, {@none, 0x0, 0x4, "c46b03", 0x8}, {@any, 0x2, 0x3, "6afb8e", 0x9, 0x68}]}}}, 0x58)
fadvise64(0xffffffffffffffff, 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
socket$unix(0x1, 0x5, 0x0)
connect$nfc_raw(0xffffffffffffffff, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$packet(0x11, 0x0, 0x300)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r5 = syz_io_uring_setup(0x10d, &(0x7f00000003c0), &(0x7f0000000380)=<r6=>0x0, &(0x7f0000000180)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r5, 0x3f70, 0x0, 0x0, 0x0, 0x0)

15.731167097s ago: executing program 0 (id=1160):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$9p_tcp(&(0x7f0000000500), 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="74d8096865ea81a672616e733d7463702c706f72743d30783030303030303030303030"])
openat$iommufd(0xffffffffffffff9c, &(0x7f0000001e00), 0x0, 0x0)
prctl$PR_GET_NAME(0x10, 0x0)
r3 = open(&(0x7f0000000180)='./bus\x00', 0x14957e, 0x0)
socket(0x0, 0x0, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000280)='./bus\x00', &(0x7f0000000000)='ocfs2\x00', 0x0, 0x0)
r4 = openat$smackfs_change_rule(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$binfmt_script(r4, &(0x7f0000000200)={'#! ', './file0', [{0x20, '#! '}, {0x20, 'LAR^'}]}, 0x14)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat$uhid(0xffffffffffffff9c, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffd34)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)

14.533132608s ago: executing program 0 (id=1162):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x9)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_io_uring_setup(0x110, &(0x7f0000000140), &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
socket(0x10, 0x3, 0xc)
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f00000000c0)=[{0x30, 0x0, 0xfc, 0x3ee7}, {0x6, 0x4}]}, 0x10)
sendmmsg$unix(r2, &(0x7f0000002a00)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000100)="83b540a9", 0xb583}], 0x1}}], 0x1, 0x0)

13.448599722s ago: executing program 0 (id=1165):
socket(0x1, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0, r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x0, 0x0, 0xc}, 0x48)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
symlink(0x0, &(0x7f0000000000)='./bus\x00')
open(&(0x7f00009e1000)='./file0\x00', 0x0, 0x140)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000240)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000b40), 0x2b842ac, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x0, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r5 = openat$zero(0xffffffffffffff9c, &(0x7f0000000740), 0x8202, 0x0)
r6 = dup(r5)
sendfile(r6, 0xffffffffffffffff, 0x0, 0x89ffc)
mount$9p_fd(0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB, @ANYBLOB])
keyctl$unlink(0x17, 0x0, 0x0)

13.324580557s ago: executing program 1 (id=1166):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000040)=0xfffffd, 0x4)
connect$inet6(r0, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "b9dc05cc9591a0e9", "9d597b8566fb9b1ff9e847ef151545d4", "a483a4b2", "b2e71c7c92421350"}, 0x28)
socket$inet6(0x10, 0x2, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
epoll_create1(0x0)
socket$unix(0x1, 0x1, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
ppoll(&(0x7f0000000500)=[{r1}], 0x1, 0x0, 0x0, 0x0)
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000b40)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="34000000100001000000000000000000f4fe0000", @ANYRES32=r4, @ANYBLOB='\b\x00\x00\x00', @ANYRES32, @ANYBLOB="14002b8008000300", @ANYRES32=r3, @ANYBLOB="08000100", @ANYRES32], 0x34}], 0x1}, 0x0)

12.233154395s ago: executing program 1 (id=1167):
r0 = socket$inet6(0xa, 0x6, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
r1 = socket$inet6(0xa, 0x4, 0x4)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000f59ffc)=0x4, 0x4)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @mcast1={0xff, 0x2}, 0x4}, 0x1c)
sched_setscheduler(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x1)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0), 0x200, 0x0)
preadv(r2, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140), 0x24}}, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=@newtfilter={0x34, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0xd, 0x10}}, [@filter_kind_options=@f_route={{0xa}, {0x4}}]}, 0x34}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8b18, &(0x7f0000000000)={'wlan1\x00'})
socket$nl_generic(0x10, 0x3, 0x10)
timerfd_create(0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffffffc}]})
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x5)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)

12.176451175s ago: executing program 0 (id=1168):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0xfffffffffffffe5e)
r0 = syz_open_dev$video4linux(&(0x7f0000000840), 0x7f, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00'}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r1, r2, 0x2, 0x0, 0x0, @prog_id}, 0x20)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000380)={@cgroup=r1, 0x2, 0x0, 0x0, &(0x7f0000000280)=[0x0], 0x1, 0x0, &(0x7f00000014c0), 0x0, 0x0}, 0x40)
ioctl$VIDIOC_QUERYBUF_DMABUF(r0, 0xc040563e, &(0x7f0000000300)={0xda1, 0x0, 0x4})
getpid()
r3 = socket$inet_udp(0x2, 0x2, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000040)={'sit0\x00', &(0x7f0000000400)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast1}}}})
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r3, 0x89f3, &(0x7f00000001c0)={'syztnl0\x00', &(0x7f0000000140)={'gre0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x1c, 0x0, 0x0, @local, @rand_addr=0x64010101}}}})
socketpair$unix(0x1, 0x0, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x17, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18000000000000000000000000000000711203000000000095"], &(0x7f0000000140)='syzkaller\x00', 0x5}, 0x90)
fsopen(0x0, 0x0)
socket(0x2, 0x80805, 0x0)

11.864843583s ago: executing program 0 (id=1170):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x3c2942, 0x0)
syz_emit_ethernet(0x6a, &(0x7f0000000040)=ANY=[], 0x0)
syz_emit_ethernet(0xbe, &(0x7f00000008c0)=ANY=[], 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x7ffffdc2}]})
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
fadvise64(r0, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$SO_COOKIE(r1, 0x1, 0x28, 0x0, &(0x7f00000012c0))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
futex(0x0, 0x0, 0x0, 0x0, 0x0, 0xa0090199)
r3 = socket(0x2a, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=@newqdisc={0x24}, 0x24}}, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000500)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000540)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0x0, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002d00)=@newtfilter={0x300, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {}, {0x2}}, [@filter_kind_options=@f_matchall={{0xd}, {0x2cc, 0x2, [@TCA_MATCHALL_ACT={0x4}, @TCA_MATCHALL_ACT={0x2bc, 0x2, [@m_sample={0x134, 0xa, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_SAMPLE_PSAMPLE_GROUP={0x8, 0x5, 0x9}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x3}, @TCA_SAMPLE_TRUNC_SIZE={0x8, 0x4, 0x1}, @TCA_SAMPLE_RATE={0x8, 0x3, 0x3}]}, {0xe7, 0x6, "4079d3d97a801512986c5eff8d0d4373bd241bcaf11e1b60d8c95c4921d195614b6840a396e87acd8ee7185f2d85cf1e1ffbbc3bff397e15278c3a52ea758cd676b9293c8fb74474d63133e189a8a04a32164ef6e9fd349701c8df9f425ada736a6c29c6f9f8f05f2940c997249de12c4e6ba72a4955e61b7331c9783501a996debc1e524d58d744c43fd682923dd9d435b18ab8eb683c50dabeedc2e22de174310b9374dd04d1ce3595eb6ead20b8965939c7da418785df09980a9f7050fd7e85103e6d17c308b6bd467ad95aa992a67bfe257b00e45b9f9d8e53cf47b76f1752fb4a"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_gact={0x184, 0x6, 0x0, 0x0, {{0x9}, {0x70, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x2, 0x497, 0x4}}, @TCA_GACT_PARMS={0x18, 0x2, {0x401, 0xc64f, 0x20000000, 0x6, 0x7fff}}, @TCA_GACT_PARMS={0x18, 0x2, {0x3, 0x9, 0x10000000, 0xbda, 0x6}}, @TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x8000, 0x10000000, 0x1, 0x599}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x24b2}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x930, 0xffffffffffffffff}}]}, {0xe9, 0x6, "4f231723b053d38a6ba70be38304269b4ae72b0570e7edd745d15fd528358d83dec3d1d538f9b3560faf6d7bdf94ea8f8249460d700524ad2a45d2fa805c0b0ce92e33fdb9bd0279840ee4937541280e1e73e0211301ddf0b70934e933f8e780dc6d1cf17210374f7449b0d39668926ff2faac7bf63007adcdf79f0058d29220530168acca28a898c6c69bfb8e25ba3b67d89661f66ed189751f090e6ed10253f7b4721012d670aa2898545d1c28fb06c373b9a66b4af0cb9a7f07a9b0eb27dc0dd4cc5192c6c9b8f46cd60d9c9a9f76c020c367a5cf7f79317541b13b0f220c0feb15127e"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x3, 0x2}}}}]}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x6}]}}]}, 0x300}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
prctl$PR_SET_MM(0x23, 0x4, &(0x7f0000ff9000/0x4000)=nil)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
vmsplice(r6, &(0x7f0000000b80), 0x0, 0x0)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="03002c92733d663d", @ANYRESHEX, @ANYBLOB=',wfdno=', @ANYRESHEX, @ANYBLOB=',\x00'])
bind$inet(r7, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10)

11.319700127s ago: executing program 0 (id=1171):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$9p_tcp(&(0x7f0000000500), 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="74d8096865ea81a672616e733d7463702c706f72743d30783030303030303030303030"])
openat$iommufd(0xffffffffffffff9c, &(0x7f0000001e00), 0x0, 0x0)
prctl$PR_GET_NAME(0x10, 0x0)
r3 = open(&(0x7f0000000180)='./bus\x00', 0x14957e, 0x0)
socket(0x0, 0x0, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x0, 0x0)
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000280)='./bus\x00', &(0x7f0000000000)='ocfs2\x00', 0x0, 0x0)
r4 = openat$smackfs_change_rule(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$binfmt_script(r4, &(0x7f0000000200)={'#! ', './file0', [{0x20, '#! '}, {0x20, 'LAR^'}]}, 0x14)
r5 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat$uhid(0xffffffffffffff9c, 0x0, 0x0, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xfffffffffffffd34)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/stat\x00', 0x0, 0x0)
close_range(r6, 0xffffffffffffffff, 0x0)

8.914617893s ago: executing program 3 (id=1173):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x33, 0x0, 0x0)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
mprotect(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000740), 0x0, 0x0, 0x0})
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x15}], 0x1)
set_mempolicy(0x2, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

7.318845195s ago: executing program 1 (id=1175):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009"], 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), r1)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000fc0), r1)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000540)='./file0\x00', 0x202040, 0x9)
r4 = openat(r3, &(0x7f00000005c0)='./file0\x00', 0x0, 0x27)
preadv2(r4, &(0x7f0000000000)=[{0x0}], 0x1, 0x0, 0x0, 0x0)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'macvlan0\x00'})
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000004c0)={@ifindex, 0x3e, 0x0, 0x3d4d, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, 0x40)
r6 = add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
pipe2$watch_queue(&(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r6, r7, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x40, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPRESSIONS={0x4}]}], {0x14, 0x10}}, 0x88}}, 0x0)
r8 = memfd_create(&(0x7f0000000040)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
pwritev2(r8, &(0x7f0000002340)=[{&(0x7f0000000180)='?', 0x1}], 0x1, 0x0, 0x0, 0xd)
sendmsg$NL802154_CMD_SET_TX_POWER(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="4788010000000000000006"], 0x1c}}, 0x200048d0)
r9 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
write(r9, &(0x7f0000000140)="29000000140005b7000408674603efb6063c4ca40e07fff0797e0000000080000000005c0000200000", 0x29)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @global=@item_4={0x3, 0x1, 0x0, '\f\x00'}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @local=@item_4={0x3, 0x2, 0x0, "7900194b"}, @main=@item_4={0x3, 0x0, 0x8}, @local=@item_4={0x3, 0x2, 0x0, "09007a15"}, @local=@item_4={0x3, 0x2, 0x0, "5d8c3dda"}]}}, 0x0}, 0x0)

7.156039847s ago: executing program 3 (id=1177):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r1, 0x9e235000)
fadvise64(r0, 0x0, 0x0, 0x2)
r2 = syz_open_dev$usbfs(&(0x7f0000000000), 0x7, 0x301521)
ioctl$USBDEVFS_SUBMITURB(r2, 0x8038550a, &(0x7f0000000040)=@urb_type_bulk={0x3, {0x1}, 0x4a, 0xa9, &(0x7f00000000c0)="8cc2029c6716dafc8575d94204372b84a9e4050929223767de1c535b521039f953bcec6811dd384b730851957da900a46f6909aee5db653e1507b2416667b39e3e4baa0d28348af6b43165a5482bfa4306a335218307a7ad8ba6f7e14db354eaae06ea1ade73c3cabd1a30b160ec25673da004274a52df9ca9603bff0348c1128f129bafa40198eb2726f2a1238c9e25509a7558", 0x94, 0xb, 0x9, 0x3, 0xffff, 0x800, &(0x7f0000000180)="c8d4dbe262af7f730df3ba7f64716687a7b7dc5f3adec1dfb81c94fe6666b0e696684cfa0b576324be8fdf6c3ed65cedba0c632ac9c04bda8f9a0d296862c2090033c1132ebfff59689fc37d5da2edea2aa975a1e55f48ca03d52d5e0f3e8215ef09f3a97871ae4fa674a2462afd2bdf371c45e1b3eec89e0c10d3a79d4cce6c8f105716e753292feb3cbfa2356b1e2eae234ace2eb0de5c6c853b71c46465df156b74182be322afd0c43f0d0863d069a43026ec913a2e5f2af6f1560c362aef31e0c3c77799f3e406d2f275bdd95c72ea579292e050b7414b9933cf803b8a4aae"}) (async)
io_setup(0x0, &(0x7f00000030c0)) (async)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f00000021c0)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c71329afd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a", 0x2000, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)={0x90}, 0x0, 0x0, 0x0, 0x0})
recvmmsg(0xffffffffffffffff, &(0x7f00000051c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

6.30263967s ago: executing program 4 (id=1178):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000580)=@newqdisc={0x28, 0x24, 0x0, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0x0, 0xb}}, [@TCA_STAB={0x4}]}, 0x28}}, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000000c0), 0x3f, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x2200, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
open(0x0, 0x400141042, 0x0)
open(&(0x7f0000000140)='./bus\x00', 0x143142, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x0, 0x0)
r5 = open(0x0, 0x0, 0x149)
r6 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c00ff00", @ANYRES16=r6, @ANYBLOB="010000000000000000000700000008000b0000000000"], 0x1c}}, 0x0)
ioctl$LOOP_SET_STATUS64(r5, 0x4c04, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x0, 0x4, 0x0, "ef359f413bb90152f7d6d1ce5d29c3ee5e5ca9000f7c41499dc2aac63a01000000000000004faa2ad9c084a003ea00", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x0, 0x8]})
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f00000007c0)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@default_permissions}, {@default_permissions}, {@allow_other}, {@max_read={'max_read', 0x3d, 0x20000000006}}], [{@dont_measure}, {@flag='rw'}, {@subj_role={'subj_role', 0x3d, '*]'}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}]}})
lsetxattr$security_ima(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600), &(0x7f0000000640)=@md5={0x1, "fe0c279a5b535afd49a475113d7c06be"}, 0x11, 0x0)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r2, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r3}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)
sendmsg$inet(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000440)=[{&(0x7f0000000dc0)='>', 0x1}], 0x1}, 0x0)
write$cgroup_subtree(r1, 0x0, 0x0)

6.109164384s ago: executing program 3 (id=1179):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000440)={0x2, 0x4e25, @rand_addr=0x64010101}, 0x10)
socket(0x0, 0x80005, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399eb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0xfffffffd, 0xfffffffd}, 0x8, 0x10, &(0x7f0000000000), 0x1}, 0x90)
r1 = socket$nl_route(0x10, 0x3, 0x0)
getsockname(r1, &(0x7f00000000c0)=@xdp, &(0x7f0000000140)=0x80)
socket$netlink(0x10, 0x3, 0x0)
openat$drirender128(0xffffffffffffff9c, 0x0, 0x40, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r2}, 0x10)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000000)={'syztnl2\x00', &(0x7f0000000240)={'ip_vti0\x00', <r3=>0x0, 0x8000, 0x7800, 0xfff, 0x207, {{0x10, 0x4, 0x0, 0x34, 0x40, 0x68, 0x0, 0x40, 0x0, 0x0, @broadcast, @multicast1, {[@timestamp_addr={0x44, 0x1c, 0xb, 0x1, 0x6, [{@multicast2, 0x9}, {@private=0xa010101, 0x7fff}, {@broadcast, 0x2}]}, @ssrr={0x89, 0xb, 0x3a, [@empty, @broadcast]}, @noop, @ra={0x94, 0x4}]}}}}})
bind$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x1b, r3, 0x1, 0x5}, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
futex(&(0x7f000000cffc), 0xd, 0x0, 0x0, 0x0, 0x0)
sendmmsg$unix(r6, &(0x7f0000000b40), 0x2b842ac, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x15, 0x5, 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
open$dir(&(0x7f0000000080)='./file0\x00', 0x1, 0x0)
open$dir(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
inotify_init1(0x0)

5.027077832s ago: executing program 4 (id=1180):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r3 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0)
fcntl$lock(r3, 0x24, &(0x7f0000000740)={0x300})

4.638496671s ago: executing program 3 (id=1181):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$inet(r0, &(0x7f0000000ac0)={0x0, 0x34000, 0x0, 0x0, &(0x7f0000001c80)=[@ip_tos_u8={{0x11, 0x84}}], 0x18}, 0x0)

3.811612608s ago: executing program 1 (id=1182):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000b40)={'wpan4\x00', <r0=>0x0})
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(0xffffffffffffffff, &(0x7f0000000c00)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000bc0)={&(0x7f0000000c40)={0x50, 0x0, 0x1, 0x70bd28, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan4\x00'}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r0}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0xe3}, @IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_LLSEC_CMD_FRAME_ID={0x5, 0x34, 0x7}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x9}]}, 0x50}, 0x1, 0x0, 0x0, 0x24004004}, 0x4805)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f000000c380)='/proc/crypto\x00', 0x0, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
read$FUSE(r2, &(0x7f0000002240)={0x2020, 0x0, <r3=>0x0}, 0x2020)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000380)={0x2, &(0x7f0000000300)=[{0x5, 0xc8, 0xff, 0x81}, {0x1, 0x1, 0xff}]})
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYRESHEX=r3, @ANYRES32=r3, @ANYBLOB="a2b20100000000000000467b"], 0x120}, 0x1, 0x0, 0x0, 0x40104}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000100), 0xffffffffffffffff)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, 0x2}, 0x90)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x21, 0x3, 0x580, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x4b0, 0xffffffff, 0xffffffff, 0x4b0, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private2, @private2, [], [], 'veth0\x00', 'syzkaller1\x00'}, 0x0, 0x220, 0x248, 0x0, {}, [@common=@inet=@hashlimit2={{0x150}, {'sit0\x00', {0x0, 0x9, 0x0, 0x0, 0x0, 0x8, 0x5}}}, @inet=@rpfilter={{0x28}}]}, @common=@unspec=@NFQUEUE1={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@ipv6={@empty, @mcast1, [], [], 'batadv0\x00', 'veth1\x00'}, 0x0, 0x200, 0x268, 0x0, {}, [@common=@inet=@policy={{0x158}, {[{@ipv6=@private1, [], @ipv4=@remote}, {@ipv6=@dev, [], @ipv6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}, {@ipv4=@multicast2, [], @ipv6=@loopback}, {@ipv6=@rand_addr=' \x01\x00', [], @ipv4=@local}]}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x5e0)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r5}, 0x10)
fsopen(&(0x7f0000000040)='cgroup\x00', 0x0)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
mount$9p_tcp(&(0x7f0000000500), &(0x7f0000000540)='./file0\x00', &(0x7f0000000580), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="7472616e733d97300d24bb78003f3d307830303030303c303030303030303030302c70726976706f72742c00"])
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000000c0)={0x8, &(0x7f0000000100)=[{0x0, 0x0, 0x1f, 0x3}, {0x3, 0x24, 0x0, 0x6}, {0x81, 0x9, 0x81}, {0x9c0b, 0x2, 0x0, 0x2}, {0x8, 0x1, 0x3, 0x9}, {0x0, 0x9e, 0xa3, 0x3}, {0x5, 0x7, 0x80, 0x9641}, {0x5, 0x93, 0x80, 0x7}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

3.727930439s ago: executing program 3 (id=1183):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x46d, 0xca03, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x11, 0x5, &(0x7f0000000180)=ANY=[@ANYRESDEC=0x0, @ANYRES16=r0, @ANYRES8=r0, @ANYRES16=r0, @ANYRES32=r0, @ANYRESHEX=r0], &(0x7f00000000c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x43}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000140)='mmap_lock_acquire_returned\x00', r1}, 0x10)
futex(0x0, 0x1, 0x0, 0x0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

3.727336541s ago: executing program 4 (id=1184):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000014c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd12000000000000850000006d000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4e020f698393aa0f3881f9c24aa564f5199fad0093c59d66b5ece9f36c70d0f13905ea23c2262be4ac30f526fb8616a1847152f0f69c64c9f87f9793f50bb546040677b0c504b0080fb982c1e9400e693146cea484a415b76960300b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c29184ff7f0000cef809606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d858588d72ec29c48b45ef4adf634be763289d01aa27ae8b09e00b99ab20b0b8ed8fb7a68af2ad0000000000000006fa03c6468972089b302d7bf5a23cdcedb5e0125ebbcebdde510cb2364149215108333719acd97fa9e8828ee18e509ef3627cc675fcfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89131f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb07324ed2d1813335706719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a7aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996360a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b477632f32030916f89c6dad7603f2ba2a7909abd6faec2fed44da4928b30142ba11de6c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9bf7af4c0eb97fca585ee6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbfc8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57200000009700cf0b4b8bc229413300000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b6c4a000000002b435ac15fc0288d9b2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9ec747097c9c9ab600830689da6b53b263339863297771429d1200000041bf4a00fca0493cf29b33dcc9ff99acd160afd1ffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde4a594290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d164c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3ace0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa292601101b4326b51b8c2b7a30bcd703822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ecbbc55bf404e4e1f74b7eed82571be54c72d978d8906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd062c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91300bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458a35450804042b3eac10000b136345cf67c70d3ae6d5b8bc0d2e0efa3fb5aac518a75f9e7d7101d5e186c489b3a06dbce2ad1a764370c9a6ff963fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3dfb77ffe0f7f3ee9afe7befb89d277739901004c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea600000000000000099f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c90506000000000000001981c4238ecaee6f75cd0a6881bdb1cd93bc4cfcc144171d2d250c19a39c1517a8250df98674152f94e32409e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b01800000f1535bef1497c2bcc60c261cfcdab9c57fda5696922c14324b5a0ef92186086e29c67f644056d977350237abf9a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a6c70236061f0868afc4294845319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4213be5946912d6c98cd1a9fbe1e7d58c08acaf30235b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c3490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d4b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f68df75cf43f8ecc8d3726602111b40e763431ee97471c7868c6da7eea69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1735e5bdc0cf62eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedf81bf2e7ccbffffffff6331945e208ce4b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcd9867017f3f172632bfe51298f240430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6b70ebc660309e1e245b0fdf9743af930cd6db49a47613808bad959719c000000000000000000000000000000000000000000000000000000008cec1dfa7dfadcc5af36cc644432f7aceda858afb83d15947fe4222ce21f70f6b1c0871015d734bb96a5186355b7e48b1f4f1a3ab9cc4ebab3cadba718fcb5ea91c56c00e3189758f89c3b7a7234ef9b2cd2dc9734e71580ea595f7b941bf025dbff2b7b48761edd3e0eae324f0068a5344dfb22e11996d698efbc58890b42b18db4af022cd699e6ff509028a25133f1720d2ab6fdb5d3182d7904fd9b089271dc66d3c69b68e95d04dca3510d6ad88d3823eadd9c0b83ff0fc7701d4d7472817d25e3a1fadf797a71c9d9d1836b787c1fbf6d9d5ecbda981e2bf5587509371a0000000000000000001fb2f4c84586fec3f1fb83e9577d174b191c86602137be27bf596377617acb34b8b7fba307160ab95999a4c18ce88b559567d208d935a911d60f232997c3e719ab3262dd59a9d9e66baf8180f08493867640aa83be488d622f6b01a1b5b12c688a48e7a0cbd814d4e4bc0053155e0ea06b631c49a68d6d899949281a64441afa18eb15a190dbd682bd6726359c942e6b8f531939af18488710e52fc4d71d52c5eeb69658dab2b909ece3cd58b2e13c7c0b83217adc4d7928acb80df1967fc6759a34fd81b0081931a55eb2416c0d7cdbce44709d0b830f30129bd1e44d3b5c79a7fadd38833ee46bf2e108e6b3b9bf5ec025ca60213af542c4111d275dc0b2f402003019462832b67d2b90cc643e384b7eec6110a116ee51ada50933e678c774978b5101f3f56acf4a3b999f749e71b70491fa018f7b0000000000000000000000006dc4334a1b7f60c9eb5d5a3ddc9b72981c5f3942f16d09b3883132f4bddf62dd405e249d53ba47ddbd4282f683909225f3da7c8e12b548484c64f4f06055c9e31a78b9cb7bdd84dc67060bfb03cfa98f8dbe6c784fe4e52e9882feccb59cd2a8c4e6cc830e2137967b50bda8aab7f544b0d08dfc1934516792197c8d563514056c4ddf4574bdbbd8613d3f021b316844d35c3e3fbf883ec4f26fa185c349c6b7685e77eb801e5d1c50124462bf7b0ae65b1dd7368a32546d3814313deee004e69d21cfc1b8a0f5ea23761619752040541ff6e2fb7d7a4b0240b25ef41ce19db0ba91d0615e300aacd5bf27bfd816721b08e51bf87970b3f0192b8515f87e83ab69e47ca2f68e5ee29c0f946f7692f5076f990cd85ddca09006113a5205b2a8f2bd6c2ee70f88a8272911ae04e441bbc0390456e203a5073de0b22e"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0xe)
socket$unix(0x1, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x1, 0x0)
r1 = syz_open_procfs(0x0, 0x0)
pipe2$9p(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$packet(0x11, 0x0, 0x300)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
sendmsg$IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)=ANY=[@ANYBLOB="147f", @ANYRES16=0x0, @ANYBLOB="02000000000000008000250000000600060002"], 0x1c}}, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl(r6, 0x8b32, &(0x7f0000000040))
r7 = dup(r5)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x4000000020042, 0x0)
r9 = dup(r8)
sendfile(r9, r7, 0x0, 0x89ffc)
read$FUSE(0xffffffffffffffff, &(0x7f0000008180)={0x2020}, 0x2020)
read$FUSE(r1, &(0x7f0000006140)={0x2020}, 0x2020)
r10 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r10, 0x0, 0x0)

1.73131237s ago: executing program 4 (id=1185):
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000000)={[0x10000]}, 0x8)
ioctl$TUNGETIFF(r0, 0x800454d2, &(0x7f0000000040)={'bond0\x00'})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000080)={0x0, "3696031026bde8cd3a78ddcaf352ec82448f597b69526e9f425487f96dfdcb9d"})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x2c842, 0x0)
write(r1, &(0x7f0000000100)="34b9c2", 0x3)
sendto$inet6(r0, &(0x7f0000000140), 0x0, 0x10, &(0x7f0000000180)={0xa, 0x4e21, 0x8, @private0={0xfc, 0x0, '\x00', 0x1}, 0x1}, 0x1c)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0)
fcntl$setstatus(r2, 0x4, 0x42000)
r3 = syz_open_dev$admmidi(&(0x7f0000000200), 0x800, 0x311300)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r3, 0x810c5701, &(0x7f0000000240))
r4 = syz_genetlink_get_family_id$devlink(&(0x7f00000003c0), r0)
sendmsg$DEVLINK_CMD_SB_OCC_SNAPSHOT(r0, &(0x7f0000000580)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000540)={&(0x7f0000000400)={0x12c, r4, 0x8, 0x70bd26, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x80}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x84}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x5}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x7ff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x9}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0xfffffffa}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x1ff}}]}, 0x12c}, 0x1, 0x0, 0x0, 0x40}, 0x8001)
ioctl$SYNC_IOC_MERGE(r0, 0xc0303e03, &(0x7f00000005c0)={"8b789ccfae1faf98bca056a50efbd4e16b44e4239ff7a412229a4d6fc79b98ed", r0})
r5 = syz_open_dev$dri(&(0x7f0000000600), 0x81, 0x600)
ioctl$DRM_IOCTL_ADD_MAP(r5, 0xc0286415, &(0x7f0000000640)={&(0x7f0000ffb000/0x2000)=nil, 0x60, 0x2, 0x3})
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000000680)={{0x1, 0x1, 0x18, <r6=>r2, {0x4}}, './file0\x00'})
connect$unix(r6, &(0x7f00000006c0)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmsg$DEVLINK_CMD_TRAP_GET(r6, &(0x7f0000000900)={&(0x7f0000000740)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000008c0)={&(0x7f0000000780)={0x140, r4, 0x200, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}}]}, 0x140}, 0x1, 0x0, 0x0, 0x4000080}, 0x404a801)
r7 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000940), 0x60801, 0x0)
fsync(r7)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$FS_IOC_MEASURE_VERITY(r3, 0xc0046686, &(0x7f0000000980)={0x3, 0x99, "7a7bcecba60e5f02003ee6c7dd7eb9e534c93dc1ed351df21e62019bf5e63401034cc59ad6939733fb1647e4288c7db367cc7b303c468ae299f246a6be2b71faa09478dcae91943054cb936c556f2a64b1dd8609c96f8a241d66ee2d5a587e80c74d2c838dd04e55eb38fbcf22d17d59a49133bd3f5626fc0497122948572215f8d73eeebf1b626d39ca7fc08a6c8ffc5d0d3804c2d601dc2d"})
setsockopt$sock_attach_bpf(r8, 0x1, 0x32, &(0x7f0000000a40)=r0, 0x4)
ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0286405, &(0x7f0000000b40)={0xfaf, 0x81, {}, {<r9=>0xee00}, 0x3, 0x8})
mount$9p_tcp(&(0x7f0000000a80), &(0x7f0000000ac0)='./file1\x00', &(0x7f0000000b00), 0x200840, &(0x7f0000000b80)={'trans=tcp,', {'port', 0x3d, 0x4e21}, 0x2c, {[{@cache_loose}, {@cachetag}, {@version_L}, {@aname={'aname', 0x3d, 'devlink\x00'}}, {@version_9p2000}, {@cache_none}, {@cache_fscache}, {@access_user}, {@access_client}, {@aname={'aname', 0x3d, 'source_mac_is_multicast\x00'}}], [{@uid_eq={'uid', 0x3d, r9}}, {@appraise}]}})
r10 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000c80)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x6, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x1}, 0x48)
fcntl$getownex(r10, 0x10, &(0x7f0000000d00))
r11 = dup(r6)
write$tun(r11, &(0x7f0000000d40)={@val={0x0, 0x201}, @val={0x0, 0x0, 0x2, 0x4, 0x7f, 0x8000}, @mpls={[{0x7}, {0x4}, {0x800}, {0x1000}, {0x80, 0x0, 0x1}, {0x2, 0x0, 0x1}], @ipv4=@gre={{0xf, 0x4, 0x0, 0x1, 0x1ec, 0x64, 0x0, 0x6, 0x2f, 0x0, @loopback, @multicast2, {[@ra={0x94, 0x4, 0x1}, @ssrr={0x89, 0x23, 0xdb, [@empty, @local, @rand_addr=0x64010100, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty, @empty, @multicast1, @remote]}]}}, {{0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x880b, 0x9e, 0x1, [], "9052347e716d0a5a1f0e309d53d3b5d4ca91f0af93b86d73b22c7a3512b5992752499cc29fde797c8060f68d0321295ed3b82f7c8f1177ac14150ecfcd3d4014ea28de08e3d812600fc58564a04dc372280aa25f9caf558fa731795efcc93f0dbed592d7e8db06586a75547dc2812464b7de69e7839e9413c5540c5b36aaf36fbf564627b57159300417f6dcf93ed339f55031920a1889ea38792a21257f"}, {0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x800, [0x5, 0x608d], "0fd8c4561e92ab14e1ce4d42e0764580e752879343ce3abc6fed90343b05a8f2ef16d31a0487e42433acf472d180cc666d73c8bd04f9cac820b48ee9598ff2"}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd, [0xb6, 0x7ff], "29c315b4cb209cdf1ccf285693b5e2bfe7f973f4fbcef9bb04ea318a"}, {0x8, 0x88be, 0x3, {{0x3, 0x1, 0x5, 0x2, 0x0, 0x2, 0x7, 0x3}, 0x1, {0x1}}}, {0x8, 0x22eb, 0x1, {{0x3, 0x2, 0x9, 0x1, 0x0, 0x1, 0x5, 0x8}, 0x2, {0xb0cb, 0xf, 0x2, 0x1a, 0x0, 0x0, 0x2, 0x0, 0x1}}}, {0x8, 0x6558, 0x1, "d7d0be5783c3155c9f781c9afa525b4c04a211515904491d6e6138533f262169d9fd5a790c9214b218e712bec087368f46f83208a4173dd5c5b6f8ef7dc8f7f02c30588bff394f1aaf74e708adef861d8aca8906f28369af65a787a4d404e4c43ce8d25f08bae2592b0c29"}}}}}, 0x212)
mknodat$null(r6, &(0x7f0000000f80)='./file1\x00', 0x400, 0x103)

1.677291442s ago: executing program 1 (id=1186):
r0 = socket(0x1e, 0x1, 0x0)
connect$tipc(r0, &(0x7f0000000000)=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x10)
r1 = syz_io_uring_setup(0x19d3, &(0x7f00000003c0)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r8 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r10 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r9}, 0x10)
r11 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r11, 0x6, 0x24, &(0x7f00000000c0)=0x5, 0x4)
socket$packet(0x11, 0x3, 0x300)
bind$inet(r11, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
socketpair(0x0, 0x0, 0x0, &(0x7f0000000180)={<r12=>0xffffffffffffffff})
getrlimit(0xc, &(0x7f0000000380))
r13 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xb, 0xc, 0x4, 0xc4f, 0x1, 0x1}, 0x48)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000b40)={&(0x7f0000000480)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000000a40)=[{&(0x7f0000000500)="b50dafbd7933378d35cc11b7b4d0dbef20f043730469797600d562cbb9582f9bddf1c2b512297b36bd3f47b4f405ed2adff20b2d7b92b9bf7de95e3cfe2d685b36c8da0c0a32a21f59220e21a1c1de06f49bff2b9db8101792e7a1d2cf810f5c7d29f5b2377cc1a9548132af5dc57ecbc1ce7a53ae3f8ab3f2166f378744a284938a7d1ea6a410c9674c4ffbb0a2ec753fa551f97c7d2edcf59eade42674fb7f47bd98b0bab9aea2ce8bc9e01ebf884d1d9b91f13397e404eee53988b4237d9b21cf073b1f2f7feee6f7dacd132862f1ddb118c1c1af7b3466f0c1957bbd67ece50eba180f7466", 0xe7}, {&(0x7f0000000600)="40dc127c49fd73cc483c40ebd9758e73e830de64f11dc44579c6127aa6039561e4c5b484ae6930591ed1b748e006cc554c67df87c6e033ef27e4d1ee8290dbbf8eddfa17030794e3a5c575efd4c9fcc15a1e7594d5e00e7d933a9928e8db5145f24dc904d0be43eea3d83a", 0x6b}, {&(0x7f0000000780)="2b67f727cf2605ee888cd5d97092a78bc9393622388ea75d35a0487a55bebbd833537837b6045b1c36c96440a9deec84a8a28bd9bd8d31aa59b2ee6e262d4701861b4acb217b793e76e8a5d5beaf46d8f3fc662e8ff599287dd508ec97021bd7667872316221eb522e2271dbf7341a3676da97acd77b26a01f8de06f503e1f0d13e97bd95737816cb142fd95bce38a533c41eba5c9bfa1d0dbae7aaf872908f41a116754316e81018763c14cf8edc5cefc1ca2ab1b6ef2c3c0f3d83db2", 0xbd}, {&(0x7f0000000700)="8a9f1da88658803403348a6cf97eddf228758202", 0x14}, {&(0x7f0000000840)="19b9846f751af79c229dbf5d952ab9c52cff6d24c2571cccf0f1047f08680ffc33072db3e64cbd06792cf296fff598ec86cbf3ab1d0c723f528a3d1facf7aa", 0x3f}, {&(0x7f0000000880)="cb00da43e909a8602c05f07a6829854ef7555ba4d1f579187b076c3da32f3a0e41f7e0d3629d6a6e07de8a0726e8677333bef9a0c94ca123953deb8d00816dd97613438dcec6d9bf94ce36b09f51175173873f6859ab6f599928cff7e0ecac21a875201b82e70d4ce5121ff07affb92b9dab86146108875962e42c7b44adc111023c7913eabf7ff2ea26121ac53ee98d735e356836cbd67fe4f28613babb9f9c1954f5e4dcf2b3b335a557cf99091492c72ff76c31dd1b0b646d30d1e8495ee61bf64c1c75b243e3ea0afdc0fd162527749d7ee980500f8edd9c6f1174b7", 0xde}, {&(0x7f0000000980)="a964ae30915b63d9355d6d592cc17980f3c661f2c19bda10b84b83a3011cdfeac46265ec790ca7d6a4fe33be8a491406b0d2c8c579e468ef09ff077d70bd69f4bdca4a789bf23b73", 0x48}, {&(0x7f0000000a00)="13", 0x1}], 0x8, &(0x7f0000000b00)=[@rights={{0x20, 0x1, 0x1, [r10, 0xffffffffffffffff, r0, r11]}}, @rights={{0x18, 0x1, 0x1, [r12, r13]}}], 0x38, 0x4}, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000100), 0x6c7, r13}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000001c0)={0x0, &(0x7f0000000280)=""/225, &(0x7f0000000040), &(0x7f0000000380), 0x3, r13}, 0x38)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_SYMLINKAT={0x26, 0x4, 0x0, 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x1, {0x0, r4}})
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)

1.332049692s ago: executing program 4 (id=1187):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x33, 0x0, 0x0)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
mprotect(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000740), 0x0, 0x0, 0x0})
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x15}], 0x1)
set_mempolicy(0x2, &(0x7f0000000080)=0xfffffffffffffffd, 0x4)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

1.146316504s ago: executing program 3 (id=1188):
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x31, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000340), 0xffffffffffffffff)
syz_genetlink_get_family_id$batadv(&(0x7f0000000180), r0)
sendmsg$BATADV_CMD_GET_HARDIF(r0, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x4000)
socket$inet6_sctp(0xa, 0x5, 0x84)
sendmmsg$inet(r1, 0x0, 0x0, 0x4000000)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r4, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x0)
munmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000)
msync(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000001840), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r5, &(0x7f00000019c0)={0x0, 0x0, &(0x7f0000001980)={&(0x7f00000004c0)=ANY=[@ANYBLOB="84fb18c598dbcea084000091", @ANYRES16=r6, @ANYBLOB="01000000000000000000420000000e008e006e657464657673696d0000000f0002006e657464657673696d3000000d0087006c325f64726f70730000000005008300000000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000d0087006c325f64726f7073000000000500830000000000"], 0x84}}, 0x0)
fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff)
setpgid(0x0, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010700000000000000000a00000008000300", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x0)

275.496983ms ago: executing program 1 (id=1189):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = syz_io_uring_setup(0x24fa, 0x0, &(0x7f0000000100), &(0x7f0000000140)=<r2=>0x0) (async, rerun: 64)
r3 = socket$can_bcm(0x1d, 0x2, 0x2) (rerun: 64)
syz_io_uring_submit(0x0, r2, &(0x7f0000000040)=@IORING_OP_CONNECT={0x10, 0x0, 0x0, r3, 0x0, 0x0})
io_uring_enter(r1, 0xa3d, 0x0, 0x0, 0x0, 0x0)
r4 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r4, 0x0) (async)
madvise(&(0x7f0000112000/0x2000)=nil, 0x2000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0) (async)
socket(0x0, 0x0, 0x0) (async)
unshare(0x0)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x61)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000300)='/sys/power/image_size', 0x0, 0x0) (async)
unshare(0x6a040000)
iopl(0x3) (async, rerun: 64)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) (async, rerun: 64)
mkdir(&(0x7f0000000300)='./file0\x00', 0x1d5) (async, rerun: 64)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x88, 0x8b}, 0x0) (rerun: 64)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) (async)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)

102.865956ms ago: executing program 2 (id=1107):
r0 = socket(0x0, 0x0, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100), &(0x7f00000001c0)=0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000040)='percpu_alloc_percpu\x00', r1}, 0x10)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000140))
syz_emit_vhci(&(0x7f0000001800)=ANY=[@ANYBLOB="03c800a4e0ec62c122083e14aeaa774fee50006a43d42682c6e82cdd220e05e29fa3f79c7b52b61a7e6f41d7aa43b598739d826c249396af41527f8e5a7c4ff297919ed04f1a71c5ccae02a5b2ccd8000100124c70a9f4272923e50d1c98e119318d87e86909069b85fe955b12ed6a3118676eab414767f6a6bc2a99eb1f00cd9d14310e93e62b8f19271b74c4712203d8d1e3fd211f7812b283cbc2517b3aebe9cb39ba4f07d7b1fc48d2c48b715ef9a358ec0239e5d9a53750e2fb3b1720d73926445dda62ee410bc4ec0592ac3e31f5582ecc0aba0d055c0739887e498fae26d4827f4c248bd2ca5884878f8454f56c5a01c0e0bd2293630cba9d0ba8de11d05048082b12b58e265d6050f6f755b487094d4e3fa1587261a55734534f13d6dd771ad171a942314fe2e69f9ed2fc09e1a252b0bd1f1c255e99ab963dc2ad1a897968b42ae4d8d3d10e24aaf1d26f45ce95000000d7b2d5c7ab03043d664c734779822b628ac827c85585c0d53159d0a1ea628af56a242abf2ddb9cf8d0a5b60449d9f6b8a9d03cd8b7f65106dedb7ecc2c728ee87da803af1005fa27a480cabb708b47fbba5848b6e7e17e344783ca4622a6e9b9575838294f0696b853cfa004d684f51a00bc68c345c09cac8dd6e038c455bc3e60acea6b807fb3d9a35abc86e3cfbaa653c4b06643215fe072331aef1a033a49426d6e61fcc29ee8589e81d7e56857b14096d3cfa7325fe6cdce4f1d4fc337f748fde70cf3af399fcce542d9d9d18fdefe1737f7e4a7a31f489efec931b83e8b22e4c63b6f84f830585088c53ba4a8437ec2556804fde574683e0b3ddaeaeddf805dff5bfc7b74fd81350ee06846914d26e365164ee10531c14b6ae977"], 0xa8)
openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
r3 = syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
ioctl$VIDIOC_DQEVENT(r3, 0x80885659, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e0043244bc8000b664631461e24"], 0xf)
syz_emit_vhci(&(0x7f0000000300)=@HCI_EVENT_PKT={0x4, @inquiry_info_with_rssi={{0x22, 0x55}, {0x6, [{@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x0, 0x7, "d4e8bc", 0x30, 0x3}, {@any, 0x6a, 0x6, "c6414f", 0x5, 0x3}, {@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x12}, 0x0, 0x1, "669ef2", 0x7, 0x10}, {@none, 0x2, 0x8, "9d8975", 0x3, 0x8}, {@none, 0x0, 0x4, "c46b03", 0x8}, {@any, 0x2, 0x3, "6afb8e", 0x9, 0x68}]}}}, 0x58)
fadvise64(0xffffffffffffffff, 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
socket$unix(0x1, 0x5, 0x0)
connect$nfc_raw(0xffffffffffffffff, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$packet(0x11, 0x0, 0x300)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r5 = syz_io_uring_setup(0x10d, &(0x7f00000003c0), &(0x7f0000000380)=<r6=>0x0, &(0x7f0000000180)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r5, 0x3f70, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 4 (id=1190):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount$9p_tcp(&(0x7f0000000500), 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="74d8096865ea81a672616e733d7463702c706f72743d30783030303030303030303030"])
openat$iommufd(0xffffffffffffff9c, &(0x7f0000001e00), 0x0, 0x0)
prctl$PR_GET_NAME(0x10, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x14957e, 0x0)
socket(0x0, 0x0, 0x0)
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000280)='./bus\x00', &(0x7f0000000000)='ocfs2\x00', 0x0, 0x0)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat$uhid(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

81][ T5270] elecom 0003:056E:00E6.0012: item fetching failed at offset 2/5
[  395.636663][ T5270] elecom 0003:056E:00E6.0012: probe with driver elecom failed with error -22
[  396.536925][ T9304] netlink: 16 bytes leftover after parsing attributes in process `syz.0.775'.
[  396.656468][   T29] audit: type=1326 audit(1722149974.769:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9297 comm="syz.0.775" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4c2bb77299 code=0x0
[  396.915063][ T5271] usb 5-1: USB disconnect, device number 22
[  397.341906][ T5271] usb 4-1: USB disconnect, device number 16
[  397.353158][   T29] audit: type=1326 audit(1722149975.519:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9312 comm="syz.0.777" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4c2bb77299 code=0x0
[  397.521967][ T9321] FAULT_INJECTION: forcing a failure.
[  397.521967][ T9321] name fail_futex, interval 1, probability 0, space 0, times 1
[  397.641681][ T9321] CPU: 1 UID: 0 PID: 9321 Comm: syz.0.777 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  397.652013][ T9321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  397.662112][ T9321] Call Trace:
[  397.665446][ T9321]  <TASK>
[  397.668495][ T9321]  dump_stack_lvl+0x241/0x360
[  397.673238][ T9321]  ? __pfx_dump_stack_lvl+0x10/0x10
[  397.678501][ T9321]  ? __pfx__printk+0x10/0x10
[  397.683130][ T9321]  ? register_lock_class+0x102/0x980
[  397.688476][ T9321]  ? __pfx_register_lock_class+0x10/0x10
[  397.694153][ T9321]  ? __lock_acquire+0x137a/0x2040
[  397.699221][ T9321]  should_fail_ex+0x3b0/0x4e0
[  397.703944][ T9321]  get_futex_key+0x17c/0x1050
[  397.708662][ T9321]  ? __pfx_get_futex_key+0x10/0x10
[  397.713799][ T9321]  ? __lock_acquire+0x137a/0x2040
[  397.718863][ T9321]  futex_wake+0x12a/0x5c0
[  397.723239][ T9321]  ? __pfx_futex_wake+0x10/0x10
[  397.728141][ T9321]  do_futex+0x392/0x560
[  397.732332][ T9321]  ? __pfx_do_futex+0x10/0x10
[  397.737037][ T9321]  ? __might_fault+0xaa/0x120
[  397.741831][ T9321]  mm_release+0x193/0x430
[  397.746189][ T9321]  ? exit_robust_list+0x2cf/0x2f0
[  397.751247][ T9321]  ? __pfx_mm_release+0x10/0x10
[  397.756125][ T9321]  ? _raw_spin_unlock_irq+0x23/0x50
[  397.761353][ T9321]  ? lockdep_hardirqs_on+0x99/0x150
[  397.766593][ T9321]  exit_mm+0xb0/0x310
[  397.770600][ T9321]  ? __pfx_exit_mm+0x10/0x10
[  397.775213][ T9321]  ? taskstats_exit+0x326/0xa60
[  397.780107][ T9321]  do_exit+0x9b2/0x27f0
[  397.784290][ T9321]  ? preempt_schedule_common+0x84/0xd0
[  397.789783][ T9321]  ? __pfx_do_exit+0x10/0x10
[  397.794400][ T9321]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  397.800424][ T9321]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  397.806794][ T9321]  ? preempt_schedule_thunk+0x1a/0x30
[  397.812200][ T9321]  do_group_exit+0x207/0x2c0
[  397.816829][ T9321]  __x64_sys_exit_group+0x3f/0x40
[  397.821877][ T9321]  x64_sys_call+0x26c3/0x26d0
[  397.826601][ T9321]  do_syscall_64+0xf3/0x230
[  397.831134][ T9321]  ? clear_bhb_loop+0x35/0x90
[  397.835852][ T9321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  397.841779][ T9321] RIP: 0033:0x7f4c2bb77299
[  397.846225][ T9321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  397.865946][ T9321] RSP: 002b:00007f4c2c8faa78 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[  397.874395][ T9321] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00007f4c2bb77299
[  397.882398][ T9321] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000b
[  397.890395][ T9321] RBP: 00007f4c2c8fb0a0 R08: 00007f4c2c8fae07 R09: 000000000000000b
[  397.898395][ T9321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  397.906393][ T9321] R13: 000000000000006e R14: 00007f4c2bd06208 R15: 00007ffcec356fa8
[  397.914408][ T9321]  </TASK>
[  397.917598][    C1] vkms_vblank_simulate: vblank timer overrun
[  397.979740][ T9324] FAULT_INJECTION: forcing a failure.
[  397.979740][ T9324] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  398.014395][ T9324] CPU: 0 UID: 0 PID: 9324 Comm: syz.3.779 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  398.024705][ T9324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  398.034798][ T9324] Call Trace:
[  398.038159][ T9324]  <TASK>
[  398.041105][ T9324]  dump_stack_lvl+0x241/0x360
[  398.045801][ T9324]  ? __pfx_dump_stack_lvl+0x10/0x10
[  398.051014][ T9324]  ? __pfx__printk+0x10/0x10
[  398.055616][ T9324]  ? __pfx_lock_release+0x10/0x10
[  398.060662][ T9324]  should_fail_ex+0x3b0/0x4e0
[  398.065366][ T9324]  _copy_from_iter+0x1f6/0x1960
[  398.070227][ T9324]  ? __virt_addr_valid+0x183/0x530
[  398.075364][ T9324]  ? __pfx_lock_release+0x10/0x10
[  398.080416][ T9324]  ? __alloc_skb+0x28f/0x440
[  398.085021][ T9324]  ? __pfx__copy_from_iter+0x10/0x10
[  398.090315][ T9324]  ? __virt_addr_valid+0x183/0x530
[  398.095441][ T9324]  ? __virt_addr_valid+0x183/0x530
[  398.100567][ T9324]  ? __virt_addr_valid+0x45f/0x530
[  398.105684][ T9324]  ? __check_object_size+0x49c/0x900
[  398.110986][ T9324]  netlink_sendmsg+0x73d/0xcb0
[  398.115777][ T9324]  ? __pfx_netlink_sendmsg+0x10/0x10
[  398.121077][ T9324]  ? __import_iovec+0x536/0x820
[  398.125939][ T9324]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  398.131232][ T9324]  ? security_socket_sendmsg+0x87/0xb0
[  398.136704][ T9324]  ? __pfx_netlink_sendmsg+0x10/0x10
[  398.141996][ T9324]  __sock_sendmsg+0x221/0x270
[  398.146685][ T9324]  ____sys_sendmsg+0x525/0x7d0
[  398.151469][ T9324]  ? __pfx_____sys_sendmsg+0x10/0x10
[  398.156786][ T9324]  __sys_sendmsg+0x2b0/0x3a0
[  398.161392][ T9324]  ? __pfx___sys_sendmsg+0x10/0x10
[  398.166518][ T9324]  ? vfs_write+0x7c4/0xc90
[  398.170983][ T9324]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  398.177342][ T9324]  ? do_syscall_64+0x100/0x230
[  398.182137][ T9324]  ? do_syscall_64+0xb6/0x230
[  398.186834][ T9324]  do_syscall_64+0xf3/0x230
[  398.191360][ T9324]  ? clear_bhb_loop+0x35/0x90
[  398.196063][ T9324]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  398.201987][ T9324] RIP: 0033:0x7fd876d77299
[  398.206413][ T9324] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  398.226041][ T9324] RSP: 002b:00007fd877a98048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  398.234465][ T9324] RAX: ffffffffffffffda RBX: 00007fd876f05f80 RCX: 00007fd876d77299
[  398.242443][ T9324] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000004
[  398.250417][ T9324] RBP: 00007fd877a980a0 R08: 0000000000000000 R09: 0000000000000000
[  398.258392][ T9324] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  398.266371][ T9324] R13: 000000000000000b R14: 00007fd876f05f80 R15: 00007ffe4dc8a6a8
[  398.274376][ T9324]  </TASK>
[  398.323258][ T9327] netlink: 8 bytes leftover after parsing attributes in process `syz.0.780'.
[  399.006450][   T29] audit: type=1326 audit(1722149977.169:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9330 comm="syz.3.782" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd876d77299 code=0x0
[  399.837950][ T9348] FAULT_INJECTION: forcing a failure.
[  399.837950][ T9348] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  399.915115][ T9348] CPU: 0 UID: 0 PID: 9348 Comm: syz.1.785 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  399.925518][ T9348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  399.935615][ T9348] Call Trace:
[  399.938928][ T9348]  <TASK>
[  399.941892][ T9348]  dump_stack_lvl+0x241/0x360
[  399.946613][ T9348]  ? __pfx_dump_stack_lvl+0x10/0x10
[  399.951853][ T9348]  ? __pfx__printk+0x10/0x10
[  399.956492][ T9348]  ? __pfx_lock_release+0x10/0x10
[  399.961569][ T9348]  should_fail_ex+0x3b0/0x4e0
[  399.966308][ T9348]  _copy_from_iter+0x1f6/0x1960
[  399.971190][ T9348]  ? __virt_addr_valid+0x183/0x530
[  399.976335][ T9348]  ? __pfx_lock_release+0x10/0x10
[  399.981414][ T9348]  ? __alloc_skb+0x28f/0x440
[  399.986058][ T9348]  ? __pfx__copy_from_iter+0x10/0x10
[  399.991473][ T9348]  ? __virt_addr_valid+0x183/0x530
[  399.996620][ T9348]  ? __virt_addr_valid+0x183/0x530
[  400.001844][ T9348]  ? __virt_addr_valid+0x45f/0x530
[  400.006979][ T9348]  ? __check_object_size+0x49c/0x900
[  400.012284][ T9348]  netlink_sendmsg+0x73d/0xcb0
[  400.017076][ T9348]  ? __pfx_netlink_sendmsg+0x10/0x10
[  400.022372][ T9348]  ? __import_iovec+0x536/0x820
[  400.027236][ T9348]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  400.032536][ T9348]  ? security_socket_sendmsg+0x87/0xb0
[  400.038010][ T9348]  ? __pfx_netlink_sendmsg+0x10/0x10
[  400.043308][ T9348]  __sock_sendmsg+0x221/0x270
[  400.048002][ T9348]  ____sys_sendmsg+0x525/0x7d0
[  400.052796][ T9348]  ? __pfx_____sys_sendmsg+0x10/0x10
[  400.058123][ T9348]  __sys_sendmsg+0x2b0/0x3a0
[  400.062731][ T9348]  ? __pfx___sys_sendmsg+0x10/0x10
[  400.067856][ T9348]  ? vfs_write+0x7c4/0xc90
[  400.072310][ T9348]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  400.078652][ T9348]  ? do_syscall_64+0x100/0x230
[  400.083428][ T9348]  ? do_syscall_64+0xb6/0x230
[  400.088119][ T9348]  do_syscall_64+0xf3/0x230
[  400.092634][ T9348]  ? clear_bhb_loop+0x35/0x90
[  400.097330][ T9348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  400.103230][ T9348] RIP: 0033:0x7f2c6ff77299
[  400.107649][ T9348] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  400.127288][ T9348] RSP: 002b:00007f2c70d8d048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  400.135709][ T9348] RAX: ffffffffffffffda RBX: 00007f2c70105f80 RCX: 00007f2c6ff77299
[  400.143693][ T9348] RDX: 0000000000000000 RSI: 0000000020000440 RDI: 0000000000000005
[  400.151668][ T9348] RBP: 00007f2c70d8d0a0 R08: 0000000000000000 R09: 0000000000000000
[  400.159649][ T9348] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  400.167623][ T9348] R13: 000000000000000b R14: 00007f2c70105f80 R15: 00007ffd5a838128
[  400.175613][ T9348]  </TASK>
[  400.312155][ T9357] netlink: 16 bytes leftover after parsing attributes in process `syz.4.787'.
[  400.410521][ T5271] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  400.630456][   T29] audit: type=1326 audit(1722149978.799:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9352 comm="syz.4.787" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12b6977299 code=0x0
[  400.846471][ T5271] usb 3-1: Using ep0 maxpacket: 32
[  400.858958][ T5271] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  400.884148][ T5271] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  400.943677][ T5271] usb 3-1: New USB device found, idVendor=056e, idProduct=00e6, bcdDevice= 0.00
[  400.993606][ T5271] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  401.064088][ T5271] usb 3-1: config 0 descriptor??
[  401.204055][ T9378] FAULT_INJECTION: forcing a failure.
[  401.204055][ T9378] name failslab, interval 1, probability 0, space 0, times 0
[  401.237991][ T9378] CPU: 1 UID: 0 PID: 9378 Comm: syz.3.790 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  401.248290][ T9378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  401.258358][ T9378] Call Trace:
[  401.261657][ T9378]  <TASK>
[  401.264599][ T9378]  dump_stack_lvl+0x241/0x360
[  401.269301][ T9378]  ? __pfx_dump_stack_lvl+0x10/0x10
[  401.274531][ T9378]  ? __pfx__printk+0x10/0x10
[  401.279144][ T9378]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  401.285152][ T9378]  ? __pfx___might_resched+0x10/0x10
[  401.290474][ T9378]  should_fail_ex+0x3b0/0x4e0
[  401.295208][ T9378]  should_failslab+0xac/0x100
[  401.299926][ T9378]  ? __alloc_skb+0x1c3/0x440
[  401.304553][ T9378]  kmem_cache_alloc_node_noprof+0x71/0x320
[  401.310406][ T9378]  __alloc_skb+0x1c3/0x440
[  401.314866][ T9378]  ? __pfx___alloc_skb+0x10/0x10
[  401.319844][ T9378]  ? netlink_autobind+0xd6/0x2f0
[  401.324823][ T9378]  ? netlink_autobind+0x2b0/0x2f0
[  401.329897][ T9378]  netlink_sendmsg+0x638/0xcb0
[  401.334711][ T9378]  ? __pfx_netlink_sendmsg+0x10/0x10
[  401.340034][ T9378]  ? __import_iovec+0x536/0x820
[  401.344922][ T9378]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  401.350253][ T9378]  ? security_socket_sendmsg+0x87/0xb0
[  401.355753][ T9378]  ? __pfx_netlink_sendmsg+0x10/0x10
[  401.361081][ T9378]  __sock_sendmsg+0x221/0x270
[  401.365807][ T9378]  ____sys_sendmsg+0x525/0x7d0
[  401.370630][ T9378]  ? __pfx_____sys_sendmsg+0x10/0x10
[  401.375989][ T9378]  __sys_sendmsg+0x2b0/0x3a0
[  401.380631][ T9378]  ? __pfx___sys_sendmsg+0x10/0x10
[  401.385785][ T9378]  ? vfs_write+0x7c4/0xc90
[  401.390285][ T9378]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  401.396658][ T9378]  ? do_syscall_64+0x100/0x230
[  401.401558][ T9378]  ? do_syscall_64+0xb6/0x230
[  401.406278][ T9378]  do_syscall_64+0xf3/0x230
[  401.410820][ T9378]  ? clear_bhb_loop+0x35/0x90
[  401.415543][ T9378]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.421473][ T9378] RIP: 0033:0x7fd876d77299
[  401.425918][ T9378] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.445564][ T9378] RSP: 002b:00007fd877a98048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  401.454206][ T9378] RAX: ffffffffffffffda RBX: 00007fd876f05f80 RCX: 00007fd876d77299
[  401.462251][ T9378] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003
[  401.470260][ T9378] RBP: 00007fd877a980a0 R08: 0000000000000000 R09: 0000000000000000
[  401.478291][ T9378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  401.486299][ T9378] R13: 000000000000000b R14: 00007fd876f05f80 R15: 00007ffe4dc8a6a8
[  401.494326][ T9378]  </TASK>
[  402.722869][ T5271] elecom 0003:056E:00E6.0013: item fetching failed at offset 2/5
[  402.772242][   T29] audit: type=1804 audit(1722149980.939:90): pid=9394 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.3.793" name="/newroot/159/bus/cgroup.controllers" dev="overlay" ino=892 res=1 errno=0
[  402.797615][ T5271] elecom 0003:056E:00E6.0013: probe with driver elecom failed with error -22
[  403.701057][ T5269] usb 3-1: USB disconnect, device number 11
[  403.898106][ T9403] netlink: 'syz.4.797': attribute type 64 has an invalid length.
[  403.976785][   T29] audit: type=1326 audit(1722149982.139:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9404 comm="syz.3.796" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd876d77299 code=0x0
[  405.314704][ T9426] FAULT_INJECTION: forcing a failure.
[  405.314704][ T9426] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  405.332436][ T9426] CPU: 1 UID: 0 PID: 9426 Comm: syz.1.801 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  405.342764][ T9426] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  405.352861][ T9426] Call Trace:
[  405.356172][ T9426]  <TASK>
[  405.359132][ T9426]  dump_stack_lvl+0x241/0x360
[  405.363863][ T9426]  ? __pfx_dump_stack_lvl+0x10/0x10
[  405.369114][ T9426]  ? __pfx__printk+0x10/0x10
[  405.373754][ T9426]  ? snprintf+0xda/0x120
[  405.378046][ T9426]  should_fail_ex+0x3b0/0x4e0
[  405.382775][ T9426]  _copy_to_user+0x2f/0xb0
[  405.387243][ T9426]  simple_read_from_buffer+0xca/0x150
[  405.392677][ T9426]  proc_fail_nth_read+0x1e9/0x250
[  405.397849][ T9426]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  405.403546][ T9426]  ? rw_verify_area+0x520/0x6b0
[  405.408435][ T9426]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  405.414531][ T9426]  vfs_read+0x204/0xbc0
[  405.418742][ T9426]  ? __pfx_lock_release+0x10/0x10
[  405.422136][ T9427] nbd: must specify at least one socket
[  405.423805][ T9426]  ? __pfx_vfs_read+0x10/0x10
[  405.423863][ T9426]  ? __fget_files+0x29/0x470
[  405.438705][ T9426]  ? __fget_files+0x3f6/0x470
[  405.443444][ T9426]  ksys_read+0x1a0/0x2c0
[  405.447822][ T9426]  ? __pfx_ksys_read+0x10/0x10
[  405.452628][ T9426]  ? do_syscall_64+0x100/0x230
[  405.457436][ T9426]  ? do_syscall_64+0xb6/0x230
[  405.462158][ T9426]  do_syscall_64+0xf3/0x230
[  405.466705][ T9426]  ? clear_bhb_loop+0x35/0x90
[  405.471431][ T9426]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.477368][ T9426] RIP: 0033:0x7f2c6ff75d7c
[  405.481813][ T9426] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  405.501464][ T9426] RSP: 002b:00007f2c70d8d040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  405.509923][ T9426] RAX: ffffffffffffffda RBX: 00007f2c70105f80 RCX: 00007f2c6ff75d7c
[  405.517935][ T9426] RDX: 000000000000000f RSI: 00007f2c70d8d0b0 RDI: 0000000000000004
[  405.526036][ T9426] RBP: 00007f2c70d8d0a0 R08: 0000000000000000 R09: 0000000000000000
[  405.534143][ T9426] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  405.542157][ T9426] R13: 000000000000000b R14: 00007f2c70105f80 R15: 00007ffd5a838128
[  405.550278][ T9426]  </TASK>
[  405.602116][ T9429] FAULT_INJECTION: forcing a failure.
[  405.602116][ T9429] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[  405.646589][ T9429] CPU: 1 UID: 0 PID: 9429 Comm: syz.4.803 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  405.656902][ T9429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  405.667011][ T9429] Call Trace:
[  405.670321][ T9429]  <TASK>
[  405.673375][ T9429]  dump_stack_lvl+0x241/0x360
[  405.678103][ T9429]  ? __pfx_dump_stack_lvl+0x10/0x10
[  405.683432][ T9429]  ? __pfx__printk+0x10/0x10
[  405.688084][ T9429]  should_fail_ex+0x3b0/0x4e0
[  405.692819][ T9429]  prepare_alloc_pages+0x1da/0x5d0
[  405.698090][ T9429]  __alloc_pages_noprof+0x166/0x6c0
[  405.703336][ T9429]  ? __pfx___alloc_pages_noprof+0x10/0x10
[  405.709113][ T9429]  ? validate_chain+0x11e/0x5900
[  405.714102][ T9429]  alloc_pages_mpol_noprof+0x3e8/0x680
[  405.719615][ T9429]  ? __pfx_alloc_pages_mpol_noprof+0x10/0x10
[  405.725662][ T9429]  vma_alloc_folio_noprof+0x12e/0x230
[  405.731093][ T9429]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[  405.737035][ T9429]  ? do_raw_spin_unlock+0x13c/0x8b0
[  405.742272][ T9429]  folio_prealloc+0x31/0x170
[  405.746902][ T9429]  do_wp_page+0x11cc/0x52f0
[  405.751459][ T9429]  ? __pfx_do_wp_page+0x10/0x10
[  405.756356][ T9429]  ? __pfx_lock_acquire+0x10/0x10
[  405.761435][ T9429]  ? do_raw_spin_lock+0x14f/0x370
[  405.766523][ T9429]  handle_pte_fault+0x1138/0x6eb0
[  405.771607][ T9429]  ? __pfx_validate_chain+0x10/0x10
[  405.776861][ T9429]  ? mark_lock+0x9a/0x350
[  405.781246][ T9429]  ? __pfx_handle_pte_fault+0x10/0x10
[  405.786704][ T9429]  ? mt_find+0x226/0x850
[  405.790987][ T9429]  ? __pfx_lock_release+0x10/0x10
[  405.796072][ T9429]  handle_mm_fault+0xf70/0x1880
[  405.800995][ T9429]  ? __pfx_handle_mm_fault+0x10/0x10
[  405.806342][ T9429]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  405.808306][ T9434] FAULT_INJECTION: forcing a failure.
[  405.808306][ T9434] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  405.812708][ T9429]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  405.831158][ T9429]  exc_page_fault+0x2b9/0x8c0
[  405.835901][ T9429]  asm_exc_page_fault+0x26/0x30
[  405.840782][ T9429] RIP: 0010:rep_movs_alternative+0x4a/0x70
[  405.846659][ T9429] Code: 75 f1 c3 cc cc cc cc 66 0f 1f 84 00 00 00 00 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 df 83 f9 08 73 e8 eb c9 <f3> a4 c3 cc cc cc cc 48 89 c8 48 c1 e9 03 83 e0 07 f3 48 a5 89 c1
[  405.866293][ T9429] RSP: 0018:ffffc90003a976f8 EFLAGS: 00050202
[  405.872390][ T9429] RAX: ffff888022d4e001 RBX: 00000000200063dc RCX: 0000000000000e5c
[  405.880398][ T9429] RDX: 0000000000000000 RSI: ffff888022d4e000 RDI: 0000000020005580
[  405.888407][ T9429] RBP: ffffc90003a97878 R08: ffff888022d4ee5b R09: 1ffff110045a9dcb
[  405.896405][ T9429] R10: dffffc0000000000 R11: ffffed10045a9dcc R12: dffffc0000000000
[  405.904397][ T9429] R13: 1ffff92000752ef4 R14: 0000000000000e5c R15: ffff888022d4e000
[  405.912520][ T9429]  _copy_to_iter+0x4c0/0x1960
[  405.917263][ T9429]  ? __virt_addr_valid+0x183/0x530
[  405.922408][ T9429]  ? __pfx__copy_to_iter+0x10/0x10
[  405.927631][ T9429]  ? __virt_addr_valid+0x183/0x530
[  405.932758][ T9429]  ? __virt_addr_valid+0x183/0x530
[  405.937892][ T9429]  ? __virt_addr_valid+0x45f/0x530
[  405.943037][ T9429]  ? __phys_addr_symbol+0x2f/0x70
[  405.948078][ T9429]  ? __check_object_size+0x49c/0x900
[  405.953392][ T9429]  __skb_datagram_iter+0x112/0x890
[  405.958548][ T9429]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  405.964221][ T9429]  skb_copy_datagram_iter+0xd1/0x250
[  405.969546][ T9429]  netlink_recvmsg+0x2d0/0x11d0
[  405.974451][ T9429]  ? __pfx_netlink_recvmsg+0x10/0x10
[  405.979899][ T9429]  ? __pfx___might_resched+0x10/0x10
[  405.985227][ T9429]  ? iovec_from_user+0x1b0/0x240
[  405.990204][ T9429]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  405.995553][ T9429]  ? security_socket_recvmsg+0x90/0xb0
[  406.001035][ T9429]  ? __pfx_netlink_recvmsg+0x10/0x10
[  406.006446][ T9429]  sock_recvmsg+0x22f/0x280
[  406.011002][ T9429]  ____sys_recvmsg+0x1db/0x470
[  406.015870][ T9429]  ? __pfx_____sys_recvmsg+0x10/0x10
[  406.021316][ T9429]  __sys_recvmsg+0x2f0/0x3e0
[  406.025948][ T9429]  ? __pfx___sys_recvmsg+0x10/0x10
[  406.031113][ T9429]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  406.037594][ T9429]  ? do_syscall_64+0x100/0x230
[  406.042407][ T9429]  ? do_syscall_64+0xb6/0x230
[  406.047124][ T9429]  do_syscall_64+0xf3/0x230
[  406.051662][ T9429]  ? clear_bhb_loop+0x35/0x90
[  406.056395][ T9429]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.062347][ T9429] RIP: 0033:0x7f12b6977299
[  406.066802][ T9429] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.086452][ T9429] RSP: 002b:00007f12b63ff048 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  406.094916][ T9429] RAX: ffffffffffffffda RBX: 00007f12b6b05f80 RCX: 00007f12b6977299
[  406.102921][ T9429] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  406.110924][ T9429] RBP: 00007f12b63ff0a0 R08: 0000000000000000 R09: 0000000000000000
[  406.119008][ T9429] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  406.126997][ T9429] R13: 000000000000000b R14: 00007f12b6b05f80 R15: 00007ffe0671c358
[  406.135087][ T9429]  </TASK>
[  406.138166][ T9434] CPU: 0 UID: 0 PID: 9434 Comm: syz.2.806 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  406.148542][ T9434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  406.158631][ T9434] Call Trace:
[  406.161941][ T9434]  <TASK>
[  406.164888][ T9434]  dump_stack_lvl+0x241/0x360
[  406.169589][ T9434]  ? __pfx_dump_stack_lvl+0x10/0x10
[  406.174798][ T9434]  ? __pfx__printk+0x10/0x10
[  406.179408][ T9434]  ? __pfx_lock_release+0x10/0x10
[  406.184455][ T9434]  should_fail_ex+0x3b0/0x4e0
[  406.189166][ T9434]  _copy_from_user+0x2f/0xe0
[  406.193770][ T9434]  memdup_user+0x64/0xc0
[  406.198027][ T9434]  strndup_user+0x68/0xc0
[  406.202364][ T9434]  __se_sys_fsconfig+0x74c/0xf80
[  406.207320][ T9434]  ? __pfx___se_sys_fsconfig+0x10/0x10
[  406.212788][ T9434]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  406.218784][ T9434]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  406.225124][ T9434]  ? do_syscall_64+0x100/0x230
[  406.229934][ T9434]  ? __x64_sys_fsconfig+0x20/0xc0
[  406.235059][ T9434]  do_syscall_64+0xf3/0x230
[  406.239577][ T9434]  ? clear_bhb_loop+0x35/0x90
[  406.244282][ T9434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.250188][ T9434] RIP: 0033:0x7ff953f77299
[  406.254610][ T9434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.274768][ T9434] RSP: 002b:00007ff954dfb048 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  406.283195][ T9434] RAX: ffffffffffffffda RBX: 00007ff954105f80 RCX: 00007ff953f77299
[  406.291192][ T9434] RDX: 0000000020000000 RSI: 0000000000000001 RDI: 0000000000000004
[  406.299184][ T9434] RBP: 00007ff954dfb0a0 R08: 0000000000000000 R09: 0000000000000000
[  406.307177][ T9434] R10: 0000000020000ac0 R11: 0000000000000246 R12: 0000000000000001
[  406.315163][ T9434] R13: 000000000000000b R14: 00007ff954105f80 R15: 00007ffd34fd21f8
[  406.323161][ T9434]  </TASK>
[  406.526608][    C1] eth0: bad gso: type: 1, size: 1408
[  410.307125][ T9484] netlink: 8 bytes leftover after parsing attributes in process `syz.2.817'.
[  412.041214][    C1] eth0: bad gso: type: 1, size: 1408
[  413.301359][ T9512] FAULT_INJECTION: forcing a failure.
[  413.301359][ T9512] name failslab, interval 1, probability 0, space 0, times 0
[  413.314482][ T9512] CPU: 0 UID: 0 PID: 9512 Comm: syz.0.825 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  413.324771][ T9512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  413.334932][ T9512] Call Trace:
[  413.338225][ T9512]  <TASK>
[  413.341162][ T9512]  dump_stack_lvl+0x241/0x360
[  413.345860][ T9512]  ? __pfx_dump_stack_lvl+0x10/0x10
[  413.351079][ T9512]  ? __pfx__printk+0x10/0x10
[  413.355695][ T9512]  should_fail_ex+0x3b0/0x4e0
[  413.360389][ T9512]  ? dst_alloc+0x12b/0x190
[  413.364813][ T9512]  should_failslab+0xac/0x100
[  413.369538][ T9512]  ? dst_alloc+0x12b/0x190
[  413.373965][ T9512]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  413.379391][ T9512]  ? __pfx_rt6_find_cached_rt+0x10/0x10
[  413.384946][ T9512]  ? __pfx_ip6_dst_gc+0x10/0x10
[  413.389804][ T9512]  dst_alloc+0x12b/0x190
[  413.394146][ T9512]  ip6_pol_route+0xb87/0x15d0
[  413.398836][ T9512]  ? ip6_pol_route+0x198/0x15d0
[  413.403701][ T9512]  ? __pfx_ip6_pol_route+0x10/0x10
[  413.408850][ T9512]  fib6_rule_lookup+0x286/0x790
[  413.413710][ T9512]  ? __pfx_ip6_pol_route_output+0x10/0x10
[  413.419433][ T9512]  ? __pfx_fib6_rule_lookup+0x10/0x10
[  413.424922][ T9512]  ? ip6_route_output_flags+0x30/0x610
[  413.430381][ T9512]  ip6_route_output_flags+0x38e/0x610
[  413.435757][ T9512]  ip6_dst_lookup_tail+0x1b3/0x14f0
[  413.440986][ T9512]  ? __pfx_ip6_dst_lookup_tail+0x10/0x10
[  413.446661][ T9512]  ? _copy_from_iter+0x26b/0x1960
[  413.451708][ T9512]  ip6_dst_lookup_flow+0xb9/0x180
[  413.456744][ T9512]  ? __pfx_ip6_dst_lookup_flow+0x10/0x10
[  413.462381][ T9512]  ? rawv6_sendmsg+0xef9/0x23c0
[  413.467347][ T9512]  rawv6_sendmsg+0x1283/0x23c0
[  413.472143][ T9512]  ? __pfx_rawv6_sendmsg+0x10/0x10
[  413.477269][ T9512]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  413.482996][ T9512]  ? tomoyo_socket_sendmsg_permission+0x2d0/0x420
[  413.489444][ T9512]  ? inet_sendmsg+0x330/0x390
[  413.494125][ T9512]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  413.499504][ T9512]  ? security_socket_sendmsg+0x87/0xb0
[  413.505005][ T9512]  __sock_sendmsg+0x1a6/0x270
[  413.509723][ T9512]  ____sys_sendmsg+0x525/0x7d0
[  413.514505][ T9512]  ? __pfx_____sys_sendmsg+0x10/0x10
[  413.519858][ T9512]  __sys_sendmsg+0x2b0/0x3a0
[  413.524473][ T9512]  ? __pfx___sys_sendmsg+0x10/0x10
[  413.529609][ T9512]  ? vfs_write+0x7c4/0xc90
[  413.534066][ T9512]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  413.540409][ T9512]  ? do_syscall_64+0x100/0x230
[  413.545181][ T9512]  ? do_syscall_64+0xb6/0x230
[  413.549959][ T9512]  do_syscall_64+0xf3/0x230
[  413.554473][ T9512]  ? clear_bhb_loop+0x35/0x90
[  413.559163][ T9512]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.565061][ T9512] RIP: 0033:0x7f4c2bb77299
[  413.569571][ T9512] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.589183][ T9512] RSP: 002b:00007f4c2c977048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  413.597626][ T9512] RAX: ffffffffffffffda RBX: 00007f4c2bd05f80 RCX: 00007f4c2bb77299
[  413.605597][ T9512] RDX: 0000000000000060 RSI: 0000000020000080 RDI: 0000000000000005
[  413.613584][ T9512] RBP: 00007f4c2c9770a0 R08: 0000000000000000 R09: 0000000000000000
[  413.621564][ T9512] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  413.629568][ T9512] R13: 000000000000000b R14: 00007f4c2bd05f80 R15: 00007ffcec356fa8
[  413.637597][ T9512]  </TASK>
[  413.911331][ T9522] netlink: 8 bytes leftover after parsing attributes in process `syz.1.832'.
[  414.535711][   T29] audit: type=1326 audit(1722149992.699:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9532 comm="syz.1.833" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2c6ff77299 code=0x0
[  415.821322][   T29] audit: type=1326 audit(1722149993.989:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9537 comm="syz.2.834" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff953f77299 code=0x0
[  415.899728][ T9574] netlink: 400 bytes leftover after parsing attributes in process `syz.4.836'.
[  416.125065][ T9576] FAULT_INJECTION: forcing a failure.
[  416.125065][ T9576] name failslab, interval 1, probability 0, space 0, times 0
[  416.859008][ T9576] CPU: 0 UID: 0 PID: 9576 Comm: syz.0.837 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  416.869311][ T9576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  416.879459][ T9576] Call Trace:
[  416.882745][ T9576]  <TASK>
[  416.885707][ T9576]  dump_stack_lvl+0x241/0x360
[  416.890513][ T9576]  ? __pfx_dump_stack_lvl+0x10/0x10
[  416.895806][ T9576]  ? __pfx__printk+0x10/0x10
[  416.900406][ T9576]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[  416.905967][ T9576]  ? __pfx___might_resched+0x10/0x10
[  416.911314][ T9576]  should_fail_ex+0x3b0/0x4e0
[  416.916052][ T9576]  ? vm_area_dup+0x61/0x290
[  416.920634][ T9576]  should_failslab+0xac/0x100
[  416.925341][ T9576]  ? vm_area_dup+0x61/0x290
[  416.929859][ T9576]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  416.935267][ T9576]  vm_area_dup+0x61/0x290
[  416.939704][ T9576]  __split_vma+0x1a9/0xc30
[  416.944232][ T9576]  ? __pfx_lock_release+0x10/0x10
[  416.949325][ T9576]  ? __pfx___split_vma+0x10/0x10
[  416.954302][ T9576]  do_vmi_align_munmap+0x388/0x18c0
[  416.959554][ T9576]  ? mtree_range_walk+0x6fd/0x8e0
[  416.964601][ T9576]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  416.970254][ T9576]  ? mtree_range_walk+0x6fd/0x8e0
[  416.975305][ T9576]  ? mas_find+0x8c0/0xbb0
[  416.979651][ T9576]  do_vmi_munmap+0x261/0x2f0
[  416.984275][ T9576]  do_munmap+0x136/0x1c0
[  416.988534][ T9576]  ? __pfx_do_munmap+0x10/0x10
[  416.993311][ T9576]  ? down_write_killable+0x19e/0x260
[  416.998616][ T9576]  ? __pfx_lock_release+0x10/0x10
[  417.003747][ T9576]  __se_sys_mremap+0xfbf/0x1980
[  417.008626][ T9576]  ? __pfx___se_sys_mremap+0x10/0x10
[  417.013920][ T9576]  ? __fget_files+0x3f6/0x470
[  417.018620][ T9576]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  417.024640][ T9576]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  417.030990][ T9576]  ? do_syscall_64+0x100/0x230
[  417.035775][ T9576]  ? __x64_sys_mremap+0x20/0xc0
[  417.040643][ T9576]  do_syscall_64+0xf3/0x230
[  417.045159][ T9576]  ? clear_bhb_loop+0x35/0x90
[  417.049858][ T9576]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.055770][ T9576] RIP: 0033:0x7f4c2bb77299
[  417.060196][ T9576] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  417.079810][ T9576] RSP: 002b:00007f4c2c977048 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  417.088238][ T9576] RAX: ffffffffffffffda RBX: 00007f4c2bd05f80 RCX: 00007f4c2bb77299
[  417.097172][ T9576] RDX: 0000000000200000 RSI: 0000000000600a00 RDI: 0000000020000000
[  417.105237][ T9576] RBP: 00007f4c2c9770a0 R08: 0000000020a00000 R09: 0000000000000000
[  417.113216][ T9576] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  417.121279][ T9576] R13: 000000000000000b R14: 00007f4c2bd05f80 R15: 00007ffcec356fa8
[  417.129293][ T9576]  </TASK>
[  417.847713][ T9598] netlink: 4 bytes leftover after parsing attributes in process `syz.4.839'.
[  421.282940][ T9640] netlink: 16 bytes leftover after parsing attributes in process `syz.0.850'.
[  421.542656][   T29] audit: type=1326 audit(1722149999.699:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9638 comm="syz.0.850" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4c2bb77299 code=0x0
[  421.773609][   T29] audit: type=1326 audit(1722149999.919:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9618 comm="syz.4.847" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12b6977299 code=0x0
[  422.852513][   T29] audit: type=1326 audit(1722150001.019:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9664 comm="syz.0.854" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4c2bb77299 code=0x0
[  423.034164][ T9695] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  425.867655][ T9670] syz.4.856 (9670): drop_caches: 2
[  425.967989][ T9721] block nbd2: shutting down sockets
[  426.155361][   T29] audit: type=1326 audit(1722150004.319:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9711 comm="syz.1.861" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2c6ff77299 code=0x0
[  427.477054][   T29] audit: type=1326 audit(1722150005.639:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9730 comm="syz.4.866" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12b6977299 code=0x0
[  427.501672][ T9751] netlink: 400 bytes leftover after parsing attributes in process `syz.2.868'.
[  431.361768][ T9785] FAULT_INJECTION: forcing a failure.
[  431.361768][ T9785] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  431.416582][   T29] audit: type=1326 audit(1722150009.579:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9769 comm="syz.1.873" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2c6ff77299 code=0x0
[  431.437815][ T9785] CPU: 1 UID: 0 PID: 9785 Comm: syz.2.876 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  431.448088][ T9785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  431.458145][ T9785] Call Trace:
[  431.461426][ T9785]  <TASK>
[  431.464356][ T9785]  dump_stack_lvl+0x241/0x360
[  431.469086][ T9785]  ? __pfx_dump_stack_lvl+0x10/0x10
[  431.474328][ T9785]  ? __pfx__printk+0x10/0x10
[  431.478964][ T9785]  ? __pfx_lock_release+0x10/0x10
[  431.484040][ T9785]  should_fail_ex+0x3b0/0x4e0
[  431.488742][ T9785]  _copy_from_iter+0x1f6/0x1960
[  431.493596][ T9785]  ? __virt_addr_valid+0x183/0x530
[  431.498808][ T9785]  ? __pfx_lock_release+0x10/0x10
[  431.503856][ T9785]  ? __alloc_skb+0x28f/0x440
[  431.508471][ T9785]  ? __pfx__copy_from_iter+0x10/0x10
[  431.513771][ T9785]  ? __virt_addr_valid+0x183/0x530
[  431.518897][ T9785]  ? __virt_addr_valid+0x183/0x530
[  431.524014][ T9785]  ? __virt_addr_valid+0x45f/0x530
[  431.529346][ T9785]  ? __check_object_size+0x49c/0x900
[  431.534676][ T9785]  netlink_sendmsg+0x73d/0xcb0
[  431.539488][ T9785]  ? __pfx_netlink_sendmsg+0x10/0x10
[  431.544788][ T9785]  ? __import_iovec+0x536/0x820
[  431.549650][ T9785]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  431.554944][ T9785]  ? security_socket_sendmsg+0x87/0xb0
[  431.560412][ T9785]  ? __pfx_netlink_sendmsg+0x10/0x10
[  431.565699][ T9785]  __sock_sendmsg+0x221/0x270
[  431.570473][ T9785]  ____sys_sendmsg+0x525/0x7d0
[  431.575249][ T9785]  ? __pfx_____sys_sendmsg+0x10/0x10
[  431.580558][ T9785]  __sys_sendmsg+0x2b0/0x3a0
[  431.585156][ T9785]  ? __pfx___sys_sendmsg+0x10/0x10
[  431.590277][ T9785]  ? vfs_write+0x7c4/0xc90
[  431.594720][ T9785]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  431.601148][ T9785]  ? do_syscall_64+0x100/0x230
[  431.605948][ T9785]  ? do_syscall_64+0xb6/0x230
[  431.610632][ T9785]  do_syscall_64+0xf3/0x230
[  431.615139][ T9785]  ? clear_bhb_loop+0x35/0x90
[  431.619824][ T9785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  431.625735][ T9785] RIP: 0033:0x7ff953f77299
[  431.630164][ T9785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  431.649795][ T9785] RSP: 002b:00007ff954dfb048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  431.658295][ T9785] RAX: ffffffffffffffda RBX: 00007ff954105f80 RCX: 00007ff953f77299
[  431.666266][ T9785] RDX: 0000000000000000 RSI: 00000000200000c0 RDI: 0000000000000006
[  431.674238][ T9785] RBP: 00007ff954dfb0a0 R08: 0000000000000000 R09: 0000000000000000
[  431.682221][ T9785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  431.690251][ T9785] R13: 000000000000000b R14: 00007ff954105f80 R15: 00007ffd34fd21f8
[  431.698328][ T9785]  </TASK>
[  431.701359][    C1] vkms_vblank_simulate: vblank timer overrun
[  431.968766][ T9789] netlink: 4 bytes leftover after parsing attributes in process `syz.4.875'.
[  432.139343][ T5235] Bluetooth: hci4: command 0x0406 tx timeout
[  432.412845][ T5270] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  432.601978][ T9808] syz.3.878: attempt to access beyond end of device
[  432.601978][ T9808] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  432.617121][ T9808] (syz.3.878,9808,0):ocfs2_get_sector:1771 ERROR: status = -5
[  432.624769][ T9808] (syz.3.878,9808,0):ocfs2_sb_probe:749 ERROR: status = -5
[  432.632379][ T9808] (syz.3.878,9808,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  432.641140][ T9808] (syz.3.878,9808,0):ocfs2_fill_super:1178 ERROR: status = -5
[  432.860479][ T9805] fuse: Bad value for 'fd'
[  433.586480][ T5270] usb 3-1: Using ep0 maxpacket: 8
[  433.621919][ T5270] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  433.660988][ T5270] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  433.698177][ T5270] usb 3-1: Product: syz
[  433.702546][ T5270] usb 3-1: Manufacturer: syz
[  433.717179][ T5270] usb 3-1: SerialNumber: syz
[  433.739447][   T29] audit: type=1326 audit(1722150011.909:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9810 comm="syz.4.881" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12b6977299 code=0x0
[  433.763092][ T5270] usb 3-1: config 0 descriptor??
[  434.003713][ T5270] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  434.526271][ T9835] netlink: 'syz.1.885': attribute type 1 has an invalid length.
[  434.581841][ T9835] netlink: 224 bytes leftover after parsing attributes in process `syz.1.885'.
[  436.228386][   T29] audit: type=1326 audit(1722150014.399:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9847 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12b6977299 code=0x7ffc0000
[  436.281182][   T29] audit: type=1326 audit(1722150014.429:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9847 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12b6977299 code=0x7ffc0000
[  436.321312][   T29] audit: type=1326 audit(1722150014.489:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9847 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=67 compat=0 ip=0x7f12b6977299 code=0x7ffc0000
[  436.681351][   T29] audit: type=1326 audit(1722150014.489:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9847 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12b6977299 code=0x7ffc0000
[  436.836137][ T9856] syz.3.888: attempt to access beyond end of device
[  436.836137][ T9856] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  436.848937][ T9856] (syz.3.888,9856,0):ocfs2_get_sector:1771 ERROR: status = -5
[  436.856647][ T9856] (syz.3.888,9856,0):ocfs2_sb_probe:749 ERROR: status = -5
[  436.863942][ T9856] (syz.3.888,9856,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  436.872605][ T9856] (syz.3.888,9856,0):ocfs2_fill_super:1178 ERROR: status = -5
[  437.457755][ T5270] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  437.648145][   T29] audit: type=1326 audit(1722150014.489:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9847 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12b6977299 code=0x7ffc0000
[  440.313105][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  443.427807][ T5218] Bluetooth: hci4: unexpected event for opcode 0x203c
[  443.440387][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  443.456128][ T5270] usb 3-1: USB disconnect, device number 12
[  443.576570][   T29] audit: type=1326 audit(1722150014.509:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9847 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f12b6977299 code=0x7ffc0000
[  443.804815][   T29] audit: type=1326 audit(1722150014.509:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9847 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12b6977299 code=0x7ffc0000
[  443.969173][   T29] audit: type=1326 audit(1722150014.509:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9847 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12b6977299 code=0x7ffc0000
[  445.388317][   T29] audit: type=1326 audit(1722150014.519:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9847 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f12b6977299 code=0x7ffc0000
[  445.426409][   T29] audit: type=1326 audit(1722150014.519:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9847 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12b6977299 code=0x7ffc0000
[  446.326403][   T29] audit: type=1326 audit(1722150014.519:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9847 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12b6977299 code=0x7ffc0000
[  446.516441][   T29] audit: type=1326 audit(1722150014.519:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9847 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f12b6977299 code=0x7ffc0000
[  446.634212][   T29] audit: type=1326 audit(1722150014.519:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9847 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12b6977299 code=0x7ffc0000
[  446.776463][   T29] audit: type=1326 audit(1722150014.519:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9847 comm="syz.4.887" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12b6977299 code=0x7ffc0000
[  446.862444][   T29] audit: type=1326 audit(1722150022.159:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9860 comm="syz.4.890" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12b6977299 code=0x0
[  447.208479][ T5235] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  447.219048][ T5235] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  447.228909][ T5235] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  447.255097][ T5235] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  447.270723][ T5235] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  447.278899][ T5235] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  447.690495][ T5218] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  447.703813][ T5218] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  447.713700][ T5218] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  447.725269][ T5218] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  447.737725][ T5218] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  447.741514][ T5232] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  447.745352][ T5218] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  447.763409][ T5232] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  447.781932][ T5235] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  447.797313][ T5218] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  447.806682][ T5218] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  447.824274][ T5218] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  447.949449][ T1119] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  448.081536][ T1119] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  448.270319][ T1119] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  448.412337][ T1119] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  449.549565][ T5235] Bluetooth: hci1: command tx timeout
[  450.045876][ T5235] Bluetooth: hci5: command tx timeout
[  450.052191][ T5235] Bluetooth: hci0: command tx timeout
[  450.442523][ T1119] bridge_slave_1: left allmulticast mode
[  450.456185][ T1119] bridge_slave_1: left promiscuous mode
[  450.467987][ T1119] bridge0: port 2(bridge_slave_1) entered disabled state
[  450.483399][ T1119] bridge_slave_0: left allmulticast mode
[  450.490263][ T1119] bridge_slave_0: left promiscuous mode
[  450.506064][ T1119] bridge0: port 1(bridge_slave_0) entered disabled state
[  450.845495][ T9929] FAULT_INJECTION: forcing a failure.
[  450.845495][ T9929] name failslab, interval 1, probability 0, space 0, times 0
[  450.909052][ T9929] CPU: 0 UID: 0 PID: 9929 Comm: syz.4.904 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  450.919356][ T9929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  450.929485][ T9929] Call Trace:
[  450.932803][ T9929]  <TASK>
[  450.935766][ T9929]  dump_stack_lvl+0x241/0x360
[  450.940486][ T9929]  ? __pfx_dump_stack_lvl+0x10/0x10
[  450.945701][ T9929]  ? __pfx__printk+0x10/0x10
[  450.950323][ T9929]  ? __kmalloc_node_noprof+0xb7/0x440
[  450.955712][ T9929]  ? __pfx___might_resched+0x10/0x10
[  450.961018][ T9929]  should_fail_ex+0x3b0/0x4e0
[  450.965715][ T9929]  should_failslab+0xac/0x100
[  450.970438][ T9929]  __kmalloc_node_noprof+0xdf/0x440
[  450.975661][ T9929]  ? __kvmalloc_node_noprof+0x72/0x190
[  450.981224][ T9929]  __kvmalloc_node_noprof+0x72/0x190
[  450.986525][ T9929]  bpf_test_run_xdp_live+0x207/0x2110
[  450.991917][ T9929]  ? arch_stack_walk+0x16d/0x1b0
[  450.996875][ T9929]  ? stack_trace_save+0x118/0x1d0
[  451.001913][ T9929]  ? __lock_acquire+0x137a/0x2040
[  451.007045][ T9929]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  451.012866][ T9929]  ? mark_lock+0x9a/0x350
[  451.017252][ T9929]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  451.023175][ T9929]  ? __might_fault+0xaa/0x120
[  451.027893][ T9929]  ? __might_fault+0xc6/0x120
[  451.032605][ T9929]  ? _copy_from_user+0xa6/0xe0
[  451.037582][ T9929]  ? bpf_test_init+0x15a/0x180
[  451.042386][ T9929]  ? xdp_convert_md_to_buff+0x5b/0x330
[  451.047875][ T9929]  bpf_prog_test_run_xdp+0x80e/0x11b0
[  451.053276][ T9929]  ? __pfx_lock_release+0x10/0x10
[  451.058417][ T9929]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  451.064242][ T9929]  ? __fget_files+0x29/0x470
[  451.068877][ T9929]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  451.074961][ T9929]  bpf_prog_test_run+0x33a/0x3b0
[  451.079922][ T9929]  __sys_bpf+0x48d/0x810
[  451.084183][ T9929]  ? __pfx___sys_bpf+0x10/0x10
[  451.088972][ T9929]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  451.094971][ T9929]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  451.101404][ T9929]  ? do_syscall_64+0x100/0x230
[  451.106197][ T9929]  __x64_sys_bpf+0x7c/0x90
[  451.110624][ T9929]  do_syscall_64+0xf3/0x230
[  451.115151][ T9929]  ? clear_bhb_loop+0x35/0x90
[  451.119850][ T9929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  451.125756][ T9929] RIP: 0033:0x7f12b6977299
[  451.130269][ T9929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  451.149906][ T9929] RSP: 002b:00007f12b63de048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  451.158339][ T9929] RAX: ffffffffffffffda RBX: 00007f12b6b06058 RCX: 00007f12b6977299
[  451.166350][ T9929] RDX: 0000000000000050 RSI: 00000000200004c0 RDI: 000000000000000a
[  451.174327][ T9929] RBP: 00007f12b63de0a0 R08: 0000000000000000 R09: 0000000000000000
[  451.182413][ T9929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  451.190399][ T9929] R13: 000000000000006e R14: 00007f12b6b06058 R15: 00007ffe0671c358
[  451.198454][ T9929]  </TASK>
[  451.586610][ T5218] Bluetooth: hci1: command tx timeout
[  451.894616][ T9935] syz.3.905: attempt to access beyond end of device
[  451.894616][ T9935] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  451.908065][ T9935] (syz.3.905,9935,0):ocfs2_get_sector:1771 ERROR: status = -5
[  451.915633][ T9935] (syz.3.905,9935,0):ocfs2_sb_probe:749 ERROR: status = -5
[  451.922980][ T9935] (syz.3.905,9935,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  451.931653][ T9935] (syz.3.905,9935,0):ocfs2_fill_super:1178 ERROR: status = -5
[  452.156563][ T5218] Bluetooth: hci0: command tx timeout
[  452.164403][ T5218] Bluetooth: hci5: command tx timeout
[  452.712673][ T1119] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  452.725956][ T1119] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  452.740434][ T1119] bond0 (unregistering): Released all slaves
[  453.657354][ T5235] Bluetooth: hci1: command tx timeout
[  453.756080][ T9893] chnl_net:caif_netlink_parms(): no params data found
[  453.782424][ T9899] chnl_net:caif_netlink_parms(): no params data found
[  453.902602][ T1119] hsr_slave_0: left promiscuous mode
[  453.960351][ T1119] hsr_slave_1: left promiscuous mode
[  453.989782][ T1119] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  454.017304][ T1119] batman_adv: batadv0: Removing interface: batadv_slave_0
[  454.067803][ T1119] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  454.085632][ T1119] batman_adv: batadv0: Removing interface: batadv_slave_1
[  454.139060][ T1119] veth1_macvtap: left promiscuous mode
[  454.144691][ T1119] veth0_macvtap: left promiscuous mode
[  454.162190][ T1119] veth1_vlan: left promiscuous mode
[  454.174590][ T1119] veth0_vlan: left promiscuous mode
[  454.228063][ T5235] Bluetooth: hci5: command tx timeout
[  454.233662][ T5235] Bluetooth: hci0: command tx timeout
[  454.516552][ T5216] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  454.708103][ T5216] usb 5-1: Using ep0 maxpacket: 8
[  454.718663][ T5216] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  454.733845][ T5216] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  454.745799][ T5216] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  454.761148][ T5216] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  454.772359][ T5216] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  454.786590][ T5216] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  454.794163][ T5216] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  454.807000][ T5216] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  454.819075][ T5216] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  454.830837][ T5216] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  454.843519][ T1119] team0 (unregistering): Port device team_slave_1 removed
[  454.843794][ T5216] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  454.859928][ T5216] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  454.874837][ T5216] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  454.887822][ T5216] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  454.899103][ T5216] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  454.915388][ T5216] usb 5-1: string descriptor 0 read error: -22
[  454.921899][ T5216] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  454.932406][ T5216] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.941551][ T1119] team0 (unregistering): Port device team_slave_0 removed
[  454.969154][ T5216] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  455.253937][ T1186] usb 5-1: USB disconnect, device number 23
[  455.481724][ T9902] chnl_net:caif_netlink_parms(): no params data found
[  455.511440][ T9970] pim6reg: entered allmulticast mode
[  455.740368][ T5235] Bluetooth: hci1: command tx timeout
[  455.990817][ T9893] bridge0: port 1(bridge_slave_0) entered blocking state
[  456.003228][ T9893] bridge0: port 1(bridge_slave_0) entered disabled state
[  456.012469][ T9893] bridge_slave_0: entered allmulticast mode
[  456.025513][ T9893] bridge_slave_0: entered promiscuous mode
[  456.036540][ T9899] bridge0: port 1(bridge_slave_0) entered blocking state
[  456.043896][ T9899] bridge0: port 1(bridge_slave_0) entered disabled state
[  456.051464][ T9899] bridge_slave_0: entered allmulticast mode
[  456.063123][ T9899] bridge_slave_0: entered promiscuous mode
[  456.083685][ T9902] bridge0: port 1(bridge_slave_0) entered blocking state
[  456.106626][ T9902] bridge0: port 1(bridge_slave_0) entered disabled state
[  456.113886][ T9902] bridge_slave_0: entered allmulticast mode
[  456.132108][ T9902] bridge_slave_0: entered promiscuous mode
[  456.149023][ T9893] bridge0: port 2(bridge_slave_1) entered blocking state
[  456.167003][ T9893] bridge0: port 2(bridge_slave_1) entered disabled state
[  456.174511][ T9893] bridge_slave_1: entered allmulticast mode
[  456.199831][ T9893] bridge_slave_1: entered promiscuous mode
[  456.225266][ T9899] bridge0: port 2(bridge_slave_1) entered blocking state
[  456.232857][ T9899] bridge0: port 2(bridge_slave_1) entered disabled state
[  456.240954][ T9899] bridge_slave_1: entered allmulticast mode
[  456.248960][ T9899] bridge_slave_1: entered promiscuous mode
[  456.276679][ T9902] bridge0: port 2(bridge_slave_1) entered blocking state
[  456.284334][ T9902] bridge0: port 2(bridge_slave_1) entered disabled state
[  456.291923][ T9902] bridge_slave_1: entered allmulticast mode
[  456.298248][ T5235] Bluetooth: hci0: command tx timeout
[  456.303809][ T5218] Bluetooth: hci5: command tx timeout
[  456.328540][ T9902] bridge_slave_1: entered promiscuous mode
[  456.423733][ T9893] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  456.451283][ T9899] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  456.499808][ T9902] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  456.522100][ T9893] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  456.582943][ T9899] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  456.611284][ T9902] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  456.841113][ T9893] team0: Port device team_slave_0 added
[  456.892967][ T9899] team0: Port device team_slave_0 added
[  456.940049][ T9902] team0: Port device team_slave_0 added
[  456.953830][ T9893] team0: Port device team_slave_1 added
[  457.007403][ T9899] team0: Port device team_slave_1 added
[  457.062364][ T1063] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  457.101611][ T9902] team0: Port device team_slave_1 added
[  457.326163][ T9893] batman_adv: batadv0: Adding interface: batadv_slave_0
[  457.354413][ T9893] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  457.427711][ T9893] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  457.465111][ T1063] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  457.833858][T10018] syz.3.916: attempt to access beyond end of device
[  457.833858][T10018] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  457.847240][T10018] (syz.3.916,10018,1):ocfs2_get_sector:1771 ERROR: status = -5
[  457.855172][T10018] (syz.3.916,10018,1):ocfs2_sb_probe:749 ERROR: status = -5
[  457.862774][T10018] (syz.3.916,10018,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  457.871536][T10018] (syz.3.916,10018,1):ocfs2_fill_super:1178 ERROR: status = -5
[  458.307908][ T9902] batman_adv: batadv0: Adding interface: batadv_slave_0
[  458.314910][ T9902] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  458.426441][ T9902] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  458.476338][ T9902] batman_adv: batadv0: Adding interface: batadv_slave_1
[  458.486276][ T9902] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  458.550920][ T9902] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  458.569724][ T9893] batman_adv: batadv0: Adding interface: batadv_slave_1
[  458.597674][ T9893] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  458.649693][ T9893] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  458.775613][ T1063] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.788209][T10029] Process accounting resumed
[  458.817238][ T9899] batman_adv: batadv0: Adding interface: batadv_slave_0
[  458.825801][ T9899] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  458.853816][ T9899] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  458.934800][ T1063] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  458.962639][ T9899] batman_adv: batadv0: Adding interface: batadv_slave_1
[  458.977096][ T9899] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  459.047841][ T9899] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  459.137543][ T9902] hsr_slave_0: entered promiscuous mode
[  459.153943][ T9902] hsr_slave_1: entered promiscuous mode
[  459.168939][ T9902] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  459.189660][ T9902] Cannot create hsr debugfs directory
[  459.220172][ T9893] hsr_slave_0: entered promiscuous mode
[  459.239939][ T9893] hsr_slave_1: entered promiscuous mode
[  459.252651][ T9893] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  459.266429][ T9893] Cannot create hsr debugfs directory
[  459.680492][ T9899] hsr_slave_0: entered promiscuous mode
[  459.703432][ T9899] hsr_slave_1: entered promiscuous mode
[  459.740503][ T9899] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  459.757613][ T9899] Cannot create hsr debugfs directory
[  459.887508][    C1] eth0: bad gso: type: 1, size: 1408
[  461.351279][ T1063] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  461.495539][ T1063] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  461.620149][ T1063] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  461.721467][ T1063] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  461.925783][ T1063] bridge_slave_1: left allmulticast mode
[  461.942068][ T1063] bridge_slave_1: left promiscuous mode
[  461.961136][ T1063] bridge0: port 2(bridge_slave_1) entered disabled state
[  461.985703][ T1063] bridge_slave_0: left allmulticast mode
[  461.999272][ T1063] bridge_slave_0: left promiscuous mode
[  462.011724][ T1063] bridge0: port 1(bridge_slave_0) entered disabled state
[  462.033832][ T1063] bridge_slave_1: left allmulticast mode
[  462.044594][ T1063] bridge_slave_1: left promiscuous mode
[  462.063600][ T1063] bridge0: port 2(bridge_slave_1) entered disabled state
[  462.090396][ T1063] bridge_slave_0: left allmulticast mode
[  462.103041][ T1063] bridge_slave_0: left promiscuous mode
[  462.127585][ T1063] bridge0: port 1(bridge_slave_0) entered disabled state
[  462.278333][T10089] netlink: 8 bytes leftover after parsing attributes in process `syz.4.930'.
[  463.034952][ T1063] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  463.055037][ T1063] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  463.066279][ T1063] bond0 (unregistering): Released all slaves
[  463.184386][ T1063] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  463.196181][ T1063] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  463.208345][ T1063] bond0 (unregistering): Released all slaves
[  463.530148][T10103] netlink: 8 bytes leftover after parsing attributes in process `syz.4.934'.
[  465.160166][ T1063] hsr_slave_0: left promiscuous mode
[  465.187700][ T1063] hsr_slave_1: left promiscuous mode
[  465.212576][ T1063] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  465.227452][ T1063] batman_adv: batadv0: Removing interface: batadv_slave_0
[  465.240051][ T1063] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  465.248066][ T1063] batman_adv: batadv0: Removing interface: batadv_slave_1
[  465.270032][ T1063] hsr_slave_0: left promiscuous mode
[  465.279449][ T1063] hsr_slave_1: left promiscuous mode
[  465.293933][ T1063] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  465.302978][ T1063] batman_adv: batadv0: Removing interface: batadv_slave_0
[  465.311879][ T1063] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  465.322404][ T1063] batman_adv: batadv0: Removing interface: batadv_slave_1
[  465.373945][ T1063] veth1_macvtap: left promiscuous mode
[  465.386161][ T1063] veth0_macvtap: left promiscuous mode
[  465.393766][ T1063] veth1_vlan: left promiscuous mode
[  465.402446][ T1063] veth0_vlan: left promiscuous mode
[  465.418281][ T1063] veth1_macvtap: left promiscuous mode
[  465.434118][ T1063] veth0_macvtap: left promiscuous mode
[  465.444043][ T1063] veth1_vlan: left promiscuous mode
[  465.449810][ T1063] veth0_vlan: left promiscuous mode
[  465.708438][ T5270] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  465.896586][ T5270] usb 4-1: Using ep0 maxpacket: 32
[  465.925403][   T29] audit: type=1326 audit(1722150046.083:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10135 comm="syz.4.941" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12b6977299 code=0x0
[  465.952432][ T5270] usb 4-1: New USB device found, idVendor=06a2, idProduct=0003, bcdDevice=a6.59
[  465.962304][ T5270] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  465.973382][ T5270] usb 4-1: Product: syz
[  465.978348][ T5270] usb 4-1: Manufacturer: syz
[  465.993709][ T5270] usb 4-1: SerialNumber: syz
[  466.008558][ T5270] usb 4-1: config 0 descriptor??
[  466.027448][ T5270] gspca_main: gspca_topro-2.14.0 probing 06a2:0003
[  466.556816][ T5270] gspca_topro: reg_w err -110
[  466.596444][ T5270] gspca_topro: Sensor soi763a
[  466.710487][ T1063] team0 (unregistering): Port device team_slave_1 removed
[  467.480976][ T1063] team0 (unregistering): Port device team_slave_0 removed
[  468.392469][ T1063] team0 (unregistering): Port device team_slave_1 removed
[  468.506121][ T1063] team0 (unregistering): Port device team_slave_0 removed
[  468.548149][ T1186] usb 4-1: USB disconnect, device number 17
[  469.939414][T10162] netlink: 'syz.4.943': attribute type 1 has an invalid length.
[  470.514989][   T29] audit: type=1326 audit(1722150050.673:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10179 comm="syz.3.949" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd876d77299 code=0x0
[  471.250863][ T1063] IPVS: stop unused estimator thread 0...
[  471.504952][ T9893] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  471.594931][ T9893] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  471.647902][ T9893] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  471.675184][ T9893] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  471.879176][ T9902] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  471.906833][ T9902] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  471.930103][ T9902] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  471.965296][ T9902] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  472.156981][ T9899] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  472.405135][ T9899] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  472.673420][ T9899] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  472.862240][ T9899] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  473.119345][ T9893] 8021q: adding VLAN 0 to HW filter on device bond0
[  473.144752][ T9902] 8021q: adding VLAN 0 to HW filter on device bond0
[  473.207433][ T9902] 8021q: adding VLAN 0 to HW filter on device team0
[  473.257371][ T9893] 8021q: adding VLAN 0 to HW filter on device team0
[  473.329733][ T5269] bridge0: port 1(bridge_slave_0) entered blocking state
[  473.336953][ T5269] bridge0: port 1(bridge_slave_0) entered forwarding state
[  473.355522][ T5269] bridge0: port 1(bridge_slave_0) entered blocking state
[  473.362749][ T5269] bridge0: port 1(bridge_slave_0) entered forwarding state
[  473.420607][ T5270] bridge0: port 2(bridge_slave_1) entered blocking state
[  473.427833][ T5270] bridge0: port 2(bridge_slave_1) entered forwarding state
[  473.462478][ T5270] bridge0: port 2(bridge_slave_1) entered blocking state
[  473.469681][ T5270] bridge0: port 2(bridge_slave_1) entered forwarding state
[  473.511108][ T9899] 8021q: adding VLAN 0 to HW filter on device bond0
[  473.638810][ T9899] 8021q: adding VLAN 0 to HW filter on device team0
[  473.683533][ T5271] bridge0: port 1(bridge_slave_0) entered blocking state
[  473.690852][ T5271] bridge0: port 1(bridge_slave_0) entered forwarding state
[  473.751403][ T5271] bridge0: port 2(bridge_slave_1) entered blocking state
[  473.758639][ T5271] bridge0: port 2(bridge_slave_1) entered forwarding state
[  474.421177][ T9893] 8021q: adding VLAN 0 to HW filter on device batadv0
[  474.799672][ T9902] 8021q: adding VLAN 0 to HW filter on device batadv0
[  474.854464][ T9893] veth0_vlan: entered promiscuous mode
[  474.977401][ T9893] veth1_vlan: entered promiscuous mode
[  475.095687][   T29] audit: type=1326 audit(1722150055.253:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10250 comm="syz.3.958" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd876d77299 code=0x0
[  475.138496][ T9899] 8021q: adding VLAN 0 to HW filter on device batadv0
[  475.145718][ T9902] veth0_vlan: entered promiscuous mode
[  475.271232][ T9893] veth0_macvtap: entered promiscuous mode
[  475.295317][ T9902] veth1_vlan: entered promiscuous mode
[  475.343562][ T9893] veth1_macvtap: entered promiscuous mode
[  475.590486][ T9893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  475.646681][ T9893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  475.686566][ T9893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  475.703868][ T9893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  475.720488][ T9893] batman_adv: batadv0: Interface activated: batadv_slave_0
[  475.745000][ T9899] veth0_vlan: entered promiscuous mode
[  475.761004][ T9902] veth0_macvtap: entered promiscuous mode
[  476.037563][T10276] netlink: 224 bytes leftover after parsing attributes in process `syz.4.959'.
[  476.114537][ T9893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  476.123025][ T5269] IPVS: starting estimator thread 0...
[  476.594819][ T9893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.628475][ T9893] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  476.656887][ T9893] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  476.701350][ T9893] batman_adv: batadv0: Interface activated: batadv_slave_1
[  476.716442][T10280] IPVS: using max 17 ests per chain, 40800 per kthread
[  476.795930][ T9899] veth1_vlan: entered promiscuous mode
[  476.850931][ T9902] veth1_macvtap: entered promiscuous mode
[  476.893236][ T9893] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  476.922456][ T9893] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  476.933188][ T9893] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  476.944619][ T9893] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  477.008629][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  477.021331][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  477.033267][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  477.044337][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  477.057483][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  477.069168][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  477.082104][ T9902] batman_adv: batadv0: Interface activated: batadv_slave_0
[  477.212013][ T9899] veth0_macvtap: entered promiscuous mode
[  477.243838][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  477.262579][T10292] netlink: 4 bytes leftover after parsing attributes in process `syz.4.961'.
[  477.283520][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  477.293662][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  477.305826][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  477.315907][ T9902] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  477.326470][ T9902] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  477.341491][ T9902] batman_adv: batadv0: Interface activated: batadv_slave_1
[  477.505132][T10298] syz.3.962: attempt to access beyond end of device
[  477.505132][T10298] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  477.518162][T10298] (syz.3.962,10298,1):ocfs2_get_sector:1771 ERROR: status = -5
[  477.525818][T10298] (syz.3.962,10298,1):ocfs2_sb_probe:749 ERROR: status = -5
[  477.533309][T10298] (syz.3.962,10298,1):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  477.542129][T10298] (syz.3.962,10298,1):ocfs2_fill_super:1178 ERROR: status = -5
[  478.028033][ T9899] veth1_macvtap: entered promiscuous mode
[  478.113318][ T9902] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  478.148368][ T9902] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  478.186715][ T9902] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  478.244530][ T9902] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  478.325312][ T9899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  478.345944][ T9899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  478.371024][ T9899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  478.392959][ T9899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  478.405790][ T9899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  478.423141][ T9899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  478.433623][ T9899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  478.444850][ T9899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  478.463585][ T9899] batman_adv: batadv0: Interface activated: batadv_slave_0
[  478.518018][ T9899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  478.535291][ T9899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  478.546582][ T9899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  478.560451][ T9899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  478.570818][ T9899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  478.582457][ T9899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  478.593013][ T9899] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  478.604500][ T9899] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  478.628161][ T9899] batman_adv: batadv0: Interface activated: batadv_slave_1
[  478.711725][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  478.723468][ T9899] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  478.743867][ T9899] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  478.743934][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  478.758771][ T9899] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  478.775377][ T9899] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  478.912393][ T2948] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  478.945472][ T2948] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  479.013975][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  479.063772][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  479.228999][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  479.295971][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  479.563905][ T2948] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  480.405137][ T2948] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  480.463569][ T2948] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  480.509870][ T2948] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  480.573009][   T29] audit: type=1326 audit(1722150060.733:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10329 comm="syz.3.967" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd876d77299 code=0x0
[  481.161310][T10353] netlink: 16 bytes leftover after parsing attributes in process `syz.1.897'.
[  482.131767][   T29] audit: type=1326 audit(1722150062.293:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10337 comm="syz.0.968" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcd70f77299 code=0x0
[  482.300904][   T29] audit: type=1326 audit(1722150062.463:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10349 comm="syz.1.897" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1d0a177299 code=0x0
[  487.182508][T10424] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  488.553054][   T29] audit: type=1326 audit(1722150068.713:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10425 comm="syz.4.980" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12b6977299 code=0x0
[  491.726447][ T5269] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  492.216555][ T5269] usb 1-1: Using ep0 maxpacket: 16
[  492.289210][ T5269] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  492.347857][ T5269] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  492.366571][ T5269] usb 1-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  492.386419][ T5269] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  492.420056][T10500] A link change request failed with some changes committed already. Interface batadv_slave_1 may have been left with an inconsistent configuration, please check.
[  492.497603][ T5269] usb 1-1: config 0 descriptor??
[  494.318846][T10491] dccp_invalid_packet: P.Data Offset(0) too small
[  494.370659][ T5269] elan 0003:04F3:0755.0014: item fetching failed at offset 2/5
[  494.380663][ T5269] elan 0003:04F3:0755.0014: Hid Parse failed
[  494.387036][ T5269] elan 0003:04F3:0755.0014: probe with driver elan failed with error -22
[  495.575143][   T29] audit: type=1326 audit(1722150075.733:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10515 comm="syz.4.1000" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12b6977299 code=0x0
[  495.911299][ T5269] usb 1-1: USB disconnect, device number 15
[  495.945968][    C1] eth0: bad gso: type: 1, size: 1408
[  496.118290][T10566] FAULT_INJECTION: forcing a failure.
[  496.118290][T10566] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  496.166454][T10566] CPU: 1 UID: 0 PID: 10566 Comm: syz.0.1008 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  496.177023][T10566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  496.187100][T10566] Call Trace:
[  496.190396][T10566]  <TASK>
[  496.193343][T10566]  dump_stack_lvl+0x241/0x360
[  496.198051][T10566]  ? __pfx_dump_stack_lvl+0x10/0x10
[  496.203267][T10566]  ? __pfx__printk+0x10/0x10
[  496.207882][T10566]  ? __pfx_lock_release+0x10/0x10
[  496.212955][T10566]  should_fail_ex+0x3b0/0x4e0
[  496.217663][T10566]  _copy_from_user+0x2f/0xe0
[  496.222276][T10566]  do_ip_vs_get_ctl+0x286/0xd90
[  496.227160][T10566]  ? __pfx_do_ip_vs_get_ctl+0x10/0x10
[  496.232682][T10566]  ? trace_contention_end+0x3c/0x120
[  496.237993][T10566]  ? __mutex_lock+0x2ef/0xd70
[  496.242724][T10566]  ? __mutex_unlock_slowpath+0x21d/0x750
[  496.248388][T10566]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  496.254416][T10566]  ? __might_fault+0xaa/0x120
[  496.259114][T10566]  ? __pfx_lock_release+0x10/0x10
[  496.264265][T10566]  ? module_put+0x13a/0x2d0
[  496.268797][T10566]  nf_getsockopt+0x299/0x2c0
[  496.273402][T10566]  ip_getsockopt+0x222/0x2e0
[  496.278023][T10566]  ? __pfx_ip_getsockopt+0x10/0x10
[  496.283157][T10566]  ? rcu_read_lock_any_held+0xb7/0x160
[  496.288637][T10566]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  496.294555][T10566]  tcp_getsockopt+0x163/0x1c0
[  496.299256][T10566]  ? __pfx_tcp_getsockopt+0x10/0x10
[  496.304483][T10566]  ? vfs_write+0x7c4/0xc90
[  496.308922][T10566]  ? sock_common_getsockopt+0x2e/0xb0
[  496.314311][T10566]  ? __pfx_sock_common_getsockopt+0x10/0x10
[  496.320230][T10566]  do_sock_getsockopt+0x373/0x850
[  496.325286][T10566]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  496.330974][T10566]  ? __pfx_do_sys_openat2+0x10/0x10
[  496.336302][T10566]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  496.342349][T10566]  __sys_getsockopt+0x271/0x330
[  496.347246][T10566]  ? __pfx___sys_getsockopt+0x10/0x10
[  496.352663][T10566]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  496.359104][T10566]  ? do_syscall_64+0x100/0x230
[  496.363927][T10566]  __x64_sys_getsockopt+0xb5/0xd0
[  496.369148][T10566]  do_syscall_64+0xf3/0x230
[  496.373678][T10566]  ? clear_bhb_loop+0x35/0x90
[  496.378377][T10566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  496.384306][T10566] RIP: 0033:0x7fcd70f77299
[  496.388822][T10566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  496.408529][T10566] RSP: 002b:00007fcd71d54048 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  496.417049][T10566] RAX: ffffffffffffffda RBX: 00007fcd71105f80 RCX: 00007fcd70f77299
[  496.425040][T10566] RDX: 0000000000000487 RSI: 0000000000000000 RDI: 0000000000000003
[  496.433066][T10566] RBP: 00007fcd71d540a0 R08: 0000000020000280 R09: 0000000000000000
[  496.441079][T10566] R10: 00000000200001c0 R11: 0000000000000246 R12: 0000000000000001
[  496.449067][T10566] R13: 000000000000000b R14: 00007fcd71105f80 R15: 00007fff873a0ea8
[  496.457113][T10566]  </TASK>
[  497.733963][T10594] batadv_slave_1: entered promiscuous mode
[  497.756569][T10589] 9pnet_fd: Insufficient options for proto=fd
[  498.476652][ T1186] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  498.694789][T10588] batadv_slave_1: left promiscuous mode
[  498.786502][ T1186] usb 5-1: Using ep0 maxpacket: 8
[  499.058213][ T1186] usb 5-1: config index 0 descriptor too short (expected 580, got 68)
[  499.066615][ T1186] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 0
[  499.086743][ T1186] usb 5-1: New USB device found, idVendor=d741, idProduct=595f, bcdDevice=1d.f0
[  499.100335][ T1186] usb 5-1: New USB device strings: Mfr=232, Product=202, SerialNumber=1
[  499.110143][ T1186] usb 5-1: Product: syz
[  499.124436][ T1186] usb 5-1: Manufacturer: syz
[  499.129832][ T1186] usb 5-1: SerialNumber: syz
[  499.263458][T10623] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1019'.
[  499.557883][T10600] raw-gadget.0 gadget.4: fail, usb_ep_set_halt returned -11
[  500.722402][T10659] FAULT_INJECTION: forcing a failure.
[  500.722402][T10659] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  500.821009][T10659] CPU: 0 UID: 0 PID: 10659 Comm: syz.1.1025 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  500.831525][T10659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  500.841679][T10659] Call Trace:
[  500.844990][T10659]  <TASK>
[  500.847940][T10659]  dump_stack_lvl+0x241/0x360
[  500.852738][T10659]  ? __pfx_dump_stack_lvl+0x10/0x10
[  500.857963][T10659]  ? __pfx__printk+0x10/0x10
[  500.862577][T10659]  ? snprintf+0xda/0x120
[  500.866849][T10659]  should_fail_ex+0x3b0/0x4e0
[  500.871558][T10659]  _copy_to_user+0x2f/0xb0
[  500.875993][T10659]  simple_read_from_buffer+0xca/0x150
[  500.881481][T10659]  proc_fail_nth_read+0x1e9/0x250
[  500.886535][T10659]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  500.892116][T10659]  ? rw_verify_area+0x520/0x6b0
[  500.897082][T10659]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  500.902742][T10659]  vfs_read+0x204/0xbc0
[  500.906916][T10659]  ? __pfx_lock_release+0x10/0x10
[  500.911966][T10659]  ? __pfx_vfs_read+0x10/0x10
[  500.916664][T10659]  ? __fget_files+0x29/0x470
[  500.921361][T10659]  ? __fget_files+0x3f6/0x470
[  500.926062][T10659]  ksys_read+0x1a0/0x2c0
[  500.930412][T10659]  ? __pfx_ksys_read+0x10/0x10
[  500.935188][T10659]  ? do_syscall_64+0x100/0x230
[  500.939977][T10659]  ? do_syscall_64+0xb6/0x230
[  500.944759][T10659]  do_syscall_64+0xf3/0x230
[  500.949286][T10659]  ? clear_bhb_loop+0x35/0x90
[  500.953986][T10659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  500.959903][T10659] RIP: 0033:0x7f1d0a175d7c
[  500.964346][T10659] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[  500.984052][T10659] RSP: 002b:00007f1d0afb7040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  500.992484][T10659] RAX: ffffffffffffffda RBX: 00007f1d0a305f80 RCX: 00007f1d0a175d7c
[  501.000470][T10659] RDX: 000000000000000f RSI: 00007f1d0afb70b0 RDI: 0000000000000005
[  501.008491][T10659] RBP: 00007f1d0afb70a0 R08: 0000000000000000 R09: 0000000000000000
[  501.016478][T10659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  501.024459][T10659] R13: 000000000000000b R14: 00007f1d0a305f80 R15: 00007ffd02dd3be8
[  501.032461][T10659]  </TASK>
[  501.068968][ T5269] usb 5-1: USB disconnect, device number 24
[  502.829781][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  502.865583][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  503.706426][ T5269] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  503.876449][ T5269] usb 5-1: device descriptor read/64, error -71
[  504.280685][ T5269] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  504.334018][T10692] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xf
[  504.466526][ T5269] usb 5-1: device descriptor read/64, error -71
[  504.620535][ T5269] usb usb5-port1: attempt power cycle
[  505.056693][ T5269] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  505.113328][ T5269] usb 5-1: device descriptor read/8, error -71
[  506.276617][ T5269] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  506.331999][ T5269] usb 5-1: device descriptor read/8, error -71
[  506.486767][ T5269] usb usb5-port1: unable to enumerate USB device
[  506.756601][ T5270] usb 3-1: new low-speed USB device number 13 using dummy_hcd
[  506.936763][    T8] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  506.998482][ T5270] usb 3-1: config index 0 descriptor too short (expected 1307, got 27)
[  507.046810][ T5270] usb 3-1: config 0 has an invalid interface number: 0 but max is -1
[  507.097742][ T5270] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0
[  507.139562][ T5270] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  507.156676][    T8] usb 2-1: Using ep0 maxpacket: 16
[  507.204508][ T5270] usb 3-1: string descriptor 0 read error: -22
[  507.236897][    T8] usb 2-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  507.242420][ T5270] usb 3-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de
[  507.286551][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.308762][ T5270] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.345657][    T8] usb 2-1: Product: syz
[  507.360696][    T8] usb 2-1: Manufacturer: syz
[  507.361421][ T5270] usb 3-1: config 0 descriptor??
[  507.365339][    T8] usb 2-1: SerialNumber: syz
[  507.417263][T10718] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  507.452915][    T8] usb 2-1: config 0 descriptor??
[  507.458417][ T5270] hub 3-1:0.0: bad descriptor, ignoring hub
[  507.464396][ T5270] hub 3-1:0.0: probe with driver hub failed with error -5
[  507.489892][    T8] visor 2-1:0.0: Sony Clie 3.5 converter detected
[  507.519814][ T5270] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input45
[  507.789481][    T8] usb 2-1: clie_3_5_startup: get config number failed: -71
[  507.808995][    T8] visor 2-1:0.0: probe with driver visor failed with error -71
[  507.821501][    T8] usb 2-1: USB disconnect, device number 14
[  508.675436][ T5271] usb 3-1: USB disconnect, device number 13
[  510.176368][T10746] netlink: 'syz.2.1041': attribute type 4 has an invalid length.
[  510.556988][T10749] netlink: 'syz.2.1041': attribute type 4 has an invalid length.
[  514.595318][T10778] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  514.807297][T10778] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  520.255313][T10816] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1058'.
[  522.453016][T10835] netlink: 'syz.3.1062': attribute type 10 has an invalid length.
[  522.463942][T10835] batman_adv: batadv0: Adding interface: team0
[  522.470377][T10835] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  522.499983][T10835] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active
[  522.513594][T10836] netlink: 'syz.3.1062': attribute type 10 has an invalid length.
[  522.521767][T10836] netlink: 2 bytes leftover after parsing attributes in process `syz.3.1062'.
[  522.531087][T10836] team0: entered promiscuous mode
[  522.536345][T10836] team_slave_0: entered promiscuous mode
[  522.542677][T10836] team_slave_1: entered promiscuous mode
[  522.552183][T10836] 8021q: adding VLAN 0 to HW filter on device team0
[  522.560572][T10836] batman_adv: batadv0: Interface activated: team0
[  522.600593][T10836] batman_adv: batadv0: Interface deactivated: team0
[  522.607425][T10836] batman_adv: batadv0: Removing interface: team0
[  522.757320][T10836] bridge0: port 3(team0) entered blocking state
[  522.765018][T10836] bridge0: port 3(team0) entered disabled state
[  522.771867][T10836] team0: entered allmulticast mode
[  522.777163][T10836] team_slave_0: entered allmulticast mode
[  522.783011][T10836] team_slave_1: entered allmulticast mode
[  522.798567][T10836] bridge0: port 3(team0) entered blocking state
[  522.805623][T10836] bridge0: port 3(team0) entered forwarding state
[  526.402393][ T5235] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  526.414534][ T5235] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  526.426525][ T5235] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  526.435181][ T5235] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  526.449531][ T5235] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  526.458898][ T5235] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  526.721617][   T81] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  526.852722][   T29] audit: type=1326 audit(1722150107.013:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10890 comm="syz.3.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd876d77299 code=0x7ffc0000
[  526.937403][   T81] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  527.030868][   T29] audit: type=1326 audit(1722150107.033:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10890 comm="syz.3.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd876d77299 code=0x7ffc0000
[  527.153668][   T81] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  527.173328][   T29] audit: type=1326 audit(1722150107.053:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10890 comm="syz.3.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7fd876d77299 code=0x7ffc0000
[  527.381818][   T29] audit: type=1326 audit(1722150107.053:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10890 comm="syz.3.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd876d77299 code=0x7ffc0000
[  527.385736][   T81] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  527.598135][   T29] audit: type=1326 audit(1722150107.053:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10890 comm="syz.3.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd876d77299 code=0x7ffc0000
[  527.717631][   T29] audit: type=1326 audit(1722150107.053:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10890 comm="syz.3.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7fd876d77299 code=0x7ffc0000
[  527.741007][   T29] audit: type=1326 audit(1722150107.053:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10890 comm="syz.3.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd876d77299 code=0x7ffc0000
[  527.824465][   T29] audit: type=1326 audit(1722150107.053:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10890 comm="syz.3.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fd876d77299 code=0x7ffc0000
[  527.927618][   T29] audit: type=1326 audit(1722150107.053:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10890 comm="syz.3.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd876d77299 code=0x7ffc0000
[  528.860660][ T1186] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  528.863391][ T5235] Bluetooth: hci2: command tx timeout
[  529.201233][   T29] audit: type=1326 audit(1722150107.053:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10890 comm="syz.3.1075" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7fd876d77299 code=0x7ffc0000
[  529.327431][ T1186] usb 2-1: device descriptor read/64, error -71
[  529.534654][   T81] bridge_slave_1: left allmulticast mode
[  529.550321][   T81] bridge_slave_1: left promiscuous mode
[  529.565455][   T81] bridge0: port 2(bridge_slave_1) entered disabled state
[  529.580726][   T81] bridge_slave_0: left allmulticast mode
[  529.588734][   T81] bridge_slave_0: left promiscuous mode
[  529.595349][   T81] bridge0: port 1(bridge_slave_0) entered disabled state
[  529.636768][ T1186] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  530.376805][ T1186] usb 2-1: device descriptor read/64, error -71
[  530.526971][ T1186] usb usb2-port1: attempt power cycle
[  531.096467][ T5235] Bluetooth: hci2: command tx timeout
[  531.114122][T10920] FAULT_INJECTION: forcing a failure.
[  531.114122][T10920] name failslab, interval 1, probability 0, space 0, times 0
[  531.142650][T10920] CPU: 1 UID: 0 PID: 10920 Comm: syz.1.1083 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  531.153186][T10920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  531.163252][T10920] Call Trace:
[  531.166536][T10920]  <TASK>
[  531.169465][T10920]  dump_stack_lvl+0x241/0x360
[  531.174153][T10920]  ? __pfx_dump_stack_lvl+0x10/0x10
[  531.179398][T10920]  ? __pfx__printk+0x10/0x10
[  531.183999][T10920]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[  531.189550][T10920]  ? __pfx___might_resched+0x10/0x10
[  531.194860][T10920]  should_fail_ex+0x3b0/0x4e0
[  531.199558][T10920]  ? security_file_alloc+0x28/0x130
[  531.204776][T10920]  should_failslab+0xac/0x100
[  531.209461][T10920]  ? security_file_alloc+0x28/0x130
[  531.214745][T10920]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  531.220126][T10920]  security_file_alloc+0x28/0x130
[  531.225240][T10920]  init_file+0x99/0x200
[  531.229405][T10920]  alloc_empty_file+0xb8/0x1d0
[  531.234176][T10920]  path_openat+0x105/0x3470
[  531.238770][T10920]  ? mark_lock+0x9a/0x350
[  531.243203][T10920]  ? __pfx_stack_trace_save+0x10/0x10
[  531.248585][T10920]  ? __lock_acquire+0x137a/0x2040
[  531.253632][T10920]  ? __lock_acquire+0x137a/0x2040
[  531.258664][T10920]  ? __pfx_path_openat+0x10/0x10
[  531.263630][T10920]  do_filp_open+0x235/0x490
[  531.268145][T10920]  ? __pfx_do_filp_open+0x10/0x10
[  531.273207][T10920]  ? _raw_spin_unlock+0x28/0x50
[  531.278067][T10920]  ? alloc_fd+0x5a1/0x640
[  531.282418][T10920]  do_sys_openat2+0x13e/0x1d0
[  531.287116][T10920]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  531.293105][T10920]  ? __pfx_do_sys_openat2+0x10/0x10
[  531.298311][T10920]  ? __fget_files+0x3f6/0x470
[  531.303004][T10920]  __x64_sys_openat+0x247/0x2a0
[  531.307871][T10920]  ? __pfx___x64_sys_openat+0x10/0x10
[  531.313252][T10920]  ? do_syscall_64+0x100/0x230
[  531.318059][T10920]  ? do_syscall_64+0xb6/0x230
[  531.322769][T10920]  do_syscall_64+0xf3/0x230
[  531.327278][T10920]  ? clear_bhb_loop+0x35/0x90
[  531.331971][T10920]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  531.337875][T10920] RIP: 0033:0x7f1d0a177299
[  531.342289][T10920] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  531.362009][T10920] RSP: 002b:00007f1d0af96048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  531.370447][T10920] RAX: ffffffffffffffda RBX: 00007f1d0a306058 RCX: 00007f1d0a177299
[  531.378430][T10920] RDX: 0000000000000000 RSI: 0000000020000340 RDI: ffffffffffffff9c
[  531.386405][T10920] RBP: 00007f1d0af960a0 R08: 0000000000000000 R09: 0000000000000000
[  531.394372][T10920] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  531.402344][T10920] R13: 000000000000006e R14: 00007f1d0a306058 R15: 00007ffd02dd3be8
[  531.410333][T10920]  </TASK>
[  531.673555][   T81] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  531.717121][   T81] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  531.758225][   T81] bond0 (unregistering): Released all slaves
[  533.029518][T10886] chnl_net:caif_netlink_parms(): no params data found
[  533.176375][ T5235] Bluetooth: hci2: command tx timeout
[  533.846713][   T25] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  534.188818][   T29] kauditd_printk_skb: 24 callbacks suppressed
[  534.188839][   T29] audit: type=1326 audit(1722150114.323:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10936 comm="syz.0.1086" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcd70f77299 code=0x0
[  534.216087][    C0] vkms_vblank_simulate: vblank timer overrun
[  534.370963][T10886] bridge0: port 1(bridge_slave_0) entered blocking state
[  534.393862][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  534.410938][T10886] bridge0: port 1(bridge_slave_0) entered disabled state
[  534.428813][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  534.444129][T10886] bridge_slave_0: entered allmulticast mode
[  534.468435][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  534.481214][T10886] bridge_slave_0: entered promiscuous mode
[  534.511947][   T25] usb 3-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  534.576422][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  534.607615][   T25] usb 3-1: config 0 descriptor??
[  534.659621][   T25] gspca_main: abcd:cdee too many config
[  534.705194][T10886] bridge0: port 2(bridge_slave_1) entered blocking state
[  534.714027][   T25] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  534.726646][T10886] bridge0: port 2(bridge_slave_1) entered disabled state
[  534.746561][T10886] bridge_slave_1: entered allmulticast mode
[  534.764161][T10886] bridge_slave_1: entered promiscuous mode
[  534.788432][   T25] usb 3-1: MIDIStreaming interface descriptor not found
[  535.336671][ T5235] Bluetooth: hci2: command tx timeout
[  535.681181][T10953] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  535.826945][T10953] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  535.891743][T10886] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  535.997842][   T81] hsr_slave_0: left promiscuous mode
[  536.029455][   T81] hsr_slave_1: left promiscuous mode
[  536.070402][   T81] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  536.145512][   T81] batman_adv: batadv0: Removing interface: batadv_slave_0
[  536.213791][   T81] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  536.235169][   T81] batman_adv: batadv0: Removing interface: batadv_slave_1
[  536.355820][   T81] veth1_macvtap: left promiscuous mode
[  536.366188][   T81] veth0_macvtap: left promiscuous mode
[  536.385243][   T81] veth1_vlan: left promiscuous mode
[  536.410298][   T81] veth0_vlan: left promiscuous mode
[  538.204833][   T81] team0 (unregistering): Port device team_slave_1 removed
[  538.355485][   T81] team0 (unregistering): Port device team_slave_0 removed
[  538.964895][T10886] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  539.085153][ T5269] usb 3-1: USB disconnect, device number 14
[  540.762660][T10886] team0: Port device team_slave_0 added
[  541.069552][T10886] team0: Port device team_slave_1 added
[  541.416497][   T25] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  542.041193][T10886] batman_adv: batadv0: Adding interface: batadv_slave_0
[  542.367699][T10886] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  542.432574][T10886] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  542.486395][   T25] usb 3-1: device descriptor read/all, error -71
[  542.678099][T10886] batman_adv: batadv0: Adding interface: batadv_slave_1
[  542.685124][T10886] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  542.762556][T10886] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  543.214411][T10886] hsr_slave_0: entered promiscuous mode
[  543.235094][T10886] hsr_slave_1: entered promiscuous mode
[  543.319050][   T81] IPVS: stop unused estimator thread 0...
[  543.683587][T11059] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(4)
[  543.690511][T11059] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  543.704633][T11059] vhci_hcd vhci_hcd.0: Device attached
[  543.998064][   T25] usb 15-1: new high-speed USB device number 2 using vhci_hcd
[  544.091746][   T81] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  544.307974][T11060] vhci_hcd: connection reset by peer
[  544.329089][ T8524] vhci_hcd: stop threads
[  544.335303][   T81] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  544.349654][ T8524] vhci_hcd: release socket
[  544.362259][ T8524] vhci_hcd: disconnect device
[  545.583207][   T81] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  546.185654][   T81] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  546.713901][ T5218] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  546.760389][ T5218] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  546.777250][ T5218] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  546.792355][ T5218] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  546.810602][ T5218] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  546.821936][ T5218] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  547.097974][T11114] xt_policy: neither incoming nor outgoing policy selected
[  547.482826][T11118] kvm: emulating exchange as write
[  547.507814][   T81] bridge_slave_1: left allmulticast mode
[  547.529151][   T81] bridge_slave_1: left promiscuous mode
[  547.550218][   T81] bridge0: port 2(bridge_slave_1) entered disabled state
[  547.575044][   T81] bridge_slave_0: left allmulticast mode
[  547.587671][   T81] bridge_slave_0: left promiscuous mode
[  547.609122][   T81] bridge0: port 1(bridge_slave_0) entered disabled state
[  548.383105][T11130] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1119'.
[  548.395238][   T81] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  548.414550][T11130] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1119'.
[  548.433395][   T81] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  548.472498][   T81] bond0 (unregistering): Released all slaves
[  548.806041][T10886] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  548.846960][   T46] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  548.856848][ T5235] Bluetooth: hci0: command tx timeout
[  548.984642][T10886] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  549.195485][   T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  549.206605][   T46] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  549.207242][T10886] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  549.219627][   T46] usb 1-1: New USB device found, idVendor=ce5d, idProduct=3e3e, bcdDevice=86.d6
[  549.361636][   T25] vhci_hcd: vhci_device speed not set
[  549.396034][   T46] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  549.424819][   T46] usb 1-1: Product: syz
[  549.431000][   T46] usb 1-1: Manufacturer: syz
[  549.435859][   T46] usb 1-1: SerialNumber: syz
[  549.519577][   T46] usb 1-1: config 0 descriptor??
[  550.213364][T11134] bridge0: port 2(bridge_slave_1) entered disabled state
[  550.275616][T10886] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  550.285521][ T5269] usb 1-1: USB disconnect, device number 16
[  550.492357][   T81] hsr_slave_0: left promiscuous mode
[  550.503325][   T81] hsr_slave_1: left promiscuous mode
[  550.527257][   T81] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  550.556942][   T81] batman_adv: batadv0: Removing interface: batadv_slave_0
[  550.570992][   T81] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  550.583397][   T81] batman_adv: batadv0: Removing interface: batadv_slave_1
[  550.630229][   T81] veth1_macvtap: left promiscuous mode
[  550.636004][   T81] veth0_macvtap: left promiscuous mode
[  550.719593][   T81] veth1_vlan: left promiscuous mode
[  550.725662][   T81] veth0_vlan: left promiscuous mode
[  550.942726][ T5235] Bluetooth: hci0: command tx timeout
[  551.663986][T11165] xt_policy: neither incoming nor outgoing policy selected
[  551.776772][ T5269] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  551.800631][T11167] syz.3.1123: attempt to access beyond end of device
[  551.800631][T11167] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  551.813642][T11167] (syz.3.1123,11167,0):ocfs2_get_sector:1771 ERROR: status = -5
[  551.821611][T11167] (syz.3.1123,11167,0):ocfs2_sb_probe:749 ERROR: status = -5
[  551.829141][T11167] (syz.3.1123,11167,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  551.837911][T11167] (syz.3.1123,11167,0):ocfs2_fill_super:1178 ERROR: status = -5
[  551.984811][ T5269] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  552.019584][ T5269] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  552.046873][ T5269] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  552.083074][ T5269] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  552.119125][ T5269] usb 1-1: config 0 descriptor??
[  552.546135][ T5269] usbhid 1-1:0.0: can't add hid device: -71
[  552.568185][ T5269] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  552.595797][ T5269] usb 1-1: USB disconnect, device number 17
[  552.760858][   T81] team0 (unregistering): Port device team_slave_1 removed
[  552.820881][   T81] team0 (unregistering): Port device team_slave_0 removed
[  553.017395][ T5235] Bluetooth: hci0: command tx timeout
[  553.510773][T11169] FAULT_INJECTION: forcing a failure.
[  553.510773][T11169] name failslab, interval 1, probability 0, space 0, times 0
[  553.536616][T11169] CPU: 0 UID: 0 PID: 11169 Comm: syz.1.1126 Not tainted 6.10.0-syzkaller-12881-g6342649c33d2 #0
[  553.547120][T11169] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  553.557219][T11169] Call Trace:
[  553.560618][T11169]  <TASK>
[  553.563583][T11169]  dump_stack_lvl+0x241/0x360
[  553.568318][T11169]  ? __pfx_dump_stack_lvl+0x10/0x10
[  553.573569][T11169]  ? __pfx__printk+0x10/0x10
[  553.578233][T11169]  ? __pfx_lock_acquire+0x10/0x10
[  553.583318][T11169]  should_fail_ex+0x3b0/0x4e0
[  553.588063][T11169]  ? ___neigh_create+0x691/0x2470
[  553.593141][T11169]  should_failslab+0xac/0x100
[  553.597870][T11169]  ? ___neigh_create+0x691/0x2470
[  553.602935][T11169]  __kmalloc_noprof+0xd8/0x400
[  553.607771][T11169]  ___neigh_create+0x691/0x2470
[  553.612672][T11169]  ? __pfx_neigh_lookup+0x10/0x10
[  553.617758][T11169]  ? __mutex_lock+0x527/0xd70
[  553.622581][T11169]  arp_req_set+0x36a/0x660
[  553.627062][T11169]  ? __pfx_arp_req_set+0x10/0x10
[  553.632052][T11169]  ? __might_fault+0xc6/0x120
[  553.636785][T11169]  arp_ioctl+0x365/0x530
[  553.641071][T11169]  ? __pfx_arp_ioctl+0x10/0x10
[  553.645913][T11169]  inet_ioctl+0x2b5/0x4f0
[  553.650465][T11169]  ? tomoyo_path_number_perm+0x208/0x880
[  553.656137][T11169]  ? __pfx_inet_ioctl+0x10/0x10
[  553.661069][T11169]  sock_do_ioctl+0x158/0x460
[  553.665802][T11169]  ? __pfx_sock_do_ioctl+0x10/0x10
[  553.670971][T11169]  ? __asan_memset+0x23/0x50
[  553.675600][T11169]  ? smack_file_ioctl+0x2a1/0x3a0
[  553.680670][T11169]  sock_ioctl+0x629/0x8e0
[  553.685055][T11169]  ? __pfx_sock_ioctl+0x10/0x10
[  553.689949][T11169]  ? __fget_files+0x3f6/0x470
[  553.694671][T11169]  ? __fget_files+0x29/0x470
[  553.699308][T11169]  ? bpf_lsm_file_ioctl+0x9/0x10
[  553.704291][T11169]  ? security_file_ioctl+0x87/0xb0
[  553.709432][T11169]  ? __pfx_sock_ioctl+0x10/0x10
[  553.714302][T11169]  __se_sys_ioctl+0xfc/0x170
[  553.718906][T11169]  do_syscall_64+0xf3/0x230
[  553.723421][T11169]  ? clear_bhb_loop+0x35/0x90
[  553.728114][T11169]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  553.734017][T11169] RIP: 0033:0x7f1d0a177299
[  553.738445][T11169] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  553.758061][T11169] RSP: 002b:00007f1d0afb7048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  553.766494][T11169] RAX: ffffffffffffffda RBX: 00007f1d0a305f80 RCX: 00007f1d0a177299
[  553.774473][T11169] RDX: 0000000020000040 RSI: 0000000000008955 RDI: 0000000000000005
[  553.782450][T11169] RBP: 00007f1d0afb70a0 R08: 0000000000000000 R09: 0000000000000000
[  553.790428][T11169] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  553.798495][T11169] R13: 000000000000000b R14: 00007f1d0a305f80 R15: 00007ffd02dd3be8
[  553.806494][T11169]  </TASK>
[  553.836582][T11171] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1127'.
[  553.878491][T11100] chnl_net:caif_netlink_parms(): no params data found
[  555.127878][ T5235] Bluetooth: hci0: command tx timeout
[  556.077934][T11100] bridge0: port 1(bridge_slave_0) entered blocking state
[  556.394647][ T8524] tipc: Subscription rejected, illegal request
[  556.599173][T11100] bridge0: port 1(bridge_slave_0) entered disabled state
[  556.927441][T11100] bridge_slave_0: entered allmulticast mode
[  556.935089][T11100] bridge_slave_0: entered promiscuous mode
[  557.023851][T11212] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1134'.
[  557.101924][T11100] bridge0: port 2(bridge_slave_1) entered blocking state
[  557.187972][T11100] bridge0: port 2(bridge_slave_1) entered disabled state
[  557.205424][T11100] bridge_slave_1: entered allmulticast mode
[  557.667267][T11100] bridge_slave_1: entered promiscuous mode
[  558.094684][   T29] audit: type=1326 audit(1722150138.253:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11208 comm="syz.0.1134" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcd70f77299 code=0x0
[  558.976501][T11100] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  559.074637][T10886] 8021q: adding VLAN 0 to HW filter on device bond0
[  559.133981][T11100] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  559.406761][   T29] audit: type=1326 audit(1722150139.563:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11223 comm="syz.3.1137" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd876d77299 code=0x0
[  559.530728][T11100] team0: Port device team_slave_0 added
[  559.634246][T11100] team0: Port device team_slave_1 added
[  559.744702][T11100] batman_adv: batadv0: Adding interface: batadv_slave_0
[  559.752672][T11100] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  559.789227][T11100] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  559.813307][T10886] 8021q: adding VLAN 0 to HW filter on device team0
[  559.854764][T11100] batman_adv: batadv0: Adding interface: batadv_slave_1
[  559.877153][T11100] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  559.914915][T11100] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  559.934630][ T5269] bridge0: port 1(bridge_slave_0) entered blocking state
[  559.941929][ T5269] bridge0: port 1(bridge_slave_0) entered forwarding state
[  561.538149][ T5269] bridge0: port 2(bridge_slave_1) entered blocking state
[  561.545517][ T5269] bridge0: port 2(bridge_slave_1) entered forwarding state
[  561.741128][T11100] hsr_slave_0: entered promiscuous mode
[  561.762307][T11100] hsr_slave_1: entered promiscuous mode
[  562.518381][T11100] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  562.532611][T11100] Cannot create hsr debugfs directory
[  563.335829][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  563.342807][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  563.388819][T11289] syz.3.1147: attempt to access beyond end of device
[  563.388819][T11289] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  563.401775][T11289] (syz.3.1147,11289,0):ocfs2_get_sector:1771 ERROR: status = -5
[  563.409636][T11289] (syz.3.1147,11289,0):ocfs2_sb_probe:749 ERROR: status = -5
[  563.417143][T11289] (syz.3.1147,11289,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[  563.425947][T11289] (syz.3.1147,11289,0):ocfs2_fill_super:1178 ERROR: status = -5
[  564.715153][T11305] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1149'.
[  564.968049][T10886] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  568.100068][T10886] 8021q: adding VLAN 0 to HW filter on device batadv0
[  568.435172][T11100] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  568.473735][T11374] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1159'.
[  568.506032][T11100] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  568.550313][T11100] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  568.594210][T11100] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  568.957108][   T29] audit: type=1326 audit(1722150149.113:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11367 comm="syz.1.1159" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1d0a177299 code=0x0
[  569.064180][T11100] 8021q: adding VLAN 0 to HW filter on device bond0
[  569.218562][T11100] 8021q: adding VLAN 0 to HW filter on device team0
[  569.246097][T10886] veth0_vlan: entered promiscuous mode
[  569.267401][    T9] bridge0: port 1(bridge_slave_0) entered blocking state
[  569.274597][    T9] bridge0: port 1(bridge_slave_0) entered forwarding state
[  570.202714][T10886] veth1_vlan: entered promiscuous mode
[  570.380391][ T5222] Bluetooth: hci5: command 0x0406 tx timeout
[  570.387098][ T5222] Bluetooth: hci1: command 0x0406 tx timeout
[  570.400481][ T1186] bridge0: port 2(bridge_slave_1) entered blocking state
[  570.407762][ T1186] bridge0: port 2(bridge_slave_1) entered forwarding state
[  570.701621][T10886] veth0_macvtap: entered promiscuous mode
[  570.732495][T10886] veth1_macvtap: entered promiscuous mode
[  570.815206][T10886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  570.850622][T10886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  570.858820][T11424] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1163'.
[  570.875173][T11424] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1163'.
[  570.888685][T10886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  570.932551][T10886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  570.946554][ T1186] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  570.974489][T10886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  571.013254][T10886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  571.071899][T10886] batman_adv: batadv0: Interface activated: batadv_slave_0
[  571.120069][T10886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  571.149168][T10886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  571.158882][ T1186] usb 4-1: Using ep0 maxpacket: 32
[  571.159744][T10886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  571.175694][T10886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  571.196539][T10886] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  571.215031][T10886] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  571.248014][T10886] batman_adv: batadv0: Interface activated: batadv_slave_1
[  571.325351][T10886] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  571.421319][T10886] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  571.507989][T10886] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  571.536592][T10886] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  571.918878][ T1186] usb 4-1: unable to get BOS descriptor or descriptor too short
[  571.943007][ T1186] usb 4-1: unable to read config index 0 descriptor/start: -71
[  571.997996][ T1186] usb 4-1: can't read configurations, error -71
[  572.570703][T11100] 8021q: adding VLAN 0 to HW filter on device batadv0
[  572.757806][ T5447] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  572.765746][ T5447] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  572.976975][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  573.008684][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  573.110798][T11100] veth0_vlan: entered promiscuous mode
[  573.242153][T11100] veth1_vlan: entered promiscuous mode
[  573.369093][ T1186] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  573.657478][ T1186] usb 4-1: Using ep0 maxpacket: 16
[  573.693269][ T1186] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  573.705846][ T1186] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  573.715998][ T1186] usb 4-1: New USB device found, idVendor=17ef, idProduct=6085, bcdDevice= 0.00
[  573.768799][ T1186] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  573.943405][ T1186] usb 4-1: config 0 descriptor??
[  574.337990][ T2948] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  574.407922][ T1186] hid-rmi 0003:17EF:6085.0015: item fetching failed at offset 4/5
[  574.437617][ T1186] hid-rmi 0003:17EF:6085.0015: parse failed
[  574.443675][ T1186] hid-rmi 0003:17EF:6085.0015: probe with driver hid-rmi failed with error -22
[  574.752568][    C1] eth0: bad gso: type: 1, size: 1408
[  574.786213][T11100] veth0_macvtap: entered promiscuous mode
[  574.797336][   T25] usb 4-1: USB disconnect, device number 19
[  574.928608][ T2948] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  575.947958][T11100] veth1_macvtap: entered promiscuous mode
[  576.062426][T11100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  576.073039][T11100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  576.098634][T11100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  576.136311][T11100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  576.180402][T11100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  576.237512][T11100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  576.283396][T11100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  576.780404][ T1063] tipc: Subscription rejected, illegal request
[  577.366347][T11100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  577.557889][T11100] batman_adv: batadv0: Interface activated: batadv_slave_0
[  577.698115][ T2948] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  577.996551][ T5268] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  578.153207][ T5235] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  578.172534][ T5235] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  578.190439][ T5235] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  578.212849][ T5235] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  578.240564][ T5235] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  578.255510][ T5235] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  578.286604][ T5268] usb 2-1: Using ep0 maxpacket: 16
[  578.435497][ T5268] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  578.437828][T11100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  578.459171][ T5268] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[  578.474936][ T5268] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  578.486636][ T5268] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  578.516426][T11100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  578.526943][T11100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  578.548953][ T5268] usb 2-1: config 0 descriptor??
[  578.559335][ T5268] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  578.566941][T11100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  578.586584][T11100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  578.609604][T11100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  578.636484][T11100] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  578.666362][T11100] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  578.698258][T11100] batman_adv: batadv0: Interface activated: batadv_slave_1
[  578.830671][ T2948] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  578.881846][T11100] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  578.898489][T11100] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  579.120985][T11100] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  579.420489][T11100] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  580.013910][ T8524] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  580.081483][ T8524] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  580.122780][ T2948] bridge_slave_1: left allmulticast mode
[  580.149988][ T2948] bridge_slave_1: left promiscuous mode
[  580.163794][ T2948] bridge0: port 2(bridge_slave_1) entered disabled state
[  580.191292][ T2948] bridge_slave_0: left allmulticast mode
[  580.205852][ T2948] bridge_slave_0: left promiscuous mode
[  580.213007][ T2948] bridge0: port 1(bridge_slave_0) entered disabled state
[  580.378043][ T5235] Bluetooth: hci1: command tx timeout
[  581.013293][ T5271] usb 2-1: USB disconnect, device number 18
[  582.334695][ T5269] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  582.384947][T11562] xt_policy: neither incoming nor outgoing policy selected
[  582.458846][ T5235] Bluetooth: hci1: command tx timeout
[  582.526523][ T5269] usb 4-1: Using ep0 maxpacket: 16
[  582.547969][ T5269] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  582.578385][ T5269] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  582.617330][ T5269] usb 4-1: New USB device found, idVendor=046d, idProduct=ca03, bcdDevice= 0.00
[  582.637235][T11562] 9pnet: Could not find request transport: —0$»x
[  582.653574][ T5269] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  582.701845][ T5269] usb 4-1: config 0 descriptor??
[  582.908196][ T2948] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  582.922427][ T2948] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  582.934625][ T2948] bond0 (unregistering): Released all slaves
[  583.124389][ T5269] usbhid 4-1:0.0: can't add hid device: -71
[  583.144395][ T5269] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  583.159644][ T5269] usb 4-1: USB disconnect, device number 20
[  583.198237][ T5447] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  583.228639][ T5447] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  584.004127][   T11] tipc: Subscription rejected, illegal request
[  584.538699][ T5235] Bluetooth: hci1: command tx timeout
[  586.616390][ T5235] Bluetooth: hci1: command tx timeout
[  690.606228][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  690.613248][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P1119/1:b..l P11601/1:b..l P10886/1:b..l
[  690.624084][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=48745, q=412 ncpus=2)
[  690.631891][    C1] task:syz-executor    state:R  running task     stack:20992 pid:10886 tgid:10886 ppid:10849  flags:0x00004002
[  690.644806][    C1] Call Trace:
[  690.648094][    C1]  <TASK>
[  690.651028][    C1]  __schedule+0x17ae/0x4a10
[  690.655645][    C1]  ? __pfx___schedule+0x10/0x10
[  690.660517][    C1]  ? mark_lock+0x9a/0x350
[  690.664861][    C1]  ? copy_pmd_range+0x7a7a/0x8500
[  690.669981][    C1]  ? preempt_schedule+0xe1/0xf0
[  690.674830][    C1]  preempt_schedule_common+0x84/0xd0
[  690.680123][    C1]  preempt_schedule+0xe1/0xf0
[  690.684890][    C1]  ? __pfx_preempt_schedule+0x10/0x10
[  690.690271][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  690.696263][    C1]  ? __page_table_check_ptes_set+0x30f/0x410
[  690.702264][    C1]  ? copy_pmd_range+0x7a7a/0x8500
[  690.707309][    C1]  preempt_schedule_thunk+0x1a/0x30
[  690.712514][    C1]  _raw_spin_unlock+0x3e/0x50
[  690.717189][    C1]  copy_pmd_range+0x7ad5/0x8500
[  690.722064][    C1]  ? __pfx_copy_pmd_range+0x10/0x10
[  690.727267][    C1]  ? look_up_lock_class+0x77/0x160
[  690.732380][    C1]  ? register_lock_class+0x102/0x980
[  690.737692][    C1]  ? __pfx_register_lock_class+0x10/0x10
[  690.743332][    C1]  ? mark_lock+0x9a/0x350
[  690.747673][    C1]  ? __lock_acquire+0x137a/0x2040
[  690.752721][    C1]  copy_page_range+0x99f/0xe90
[  690.757509][    C1]  ? __pfx_copy_page_range+0x10/0x10
[  690.762887][    C1]  ? __pfx_up_write+0x10/0x10
[  690.767580][    C1]  ? __asan_memset+0x23/0x50
[  690.772171][    C1]  ? __pfx_vma_interval_tree_augment_rotate+0x10/0x10
[  690.778937][    C1]  ? vma_interval_tree_insert_after+0x259/0x2b0
[  690.785187][    C1]  copy_mm+0x11ea/0x1f30
[  690.789462][    C1]  ? __pfx_copy_mm+0x10/0x10
[  690.794061][    C1]  ? __init_rwsem+0x122/0x160
[  690.798735][    C1]  ? copy_signal+0x549/0x670
[  690.803347][    C1]  copy_process+0x187a/0x3dc0
[  690.808067][    C1]  ? copy_process+0xa03/0x3dc0
[  690.812842][    C1]  ? __pfx_copy_process+0x10/0x10
[  690.817939][    C1]  kernel_clone+0x223/0x870
[  690.822489][    C1]  ? __pfx_kernel_clone+0x10/0x10
[  690.827547][    C1]  __x64_sys_clone+0x258/0x2a0
[  690.832329][    C1]  ? __pfx___x64_sys_clone+0x10/0x10
[  690.837634][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  690.843639][    C1]  ? exc_page_fault+0x590/0x8c0
[  690.848501][    C1]  ? do_syscall_64+0xb6/0x230
[  690.853181][    C1]  do_syscall_64+0xf3/0x230
[  690.857687][    C1]  ? clear_bhb_loop+0x35/0x90
[  690.862369][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  690.868268][    C1] RIP: 0033:0x7fc2d736db93
[  690.872685][    C1] RSP: 002b:00007ffdfaa12388 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[  690.881203][    C1] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fc2d736db93
[  690.889175][    C1] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[  690.897141][    C1] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  690.905121][    C1] R10: 000055557c3cc7d0 R11: 0000000000000246 R12: 0000000000000000
[  690.913179][    C1] R13: 000000000008ebcf R14: 000000000008e747 R15: 00007ffdfaa12510
[  690.921192][    C1]  </TASK>
[  690.924237][    C1] task:sed             state:R  running task     stack:26288 pid:11601 tgid:11601 ppid:11599  flags:0x00004002
[  690.935979][    C1] Call Trace:
[  690.939254][    C1]  <TASK>
[  690.942187][    C1]  __schedule+0x17ae/0x4a10
[  690.946716][    C1]  ? __pfx___schedule+0x10/0x10
[  690.951574][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  690.957572][    C1]  ? preempt_schedule_irq+0xf0/0x1c0
[  690.962955][    C1]  preempt_schedule_irq+0xfb/0x1c0
[  690.968090][    C1]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  690.973818][    C1]  ? __lock_acquire+0x137a/0x2040
[  690.978860][    C1]  irqentry_exit+0x5e/0x90
[  690.983364][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  690.989350][    C1] RIP: 0010:__pte_offset_map_lock+0x1b2/0x300
[  690.995448][    C1] Code: 00 ea ff ff 48 01 c3 48 89 d8 48 c1 e8 03 49 bd 00 00 00 00 00 fc ff df 42 80 3c 28 00 74 08 48 89 df e8 81 6a 12 00 4c 8b 33 <4c> 89 f7 e8 76 7b d1 09 48 8b 44 24 28 42 80 3c 28 00 48 8b 5c 24
[  691.015063][    C1] RSP: 0018:ffffc9000b867200 EFLAGS: 00000246
[  691.021157][    C1] RAX: 1ffffd40003489bd RBX: ffffea0001a44de8 RCX: ffff888025409e00
[  691.029153][    C1] RDX: 0000000069137ff0 RSI: 0000000000000000 RDI: 0000000000000000
[  691.037126][    C1] RBP: ffffc9000b8672f0 R08: ffffffff81e52afb R09: 1ffffffff269cf00
[  691.045110][    C1] R10: dffffc0000000000 R11: fffffbfff269cf01 R12: 1ffff9200170ce48
[  691.053107][    C1] R13: dffffc0000000000 R14: ffff88807b466f00 R15: 1ffff9200170ce50
[  691.061084][    C1]  ? __pte_offset_map_lock+0x17b/0x300
[  691.066576][    C1]  ? __pfx___pte_offset_map_lock+0x10/0x10
[  691.072482][    C1]  change_protection+0xeae/0x3d50
[  691.077517][    C1]  ? mtree_load+0x1ef/0x940
[  691.082050][    C1]  ? __pfx_change_protection+0x10/0x10
[  691.087519][    C1]  ? vma_set_page_prot+0x1d7/0x530
[  691.092656][    C1]  ? __pfx_vma_set_page_prot+0x10/0x10
[  691.098138][    C1]  mprotect_fixup+0x740/0xa90
[  691.102843][    C1]  ? __pfx_mprotect_fixup+0x10/0x10
[  691.108072][    C1]  ? tlb_gather_mmu+0x24e/0x310
[  691.112961][    C1]  setup_arg_pages+0x5c8/0x1000
[  691.117827][    C1]  ? __pfx_setup_arg_pages+0x10/0x10
[  691.123141][    C1]  ? get_random_u64+0x51d/0x9e0
[  691.127998][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  691.133197][    C1]  ? get_random_u64+0x1a5/0x9e0
[  691.138049][    C1]  ? get_random_u64+0x596/0x9e0
[  691.142899][    C1]  ? get_random_u64+0x1a5/0x9e0
[  691.147756][    C1]  ? __pfx_get_random_u64+0x10/0x10
[  691.152977][    C1]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  691.158982][    C1]  ? arch_setup_new_exec+0xb0/0x1b0
[  691.164193][    C1]  load_elf_binary+0xb80/0x2680
[  691.169077][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  691.174103][    C1]  ? bprm_execve+0xad1/0x1770
[  691.178780][    C1]  ? __pfx_load_elf_binary+0x10/0x10
[  691.184088][    C1]  ? _raw_read_unlock+0x28/0x50
[  691.188953][    C1]  ? load_misc_binary+0x6e5/0xc00
[  691.194042][    C1]  ? tomoyo_bprm_check_security+0xe9/0x180
[  691.199970][    C1]  bprm_execve+0xaf8/0x1770
[  691.204480][    C1]  ? __pfx_lock_release+0x10/0x10
[  691.209555][    C1]  ? __pfx_bprm_execve+0x10/0x10
[  691.214705][    C1]  ? put_arg_page+0xe0/0x260
[  691.219318][    C1]  do_execveat_common+0x55f/0x6f0
[  691.224359][    C1]  __x64_sys_execve+0x92/0xb0
[  691.229051][    C1]  do_syscall_64+0xf3/0x230
[  691.233641][    C1]  ? clear_bhb_loop+0x35/0x90
[  691.238346][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  691.244252][    C1] RIP: 0033:0x7f23e87d9ef7
[  691.248668][    C1] RSP: 002b:00007fff0251c518 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  691.257105][    C1] RAX: ffffffffffffffda RBX: 0000557f58cc3ec8 RCX: 00007f23e87d9ef7
[  691.265073][    C1] RDX: 0000557f58cc3f08 RSI: 0000557f58cc3ec8 RDI: 0000557f58cc3f98
[  691.273062][    C1] RBP: 0000557f58cc3f98 R08: 0000557f58cc3f9d R09: 00007fff0251feb8
[  691.281032][    C1] R10: 00007f23e89d9088 R11: 0000000000000246 R12: 0000557f58cc3f08
[  691.289018][    C1] R13: 00007f23e8987904 R14: 0000557f58cc3f08 R15: 0000000000000000
[  691.297016][    C1]  </TASK>
[  691.300031][    C1] task:kworker/u8:8    state:R  running task     stack:18576 pid:1119  tgid:1119  ppid:2      flags:0x00004000
[  691.311764][    C1] Workqueue: bat_events batadv_nc_worker
[  691.317412][    C1] Call Trace:
[  691.320689][    C1]  <TASK>
[  691.323634][    C1]  __schedule+0x17ae/0x4a10
[  691.328160][    C1]  ? __pfx___schedule+0x10/0x10
[  691.333012][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  691.339007][    C1]  ? preempt_schedule_irq+0xf0/0x1c0
[  691.344289][    C1]  preempt_schedule_irq+0xfb/0x1c0
[  691.349396][    C1]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  691.355124][    C1]  irqentry_exit+0x5e/0x90
[  691.359540][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  691.365526][    C1] RIP: 0010:lock_acquire+0x264/0x550
[  691.370817][    C1] Code: 2b 00 74 08 4c 89 f7 e8 aa e9 87 00 f6 44 24 61 02 0f 85 85 01 00 00 41 f7 c7 00 02 00 00 74 01 fb 48 c7 44 24 40 0e 36 e0 45 <4b> c7 44 25 00 00 00 00 00 43 c7 44 25 09 00 00 00 00 43 c7 44 25
[  691.390438][    C1] RSP: 0018:ffffc90003b479e0 EFLAGS: 00000206
[  691.396514][    C1] RAX: 0000000000000001 RBX: 1ffff92000768f48 RCX: 2e433bc112299d00
[  691.404484][    C1] RDX: dffffc0000000000 RSI: ffffffff8beae6a0 RDI: ffffffff8c3f9480
[  691.412464][    C1] RBP: ffffc90003b47b40 R08: ffffffff934e7807 R09: 1ffffffff269cf00
[  691.420450][    C1] R10: dffffc0000000000 R11: fffffbfff269cf01 R12: 1ffff92000768f44
[  691.428624][    C1] R13: dffffc0000000000 R14: ffffc90003b47a40 R15: 0000000000000246
[  691.437147][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  691.442187][    C1]  ? batadv_nc_worker+0xcb/0x610
[  691.447128][    C1]  ? __pfx_lock_release+0x10/0x10
[  691.452183][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  691.458225][    C1]  batadv_nc_worker+0xec/0x610
[  691.463000][    C1]  ? batadv_nc_worker+0xcb/0x610
[  691.468028][    C1]  ? batadv_nc_worker+0xcb/0x610
[  691.472967][    C1]  ? process_scheduled_works+0x945/0x1830
[  691.478689][    C1]  process_scheduled_works+0xa2c/0x1830
[  691.484291][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  691.490286][    C1]  ? assign_work+0x364/0x3d0
[  691.495006][    C1]  worker_thread+0x86d/0xd40
[  691.499721][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  691.505732][    C1]  ? __kthread_parkme+0x169/0x1d0
[  691.510775][    C1]  ? __pfx_worker_thread+0x10/0x10
[  691.515913][    C1]  kthread+0x2f0/0x390
[  691.519995][    C1]  ? __pfx_worker_thread+0x10/0x10
[  691.525223][    C1]  ? __pfx_kthread+0x10/0x10
[  691.529836][    C1]  ret_from_fork+0x4b/0x80
[  691.534346][    C1]  ? __pfx_kthread+0x10/0x10
[  691.538945][    C1]  ret_from_fork_asm+0x1a/0x30
[  691.543727][    C1]  </TASK>
[  691.546754][    C1] rcu: rcu_preempt kthread starved for 10336 jiffies! g48745 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  691.557966][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  691.568193][    C1] rcu: RCU grace-period kthread stack dump:
[  691.574078][    C1] task:rcu_preempt     state:R  running task     stack:26448 pid:17    tgid:17    ppid:2      flags:0x00004000
[  691.585897][    C1] Call Trace:
[  691.589172][    C1]  <TASK>
[  691.592105][    C1]  __schedule+0x17ae/0x4a10
[  691.596726][    C1]  ? __pfx___schedule+0x10/0x10
[  691.601609][    C1]  ? __pfx_lock_release+0x10/0x10
[  691.606649][    C1]  ? __asan_memset+0x23/0x50
[  691.611351][    C1]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  691.617170][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  691.623600][    C1]  ? schedule+0x90/0x320
[  691.627849][    C1]  schedule+0x14b/0x320
[  691.632007][    C1]  schedule_timeout+0x1be/0x310
[  691.636863][    C1]  ? __pfx_schedule_timeout+0x10/0x10
[  691.642255][    C1]  ? __pfx_process_timeout+0x10/0x10
[  691.647659][    C1]  ? prepare_to_swait_event+0x32e/0x350
[  691.653214][    C1]  rcu_gp_fqs_loop+0x2df/0x1330
[  691.658074][    C1]  ? lockdep_hardirqs_on+0x99/0x150
[  691.663293][    C1]  ? __pfx_rcu_implicit_dynticks_qs+0x10/0x10
[  691.669365][    C1]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  691.674652][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  691.680559][    C1]  ? finish_swait+0xd4/0x1e0
[  691.685156][    C1]  rcu_gp_kthread+0xa7/0x3b0
[  691.689756][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  691.695042][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  691.700937][    C1]  ? __kthread_parkme+0x169/0x1d0
[  691.705975][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  691.711177][    C1]  kthread+0x2f0/0x390
[  691.715245][    C1]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  691.720446][    C1]  ? __pfx_kthread+0x10/0x10
[  691.725046][    C1]  ret_from_fork+0x4b/0x80
[  691.729479][    C1]  ? __pfx_kthread+0x10/0x10
[  691.734067][    C1]  ret_from_fork_asm+0x1a/0x30
[  691.738847][    C1]  </TASK>
[  691.741863][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  691.748184][    C1] Sending NMI from CPU 1 to CPUs 0:
[  691.753413][    C0] NMI backtrace for cpu 0 skipped: idling at acpi_safe_halt+0x21/0x30
[  692.173970][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  692.206397][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[  692.215097][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[  692.226265][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
SYZFAIL: failed to send rpc
fd=3 want=768 sent=0 n=-1 (errno 32: Broken pipe)
[  694.216339][ T5235] Bluetooth: hci2: command 0x0406 tx timeout
[  694.754972][ T2948] hsr_slave_0: left promiscuous mode
[  694.778480][ T2948] hsr_slave_1: left promiscuous mode
[  694.836743][ T2948] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  694.844304][ T2948] batman_adv: batadv0: Removing interface: batadv_slave_0
[  694.899904][ T2948] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  694.922543][ T2948] batman_adv: batadv0: Removing interface: batadv_slave_1
[  694.973623][ T2948] veth1_macvtap: left promiscuous mode
[  694.979370][ T2948] veth0_macvtap: left promiscuous mode
[  694.985233][ T2948] veth1_vlan: left promiscuous mode
[  694.991139][ T2948] veth0_vlan: left promiscuous mode
[  695.568250][ T2948] team0 (unregistering): Port device team_slave_1 removed
[  695.622561][ T2948] team0 (unregistering): Port device team_slave_0 removed
[  696.710683][ T2948] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  696.823940][ T2948] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  696.903988][ T2948] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  696.980351][ T2948] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.259678][ T2948] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.334202][ T2948] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.434785][ T2948] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.543365][ T2948] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.755407][ T2948] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.858055][ T2948] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  697.955226][ T2948] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  698.055733][ T2948] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  698.242831][ T2948] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  698.338367][ T2948] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  698.432829][ T2948] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  698.531408][ T2948] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  698.723305][ T2948] team0: left allmulticast mode
[  698.733585][ T2948] team_slave_0: left allmulticast mode
[  698.740855][ T2948] team_slave_1: left allmulticast mode
[  698.751635][ T2948] bridge0: port 3(team0) entered disabled state
[  698.761185][ T2948] bridge_slave_1: left allmulticast mode
[  698.773119][ T2948] bridge_slave_1: left promiscuous mode
[  698.781647][ T2948] bridge0: port 2(bridge_slave_1) entered disabled state
[  698.798545][ T2948] bridge_slave_0: left allmulticast mode
[  698.804262][ T2948] bridge_slave_0: left promiscuous mode
[  698.815042][ T2948] bridge0: port 1(bridge_slave_0) entered disabled state
[  698.831635][ T2948] bridge_slave_1: left allmulticast mode
[  698.837622][ T2948] bridge_slave_1: left promiscuous mode
[  698.843416][ T2948] bridge0: port 2(bridge_slave_1) entered disabled state
[  698.859776][ T2948] bridge_slave_0: left allmulticast mode
[  698.865503][ T2948] bridge_slave_0: left promiscuous mode
[  698.883925][ T2948] bridge0: port 1(bridge_slave_0) entered disabled state
[  698.904764][ T2948] bridge_slave_1: left allmulticast mode
[  698.911932][ T2948] bridge_slave_1: left promiscuous mode
[  698.922057][ T2948] bridge0: port 2(bridge_slave_1) entered disabled state
[  698.934030][ T2948] bridge_slave_0: left allmulticast mode
[  698.946080][ T2948] bridge_slave_0: left promiscuous mode
[  698.953915][ T2948] bridge0: port 1(bridge_slave_0) entered disabled state
[  698.972039][ T2948] bridge_slave_1: left allmulticast mode
[  698.981440][ T2948] bridge_slave_1: left promiscuous mode
[  698.989138][ T2948] bridge0: port 2(bridge_slave_1) entered disabled state
[  699.009486][ T2948] bridge_slave_0: left allmulticast mode
[  699.015199][ T2948] bridge_slave_0: left promiscuous mode
[  699.026054][ T2948] bridge0: port 1(bridge_slave_0) entered disabled state