last executing test programs:

8m31.026014432s ago: executing program 0 (id=1668):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
write$UHID_INPUT(r0, &(0x7f0000001a80)={0x8, {"a0180f8586a04c13cefdb1497d7124e5ffc4fbafaa58cec5310cda888ab77eb6b4d6b4f237c491eac4f4c3ab289d70684341b092120e3d18e66e96d388fff07d74a137a6954658ae085a0eacb8a21703fa53665e0b76cef0de3b02e4757cd58c7d7f12cc0a45cae2190b28b347855c37ab30b6b3487fe771439e9f9fe000fa2a4429b5098c1305b6fbc9606d3020952b1c8561de0f5f4b3566f877866f08e7934010573f9d75246ed5e4fbfb8265592091515b1d833bba14ff3a35ed8b48bcda680ff0efac4d8d12aad8d5506bd98e620543879822e167d29c56155f520b82a4442c05351538f18ad96ad5e25b07c18b217fe8239f29692ae7f5564b8b7ecd48d3af74927fde1c1600e5a3ba8c00cef6d912ba5c7c2fea8e3da60ce61ce292ed9475f5c6373decee52e87d96d2554d1cb74f330cc454ef45f278ddef908411d04cbaf952664d02b684f369912a9c02c8f1b78fee1c0823d13e0401d5432baaf05bce4494087d3f865c8a90a08519a729ad1a3be40ef41d2d8b0309dd15149d50bf0f2944325740d7e909ae3df625af70387e880b171266ec42dc3c0df455e3e4d6d3eca1822cf84dee781d466b624b5765b7f58ad1112940d627057c5e1404e191df079f3f10882d9ae4408bb552572ff9f12de2e7e8c4d5bbc4a43a6db467a261b463fbb639efedb8df58408dda06fb3bbbf17e524496534d26755d0b32d89323e66b23d3ee1e72b7fa55578bec3381fcebd6085b473b80296ab7e0e28d612e123609ccd312b5606b9dac83191c8a87284d46d79b73a96f9f44a051f3fb21c59163b8c4af06e8c42aead1f706bb883838742aef288fb9b82c808af4d5d4d8a2e1003d168e681cf2cef04e7e466710a9b5567eefecd642719337121b5703d05bff620d72a99fdee1214fae327b857ce0926fa13c526f6f27457fdd363ce7a2241270251d526fc16e475188f5af0c58de383d32f817511cd788f05d93c240efc9d67884ffd09cf4434bffdb4d01ba4cb0124793501e2781cbcc3983218cb07d9b59affbb9f6ed9fc09f1c31d45a02e08428c393735b016e55e62f65c848746d460b93fb8ef477b36c374922f7c364536ae57f03ef5f8d021dacece8e0a048c79c90ecdb8256e85ae559ffba23b970f066719acf2cad3ae552b680fcfe8f9cc0cfb32d825c0f8dfe83d97427fc59b5864245798657ed1931d0b980355c75d4045ce7ac07a9cd45a6b99ed03a17f5a4cbb2b59b5db94578f75998dbd66a61d955a51eab1db62cd8c5945911cde571a52088ab336fd1c799e5d159fe3e3fb68c56c99b8bc208895426f41aae1107d23faf93dca15e41267541ff724926cb2059fdb3ac7cd13a7557d779611991e2ad6a6a9de4115d92f4edc97f4655ddf0619e0a0bc03b8cc5a85ffe6bd57a777a463c20b61ae2ba12cc5cdae19cdb2926293ee7b7571465159f534f5dce0375d12b94cbd3fe011ecda01db78a933dc5800cc846e449ed1e42ffe7bb9d02ed789d32f778c08ebecec26b1bbd15a9fd3927d72113521bd59685659c289d310fc089d99597fc8ba4acd5a1a6e04ca94ed2322e3249a928b19d59460b8be9cb0fd7c048a9560047beb562f108c6d02455b11da456d2dde9bf6730ccfad862f7455ef087ec607df26582b92ad64764d8f962c1e0926bb1eb63f71ed8af5d0fbb2bf545fa3fc58e3ec67aeb97430c5374a5a3e7dcabe2909419b7ecaa42680fefc0c86c333103b20a2b6cbd11b7c86ab07434e8e67dc669fff1840632d3cfeacff5885876de7f9d7b6278de34178644ebb2b0b461e96133263fff0c828dcb223225d1d932811d1ff4890c7c66bc2bd74e2b9738111b5ea24b8200ee69946003896f8ac63a5879582cdc3e3d6a81b287d7850e054db093d16f8978c4af0adb5c32dbd1942ab7a53b15ae48f186d4f20ecd97d809fe46dca38f8633a04c54121896cb469696829c2f292ba0fce7492937d5b3f077090f45e7ed22410b4a4bee1fcfdf786a8d95bd4378b8eb156ab24c8fe2f344ed8c47bb13ab75c29246285920d9fff6bc7766d4b02a71bbe5370a7f178ff0876b1aff9bad3b457048303dfdab23afbc988ba75d982cf1d3fd65a19c00ebc52b294588d6225e27e19995d64b217b7e59a68e0606729d6ec34ba018a429e80e343fe5cca71a283d6a02325b0ca1f3fdba83f3117d3dd584802682c38d3d6b58f0f1332f35ca9cc6c481d43e358df1df0e44a27cb842b4a815f5dc3314a759665fec6545643a94b8a1e69d68ed87024e0055416e66adb3299c45218aec78385b01fbd3116ffd4f7bc4e745d532c1124268039eca1adaa4ad54d4bd04dea6555b4c525edc66e61d486ea0e3a3e62b254e51236f81d0d3a6bce5ac260861971c0906508ca0e7d8190e3d51b2924f7e9ea37d1d83234346b7574a63382675036fac3225eec110fd62c7cb01f1c3f34b2767b1d0147100e36bf0a86151f70d2100d5cc61ef5e85465794219ff73d04934549b5b216a506c987e0e10b6fdd3a241bde403a38f9b8f1d5958d9cfafe275f54de542f7faa5be6e0a22802453faf804796e4962ed6a212578c702b69ead37cfe34c5242336e23ff50983d5389ca9e60126c8f5c269e6b83438af48c8ac1de49ce2bfd6cbe4e2df9c0d96d6fe24acd93ab302613ea3a18cecb3361ed3ecac1e9d0935347cf03163865cf72ba370ad81eca97b7a1efc6c665da59cbe681e076815e02287abd73592c35b85d822962bbdb133539fd302523f5d1e8195b702659373ee9e310831dcfd866100c326a5a11c1576ad7c645fc6d3cdebf797b84b3f0bcfb542c8a78bf0392902c4b34a1bfbc9ff17dfbadf5a58ed06acfcf3ad3f16dd00793f5af7aca2fdfe43aa8c5244cde787893742fad1b9b13f49732734c9fe1424129bb7a00daae363917ac5a67a16b750dc4a6e2e1b57962b51eb594043ebd330042f703d8c6ece032a89d6cd05ebbe422a5e0aadf9584167d6a219ab84be25645bcc56fcc8db8327f88350606cd606f2d121a4a273ff0a1d070fc9320ac5a0d6f436f673bce076106dd9b9e2602a17778efb6864b1bbcd2a4adecb6ad9fe9f60fbed1ef6d73f200f729a79f17dc661ce75cd88cc0f11c94a654123410f1d2d0cb189950d39af0669f963a21fa47a9eef74e97142772f2c784b4946995966b35f7e7a4b467e3a6b8021bfb59b96f195661b07a0a50d720d8198a3a75631462018503a4e3bb02efea9eb5922fb0ed733e707c9ccfbde85bb0c3b955c1fa2c36b8a05a7ba653d1871098aadac4ea9cd6dc056378a78b00b0daa2e926c889ac63d1f01ac5fdf2efec387d4b23c504e64eba8fd661fcec3d2c66325ca8114d1983108f8dd74b0b3c3e02248e212f7e6a8d904a4950550b4b9b118b5947e4e87cc2ae54600a14ffd59e0ad460a5509e18b0d36bb8a65cc15ce3703819942a3b6dd294c3cb31e9e47f1b0d7ad20176813bfffc529f0b087dc907359bfbb62250f6263438e4b986dafeeaed7e13b3f47eee857e10e13c738afc59cb9a018368fcbc218a824a9666274dbb5886f76ecb746da535cdbf89948b3e597101ddf28d4a3ff077689a2b278daa035680771c53e82eff8536bef0d518eef8b1d2a80102461a24a228539d1fed7db0c1c0dffbc01c0bfd8e238810b192c11e55c012165f78db49c22021ede1569ea340f6fe2dd878363c554febc8cb9381b046f83c75f7c672b6565e7575dcb70c0d10a0db21cc6e1b920bb3f3ad7456965022a957016dbf5facceb9f5c3612fb971d42927a3bf9643f1c072fb52ebca7948531989f4a98f4b4bb11662bc8f23be3d2628d5766488f752053aa476018f788598779c7cb9b2639235b927fec78635fb76cdd0f1bcffc1654346532ee0b6cba0cb6e7aa6d4a0d8ebf4c180586841926d60a9359fb97bae33aa6a38d0e181d420500663be0c5b5e53b4e4af9ef7087d4f40aaa97d1a69a04cd7d43116fc189a4eb9aaa2ab2d55baffba9dd01fd460094598480cd9fb49fff91bf0bf67b482d0353576553981668731e575d83c88a539891071cb6bcfce9231bb829a3c4eb87766cccb317380ecda47b168e4df73ce836c5efc8a5c36e539b136d2eb4523c512bcd0ca069d1be894c432562faa0155edb6f8cd741bec0a962bb232229d5e71e08424bd5fe03d5bfa15e1eb38e955dba6a1b59e3d5f098fde05cb97885fa8bc40147f72c0f6b38e1c07e18301ef813dbd7aaa26a8cbeb243003ec8f197d0a13114786c005b5da39b27fb9b350682ec654c6852c03cb44ed51ac57ad77dd19b52512a57a3d6fdb174e32f7759c22b550acd19b2207da4f485b5ab643ffa81cb00fb2db3c50dbde008fe475bc8dc7e1fb0387bccd6ea72a1beb3900abca43aad0b9d4df99db75c6a77b7a7b6687159f023e28cc3cd520adff1bbd0fa4ff6cb7b6feba8afe7448b5ffbf099a55bdc1b9f8bbddf743d7955bbfdc6f8e7069c9e852c7353ef70d9ca24109dbd98a6ffb22a175d48da0b5d6b927d622f7ba76e13cd26433770ad3d384c744684be42003f3ed15218b12db286873985f65ddb3f48cd79bfda9e20435158c463454411d5516a4c960c54aa49d54cf1017cbd5308646279de0240128067b3ad10ebde2528aacb394f560be73b55c2e2b82e2a5064c22980ea7e01f20ad5a803912c2ca59f700c7f24b3b7af091f8c279437dabfbada23de6355937aec19ca2ea9103de42c73e42bb8670ac3e1ddb9f65c32ad8eb7e8ebdabcee627743347f307d00a90f432954d3e2a7e153984e174db25e4b43778a763229e3f2ffae18bfc52c0a1bf33e67535064f55346b8ea2664c96ddcb6cb9ea54376578a9ff04eb16af96fd5e903e29f1985f8d4bd0f8e6a23a25dc88f2248df2d6bb4ae2ea473d3059cb98cff6ff86766b84b53266a39216f90ffae6106ecc7b53e1fcbc866c1532bb59b85aad27b30033eafa244e3b1a4f3d7d173f86311a29619a2acbd7b075f993527deb8f41dc23de86bd981d040111568340e08fa0fc8d37b9a2b0aeb11156441d7e1b9e5c17d949b4461d6e3a3d3885f4ba4b29f2b340ec61ce0c71b41004da5ad68f8b7cdb6fa8905bf1f389e5dca6c7102d4b4cda5f8a4256766218479e0f1f867b411a34d38420fae9f2b920a99f5f7d726e0de7ba5fd3a4ab7504ac3fb7d29b80d6fcd94444bdb0470a3a29d7470914a16740a674e7e17bb610399f224ac2536b935eb4fddbf432d7511910d64fb032c7923b0ee3c677f958c1a7a0622cb58c53ae8126bc2b92f82003883648fd6960983cbeb68530e673298b2ca351208355a8a7ca5788495b25c441e21bf1a239ca1214858a7a4562e1f7c0e08c242b0707873aa8d2900dff4ae0a290e85c2c9b1ce4cccc2430675581817ba1cb5579926760f4739e01aeb2dc8de90724a9a5a9eb22101b33a3c6e3a65a5283b6837cea35c79030a78ca1a1bc6299d683302c96301705d194794fdc9174087ec4c6eb64a972a7e8006f44faf0ca3bce366310e1c49cb763b2338b64401b975d4969cc5229d7697ed5ea059b5e954d6dc71573357e872e892abf799de56f1896ed14685ae767689583620b589db9c3ebc8f4f5759b4eea121c50bcb22ba71a990c18b65a41270a37884d0e449d22eda31c8b881169c3dc45e4495a6ac2f3119f848919af28a48ea1e3bcc4962aeeb82d82efe80e5ec262922e9efdc1f514d93cf8cb88af886a503e8722d9c2beb2e0a792b649f79ff9abb8abb95b58d22527dfd13217c56b03e453328fc52c97f8350dc8c465647887dfc0fee1e39b7", 0x1000}}, 0x1006)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002200)='/proc/diskstats\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000002ac0)={0x2020, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0x2020)
sched_setscheduler(r2, 0x2, &(0x7f0000000040)=0x7ff)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0xa82, 0x0)
umount2(&(0x7f0000000080)='./file0\x00', 0xb)
write$UHID_CREATE2(r3, &(0x7f0000000280)=ANY=[@ANYBLOB="0b00000073797a300000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000014000000000000000073796f0826941d1b66b900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000030000000800000008000000"], 0x118)
fremovexattr(0xffffffffffffffff, &(0x7f0000000040)=@known='system.posix_acl_default\x00')
read$FUSE(r3, &(0x7f0000000180)={0x2020}, 0x2020)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xc, 0x4008031, 0xffffffffffffffff, 0x1000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$FS_IOC_READ_VERITY_METADATA(r4, 0xc0286687, &(0x7f0000000180)={0x3, 0x2, 0x0, 0x0})
lseek(r1, 0xfffffffffffffff5, 0x1)

8m27.374698443s ago: executing program 0 (id=1675):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
fcntl$addseals(r0, 0x409, 0x4)
syz_usb_connect$uac1(0x69a90eab3db9c902, 0x95, &(0x7f0000000740)={{0x12, 0x1, 0x200, 0x0, 0x0, 0x0, 0x40, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x83, 0x3, 0x1, 0x0, 0xa0, 0x6, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x9, 0x7}, [@output_terminal={0x9, 0x24, 0x3, 0x23, 0x300, 0x3, 0x3, 0xb}, @selector_unit={0x5, 0x24, 0x5, 0x6, 0x1}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@as_header={0x7, 0x24, 0x1, 0x80, 0x8, 0x1002}]}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0xff, 0xc8, 0x3, {0x7, 0x25, 0x1, 0x41, 0x4, 0x5}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {[@format_type_i_discrete={0x8, 0x24, 0x2, 0x1, 0x6, 0x1, 0xb, 0x1}, @as_header={0x7, 0x24, 0x1, 0x1, 0xc0, 0x2}]}, {{0x9, 0x5, 0x82, 0x9, 0x50, 0x5, 0x8, 0x1, {0x7, 0x25, 0x1, 0x82, 0xfe, 0x7}}}}}}}]}}, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0})

8m25.135145324s ago: executing program 0 (id=1683):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
close(0x3)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
r3 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r4 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r4, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r5 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r5, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x0, 0x2}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000d40)=@newlink={0x58, 0x10, 0x1, 0x70bd29, 0x0, {0x0, 0x0, 0x0, 0x0, 0x4700c}, [@IFLA_IFNAME={0x14, 0x3, 'netdevsim0\x00'}, @IFLA_VFINFO_LIST={0x1c, 0x16, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@IFLA_VF_IB_PORT_GUID={0x14, 0xb, {0x2}}]}]}, @IFLA_LINKMODE={0x5, 0x11, 0x9}]}, 0x58}, 0x1, 0x0, 0x0, 0x1}, 0x0)
sendmsg$tipc(r5, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x10)
r7 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r7, 0x3b81, &(0x7f0000000200)={0xc, 0x0, <r8=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r7, 0x3b88, &(0x7f00000002c0)={0xc, r8})
mknod(&(0x7f0000000200)='./file0\x00', 0x0, 0x3)
pipe2$9p(&(0x7f0000000140)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff}, 0x0)
r11 = dup(r10)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB=',rans=fd,rfdno=', @ANYRESHEX=r9, @ANYBLOB=',wfdno=', @ANYRESHEX=r11, @ANYBLOB="2c756e026d652c7472616e733d6664"])
ioctl$IOMMU_IOAS_MAP$PAGES(r7, 0x3b85, &(0x7f0000000340)={0x28, 0x2, r8, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x10})
ioctl$IOMMU_IOAS_MAP$PAGES(r7, 0x3b85, &(0x7f0000000140)={0x28, 0x2, r8, 0x0, &(0x7f0000ffb000/0x3000)=nil, 0x3000})
ioctl$IOMMU_VFIO_SET_IOMMU(r7, 0x3b66, 0x1)
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r7, 0x3b72, &(0x7f0000000440)=ANY=[@ANYBLOB="1800007f00000000002000000000000000010021"])
setsockopt$TIPC_GROUP_LEAVE(r5, 0x10f, 0x88)

8m23.023019114s ago: executing program 0 (id=1689):
syz_emit_vhci(&(0x7f0000000b80)=ANY=[@ANYBLOB="04130902c9000100"], 0xc)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, 0x0, 0x0)
openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000300)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r3, 0x0)
setpgid(0x0, r3)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mount$afs(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x88, 0x0)
unlink(&(0x7f0000000000)='./file1\x00')
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)

8m22.054973403s ago: executing program 0 (id=1692):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
mremap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x0, 0x8, 0x0)
mlock(&(0x7f0000ff9000/0x4000)=nil, 0x4000)
mremap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000ffe000/0x1000)=nil)
mlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20000000)
lseek(0xffffffffffffffff, 0x10000000005, 0x0)
close(0xffffffffffffffff)
setsockopt$IP_VS_SO_SET_ZERO(0xffffffffffffffff, 0x0, 0x48f, &(0x7f0000000080)={0x62, @multicast2, 0x4e23, 0x0, 'ovf\x00', 0x1, 0x8, 0x12}, 0x2c)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r4, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f00000000c0)={&(0x7f00000003c0)={0x70, 0x2, 0x7, 0x5, 0x0, 0x0, {0x7}, [@NFACCT_FILTER={0x4}, @NFACCT_FILTER={0xc, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x101}]}, @NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_FILTER={0x1c, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x9de4}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}]}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x401}, @NFACCT_PKTS={0xc}, @NFACCT_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x70}, 0x1, 0x0, 0x0, 0x400}, 0x8890)

8m20.767450075s ago: executing program 0 (id=1694):
iopl(0x3)
syz_io_uring_setup(0x106088, &(0x7f00000003c0)={0x0, 0x2c1, 0x4, 0x4005, 0xfc}, 0x0, 0x0)

8m20.061534582s ago: executing program 32 (id=1694):
iopl(0x3)
syz_io_uring_setup(0x106088, &(0x7f00000003c0)={0x0, 0x2c1, 0x4, 0x4005, 0xfc}, 0x0, 0x0)

45.382912587s ago: executing program 3 (id=2819):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r1, 0x29, 0x1e, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)={0x6c, r3, 0x1, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x37, 0x33, @probe_response={{{0x0, 0x0, 0x5, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x2}, @device_b, @device_a, @from_mac=@broadcast, {0x6, 0x66b}, @value=@ver_80211n={0x0, 0x4, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1}}, 0xff, @default, 0x8010, @void, @void, @val={0x3, 0x1, 0x5}, @val={0x4, 0x6, {0x8, 0x1, 0x8, 0x6}}, @void, @void, @void, @void}}, @chandef_params=[@NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x7}, @NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x14b4}]]}, 0x6c}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
r4 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f00000000c0)={0x2, @pix_mp={0x4, 0x2c000000, 0x59555956, 0x4, 0x7, [{0x5}, {0x8, 0x9}, {0x2, 0x101}, {0xfffffffc, 0x3}, {0x4, 0x8}, {0x8, 0x3}, {0xd}, {0x0, 0x4}], 0x8, 0xf4, 0x1, 0x0, 0x5}})

45.087248488s ago: executing program 3 (id=2821):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x2c, 0x2c, 0x3, [@union={0x0, 0x0, 0x0, 0xd}, @var={0x2, 0x0, 0x0, 0xe, 0x4, 0x1}, @int={0xf, 0x0, 0x0, 0x1, 0x0, 0x7, 0x0, 0x17, 0x7}]}, {0x0, [0x30]}}, &(0x7f0000000180)=""/248, 0x47, 0xf8, 0x1, 0x0, 0x0, @void, @value}, 0x20)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001e80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000090000000060a010400000000000000000100000008000b400000000068000480300001800e000100696d6d6564696174650000001c0002800800014000000000100002800c0002800800018000000000340001800c00010062697477697365002400028008000340000000040800024000000000080006400000000008000140000000200900010073797a30"], 0x104}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x1c0)
socket$vsock_stream(0x28, 0x1, 0x0)
r4 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x1, 0x40000333}, &(0x7f00000006c0)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r4, 0x847ba, 0x0, 0xe, 0x0, 0x0)
pipe2(&(0x7f0000000000)={0x0, <r7=>0x0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = socket(0x2c, 0x3, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="110000000400000004000200ff000013e2000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r9, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r8}, 0x20)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0xc, 0xb, &(0x7f00000000c0)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001040)={r10, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f00800", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x4c)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)

43.750432424s ago: executing program 3 (id=2824):
socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000240)=0x3)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r1)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/stat\x00', 0x0, 0x0)
syz_open_dev$media(&(0x7f00000006c0), 0x9, 0x40b02)
pselect6(0x40, &(0x7f00000000c0)={0x6, 0xfffffffffffffffd, 0x6, 0x40, 0x2, 0xd}, 0x0, &(0x7f0000000680)={0x7ff, 0x7, 0x7fff, 0x7, 0xffffffffffffff22, 0x2, 0x5, 0x8}, 0x0, 0x0)
socket(0x2a, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newqdisc={0x2c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, 0x0, {0x4}, {0xffff, 0xffff}, {0x0, 0x1}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x408dc}, 0x4000080)

11.339236625s ago: executing program 4 (id=2909):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0xfffffffffffffe01, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14, 0x10, 0x1, 0x300}, [@NFT_MSG_NEWRULE={0x54, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_TARGET_NAME={0x10, 0x1, 'CONNSECMARK\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x7c}}, 0x14b6deac033214c2)

11.187455844s ago: executing program 4 (id=2910):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, 0x0, &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bca, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
syz_io_uring_submit(r5, r6, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, r8, 0x0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x40000103})
io_uring_enter(r4, 0x46f3, 0x0, 0x0, 0x0, 0x0)
write(r7, &(0x7f0000000200)='~', 0x1)
socket$inet(0x2, 0x80001, 0x84)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)

10.812316307s ago: executing program 4 (id=2912):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000040)=0x45ce, 0x4)
sendto$inet(r1, &(0x7f0000000100)="1ce0", 0x2, 0x0, 0x0, 0x0)

10.455210343s ago: executing program 4 (id=2914):
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) (async)
syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x307303) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) (async)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x11, 0xffffffffffffffff, 0x0) (async)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) (async)
mremap(&(0x7f0000a01000/0x4000)=nil, 0x4000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) (async)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="3c00000013002f0a2dbd70000000000007006800", @ANYRES32=r1], 0x3c}}, 0x0)
mremap(&(0x7f0000b01000/0x2000)=nil, 0x2000, 0x3000, 0x3, &(0x7f000084c000/0x3000)=nil)
mremap(&(0x7f000040b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f00004b3000/0x4000)=nil)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
creat(&(0x7f0000000100)='./file0\x00', 0x11e) (async)
r3 = syz_open_procfs(0x0, &(0x7f0000000040)='projid_map\x00')
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x1, 0x5a, &(0x7f0000000080)=ANY=[@ANYRES16=r0, @ANYBLOB="8abf106ea0046fd28fde3fc43b530d0a18b562d8d4ce166eb728f3683a55cabc99b28abbecabd6e99eae357a0b74fd31a961bf", @ANYRES64=r3], 0x0)

9.361493539s ago: executing program 2 (id=2916):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x8000)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
dup(r2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ftruncate(0xffffffffffffffff, 0x200000000000)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r5, &(0x7f0000000000)={&(0x7f0000000200)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0}, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r1, 0x40345410, &(0x7f00000004c0)={{0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x80605414, 0xffffffffffffffff)
r6 = memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
write$binfmt_misc(r6, &(0x7f0000000740), 0xff67)
sendfile(r0, r6, &(0x7f0000000000), 0xfffb)
fcntl$addseals(r6, 0x409, 0x8)
ftruncate(r6, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000a7c96d5d000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$sock_timeval(r8, 0x1, 0x15, &(0x7f0000000140)={0x0, 0x7530}, 0x10)
connect$llc(r8, &(0x7f0000000000)={0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, @remote}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000001c0)='contention_end\x00', r7}, 0x18)

9.298949464s ago: executing program 4 (id=2917):
socket$nl_netfilter(0x10, 0x3, 0xc)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)=ANY=[@ANYBLOB="380000000225ff2628f58cbd70006174616476300008fe03001d000000100006800c000400050000"], 0x38}}, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB='H\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="050000000000000000004400000008000300", @ANYRES32=r3, @ANYBLOB="0a0018000303030303030000200070"], 0x48}, 0x1, 0x0, 0x0, 0x8004}, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
getegid()
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x10, 0x803, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0x7}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r7, 0xc0bc5310, &(0x7f0000000040)={0xc7, @time={0x1, 0x1}, 0x0, {0x71, 0x6}, 0x6, 0x0, 0x1})
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = syz_usb_connect$hid(0x4, 0x36, &(0x7f0000000580)=ANY=[], 0x0)
syz_usb_control_io$hid(r8, 0x0, 0x0)
syz_usb_control_io$hid(r8, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="002200000000eddda694bfc21ec8831de0a897d719a949bb8cf03c1718dfc12f5d4cc395fcb48ab630dc8d7d9d26fec70053ec0898a74a7b2ceb3db45053f760b756440b51091983d47726d2d82cf0c38cd9209afce45943bbbee99227621246c4dd0d1e4bc329c881e1eab961d82e898937374acd94209f9e994a86a048e4dd8ea11286cc2566919f77"], 0x0}, 0x0)
r9 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r10 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$SMC_PNETID_ADD(r10, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000000000000000200008e0900010073797a320000000014000200626f6e64300000000000000000000000090003"], 0x40}}, 0xc800)
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x5e8, 0x2c, 0xd27, 0x70bd26, 0x8000002, {0x0, 0x0, 0x0, r6, {0x0, 0x6}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x5b8, 0x2, [@TCA_BASIC_ACT={0x5b4, 0x3, [@m_skbedit={0x64, 0x18, 0x0, 0x0, {{0xc}, {0xc, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_MARK={0x8, 0x5, 0x1000}]}, {0x2f, 0x6, "43184779ea10af8819fc80697e3f4bf263d17a8e956f0cc92822269bb49c9cad581ae0260ee9318e891a55"}, {0xc}, {0xc, 0x8, {0x2, 0x1}}}}, @m_simple={0x15c, 0xe, 0x0, 0x0, {{0xb}, {0x6c, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x4, 0x2000000, 0x1000000b, 0xc, 0xfffffffe}}, @TCA_DEF_DATA={0xb, 0x3, 'policy\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x9, 0x6, 0x7, 0x10000, 0x3}}, @TCA_DEF_DATA={0x6, 0x3, '#\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0x4, 0x5, 0x5, 0x400, 0xfffffff8}}, @TCA_DEF_DATA={0xa, 0x3, 'wlan0\x00'}]}, {0xc6, 0x6, "a87e2bc3fd01b1a61b1753cf212bae56b7a32e2717fb3f38736876d02356e4e22aae90232962372571e243ee9002e78d6ef81506a70ca5fc20fa284659a0286c9da4cbdc9d4808510be3ca7626cb6e10f91b638df9d6af2f1dff7618c31fc14b0f216354e37c4f0405921ea95ecd465939ade3df48526407f92f96f9fb7f51155b9da0683eda520c2d2f0db740d0e4614159ba908cccfa9edea3da94ef0b89905a72abc8479ba82a33af63b9185e4dc317be77821013cbe992db00d840b3cdb45290"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_skbmod={0xe8, 0x10, 0x0, 0x0, {{0xb}, {0x18, 0x2, 0x0, 0x1, [@TCA_SKBMOD_SMAC={0xa, 0x4, @multicast}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x100}]}, {0xa6, 0x6, "e2a94fe8e1ee52823e27230e220aca199e060e9258e103d26ef71745036460c68c88a503f733fe7896da6b2d348cb8853e269340db11dc482f790170aa7413ce4213240bcf1f23bc159c91747c5e6fbd468a5908fb07f9c5d1230cd1d02b8a105fa0b297f48ed06b608862add645ede32290ea320f7508027532c9e4a953ee29ff416867a3c21a5615f35db887addc6fad7e26d1a2e4929064679fea18e637bb991e"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x5, 0x2}}}}, @m_ct={0xa8, 0x1e, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_ZONE={0x6, 0x4, 0x9}, @TCA_CT_NAT_IPV4_MIN={0x8, 0x9, @multicast2}, @TCA_CT_NAT_PORT_MIN={0x6, 0xd, 0x4e24}]}, {0x68, 0x6, "1f22e934d26cba9c7bd598ecd45bd2196b0a2490496701f404a603f3dc42e5774bd174de736ebb1195f25410f16bc9ae88ee0ec8b8189bec4e622dcaec6d7bf37712f65dd3567a2dbd52563eddc3826347cdd191d6236a86e5414c22ca5f5c2f7e136298"}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}, @m_gact={0x114, 0x15, 0x0, 0x0, {{0x9}, {0x70, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x1, 0x18a2, 0x6}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0xe34, 0x10000000}}, @TCA_GACT_PARMS={0x18, 0x2, {0x10000, 0x4, 0x1000000a, 0x9, 0xffff}}, @TCA_GACT_PROB={0xc, 0x3, {0x0, 0x7fa, 0x6}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0xa7}}, @TCA_GACT_PARMS={0x18, 0x2, {0x8, 0x5, 0x2, 0x3, 0xf37c}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x2296, 0x3}}]}, {0x79, 0x6, "89844a1494ed2d5a1eb33a7fe7dd2e5999a1323fe388df3e6450fd7563daf2c8a306ccb6f52901631ed5e10ef471e8d21ce6780613d6cd223a754d9e83538c356c62ece157f687745e3530ad154ef86a5fc3989fa0235badec3d78caa8f687e536bffbac80140737d7aca0add310c9a7b31f430411"}, {0xc}, {0xc, 0x8, {0x0, 0x3}}}}, @m_connmark={0x14c, 0x20, 0x0, 0x0, {{0xd}, {0x3c, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0xb, 0x8, 0x7, 0x6}, 0x3}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x10000, 0x7fffffff, 0x65754eafc477c065, 0xffff8001, 0x1}, 0xbde}}]}, {0xe4, 0x6, "3bff8c5f3f9bcc844d3fc9d21f8d4153eababdb02a2aa1d68515a203d654a4a1fcea99e52886581dbe928f7e0e795dbb73e33ca7228a033ab45e9199706ba6d5cd629585c4279b10c16832cbc1ee377aa7fa79ff96791b84e76c0bb9d9c0ff7c5ac4e954c76ba8db1dfe764a4a9765caffdf35035dc022785e85ee035025995ab86c42bbede5b98c39286ad26a46159b2e04f5a0e15a7ed789cae95393484074e06605fa6721b8163c4ca9ce56093ac1cb1bb8219e2a2887ec75e4e6601ef655d225447ac6a476b04ec5fe9d9a8cd9653641991c714f829adbd5db146a766894"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x12bb68cc789878f4}}}}]}]}}]}, 0x5e8}, 0x1, 0x0, 0x0, 0x24008004}, 0x0)

8.481982389s ago: executing program 2 (id=2918):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x3c, 0x1d, 0x107, 0x0, 0x0, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x18, 0x2, 0x0, 0x1, [@nested={0xc, 0x14, 0x0, 0x1, [@typed={0x8, 0x7e, 0x0, 0x0, @u32=0x9}]}, @typed={0x6, 0xa, 0x0, 0x0, @str='\x80\n'}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
r1 = syz_usb_connect(0x0, 0x3c, &(0x7f0000000380)=ANY=[@ANYBLOB="120101000814c910be0632a2f333010203010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
r2 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r2, 0x707, &(0x7f0000002580)={&(0x7f0000000200)=[{0x3, 0x1000, 0x0, 0x0}], 0x1})
unshare(0x20040400)
r3 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1ebjS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec>P\x84\x0f\bV\xa5#\xd5|\xa5Z{JnSX\xd1w3b\xb1\x01\xf0e\xd5\xaa\xc7\xe1\xd9-\x011\a\xad\xecZ*7%\xd7\xce}\xbb\xf3\xe8S*\xbf\xca\x81\x9fRC1\xf6n\xef\bm\x9e\x11<\xbcp;\xc6\xb9\xf0\x95J\xda\xe5\x0eZ\\\xef\x16\xab\xa0tQ\x86\x86\xa2\"\xe6<\xccvi\x88\xc7\x89\xcd\xd0', 0x1)
r4 = socket$inet6(0xa, 0x5, 0x0)
r5 = socket$inet(0x2, 0x3, 0x9)
shutdown(r5, 0x0)
recvmmsg(r5, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
setsockopt$SO_TIMESTAMP(r4, 0x1, 0x3e, &(0x7f00000000c0)=0x3, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000080), 0xffffffffffffffa5)
syz_usb_control_io$hid(r1, &(0x7f0000000140)={0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="400287000000870489fd070c738fd87de11814465d11024e8d6118b945b21e3f97d085ab90a2766e3e3a042962cc2fc7b5b5824b3253c1dfca6ca39090e4e217c18d1b3727c25a19e7374bd6734117824c5d0e7563a45d5751bf0a1bf4e524973aaec1da82c8e39529cfedf7947ee12d1a0a34ab22c96860eb7342ede9c9293bfd264fb79d1a79d27f9cbd2e49"], 0x0, &(0x7f0000000040)={0x0, 0x22, 0x2, {[@global=@item_012={0x1, 0x1, 0x3, '{'}]}}, &(0x7f0000000100)={0x0, 0x21, 0x9, {0x9, 0x21, 0x5, 0x6, 0x1, {0x22, 0x8cf}}}}, &(0x7f0000000600)={0x2c, &(0x7f0000000640)={0x40, 0xe, 0x58, "a4279c73303341d922e60027fecf133176843564cfc8dc5c74f696b8042dca5537b8d590587b5279f4545daefa4aa09cd9ffd6c59a53a0af7feb4686ed228b4da9e623d0d48dda9cc6d9f9b62a9da87c72c1509fe9f1c399"}, &(0x7f0000000340)={0x0, 0xa, 0x1, 0xc}, &(0x7f0000000500)={0x0, 0x8, 0x1, 0x3}, &(0x7f0000000540)={0x20, 0x1, 0x6b, "5bcbc394968a5fb8b99f305ce0ec9f412644a2498eac191b8b44c5cae4239ad78296c1b1018c3299706063a31894bdccc646c97269f119f8e1dc1c68cc9e3e7fd191f6ac738bf5b19f50a7463fbc2bb5a64acf5b5d1952d1ecdd25f2ea8aee7a84718369cffccae0affb95"}, &(0x7f00000005c0)={0x20, 0x3, 0x1, 0x8}})
execveat(r3, 0x0, 0x0, 0x0, 0x1000)

7.971940142s ago: executing program 1 (id=2920):
socket$l2tp(0x2, 0x2, 0x73)
syz_io_uring_setup(0x4d9f, &(0x7f0000000280)={0x0, 0x42f8, 0x800, 0x2, 0x177}, &(0x7f0000000300), &(0x7f0000000340))
socket$nl_generic(0x10, 0x3, 0x10)
capset(0x0, &(0x7f0000000140))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_setup(0x1ad7, &(0x7f0000000400)={0x0, 0x400f691, 0x10100, 0x0, 0x2b4}, &(0x7f0000000180)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, 0x0)
socket$alg(0x26, 0x5, 0x0)
r4 = dup(0xffffffffffffffff)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380), 0x80042, 0x0)
ioctl$TIOCSETD(r5, 0x5423, &(0x7f0000000080)=0xe)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r6, 0x40047438, &(0x7f0000000180)=""/246)
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r7, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r8 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r8, 0x400448c8, &(0x7f0000000480)={r7, r7, 0x8, 0x0, 0x0, 0x86, 0x4a, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'})
ioctl$TIOCVHANGUP(r5, 0x5437, 0x0)
ioctl$sock_bt_hidp_HIDPCONNDEL(r8, 0x400448c9, &(0x7f0000000100)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0xe}})
ioctl$PPPIOCGIDLE32(r6, 0x8008743f, 0x0)
write$RDMA_USER_CM_CMD_BIND(r4, 0x0, 0x0)
r9 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r9, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r9, 0x0, 0x0)
recvfrom$inet6(r9, &(0x7f0000000080)=""/121, 0x79, 0x40010122, 0x0, 0x0)
ioctl$USBDEVFS_SETINTERFACE(0xffffffffffffffff, 0x80085504, 0x0)

7.550574675s ago: executing program 5 (id=2921):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x8000)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
dup(r2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ftruncate(0xffffffffffffffff, 0x200000000000)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r5, &(0x7f0000000000)={&(0x7f0000000200)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0}, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r1, 0x40345410, &(0x7f00000004c0)={{0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x80605414, 0xffffffffffffffff)
r6 = memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
getresuid(&(0x7f0000000fc0), &(0x7f0000001000), &(0x7f0000001040))
sendfile(r0, r6, &(0x7f0000000000), 0xfffb)
fcntl$addseals(r6, 0x409, 0x8)
ftruncate(r6, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000a7c96d5d000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$sock_timeval(r8, 0x1, 0x15, &(0x7f0000000140)={0x0, 0x7530}, 0x10)
connect$llc(r8, &(0x7f0000000000)={0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, @remote}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000001c0)='contention_end\x00', r7}, 0x18)

6.678103107s ago: executing program 1 (id=2922):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x101a02, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r1 = openat$vmci(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000480)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x1}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000380)=@mangle={'mangle\x00', 0x1f, 0x6, 0x3c8, 0x338, 0x1b8, 0x428, 0x338, 0x0, 0x428, 0x428, 0x428, 0x428, 0x428, 0x6, 0x0, {[{{@ip={@empty, @local, 0xff, 0xff000000, 'dummy0\x00', 'veth1_vlan\x00', {0xff}, {0xff}, 0x33, 0x1, 0xc}, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x1, [0x1, 0x4, 0x1, 0x4, 0x0, 0x5], 0x1}, {0xffffffffffffffff, [0x2, 0x7, 0x2, 0x1, 0x4, 0x3], 0x4, 0x1}}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @empty, 0xff, 0xff, 'sit0\x00', 'batadv_slave_1\x00', {0xff}, {}, 0x0, 0x2}, 0x0, 0x70, 0x98}, @inet=@TOS={0x28, 'TOS\x00', 0x0, {0x80, 0x4}}}, {{@uncond, 0x0, 0x70, 0x98}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x2, 0x2f, 0x4}}}, {{@ip={@rand_addr=0x64010101, @dev={0xac, 0x14, 0x14, 0x40}, 0x0, 0xff, 'veth1_to_batadv\x00', 'ipvlan1\x00', {0xff}, {}, 0x89, 0x0, 0x8}, 0x0, 0x70, 0x98}, @ECN={0x28, 'ECN\x00', 0x0, {0x21, 0x2, 0x2}}}, {{@uncond, 0x0, 0x70, 0x98}, @TTL={0x28, 'TTL\x00', 0x0, {0x2, 0x6}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x428)
r5 = socket(0x21, 0x2, 0x2)
sendmsg$kcm(r5, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="100000000000000000000000000000001000000000000000100100000aedb206d777eb0690750f0187000000"], 0x30}, 0x0)
r6 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r6, 0xc0405602, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
ioctl$F2FS_IOC_MOVE_RANGE(r7, 0x541b, &(0x7f0000000040)={<r8=>0xffffffffffffffff, 0x0, 0x4, 0x8040000000000000})
close_range(r8, 0xffffffffffffffff, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c00000043000900000017000000000003000000080002", @ANYRES32=0x0, @ANYBLOB], 0x1c}}, 0x24000044)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)
r9 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0)
ioctl$TIOCSETD(r9, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r9, 0x400455c8, 0x400000009)
ioctl$TIOCSTI(r9, 0x5412, 0x0)

6.632324364s ago: executing program 5 (id=2923):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000040)=0x45ce, 0x4)
sendto$inet(r1, &(0x7f0000000100)="1ce0", 0x2, 0x0, 0x0, 0x0)

6.17756384s ago: executing program 1 (id=2924):
syz_open_dev$ttys(0xc, 0x2, 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000180)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'})
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x700, &(0x7f0000000440)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280300002d00090027bd70000000000004000000130317"], 0x328}}, 0x84)

6.120790985s ago: executing program 4 (id=2925):
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
sendmsg(0xffffffffffffffff, 0x0, 0x0)
connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x11, &(0x7f0000000240)=0x101, 0x4)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000440)=ANY=[@ANYBLOB="48000000100005ff00000000000000000000004a", @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062617461647600000400028008000a00", @ANYRES32], 0x48}, 0x1, 0x0, 0x0, 0x45844}, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmmsg$inet(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)

5.995268922s ago: executing program 5 (id=2926):
syz_emit_ethernet(0xbe, &(0x7f00000000c0)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0xb0, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x9c, 0x0, @wg}}}}}, 0x0)
syz_emit_ethernet(0x9e, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x90, 0x500, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e22, 0x7c, 0x0, @wg=@data={0x4, 0x0, 0x0, '\x00'/100}}}}}}, 0x0)

5.84973426s ago: executing program 5 (id=2927):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x8000)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
dup(r2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ftruncate(0xffffffffffffffff, 0x200000000000)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r5, &(0x7f0000000000)={&(0x7f0000000200)={0x2, 0x0, @private=0xa010100}, 0x10, 0x0}, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r1, 0x40345410, &(0x7f00000004c0)={{0x3}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x80605414, 0xffffffffffffffff)
r6 = memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
getresuid(&(0x7f0000000fc0), &(0x7f0000001000), &(0x7f0000001040))
sendfile(r0, r6, &(0x7f0000000000), 0xfffb)
fcntl$addseals(r6, 0x409, 0x8)
ftruncate(r6, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000a7c96d5d000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$sock_timeval(r8, 0x1, 0x15, &(0x7f0000000140)={0x0, 0x7530}, 0x10)
connect$llc(r8, &(0x7f0000000000)={0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, @remote}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000001c0)='contention_end\x00', r7}, 0x18)

5.129460085s ago: executing program 1 (id=2928):
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x4, 0x0, &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bca, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=<r5=>0x0, &(0x7f0000000100)=<r6=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
syz_io_uring_submit(r5, r6, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, r8, 0x0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x40000103})
io_uring_enter(r4, 0x46f3, 0x0, 0x0, 0x0, 0x0)
write(r7, &(0x7f0000000200)='~', 0x1)
socket$inet(0x2, 0x80001, 0x84)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)

4.217729663s ago: executing program 1 (id=2929):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x20081, 0x0)
write$vga_arbiter(r0, &(0x7f0000000280)=ANY=[], 0xc)
syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x3c00, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r1=>0x0, 0x0)
gettid()
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000b40)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r2, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f0000000000)={0x34, 0x0, 0x1, 0x70bd29, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @device_b}, @NL80211_ATTR_STA_WME={0xc, 0x81, [@NL80211_STA_WME_MAX_SP={0x5c, 0x2, 0x5}]}]}, 0x34}}, 0x404c880)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x4000, 0x19)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0)
move_pages(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000d00)={[&(0x7f00000002c0)='(N,\x04\xca\xf3\xbf\x95\x92\xd9\x86\x1e\xa9\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\x02\x06']})
syz_io_uring_submit(r1, 0x0, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x1, 0x0, @fd_index=0x3})
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r5, 0x3b81, &(0x7f0000000240)={0xc, 0x0, <r6=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000040)={0x28, 0x7, r6, 0x0, &(0x7f0000ff7000/0x2000)=nil, 0x2000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r5, 0x3ba0, &(0x7f00000001c0)={0x48, 0x5, r6, 0x0, <r7=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_IOAS_MAP$PAGES(r5, 0x3b85, &(0x7f0000000000)={0x28, 0x4, r6, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, 0xb})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r5, 0x3ba0, &(0x7f0000000280)={0x48, 0x7, r7, 0x0, 0x10001, 0x0, 0x4, 0x1b9bb5, 0x243bab})
write$dsp(0xffffffffffffffff, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)

4.103059431s ago: executing program 2 (id=2930):
r0 = syz_open_dev$video4linux(&(0x7f00000000c0), 0x9, 0x101802)
ioctl$INCFS_IOC_CREATE_FILE(r0, 0xc058671e, &(0x7f0000000240)={{}, {0x3}, 0xc0, 0x0, 0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f0000000500)="c83b821add60344e3aa39d3ecd9f099f6b27aa213faf3e40a4afc47f9a9187d04a040d55375b8100d053606e88276d4c9bc3e593df0228998a9f79d2df12eee01b763a439970a6c80e25e4a37a447d26c2e2465783e52db3937efcd7782ec3ed4d06f433b222ec18fcde5aa57c37e22f740f649f7be2a369ac2419dbe111c83a1f5205697fd3a32bb44a4e78c36b85020d2cd1440218c43ec694ca2d71ebe1c61daecd2423bcaf224df005d0b7fb5bcf830b1a024aabe3f05b317284a1831534810dc69d3cca58abf27475377570635ef7b6dc9fdbea295b89dc76ba73a5d71b33f3881b7772f3a8bc3ea788f1300b9b3a1f7718a8fe77827211cfd3162b9e9030d2ebd6aaf5a2af6a580655e5ad5bb847ca8b098f715473c4796d92046ea2a9644b4b977cafaa5660d3a751a28a9cb106de6d238de03eedcef872b88afd0f0e5f88740607088a309fd48e932da6f474fcb78a50ae318f3f578b94b4919351bd7633459b985c903354ab4eb76acc824757e9e3846411388a7a6d7a3c59a5ffe8d4456b810527920c493507d5ef78faae0d5430d57e9103af39accedd114d7236ce8ffc423dd6b30e598be47e4d46cbfdc79b0e97d253715ce1b29ecf06f25b39ef24c2cb949852d15ba46798a1d2c295626b0ef29375fe16", 0x1d8, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="0200000076010000000000000c86000000bfaba90f45f1de19aa4f51736ae6850e1216c54418d6e6b74d05f13582231d3941d8e53727f4987450deeb2c009dbac0de13beb0f09336283f29cde4f408433aa9c3aed78a427b3ab26feecfe681c087f280f9add1d537ca7576b26c23257f3735a956f9b4bf02f10f6aa79de71fbcb07ed167b1e37fcae2f5ca62539a33bde42154844ad79ce3000000182be949f19dcc4c643f1ae0e61208dddadb0263c6f19aacbad84b842dc01dacc20805e8dd5916244797c945255a11d41d4f49228f73341915e67f276b8a478c56635dac11341904bbcfc1babf6c6d3a3c581a06e822d04954c33eae37ebfef5747f49a9690ce1e867d48dc637a1b260aeb62c8744723f8d83c00f67d356df960f61cd4e9d9498fe53e3cf66bf68146070280832172ad1a7754bb7a52b00df15af8fd2e70de987545c8f5f94719c7eeea9da4b1d129efa9d73bb0f3b37c2c53a20ca32ffb9e23b611fdb81bcdffe0a29f72553484999498c0a000000b455d9220b544c9b632a0000000000000000000000368cdc5256ceaf9846fad564b19c69d2e1dc744ce9675eb07fdbb79fdef3db0ecd292f588b02e74034d3f249e6dbb578b1c006d1f615b4d6c86540444b34fd4a6fc1a4181936183c531fc9e6db5e2e8cc879f97a41ce89c6fee61ae1b06b7b8eae141a9b5b340debb622d71b4af16deb81faa8082a8e53f5a9f9c3f964d77fc2727a37e01a1039f2728baea53225760446c48df012117dea8d07c3dc91516f01b66bed0c96fbe26cd48011a94ca90933aee2056090cef5c34f41ce0b0b954f8a7e0f0028ed97b107437b4134d77a39"], 0x18c})
socket$nl_rdma(0x10, 0x3, 0x14)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
r2 = syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, 0x0, 0x80)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000700)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="000000000000000a506e5de3f31dac9903d4a0174a297a9f47a767cb257b0f31dabaf9ae77ae57ec2e93300abce2fb5778ec82f71ec458bfc6fca5ef4201201be6fb27c0b6b7dc78b1a07db0eeff5af6255ef10e3ce3324c1bba3d61ce", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB, @ANYRES64=0x0], 0xfffffffffffffe68)
openat$procfs(0xffffffffffffff9c, &(0x7f00000005c0)='/proc/stat\x00', 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_misc(r3, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r3, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x89a1, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
close_range(0xffffffffffffffff, r1, 0x2)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_linger(r5, 0x1, 0x3d, &(0x7f0000000080), 0x8)
syz_io_uring_setup(0x822, &(0x7f0000000480)={0x0, 0xff76, 0x80, 0x1, 0x348, 0x0, r3}, &(0x7f0000000140)=<r6=>0x0, &(0x7f0000000080)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000180)=0xfffffff9, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x90, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x48, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x30, 0x3, "5fad843dc5c1efe84ced18d4422d5b0b86e8441958d3d2ea41149f1e55359af069a2a5e039ccf56f068a5a0b"}, @NFTA_TARGET_NAME={0x9, 0x1, 'SNAT\x00'}, @NFTA_TARGET_REV={0x8, 0x2, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_COMPAT={0xc, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x32}]}]}], {0x14}}, 0x104}, 0x1, 0x0, 0x0, 0x4}, 0x0)

3.497852654s ago: executing program 5 (id=2931):
openat$proc_mixer(0xffffffffffffff9c, 0x0, 0x402002, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCDELRT(r0, 0x890c, &(0x7f0000000000)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x5, @default, @bpq0, 0x5, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]}) (async)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(r1, 0x2, &(0x7f0000000080)=0x5) (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400010bce)
r2 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) (async)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) (async)
r3 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$tipc(0x0, r3)
write(r3, &(0x7f0000000100)="140000001a004f7fb3e45f2024d2f1c9fb470000", 0x14)
recvmmsg(r3, &(0x7f0000005c80), 0x1b, 0x10122, 0x0)

2.617892848s ago: executing program 1 (id=2932):
socket$nl_audit(0x10, 0x3, 0x9)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0)
writev(r0, &(0x7f0000000840)=[{0x0}], 0x1)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2800001, 0xc3072, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)

2.455821039s ago: executing program 3 (id=2829):
sendmmsg(0xffffffffffffffff, &(0x7f000000bc40)=[{{&(0x7f00000002c0)=@alg={0x26, 'hash\x00', 0x0, 0x0, 'tgr128-generic\x00'}, 0x80, &(0x7f0000000700)=[{&(0x7f0000000200)="9cf8dddaa1f966b8648e0eaedd02a991078b763ec39d35baaeaa4b38f508e85b24c9143a2dcde337ab3fac4cf7e97f78", 0x30}, {&(0x7f0000000340)="0a18623927dd95d6c5194e25eee14ba40c81b7b5e620ad13f72fbe7ade39e629cafd60887c8fa2ba63048fa972ad35a260cee5e070c69edf9ff6b7a60f0394349a490f09a28c43e21b5c0bb835899dbe2a904c02", 0x54}, {&(0x7f00000003c0)="98a018d7e88d40d5669bf22cf1d39d1a802d2cd4", 0x14}, {&(0x7f0000000480)="7ce9a9620b9563427a1678344279d51248a67cf8b660e35e03cf8cdab8bf8e81201d571f477074b3dfdb6ea1685bed3fe4e3cb91b09a0e8b7cf67804ccdceef67f3656d9be74ce69fc083995b163defaa6dae53af5d8e3e858a455481e40ab8bc30fb509ee907f834f51e34baa852ccfc65afec67afab46ed7c133e73e60640b6b2f801304cb0fee500fb36b25d94866337514d11b758297a8aaf4fa14d23e58de9117b133b564f17a38c85d82eca6ddca4a86cce143773538f95619c0d031154e05bae250138f5b6aaf", 0xca}, {&(0x7f0000000e80)="7e9996115ba9ce7e5cfd26c0a74d64d15bb2cbc8bf6d088b43fbbd3e416144192aef9af56b2d0613bb3a8d05841a659ff535e35a5cdc1c391c46f80dc5ef18f7b572b7b0ebe744663c330b481df4fd0b34f733a822230f9fbf8b960c3af71a071de7c1429d5646cc4464ac86b927aa578d3b96f93881679daff9f390c9c37042cff71451cfe3a268eedcb163bb87f6689efce1c22988cf85a3f2181951678de54b895016a590ac321b8a436d5f1037712fdc7de1213a6efc624546c165193eaf41292ff1e9008d33c68436177c9e731eb3041b83dcedaae5e4808d8aa92693c0f54e8ebb33154f2cb78f92b245e77d2eb3899fbaa4ec80339aa70543e6d758c251d8bd8b8cc858170ac23aa6a2a49b7421a263ab4b8976b1b5073cd20d9e37e44ab04a20d2d8cf41b2219193035baf6a070b3b3f02ede5bbf9dbe8a0fdb4d8e07d2e1c0d255a3ca4b5ace9b371c97ec16963a85a11b9cc24d702d2eae713aba41a388c68436b3319414cce78289703d23ca685806d2da3491d76794526d2ff93e4ce11fd952bae59704d1374bdf698b8c79974fdfa32ef38cc3156c8dcefc96f3eb144883f223e2f6802f5e8a62c204c74ccaa6e6dc5d81ca7cf691edc0078935e6fc161acb3eb090beec13d3969e61b9e37a86548c2bf01022f813e51124fd7fcaeaaf56917e283c9ccd932dff144d46c81129e703d03e0ab3adee3959092025b8250fab96a667be8097fc776cd15b9265d43ec0ca0cc2327f813495a0eca74bc87d6d8bf1da5ec334cb0e6c707b30a22a38fdc38840b85a5a49cca5b60dd9b11e4d585c6cece28332f14e1f61675a812927d21c707aa503410179846fd8ffc5b00740403df372921fdc37a374ce50756e6004bd54bf77715ff8a0fd96db02dc1d79cf1ad73405e84aa7cfe5f8c71f4c9c7286ed9b164ca9f695ad963d5ed4d2b7e4a60e43f982b6cd77a74bcdafafe67715a66ac4ec1febbfe0f30e0c0333d33350f47c4b4911c8154552346875706cff568fae214509b03ff7f8b00a9acb513b2897749ea2aaedeb3933cc5487beed3de71d47e389c8675e2e62b996dd78f5ebd97b72e1d6f1f6aeea83df4cd01c1dfd86371342867c9c12ecae4e0b57d57e2554e2ded9ad392a75d0f8fe8cd2c7e78d80bb2c66a03896cc1d7590c5bc8a958b15ec3f188b0c3143856e1b1d98f9125b09f7a71460269cf3872fab84fd9c780d01e09e91f1fb5126eb7b93de171b09fbeabc08e7991ec315ed0d0186f302fb7a106d324a58caa98a6928d6b89d7b739fc169ede922f3a396c4b79b3386cef23e5d44ec916561a77881ccca2e19757b0d4d85b1ab1636f2d3ec16188687e1536f3da9dd2e068034b897737c7e3926fe4b9b57c7467fdaf93fa997cf5451a3cd5e1f2fd25906dc0e817733c829962734f88b083a93823f6df357b6f2c8fb7b99f1866b0f6bd6805896aca8c57bab94b5c082b057c063916efd40d853e6c606031a0391025203173b8836b034ec6d11b8e8abb96efac9bd6c1289c61a237a5292d23cd74caa9edcc5645f3b74b5030352a6a4fce00f5685cfef31cec7244dcea1375ab58e5d8c2ea724f00e9c8ce080024c4bd2ba9b64247ad25b812c807562e3775976bde3365c539e14597d8cc7952d2467e3f57302a324e3570eeee4824e89c0e82dc6dadbb62694e4e429028e17f81a0069c5674668a2b8e2163c931def35825d9db3b52da856cf1b8f9ae6d6fd5fb373fafe8ca577d02d69951a47711544781aa63f0b5c5815a0ff9f909673ae404fe4fccaf8a5b0c2a43f0d61270e68ef19ae894c342638fce5aa9384a278d1f2bfa7f12ffb8bc2303989baa4c8af8ed806c4fefb90e23bb6b44f8540c96732f56999a1c2475bb3473370e6cacfa7ce5cd170204811a5a7989546561a91d2579079ef84cad673063ae3c708d2422e08ef2c1227dec6f15d34ba63110b97406bbc377e7df804da183183d33e09f4525eb5672f1aac57d49eaa5bdb5a0e0f486cf0643285ed6e1bcd286113b52f2a075d204310970c708f33f6aa51722c87ed94a993b89f42370178a9bdc48079169ef614fa0aaf0bc752979f9e3485f453be27db104e66755cc3e0be43cc1d169de9d2777020a64557574f023956404da7c2f4a515d2089f51fefffeea589ac3175565dc9d94c19e205a4d395460f92b8aac79762caf5024627b191cd90bc31a1c83dc313059751f367bb07ad7acf628edefadca636e8c457b6bdb6b604c1ed9a27d249104997c0ad9136a44ce77491050f6ecb6d7e9bac3ca4103aae05c492f161d7c5916e4fee09166cb9cd78c8c848dd6e3d961dc79f83268604a8582c707d19d5375cfd870c00b2c15906844082a77161b4751109e15660530b13411e57d8851eb3f3d3b7f308c3ae12187ac886a223d6a03d530009653064f13387918a66a469edbf45946ecde65a8ad99bc611d59a6914260ccb54a6ffbdd79eb2f510679b6919f34970c49abb9178ed29d49a9ee2316f6df542629480a7c2259484524dff65cb59d43a8d37b082594d3ce719d512f5d7fed075a28e4990d062b7aad9c4969d20bd3ba6315421ac1d8286896a9e119e38fb53b5801b4ae4bedd47cb73d99f33415e5199d87a1d3817c6affeca54d40bd7476015474a089e60e73cbd8601ec9d606555125feea034df94583e0eba7e8002c010814ea7c53a70516823145340caefa9e60d80ada6e1f149a0ad3806f1492bd1f719ac82bce7349115f0ed7d23562fcc77158afbb1dadd6078a3c875fefe2651eb20655a38265c4e8907eda983b1c8625fd1ec797b04af9864974bfe6d602c65a62514bb6e6973c70d7c6557fb85bf8618b790d2f0e962945353d505ed6b6f5d1ca746a6578d1789287bc63b14b435a17665096b88c012683db64cd12749ff07e2c85efd4e3b1e3596437982c5744478a8c03218b7c28ab3aa16ef14a6144f24a3a2fcfd932c905a4457f3493b38153b06b80af68f3b0853414ca6f008ea849f7eda8ef86a1c26bc505b2f40ab32d4b09479f84cefdc34a7f7cf7631c983002b5b5859869f32026f5089dfd7f7429408586274b662cde7ea21cbb1f34d1d712592ab64376a5d97f60b8e4760d93a5a7469b7c63eb860331b05a6f6fdebefc3ad6823522f0ceb89e3240b94294cc48f94a0da297bc7f2f4d517514fca17c148e529ff5412ff80ac08c4d41465d3a4bd2aedb325c67cc870f7089023d6b8b0fad190fa0df126fbfca4b3ab2b5a23a05e43140faf095469a69152af1eea11b4f189a180cb3acf79f39af9c71df03a1508449c51954458d815b9fba71913ecd99b5143fd6731d58f613da8bb7d8a7dc0089894683db78e0c1aba2edef6d57aaba50b7d694c8b9e52609cd7949aa555d44358da0c113f7bc36a62a4693142358330a526370842ddbf3eeb51d0930dcee9413cd18cad7a32bdb588f9ba28f075303de8bdd97ebf9a21aa2fb695a451278f7bc2be6a25816f822446f4d5e31b6cb082ba8ab002cfdc18476fd98ca8e29a4c5419c0c712f363eb80e22133c513aa4f84a016ef81efb537445df92ca49095076a2ef2aaadfbf3f1c94cb5fddb05aeff76b4439935e1aeb15985e8f60d472de77c72e71bf5becc035b75487b202a584af249637a6ae830b1b82f993f58a19bd916515a8df9473e7f11583145c58a51677aaf69b10d04adcc9f233561fe1598ac60b408d4cf571a3824b5907dc16bf6ec1d243fda0e9445a6964235f51a0a8ab04c1c7187d4d44bb1bb9e532465c2ee54dc2521380a607b99f801a61decf6b67afbd965584fbf056873e90241e43a211d0de4decd8a41a7c317f9e0ec0364298b6b44a0c8cf0efaa374ec7b5c85ad3bac2ffa9d4d638f9e953e74a224168e4d4161163482fdf2ab10c03e3e4fbd71669b77b072194db125655ad06b010abd553e57dc028ba5e4bc9d226528aa20f2ad062cfcd957e118598ae7d5dbfd5db4400873df6c0ad8ee42e1cc5f2cdff3f936f194e596394a02aa56e67f81dca46ceee8df93238cf631da2587d081e90a7063e4bf3f51af9ff9c7ea88d62d46aa992f0e9167638e7789cd1ec3a7b35938b7c5937df0ae16c6f55217ddd760bcd8e40b54303234efe462feeb38e8f253df2bbe7c39ed9d3cc1a44e3e4bb4657115a0d7f7987877b77c62389053f4a9bf31d9d052cc3ed6cc89254f66a51ba580cb62fa29b5a24c1c85184dc17d45d8d6c27e0fce96e9adec536d605b404c811602da817e050a06af8cdf5209f8e3ded3664c117ee6874d3cc4dbb1eafc110fd25c8b5aa7d7483c1f94806edaee538b94f180ed932615b5804a400567ccd9fbcdfc478229c9ea67fed8509a7dd1dcaabe19c965c2c3fd906fdab5068a50a6ebd4c18e468b0b54ada82caeed2a3808b347ef4ebb7288f583a47cab691e8280fc26799f77cd12b2eafeab93ea91373ed3084c5998a6c2d5019870253b27a4ac9ec1a0659e4206640ba3d592f9ad8d255380e6312ffe9d93ac9ed71514b71bd2284bf57b04d5cd947b968300245f967cf92bfb660752a7012984bc2a2ed8b38855a8d4ca853006d513a624a45e731c359966ebc24f184df57c5bb0cabfe304b33af2e04c2f5ceb077081c19e1e1bf99371e7d8f02e5da42742100f08784b0a9e01cbca1dc70c574be09dfcca4325d4fe52f30c7ea9678cb616c6603b4485d4ce3f8ff81a0b58d7c6dd858e44e379544836807a37f3b2246637cb8e76e6d9f27400c14c670ac6d9f7808d6186c5c7c98ff6a8462829bd3b7d6dfa59511448fba409bd04458d134f8b80288838498b84ab2b1d1927a6a4caec09cb16041ed266123b31bd8c610c862fdfd986b3070886d08b91bbd75732279c9e56a67fe8df2d0f02f8edd41a0e92c11fa2d0b23a9b879cbb32bc585fc4151e431b904bebac36c4c3a4c42b7499ba0a8fa10e8948f28067e28e5f995e0321b4ebd99b76bc3c4b7cf1724bf7167f4a82e561beafb6f8ccf7071a1e9fc8694a884432250fdd6ad05e048687b0e8c6d61cdebf734898cb40b35d32a49a6f934b2e186ac34b30e841797e1e5606a75e09d9d29bdfaefdc2cbada4010e08e9a24184b330f2efa023c6d55f385bfbb6f9bc2a15c4aae080debcd147660d5ee5f04e263445681370c2d8d8615234a0d00106789d027bc82c029c8738fb3ef1d8b328040ccb688ea016647f7827659b516f8e32ebe21cb082efae11d155fa224f250a169eba8e8d3d57ae71a54d2001626286d445ca0494aa21e8e156f247a947a30315659c4e39d0bd1c84c335d234267176ff1ceeae7bdc22ea09cc0ffd5dd1376ebba300c749b1ed9f1e2882f4fddc64682c58c06b94244a629efdd7a47af5b312f720bd76d266d1caf542fd95237495fdc61fc832496f74e6ca8900ec8f028fc8ffa09beaa2204c54965c32fc2aca75685ed43c0f22be4d1ddbdf6ae0a51ff554863483669f91027605a0844e3d65d4aab20575cf110b99b737bc372989595b20ff3a25cc232c8a7cbd9c1283d46b3d3c2ec4300fac3845c12bcc6dd0dd085db71c3ffd3ec04d00d1dc1631154a4ab07a05899b104c07f55e9a00f25f594d75d5c6fe7958028a7563aed21dbc05e8281d8aa40040545406e7a419eb754abe9edff4cf9f1c19dca5c5f19e5a38d4bc962e843deed597c5556848a2dc5d78d8f15e7fca33f3cc4d4235263a899c5f6958664e952ab3ce5137be2bb0e35a4b3003010682fe40547452596497eaacbe888774329af16fb16eee6e8627fe55f4e789b441e1af131df6a638a96f4e2b6028bc9a", 0x1000}, {&(0x7f00000005c0)="253394a0b33624bbcc5a2eeb29543770b3cb5e09c90f4d2a61f72569773ae8f2321c975ef97d1fbe2416a6af5defe42b85ad7cdcf7bbbd44e711502f77ffbfae6d65ee6c3edaef41acf368b66c5499887c409479be404a2274783c12368ab81eab3c8218ae75de2539ffec8c342e367c8ab070cecabed35bed16520aa0eb8ba85ad8e14646ab15e07ba2f6364f51d00d13b1172dde48f74d8c464bc4167cf74b67491c782cfdecdd4b1188e59b3a", 0xae}, {&(0x7f0000000680)="75ad2ad4e0700777afe766244961e6e475bcfb53067b35abeb84746e050824b7f12600a86378d0e5bcadb7d846d18792ea765c33b057de94f3618c9ddacee82a406e8a7331bcfa327c665d88d130902af040e1af05b96cabfd9797783d5868f8d62034bfdcb918b9a8bf97188115a304d816c0a8c7e7f1a557aa376198", 0x7d}], 0x7}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000002100)=[{0xa0, 0x110, 0x80, "e45ee182ae0cce356c2bd90af693bfa70ed42e208a43e94de2423821d35d437468d954285c9f1affa3676000d3ce535b1f509ca915b49bb0cf3f3aa6d05904a51b6c4a17c35555bee7c93fbdcf71135e1248e21b0dacdc8484a90332c7e595038e40b20d6c1b2e8c6689af85624fd82918a85ba39f2f5ec29a4ff1f379a6186c256b518b30bea91a1484a1c3b4"}, {0x98, 0x88, 0x0, "1bb671be741bb1a9835d0d8c2865539a2441a21703463d4e8cd6a88ecbd7dbc8d79203d75aae7f2845f94305e5f4549a56f6909c6d0ffa14bfc16ece32d915976f8b456c1df82a647978c60c84525053f5557b6816948419c6cb8f396ec84fefcb305c08d28522a6f84ccdefc6ded328fc632dc81e3f182da58d4d9ab86e114cef"}, {0xc0, 0x10d, 0x1ff, "6b795a8801b43b5c79579762200894aff6b291a2d7ab9f0c2cc83942d5b217f6f24052e8ddbd9dff28a00328d747791bafd4f61f15aba6a4610cc7a470ad09cb93c880df82bce24801b6d0ea387c5c019ea8bba7b94760208e072c51861beefe9dcbf72eda2edfdb22c0a20798f6a8952672aa3a751dad9318179fe35d0baebcf70ee31438917c2ebcd4e024b3ef9505c4d2405a9a086e68c38113c4a969c7b6f71d62dcd7cf60f3a82c85"}, {0xa0, 0x109, 0xe49, "f50fe212eb15eb7006301dc9f32343485962c4d3970164afcfd191e9987fb436682b1d7d7305841f47ec54dbfb43d0d9fab0c8282f9b039568f5851ee19dd812ab11933c14f51fd9a47d6abc336d0ebc28f636d51555e3dfda862e1be081a4c94c870e9c42d3492a3b906a77fbcfccd14a9294fbcd5f2012b6a5dcfbd8fcf93481922de886b8c927287d0a624aef"}, {0x90, 0x101, 0x7f, "156321badeb5a5452a38c38da4b9a0b8a85f0f1a4833eee1634ca222c403b2387cc76e15d5af342766bd73e30d6beb7c309103b4da7c042c76b12c3f27bb68d39268bd3cc3441451d76f6566fd0120f25fa6e44a8dd1b89baa2b6d040d66e556e0fc2cc9c3d99ac198aa5655a142b513cafee1b85b1fa936003f000a56"}, {0xf0, 0x10e, 0x0, "02e522e0232ac90369f5d28cb083fa74b6b8f32601d05bfb0fc4e6ded39d7e5922f6c16c3480f8e9034b7bae7d0be70dc0d155aae228f8ee3becf502a08a06e68d6fae9c22d936302e7b83964898384d664dda2c7b4212792a5b9ad404a151f3f18ae0c8bd25ffe5dea23f29a11a394caf37ba3521713738746d8a6f363e8c1907bf9a6e604a390d690617185d17580d3da84b41583c9b6b325a7f0aae2675fc282338feb919b744052059850b14fd50384f3d05ecffbc40e29b463daa593c89ccd0e65f350aba84e9b31525a084c5fae53c10ecc1679baadc9a"}, {0xd8, 0xff, 0x245, "4e2fe69d8466b8e15432da2799127528ee9c43c490dafa18467c877b615cedb8c8795dec9bb63fc646abdf0df9d87e2be9a8d35f6213190c00f7efd2bc6a96532f290b04e01845e8e468ab6006b000d2a907c11814024b7f01646ae3c1dfb09b89fece0557dea4dd9b01bc19ba7bcc528ef46afd83dd01b4c64be0eb4cb054fa15b5a331a1f77df267824fddd5f0514025bf3c85e699bd2664df1cdaea1f8b82772cd6aa564ed67f71079023f1981fcbcf5c2001f9567f40958f7e20d5f5ce14283a4a44e635f3"}, {0xa8, 0x1, 0x61, "4dd5d003562a0a251d009d907b0853523ba933367858fd3b318f530b5fb6e3aea4f2d000bbd90c00fa3b15ae6ad644e5f250f5f60a50a0adfb469c726a2f21c24f5ac02afcf5a50a4a8cff0f7749e1fceaa8da68cbd0e227b3e9666a539e1e5a5a1865791961084489634e79c0e1fc73d2401b6f39b637f82fd3c7c1b756b775e04093b0a4e2e74ecd4129dacad513fd93a4c4"}], 0x598}}, {{0x0, 0x0, &(0x7f0000003900)=[{&(0x7f00000026c0)="e8e9c1871c36962ed84de850a29933418284d8f4f2fe79f7ca8870543abf1c2f32f674cb2df60666619dfca288717e5aef2873629271ecaebe1eb1aeff602a9a71b88c44c73956f766064d9ca7d5b41c748061991cd811aad066d7823eb06532e85c6367b3705f58d92ce73aaed146575aab7581207430496cc3a3bc04082afee4fe0c115c3d0028156baab8e02b2ffb4e32941d71945a7ca72dee19d5d774fb44eff6dae21a364d67ab22257b15d7ec4484a4b5cf58fa456a15857ba2158524095fb39ed0752a623941754149b3eece67e370ff51557a818e0fe73c54f946f87404d6bd0ee7dfb651c96619d78d6e9fdcccc17a337ebbf77a7885f4865e6c24f1c3ce15cbf156031ae56e10f1a2fac50ce9e1b05ad8a12d810776f45583b2792966ec8354f8ae7ac97390326c4ec267ae335adfafeed5b702ea9ccba8df5022378b2a2f7b4cecb9014c131bab823d2c4e38036d3013e9abf17cbbf0cd48cd310fdb03b077f2c862eaf6251307244922594c3c80429e8febdb5159bde405201cd6cbb206a5120d4f143c20c4bdfe5ea93e7a8d8a323233ce3d3da6f5fdc6612243e08fd2c0bb1a8746c0658866aaa777516ffa1bf8e2b8c7c96ffe746124490d659d82e0e75fab05a420f9342095e585dfe36cb4990c8bd9cc10865a339aa9e5d9b8831efb97f2edecbe31a98bafba70f469aae1079ae7ef2e9aaa63038067d76aadaee82d1de5254a1896df4e9ec4e63d52cb129f2f3fd0c3fbe2e1e332be69fec220d9e02d9f62e5d7beebd59516621d0c4e3a51952189449f868dc5111248ada1eb773db9b185c399845f808d09cc456e4921ad003be87e3dde5302578326160fbf1fa3c742c1f8dacd5e8a018950b5e7d0f5aff0e992eb5b4a5fd323547c18ce1869764804f188d8f3e12e625f0f45492e447792c1cb6dc5ea1f24e898d061cbbf55c488299ad48ad94dcab1e3d5a2a47aacabd165ebed1e42a438ccdd90d4b5d6ae8c573b91f4b0a9ad46a77ba3b8da1ea35417a818c948dcfd3d4a93ca83ebf4c8f29935a04577c866866295f7176ed5f4b255149a1adbd7068100aaff60eb448cfb3ee84f9a50c02578db6dac5b0e637e412762503ad09438f4d4c2ce45f1f19c88ca917911393d2b95d100254c6fc2712f5baf2d72cc1413e51b8e8a67f4c95c22304c7352abb95e1b34b0ef146f1c1ff6f8b02cfd498d0abeedb1fa9014841413040456ceec4ecff6fd1c8f0ff7c019f844f5c4c96fcf22e13c7bb3b6a26b24ed5d6ab3067b8db7ae958a02af73adc7574b0006dc25a39bc07e85979b6f79a990644bc21880e195a16215e7086538f068ad341a16907ba79698e3f2b1a555f19e743450e1133249c882ef36dc1035184c1c4316e34d6e8eb266c4526f6be0c4b56166bd54e90d9afc9cf3d244117627fb256872ddeb6dc62de885d8d8a74196afccdd5b5a80633eb12978fc6e5b073c6fb306b1bf99c5214ac1e9d249ddee4bddec2d07703305b4ceda5aa2b1b2a58aa813a45e8a989470c63eb7daddcf8dbd0922489beba476a0c29f8c82f411d5d1f60a207b0efd0ebdde820b1b9cc3584a3cdc1dfb449328dca982d3ef4d5c26244453d4c751b0ce3101b4661b522fd1a14697a7da9c885aa4b8f79e99bf04ddbdba0ee7ae528d0953c8c0de38a49beaea8109d1c39f60842428ca4bca06e49127aacc4dca00f6d4e4ed24882bf7c784dcb8ab6f2cf5e3ef05a920e899da819a04e188061fab2c73056d1dff0804f579ab61500dcbefd62e9cf01176099c9daf5856762dd4833e083182946c559e04673ab024c03cfdb739387710be287c5254ec6715b8cb799d249c0a8eb94cb145099494aa45fa6268460bc8c665a2ad688043628605f6504d3142ff62a4de8ea67b9824deb4e9d653ff1bd35b36ce48b3c43f131ebc6377c3aaf7a06d9fed6e389ed10fdf59baccce2387984b2e6729004199729f2c58ccd9cc1db16c5019e03ef8afeed5cce6018edc630302d9b28a15a100fcf5c519a7b19b40c04681068e8961ffee0782395a0beb248779aff3a7c1bae1e33135cf0d2d6b4211dac5dbdf8af8a42bae221bb64ec6cae109b49823b8e17d21ad6f399bc406d04124d49f3b46a688614c3b0d9b39e3219bf820ae7bb2bcd1f76157eaf19372ef1b75a91178154740bca239455464d4a994977c75bad7f4d0e8e43fd6cd795ecfd05a026fced144f3609c669adeabe6ed1ff9c4965ce65d55b0d7c12848d0f7f9718d18d40d8d2c36a5c9445adf5de72ddff334e8ef05cd76be8c5192d443192c0359340e768949730cf07917e3db015c21196a0d4876750d841691185491f06d49821e7845184b1f86a0a69c8cd28e9af70b0e01cb86c9a1c39234567e95ffa2a2baddb68217d2ab224491b1be1e515ee04dc97618635a580a0e82903768c8caa793944cb6ff0bf7bd012d7a62360a14c5e5c9123706ae3df7ff7674cc857fc87f482407c8f4592714c8880bc1f668bfc8e0bd93a41803619749fb8d9aa48cace27930c44a669c3ddac925f74a75b79bb96740aff5093df20d0a6c3a3c2849c1ce1cc3733c3fb3ac7b581034babc7f07f0b9f4ddf169d6267b67bc11c651b1530a1f02c98bd692bfa6bea3b0ff766de70be896b572bde683acd29dc799e88f6ac24c49d3ec57407d9a7ec94e490e7c903cc181b161ca76b189c5bbf2b408780ceada651b52520a0ab7ca11f3819a9cb833ae24cbe0c65cada68b96f7eabd158efc9be99da7461eee7f777c0ba97db0d2fed888256a4657e6c9dfa808746816f2cc7f3a38afb6356a3763c94e5f5af06116d5fabe4cf8987e97e959f9532f53bb8015fea95130b59d12c3e67803a9e882cb58fbae1d69f5551cdae230bc5c36290549e74b1d0518f1681982559986c81425926cd7860547806f0f983224b5b8c9757f421f3aeead68a02f25228803f32acb83b4e62b1dbcd45aeb91acf9c08dc12cc4582f2398f13872b774574baa734c4c2acd7d7c48a78a21fda894437166885db4f90ecab9fea225e617f22c6d9223023fc103aae1272961da5597c7a8de4ceb3f315083a5bdd64def5f9a9e9bf59806af70c202b0a8bbe278f359c478940e454c8332590dfc0177eae57654d1ebf4813184d9a275bcdc7bd00a514fc3a9b42c33e7ffafb3ba63d643f68be476c5370b368d83ae24c4b980c87c1ddf4fc739e3344e3fd698181e1e3e85e5cbe1ca4bc68e17c9301bd17830471a640d024b8b3da80f7dc6ef15179aae8ba04e0ebb1676cfc0ffaf775d2200eaa9babd615070a7b9de23d792fc04819c89fb682ec97dae3e917a25e92ba46817a3f2a7", 0x939}, {&(0x7f0000002000)="b8847c54204db9cdb1da602594c5cf4d506b26f77e6f5acfd6", 0x19}], 0x2}}], 0x3, 0xffe0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
openat$random(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0)

2.43474417s ago: executing program 2 (id=2933):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000300)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x2c, 0x2c, 0x3, [@union={0x0, 0x0, 0x0, 0xd}, @var={0x2, 0x0, 0x0, 0xe, 0x4, 0x1}, @int={0xf, 0x0, 0x0, 0x1, 0x0, 0x7, 0x0, 0x17, 0x7}]}, {0x0, [0x30]}}, &(0x7f0000000180)=""/248, 0x47, 0xf8, 0x1, 0x0, 0x0, @void, @value}, 0x20)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001e80)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01040000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000090000000060a010400000000000000000100000008000b400000000068000480300001800e000100696d6d6564696174650000001c0002800800014000000000100002800c0002800800018000000000340001800c00010062697477697365002400028008000340000000040800024000000000080006400000000008000140000000200900010073797a30"], 0x104}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x1c0)
socket$vsock_stream(0x28, 0x1, 0x0)
r4 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x1, 0x40000333}, &(0x7f00000006c0)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r4, 0x847ba, 0x0, 0xe, 0x0, 0x0)
pipe2(&(0x7f0000000000)={0x0, <r7=>0x0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xbf22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = socket(0x2c, 0x3, 0x0)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="110000000400000004000200ff000013e2000000", @ANYRES32, @ANYBLOB='\x00'/15, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r9, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r8}, 0x20)
r10 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0xc, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB="18040000000000000000000000000000180000002020642500000000002020207b1af8ff00000000bf"], &(0x7f00000005c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001040)={r10, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000100)="b9ff03316844268cb89e14f00800", 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x4c)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)

1.145549956s ago: executing program 3 (id=2934):
r0 = accept(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000000c0)='mmap_lock_acquire_returned\x00'}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], 0x0, 0x1, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x44}}, 0x0)
fstat(r2, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000580)={{{@in=@broadcast, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@private1}, 0x0, @in=@private}}, &(0x7f0000000300)=0xe8)
read$FUSE(0xffffffffffffffff, &(0x7f0000000680)={0x2020, 0x0, 0x0, <r5=>0x0}, 0x2020)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r6}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r6, &(0x7f0000006380)={0x2020, 0x0, <r7=>0x0, <r8=>0x0, <r9=>0x0}, 0x2020)
write$FUSE_INIT(r6, &(0x7f0000004200)={0x50, 0x0, r7, {0x7, 0x1f, 0x0, 0x2066012}}, 0x50)
syz_fuse_handle_req(r6, &(0x7f00000042c0)="000000000000000000000000000000000000000000000000000000000000000090c400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000542d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ea8286a2fba523440000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000633956a1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001800000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007d6ab715107fa1820000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f6ffffffffffffff0000000000000e0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003c58b3bd0000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f4000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000286071480000000000b13bc1e6d970884f000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fcffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f3ffffffffffffff00", 0x2000, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x2, {0x0, 0x1e}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r6, &(0x7f00000083c0)="77c61223d5a77e6eb54eb37df2a6550d6a92caad07dd94edbab3c1bafabc4525f42da59f37dea9ac984d1fcada5f31486e3d505e5c7efdca38df95729c1713a34c0747a70cf9d03651264505355d8f97db53ee07960157dc86a9edd8ae482519b0b69a22762383b338e81387054845b159096db6e8146623fe9d9e8b1fe24ccef64a8d6f78852af810993fc5c828d184da363f98586e30851c9149b9a3bffd926f39050bad081dba0e32ff94fd883aec2013dc36afcac723286c3be5acba915322a3d62d2e816c6a97bad75e0bfea9bd600d78c029a83aa035d3b185b3a1c733a5087fbb0980566dd163fd5931b6a9cfe4b85b8fea7bb2cab10dc9e912508d280ee8d64030e4a9de20ffe80582a59eec11067f1bb9e489287bfdea395f01fa2406cc8f1921b14a4f1195999d2aecda5bab0e2608fa6c65b1668017ab29514f9cedaa396b17827402bd7e2241cb1ba04fab531b684c0347c7d35f1ed86d438222266943a15db3c577cb8537b90b0fd9770bab8ec336d6ed8d2458faa6db36d18b63f18b522977e74548f5344b9e1d5e8079f7e9c8dee75d7fc8e135017e7ae0a0d81902682c6ecc7edcb45a27b958995b2a69c90a6287f48e0182681fa0476747c827d07cf4fcb764689747fd55c23d39689c84174aa33abf3b69fdac0005b0ffeb03069d6e07a5fb2a6704e295f46b47b99552c81dac65eabcd3d4f00ec2fb904609d02b4cfa4e242a07e1325228d5a72514cef4624fab9d547b09b303b53e5ed0a72e14120be47b31d78d73d3086c81ac40f2962fa17585619e6cbab0a471d51ea7a9c94246fed8e970f37fe78b27866bbec5d85c18a714a6e89627d4819c1816bd77f00fcb72fc1686dc107fc351ecb4f0164b7ef1a0802b8c3f31755135cda5b14bc6a2e08285da4323d4060c7f40c8b350e8d026421f25dd67d163b1c1ab87c19ef6c1af1eafa50de66b5e0e11bcf3c620986a834b5327ca8d0970de724912c58b402de63b2d7615096d67e6f9c15036ddb8915a1fb602072266e0a2903384f50bfd9d749c4b587a2fc6d4d28a8b352a9b5e0c9f8cc18d7321a8a29386db80bea100d13a66741dbc67d27948ae1ba4233f80f6141d769166ec8dede37cf74afc42fd75cfb942572cda14b1ac739e6b486758bc4cab194fe35c41159b3c12892bfbfb17860f47e95ef89d715a73558d79369445f411b0e6b35a06cf74b4356e41fef6bd06f7c7148fee19cd736ead1f95d931d498f4eefa00c03b117ae758b9430a38fcc941b115c42a6a1d50ace0dcccba45320791e906f1ef4c2655a86cea021e686a4529ff9d471e33ec04016cffa229ebf90977f10ec3e654aee030382637677d4b2ffb16d95f83981949567ef4a088c2171a73608571bbe4a439725cb2dc88063078a067ac3652c0843f220a2a6dbeeae5fbf4642c8e7cad40b57262a53793c7cdd81d6876e89bdb013befb1444ac80388c6c868f685db0819e0907742749f337cad78860dd863424f2a1ce493cf138da1af8ef5ac55d8da1962ab5ea272e6d55f6247d58154c5f13580e2f5a8dcf418a77c71cb1abd4f07606ceab95e5da5838e93193bb7c7e6ac2ea41bda4a3d35614569a44b431d42f2cf0cd13f544daaeb3cb91425c5887493437efb9498abda3ad9714fa250827fda0f8f25ca888595fc8c31e07b5af970d6d84ddc142ab0db7b801159d0e8346ff3b5881c1729769338b66c058d78ebd4651700cde4283c83e66fecaf26a31890f9e94e16fc2f3f662aa399a04da4a846c2f1237a3b1003c4592d7297c5451407b67245eaaacbc963809903aa9a7213f9dbbc52716628c5d0fd4b182c453303f10bba73840176d08bf5e9c4f33f7efff342ef13a1e0ad202d308e9c647a8d303f44e4df5ea0da9fcdb1023efae76fdb1bacada4eee1883dd1f275ec24d549a3fc6784bc5c63b349dcc5520ef08e888290c8500e888fdc9ede9b97ac09aba2a454d390ab9c65d68d3aab30ffacfb771d32f49e42ab3c87bca66737e8d2630822c9892e809084c093a7f1c0e9b938004920f03483e4b244bf1adaf19de2c62fb500404b8c834b5529a7988277d96e5fd74d3d6624363bad03a768d1aa5a008e3826e6dfff58862833747fb0b09dc5ebce83ad4a952ff3c8e98599323483a63e93f56d179a8f653d2f6b2e9e5771350d6447f3ba73b1e94df4b45d8910f4b95e5867a8bcec8a979e90431b2d472e05a4b79b0a5411f179a2ff93a2105c2478b13ae4977c617054bc36265da92e0410b0e0f1c38307e9890e998ab2acf6a32776ec895c621f0693191b059ecb92559abde57efda2736ea1ad7c4c648c1b77e714638baaa8e086ca047cd25a490f32178306e6a4fead902f35e91adb5bbff458514ff84c574aa14daf6d9105c97fbe54b7cd13ff0a11753861b4ac4f6d31b5d3f65050805d1f3d4310e942a86e0bd99a8d15612ee56666ce898b8aec0126c31d8ba2c91c4937638b8958eee421e6d0208803cb6a64db94f132036d4ef1ff53ee486aa8933d6f5fb7795ee611cb12b0dd9faf6acdbbf4aeba1518abeb40f8275a697d57fd7cd68bdb60e02d6aca8e9e6da432be7fa889d1b3d42177b208dc6ed21e35b084596b0d21b8082a363bb0aac821f7fcd5baf69c8057809054cf40f44924b79663096db1b552721924b65790153a6fc745afd4862f59e91950b6f7d8889eaef038702775e472387236287f5af6e607a67abd4ac034ea31ad60f7ad89c047c34aca845c4e6acf029b1c1955a764346dfca5f0462b2a8a805f06f1ed5408f7b43498bc667429813d7afe5e5ec03d558618a08fe5af1ae1ee84d95577b67b3ee2e8f2da81cc3d5bc336bbecad223a3abe96685ff574ea472fc026cdf449d842528dfaeaf4605484d9f42d38aa385437685bdd162122a4769338d8afadd9df929fefb55a3e3f04e4bdb12d621a678631b7babd21b31239de0748ff15248f2ca5cb189d7f0110f9e649a02763a5a259a0a2e3fb1a885fd50b3ea25c6bbf56e85c1665146f4a5bdab0c2af2fab417602ad6bab50d6bb57feaa07d0a235ab10ee6da11883323a6c24bf9d054697e5fc7d3f39b9454962a017e405db82924cf80b31ca9e22dc2d9f7d6a118e568ffbbd3aa03886ced26ee55c035ab44812bd7d1d50beca5fc4f7d944458f1e2b99478811ed75b1d70c2a0722a5cea10719d645d4a0e030c18016afb396b449cde8878f3a822487e69f6ab10127759f917ae106738a320aeeb300422358d9358aa68b4801a65651970c602dc1093029625fed7e2ea488e9b8fd5365338db93ba7e3884866f5f4ced41cc10dc88f6fa9b2532537f229fbd404f4853e9b91cdec69e5e545172f71367d7913f242fc54989227b794eac44935206a793fd833f14f6d6f1b9cf698c7e420081d0571f35baef028d39bdf7f046928276296b7ded7729a31d318b5212b21c00d03ee414537500d2305b81ab2f0be12b1578459200e3c16333c1519032da0591979adf7fefb655d968345e1f2369b8f3c832338cf1c7e6b9fa3d2b78d180479334b26332e5ee0d52272cf26c0deae22fe810f7a5b1804ca8674cd2cdb465bee0c414a9ae44314417b7248d6fdccef0b43edd48003c291b9e721453be187d8fa34de2acda3b8df2777fb933fb6daef0dfe8089aefe842f87c01f2ad3b5bd28799dac6d47211292901f99048649dde6a856e8fe688cc62a9660756071b0bf6333f9687085cb52f3b95d2ebd8769bc6c2171d968771cf181d03d5f0bcc531f274c428d1db66b6cc9ff1b48fb2f96887d3f5f4722e92ea488100a8f5acd973ac28bdb399b75bf27d687bfc0ffbe803ac9a0c21efcd48ae55eb3b3c55f58bd95ebd89a102c8f97c26ba8d68925723068410fa475535eb9ae2b119f0c85f34d9e87724a9382cd409fbfb316b0923f59a59c36b49f6fe6d033a578ba1fef0e607923f8859e98f37f369a97177f7ffef77a69371babbfb5ac7299a33c38ace80e839ac17a294ad8dbb70aa476643f96faabe69df20e23705cc2e3796e000d81b568b1fc3806a32f7da08b495e06f4cbb4e67fa88f4d5f04fb6bdf7b18aed386aad0c4861207e925dd2c58a57767e9eba4bbae16343c8cc85e00dc9944a63064debb5478819e9a72a84553e1bebb8eb0543dd724a0a7c0ab6fa613ad8763aff024655c99006c10b258d857dc36418283c86b3fb6101ad52d42ac90bc6d04d82f2fb6b742b4b460f9282378856a48b023a2f2b55652dae86080e730dac47280be3915884a2da9e647b9679e53e43aec05f8b6c6aed4e14b60a5b23af0862e65b46b7a66a939a2e0b41d2041c87e7239a2ff1e8bd54f09f7b901bc4dcdd42c99822b97d382b1c9a2bdb011d03027821a9f1faa13d7449e6119f55922a947491ccdaefe251ae8184152cf3d9706eb3d26cd5f648ab07d4780fe47816a12bd2b32cf120fd48bead9e7444710ac5aee6084d0539adc0773e788ece76fe640c7bca3ca727db6e2f55e0930813e275495d8e6e63fcdc952f90b4d99f6d7cd1301e88f436d7db674d10eefe2bd023732468ceaf9ce0b0eb281ffd59d78836eb85296b333432c9f381f809fa07f3665eeeb2b8c42ec9cd8291b1c2b7deaaaf3b5e576140443c93ff8e3709153cd4ae64c23bfa21646b654e8924f9315eb4278a8e23f088440ba42a2e86f570b887c3af9b086ede6ee341a28c836766b9a7cd4f48eddcbf737eaf726e57c988f7b6c652357fa9fc9eb6da777f704275c6cdb236f3dad75673da71d5e6ac66ba2b9b40c395ada8875724a34d9b957ff128674b55225db4c8646825c104e163a0034e21882913d2929497b47ef37a98e93b7e1b3e9939b499354ee5b5631bdc063a4f2135da406529d76591aa8f119cf66f264b79554a2599b4ef1c901599c3bca3982212b1af5b4432aec2545c23112eb4e9d7e50e11a1394ca929120ba6a24b3c9d028e6203b8158eef143d374ac49fea05bd0aa941b8f6afd411459c8b68ed3c33d8bb271732669411aeedfa0a31c01fae1f76eafd3afc77ba24f5555a201ebed431eaeea65c2d1f07f7052bcbd9c9ab71938a7fd88b61c9da677cfdd282f9f8e12023f3c3f016ee9ed404a00cedd1976ac472996d7b8d8df73b8d520de4ce0c40a2f08aa2ab26d1e0356f140b6271154f3a49368bf8ef4efd9f46e7b9a0b1d33c73c34c55f7d4ba5d258ac1a46cf3cbd81b0edaf2ac055c11dfef8b9d9673fa58712da6bad3a683e68c5a0f592d6b5bcc79c5ba6c1d4019b9b7302c1326b9ea3896aa3d37a6fb800d9a14748d99a824ca494df564cc4c653fe78101fa9755afbfaf86cb165eb662ea69a040842570c22b011f0a3c306f4d5a4d438327edcca3cc8af65827a02ce38c6940e65154f85ab90518c9a00b794e6f88fc0ed8f86d90332143efa99cd7dd28955d0542a3f7a6f5cfc70449e9805fd8fb890d35c5e1cd01d0723d389caa3b975cf92eb08a61a4a82c8e7b65143443729e523bb9122aa645cf86be938eefe8e335c4a24b3f337223cb31247b2aef22760a63e6197c2af8d8fec551a55a67c290a02bca4f206a59a08bbcb119056b5369df83d29b2d54ba922a408e74ef4abc36994f6fde036d31bc9f75087e11477105bc6306660358f6ac900f6362f36474cd0752d5ac145f11359dc8f7f2001b63b5deaef5e83d9ce656526251c80760e419beeafb9ae3d2c3caee48b07faf940548afdcbc1c9a5fbfe360db5f7f6607c4ef04cc55201e4ce2ef45e0307dc1651bf02c8edaaa0e08907cdbc6b824f43e2810c3e51f1ff7ad4778183f5590d2e971063aa0f3b78dd094b98421cabc6f686f740632c3c1c5afe77a1c79c3f62f4c8e4cdcf97497adc6958d634395bddba855e260885c7d7921c8b5ccaa83f98ff6aa1de89b1ec269fe17b41eb9e770a839f7298b362fcfe3179c8c637e9ded0724323a0d9dfe5d49294b89c47f80a13fe40a376e7f90c06cc4bf8f14b3adf9f26d31f7b3eb5d549c1fade4ad2a17b3a4f337b664c07e68e7289830f5c68b6c4232620413ef1c865de78b8508da1effd6ba689930904352ebf96501552d650dcd5372b4094a88921ede2b44e895039416337a81a2af25e987f61c39a92b377cbf7fb18c1f20ef8bda087589998317e7795162a604a10c745232c2d9cac13b8461597e1fa1c5dfb665a76cf6fee345a45735d3dab68b352928500b95c88e5dfb2bacc2bcb7995ab18e697c727064a1741312c8f78db34ad98ff88f9aa63cf391371a07deee6f5154eb1964f9f9bc5420c16d2f3f7afdddb2ca10f3d77b12f3c0f0f812e2a2986bf5a1a0296d0e90a73a9732bb8f233c5e78befdc178184fe494d573669889aa28b2eb131a8f05d3473ce9eb5077bc56369c881e436925c1954292d769421a4ae9ea83eff196f6476be5c414c3122fde3e3ce0b7980741b9f3145b2a14381d133b70b7a69b9f41d3a24448799a1c0369188bff509abab9f11314eb874926f4b91539328e92ac391c8e2ae1243cc8def4ccf3eafb3e134291851802ed1741450a894a014899154c2c9932e555733cfa9d60c38939625b3fbf52f5485c8e73b772a7cf78e8337c7127fdc3f2e08bc7891cc978fe7158c252a0e272d92f12e576586d58d210755b615e51e7df5f3acbc40d8f590222818d295f4d271a327359e07ea55b936eca780935df6329606c2925765a21a5991a35e6d296d677158f887897c3fc4f547b34cbae0db03d3b65d710e62791e4b3c8d73999ccd72383f94902cb28909aafd252130d323d7c99f0f4784a0acd02207c650594247309f64ec0b01e3b87663c415c86c25b3308555182b7bde398357725a042ffdd94b18a614df760cdb4ab9d4537d4d1a4c808134dadf76311fc51dabf8872c478d05d532840a7eb8b2aeb668036fd61815bd27b7657e1886d75437649fe42b12a569668197c77732f7fa1a47e5ae033436938b2de3112dd6c2fb59511ec97a894ad33b46caaf868a8a371740af2556a986bc44bd5179682ccbf8ba4fa301c9ce2c3315d6edc81a3b3e4f06f1980607ef3946cee1d29e52597ddbb9f0483066720fb1fec1d23b28027e89b120b8aaa8846a9f9401d0d4bb36153f4ceff1161bf4f34da351a4446723b02bb49adc2938dca9e4442b36436d08df2a18e874d7516ce33359f8c938ce43fac6d3b9d7af5bcdecbb5b575620d0e96fa7537a459ac7b6730a67eedeb2cd060ceab5ff63b739a2cb78001f21da42dfd45d2ff066b097a14479f715557e8e15da5ec5371b5cfeeaa3ce52065582ee6286be2737dd1e0f085ec75e6b3937b1cf9151bdf159bd1e4f572d020742ce5900f1ed03c6f384c03582ef071e9d2ea2816aebe58415af925c375d1707d4bafc56c839ebf874d83da829b48db9d2a221fdcddf814ba465ca5dfc818a48a6979f2673d2e52ba593fc3744bf0fb61c4ac8ce500c5ff0b75baf42b23eb9ba3a6308bf91669f3e45e3b9cfb2fd90c359365b90c43746a2a507fb3a72e940500de41c5db4d353cd6d721d0b4d4c0b7aca3e2ec3c11517bf680835479f793a1b8a219e705e5358761745d9c9345e1353dee09c10ae64ee06c6007aa2b946c0c460ec15472457274273fc54071503b894b04e8ccbe87f5a55129784bb790d19075dda1f3ae6fd658b88759f451a42333e125766a6d8e9823d004944c238e31d7796b415eb53e8c418f689baf89a6fd417e6b8da354babc15644409f0cb60423e1fe1460c2478796dd0b42f61f620d909c125272ae047fa2ee684bf15265506bf237eb28f95105442030cf7770c76303220f1ec997208e19cbdaa9c832cacfecf2c84a208bcaa95d7dba31e5fa16ed85846ac1ed92f7a8a64e639c8d3f8cf7bbe13cc26326897e86e9a46fd5276e87bf2e1927205aacbac5ebd3746257521c2ede191c97ac9e7a0660efcf7b45f99e3b0c57b2231dfa10741121c0c94368c95fe4289a17b150fb54e01de2f46def5d986508c710c572d9f2046bacd8fdeb5a2feed81e566cf60167cf2c630367efd305e33f2b1d1a00b9b63d3be3428c01759a895fe341d64d2c64c8d7c7ffb7cc9fd2fc2a64ba21d508e828d02f2b86709b8ff6f12997af927a9b2807dce2e386ae1979608c293b200dbfb23a092c9aeeb413e51f00b4f96d2bb77f0d77534f1ac4bba42ae9bab94b0ef79ddd4e1fcf9dca6b45f0691fbb8423550c4f9ade4a22d2ee8a216bcc8a76b02e732d4d8e1c572df5593f6617b6cbe2a11b27a144b6f31ab08d835ebf31060bca2b4f6fcdd2a9f9d066c5b84d932d92e66a7fcfaba61661d24a28e1ebe7b8fd6bbdbb9f122d83b25975705f72b483994eb9f4db8f7b41f88cb81b842adce9979df9e8181c675730ada54a2424c598c6a65f7689b8264af7d5fa2d06e118820ec1cfd762aba3e029ee9004dd9c7c6e5930ce8214ad77ea14c9796afbf4ef3a3c332ac8516ab9fe8d6332e93fabde79fd4b5c252436418a283040447ef5802eedcfadbf8b985cf19fb5765380c60f3886984727da4f47dd21f3263d85a68de2f068b7c9513a8b33383b52583fd40ea21027ed269846b93e72e252fecb9e6a66467a9a4deea7954e46b4ec9e812d13120d8d39b5246cf12ae7c907abb1141b356ed10a6618f3a9075f0de878ac5710374b2bfbfbc7df9436ad1be0858f4f6e22465dc1134702767503549b95486cb691157b26efa099281b0837c3375ef1695d2ae7b255811a1c72fcdac97b7fabb45b70814169bd408bef175fc6cd6b7fd17f5eb27ad4d8e10a4278d5ee17c4b28093886eb09f52a7a5411c36454327fb968ce26a518e4c58154049f9f21382ad44ea8f1c500dbdbf5a1696f36cfaf9051eb76c01b709fe22229cba17085e9beaeb8195bcfc11c3f2872ff782f5a2719ac7c8efc4d42b6a6650bd77ab52097e5bf3ba46b83f7fc909072b053466b61361aa178b38f71c521fb754ce68d47b957a31e5016e81762fd22d4368bf1478c7bd4e20d1bfc843e2be5ba63dcde90760aa8247ecedde81b9680e6dc30337d13366a31f2ee809491a967d5fa1f20c49a44ad4917753ad5cf2922548638d760661d3e366bf89a8737ebdf156116176294e14bd4cff450e5399380e3623895e273ab1b1bf259bd0b03690ea84bf7d247f1afeac6466c8314a7f7ef86c15c3fed002ac6b7efe462a50b1802b579a92a6a5b5dc7e30da9b5f2c1dc79a0ecd0215763e5e96db878805682a25168ac43c3e901fbf9ee45ecb7841c1246c1971b4440f40b36df94265945fbd66d3b11d8786d33eed0820f8bd46e9d8e1506587f0164efd6d9630ed718191ea8208958f371da562f2daa763e75d1b5394a9e0850eac527016a81eb5af2d0d0f8bc4ccf9df12943fd7f6d5b918e7a292299b7c9a640a6eaeee8d72b0a4b630bc459b46a9165c76a54108b3461b0fa290d4d4ef41f4f0d7e70fb01a0c11a09c0387e16bfc4f2cf83475e5f0f4f93ecce070e7d920180d283e6a492b1d09ac274643406d430b010a7f4ae8fceb21979790cac797a09f02b3cf8921f3c227dc794cf6f4fbc1b059473db93d81fa2536caead99c348f5dc904971f39a9178cf1e1473a3a96e8967d9421f2b9065cc9f1c3a9b5142dea8b09a910f03efc96d89f5023cc66e5ee60cb08c2c146f568f304e60662a8f0e763caaeced479ea8b4a4c9342ee229a5e790498fc4258254d3d7f3f5044999e88fb3117ab81aa46a91bf05b3e753063f78d6c483d5c973edab2c0f1ff96babb4fee81832f06a0e5998e445109e3e71328ec6d89caa1a8d42bef237f3ac370a17b0fcc70d74f5993ec3d3862c14729a357156f865218f5b2898d88cf6f30cb4a2a11c8f4b58395b6b0bc3c208b3b1625a709206ed2c0b13519fc8b659055b004717adc3570236a17e5f56ab12d0e29698aace9a7fda31a99467083ce0b723f578937b6bb1a201ffd0aa298b588dc30ad9606871718546b38ee26e08a1955705d2046beb745d3b1dfa22d7928539339d3aa0e0a23a8bc55a5c5c8221fcf1b387ca9ed31ceb42d3f453b9244b56732ba43828d08808a4d045486ea776a5adcfcef9c73f042f6921de0ae52a6a96467cf5ddac78c50d64a650812215db17faa8ea2173c9cadfbaa56daa36f117e57d348d843d6c1bf71372799a3e0781c325a486e043e3b6bf761d19545ac810d02425800d998b52f62b2f6bd7b49598bf76b27aeb10468e09cfa37aa61b69a975b33fdc4293da607cbab584fcf975fcf4a27b8b089b278ce5c5f3261d9cf2c47ab2c9c5a1acef1817679d6b033f597fb8502fd6b5d7a83d0b6aebe26aae60c8756eddd3ca7b52fea30ff1113f6486f782570b550c6a32ec581618089419a4e27cd5ac3b46822513e022ed09c0039c409f31a2ad973adc2d9acc9af18cda1416f15c317f92c03346e87f2ae3a6a725d2e8f03664aa14b929f9fc4f61ce177cbbea49573e4861a081135af997aa9a0154f5e7894b9e9e4709c411546fce1b272807ee6907d03e3455e6e42a0becea75617e000c32f3b0d848f94ea22b2e3ef73ba0b54f4a7e808d637ad4f871ed2c4ebd1529be1e1fb0bb060b00df8a0d86ba4970128ce1f3b1e4ca63c3439125c22a89a2e16ef4db3abc1d50e6c91f2dd13e868b2323ae09df73b427004335e51fd4f660a1bcd1769e73fc8d0d00cc2ee6b585943aea55580cd01d5e9ab6047b433b67cb72237084d70aae46dc6b6c1d03369fab43c965c59e612008533979985cc00de7c7e5f352e4557c1616d45b6926bebf1171d84b4865c54c07dc762f688506f4de1551ba131e3be4e8fa6f0b8dc0227e50abfb1fc502863aaf40bfde543c102e51414f2932b44d24de5e68f3ca722c868e2984c3fc7f308185997ba0bc503d1419bb6623a6b34b1fa8bae87dc51125dbd4a9b4345bd448e0fdc993fa89c5b5ace960744911bd84bcdcacb303571786e503921f9bca8885c87aa16150bc1351d244290cae65bd8cb4850920fdc816da0006e77ee3223746b320d350535d355301bc3faa03f1ed86232a3429a790ad20b52a9631ca6b01f16a17ac78d870c47f750c46b5c565ae8ad9ed02156c2fe4fcb12afb5e66145f4777590c61585582f02b4216cec200ed1b56e60b8947169b114ab0a18d879041fc6ce3a381d79ac296670f31588e12f0a2d0b6e3bee0ddc95d7c63bbe91c25760cdee4ea0bae6014c7b4c56c00f77a07eede40c74943f7f91e8d03fd8c85bb57c82d57bb5838f756b2cbb830d72bfec8acdb5e209af88ad0773e704b3b08f3d9fa338ec39e8f24eae40edc1b0e5e49150e42dd3d3b62020681afe6309eccbab23ea807c6345d9d686c8ccc8cddae2a019259d9cf112f6bd34b69b0bd20ececaa0373a8af151dd84d785810031a62a40a803ff1d2fe8e925470f3b70b7a18948f51010822a616d3ef6a45ded8a4518b26180c6af736866f3b1def978938a9875a68eead30a33b2e4a6eafa289e02990c06ca86e122b9f3994198b4e65c4c8a174a1425739416e66eb9181fc7d830426043e8979e47fa0be50483aa1f996b08ae30e017b7cf82a34193118fe872c6de3301453bb504628a196a462f88ec1c695eb27f7318a30e190c806f", 0x2000, &(0x7f0000000f40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)={0xb0, 0x0, 0x4, [{{0x1, 0x3, 0x37b08198, 0xff, 0x41, 0x4, {0x6, 0x3, 0x7, 0x1, 0x8, 0x1, 0x2b6, 0x4, 0xffffff01, 0x8000, 0x4, r8, r9, 0x80, 0x2}}, {0x5, 0x3, 0x3, 0xff, '.^.'}}]}, 0x0, 0x0, 0x0})
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f00000026c0)={{{@in6=@ipv4={""/10, ""/2, @initdev}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in6=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000280)=0x145)
getresgid(&(0x7f0000000440), &(0x7f00000004c0)=<r11=>0x0, &(0x7f0000000500))
r12 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
read$FUSE(r12, &(0x7f00000034c0)={0x2020, 0x0, 0x0, <r13=>0x0, <r14=>0x0}, 0xcac)
fchown(0xffffffffffffffff, r13, r14)
fsetxattr$system_posix_acl(0xffffffffffffffff, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f0000000080)={{}, {0x1, 0x4}, [], {0x4, 0x4}, [{0x8, 0x0, r14}], {0x10, 0x1}, {0x20, 0x5}}, 0x2c, 0x2)
stat(&(0x7f00000027c0)='./file0\x00', &(0x7f0000002800)={0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000002880)={0x0, 0x0, <r16=>0x0}, &(0x7f00000028c0)=0xc)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000002900)={{0x1, 0x1, 0x18, r1, {0xee00, <r17=>0xee00}}, './file0\x00'})
fsetxattr$system_posix_acl(r1, &(0x7f0000000140)='system.posix_acl_access\x00', &(0x7f0000002940)={{}, {0x1, 0x2}, [{}, {0x2, 0x3}, {0x2, 0x7, r3}, {0x2, 0x0, 0xee01}, {0x2, 0x1, r4}, {0x2, 0x1, 0xffffffffffffffff}, {0x2, 0x5, r5}, {0x2, 0x1, r8}, {0x2, 0x3, r10}], {0x4, 0x3}, [{0x8, 0x6, r11}, {0x8, 0x3, 0xffffffffffffffff}, {0x8, 0x4, r14}, {0x8, 0x6, r15}, {0x8, 0x4, 0xee00}, {0x8, 0xd}, {0x8, 0x6, r16}, {0x8, 0x8, r17}], {0x10, 0x4}, {0x20, 0x4}}, 0xac, 0x3)
r18 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r19 = ioctl$KVM_CREATE_VCPU(r18, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r19, 0x4140aecd, &(0x7f00000000c0))
r20 = socket$nl_route(0x10, 0x3, 0x0)
io_uring_register$IORING_REGISTER_FILES_UPDATE(0xffffffffffffffff, 0x6, &(0x7f0000000100)={0x5, 0x0, &(0x7f0000000080)=[r18, r20]}, 0x2)
sendmsg$nl_route(r20, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_STATS_PER_PORT={0x5, 0x2d, 0x3}]}}}]}, 0x3c}}, 0x0)

1.017925991s ago: executing program 2 (id=2935):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x0, 0x12, r0, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000040)=0x45ce, 0x4)
sendto$inet(r1, &(0x7f0000000100)="1ce0", 0x2, 0x0, 0x0, 0x0)

602.98938ms ago: executing program 2 (id=2937):
syz_emit_ethernet(0x52, &(0x7f0000000000)={@local, @local, @val={@val={0x88a8, 0x5, 0x1}, {0x8100, 0x6, 0x0, 0x1}}, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @loopback, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x10}}}}}}}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000400)={0xf0f020})
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000005dc0)={0x0, 0x0, &(0x7f0000005d80)={&(0x7f0000000000)={0x28, 0x3, 0x6, 0x101, 0x0, 0x0, {0xa, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x40001}, 0x44814)
r2 = gettid()
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
openat$dsp(0xffffffffffffff9c, 0x0, 0x42, 0x0)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
ioctl$SNDRV_PCM_IOCTL_REWIND(0xffffffffffffffff, 0xc0844123, &(0x7f0000000180)=0x4)
sendfile(0xffffffffffffffff, r3, &(0x7f00000000c0)=0x58, 0x5)
creat(&(0x7f0000000180)='./file0\x00', 0x129)
r4 = openat$smackfs_load(0xffffffffffffff9c, &(0x7f00000001c0)='/sys/fs/smackfs/load2\x00', 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
fstat(r5, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
setreuid(0x0, r6)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x40044)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0x7, 0x0, 0x0)
write$smackfs_load(r4, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x0, &(0x7f0000000300)=ANY=[], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r7, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0xb06000], 0x0, 0x0, 0x1, 0x1}}, 0x40)
open$dir(&(0x7f0000000240)='./file0\x00', 0x20e02, 0x0)
r8 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r8, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000007fc0)=[@in={0x2, 0x0, @rand_addr=0x64010102}]}, &(0x7f0000000100)=0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)

602.617249ms ago: executing program 5 (id=2938):
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)
openat$ttyS3(0xffffffffffffff9c, 0x0, 0x4002, 0x0)
syz_open_dev$cec(0x0, 0x0, 0x82)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000040)={'erspan0\x00', 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
r1 = syz_open_dev$ndb(&(0x7f0000000140), 0x0, 0xc0c82)
fadvise64(r1, 0xc, 0x43, 0x3)
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x3}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, 0x0)
socket$kcm(0x2, 0xa, 0x2)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r5 = creat(&(0x7f0000000440)='./file0/file0\x00', 0x188)
lsetxattr$security_capability(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000100), &(0x7f0000000600)=@v3={0x3000000, [{0x4, 0x3}, {0xffff, 0xc4}]}, 0x18, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r5, 0x4018aebd, &(0x7f0000000180)={0x4, r5, 0x1})
chdir(&(0x7f0000000140)='./bus\x00')
lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)

0s ago: executing program 3 (id=2939):
socket$nl_route(0x10, 0x3, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000240)=0x3)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r1)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/stat\x00', 0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0)={0x6, 0xfffffffffffffffd, 0x6, 0x40, 0x2, 0xd}, 0x0, &(0x7f0000000680)={0x7ff, 0x7, 0x7fff, 0x7, 0xffffffffffffff22, 0x2, 0x5, 0x8}, 0x0, 0x0)
r2 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r2, &(0x7f0000000040)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newqdisc={0x2c, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r3, {0x4}, {0xffff, 0xffff}, {0x0, 0x1}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x408dc}, 0x4000080)

kernel console output (not intermixed with test programs):

rcing a failure.
[ 1033.080067][T14394] name failslab, interval 1, probability 0, space 0, times 0
[ 1033.340043][T14394] CPU: 1 UID: 0 PID: 14394 Comm: syz.5.2359 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1033.340073][T14394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1033.340085][T14394] Call Trace:
[ 1033.340094][T14394]  <TASK>
[ 1033.340103][T14394]  dump_stack_lvl+0x189/0x250
[ 1033.340139][T14394]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1033.340166][T14394]  ? __pfx__printk+0x10/0x10
[ 1033.340198][T14394]  ? __pfx___might_resched+0x10/0x10
[ 1033.340226][T14394]  ? fs_reclaim_acquire+0x7d/0x100
[ 1033.340253][T14394]  should_fail_ex+0x414/0x560
[ 1033.340279][T14394]  should_failslab+0xa8/0x100
[ 1033.340301][T14394]  __kmalloc_noprof+0xcb/0x4f0
[ 1033.340328][T14394]  ? tomoyo_encode+0x28b/0x550
[ 1033.340359][T14394]  tomoyo_encode+0x28b/0x550
[ 1033.340392][T14394]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1033.340430][T14394]  ? tomoyo_mount_permission+0x27a/0x970
[ 1033.340455][T14394]  tomoyo_mount_permission+0x377/0x970
[ 1033.340483][T14394]  ? stack_depot_save_flags+0x40/0x910
[ 1033.340502][T14394]  ? tomoyo_mount_permission+0x27a/0x970
[ 1033.340527][T14394]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[ 1033.340620][T14394]  security_sb_mount+0xec/0x350
[ 1033.340652][T14394]  path_mount+0xbc/0xfe0
[ 1033.340684][T14394]  ? user_path_at+0x44/0x60
[ 1033.340704][T14394]  ? kmem_cache_free+0x192/0x3f0
[ 1033.340743][T14394]  __se_sys_mount+0x317/0x410
[ 1033.340770][T14394]  ? __pfx___se_sys_mount+0x10/0x10
[ 1033.340794][T14394]  ? do_syscall_64+0xba/0x210
[ 1033.340817][T14394]  ? __x64_sys_mount+0x20/0xc0
[ 1033.340840][T14394]  do_syscall_64+0xf6/0x210
[ 1033.340865][T14394]  ? clear_bhb_loop+0x60/0xb0
[ 1033.340890][T14394]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1033.340908][T14394] RIP: 0033:0x7f999cd8e969
[ 1033.340926][T14394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1033.340943][T14394] RSP: 002b:00007f999db44038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1033.340965][T14394] RAX: ffffffffffffffda RBX: 00007f999cfb6080 RCX: 00007f999cd8e969
[ 1033.340980][T14394] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000000
[ 1033.340999][T14394] RBP: 00007f999db44090 R08: 0000000000000000 R09: 0000000000000000
[ 1033.341012][T14394] R10: 00000000029444b2 R11: 0000000000000246 R12: 0000000000000001
[ 1033.341024][T14394] R13: 0000000000000001 R14: 00007f999cfb6080 R15: 00007ffed795dd48
[ 1033.341057][T14394]  </TASK>
[ 1033.341148][T14394] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1033.713675][ T5882] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[ 1036.532700][    T9] usb 2-1: new high-speed USB device number 76 using dummy_hcd
[ 1036.664602][T14433] FAULT_INJECTION: forcing a failure.
[ 1036.664602][T14433] name failslab, interval 1, probability 0, space 0, times 0
[ 1036.677667][T14433] CPU: 1 UID: 0 PID: 14433 Comm: syz.2.2369 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1036.677693][T14433] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1036.677705][T14433] Call Trace:
[ 1036.677714][T14433]  <TASK>
[ 1036.677723][T14433]  dump_stack_lvl+0x189/0x250
[ 1036.677759][T14433]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1036.677785][T14433]  ? __pfx__printk+0x10/0x10
[ 1036.677818][T14433]  ? lock_acquire+0x175/0x360
[ 1036.677844][T14433]  ? __pfx___might_resched+0x10/0x10
[ 1036.677877][T14433]  should_fail_ex+0x414/0x560
[ 1036.677904][T14433]  should_failslab+0xa8/0x100
[ 1036.677925][T14433]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1036.677955][T14433]  ? __alloc_skb+0x112/0x2d0
[ 1036.677976][T14433]  ? do_recvmmsg+0x307/0x760
[ 1036.678006][T14433]  __alloc_skb+0x112/0x2d0
[ 1036.678035][T14433]  netlink_dump+0x245/0xe70
[ 1036.678071][T14433]  ? __pfx_netlink_dump+0x10/0x10
[ 1036.678107][T14433]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1036.678147][T14433]  ? kmem_cache_free+0x192/0x3f0
[ 1036.678182][T14433]  netlink_recvmsg+0x67b/0xe00
[ 1036.678216][T14433]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 1036.678246][T14433]  ? irqentry_exit+0x74/0x90
[ 1036.678282][T14433]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 1036.678305][T14433]  sock_recvmsg_nosec+0x186/0x1c0
[ 1036.678331][T14433]  ____sys_recvmsg+0x3aa/0x460
[ 1036.678368][T14433]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1036.678413][T14433]  ? import_iovec+0x74/0xa0
[ 1036.678445][T14433]  ___sys_recvmsg+0x1b5/0x510
[ 1036.678478][T14433]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1036.678542][T14433]  ? __might_fault+0xb0/0x130
[ 1036.678576][T14433]  do_recvmmsg+0x307/0x760
[ 1036.678614][T14433]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1036.678685][T14433]  __x64_sys_recvmmsg+0x190/0x240
[ 1036.678711][T14433]  ? rcu_is_watching+0x15/0xb0
[ 1036.678740][T14433]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1036.678772][T14433]  ? do_syscall_64+0xba/0x210
[ 1036.678802][T14433]  do_syscall_64+0xf6/0x210
[ 1036.678826][T14433]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1036.678845][T14433]  ? clear_bhb_loop+0x60/0xb0
[ 1036.678888][T14433]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1036.678907][T14433] RIP: 0033:0x7fa92d58e969
[ 1036.678926][T14433] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1036.678943][T14433] RSP: 002b:00007fa92e425038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1036.678963][T14433] RAX: ffffffffffffffda RBX: 00007fa92d7b6160 RCX: 00007fa92d58e969
[ 1036.678977][T14433] RDX: 0000000000000002 RSI: 0000200000000780 RDI: 0000000000000005
[ 1036.678990][T14433] RBP: 00007fa92e425090 R08: 0000000000000000 R09: 0000000000000000
[ 1036.679002][T14433] R10: 0000000040012100 R11: 0000000000000246 R12: 0000000000000001
[ 1036.679014][T14433] R13: 0000000000000000 R14: 00007fa92d7b6160 R15: 00007ffd21c95c98
[ 1036.679048][T14433]  </TASK>
[ 1037.022319][    T9] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1037.056674][    T9] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1037.088494][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1037.112034][    T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1037.189075][    T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1037.215992][T14435] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1037.330918][    T9] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1037.380976][    T9] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1037.449711][    T9] usb 2-1: Product: syz
[ 1037.451199][T14441] netlink: 'syz.5.2373': attribute type 1 has an invalid length.
[ 1037.453916][    T9] usb 2-1: Manufacturer: syz
[ 1037.486203][T14441] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1037.500713][    T9] cdc_wdm 2-1:1.0: skipping garbage
[ 1037.506525][    T9] cdc_wdm 2-1:1.0: skipping garbage
[ 1037.535134][    T9] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[ 1037.541566][    T9] cdc_wdm 2-1:1.0: Unknown control protocol
[ 1037.548034][T14441] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1037.586588][    T9] usb 2-1: USB disconnect, device number 76
[ 1039.903351][T14467] netlink: 'syz.1.2378': attribute type 2 has an invalid length.
[ 1040.143508][ T5882] usb 4-1: new high-speed USB device number 70 using dummy_hcd
[ 1040.919784][ T5882] usb 4-1: Using ep0 maxpacket: 32
[ 1040.930037][ T5882] usb 4-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[ 1040.939717][ T5882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1040.981903][ T5882] usb 4-1: config 0 descriptor??
[ 1040.998738][ T5882] as10x_usb: device has been detected
[ 1041.018710][ T5882] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[ 1041.149808][T14473] ieee802154 phy1 wpan1: encryption failed: -22
[ 1041.573969][ T5882] usb 4-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[ 1042.427437][ T5882] as10x_usb: error during firmware upload part1
[ 1042.468371][ T5882] Registered device nBox DVB-T Dongle
[ 1042.475846][ T5882] usb 4-1: USB disconnect, device number 70
[ 1042.500362][T14461] kexec: Could not allocate control_code_buffer
[ 1042.738018][ T5882] Unregistered device nBox DVB-T Dongle
[ 1043.883374][ T5882] as10x_usb: device has been disconnected
[ 1044.521025][T14495] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2387'.
[ 1044.951649][T14488] netlink: 65039 bytes leftover after parsing attributes in process `syz.4.2386'.
[ 1045.260913][T14504] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2389'.
[ 1045.348897][T14506] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1046.351441][ T5882] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[ 1046.457898][T14496] trusted_key: encrypted_key: insufficient parameters specified
[ 1046.569936][ T5882] usb 5-1: Using ep0 maxpacket: 32
[ 1046.635913][ T5882] usb 5-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice= e.22
[ 1046.689809][ T5882] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1046.713795][ T5882] usb 5-1: Product: syz
[ 1046.718028][ T5882] usb 5-1: Manufacturer: syz
[ 1046.770101][ T5882] usb 5-1: SerialNumber: syz
[ 1046.798447][ T5882] usb 5-1: config 0 descriptor??
[ 1046.866880][ T5882] usb 5-1: selecting invalid altsetting 3
[ 1046.899869][ T5882] comedi comedi0: could not set alternate setting 3 in high speed
[ 1046.958383][ T5882] usbdux 5-1:0.0: driver 'usbdux' failed to auto-configure device.
[ 1046.986946][ T5882] usbdux 5-1:0.0: probe with driver usbdux failed with error -22
[ 1047.312368][    T9] usb 4-1: new high-speed USB device number 71 using dummy_hcd
[ 1048.273967][    T9] usb 4-1: Using ep0 maxpacket: 16
[ 1048.339369][    T9] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1048.436348][    T9] usb 4-1: config 1 interface 1 has no altsetting 1
[ 1048.505546][ T5882] usb 5-1: USB disconnect, device number 75
[ 1048.641090][    T9] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1048.659420][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1048.741208][    T9] usb 4-1: Product: syz
[ 1048.745443][    T9] usb 4-1: Manufacturer: syz
[ 1048.768790][    T9] usb 4-1: SerialNumber: syz
[ 1048.894369][T14530] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1049.104298][    T9] cdc_ncm 4-1:1.0: CDC Union missing and no IAD found
[ 1049.109398][    T9] cdc_ncm 4-1:1.0: bind() failure
[ 1049.372476][    T9] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[ 1049.408147][    T9] cdc_ncm 4-1:1.1: bind() failure
[ 1049.681312][    T9] usb 4-1: USB disconnect, device number 71
[ 1049.734747][T14529] tty tty24: ldisc open failed (-12), clearing slot 23
[ 1050.212708][T14536] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2400'.
[ 1050.382489][T14541] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2401'.
[ 1050.481820][T14546] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1050.517322][T14546] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1051.575908][T14555] netlink: 'syz.2.2404': attribute type 1 has an invalid length.
[ 1051.745937][T14559] FAT-fs (nullb0): bogus number of reserved sectors
[ 1051.752892][T14559] FAT-fs (nullb0): Can't find a valid FAT filesystem
[ 1051.851492][ T5817] libceph: connect (1)[c::]:6789 error -101
[ 1051.914793][T14555] netlink: 224 bytes leftover after parsing attributes in process `syz.2.2404'.
[ 1052.225796][T14552] ceph: No mds server is up or the cluster is laggy
[ 1052.236170][ T5817] libceph: mon0 (1)[c::]:6789 connect error
[ 1054.175360][T14576] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2410'.
[ 1054.218190][T14571] FAULT_INJECTION: forcing a failure.
[ 1054.218190][T14571] name failslab, interval 1, probability 0, space 0, times 0
[ 1055.048271][T14571] CPU: 0 UID: 0 PID: 14571 Comm: syz.2.2409 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1055.048301][T14571] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1055.048312][T14571] Call Trace:
[ 1055.048320][T14571]  <TASK>
[ 1055.048330][T14571]  dump_stack_lvl+0x189/0x250
[ 1055.048365][T14571]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1055.048391][T14571]  ? __pfx__printk+0x10/0x10
[ 1055.048426][T14571]  ? __pfx___might_resched+0x10/0x10
[ 1055.048453][T14571]  ? fs_reclaim_acquire+0x7d/0x100
[ 1055.048479][T14571]  should_fail_ex+0x414/0x560
[ 1055.048503][T14571]  should_failslab+0xa8/0x100
[ 1055.048524][T14571]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1055.048548][T14571]  ? kobject_uevent_env+0x27c/0x8c0
[ 1055.048574][T14571]  ? devres_release_all+0x1ca/0x230
[ 1055.048603][T14571]  ? __pfx_dev_uevent_name+0x10/0x10
[ 1055.048619][T14571]  kobject_uevent_env+0x27c/0x8c0
[ 1055.048656][T14571]  device_del+0x73a/0x8e0
[ 1055.048686][T14571]  ? __pfx_device_del+0x10/0x10
[ 1055.048708][T14571]  ? __pfx_mntput_no_expire+0x10/0x10
[ 1055.048731][T14571]  ? do_raw_spin_unlock+0x122/0x240
[ 1055.048759][T14571]  device_unregister+0x20/0xc0
[ 1055.048781][T14571]  bdi_unregister+0x42a/0x510
[ 1055.048809][T14571]  ? __pfx_bdi_unregister+0x10/0x10
[ 1055.048840][T14571]  ? up_write+0x1c4/0x420
[ 1055.048866][T14571]  generic_shutdown_super+0x22d/0x2c0
[ 1055.048892][T14571]  kill_anon_super+0x3b/0x70
[ 1055.048916][T14571]  afs_kill_super+0x99/0xe0
[ 1055.048940][T14571]  deactivate_locked_super+0xbc/0x130
[ 1055.048965][T14571]  cleanup_mnt+0x425/0x4c0
[ 1055.048988][T14571]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1055.049014][T14571]  task_work_run+0x1d4/0x260
[ 1055.049049][T14571]  ? __pfx_task_work_run+0x10/0x10
[ 1055.049086][T14571]  resume_user_mode_work+0x5e/0x80
[ 1055.049112][T14571]  syscall_exit_to_user_mode+0x9a/0x120
[ 1055.049137][T14571]  do_syscall_64+0x103/0x210
[ 1055.049163][T14571]  ? clear_bhb_loop+0x60/0xb0
[ 1055.049186][T14571]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1055.049205][T14571] RIP: 0033:0x7fa92d58e969
[ 1055.049223][T14571] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1055.049239][T14571] RSP: 002b:00007fa92e467038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1055.049260][T14571] RAX: 0000000000000000 RBX: 00007fa92d7b5fa0 RCX: 00007fa92d58e969
[ 1055.049274][T14571] RDX: 0000000000000000 RSI: 000000000000000b RDI: 0000200000000040
[ 1055.049285][T14571] RBP: 00007fa92e467090 R08: 0000000000000000 R09: 0000000000000000
[ 1055.049297][T14571] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1055.049309][T14571] R13: 0000000000000000 R14: 00007fa92d7b5fa0 R15: 00007ffd21c95c98
[ 1055.049340][T14571]  </TASK>
[ 1055.679443][T14586] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1055.686991][T14586] overlayfs: failed to set xattr on upper
[ 1055.692931][T14586] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1055.699946][T14586] overlayfs: ...falling back to metacopy=off.
[ 1055.706062][T14586] overlayfs: ...falling back to index=off.
[ 1055.712120][T14586] overlayfs: ...falling back to uuid=null.
[ 1056.104132][T14590] Invalid ELF header type: 0 != 1
[ 1056.104132][T14584] Invalid ELF header type: 0 != 1
[ 1056.156105][T14589] loop9: detected capacity change from 0 to 7
[ 1056.162950][T14589] Dev loop9: unable to read RDB block 7
[ 1056.168555][T14589]  loop9: unable to read partition table
[ 1056.174424][T14589] loop9: partition table beyond EOD, truncated
[ 1056.180620][T14589] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1058.020100][T14599] loop9: detected capacity change from 0 to 7
[ 1058.052366][T14599] Dev loop9: unable to read RDB block 7
[ 1058.943384][T14599]  loop9: unable to read partition table
[ 1058.949192][T14599] loop9: partition table beyond EOD, truncated
[ 1058.986771][T14599] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1059.054540][T14609] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2420'.
[ 1060.253609][T14625] netlink: 'syz.3.2424': attribute type 1 has an invalid length.
[ 1060.519716][ T5882] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[ 1060.719953][ T5882] usb 4-1: Using ep0 maxpacket: 16
[ 1060.817708][ T5882] usb 4-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[ 1060.946695][T11432] usb 3-1: new high-speed USB device number 83 using dummy_hcd
[ 1060.949733][ T5882] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1060.963594][ T5882] usb 4-1: Product: syz
[ 1060.967806][ T5882] usb 4-1: Manufacturer: syz
[ 1060.974060][ T5882] usb 4-1: SerialNumber: syz
[ 1060.983132][ T5882] usb 4-1: config 0 descriptor??
[ 1061.179796][T11432] usb 3-1: Using ep0 maxpacket: 8
[ 1061.207058][T11432] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1061.229100][T11432] usb 3-1: New USB device found, idVendor=0bda, idProduct=0139, bcdDevice=db.d0
[ 1061.248047][T11432] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1061.271045][T11432] usb 3-1: config 0 descriptor??
[ 1061.408656][T11432] rtsx_usb 3-1:0.0: probe with driver rtsx_usb failed with error -8
[ 1061.412046][ T5882] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[ 1061.450924][ T5882] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1061.605380][T14620] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2422'.
[ 1061.619423][T14625] dtv5100: wlen = 0, aborting.
[ 1061.637809][ T5882] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[ 1061.646548][ T5824] usb 3-1: USB disconnect, device number 83
[ 1062.504677][T14639] loop9: detected capacity change from 0 to 7
[ 1062.516873][ T5882] usb 4-1: media controller created
[ 1062.534978][T14639] Dev loop9: unable to read RDB block 7
[ 1062.541660][T14639]  loop9: unable to read partition table
[ 1062.547451][T14639] loop9: partition table beyond EOD, truncated
[ 1062.553668][T14639] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1062.612032][ T5882] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1062.958231][ T5882] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[ 1063.134606][ T5882] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[ 1064.012412][T14652] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1064.092793][T14654] FAULT_INJECTION: forcing a failure.
[ 1064.092793][T14654] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1065.653704][T11234] usb 4-1: USB disconnect, device number 72
[ 1065.655680][T14654] CPU: 0 UID: 0 PID: 14654 Comm: syz.2.2432 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1065.655705][T14654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1065.655715][T14654] Call Trace:
[ 1065.655723][T14654]  <TASK>
[ 1065.655730][T14654]  dump_stack_lvl+0x189/0x250
[ 1065.655761][T14654]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1065.655784][T14654]  ? __pfx__printk+0x10/0x10
[ 1065.655823][T14654]  should_fail_ex+0x414/0x560
[ 1065.655848][T14654]  _copy_to_user+0x31/0xb0
[ 1065.655874][T14654]  evdev_handle_get_val+0x501/0x9f0
[ 1065.655898][T14654]  ? kasan_quarantine_put+0xdd/0x220
[ 1065.655931][T14654]  evdev_ioctl_handler+0x1202/0x1f10
[ 1065.655954][T14654]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[ 1065.655972][T14654]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1065.656001][T14654]  ? __pfx_evdev_ioctl_handler+0x10/0x10
[ 1065.656015][T14654]  ? smack_log+0xef/0x3f0
[ 1065.656041][T14654]  ? __pfx_smack_log+0x10/0x10
[ 1065.656064][T14654]  ? smk_access+0x14c/0x4e0
[ 1065.656094][T14654]  ? smk_tskacc+0x2fc/0x370
[ 1065.656123][T14654]  ? smack_file_ioctl+0x2a9/0x340
[ 1065.656157][T14654]  ? __fget_files+0x3a0/0x420
[ 1065.656172][T14654]  ? __fget_files+0x2a/0x420
[ 1065.656191][T14654]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1065.656212][T14654]  ? __pfx_evdev_ioctl+0x10/0x10
[ 1065.656237][T14654]  __se_sys_ioctl+0xf9/0x170
[ 1065.656262][T14654]  do_syscall_64+0xf6/0x210
[ 1065.656285][T14654]  ? clear_bhb_loop+0x60/0xb0
[ 1065.656306][T14654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1065.656322][T14654] RIP: 0033:0x7fa92d58e969
[ 1065.656338][T14654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1065.656353][T14654] RSP: 002b:00007fa92e467038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1065.656380][T14654] RAX: ffffffffffffffda RBX: 00007fa92d7b5fa0 RCX: 00007fa92d58e969
[ 1065.656392][T14654] RDX: 0000200000002880 RSI: 000000008040451a RDI: 0000000000000003
[ 1065.656403][T14654] RBP: 00007fa92e467090 R08: 0000000000000000 R09: 0000000000000000
[ 1065.656414][T14654] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1065.656424][T14654] R13: 0000000000000000 R14: 00007fa92d7b5fa0 R15: 00007ffd21c95c98
[ 1065.656452][T14654]  </TASK>
[ 1066.163001][T14667] FAULT_INJECTION: forcing a failure.
[ 1066.163001][T14667] name failslab, interval 1, probability 0, space 0, times 0
[ 1066.181025][T14667] CPU: 0 UID: 0 PID: 14667 Comm: syz.2.2436 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1066.181055][T14667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1066.181067][T14667] Call Trace:
[ 1066.181075][T14667]  <TASK>
[ 1066.181084][T14667]  dump_stack_lvl+0x189/0x250
[ 1066.181121][T14667]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1066.181147][T14667]  ? __pfx__printk+0x10/0x10
[ 1066.181183][T14667]  ? __pfx___might_resched+0x10/0x10
[ 1066.181208][T14667]  ? fs_reclaim_acquire+0x7d/0x100
[ 1066.181235][T14667]  should_fail_ex+0x414/0x560
[ 1066.181262][T14667]  should_failslab+0xa8/0x100
[ 1066.181282][T14667]  __kmalloc_noprof+0xcb/0x4f0
[ 1066.181309][T14667]  ? security_sk_alloc+0x52/0x390
[ 1066.181335][T14667]  security_sk_alloc+0x52/0x390
[ 1066.181359][T14667]  sk_prot_alloc+0x101/0x220
[ 1066.181381][T14667]  ? sk_alloc+0x24/0x370
[ 1066.181408][T14667]  sk_alloc+0x3a/0x370
[ 1066.181431][T14667]  ? bpf_ctx_init+0x167/0x1d0
[ 1066.181456][T14667]  bpf_prog_test_run_skb+0x2ed/0x1560
[ 1066.181478][T14667]  ? __fget_files+0x2a/0x420
[ 1066.181512][T14667]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1066.181535][T14667]  bpf_prog_test_run+0x2ac/0x340
[ 1066.181565][T14667]  __sys_bpf+0x4a4/0x860
[ 1066.181590][T14667]  ? __pfx___sys_bpf+0x10/0x10
[ 1066.181628][T14667]  ? ksys_write+0x1f0/0x250
[ 1066.181652][T14667]  ? rcu_is_watching+0x15/0xb0
[ 1066.181692][T14667]  __x64_sys_bpf+0x7c/0x90
[ 1066.181713][T14667]  do_syscall_64+0xf6/0x210
[ 1066.181739][T14667]  ? clear_bhb_loop+0x60/0xb0
[ 1066.181774][T14667]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1066.181793][T14667] RIP: 0033:0x7fa92d58e969
[ 1066.181811][T14667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1066.181828][T14667] RSP: 002b:00007fa92e467038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1066.181850][T14667] RAX: ffffffffffffffda RBX: 00007fa92d7b5fa0 RCX: 00007fa92d58e969
[ 1066.181865][T14667] RDX: 0000000000000050 RSI: 0000200000000600 RDI: 000000000000000a
[ 1066.181878][T14667] RBP: 00007fa92e467090 R08: 0000000000000000 R09: 0000000000000000
[ 1066.181890][T14667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1066.181902][T14667] R13: 0000000000000000 R14: 00007fa92d7b5fa0 R15: 00007ffd21c95c98
[ 1066.181935][T14667]  </TASK>
[ 1066.478818][T11234] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[ 1066.489821][ T5882] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[ 1066.719569][ T5882] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1066.915489][ T5882] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1067.085172][T14663] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=io+mem:owns=io+mem
[ 1067.139791][ T5882] usb 5-1: Product: syz
[ 1067.144037][ T5882] usb 5-1: Manufacturer: syz
[ 1067.165450][T14681] FAULT_INJECTION: forcing a failure.
[ 1067.165450][T14681] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1067.179315][ T5882] usb 5-1: SerialNumber: syz
[ 1067.191865][T14681] CPU: 1 UID: 0 PID: 14681 Comm: syz.2.2440 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1067.191914][T14681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1067.191926][T14681] Call Trace:
[ 1067.191935][T14681]  <TASK>
[ 1067.191944][T14681]  dump_stack_lvl+0x189/0x250
[ 1067.191973][T14681]  ? __lock_acquire+0xaac/0xd20
[ 1067.192002][T14681]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1067.192026][T14681]  ? __pfx__printk+0x10/0x10
[ 1067.192056][T14681]  ? __might_fault+0xb0/0x130
[ 1067.192098][T14681]  should_fail_ex+0x414/0x560
[ 1067.192123][T14681]  _copy_from_user+0x2d/0xb0
[ 1067.192152][T14681]  memdup_user+0x5e/0xd0
[ 1067.192178][T14681]  strndup_user+0x68/0xd0
[ 1067.192203][T14681]  __se_sys_mount+0x9c/0x410
[ 1067.192224][T14681]  ? ksys_write+0x1f0/0x250
[ 1067.192253][T14681]  ? __pfx___se_sys_mount+0x10/0x10
[ 1067.192277][T14681]  ? do_syscall_64+0xba/0x210
[ 1067.192300][T14681]  ? __x64_sys_mount+0x20/0xc0
[ 1067.192322][T14681]  do_syscall_64+0xf6/0x210
[ 1067.192347][T14681]  ? clear_bhb_loop+0x60/0xb0
[ 1067.192372][T14681]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1067.192391][T14681] RIP: 0033:0x7fa92d58e969
[ 1067.192409][T14681] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1067.192426][T14681] RSP: 002b:00007fa92e467038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1067.192449][T14681] RAX: ffffffffffffffda RBX: 00007fa92d7b5fa0 RCX: 00007fa92d58e969
[ 1067.192463][T14681] RDX: 0000200000000040 RSI: 0000200000000380 RDI: 0000200000000000
[ 1067.192477][T14681] RBP: 00007fa92e467090 R08: 0000000000000000 R09: 0000000000000000
[ 1067.192490][T14681] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[ 1067.192503][T14681] R13: 0000000000000000 R14: 00007fa92d7b5fa0 R15: 00007ffd21c95c98
[ 1067.192535][T14681]  </TASK>
[ 1067.389328][ T5882] usb 5-1: config 0 descriptor??
[ 1067.536209][T14685] netlink: 'syz.1.2441': attribute type 1 has an invalid length.
[ 1067.597938][T14689] loop9: detected capacity change from 0 to 7
[ 1067.606990][T14689] Dev loop9: unable to read RDB block 7
[ 1067.613334][T14689]  loop9: unable to read partition table
[ 1067.619121][T14689] loop9: partition table beyond EOD, truncated
[ 1067.625438][T14689] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1068.534202][T14661] syz.4.2435 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[ 1068.632782][ T5882] usb 5-1: Firmware: major: 0, minor: 97, hardware type: UNKNOWN (99)
[ 1068.659810][T11234] usb 2-1: new high-speed USB device number 77 using dummy_hcd
[ 1068.811779][T11234] usb 2-1: Using ep0 maxpacket: 16
[ 1068.836171][ T5882] usb 5-1: failed to fetch extended address, random address set
[ 1068.845990][ T5882] usb 5-1: atusb_probe: initialization failed, error = -524
[ 1068.859407][T11234] usb 2-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[ 1068.868623][T11234] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1068.876678][ T5882] atusb 5-1:0.0: probe with driver atusb failed with error -524
[ 1068.888840][T11234] usb 2-1: Product: syz
[ 1068.905305][T11234] usb 2-1: Manufacturer: syz
[ 1068.911209][ T5882] usb 5-1: USB disconnect, device number 76
[ 1068.931327][T11234] usb 2-1: SerialNumber: syz
[ 1068.955587][T11234] usb 2-1: config 0 descriptor??
[ 1069.134642][T14701] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2446'.
[ 1069.164064][T14703] FAULT_INJECTION: forcing a failure.
[ 1069.164064][T14703] name failslab, interval 1, probability 0, space 0, times 0
[ 1069.191739][T14703] CPU: 1 UID: 0 PID: 14703 Comm: syz.5.2447 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1069.191774][T14703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1069.191786][T14703] Call Trace:
[ 1069.191794][T14703]  <TASK>
[ 1069.191804][T14703]  dump_stack_lvl+0x189/0x250
[ 1069.191839][T14703]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1069.191865][T14703]  ? __pfx__printk+0x10/0x10
[ 1069.191904][T14703]  ? __pfx___might_resched+0x10/0x10
[ 1069.191932][T14703]  ? fs_reclaim_acquire+0x7d/0x100
[ 1069.191959][T14703]  should_fail_ex+0x414/0x560
[ 1069.191985][T14703]  should_failslab+0xa8/0x100
[ 1069.192006][T14703]  __kmalloc_noprof+0xcb/0x4f0
[ 1069.192032][T14703]  ? tomoyo_encode+0x28b/0x550
[ 1069.192064][T14703]  tomoyo_encode+0x28b/0x550
[ 1069.192096][T14703]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1069.192134][T14703]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1069.192157][T14703]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1069.192182][T14703]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1069.192224][T14703]  ? __lock_acquire+0xaac/0xd20
[ 1069.192272][T14703]  ? __fget_files+0x2a/0x420
[ 1069.192296][T14703]  ? __fget_files+0x3a0/0x420
[ 1069.192313][T14703]  ? __fget_files+0x2a/0x420
[ 1069.192336][T14703]  security_file_ioctl+0xcb/0x2d0
[ 1069.192362][T14703]  __se_sys_ioctl+0x47/0x170
[ 1069.192389][T14703]  do_syscall_64+0xf6/0x210
[ 1069.192416][T14703]  ? clear_bhb_loop+0x60/0xb0
[ 1069.192441][T14703]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1069.192460][T14703] RIP: 0033:0x7f999cd8e969
[ 1069.192478][T14703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1069.192494][T14703] RSP: 002b:00007f999db65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1069.192516][T14703] RAX: ffffffffffffffda RBX: 00007f999cfb5fa0 RCX: 00007f999cd8e969
[ 1069.192530][T14703] RDX: 00002000000003c0 RSI: 00000000c008561b RDI: 0000000000000003
[ 1069.192544][T14703] RBP: 00007f999db65090 R08: 0000000000000000 R09: 0000000000000000
[ 1069.192556][T14703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1069.192568][T14703] R13: 0000000000000000 R14: 00007f999cfb5fa0 R15: 00007ffed795dd48
[ 1069.192601][T14703]  </TASK>
[ 1069.192648][T14703] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1069.429853][T11234] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[ 1069.448671][T11234] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1069.469130][T11234] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[ 1069.489911][T11234] usb 2-1: media controller created
[ 1069.611662][T11234] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1069.624486][T14685] dtv5100: wlen = 0, aborting.
[ 1069.735928][T11234] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[ 1069.776769][T11234] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[ 1069.820075][ T5882] usb 4-1: new full-speed USB device number 73 using dummy_hcd
[ 1070.819305][ T5882] usb 4-1: config 0 has an invalid interface number: 200 but max is 0
[ 1070.849230][ T5882] usb 4-1: config 0 has no interface number 0
[ 1070.937636][ T5882] usb 4-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=91.6f
[ 1071.026080][ T5882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1071.283902][ T5882] usb 4-1: config 0 descriptor??
[ 1071.496832][ T5817] usb 2-1: USB disconnect, device number 77
[ 1071.862588][ T5817] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[ 1071.909502][T14712] binder: 14711:14712 ioctl c0306201 0 returned -14
[ 1072.707714][ T5882] RobotFuzz Open Source InterFace, OSIF 4-1:0.200: failure sending bit rate
[ 1072.742392][ T5882] RobotFuzz Open Source InterFace, OSIF 4-1:0.200: probe with driver RobotFuzz Open Source InterFace, OSIF failed with error -71
[ 1072.794419][ T5882] usb 4-1: USB disconnect, device number 73
[ 1072.829779][    T9] usb 3-1: new high-speed USB device number 84 using dummy_hcd
[ 1072.999895][    T9] usb 3-1: Using ep0 maxpacket: 8
[ 1073.024223][    T9] usb 3-1: New USB device found, idVendor=0545, idProduct=800c, bcdDevice= 3.0a
[ 1073.052045][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1073.131899][    T9] usb 3-1: Product: syz
[ 1073.136140][    T9] usb 3-1: Manufacturer: syz
[ 1073.179039][    T9] usb 3-1: SerialNumber: syz
[ 1073.220831][    T9] usb 3-1: config 0 descriptor??
[ 1073.277871][    T9] gspca_main: xirlink-cit-2.14.0 probing 0545:800c
[ 1073.324097][    T9] input: xirlink-cit as /devices/platform/dummy_hcd.2/usb3/3-1/input/input39
[ 1073.422170][    T9] Process accounting resumed
[ 1073.603418][    T9] usb 3-1: USB disconnect, device number 84
[ 1076.850956][T14773] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1076.862723][T14773] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1077.623591][T14776] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.2467'.
[ 1077.643220][T14774] netlink: 'syz.3.2468': attribute type 1 has an invalid length.
[ 1077.880067][ T5824] usb 3-1: new high-speed USB device number 85 using dummy_hcd
[ 1077.970340][ T5817] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[ 1078.050900][ T5824] usb 3-1: Using ep0 maxpacket: 32
[ 1078.221238][ T5817] usb 4-1: Using ep0 maxpacket: 16
[ 1078.240212][ T5824] usb 3-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice= e.22
[ 1078.258701][ T5824] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1078.331401][ T5824] usb 3-1: Product: syz
[ 1078.346924][ T5817] usb 4-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[ 1078.369766][ T5824] usb 3-1: Manufacturer: syz
[ 1078.428801][ T5824] usb 3-1: SerialNumber: syz
[ 1078.437593][ T5817] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1078.517519][ T5824] usb 3-1: config 0 descriptor??
[ 1078.522786][ T5817] usb 4-1: Product: syz
[ 1078.526984][ T5817] usb 4-1: Manufacturer: syz
[ 1078.532422][T14782] netlink: 'syz.5.2471': attribute type 10 has an invalid length.
[ 1078.589753][ T5817] usb 4-1: SerialNumber: syz
[ 1078.598456][ T5824] usb 3-1: selecting invalid altsetting 3
[ 1078.606468][ T5817] usb 4-1: config 0 descriptor??
[ 1078.624911][ T5824] comedi comedi0: could not set alternate setting 3 in high speed
[ 1078.669970][ T5824] usbdux 3-1:0.0: driver 'usbdux' failed to auto-configure device.
[ 1078.674416][ T5824] usbdux 3-1:0.0: probe with driver usbdux failed with error -22
[ 1078.707486][T14785] FAULT_INJECTION: forcing a failure.
[ 1078.707486][T14785] name failslab, interval 1, probability 0, space 0, times 0
[ 1078.709904][T14785] CPU: 0 UID: 0 PID: 14785 Comm: syz.4.2472 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1078.709931][T14785] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1078.709943][T14785] Call Trace:
[ 1078.709951][T14785]  <TASK>
[ 1078.709961][T14785]  dump_stack_lvl+0x189/0x250
[ 1078.709994][T14785]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1078.710019][T14785]  ? __pfx__printk+0x10/0x10
[ 1078.710055][T14785]  ? __pfx___might_resched+0x10/0x10
[ 1078.710083][T14785]  ? fs_reclaim_acquire+0x7d/0x100
[ 1078.710109][T14785]  should_fail_ex+0x414/0x560
[ 1078.710134][T14785]  should_failslab+0xa8/0x100
[ 1078.710154][T14785]  __kmalloc_noprof+0xcb/0x4f0
[ 1078.710179][T14785]  ? kfree+0x4d/0x440
[ 1078.710202][T14785]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1078.710233][T14785]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1078.710260][T14785]  ? tomoyo_domain+0xda/0x130
[ 1078.710290][T14785]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1078.710313][T14785]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1078.710339][T14785]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1078.710380][T14785]  ? __lock_acquire+0xaac/0xd20
[ 1078.710425][T14785]  ? __fget_files+0x2a/0x420
[ 1078.710447][T14785]  ? __fget_files+0x3a0/0x420
[ 1078.710463][T14785]  ? __fget_files+0x2a/0x420
[ 1078.710485][T14785]  security_file_ioctl+0xcb/0x2d0
[ 1078.710510][T14785]  __se_sys_ioctl+0x47/0x170
[ 1078.710539][T14785]  do_syscall_64+0xf6/0x210
[ 1078.710562][T14785]  ? clear_bhb_loop+0x60/0xb0
[ 1078.710599][T14785]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1078.710617][T14785] RIP: 0033:0x7f83d878e969
[ 1078.710635][T14785] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1078.710651][T14785] RSP: 002b:00007f83d966b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1078.710672][T14785] RAX: ffffffffffffffda RBX: 00007f83d89b5fa0 RCX: 00007f83d878e969
[ 1078.710686][T14785] RDX: 0000200000000200 RSI: 00000000c0405626 RDI: 0000000000000003
[ 1078.710699][T14785] RBP: 00007f83d966b090 R08: 0000000000000000 R09: 0000000000000000
[ 1078.710710][T14785] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1078.710722][T14785] R13: 0000000000000000 R14: 00007f83d89b5fa0 R15: 00007ffc76b1ff88
[ 1078.710754][T14785]  </TASK>
[ 1078.710763][T14785] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1078.794967][ T5824] usb 3-1: USB disconnect, device number 85
[ 1079.079432][ T5817] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[ 1079.097058][ T5817] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1079.098279][ T5817] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[ 1079.098338][ T5817] usb 4-1: media controller created
[ 1079.107677][T14795] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2475'.
[ 1079.143235][ T5817] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1079.156752][T14796] FAULT_INJECTION: forcing a failure.
[ 1079.156752][T14796] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1079.290871][T14774] dtv5100: wlen = 0, aborting.
[ 1079.379696][T14796] CPU: 0 UID: 0 PID: 14796 Comm: syz.4.2474 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1079.379725][T14796] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1079.379736][T14796] Call Trace:
[ 1079.379746][T14796]  <TASK>
[ 1079.379754][T14796]  dump_stack_lvl+0x189/0x250
[ 1079.379776][T14796]  ? __lock_acquire+0xaac/0xd20
[ 1079.379793][T14796]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1079.379808][T14796]  ? __pfx__printk+0x10/0x10
[ 1079.379824][T14796]  ? __might_fault+0xb0/0x130
[ 1079.379848][T14796]  should_fail_ex+0x414/0x560
[ 1079.379863][T14796]  _copy_to_iter+0x3f5/0x15a0
[ 1079.379885][T14796]  ? __pfx__copy_to_iter+0x10/0x10
[ 1079.379896][T14796]  ? rcu_is_watching+0x15/0xb0
[ 1079.379913][T14796]  ? trace_contention_end+0x39/0x120
[ 1079.379924][T14796]  ? __mutex_lock+0x330/0xe80
[ 1079.379945][T14796]  __skb_datagram_iter+0x3c4/0x960
[ 1079.379963][T14796]  ? __pfx_simple_copy_to_iter+0x10/0x10
[ 1079.379983][T14796]  skb_copy_datagram_iter+0xc5/0x230
[ 1079.380002][T14796]  unix_stream_read_actor+0x6c/0xb0
[ 1079.380016][T14796]  unix_stream_read_generic+0xb4e/0x22c0
[ 1079.380027][T14796]  ? up_write+0x1c4/0x420
[ 1079.380056][T14796]  ? __pfx_unix_stream_read_generic+0x10/0x10
[ 1079.380068][T14796]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1079.380086][T14796]  ? __lock_acquire+0xaac/0xd20
[ 1079.380106][T14796]  unix_stream_recvmsg+0x15d/0x1b0
[ 1079.380120][T14796]  ? __pfx_unix_stream_recvmsg+0x10/0x10
[ 1079.380132][T14796]  ? __pfx_unix_stream_read_actor+0x10/0x10
[ 1079.380148][T14796]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[ 1079.380160][T14796]  ? security_socket_recvmsg+0x7e/0x2e0
[ 1079.380172][T14796]  ? __pfx_unix_stream_recvmsg+0x10/0x10
[ 1079.380184][T14796]  sock_recvmsg+0x229/0x270
[ 1079.380198][T14796]  ____sys_recvmsg+0x1c9/0x460
[ 1079.380219][T14796]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1079.380243][T14796]  ? import_iovec+0x74/0xa0
[ 1079.380260][T14796]  ___sys_recvmsg+0x1b5/0x510
[ 1079.380278][T14796]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1079.380308][T14796]  ? __fget_files+0x3a0/0x420
[ 1079.380326][T14796]  do_recvmmsg+0x307/0x760
[ 1079.380346][T14796]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1079.380369][T14796]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1079.380394][T14796]  __x64_sys_recvmmsg+0x190/0x240
[ 1079.380408][T14796]  ? rcu_is_watching+0x15/0xb0
[ 1079.380424][T14796]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1079.380442][T14796]  ? do_syscall_64+0xba/0x210
[ 1079.380458][T14796]  do_syscall_64+0xf6/0x210
[ 1079.380472][T14796]  ? clear_bhb_loop+0x60/0xb0
[ 1079.380486][T14796]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1079.380497][T14796] RIP: 0033:0x7f83d878e969
[ 1079.380509][T14796] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1079.380519][T14796] RSP: 002b:00007f83d964a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1079.380532][T14796] RAX: ffffffffffffffda RBX: 00007f83d89b6080 RCX: 00007f83d878e969
[ 1079.380541][T14796] RDX: 040000000000013c RSI: 00002000000034c0 RDI: 0000000000000006
[ 1079.380549][T14796] RBP: 00007f83d964a090 R08: 0000000000000000 R09: 0000000000000000
[ 1079.380556][T14796] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000001
[ 1079.380563][T14796] R13: 0000000000000000 R14: 00007f83d89b6080 R15: 00007ffc76b1ff88
[ 1079.380581][T14796]  </TASK>
[ 1079.799891][ T5817] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[ 1079.884806][ T5817] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[ 1081.752611][ T5961] usb 4-1: USB disconnect, device number 74
[ 1081.996946][ T5961] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[ 1083.460099][ T5961] usb 4-1: new high-speed USB device number 75 using dummy_hcd
[ 1083.640264][ T5961] usb 4-1: device descriptor read/64, error -71
[ 1083.930165][ T5961] usb 4-1: new high-speed USB device number 76 using dummy_hcd
[ 1084.111323][ T5961] usb 4-1: device descriptor read/64, error -71
[ 1084.278265][ T5961] usb usb4-port1: attempt power cycle
[ 1084.669855][ T5961] usb 4-1: new high-speed USB device number 77 using dummy_hcd
[ 1086.430157][ T5961] usb 4-1: device descriptor read/8, error -71
[ 1087.893211][   T30] kauditd_printk_skb: 28 callbacks suppressed
[ 1087.893231][   T30] audit: type=1400 audit(1747812057.469:208): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=14851 comm="syz.4.2488" saddr=0.0.0.224 src=20000 daddr=224.0.0.1 dest=20000
[ 1088.126540][T14855] netlink: 1688 bytes leftover after parsing attributes in process `syz.4.2489'.
[ 1090.479823][ T5961] usb 2-1: new high-speed USB device number 78 using dummy_hcd
[ 1091.410112][    C0] raw-gadget.0 gadget.1: ignoring, device is not running
[ 1091.419446][ T5961] usb 2-1: device descriptor read/all, error -71
[ 1091.425218][T14882] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1091.468717][T14882] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1091.514937][T14882] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1091.543323][T14882] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1092.249790][ T5961] usb 2-1: new full-speed USB device number 79 using dummy_hcd
[ 1092.545819][ T5961] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1092.704908][ T5961] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1092.827984][ T5961] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[ 1092.971551][T14907] netlink: 'syz.4.2504': attribute type 72 has an invalid length.
[ 1092.981504][ T5961] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1093.047661][ T5961] usb 2-1: config 0 descriptor??
[ 1093.090776][ T5961] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[ 1093.097485][ T5961] dvb-usb: bulk message failed: -22 (3/0)
[ 1093.167124][ T5961] dvb-usb: will use the device's hardware PID filter (table count: 16).
[ 1093.203040][ T5961] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[ 1093.224446][ T5961] usb 2-1: media controller created
[ 1093.303066][T14910] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2505'.
[ 1093.313883][T14910] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1093.321735][T14910] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1094.256824][T14910] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1094.267580][T14921] IPVS: set_ctl: invalid protocol: 94 224.0.0.1:20000
[ 1094.306032][ T5961] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1094.334132][T14925] dvb-usb: bulk message failed: -22 (4/0)
[ 1094.337360][T14910] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1094.367680][T14921] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1095.574910][T14921] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1095.613180][ T5961] dvb-usb: bulk message failed: -22 (6/0)
[ 1095.619351][ T5961] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[ 1095.784258][ T5961] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input40
[ 1095.802837][ T5961] dvb-usb: schedule remote query interval to 150 msecs.
[ 1095.814217][ T5961] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[ 1095.971785][    T9] dvb-usb: bulk message failed: -22 (1/0)
[ 1095.978765][    T9] dvb-usb: error while querying for an remote control event.
[ 1096.069957][    T9] usb 2-1: USB disconnect, device number 79
[ 1096.302938][    T9] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[ 1096.333943][T14943] FAULT_INJECTION: forcing a failure.
[ 1096.333943][T14943] name failslab, interval 1, probability 0, space 0, times 0
[ 1096.379547][T14943] CPU: 1 UID: 0 PID: 14943 Comm: syz.4.2513 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1096.379578][T14943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1096.379587][T14943] Call Trace:
[ 1096.379592][T14943]  <TASK>
[ 1096.379598][T14943]  dump_stack_lvl+0x189/0x250
[ 1096.379635][T14943]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1096.379659][T14943]  ? __pfx__printk+0x10/0x10
[ 1096.379687][T14943]  ? __pfx___might_resched+0x10/0x10
[ 1096.379704][T14943]  ? fs_reclaim_acquire+0x7d/0x100
[ 1096.379719][T14943]  should_fail_ex+0x414/0x560
[ 1096.379735][T14943]  should_failslab+0xa8/0x100
[ 1096.379747][T14943]  __kmalloc_cache_noprof+0x70/0x3d0
[ 1096.379771][T14943]  ? __smc_connect+0x1b0/0x1890
[ 1096.379787][T14943]  __smc_connect+0x1b0/0x1890
[ 1096.379807][T14943]  ? do_raw_spin_unlock+0x122/0x240
[ 1096.379823][T14943]  smc_connect+0x877/0xd90
[ 1096.379842][T14943]  __sys_connect+0x313/0x440
[ 1096.379856][T14943]  ? __fget_files+0x3a0/0x420
[ 1096.379867][T14943]  ? __pfx___sys_connect+0x10/0x10
[ 1096.379895][T14943]  __x64_sys_connect+0x7a/0x90
[ 1096.379908][T14943]  do_syscall_64+0xf6/0x210
[ 1096.379924][T14943]  ? clear_bhb_loop+0x60/0xb0
[ 1096.379938][T14943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1096.379949][T14943] RIP: 0033:0x7f83d878e969
[ 1096.379961][T14943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1096.379977][T14943] RSP: 002b:00007f83d964a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 1096.379990][T14943] RAX: ffffffffffffffda RBX: 00007f83d89b6080 RCX: 00007f83d878e969
[ 1096.379999][T14943] RDX: 0000000000000010 RSI: 0000200000000280 RDI: 0000000000000008
[ 1096.380006][T14943] RBP: 00007f83d964a090 R08: 0000000000000000 R09: 0000000000000000
[ 1096.380013][T14943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1096.380025][T14943] R13: 0000000000000000 R14: 00007f83d89b6080 R15: 00007ffc76b1ff88
[ 1096.380043][T14943]  </TASK>
[ 1096.620710][T14945] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2511'.
[ 1096.629700][T14945] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1096.637126][T14945] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1096.761372][T14945] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1096.768801][T14945] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1098.392618][T14960] netlink: 'syz.4.2517': attribute type 72 has an invalid length.
[ 1099.059582][T14967] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1099.581299][T14978] overlayfs: failed to resolve './file1': -2
[ 1100.278344][T14980] FAULT_INJECTION: forcing a failure.
[ 1100.278344][T14980] name failslab, interval 1, probability 0, space 0, times 0
[ 1100.291799][T14980] CPU: 1 UID: 0 PID: 14980 Comm: syz.5.2521 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1100.291827][T14980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1100.291839][T14980] Call Trace:
[ 1100.291848][T14980]  <TASK>
[ 1100.291857][T14980]  dump_stack_lvl+0x189/0x250
[ 1100.291889][T14980]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1100.291913][T14980]  ? __pfx__printk+0x10/0x10
[ 1100.291945][T14980]  ? __pfx___might_resched+0x10/0x10
[ 1100.291970][T14980]  ? fs_reclaim_acquire+0x7d/0x100
[ 1100.291995][T14980]  should_fail_ex+0x414/0x560
[ 1100.292020][T14980]  should_failslab+0xa8/0x100
[ 1100.292039][T14980]  __kmalloc_noprof+0xcb/0x4f0
[ 1100.292062][T14980]  ? kfree+0x4d/0x440
[ 1100.292081][T14980]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1100.292110][T14980]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1100.292149][T14980]  tomoyo_check_open_permission+0x1c1/0x3b0
[ 1100.292170][T14980]  ? tomoyo_check_open_permission+0x16a/0x3b0
[ 1100.292189][T14980]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[ 1100.292252][T14980]  ? tomoyo_file_open+0x166/0x220
[ 1100.292282][T14980]  security_file_open+0xb1/0x270
[ 1100.292304][T14980]  do_dentry_open+0x35e/0x1970
[ 1100.292325][T14980]  ? devcgroup_check_permission+0x86d/0x980
[ 1100.292360][T14980]  vfs_open+0x3b/0x340
[ 1100.292376][T14980]  ? path_openat+0x2ecd/0x3830
[ 1100.292401][T14980]  path_openat+0x2ee5/0x3830
[ 1100.292428][T14980]  ? arch_stack_walk+0xfc/0x150
[ 1100.292487][T14980]  ? __pfx_path_openat+0x10/0x10
[ 1100.292506][T14980]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1100.292546][T14980]  do_filp_open+0x1fa/0x410
[ 1100.292571][T14980]  ? __pfx_do_filp_open+0x10/0x10
[ 1100.292617][T14980]  ? _raw_spin_unlock+0x28/0x50
[ 1100.292636][T14980]  ? alloc_fd+0x64c/0x6c0
[ 1100.292672][T14980]  do_sys_openat2+0x121/0x1c0
[ 1100.292695][T14980]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1100.292716][T14980]  ? exc_page_fault+0x68/0x110
[ 1100.292741][T14980]  ? do_user_addr_fault+0xc8a/0x1390
[ 1100.292771][T14980]  __x64_sys_openat+0x138/0x170
[ 1100.292797][T14980]  do_syscall_64+0xf6/0x210
[ 1100.292820][T14980]  ? clear_bhb_loop+0x60/0xb0
[ 1100.292843][T14980]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1100.292859][T14980] RIP: 0033:0x7f999cd8d2d0
[ 1100.292876][T14980] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 49 94 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 9c 94 02 00 8b 44
[ 1100.292892][T14980] RSP: 002b:00007f999db22b70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1100.292911][T14980] RAX: ffffffffffffffda RBX: 0000000000000102 RCX: 00007f999cd8d2d0
[ 1100.292924][T14980] RDX: 0000000000000102 RSI: 00007f999db22c10 RDI: 00000000ffffff9c
[ 1100.292936][T14980] RBP: 00007f999db22c10 R08: 0000000000000000 R09: 0023647261632f69
[ 1100.292948][T14980] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[ 1100.292959][T14980] R13: 0000000000000000 R14: 00007f999cfb6160 R15: 00007ffed795dd48
[ 1100.292991][T14980]  </TASK>
[ 1100.293000][T14980] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1101.162988][   T30] audit: type=1326 audit(1747812070.669:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14981 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d878e969 code=0x7ffc0000
[ 1101.739743][   T30] audit: type=1326 audit(1747812070.669:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14981 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d878e969 code=0x7ffc0000
[ 1101.761331][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1101.794547][   T30] audit: type=1326 audit(1747812070.669:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14981 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=148 compat=0 ip=0x7f83d878e969 code=0x7ffc0000
[ 1102.141999][T14990] ubi31: attaching mtd0
[ 1102.157768][T14990] ubi31: scanning is finished
[ 1102.162615][T14990] ubi31: empty MTD device detected
[ 1102.874074][T14990] ubi31 error: ubi_attach_mtd_dev: cannot spawn "ubi_bgt31d", error -4
[ 1102.970471][   T30] audit: type=1326 audit(1747812070.669:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14981 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d878e969 code=0x7ffc0000
[ 1102.992055][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1103.033070][   T30] audit: type=1326 audit(1747812070.669:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14981 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d878e969 code=0x7ffc0000
[ 1103.055326][   T30] audit: type=1326 audit(1747812070.669:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14981 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f83d878e969 code=0x7ffc0000
[ 1103.076883][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1103.089785][   T30] audit: type=1326 audit(1747812070.669:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14981 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d878e969 code=0x7ffc0000
[ 1103.111337][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1103.231098][   T30] audit: type=1326 audit(1747812070.669:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14981 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d878e969 code=0x7ffc0000
[ 1103.381440][   T30] audit: type=1326 audit(1747812070.669:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14981 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f83d878d2d0 code=0x7ffc0000
[ 1103.399835][ T5961] usb 4-1: new full-speed USB device number 79 using dummy_hcd
[ 1103.469698][   T30] audit: type=1326 audit(1747812070.669:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14981 comm="syz.4.2522" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f83d878e969 code=0x7ffc0000
[ 1103.491296][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1103.627265][ T5961] usb 4-1: config 6 has no interfaces?
[ 1104.009839][ T5961] usb 4-1: New USB device found, idVendor=0bfd, idProduct=0019, bcdDevice=82.95
[ 1104.018952][ T5961] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1104.027486][ T5961] usb 4-1: Product: syz
[ 1104.031893][ T5961] usb 4-1: Manufacturer: syz
[ 1104.036526][ T5961] usb 4-1: SerialNumber: syz
[ 1104.122154][T15005] netlink: 'syz.2.2528': attribute type 72 has an invalid length.
[ 1104.264343][T14997] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1104.289812][ T5824] usb 2-1: new high-speed USB device number 80 using dummy_hcd
[ 1104.332177][T14997] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1104.450006][ T5824] usb 2-1: Using ep0 maxpacket: 16
[ 1104.478106][ T5824] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1104.535946][T15009] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1104.698385][ T5824] usb 2-1: New USB device found, idVendor=045e, idProduct=07ca, bcdDevice= 0.00
[ 1105.131558][ T5824] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1105.183482][ T5824] usb 2-1: config 0 descriptor??
[ 1106.608405][T15018] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1106.691786][T15018] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1106.739914][ T5961] usb 4-1: USB disconnect, device number 79
[ 1106.755185][T15018] overlay: Unknown parameter 'pcr'
[ 1106.878711][T15022] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1109.279132][ T5824] usbhid 2-1:0.0: can't add hid device: -71
[ 1109.296745][ T5824] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1109.357003][ T5824] usb 2-1: USB disconnect, device number 80
[ 1109.751896][T11234] usb 3-1: new high-speed USB device number 86 using dummy_hcd
[ 1110.550950][T11234] usb 3-1: Using ep0 maxpacket: 16
[ 1110.574419][T11234] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1110.599821][T11234] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1110.619901][T11234] usb 3-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00
[ 1110.639920][T11234] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1110.665966][T11234] usb 3-1: config 0 descriptor??
[ 1113.058130][T15053] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1113.069354][T15053] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1114.210239][T11234] usbhid 3-1:0.0: can't add hid device: -71
[ 1114.218054][T11234] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1114.264261][T11234] usb 3-1: USB disconnect, device number 86
[ 1115.757830][T15068] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1117.787504][T15084] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2551'.
[ 1118.353508][T15077] trusted_key: encrypted_key: insufficient parameters specified
[ 1118.636343][T15096] netlink: 'syz.3.2556': attribute type 21 has an invalid length.
[ 1119.429691][T11234] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[ 1119.719953][T11234] usb 5-1: Using ep0 maxpacket: 16
[ 1119.731927][T11234] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1119.743525][T11234] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1119.760306][T11234] usb 5-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00
[ 1119.769537][T11234] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1119.965966][T11234] usb 5-1: config 0 descriptor??
[ 1121.256414][    T9] usb 3-1: new high-speed USB device number 87 using dummy_hcd
[ 1121.409806][    T9] usb 3-1: Using ep0 maxpacket: 32
[ 1121.511377][    T9] usb 3-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[ 1121.565958][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1122.185183][    T9] usb 3-1: config 0 descriptor??
[ 1122.350184][    T9] as10x_usb: device has been detected
[ 1122.370885][    T9] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[ 1122.430599][T11234] usbhid 5-1:0.0: can't add hid device: -71
[ 1122.478873][T11234] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1122.682271][T11234] usb 5-1: USB disconnect, device number 77
[ 1122.790804][T15119] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2550'.
[ 1123.270140][    T9] usb 3-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[ 1123.300563][T15124] loop9: detected capacity change from 0 to 7
[ 1123.307437][T15124] Dev loop9: unable to read RDB block 7
[ 1123.313136][T15124]  loop9: unable to read partition table
[ 1123.318906][T15124] loop9: partition table beyond EOD, truncated
[ 1123.325085][T15124] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1123.355562][    T9] as10x_usb: error during firmware upload part1
[ 1124.121107][    T9] Registered device nBox DVB-T Dongle
[ 1124.123529][    T9] usb 3-1: USB disconnect, device number 87
[ 1124.192023][T11234] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[ 1124.268624][    T9] Unregistered device nBox DVB-T Dongle
[ 1124.294204][    T9] as10x_usb: device has been disconnected
[ 1124.569826][T11234] usb 5-1: Using ep0 maxpacket: 8
[ 1124.807624][T11234] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[ 1124.847143][T11234] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1124.863116][T11234] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1124.876911][T11234] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[ 1124.897065][T11234] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1124.916658][T11234] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[ 1124.927738][T11234] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1124.974734][T11234] usb 5-1: config 0 descriptor??
[ 1125.005706][T15128] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1125.378142][T15145] overlayfs: missing 'workdir'
[ 1127.143150][T10155] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[ 1128.208590][    T9] usb 5-1: USB disconnect, device number 78
[ 1128.500488][T15169] loop9: detected capacity change from 0 to 7
[ 1128.507306][T15169] Dev loop9: unable to read RDB block 7
[ 1128.512920][T15169]  loop9: unable to read partition table
[ 1128.518676][T15169] loop9: partition table beyond EOD, truncated
[ 1128.524972][T15169] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1129.527446][T15174] program syz.1.2574 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1130.291132][T15183] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2576'.
[ 1131.199787][ T5824] usb 3-1: new high-speed USB device number 88 using dummy_hcd
[ 1131.250950][T15197] overlayfs: failed to resolve './file1': -2
[ 1132.119794][ T5824] usb 3-1: device descriptor read/64, error -71
[ 1132.494561][ T5824] usb 3-1: new high-speed USB device number 89 using dummy_hcd
[ 1132.689888][ T5824] usb 3-1: device descriptor read/64, error -71
[ 1132.810585][ T5824] usb usb3-port1: attempt power cycle
[ 1132.935121][T15213] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1132.954774][T15213] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1133.189688][ T5824] usb 3-1: new high-speed USB device number 90 using dummy_hcd
[ 1133.215287][T15214] random: crng reseeded on system resumption
[ 1133.224663][ T5824] usb 3-1: device descriptor read/8, error -71
[ 1133.299198][ T5817] usb 4-1: new high-speed USB device number 80 using dummy_hcd
[ 1133.475396][ T5817] usb 4-1: Using ep0 maxpacket: 32
[ 1133.491665][ T5817] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1133.516553][ T5817] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1133.525936][ T5817] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1133.535039][ T5817] usb 4-1: Product: syz
[ 1133.539404][ T5817] usb 4-1: Manufacturer: syz
[ 1133.544396][ T5824] usb 3-1: new high-speed USB device number 91 using dummy_hcd
[ 1133.553890][ T5817] usb 4-1: SerialNumber: syz
[ 1133.570517][ T5824] usb 3-1: device descriptor read/8, error -71
[ 1133.581062][ T5817] usb 4-1: config 0 descriptor??
[ 1133.598176][T15210] raw-gadget.4 gadget.3: fail, usb_ep_enable returned -22
[ 1133.683486][ T5824] usb usb3-port1: unable to enumerate USB device
[ 1133.913595][ T5961] usb 4-1: USB disconnect, device number 80
[ 1134.061565][T15221] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1134.073247][T15221] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1134.881965][T15220] loop9: detected capacity change from 0 to 7
[ 1134.888993][T15220] Dev loop9: unable to read RDB block 7
[ 1134.894654][T15220]  loop9: unable to read partition table
[ 1134.900474][T15220] loop9: partition table beyond EOD, truncated
[ 1134.906627][T15220] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1135.843860][T15232] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2593'.
[ 1135.889348][T15236] FAULT_INJECTION: forcing a failure.
[ 1135.889348][T15236] name failslab, interval 1, probability 0, space 0, times 0
[ 1135.941510][T15236] CPU: 0 UID: 0 PID: 15236 Comm: syz.5.2591 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1135.941540][T15236] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1135.941552][T15236] Call Trace:
[ 1135.941560][T15236]  <TASK>
[ 1135.941569][T15236]  dump_stack_lvl+0x189/0x250
[ 1135.941603][T15236]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1135.941628][T15236]  ? __pfx__printk+0x10/0x10
[ 1135.941660][T15236]  ? __pfx___might_resched+0x10/0x10
[ 1135.941687][T15236]  ? fs_reclaim_acquire+0x7d/0x100
[ 1135.941714][T15236]  should_fail_ex+0x414/0x560
[ 1135.941740][T15236]  should_failslab+0xa8/0x100
[ 1135.941761][T15236]  __kmalloc_noprof+0xcb/0x4f0
[ 1135.941787][T15236]  ? alloc_pipe_info+0x1fd/0x4d0
[ 1135.941818][T15236]  alloc_pipe_info+0x1fd/0x4d0
[ 1135.941848][T15236]  splice_direct_to_actor+0xa5d/0xcc0
[ 1135.941880][T15236]  ? __lock_acquire+0xaac/0xd20
[ 1135.941920][T15236]  ? __lock_acquire+0xaac/0xd20
[ 1135.941941][T15236]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1135.941967][T15236]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1135.942006][T15236]  do_splice_direct+0x181/0x270
[ 1135.942036][T15236]  ? __pfx_do_splice_direct+0x10/0x10
[ 1135.942063][T15236]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1135.942083][T15236]  ? bpf_lsm_file_permission+0x9/0x20
[ 1135.942105][T15236]  ? security_file_permission+0x75/0x290
[ 1135.942138][T15236]  ? rw_verify_area+0x258/0x650
[ 1135.942168][T15236]  do_sendfile+0x4da/0x7d0
[ 1135.942188][T15236]  ? __pfx_vfs_write+0x10/0x10
[ 1135.942220][T15236]  ? __pfx_do_sendfile+0x10/0x10
[ 1135.942240][T15236]  ? __fget_files+0x3a0/0x420
[ 1135.942270][T15236]  __se_sys_sendfile64+0x13e/0x190
[ 1135.942289][T15236]  ? rcu_is_watching+0x15/0xb0
[ 1135.942317][T15236]  ? __pfx___se_sys_sendfile64+0x10/0x10
[ 1135.942341][T15236]  ? do_syscall_64+0xba/0x210
[ 1135.942369][T15236]  do_syscall_64+0xf6/0x210
[ 1135.942393][T15236]  ? clear_bhb_loop+0x60/0xb0
[ 1135.942418][T15236]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1135.942437][T15236] RIP: 0033:0x7f999cd8e969
[ 1135.942454][T15236] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1135.942471][T15236] RSP: 002b:00007f999db65038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1135.942493][T15236] RAX: ffffffffffffffda RBX: 00007f999cfb5fa0 RCX: 00007f999cd8e969
[ 1135.942506][T15236] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 1135.942518][T15236] RBP: 00007f999db65090 R08: 0000000000000000 R09: 0000000000000000
[ 1135.942530][T15236] R10: 00008000fffffffe R11: 0000000000000246 R12: 0000000000000001
[ 1135.942542][T15236] R13: 0000000000000000 R14: 00007f999cfb5fa0 R15: 00007ffed795dd48
[ 1135.942574][T15236]  </TASK>
[ 1136.539938][    T9] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[ 1136.718963][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1136.752715][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1136.907717][T15255] syzkaller1: entered promiscuous mode
[ 1136.913835][T15255] syzkaller1: entered allmulticast mode
[ 1136.923889][T15250] PF_CAN: dropped non conform CAN skbuff: dev type 280, len 324
[ 1136.933526][    T9] usb 2-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[ 1136.975296][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1136.990506][    T9] usb 2-1: config 0 descriptor??
[ 1137.411296][T15239] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1137.478684][T15239] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1137.502028][T15265] fuse: Bad value for 'user_id'
[ 1137.506951][T15265] fuse: Bad value for 'user_id'
[ 1137.656057][    T9] creative-sb0540 0003:041E:3100.000D: item fetching failed at offset 2/5
[ 1137.771458][    T9] creative-sb0540 0003:041E:3100.000D: parse failed
[ 1137.802913][    T9] creative-sb0540 0003:041E:3100.000D: probe with driver creative-sb0540 failed with error -22
[ 1138.043892][    T9] usb 2-1: USB disconnect, device number 81
[ 1139.859857][ T5961] usb 3-1: new high-speed USB device number 92 using dummy_hcd
[ 1140.239194][ T5961] usb 3-1: config 0 interface 0 altsetting 185 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1140.313758][ T5961] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1140.356345][ T5961] usb 3-1: New USB device found, idVendor=05ac, idProduct=027a, bcdDevice= 0.00
[ 1140.392254][ T5961] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1140.426658][ T5961] usb 3-1: config 0 descriptor??
[ 1142.254229][ T5961] apple 0003:05AC:027A.000E: hidraw0: USB HID v8.00 Device [HID 05ac:027a] on usb-dummy_hcd.2-1/input0
[ 1142.805969][T15290] netlink: 'syz.1.2607': attribute type 12 has an invalid length.
[ 1142.823938][T15290] netlink: 9472 bytes leftover after parsing attributes in process `syz.1.2607'.
[ 1143.115679][ T5961] usb 3-1: USB disconnect, device number 92
[ 1143.130938][T15293] loop6: detected capacity change from 0 to 524287999
[ 1144.330805][T15293]  loop6: unable to read partition table
[ 1144.336844][T15293] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[ 1144.806079][T15302] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1145.032251][T15305] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2612'.
[ 1145.149757][ T5817] usb 3-1: new full-speed USB device number 93 using dummy_hcd
[ 1145.366803][ T5817] usb 3-1: config 7 has an invalid interface number: 101 but max is 0
[ 1145.375564][ T5817] usb 3-1: config 7 has no interface number 0
[ 1145.393794][ T5817] usb 3-1: New USB device found, idVendor=0fd9, idProduct=002c, bcdDevice= 6.6b
[ 1145.407686][ T5817] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1145.434516][ T5817] usb 3-1: Product: syz
[ 1145.444054][ T5817] usb 3-1: Manufacturer: syz
[ 1145.457135][ T5817] usb 3-1: SerialNumber: syz
[ 1146.246635][ T5817] as10x_usb: device has been detected
[ 1146.269057][ T5817] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT Deluxe)
[ 1146.343826][ T5817] usb 3-1: DVB: registering adapter 1 frontend 0 (Elgato EyeTV DTT Deluxe)...
[ 1146.461907][T11234] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[ 1146.659806][ T5817] as10x_usb: error during firmware upload part1
[ 1146.666832][ T5817] Registered device Elgato EyeTV DTT Deluxe
[ 1147.271111][T11234] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1147.299872][ T5817] usb 3-1: USB disconnect, device number 93
[ 1147.365897][T11234] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1147.382661][ T5817] Unregistered device Elgato EyeTV DTT Deluxe
[ 1147.390614][ T5817] as10x_usb: device has been disconnected
[ 1147.403675][T11234] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1147.426959][T11234] usb 5-1: Product: syz
[ 1147.453138][T11234] usb 5-1: Manufacturer: syz
[ 1147.755988][T11234] usb 5-1: SerialNumber: syz
[ 1147.777318][T15329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2618'.
[ 1147.786377][T15329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2618'.
[ 1147.795505][T15329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2618'.
[ 1147.804514][T15329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2618'.
[ 1147.813475][T15329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2618'.
[ 1147.824382][T15329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2618'.
[ 1147.833572][T15329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2618'.
[ 1147.842547][T15329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2618'.
[ 1147.851495][T15329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2618'.
[ 1147.860485][T15329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2618'.
[ 1147.869399][T15329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2618'.
[ 1147.878383][T15329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2618'.
[ 1147.887309][T15329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2618'.
[ 1147.896302][T15329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2618'.
[ 1147.905244][T15329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2618'.
[ 1147.914162][T15329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2618'.
[ 1149.100990][T11234] usb 5-1: 2:1 : UAC_AS_GENERAL descriptor not found
[ 1149.463463][T15349] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1149.475170][T15349] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1150.249765][T11234] usb 5-1: USB disconnect, device number 79
[ 1151.425851][T15127] udevd[15127]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1151.432067][T15358] netlink: 'syz.4.2626': attribute type 1 has an invalid length.
[ 1151.603199][T15364] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1151.784524][T15364] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1151.820278][ T5897] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[ 1152.103803][T15364] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1152.150246][ T5897] usb 5-1: Using ep0 maxpacket: 16
[ 1152.235168][ T5897] usb 5-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[ 1152.251128][T15364] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1152.392693][ T5897] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1152.623069][ T5897] usb 5-1: Product: syz
[ 1152.627860][ T5897] usb 5-1: Manufacturer: syz
[ 1152.639875][ T5897] usb 5-1: SerialNumber: syz
[ 1152.810077][ T5897] usb 5-1: config 0 descriptor??
[ 1154.020492][ T5897] dvb_usb_dtv5100 5-1:0.0: probe with driver dvb_usb_dtv5100 failed with error -110
[ 1154.324148][T15380] __nla_validate_parse: 35 callbacks suppressed
[ 1154.324163][T15380] netlink: 65039 bytes leftover after parsing attributes in process `syz.1.2632'.
[ 1155.609700][ T5897] usb 2-1: new high-speed USB device number 82 using dummy_hcd
[ 1155.642065][    T9] usb 5-1: USB disconnect, device number 80
[ 1155.771565][ T5897] usb 2-1: Using ep0 maxpacket: 32
[ 1155.790788][ T5897] usb 2-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice= e.22
[ 1155.801288][ T5897] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1155.810871][ T5897] usb 2-1: Product: syz
[ 1155.815092][ T5897] usb 2-1: Manufacturer: syz
[ 1155.821469][ T5897] usb 2-1: SerialNumber: syz
[ 1155.841364][ T5897] usb 2-1: config 0 descriptor??
[ 1155.860354][ T5897] usb 2-1: selecting invalid altsetting 3
[ 1155.866237][ T5897] comedi comedi0: could not set alternate setting 3 in high speed
[ 1155.874847][ T5897] usbdux 2-1:0.0: driver 'usbdux' failed to auto-configure device.
[ 1155.887431][ T5897] usbdux 2-1:0.0: probe with driver usbdux failed with error -22
[ 1156.036918][T15393] ISOFS: Unable to identify CD-ROM format.
[ 1156.077316][T15391] nfs: Unknown parameter '/dev/dsp1'
[ 1156.129173][ T5897] usb 2-1: USB disconnect, device number 82
[ 1156.129718][T11234] usb 4-1: new high-speed USB device number 81 using dummy_hcd
[ 1156.292640][T11234] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1156.304645][T11234] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1156.316771][T11234] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1156.326994][T11234] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1156.341339][T11234] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1156.350573][T11234] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1156.371496][T11234] usb 4-1: config 0 descriptor??
[ 1156.439899][ T5882] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[ 1156.623735][ T5882] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1156.769906][ T5882] usb 5-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[ 1156.851039][ T5882] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1156.871463][ T5882] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1157.092992][T11234] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving
[ 1157.132663][T15388] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1157.152774][T15388] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1157.174758][T11234] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[ 1157.386600][T11234] usb 4-1: USB disconnect, device number 81
[ 1157.447631][T15408] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1157.479313][T15408] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1158.281629][T15408] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1158.300250][T15408] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1158.378996][T15405] fido_id[15405]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[ 1158.654352][T15411] trusted_key: encrypted_key: insufficient parameters specified
[ 1159.194254][T11234] usb 5-1: USB disconnect, device number 81
[ 1159.736326][T15428] geneve2: entered promiscuous mode
[ 1159.745129][T15428] geneve2: entered allmulticast mode
[ 1159.778801][T15431] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2646'.
[ 1160.019752][T15434] FAULT_INJECTION: forcing a failure.
[ 1160.019752][T15434] name failslab, interval 1, probability 0, space 0, times 0
[ 1160.032450][T15434] CPU: 0 UID: 0 PID: 15434 Comm: syz.1.2649 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1160.032468][T15434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1160.032474][T15434] Call Trace:
[ 1160.032480][T15434]  <TASK>
[ 1160.032486][T15434]  dump_stack_lvl+0x189/0x250
[ 1160.032508][T15434]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1160.032523][T15434]  ? __pfx__printk+0x10/0x10
[ 1160.032544][T15434]  ? __pfx___might_resched+0x10/0x10
[ 1160.032559][T15434]  ? fs_reclaim_acquire+0x7d/0x100
[ 1160.032574][T15434]  should_fail_ex+0x414/0x560
[ 1160.032589][T15434]  ? xt_alloc_table_info+0x3b/0xa0
[ 1160.032602][T15434]  should_failslab+0xa8/0x100
[ 1160.032614][T15434]  __kvmalloc_node_noprof+0x168/0x5e0
[ 1160.032625][T15434]  ? xt_alloc_table_info+0x3b/0xa0
[ 1160.032641][T15434]  xt_alloc_table_info+0x3b/0xa0
[ 1160.032655][T15434]  do_ip6t_set_ctl+0x88a/0xce0
[ 1160.032673][T15434]  ? rcu_is_watching+0x15/0xb0
[ 1160.032689][T15434]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[ 1160.032713][T15434]  ? __pfx___mutex_lock+0x10/0x10
[ 1160.032728][T15434]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1160.032752][T15434]  nf_setsockopt+0x26c/0x290
[ 1160.032768][T15434]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1160.032782][T15434]  do_sock_setsockopt+0x257/0x3e0
[ 1160.032803][T15434]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 1160.032816][T15434]  ? __fget_files+0x2a/0x420
[ 1160.032829][T15434]  ? __fget_files+0x3a0/0x420
[ 1160.032838][T15434]  ? __fget_files+0x2a/0x420
[ 1160.032853][T15434]  __x64_sys_setsockopt+0x18b/0x220
[ 1160.032871][T15434]  do_syscall_64+0xf6/0x210
[ 1160.032886][T15434]  ? clear_bhb_loop+0x60/0xb0
[ 1160.032900][T15434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1160.032911][T15434] RIP: 0033:0x7fc21d78e969
[ 1160.032922][T15434] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1160.032931][T15434] RSP: 002b:00007fc21e5ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1160.032945][T15434] RAX: ffffffffffffffda RBX: 00007fc21d9b5fa0 RCX: 00007fc21d78e969
[ 1160.032953][T15434] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 000000000000000d
[ 1160.032960][T15434] RBP: 00007fc21e5ee090 R08: 00000000000003d0 R09: 0000000000000000
[ 1160.032967][T15434] R10: 00002000000007c0 R11: 0000000000000246 R12: 0000000000000001
[ 1160.032981][T15434] R13: 0000000000000000 R14: 00007fc21d9b5fa0 R15: 00007ffe25173818
[ 1160.032999][T15434]  </TASK>
[ 1162.126533][T15461] netlink: 'syz.3.2655': attribute type 5 has an invalid length.
[ 1162.941397][T15462] loop6: detected capacity change from 0 to 524287999
[ 1163.219858][T15466] CIFS: VFS: Malformed UNC in devname
[ 1163.226723][T15466] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1163.236581][ T5882] usb 2-1: new high-speed USB device number 83 using dummy_hcd
[ 1163.961181][T15462]  loop6: unable to read partition table
[ 1163.967176][T15462] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[ 1164.006559][ T5882] usb 2-1: Using ep0 maxpacket: 8
[ 1164.091583][ T5882] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1164.143635][ T5882] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1164.169496][ T5882] usb 2-1: Product: syz
[ 1164.183588][ T5882] usb 2-1: Manufacturer: syz
[ 1164.208647][ T5882] usb 2-1: SerialNumber: syz
[ 1164.213054][T15472] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1164.226863][ T5882] usb 2-1: config 0 descriptor??
[ 1164.243517][T15472] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1164.475638][ T5882] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1165.549741][ T5882] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[ 1167.088522][ T5817] usb 2-1: USB disconnect, device number 83
[ 1167.580844][T15495] trusted_key: encrypted_key: insufficient parameters specified
[ 1172.638896][T15524] netlink: 'syz.4.2673': attribute type 3 has an invalid length.
[ 1172.676258][T15524] netlink: 'syz.4.2673': attribute type 3 has an invalid length.
[ 1172.703476][T15524] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2673'.
[ 1172.886871][T15524] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2673'.
[ 1175.357981][T15552] netlink: 'syz.2.2682': attribute type 1 has an invalid length.
[ 1176.190605][ T5897] usb 3-1: new high-speed USB device number 94 using dummy_hcd
[ 1176.793475][ T5897] usb 3-1: Using ep0 maxpacket: 16
[ 1177.945751][ T5897] usb 3-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[ 1177.955061][ T5897] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1177.964507][ T5897] usb 3-1: Product: syz
[ 1177.968717][ T5897] usb 3-1: Manufacturer: syz
[ 1177.973812][ T5897] usb 3-1: SerialNumber: syz
[ 1178.004015][ T5897] usb 3-1: config 0 descriptor??
[ 1179.034352][ T5897] dvb_usb_dtv5100 3-1:0.0: probe with driver dvb_usb_dtv5100 failed with error -110
[ 1179.066126][T15587] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1179.077248][T15587] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1179.086842][T15588] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1179.098683][T15588] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1179.775876][ T5817] usb 3-1: USB disconnect, device number 94
[ 1180.062958][T15600] Bluetooth: hci0: invalid length 0, exp 2 for type 1
[ 1181.445099][T15611] netlink: 'syz.4.2700': attribute type 1 has an invalid length.
[ 1181.798810][T15614] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1181.820170][T15614] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1183.129553][T15621] netlink: 'syz.2.2701': attribute type 11 has an invalid length.
[ 1183.310445][    T9] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[ 1183.780632][    T9] usb 5-1: Using ep0 maxpacket: 16
[ 1183.894906][    T9] usb 5-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[ 1183.917616][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1183.985857][    T9] usb 5-1: Product: syz
[ 1183.998699][    T9] usb 5-1: Manufacturer: syz
[ 1184.008558][    T9] usb 5-1: SerialNumber: syz
[ 1184.052382][    T9] usb 5-1: config 0 descriptor??
[ 1184.177052][T15640] netlink: 'syz.1.2706': attribute type 15 has an invalid length.
[ 1184.222383][T15640] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2706'.
[ 1184.259439][T15640] FAULT_INJECTION: forcing a failure.
[ 1184.259439][T15640] name failslab, interval 1, probability 0, space 0, times 0
[ 1184.461813][T15640] CPU: 0 UID: 0 PID: 15640 Comm: syz.1.2706 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1184.461842][T15640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1184.461854][T15640] Call Trace:
[ 1184.461862][T15640]  <TASK>
[ 1184.461870][T15640]  dump_stack_lvl+0x189/0x250
[ 1184.461903][T15640]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1184.461932][T15640]  ? __pfx__printk+0x10/0x10
[ 1184.461966][T15640]  ? __pfx___might_resched+0x10/0x10
[ 1184.461992][T15640]  ? fs_reclaim_acquire+0x7d/0x100
[ 1184.462017][T15640]  should_fail_ex+0x414/0x560
[ 1184.462042][T15640]  should_failslab+0xa8/0x100
[ 1184.462061][T15640]  __kmalloc_noprof+0xcb/0x4f0
[ 1184.462087][T15640]  ? fib_trie_table+0x33/0x1d0
[ 1184.462115][T15640]  fib_trie_table+0x33/0x1d0
[ 1184.462139][T15640]  fib_new_table+0x135/0x2d0
[ 1184.462169][T15640]  inet_rtm_newroute+0x115/0x210
[ 1184.462199][T15640]  ? __pfx_inet_rtm_newroute+0x10/0x10
[ 1184.462251][T15640]  ? __pfx_inet_rtm_newroute+0x10/0x10
[ 1184.462276][T15640]  rtnetlink_rcv_msg+0x7cf/0xb70
[ 1184.462302][T15640]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1184.462321][T15640]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1184.462346][T15640]  ? ref_tracker_free+0x63a/0x7d0
[ 1184.462364][T15640]  ? __copy_skb_header+0xa7/0x550
[ 1184.462400][T15640]  netlink_rcv_skb+0x21c/0x490
[ 1184.462423][T15640]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1184.462445][T15640]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1184.462488][T15640]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1184.462508][T15640]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1184.462536][T15640]  netlink_unicast+0x758/0x8d0
[ 1184.462568][T15640]  netlink_sendmsg+0x805/0xb30
[ 1184.462601][T15640]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1184.462632][T15640]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1184.462651][T15640]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1184.462673][T15640]  __sock_sendmsg+0x219/0x270
[ 1184.462696][T15640]  __sys_sendto+0x3bd/0x520
[ 1184.462722][T15640]  ? __pfx___sys_sendto+0x10/0x10
[ 1184.462741][T15640]  ? __mutex_unlock_slowpath+0x1cd/0x700
[ 1184.462787][T15640]  ? __fget_files+0x3a0/0x420
[ 1184.462818][T15640]  ? ksys_write+0x1f0/0x250
[ 1184.462841][T15640]  ? rcu_is_watching+0x15/0xb0
[ 1184.462877][T15640]  __x64_sys_sendto+0xde/0x100
[ 1184.462904][T15640]  do_syscall_64+0xf6/0x210
[ 1184.462929][T15640]  ? clear_bhb_loop+0x60/0xb0
[ 1184.462952][T15640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1184.462969][T15640] RIP: 0033:0x7fc21d78e969
[ 1184.462987][T15640] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1184.463002][T15640] RSP: 002b:00007fc21e5ee038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1184.463022][T15640] RAX: ffffffffffffffda RBX: 00007fc21d9b5fa0 RCX: 00007fc21d78e969
[ 1184.463036][T15640] RDX: 0000000000000090 RSI: 0000200000000180 RDI: 0000000000000003
[ 1184.463048][T15640] RBP: 00007fc21e5ee090 R08: 0000000000000000 R09: 0000000000000000
[ 1184.463059][T15640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1184.463070][T15640] R13: 0000000000000000 R14: 00007fc21d9b5fa0 R15: 00007ffe25173818
[ 1184.463102][T15640]  </TASK>
[ 1184.520949][    T9] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[ 1184.527318][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1184.540265][    T9] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[ 1184.540327][    T9] usb 5-1: media controller created
[ 1184.879004][T15618] dtv5100: wlen = 0, aborting.
[ 1185.028465][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1185.353046][    T9] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[ 1185.353114][    T9] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[ 1186.465856][ T5961] usb 5-1: USB disconnect, device number 82
[ 1186.709765][ T5817] usb 3-1: new high-speed USB device number 95 using dummy_hcd
[ 1186.818574][T15665] pim6reg: entered allmulticast mode
[ 1187.076367][ T5817] usb 3-1: device descriptor read/64, error -71
[ 1187.083071][ T5961] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[ 1187.311520][ T5817] usb 3-1: new high-speed USB device number 96 using dummy_hcd
[ 1187.449913][ T5817] usb 3-1: device descriptor read/64, error -71
[ 1187.524972][T15645] tty tty1: ldisc open failed (-12), clearing slot 0
[ 1188.952877][ T5817] usb usb3-port1: attempt power cycle
[ 1189.349671][ T5817] usb 3-1: new high-speed USB device number 97 using dummy_hcd
[ 1189.578355][ T5817] usb 3-1: device descriptor read/8, error -71
[ 1189.606963][ T5897] kernel write not supported for file /580/net/sockstat (pid: 5897 comm: kworker/0:5)
[ 1190.350461][T15701] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1190.366584][T15701] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1193.651552][T15732] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2726'.
[ 1196.800840][T15749] FAULT_INJECTION: forcing a failure.
[ 1196.800840][T15749] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1196.923019][T15749] CPU: 0 UID: 0 PID: 15749 Comm: syz.1.2732 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1196.923051][T15749] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1196.923063][T15749] Call Trace:
[ 1196.923073][T15749]  <TASK>
[ 1196.923082][T15749]  dump_stack_lvl+0x189/0x250
[ 1196.923119][T15749]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1196.923145][T15749]  ? __pfx__printk+0x10/0x10
[ 1196.923189][T15749]  should_fail_ex+0x414/0x560
[ 1196.923216][T15749]  _copy_to_user+0x31/0xb0
[ 1196.923247][T15749]  simple_read_from_buffer+0xe1/0x170
[ 1196.923280][T15749]  proc_fail_nth_read+0x1df/0x250
[ 1196.923305][T15749]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1196.923330][T15749]  ? rw_verify_area+0x258/0x650
[ 1196.923354][T15749]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1196.923377][T15749]  vfs_read+0x200/0x980
[ 1196.923417][T15749]  ? __pfx___mutex_lock+0x10/0x10
[ 1196.923444][T15749]  ? __pfx_vfs_read+0x10/0x10
[ 1196.923471][T15749]  ? __fget_files+0x2a/0x420
[ 1196.923500][T15749]  ? __fget_files+0x3a0/0x420
[ 1196.923518][T15749]  ? __fget_files+0x2a/0x420
[ 1196.923547][T15749]  ksys_read+0x145/0x250
[ 1196.923571][T15749]  ? rcu_is_watching+0x15/0xb0
[ 1196.923600][T15749]  ? __pfx_ksys_read+0x10/0x10
[ 1196.923631][T15749]  ? do_syscall_64+0xba/0x210
[ 1196.923671][T15749]  do_syscall_64+0xf6/0x210
[ 1196.923696][T15749]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1196.923715][T15749]  ? clear_bhb_loop+0x60/0xb0
[ 1196.923740][T15749]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1196.923759][T15749] RIP: 0033:0x7fc21d78d37c
[ 1196.923777][T15749] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1196.923794][T15749] RSP: 002b:00007fc21e5ee030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1196.923816][T15749] RAX: ffffffffffffffda RBX: 00007fc21d9b5fa0 RCX: 00007fc21d78d37c
[ 1196.923831][T15749] RDX: 000000000000000f RSI: 00007fc21e5ee0a0 RDI: 0000000000000005
[ 1196.923844][T15749] RBP: 00007fc21e5ee090 R08: 0000000000000000 R09: 0000000000000000
[ 1196.923856][T15749] R10: 000000007fffffff R11: 0000000000000246 R12: 0000000000000001
[ 1196.923869][T15749] R13: 0000000000000000 R14: 00007fc21d9b5fa0 R15: 00007ffe25173818
[ 1196.923902][T15749]  </TASK>
[ 1199.821696][T15772] loop6: detected capacity change from 0 to 524287999
[ 1199.985618][T15774] CIFS: VFS: Malformed UNC in devname
[ 1200.648281][T15772]  loop6: unable to read partition table
[ 1200.654141][T15772] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[ 1203.546697][T15800] FAULT_INJECTION: forcing a failure.
[ 1203.546697][T15800] name failslab, interval 1, probability 0, space 0, times 0
[ 1203.581487][T15800] CPU: 1 UID: 0 PID: 15800 Comm: syz.1.2745 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1203.581517][T15800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1203.581529][T15800] Call Trace:
[ 1203.581538][T15800]  <TASK>
[ 1203.581547][T15800]  dump_stack_lvl+0x189/0x250
[ 1203.581582][T15800]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1203.581608][T15800]  ? __pfx__printk+0x10/0x10
[ 1203.581643][T15800]  ? __pfx___might_resched+0x10/0x10
[ 1203.581669][T15800]  ? fs_reclaim_acquire+0x7d/0x100
[ 1203.581696][T15800]  should_fail_ex+0x414/0x560
[ 1203.581728][T15800]  should_failslab+0xa8/0x100
[ 1203.581749][T15800]  __kmalloc_noprof+0xcb/0x4f0
[ 1203.581775][T15800]  ? security_sk_alloc+0x52/0x390
[ 1203.581801][T15800]  security_sk_alloc+0x52/0x390
[ 1203.581825][T15800]  sk_prot_alloc+0x101/0x220
[ 1203.581849][T15800]  ? sk_alloc+0x24/0x370
[ 1203.581876][T15800]  sk_alloc+0x3a/0x370
[ 1203.581898][T15800]  ? bpf_ctx_init+0x167/0x1d0
[ 1203.581930][T15800]  bpf_prog_test_run_skb+0x2ed/0x1560
[ 1203.581952][T15800]  ? __fget_files+0x2a/0x420
[ 1203.581987][T15800]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[ 1203.582009][T15800]  bpf_prog_test_run+0x2ac/0x340
[ 1203.582040][T15800]  __sys_bpf+0x4a4/0x860
[ 1203.582066][T15800]  ? __pfx___sys_bpf+0x10/0x10
[ 1203.582104][T15800]  ? ksys_write+0x1f0/0x250
[ 1203.582128][T15800]  ? rcu_is_watching+0x15/0xb0
[ 1203.582167][T15800]  __x64_sys_bpf+0x7c/0x90
[ 1203.582189][T15800]  do_syscall_64+0xf6/0x210
[ 1203.582215][T15800]  ? clear_bhb_loop+0x60/0xb0
[ 1203.582239][T15800]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1203.582258][T15800] RIP: 0033:0x7fc21d78e969
[ 1203.582276][T15800] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1203.582292][T15800] RSP: 002b:00007fc21e5ee038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1203.582314][T15800] RAX: ffffffffffffffda RBX: 00007fc21d9b5fa0 RCX: 00007fc21d78e969
[ 1203.582328][T15800] RDX: 0000000000000050 RSI: 0000200000000180 RDI: 000000000000000a
[ 1203.582341][T15800] RBP: 00007fc21e5ee090 R08: 0000000000000000 R09: 0000000000000000
[ 1203.582353][T15800] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1203.582364][T15800] R13: 0000000000000000 R14: 00007fc21d9b5fa0 R15: 00007ffe25173818
[ 1203.582397][T15800]  </TASK>
[ 1203.982641][T15803] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[ 1204.949127][T15812] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2747'.
[ 1207.411986][T15839] FAULT_INJECTION: forcing a failure.
[ 1207.411986][T15839] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1207.425260][T15839] CPU: 1 UID: 0 PID: 15839 Comm: syz.1.2755 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1207.425287][T15839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1207.425299][T15839] Call Trace:
[ 1207.425307][T15839]  <TASK>
[ 1207.425317][T15839]  dump_stack_lvl+0x189/0x250
[ 1207.425353][T15839]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1207.425380][T15839]  ? __pfx__printk+0x10/0x10
[ 1207.425425][T15839]  should_fail_ex+0x414/0x560
[ 1207.425452][T15839]  _copy_to_user+0x31/0xb0
[ 1207.425482][T15839]  simple_read_from_buffer+0xe1/0x170
[ 1207.425518][T15839]  proc_fail_nth_read+0x1df/0x250
[ 1207.425543][T15839]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1207.425568][T15839]  ? rw_verify_area+0x258/0x650
[ 1207.425593][T15839]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1207.425616][T15839]  vfs_read+0x200/0x980
[ 1207.425649][T15839]  ? __pfx___mutex_lock+0x10/0x10
[ 1207.425676][T15839]  ? __pfx_vfs_read+0x10/0x10
[ 1207.425714][T15839]  ? __fget_files+0x2a/0x420
[ 1207.425739][T15839]  ? __fget_files+0x3a0/0x420
[ 1207.425756][T15839]  ? __fget_files+0x2a/0x420
[ 1207.425786][T15839]  ksys_read+0x145/0x250
[ 1207.425816][T15839]  ? __pfx_ksys_read+0x10/0x10
[ 1207.425847][T15839]  ? do_syscall_64+0xba/0x210
[ 1207.425878][T15839]  do_syscall_64+0xf6/0x210
[ 1207.425904][T15839]  ? clear_bhb_loop+0x60/0xb0
[ 1207.425929][T15839]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1207.425947][T15839] RIP: 0033:0x7fc21d78d37c
[ 1207.425966][T15839] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1207.425982][T15839] RSP: 002b:00007fc21e5cd030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1207.426004][T15839] RAX: ffffffffffffffda RBX: 00007fc21d9b6080 RCX: 00007fc21d78d37c
[ 1207.426019][T15839] RDX: 000000000000000f RSI: 00007fc21e5cd0a0 RDI: 000000000000000a
[ 1207.426032][T15839] RBP: 00007fc21e5cd090 R08: 0000000000000000 R09: 0000000000000000
[ 1207.426045][T15839] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1207.426057][T15839] R13: 0000000000000000 R14: 00007fc21d9b6080 R15: 00007ffe25173818
[ 1207.426091][T15839]  </TASK>
[ 1207.639002][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1212.881251][T15898] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1213.096892][T15898] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1216.856546][T15941] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2783'.
[ 1216.936725][T15942] vim2m vim2m.0: vidioc_s_fmt queue busy
[ 1219.234541][T15954] trusted_key: encrypted_key: insufficient parameters specified
[ 1219.242806][T15961] CIFS: VFS: Malformed UNC in devname
[ 1219.780043][T11234] usb 4-1: new high-speed USB device number 82 using dummy_hcd
[ 1220.849765][T11234] usb 4-1: Using ep0 maxpacket: 32
[ 1220.858175][T11432] usb 2-1: new high-speed USB device number 84 using dummy_hcd
[ 1220.861899][T11234] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1221.024280][T11432] usb 2-1: New USB device found, idVendor=1b80, idProduct=e396, bcdDevice=a7.b1
[ 1221.033724][T11432] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1221.071465][T11432] usb 2-1: config 0 descriptor??
[ 1221.814825][T11432] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[ 1221.822879][T11432] dvb_usb_af9015 2-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[ 1221.832793][ T5882] usb 3-1: new high-speed USB device number 99 using dummy_hcd
[ 1221.844635][T11234] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1221.859093][T11234] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1221.868492][T11234] usb 4-1: Product: syz
[ 1221.872853][T11234] usb 4-1: Manufacturer: syz
[ 1221.877503][T11234] usb 4-1: SerialNumber: syz
[ 1221.891131][T11234] usb 4-1: config 0 descriptor??
[ 1222.024948][T15965] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1222.069472][T15965] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1222.192705][T15963] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1222.269625][ T5882] usb 3-1: Using ep0 maxpacket: 32
[ 1222.283121][ T5882] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[ 1222.315709][ T5882] usb 3-1: config 0 has no interface number 0
[ 1222.334518][ T5882] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1222.591890][ T5961] usb 2-1: USB disconnect, device number 84
[ 1222.634778][ T5882] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1222.663877][ T5882] usb 3-1: Product: syz
[ 1222.700733][ T5882] usb 3-1: Manufacturer: syz
[ 1222.720739][ T5882] usb 3-1: SerialNumber: syz
[ 1222.764526][ T5882] usb 3-1: config 0 descriptor??
[ 1222.812871][ T5882] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1222.893738][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 1222.893758][   T30] audit: type=1400 audit(1747812192.469:221): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=15991 comm="syz.4.2799" saddr=0.0.0.224 src=20000 daddr=224.0.0.1 dest=20000
[ 1222.920998][ T5882] usb 3-1: qt2_attach - failed to power on unit: -71
[ 1222.938331][ T5882] quatech2 3-1:0.51: probe with driver quatech2 failed with error -71
[ 1222.964081][ T5882] usb 3-1: USB disconnect, device number 99
[ 1223.491497][T16003] loop6: detected capacity change from 0 to 524287999
[ 1224.087466][T16003]  loop6: unable to read partition table
[ 1224.093545][T16003] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[ 1224.183401][T16007] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2801'.
[ 1224.267508][ T5961] usb 4-1: USB disconnect, device number 82
[ 1227.032147][T16041] syz.3.2811: attempt to access beyond end of device
[ 1227.032147][T16041] loop7: rw=0, sector=0, nr_sectors = 1 limit=0
[ 1227.074164][T16041] FAT-fs (loop7): unable to read boot sector
[ 1230.264892][   T30] audit: type=1400 audit(1747812199.829:222): lsm=SMACK fn=smack_socket_sock_rcv_skb action=denied subject="*" object="_" requested=w pid=16074 comm="syz.4.2823" saddr=0.0.0.224 src=20000 daddr=224.0.0.1 dest=20000
[ 1232.221177][T16100] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1232.232839][T16100] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1233.225078][T16106] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2831'.
[ 1233.575320][T16115] netlink: 'syz.1.2832': attribute type 1 has an invalid length.
[ 1233.642350][T16112] binder: BINDER_SET_CONTEXT_MGR already set
[ 1233.648476][T16112] binder: 16107:16112 ioctl 4018620d 200000000040 returned -16
[ 1233.660431][T16115] netlink: 'syz.1.2832': attribute type 2 has an invalid length.
[ 1234.532366][T16115] netlink: 'syz.1.2832': attribute type 1 has an invalid length.
[ 1234.604564][T16115] netlink: 1156 bytes leftover after parsing attributes in process `syz.1.2832'.
[ 1235.121560][T16133] loop6: detected capacity change from 0 to 524287999
[ 1235.669071][T16133]  loop6: unable to read partition table
[ 1235.675152][T16133] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[ 1235.742310][ T5130] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1235.752012][ T5130] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1235.761333][ T5130] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1235.770687][ T5130] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1235.779379][ T5130] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1236.856981][T15907] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1237.404329][T16145] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1237.415446][T16145] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1237.710098][T16132] lo speed is unknown, defaulting to 1000
[ 1237.843367][ T5130] Bluetooth: hci5: command tx timeout
[ 1237.890226][T16148] sch_tbf: burst 2 is lower than device lo mtu (18) !
[ 1237.995772][T15907] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1238.095161][T16147] sch_tbf: burst 2 is lower than device lo mtu (18) !
[ 1238.150550][T16151] xt_CT: No such helper "snmp"
[ 1238.193802][T16148] sch_tbf: burst 2 is lower than device lo mtu (18) !
[ 1238.285203][T15907] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1238.565270][T15907] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1238.849428][T16160] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2842'.
[ 1240.596728][ T5130] Bluetooth: hci5: command tx timeout
[ 1241.262062][T15907] bridge_slave_1: left allmulticast mode
[ 1241.391511][T15907] bridge_slave_1: left promiscuous mode
[ 1242.037287][T15907] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1242.111005][T15907] bridge_slave_0: left allmulticast mode
[ 1242.116723][T15907] bridge_slave_0: left promiscuous mode
[ 1242.163313][T15907] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1242.317417][T16195] netlink: 'syz.5.2849': attribute type 1 has an invalid length.
[ 1242.394073][T16196] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1242.447036][T16196] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1242.644346][ T5130] Bluetooth: hci5: command tx timeout
[ 1243.027943][T15907] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1243.038849][T15907] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1243.051890][T15907] bond0 (unregistering): (slave wlan1): Releasing backup interface
[ 1243.065808][T15907] bond0 (unregistering): Released all slaves
[ 1243.174672][T16183] tc_dump_action: action bad kind
[ 1243.254938][T16132] chnl_net:caif_netlink_parms(): no params data found
[ 1244.031049][ T5882] usb 2-1: new high-speed USB device number 85 using dummy_hcd
[ 1244.210664][ T5882] usb 2-1: Using ep0 maxpacket: 32
[ 1244.221814][ T5882] usb 2-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[ 1244.280264][ T5882] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1244.330073][ T5882] usb 2-1: config 0 descriptor??
[ 1244.400190][ T5882] as10x_usb: device has been detected
[ 1244.406638][ T5882] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[ 1244.719685][ T5130] Bluetooth: hci5: command tx timeout
[ 1244.957827][ T5882] usb 2-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[ 1245.163885][ T5882] as10x_usb: error during firmware upload part1
[ 1245.225491][ T5882] Registered device nBox DVB-T Dongle
[ 1245.590477][ T5882] usb 2-1: USB disconnect, device number 85
[ 1245.663645][T16132] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1245.716970][ T5882] Unregistered device nBox DVB-T Dongle
[ 1245.725495][T16132] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1245.751207][T16132] bridge_slave_0: entered allmulticast mode
[ 1245.753041][ T5882] as10x_usb: device has been disconnected
[ 1245.782390][T16132] bridge_slave_0: entered promiscuous mode
[ 1245.802650][T16132] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1245.834375][T16132] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1245.875076][T16132] bridge_slave_1: entered allmulticast mode
[ 1245.922030][T16132] bridge_slave_1: entered promiscuous mode
[ 1246.466031][T16132] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1246.598382][T16132] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1247.361563][T16254] tc_dump_action: action bad kind
[ 1248.465599][T16259] syz.5.2862: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1248.483096][T16259] CPU: 0 UID: 0 PID: 16259 Comm: syz.5.2862 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1248.483125][T16259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1248.483136][T16259] Call Trace:
[ 1248.483145][T16259]  <TASK>
[ 1248.483154][T16259]  dump_stack_lvl+0x189/0x250
[ 1248.483191][T16259]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1248.483218][T16259]  ? __pfx__printk+0x10/0x10
[ 1248.483248][T16259]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1248.483279][T16259]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1248.483311][T16259]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 1248.483353][T16259]  warn_alloc+0x214/0x310
[ 1248.483375][T16259]  ? __pfx___schedule+0x10/0x10
[ 1248.483403][T16259]  ? __pfx_warn_alloc+0x10/0x10
[ 1248.483424][T16259]  ? kasan_save_track+0x4f/0x80
[ 1248.483451][T16259]  ? __kmalloc_cache_noprof+0x230/0x3d0
[ 1248.483478][T16259]  ? xskq_create+0x56/0x170
[ 1248.483503][T16259]  ? __x64_sys_setsockopt+0x18b/0x220
[ 1248.483527][T16259]  ? do_syscall_64+0xf6/0x210
[ 1248.483550][T16259]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1248.483583][T16259]  __vmalloc_node_range_noprof+0x125/0x12c0
[ 1248.483637][T16259]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1248.483662][T16259]  ? __kasan_kmalloc+0x93/0xb0
[ 1248.483697][T16259]  vmalloc_user_noprof+0x74/0x80
[ 1248.483718][T16259]  ? xskq_create+0xbf/0x170
[ 1248.483740][T16259]  xskq_create+0xbf/0x170
[ 1248.483766][T16259]  xsk_init_queue+0xb0/0x110
[ 1248.483792][T16259]  xsk_setsockopt+0x43f/0x710
[ 1248.483818][T16259]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1248.483842][T16259]  ? __lock_acquire+0xaac/0xd20
[ 1248.483877][T16259]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[ 1248.483898][T16259]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1248.483922][T16259]  do_sock_setsockopt+0x257/0x3e0
[ 1248.483951][T16259]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 1248.483973][T16259]  ? __fget_files+0x2a/0x420
[ 1248.483998][T16259]  ? __fget_files+0x3a0/0x420
[ 1248.484014][T16259]  ? __fget_files+0x2a/0x420
[ 1248.484043][T16259]  __x64_sys_setsockopt+0x18b/0x220
[ 1248.484076][T16259]  do_syscall_64+0xf6/0x210
[ 1248.484102][T16259]  ? clear_bhb_loop+0x60/0xb0
[ 1248.484127][T16259]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1248.484145][T16259] RIP: 0033:0x7f999cd8e969
[ 1248.484164][T16259] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1248.484182][T16259] RSP: 002b:00007f999db44038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1248.484203][T16259] RAX: ffffffffffffffda RBX: 00007f999cfb6080 RCX: 00007f999cd8e969
[ 1248.484218][T16259] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000008
[ 1248.484230][T16259] RBP: 00007f999ce10ab1 R08: 0000000000000052 R09: 0000000000000000
[ 1248.484243][T16259] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1248.484256][T16259] R13: 0000000000000000 R14: 00007f999cfb6080 R15: 00007ffed795dd48
[ 1248.484290][T16259]  </TASK>
[ 1248.484297][T16259] Mem-Info:
[ 1248.781413][T16259] active_anon:300 inactive_anon:11940 isolated_anon:0
[ 1248.781413][T16259]  active_file:24717 inactive_file:37287 isolated_file:0
[ 1248.781413][T16259]  unevictable:769 dirty:214 writeback:0
[ 1248.781413][T16259]  slab_reclaimable:7127 slab_unreclaimable:115323
[ 1248.781413][T16259]  mapped:38497 shmem:7109 pagetables:1130
[ 1248.781413][T16259]  sec_pagetables:0 bounce:0
[ 1248.781413][T16259]  kernel_misc_reclaimable:0
[ 1248.781413][T16259]  free:1301586 free_pcp:2249 free_cma:0
[ 1248.886766][T16259] Node 0 active_anon:1200kB inactive_anon:47660kB active_file:98544kB inactive_file:149148kB unevictable:1540kB isolated(anon):0kB isolated(file):0kB mapped:153936kB dirty:844kB writeback:0kB shmem:26900kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11172kB pagetables:4620kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1248.922261][T16259] Node 1 active_anon:0kB inactive_anon:0kB active_file:324kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:52kB dirty:12kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1248.953751][T16259] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1248.980980][T16259] lowmem_reserve[]: 0 2504 2504 2504 2504
[ 1248.986796][T16259] Node 0 DMA32 free:1284528kB boost:0kB min:34304kB low:42880kB high:51456kB reserved_highatomic:0KB active_anon:1196kB inactive_anon:47656kB active_file:98452kB inactive_file:149136kB unevictable:1540kB writepending:840kB present:3129332kB managed:2564568kB mlocked:0kB bounce:0kB free_pcp:6080kB local_pcp:444kB free_cma:0kB
[ 1249.018942][T16259] lowmem_reserve[]: 0 0 0 0 0
[ 1249.023746][T16259] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB active_anon:4kB inactive_anon:4kB active_file:92kB inactive_file:12kB unevictable:0kB writepending:4kB present:1048580kB managed:112kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1249.050457][T16259] lowmem_reserve[]: 0 0 0 0 0
[ 1249.055401][T16259] Node 1 Normal free:3908072kB boost:0kB min:55592kB low:69488kB high:83384kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:324kB inactive_file:0kB unevictable:1536kB writepending:12kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:2048kB local_pcp:0kB free_cma:0kB
[ 1249.084663][T16259] lowmem_reserve[]: 0 0 0 0 0
[ 1249.089447][T16259] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1249.103848][T16259] Node 0 DMA32: 255*4kB (UME) 220*8kB (UME) 188*16kB (UME) 354*32kB (UME) 263*64kB (UME) 119*128kB (UME) 85*256kB (UME) 52*512kB (UME) 23*1024kB (UME) 18*2048kB (UME) 275*4096kB (UM) = 1284380kB
[ 1249.123238][T16259] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1249.134856][T16259] Node 1 Normal: 232*4kB (UME) 47*8kB (UE) 52*16kB (UE) 208*32kB (UE) 95*64kB (UME) 30*128kB (UME) 19*256kB (UM) 9*512kB (UME) 3*1024kB (UME) 3*2048kB (UME) 945*4096kB (M) = 3908120kB
[ 1249.153286][T16259] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1249.162901][T16259] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1249.172253][T16259] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1249.181850][T16259] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[ 1249.191213][T16259] 69116 total pagecache pages
[ 1249.197445][T16259] 7 pages in swap cache
[ 1249.201682][T16259] Free swap  = 124968kB
[ 1249.205856][T16259] Total swap = 124996kB
[ 1249.210142][T16259] 2097051 pages RAM
[ 1249.213974][T16259] 0 pages HighMem/MovableOnly
[ 1249.218671][T16259] 424250 pages reserved
[ 1249.222878][T16259] 0 pages cma reserved
[ 1249.385108][T16132] team0: Port device team_slave_0 added
[ 1249.682736][T15907] hsr_slave_0: left promiscuous mode
[ 1250.601659][T15907] veth1_macvtap: left promiscuous mode
[ 1250.607282][T15907] veth0_macvtap: left promiscuous mode
[ 1250.614078][T15907] veth1_vlan: left promiscuous mode
[ 1250.619605][T15907] veth0_vlan: left promiscuous mode
[ 1250.644972][T16282] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1250.656038][T16282] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1251.279917][T10155] Bluetooth: hci4: command 0xfc11 tx timeout
[ 1251.291874][ T5130] Bluetooth: hci4: Entering manufacturer mode failed (-110)
[ 1252.393062][T16298] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2872'.
[ 1255.116323][T15907] team0 (unregistering): Port device team_slave_1 removed
[ 1255.379526][T15907] team0 (unregistering): Port device team_slave_0 removed
[ 1257.245111][T16132] team0: Port device team_slave_1 added
[ 1257.259825][ T5961] usb 3-1: new high-speed USB device number 100 using dummy_hcd
[ 1257.334111][T16320] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2879'.
[ 1257.496073][T16132] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1257.519799][T16132] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1257.569924][T16132] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1257.652588][T16344] FAULT_INJECTION: forcing a failure.
[ 1257.652588][T16344] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1257.699648][T16344] CPU: 1 UID: 0 PID: 16344 Comm: syz.4.2886 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1257.699677][T16344] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1257.699688][T16344] Call Trace:
[ 1257.699697][T16344]  <TASK>
[ 1257.699705][T16344]  dump_stack_lvl+0x189/0x250
[ 1257.699735][T16344]  ? __lock_acquire+0xaac/0xd20
[ 1257.699763][T16344]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1257.699786][T16344]  ? __pfx__printk+0x10/0x10
[ 1257.699813][T16344]  ? __might_fault+0xb0/0x130
[ 1257.699852][T16344]  should_fail_ex+0x414/0x560
[ 1257.699878][T16344]  _copy_from_user+0x2d/0xb0
[ 1257.699905][T16344]  do_ipv6_setsockopt+0x329/0x2fb0
[ 1257.699938][T16344]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[ 1257.699962][T16344]  ? __lock_acquire+0xaac/0xd20
[ 1257.699997][T16344]  ? get_pid_task+0x20/0x1f0
[ 1257.700033][T16344]  ? rcu_read_lock_any_held+0xb3/0x120
[ 1257.700061][T16344]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1257.700090][T16344]  ? vfs_write+0x8d8/0xa90
[ 1257.700143][T16344]  ipv6_setsockopt+0x59/0x170
[ 1257.700165][T16344]  ? __pfx_sock_common_setsockopt+0x10/0x10
[ 1257.700190][T16344]  do_sock_setsockopt+0x257/0x3e0
[ 1257.700216][T16344]  ? __pfx_do_sock_setsockopt+0x10/0x10
[ 1257.700238][T16344]  ? __fget_files+0x2a/0x420
[ 1257.700261][T16344]  ? __fget_files+0x3a0/0x420
[ 1257.700277][T16344]  ? __fget_files+0x2a/0x420
[ 1257.700302][T16344]  __x64_sys_setsockopt+0x18b/0x220
[ 1257.700333][T16344]  do_syscall_64+0xf6/0x210
[ 1257.700360][T16344]  ? clear_bhb_loop+0x60/0xb0
[ 1257.700384][T16344]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1257.700403][T16344] RIP: 0033:0x7f83d878e969
[ 1257.700419][T16344] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1257.700435][T16344] RSP: 002b:00007f83d966b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1257.700456][T16344] RAX: ffffffffffffffda RBX: 00007f83d89b5fa0 RCX: 00007f83d878e969
[ 1257.700479][T16344] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[ 1257.700491][T16344] RBP: 00007f83d966b090 R08: 0000000000000598 R09: 0000000000000000
[ 1257.700504][T16344] R10: 0000200000000600 R11: 0000000000000246 R12: 0000000000000001
[ 1257.700516][T16344] R13: 0000000000000000 R14: 00007f83d89b5fa0 R15: 00007ffc76b1ff88
[ 1257.700548][T16344]  </TASK>
[ 1257.763732][T16347] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1257.959865][T11234] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[ 1257.962389][T16347] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1258.017567][T16132] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1258.063869][T16132] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1258.176317][T11234] usb 5-1: Using ep0 maxpacket: 8
[ 1258.258658][T11234] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1258.269666][ T5961] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1258.326254][T11234] usb 5-1: unable to read config index 0 descriptor/start: -71
[ 1258.335186][T16132] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1258.344881][ T5961] usb 3-1: unable to read config index 0 descriptor/start: -71
[ 1258.346464][T11234] usb 5-1: can't read configurations, error -71
[ 1258.414110][T16350] tc_dump_action: action bad kind
[ 1258.459701][ T5961] usb 3-1: can't read configurations, error -71
[ 1258.593211][T16132] hsr_slave_0: entered promiscuous mode
[ 1258.600790][T16132] hsr_slave_1: entered promiscuous mode
[ 1258.607748][T16132] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1258.624145][T16132] Cannot create hsr debugfs directory
[ 1258.708591][T15907] IPVS: stop unused estimator thread 0...
[ 1259.579859][T16380] netlink: 'syz.5.2895': attribute type 13 has an invalid length.
[ 1259.587743][T16380] netlink: 152 bytes leftover after parsing attributes in process `syz.5.2895'.
[ 1259.607966][T16380] syz_tun: refused to change device tx_queue_len
[ 1259.614408][T16380] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[ 1260.316135][T16389] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2899'.
[ 1260.725534][T16390] tc_dump_action: action bad kind
[ 1262.733666][T16132] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1262.770540][T16132] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1262.832489][T16132] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1262.876386][T16132] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1263.395962][T16449] loop9: detected capacity change from 0 to 7
[ 1263.406114][T16449] Dev loop9: unable to read RDB block 7
[ 1263.411777][T16449]  loop9: unable to read partition table
[ 1263.417558][T16449] loop9: partition table beyond EOD, truncated
[ 1263.423747][T16449] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1263.460275][T11432] usb 2-1: new high-speed USB device number 86 using dummy_hcd
[ 1264.362064][T16132] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1264.542957][T16132] 8021q: adding VLAN 0 to HW filter on device team0
[ 1264.609879][T11432] usb 2-1: config 6 has an invalid interface number: 108 but max is 0
[ 1264.634814][T11432] usb 2-1: config 6 has no interface number 0
[ 1264.655071][T11432] usb 2-1: config 6 interface 108 has no altsetting 0
[ 1264.683813][T15907] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1264.691061][T15907] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1264.706213][T11432] usb 2-1: New USB device found, idVendor=0856, idProduct=ac30, bcdDevice=d2.1d
[ 1264.734275][T11432] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1264.748418][T11432] usb 2-1: Product: syz
[ 1264.755150][T15907] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1264.762395][T15907] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1264.762965][T11432] usb 2-1: Manufacturer: syz
[ 1264.779951][T11432] usb 2-1: SerialNumber: syz
[ 1265.347299][T16443] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1265.420468][T16443] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1265.461058][T11432] mos7840 2-1:6.108: required endpoints missing
[ 1265.494229][T11432] usb 2-1: USB disconnect, device number 86
[ 1265.579890][T16476] netlink: 'syz.2.2918': attribute type 1 has an invalid length.
[ 1265.663040][T16478] netlink: 'syz.5.2919': attribute type 1 has an invalid length.
[ 1265.712267][T16480] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1265.745707][T16480] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1265.901027][ T5817] usb 3-1: new high-speed USB device number 102 using dummy_hcd
[ 1266.102737][ T5817] usb 3-1: Using ep0 maxpacket: 16
[ 1266.119200][ T5817] usb 3-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[ 1266.160107][T16492] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input43
[ 1266.189966][ T5817] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1266.222552][ T5817] usb 3-1: Product: syz
[ 1266.258009][ T5817] usb 3-1: Manufacturer: syz
[ 1266.279851][ T5817] usb 3-1: SerialNumber: syz
[ 1266.356521][ T5817] usb 3-1: config 0 descriptor??
[ 1266.435978][T16132] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1267.039034][ T5817] dvb_usb_dtv5100 3-1:0.0: probe with driver dvb_usb_dtv5100 failed with error -110
[ 1267.385293][T16132] veth0_vlan: entered promiscuous mode
[ 1267.665679][T16132] veth1_vlan: entered promiscuous mode
[ 1267.699216][T16132] veth0_macvtap: entered promiscuous mode
[ 1267.710352][T16132] veth1_macvtap: entered promiscuous mode
[ 1267.828153][T16132] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1267.882206][T16132] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1268.041067][T16516] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2925'.
[ 1268.054365][T16132] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1268.149904][T16132] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1268.158676][T16132] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1268.168841][T16132] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1268.325832][T16523] netlink: 'syz.1.2924': attribute type 23 has an invalid length.
[ 1269.776402][ T3454] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1269.780434][ T5897] usb 3-1: USB disconnect, device number 102
[ 1269.840390][ T3454] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1270.445191][   T36] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1270.464347][T16539] loop9: detected capacity change from 0 to 7
[ 1270.472264][T16539] Dev loop9: unable to read RDB block 7
[ 1270.477845][T16539]  loop9: unable to read partition table
[ 1270.483715][T16539] loop9: partition table beyond EOD, truncated
[ 1270.489910][T16539] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1271.249671][   T36] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1273.716079][T16573] trusted_key: encrypted_key: insufficient parameters specified
[ 1274.002587][    C1] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000d: 0000 [#1] SMP KASAN PTI
[ 1274.014543][    C1] KASAN: null-ptr-deref in range [0x0000000000000068-0x000000000000006f]
[ 1274.022991][    C1] CPU: 1 UID: 0 PID: 5824 Comm: kworker/1:4 Not tainted 6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1274.035075][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1274.045138][    C1] Workqueue: wg-crypt-wg2 wg_packet_tx_worker
[ 1274.051223][    C1] RIP: 0010:nexthop_is_blackhole+0x23/0x2c0
[ 1274.057122][    C1] Code: 90 90 90 90 90 90 90 55 41 57 41 56 53 48 89 fb 49 bf 00 00 00 00 00 fc ff df e8 68 b5 b8 f7 4c 8d 73 66 4c 89 f0 48 c1 e8 03 <42> 0f b6 04 38 84 c0 0f 85 18 02 00 00 41 80 3e 00 74 41 48 83 eb
[ 1274.076733][    C1] RSP: 0018:ffffc90000a08218 EFLAGS: 00010202
[ 1274.082804][    C1] RAX: 000000000000000d RBX: 0000000000000005 RCX: ffff888053c78000
[ 1274.090776][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000005
[ 1274.098744][    C1] RBP: ffffc90000a08398 R08: ffffc90000a084c0 R09: ffffc90000a084d0
[ 1274.106720][    C1] R10: ffffc90000a08320 R11: fffff52000141066 R12: 1ffffffff339d2d8
[ 1274.114692][    C1] R13: ffffffff99ce9710 R14: 000000000000006b R15: dffffc0000000000
[ 1274.122671][    C1] FS:  0000000000000000(0000) GS:ffff8881261f6000(0000) knlGS:0000000000000000
[ 1274.131598][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1274.138180][    C1] CR2: 00007f8cdb3ffdb4 CR3: 00000000774a0000 CR4: 00000000003526f0
[ 1274.146157][    C1] Call Trace:
[ 1274.149436][    C1]  <IRQ>
[ 1274.152283][    C1]  __find_rr_leaf+0x428/0x6d0
[ 1274.156976][    C1]  ? __pfx___find_rr_leaf+0x10/0x10
[ 1274.162184][    C1]  ? __pfx_wg_xmit+0x10/0x10
[ 1274.166778][    C1]  fib6_table_lookup+0x53f/0xa80
[ 1274.171813][    C1]  ? __pfx_fib6_table_lookup+0x10/0x10
[ 1274.177277][    C1]  ? ip6_pol_route+0x162/0x1180
[ 1274.182130][    C1]  ip6_pol_route+0x222/0x1180
[ 1274.186805][    C1]  ? __pfx_ip6_pol_route+0x10/0x10
[ 1274.191925][    C1]  fib6_rule_lookup+0x52f/0x6f0
[ 1274.196778][    C1]  ? __pfx_ip6_pol_route_input+0x10/0x10
[ 1274.202410][    C1]  ? __pfx_fib6_rule_lookup+0x10/0x10
[ 1274.207781][    C1]  ? ip6t_do_table+0x1db/0x1530
[ 1274.212636][    C1]  ip6_route_input+0x6ce/0xa50
[ 1274.217399][    C1]  ? __pfx_ip6_route_input+0x10/0x10
[ 1274.222686][    C1]  ? nf_nat_ipv6_in+0x1fc/0x2b0
[ 1274.227545][    C1]  ? ip6_rcv_finish_core+0x222/0x420
[ 1274.232840][    C1]  ip6_rcv_finish+0x141/0x2d0
[ 1274.237524][    C1]  NF_HOOK+0x30c/0x3a0
[ 1274.241594][    C1]  ? skb_orphan+0x4f/0xd0
[ 1274.245927][    C1]  ? __pfx_ip6_rcv_finish+0x10/0x10
[ 1274.251127][    C1]  ? NF_HOOK+0x9a/0x3a0
[ 1274.255286][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[ 1274.259880][    C1]  ? __pfx_ip6_rcv_finish+0x10/0x10
[ 1274.265082][    C1]  __netif_receive_skb+0xd3/0x380
[ 1274.270124][    C1]  ? process_backlog+0x2d5/0x14f0
[ 1274.275326][    C1]  process_backlog+0x60e/0x14f0
[ 1274.280189][    C1]  ? __pfx_process_backlog+0x10/0x10
[ 1274.285477][    C1]  ? do_raw_spin_lock+0x121/0x290
[ 1274.290508][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1274.295881][    C1]  __napi_poll+0xc4/0x480
[ 1274.300212][    C1]  ? net_rx_action+0x447/0xdf0
[ 1274.304977][    C1]  net_rx_action+0x6ea/0xdf0
[ 1274.309575][    C1]  ? __pfx_net_rx_action+0x10/0x10
[ 1274.314693][    C1]  ? kvm_sched_clock_read+0x11/0x20
[ 1274.319895][    C1]  ? __pfx_sched_clock_cpu+0x10/0x10
[ 1274.325196][    C1]  handle_softirqs+0x283/0x870
[ 1274.329967][    C1]  ? do_softirq+0xec/0x180
[ 1274.334389][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1274.339679][    C1]  ? mod_peer_timer+0x21/0x260
[ 1274.344445][    C1]  do_softirq+0xec/0x180
[ 1274.348691][    C1]  </IRQ>
[ 1274.351627][    C1]  <TASK>
[ 1274.354560][    C1]  ? __pfx_do_softirq+0x10/0x10
[ 1274.359415][    C1]  ? enqueue_timer+0x216/0x560
[ 1274.364188][    C1]  ? lockdep_softirqs_on+0x13b/0x1c0
[ 1274.369477][    C1]  __local_bh_enable_ip+0x17d/0x1c0
[ 1274.374682][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1274.380407][    C1]  ? mod_peer_timer+0x21/0x260
[ 1274.385178][    C1]  ? mod_peer_timer+0x21/0x260
[ 1274.389949][    C1]  ? mod_peer_timer+0x20c/0x260
[ 1274.394801][    C1]  wg_packet_tx_worker+0x16b/0x7c0
[ 1274.399916][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1274.405118][    C1]  ? process_scheduled_works+0x9ec/0x17a0
[ 1274.410843][    C1]  process_scheduled_works+0xade/0x17a0
[ 1274.416406][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1274.422396][    C1]  worker_thread+0x8a0/0xda0
[ 1274.426983][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1274.433402][    C1]  ? __kthread_parkme+0x7b/0x200
[ 1274.438345][    C1]  kthread+0x711/0x8a0
[ 1274.442416][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1274.447527][    C1]  ? __pfx_kthread+0x10/0x10
[ 1274.452118][    C1]  ? __pfx_kthread+0x10/0x10
[ 1274.456706][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1274.461905][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1274.467108][    C1]  ? __pfx_kthread+0x10/0x10
[ 1274.471699][    C1]  ret_from_fork+0x4b/0x80
[ 1274.476114][    C1]  ? __pfx_kthread+0x10/0x10
[ 1274.480705][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1274.485481][    C1]  </TASK>
[ 1274.488504][    C1] Modules linked in:
[ 1274.492464][    C1] ---[ end trace 0000000000000000 ]---
[ 1274.497948][    C1] RIP: 0010:nexthop_is_blackhole+0x23/0x2c0
[ 1274.503889][    C1] Code: 90 90 90 90 90 90 90 55 41 57 41 56 53 48 89 fb 49 bf 00 00 00 00 00 fc ff df e8 68 b5 b8 f7 4c 8d 73 66 4c 89 f0 48 c1 e8 03 <42> 0f b6 04 38 84 c0 0f 85 18 02 00 00 41 80 3e 00 74 41 48 83 eb
[ 1274.507269][    C0] Oops: general protection fault, probably for non-canonical address 0xdffffc000000000d: 0000 [#2] SMP KASAN PTI
[ 1274.523620][    C1] RSP: 0018:ffffc90000a08218 EFLAGS: 00010202
[ 1274.535467][    C0] KASAN: null-ptr-deref in range [0x0000000000000068-0x000000000000006f]
[ 1274.535493][    C0] CPU: 0 UID: 0 PID: 5961 Comm: kworker/0:6 Tainted: G      D             6.15.0-rc7-syzkaller-00002-gb36ddb9210e6 #0 PREEMPT(full) 
[ 1274.541560][    C1] 
[ 1274.549942][    C0] Tainted: [D]=DIE
[ 1274.549951][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1274.549965][    C0] Workqueue: mld mld_dad_work
[ 1274.563576][    C1] RAX: 000000000000000d RBX: 0000000000000005 RCX: ffff888053c78000
[ 1274.565879][    C0] 
[ 1274.569601][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000005
[ 1274.579626][    C0] RIP: 0010:nexthop_is_blackhole+0x23/0x2c0
[ 1274.579652][    C0] Code: 90 90 90 90 90 90 90 55 41 57 41 56 53 48 89 fb 49 bf 00 00 00 00 00 fc ff df e8 68 b5 b8 f7 4c 8d 73 66 4c 89 f0 48 c1 e8 03 <42> 0f b6 04 38 84 c0 0f 85 18 02 00 00 41 80 3e 00 74 41 48 83 eb
[ 1274.584307][    C1] RBP: ffffc90000a08398 R08: ffffc90000a084c0 R09: ffffc90000a084d0
[ 1274.592270][    C0] RSP: 0018:ffffc90000007058 EFLAGS: 00010202
[ 1274.592291][    C0] RAX: 000000000000000d RBX: 0000000000000005 RCX: ffff88807ac81e00
[ 1274.594607][    C1] R10: ffffc90000a08320 R11: fffff52000141066 R12: 1ffffffff339d2d8
[ 1274.602564][    C0] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000005
[ 1274.602579][    C0] RBP: ffffc900000071d8 R08: ffffc90000007300 R09: ffffc90000007310
[ 1274.608456][    C1] R13: ffffffff99ce9710 R14: 000000000000006b R15: dffffc0000000000
[ 1274.628049][    C0] R10: ffffc90000007160 R11: fffff52000000e2e R12: 1ffffffff339d2d8
[ 1274.628065][    C0] R13: ffffffff99ce9710 R14: 000000000000006b R15: dffffc0000000000
[ 1274.636041][    C1] FS:  0000000000000000(0000) GS:ffff8881261f6000(0000) knlGS:0000000000000000
[ 1274.642081][    C0] FS:  0000000000000000(0000) GS:ffff8881260f6000(0000) knlGS:0000000000000000
[ 1274.642106][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1274.650080][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1274.658027][    C0] CR2: 00007fff6031d578 CR3: 000000006dfa8000 CR4: 00000000003526f0
[ 1274.666005][    C1] CR2: 00007f8cdb3ffdb4 CR3: 00000000774a0000 CR4: 00000000003526f0
[ 1274.673956][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1274.673971][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1274.681951][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[ 1274.768378][    C1] Kernel Offset: disabled
[ 1274.772693][    C1] Rebooting in 86400 seconds..