last executing test programs:

12m18.172983115s ago: executing program 32 (id=232):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x1)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kfree\x00', r3}, 0x10)
mount$9p_tcp(0x0, &(0x7f0000000300)='./cgroup.cpu/cgroup.procs\x00', &(0x7f00000004c0), 0x8, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=tcp'])
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000e000004000000040002804a00"/28], 0x1c}}, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in=@loopback, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x0, 0x0, 0x0, 0x0, 0xa, 0x20}, {0x8000000000004, 0x0, 0x3, 0x0, 0xfffffffffffffffc}, {}, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x23}, 0xfffffffd, 0x33}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x6}, 0x0, 0x3, 0x0, 0xfd}}, 0xe8)
sendmmsg(r1, &(0x7f0000000480), 0x21, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000000580)=""/102392, 0x18ff8)
socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r7, 0x560a, &(0x7f00000006c0)={0x0, 0x0, 0x2c, 0x2, 0x104, 0x2})
r8 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r8, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r10 = dup(r9)
ioctl$TIOCL_SETSEL(r10, 0x541c, &(0x7f0000001900)={0x2, {0xc, 0x4000, 0x0, 0x101}})
sendto$inet6(r0, 0x0, 0x0, 0x2200c851, 0x0, 0x0)

11m10.177525125s ago: executing program 33 (id=415):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=@newqdisc={0x60, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_QUANTUM={0x6}]}}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x9, 0x9, 0xc89f, 0xffff5ef5, 0x0, 0x19, 0x3}}, {0xfffffffffffffc7f}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x2}, 0x2000400c)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e07000514"], 0xa)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)

10m25.177930198s ago: executing program 0 (id=543):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x6, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r4, &(0x7f0000000000)=[{&(0x7f00000000c0)="14", 0x1f68}], 0x2)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r3, 0x0, 0x30, 0xe1515f8735398fb, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000002c0)=[0x45c], 0x0, 0x0, 0x1, 0x1}}, 0x3c)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2000001, 0x12, r5, 0x21)

10m22.871548842s ago: executing program 0 (id=547):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x700, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c0000040000000c0001800600060088480000040502"], 0x528}, 0x1, 0x0, 0x0, 0x10}, 0xc000)

10m22.677931059s ago: executing program 0 (id=549):
getpid()
syz_io_uring_submit(0x0, 0x0, &(0x7f00000003c0)=@IORING_OP_OPENAT2={0x1c, 0xb, 0x0, 0xffffffffffffff9c, 0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000840)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0, r3}, 0x18)
unshare(0x2c060000)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000240)=ANY=[@ANYRES32=r5, @ANYRES32=r4, @ANYBLOB='/\x00'/12, @ANYRES32, @ANYBLOB="04f282f338d60000000000004e0312", @ANYRES64=0x0], 0x20)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000840)=ANY=[@ANYRES32=r4, @ANYRES32=r4, @ANYBLOB="4b370393f919272f06000024000000e8ad30ea301cbfb0edd945e3c7b70411e3bed19fb77297990b6ac1e8f3551f7c4f75beb56eacc4d67da930f241d1107ff9ed24c7d1cc2118c59204d8ee149f9125d5c3aac25d8231f51807c71ca0c0bb3337c80458400d12239c9bad6684229361177560171dccbb153041b8e489fc330383af54afed91824d2bf6f05ce5c01956fd3ac5911b527d4c8985229ce2a12848d3d0801c2315d26b5826ee6f45f9597364f3f5da7f629f2fdb13779df91e92ba2efe00a8d4eb938443e8d95880861c3a58c36873e7f9535d05f099fd50098b4522d53d7e0f82fb405cb316833cab7e5a61e758e6b22c98f462eba489b4037a36764cd1739b162220c3e441fff50715de241d02ebd8d01aa42053c02effd3b01d7100"/306, @ANYRES32=0x0, @ANYRES64=0x0], 0x20)
unshare(0x24020400)

10m21.616593531s ago: executing program 0 (id=554):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000050000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008008000b703000000009c8c850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$pppoe(0x18, 0x1, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0x2, &(0x7f0000000000)={0x0, 0x29, 0x1, @thr={0x0, &(0x7f0000000a40)="c33fcb186b2e5f7e087b8a8eeb1b587cee45d05b49cb70143e2a8e8376eeeda1ad331651f162ddceb6dc817d63198b71da0b6729bc70b4df3b5b089af690d1f973784974cdc93a91034f4e290341587a7394eb4e5bc1ed340e211b0607a553f76bf7f6728672f9c06398f652e1a92f2cee2b7afbffe76a0e646df8c7ca6b94a5b8035901e720a78c9c786673511b733de974118a47d3b156859f4c7063e2b99fd1f592c8884c5c3b8a2968a66a2367e01f434094c99495d1480915ea60fe3e28f6de7388dee2116605ea8e457df6bf83890020f5d4ec83db8f43444dc5d4cc5ff47eb4a422ae1a9b8cd17dbcb664edab7a0ee67f3d817bd6d41dd7ce008bcc7d5dc3836d3ce7a7347d5951026b237e4d6d1a415e0be4eb2327e32c604b64ffab901e90191c2288c8eb8d48e59e132fc800934cc82fca25a7615283fa9423eb7de34f7fd65d42ecb2703867871207106257898670c66a38216f1b34c5dcf0cdf1e227a0e06b65a63838791c1f07383707a4550fe4e549304597130bec6fb46b8cf6b4ffa8dc403071f63b6e84"}}, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCFLSH(r2, 0x80045438, 0x300000000000000)
sched_setscheduler(r1, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
gettid()
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000000)=@framed={{0x18, 0x6}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r5}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r5}, &(0x7f0000000180)=0x2, &(0x7f00000000c0)=r4}, 0x20)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0002000000000000000000000004000000000080524dad7cc1d2c8af6b47c0124e25d7c3896a6b137eb205eb830e62ddef0b85145c8d31e0d0706ca4e449eadc6bc217b996b175aa8012a65b3c1cfe0ff6276a427cbdbb2ad46a52c0c4e87e2889e16d625285a6adfc8dbe7b73d613a4b449d9170600a763cbfe8ba56c13327e9ecef8a07148a5e8bbed00a4cb2d0fd1e0383864c253bbd6d8ba430eef1950a05bd0cdd08ac59f42ab709b", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/21], 0x48)
inotify_add_watch(0xffffffffffffffff, &(0x7f00000000c0)='.\x00', 0xa4000061)

10m20.671336256s ago: executing program 0 (id=557):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'vmac64(aes-generic)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='\x00'/16, 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$unix(r1, &(0x7f00000007c0)={0x0, 0xa7, &(0x7f0000000780)=[{&(0x7f0000000580)="f8181d940c80e4d00d8c6d3c845124a88308988e50571338407b5f13aacac8537a22904aa75117b5a6c17283d7beb64c16c9199f451e14b7a2e47fda886f5d8e9b07a3b89b5babbe5e4c4cd4e820756cb3ee00156ea8cdefa74f2a80e2dc09c16a24527fdf191462549c", 0x6a}, {&(0x7f0000000680)="13cb8c20ee1a8feaa147648508c8371afaa4561e8ec8b0796a084189f30590a2f48b71bd5e97583e434302193e1e3fe43fcd11f9b112b244688fe717f9febd8d30913fff409eab09b9c205a37fd481aab1a0e3ccec543ce358f5df8ea08327156d17524ed4db2f7c4bfdf325f91e13b9da3e0e80d1d559ea2193f7bd863b47ec27038b2132aa5df650513dd9a7fa401b363ae2b43cbd97221cc118c03ea5893a96c72ddbb18e86", 0xa7}], 0x2, 0x0, 0x0, 0x4008000}, 0x800)

10m20.369235015s ago: executing program 0 (id=559):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x54}}, 0x10)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
socket(0x1d, 0x2, 0x800)
ioctl$EVIOCGMASK(r1, 0x80104592, &(0x7f0000000140)={0x14, 0x0, 0x0})
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff}, 0x0)
r3 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x15)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}})
r5 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
sendmmsg$inet(r7, &(0x7f0000000ec0)=[{{&(0x7f0000000080)={0x2, 0x4e25, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c044)
sendto$inet(r7, &(0x7f0000000c80)="e8", 0x6200, 0x0, 0x0, 0x0)
preadv(r5, &(0x7f00000002c0)=[{&(0x7f00000018c0)=""/98, 0x62}], 0x1, 0x0, 0x0)
close(r5)
syz_usb_connect$cdc_ecm(0x0, 0x5a, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x48, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x3, {{0x5}, {0x5}, {0xd}, [@call_mgmt={0x5, 0x24, 0x1, 0x0, 0x7}, @mdlm_detail={0x4}, @mdlm_detail={0x4}]}}}]}}]}}, 0x0)

10m4.624137482s ago: executing program 34 (id=559):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[], 0x54}}, 0x10)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
socket(0x1d, 0x2, 0x800)
ioctl$EVIOCGMASK(r1, 0x80104592, &(0x7f0000000140)={0x14, 0x0, 0x0})
pipe2$9p(&(0x7f00000001c0)={<r2=>0xffffffffffffffff}, 0x0)
r3 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000000)=0x15)
r4 = dup(r3)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}})
r5 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
r6 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000100)={0x2, &(0x7f0000000040)=[{0x30, 0x0, 0x0, 0xc8e}, {0x16}]}, 0x10)
setsockopt$packet_fanout(r6, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r7, &(0x7f0000000240)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
sendmmsg$inet(r7, &(0x7f0000000ec0)=[{{&(0x7f0000000080)={0x2, 0x4e25, @multicast2}, 0x10, 0x0}}], 0x1, 0x2000c044)
sendto$inet(r7, &(0x7f0000000c80)="e8", 0x6200, 0x0, 0x0, 0x0)
preadv(r5, &(0x7f00000002c0)=[{&(0x7f00000018c0)=""/98, 0x62}], 0x1, 0x0, 0x0)
close(r5)
syz_usb_connect$cdc_ecm(0x0, 0x5a, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x48, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x3, {{0x5}, {0x5}, {0xd}, [@call_mgmt={0x5, 0x24, 0x1, 0x0, 0x7}, @mdlm_detail={0x4}, @mdlm_detail={0x4}]}}}]}}]}}, 0x0)

8m41.342501028s ago: executing program 1 (id=809):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
getpid()
madvise(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x15)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x4, 0x4bb3}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x2b, 'net_cls'}]}, 0x9)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_mptcp(0xa, 0x1, 0x106)
inotify_init1(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, 0x0, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r3, 0x10e, 0x2, &(0x7f0000000280)=0x4, 0x4)
io_uring_setup(0x23ee, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, 0x0, 0x0)
connect$inet(r4, &(0x7f0000000300)={0x2, 0x0, @dev}, 0x10)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r5, 0x0)
syz_emit_ethernet(0x4e, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaafe8015000000000000000000020000aafe8000000000000000000000000000aa00c3e5afa0e6428691c6004e2200"/67, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="60020000907800001e043684"], 0x0)

8m37.439708024s ago: executing program 1 (id=817):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@ipmr_delroute={0x1c, 0x19, 0x1, 0x0, 0x25dfdbfc, {0x80, 0x20, 0x0, 0x0, 0x0, 0x11, 0xc8, 0x5, 0x1000}}, 0x1c}}, 0x40000)
sendmsg$inet_sctp(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000700)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f000019e000/0x4000)=nil, 0x4000, 0xb635773f06ebbeee, 0x810, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000021c0)=@file={0x0, './file0\x00'}, 0x6e)
socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000180)="1c0000005e007f62516a071c02f8abc36f1d73dbe1ce84ebc7c4c1c9", 0x1c}], 0x1}, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYRES16=r2], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10)
r5 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x1)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r5, 0xc0f85403, &(0x7f0000000180)={{0x3, 0x3, 0x1, 0x3, 0x7}, 0x200, 0x4, 'id1\x00', 'timer1\x00', 0x0, 0x20009b, 0x0, 0x2, 0xde})
r6 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
read$FUSE(r6, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)

8m36.792730429s ago: executing program 1 (id=818):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
r1 = signalfd(r0, &(0x7f00000003c0)={[0xa]}, 0x8)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000000400)={{0x1, 0x1, 0x18, r1, {0x1}}, './cgroup\x00'})
socket$netlink(0x10, 0x3, 0x6)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e23, @multicast2}, 0x10)
r2 = openat$6lowpan_enable(0xffffff9c, &(0x7f0000000340), 0x2, 0x0)
write$6lowpan_enable(r2, &(0x7f0000000380)='1', 0x1)
r3 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80)
sendfile(r4, r3, 0x0, 0x7ffffffd)
bind$netlink(r4, &(0x7f0000000240)={0x10, 0x0, 0x25dfdbfd, 0x800}, 0xc)
sendmmsg(0xffffffffffffffff, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000080)={0x100000011, @multicast2, 0x0, 0x0, 'lc\x00', 0x0, 0x85, 0x4000069}, 0x2c)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xfffffffffffffd2a, &(0x7f0000000040), 0x3}, 0x0)
name_to_handle_at(r0, &(0x7f0000000080)='./cgroup\x00', &(0x7f0000000300)=@fuse={0xc, 0x81, {0x9, 0x3, 0x1ae4}}, &(0x7f0000000140), 0x600)

8m36.355096177s ago: executing program 1 (id=821):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000010000000000000000030000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r4}, 0x18)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[], 0x48)
ioctl$sock_inet_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000080)={'veth1_to_batadv\x00', {0x2, 0x0, @remote}})
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='pstore\x00', 0x1c011, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(0xffffffffffffffff, 0x65, 0x4, &(0x7f0000000380)=0x1, 0x4)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

8m35.246456383s ago: executing program 1 (id=822):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="1801000000000000000000000000000085000000050000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008008000b703000000009c8c850000006d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = socket$pppoe(0x18, 0x1, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
connect$pppoe(r1, &(0x7f0000000140)={0x18, 0x0, {0x0, @local, 'bond_slave_0\x00'}}, 0x1e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r2 = inotify_init1(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0x2, &(0x7f0000000000)={0x0, 0x29, 0x1, @thr={0x0, &(0x7f0000000a40)}}, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TCFLSH(r4, 0x80045438, 0x300000000000000)
timer_settime(0x0, 0x0, 0x0, 0x0)
timer_create(0x3, 0x0, &(0x7f00000004c0))
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
gettid()
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000280)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r7}, &(0x7f0000000180)=0x2, &(0x7f00000000c0)=r6}, 0x20)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="1b0002000000000000000000000004000000000080524dad7cc1d2c8af6b47c0124e25d7c3896a6b137eb205eb830e62ddef0b85145c8d31e0d0706ca4e449eadc6bc217b996b175aa8012a65b3c1cfe0ff6276a427cbdbb2ad46a52c0c4e87e2889e16d625285a6adfc8dbe7b73d613a4b449d9170600a763cbfe8ba56c13327e9ecef8a07148a5e8bbed00a4cb2d0fd1e0383864c253bbd6d8ba430eef1950a05bd0cdd08ac59f42ab709b", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/21], 0x48)
inotify_add_watch(r2, &(0x7f00000000c0)='.\x00', 0xa4000061)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_CTHELPER_NEW(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)=ANY=[@ANYBLOB="20000000000901010000000000000000070000080900010073794abf00000000"], 0x20}, 0x1, 0x0, 0x0, 0x80}, 0x80)

8m34.241752767s ago: executing program 1 (id=825):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
getpid()
madvise(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x15)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x4, 0x4bb3}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x2b, 'net_cls'}]}, 0x9)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_mptcp(0xa, 0x1, 0x106)
inotify_init1(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, 0x0, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r3, 0x10e, 0x2, &(0x7f0000000280)=0x4, 0x4)
io_uring_setup(0x23ee, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, 0x0, 0x0)
connect$inet(r4, &(0x7f0000000300)={0x2, 0x0, @dev}, 0x10)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_emit_ethernet(0x82, &(0x7f00000002c0)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote}, @dest_unreach={0xc, 0x8, 0x0, 0x0, 0x0, 0x0, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @multicast2, @local, {[@generic={0x0, 0x12, "ee0dd90636599dd3834e23c656c733e0"}, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@private=0xa010101}]}, @ssrr={0x89, 0xf, 0x0, [@private, @broadcast, @broadcast]}, @timestamp_addr={0x44, 0x4}, @timestamp={0x44, 0x10, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}]}}}}}}}, 0x0)
listen(r5, 0x0)
syz_emit_ethernet(0x4e, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaafe8015000000000000000000020000aafe8000000000000000000000000000aa00c3e5afa0e6428691c6004e2200"/67, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="60020000907800001e043684"], 0x0)

8m18.683045869s ago: executing program 35 (id=825):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
getpid()
madvise(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x15)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x4, 0x4bb3}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x2b, 'net_cls'}]}, 0x9)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_mptcp(0xa, 0x1, 0x106)
inotify_init1(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, 0x0, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r3, 0x10e, 0x2, &(0x7f0000000280)=0x4, 0x4)
io_uring_setup(0x23ee, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, 0x0, 0x0)
connect$inet(r4, &(0x7f0000000300)={0x2, 0x0, @dev}, 0x10)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_emit_ethernet(0x82, &(0x7f00000002c0)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote}, @dest_unreach={0xc, 0x8, 0x0, 0x0, 0x0, 0x0, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @multicast2, @local, {[@generic={0x0, 0x12, "ee0dd90636599dd3834e23c656c733e0"}, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@private=0xa010101}]}, @ssrr={0x89, 0xf, 0x0, [@private, @broadcast, @broadcast]}, @timestamp_addr={0x44, 0x4}, @timestamp={0x44, 0x10, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}]}}}}}}}, 0x0)
listen(r5, 0x0)
syz_emit_ethernet(0x4e, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaafe8015000000000000000000020000aafe8000000000000000000000000000aa00c3e5afa0e6428691c6004e2200"/67, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="60020000907800001e043684"], 0x0)

6m36.537997627s ago: executing program 6 (id=1099):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_HOOKNUM={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x378b5ec3}]}]}, @NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x20, 0x4, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, @queue={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_QUEUE_NUM={0x6, 0x1, 0x1, 0x0, 0x17}]}}}]}]}], {0x14}}, 0xc4}}, 0x0)

6m35.513529734s ago: executing program 6 (id=1102):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$bt_l2cap(r0, &(0x7f0000000040)={0x1f, 0x100, @any, 0x6, 0x2}, 0xe)
poll(&(0x7f0000000440)=[{r0, 0x966c}], 0x1, 0x8)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="1c0000005e007f029e3b470d649b72ab25399cd956c07dead6a93690", 0x1c}], 0x1}, 0x0)
r2 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
readv(r2, &(0x7f0000000200)=[{&(0x7f0000000080)=""/3, 0x3}], 0x1)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x7c}}, 0x10)
r3 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r3, 0xc0405602, &(0x7f00000000c0)={0x5c, 0xa, 0x0, "b75cbb1844038d2cd97c945462f31638b5394c00"})

6m28.291767726s ago: executing program 6 (id=1111):
r0 = gettid()
timer_create(0xb, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x80)
ioctl$CEC_RECEIVE(r1, 0xc0386106, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '&\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe})
write$9p(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
accept4$inet6(0xffffffffffffffff, 0x0, 0x0, 0x80000)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mq_timedreceive(0xffffffffffffffff, 0x0, 0x0, 0x10, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x17, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000bb00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0xe, &(0x7f0000000d00)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x28}, @multicast, @void, {@generic={0x892f}}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0x52, 0x0, 0x0)

6m16.206963711s ago: executing program 6 (id=1138):
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382)
r1 = memfd_create(&(0x7f0000000640)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xefE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xd1\x04\x00\x00\x00B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7<\x7f\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xe4\x95P\xf1m\xcf\xb0\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcd\x90\x95\xdd\x8a\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x00\x00\x00\x00\x00\x00\x00\x04\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<ve\x84\x7f\x10Y,\xe6\x15\x015$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8e\x06\x00\x00\x00!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xab>\x92z\x95\xdcR)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1d<\a\x00\xbfZ1\xa82\x85\x99\x0e$U\xb4M\xc7\xfa\f\b\x8f\xc4\xbe\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaa\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00w\xa8wW\xb7\a\xda\xe1\xe0\x9b\xcd\x1dM\t\x86.\xc5\x06A\x17\xd3\xb7\xd7\xe8\xf5\xf4\xa48\xa1\x8cp\x89\x95y\x14\xa5k/\xceu\xad\x7f\x04Q\x96[@\xfb\xe4\x11\x88\xda}\xcd\xe8!\xb8\x92\xa14c\x85b\xd9\f\xbf\x95J\xa1cU\xf9\xa3\x11\xad\xaa\x00vZAn\xba3\xde}G\x95qZ\xff\x1e\x9d\xd8\x86\x9a\xf8\xca\x1dMiJ\x0f\xed+\xc1L\xe8\x90j\x13\xdc^!\xe2Z\':\xb4\x19js|\xb5\xdf\xe7\xe3\xff\x17+\x96\xae\t\xb7\xcd#s5VTT\x93hD\xe9`\xfbl\xc4\xf9\xe7_\xb4\xc4[%B\x85\x91\x0f\xef\x15)je\xc9.\xec\xb7@\a\xa1\x83\xe3/\x04bw\x00\x00\x00\x00\x00\x00\x00\x00\x00\xda\xca\x1fM\x15\x9c\xe0}\x86,\xef=s(\xc0\x03\xf1H\xa0\xa9\xfblV\x81\xd1\xe3KQlR\xbc\xc9\'O}+e\xc3\xabr?v\x9dMS\xa9<\fq3\xe8\xe2I\x9f\x9b\x11\xa4\xc0\xbdV;\x83:R9\xe3HU_\xebJ\xc4C\v)\x87\x03\xa0\xc0\x90\xb0\x9f\x8f\xae |m\x85m\xe6\xa3~\xa4\xd5\x9eL\x01\x93\x91\rEL\xaf8k$p\xf1\x15K\x10x\xa2\xdd\xb0>t\xed\xd5\xf6\x05\x8c\xdc\xb2\xb8\x198\x0f\x1f\x7fr\xfa\xf1\x1c\x87\x01[\x89\x11T:k\xd9\xe7\xaf\xa7FJ\x0f\xf0\x1fow\xad)).\xa0\xab\xe8M\x1c\x8e\xa2e\xa05\x91m-W^/\x92@l\x8f\xa0\x8cm\xbd>C\f\xb0\xa6\xd6\x98YA\xf9zH!\xa7\"\xc5-gW\xd3.\x13C\x1d\x04\r\x7f\xc7Q\xb9&_\xea\xd1\x14\xff\x10\f\xf0\xd8f\xf1\xad\x06\xee\x97c\xdb\xd9U3\xbc\x1eE\x1b{Z0\x80\xf9H\xd2B\x86\x93\x180\xf1\x91tyK\xa6\xd0[\xceNKA\"bVJ\xa6{w\xa3\xbe\x7f7c/\x89\x17l@I\xb1%\x82\x0f\x00o\xe1\x11;\xf4u\x9fX\xbc\x90A\xb9\xd6\xf5\x00\x11\x95\x9aT]\xadz%\xf9C\xfc@Y\x00\xe0P\x84\b\xfb<D\xe3\xb3zZ\x9bI\x8f\xa8\xcc\xfd\xa2\x03TD\xa0_\x8fQ~r\xda\x8b\xc6O\"\xf7\x13\xef\xdb\xaf\x97/[M8\xf2!\xe8\xc3\x05\x81\xd0\x9f\x03\xc1d\xfb\xbc\xcd\xd7\xa5l\xc4\xb6\x81\xf1:\xfb\xc8S\xf3\xbf\xbf1\x8d\x19C\xcd\xa8-\x1d\x87\xdc\x16\xb2S.>j\xa3\x87\xc7\xad>\x00\x00\x05z\xc2w\x87\xdc\x00\x00\x00\x00\x00', 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c00, r1)
sendfile(r0, r0, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r0, 0x4c02, &(0x7f00000002c0)={0x0, {}, 0x0, {}, 0x100004, 0x12, 0x13, 0x9, "4b8b3ea46929dfed0b2f34380d308f95a023d009855a94a9fe9549918ae7fd1f0ece5bc61375b108403362cfe0f4fccffb1b6a2115354d4df15d017a3f00", "236321ca2af6d2e80e4caadd6d126cfb80c92dd817d44dcdec00", [0x1, 0x7]})
ioctl$LOOP_SET_CAPACITY(r0, 0x4c07)

6m15.337522779s ago: executing program 6 (id=1140):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
ioctl$sock_x25_SIOCADDRT(0xffffffffffffffff, 0x5411, &(0x7f0000000280)={@remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x3}, 0xd, 'veth1_to_batadv\x00'})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c00000020000100020000000000ffdd020000000000000000000000080017"], 0x2c}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
lseek(0xffffffffffffffff, 0xffffffffffffeffa, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="12000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000200)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x57}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='tracefs\x00', 0x0, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
capset(&(0x7f0000000100)={0x20080522}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x81, 0xfffffffb})
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x1, 0x0, 0x0, 0x1, 0x2})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_NETID(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000340)={0x1c, r7, 0x1}, 0x1c}}, 0x0)
r8 = socket(0x1, 0x2, 0x0)
poll(&(0x7f0000000300)=[{r8, 0x1114}], 0x1, 0x8001)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000000480), r6)
sendmsg$BATADV_CMD_SET_VLAN(r8, &(0x7f00000005c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x4c, r9, 0x300, 0x70bd2b, 0x25dfdbff, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x18}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5}, @BATADV_ATTR_BONDING_ENABLED={0x5, 0x2d, 0x1}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_FRAGMENTATION_ENABLED={0x5, 0x30, 0x1}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_GW_MODE={0x5}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40081}, 0x40000)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f00000004c0)={0x0, 0x12, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="3800000003147df800000000fedbdf250900020073797b300000000008004100736977001400330076657468305f6d616376746170"], 0x38}}, 0x0)

6m14.316720166s ago: executing program 6 (id=1143):
r0 = gettid()
timer_create(0xb, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x80)
ioctl$CEC_RECEIVE(r1, 0xc0386106, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '&\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe})
write$9p(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
accept4$inet6(0xffffffffffffffff, 0x0, 0x0, 0x80000)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mq_timedreceive(0xffffffffffffffff, 0x0, 0x0, 0x10, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x17, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000bb00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0xe, &(0x7f0000000d00)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x28}, @multicast, @void, {@generic={0x892f}}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0x52, 0x0, 0x0)

6m7.967031371s ago: executing program 4 (id=1155):
socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
syz_open_dev$vim2m(&(0x7f0000000140), 0x10001, 0x2)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r4 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)=ANY=[@ANYBLOB="9feb010018000000000000007c0000007c00000002000000000000000000000e0000000000000000000000000600000d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00000000000000000000000900000000000000000000000900000000000000c20000000902"], 0x0, 0x96, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)
r5 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="180000002000000000000000000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r5, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r4, 0xc100565c, &(0x7f00000013c0)={0x0, 0x2, 0x2, {0x5, @vbi={0x0, 0x0, 0x4, 0x0, [], [0x8200]}}})
ioctl$VIDIOC_QBUF(r4, 0xc058565d, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
open(0x0, 0x14d27e, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=ANY=[@ANYBLOB="00021000ced565ac1c6a840dff"], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x20000000)

6m5.003400979s ago: executing program 4 (id=1159):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=ANY=[@ANYBLOB="8c00000010000304000000000008000000000000", @ANYRES32=0x0, @ANYBLOB="a5fdad88402000006000128008000100677265005400028006001800080000000800140001000000050017000400000008001500330d0e00060011004e2100000500090004000000060010004e240000050008000800000006000f"], 0x8c}, 0x1, 0x0, 0x0, 0x404c804}, 0x0)
r1 = openat$smackfs_change_rule(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
iopl(0x3)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
write$binfmt_script(r1, 0x0, 0x0)

6m4.422700074s ago: executing program 4 (id=1160):
sendmsg$NFT_MSG_GETTABLE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x40000c0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x1, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r5, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x60, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sk_reuseport=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = syz_open_dev$loop(&(0x7f00000000c0), 0x5, 0x103b83)
r7 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x0)
ioctl$LOOP_CHANGE_FD(r6, 0x4c00, r7)
ioctl$LOOP_SET_STATUS(r6, 0x4c02, &(0x7f0000000540)={0x0, {}, 0x0, {}, 0x8001, 0x1, 0x3, 0x18, "5361b2a8ea45c7b73e237cb291f2f74a5f64db69cff4c756339051e17e6421ae3d10a8df55356863ecbb732d9491331068d0b38d4aed4876e63e6c8d2c90d43b", "1c93171ad47fae62c5f0d7b52aa168e7153826f9b5b81608c3f8e8d11ff5013f", [0x3, 0xde95]})
ioctl$LOOP_CHANGE_FD(r6, 0x4c06, r7)

6m1.31793471s ago: executing program 4 (id=1166):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000d40)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a764ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14feecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9c37251709f1ff7f0000f07bf7f53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d08428353b1c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b27113ad4c7915c8f82c333a7b350802f0311807010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000013887ad6d2d440fedce51a3aa57b00ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f942cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2b44925129677b7b3d2f8e7792c7827862eae80134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44ae9ae094c1b81d3ef947692b44d2afb09c7498d357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2402045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed88631be6411f9927fe9f83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea59195dbc72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac36f8859c7d5444c12bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d4768540c540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f0a000000000000009e0b1a8c8f55f30e7c25275ed49b71828b375be03ef903cc8244b1269376d01b674cff9cb82eef0fe55c8b751053004ca6cef28d9a52c3771e9c73d03fdf74f48306560fb6cd86658afa895efa47f3a43e686df5b727ba4ec99620270334fce56c9f86b8a2c8aaede5a48a29b75734fbe1f59e43dc5a39b083848b0ebb14d845df7606e4d58f1a03f2dd337c3a10f3b15d388e43059aa88b42d26d4ccda6d60f996ed444d7f40e0cdbf69e11252a6c0e2d882d93b4f22dc95a191b1e6ff59d7880b4ce587f7ef05c46088268805cf089c4b3cd60cd3fc0c6d81fb2f961abcb0133f3f7a594b8475d6853b2e4fafc52a6851e8cfe1aebe3a4539634a535f8ac496793001c1a4b26216d1cd382c1e6a15697ef0a9b26474e1dbfa422e952b0f742ef52388584673f6333299042099aa073c152e1b61851a4519fe67e47f1446bb7b80b804b1b4503df784c8604bf26578b1fa7dce5313ecdf297cc63bf2b472f8f56bebeec16dc5fa22ee9c3c304d6629db7215eebfbd480c4ac"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000880), 0xfffffffffffffddd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x181900, 0x0)
ptrace(0x10, r1)
ptrace$setregs(0xd, r1, 0x0, &(0x7f00000003c0)="18607651149d7b10b4024fbbdc08899b8f589df2dbb5d7a8d1b36cfab675cb3976ee8100e2878c9cfa178cac130eb046eda93df39ed4b41924dc225ad4028dd63defb87d698be5c749450b350a789dcfc6b2d6a696b5026d1e52f19274566d1da0f353dd65e330ebf71c5e823f2753c5fd76724828ef31b353e71805205c3dceb44cc4c7b3664e29fb")
ptrace$getregset(0x4205, r1, 0x2, &(0x7f0000000080)={&(0x7f0000000000)=""/120, 0x78})
ptrace$getregset(0x4204, r1, 0x2, &(0x7f0000000740)={0x0})
r2 = socket$inet6(0x10, 0x2, 0x4)
sendto$inet6(r2, &(0x7f0000000080)="4c00000012001f15b9409b849ac00a00a5784004000000000000030038c88cc055c5ac27a6c5b068d0bf46d323452536005ad94a461cdbfee9bdb942352359a351d1ec0cffc8792cd8000080", 0x4c, 0x0, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000380)={r0, 0xe0, &(0x7f0000000480)={0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000d00)={r3}, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r5, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0xffe4, 0xfffffffffffffda0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x4)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='ramfs\x00', 0x0, 0x0)
mount(0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x100000, 0x0)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0, 0x0)
mkdirat(r6, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000200)='./file0\x00', &(0x7f00000001c0)='./file0/file0\x00', 0x0, 0x65000, 0x0)
mount$bind(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x1805002, 0x0)
move_mount(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', r6, &(0x7f0000000140)='./file0/file0\x00', 0x271)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000280)='setgroups\x00')
writev(r7, &(0x7f0000000240)=[{&(0x7f0000000080)='y', 0x1}], 0x1)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="1e000000ff030000dc7b00004600000040000000", @ANYRES32=r7, @ANYBLOB="02000000f800000100"/20, @ANYRES32=r4, @ANYRES32=r2, @ANYBLOB="0400000003000000030000000100"/28], 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000280)={r8, 0x0, 0x0}, 0x20)

6m0.347541337s ago: executing program 4 (id=1169):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000fff000/0x1000)=nil)
getpid()
madvise(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x15)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x1, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x4, 0x4bb3}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000080)={[{0x2b, 'net_cls'}]}, 0x9)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
inotify_init1(0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r3, 0x0, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r3, 0x10e, 0x2, &(0x7f0000000280)=0x4, 0x4)
io_uring_setup(0x23ee, 0x0)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, 0x0, 0x0)
connect$inet(r4, &(0x7f0000000300)={0x2, 0x0, @dev}, 0x10)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
syz_emit_ethernet(0x82, &(0x7f00000002c0)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote}, @dest_unreach={0xc, 0x8, 0x0, 0x0, 0x0, 0x0, {0x16, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @multicast2, @local, {[@generic={0x0, 0x12, "ee0dd90636599dd3834e23c656c733e0"}, @timestamp_prespec={0x44, 0xc, 0x0, 0x3, 0x0, [{@private=0xa010101}]}, @ssrr={0x89, 0xf, 0x0, [@private, @broadcast, @broadcast]}, @timestamp_addr={0x44, 0x4}, @timestamp={0x44, 0x10, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0]}]}}}}}}}, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r5, 0x0)
syz_emit_ethernet(0x4e, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaafe8015000000000000000000020000aafe8000000000000000000000000000aa00c3e5afa0e6428691c6004e2200"/67, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="60020000907800001e043684"], 0x0)

5m59.484531307s ago: executing program 4 (id=1173):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x5, &(0x7f0000006680))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x101, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0x1, 0x1, 0x99, 0x1, 0x1ff}})
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r4 = openat$cgroup_int(r3, 0x0, 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000080)=ANY=[@ANYBLOB='8-'], 0x6a)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000280)={@mcast2, 0x800, 0x0, 0x103, 0x1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000012edfffebfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff000000003e040000000000003f000000000000005504000001ed0a002500000017ffffffcc040000000000007b0a00fe000000006e04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be3619184e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532ef58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9e104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d8582755a314d31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f1300010000949b3aab06b1e042ff2164d80c8ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fc8706869ada11390d4dbcf840fa68e7d7071b53ac29df826f8ae6d6e18c1e0600bf870768d5217e9bb5a05d9e224e67f1231bd236ed200073824d93c4e1a0f50a74bb4850486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee6330000000000000000000000000000000000004000000000000000038600008fb854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8265e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347926a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd239e4a50d7eb8e327fb5db12cbd6a9efe8e671c4f251cafffe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb66701f4578ba4cb9b706e605a88c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232697526e24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f6a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f80893220800c523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f626483632a2ab547f88dd6efec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe917d1767e38ba49e3e57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c827e02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007fe79d2d25e30830b92fca00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d07d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cf026657a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b53208ad8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2cccb15b5d7d3e37e8b7d28921c4b9280979521173f322df408d9818b6cc400090300000021911480a876fbba698801937e8b4264eb6f5137bdaa075f1488d22230592a79000000000000000000000000000000000000000000110000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb5237ea1694addebc14c3ae49f88c462ea2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399f055f2fa278783f26d0a52aefb0a5ef0b41e14a6fe6ba306206670b84894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014f38fee012365f963b2a85e7d8075c333475b9f0284405e3127dde7e41285fbe0bdd370c06c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe9c3500800000087de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af24e2bb7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c796369f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a8f01bc4b73cc31df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21c24fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a3c08bfda74a143c855030ae004ac797c575c202d8091eb77565212548ead770d68000000000099347593f67da85d1c962bfb320d1553a74ec3bf003ba62b1784dbf0168a7e85f28b77bdebce96bf386a6dd5df162a16f2b7e8a4de0ffc464a87f91f81866d2ef0af71ebb07a739c3cb1b7000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

5m59.271994292s ago: executing program 36 (id=1173):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x5, &(0x7f0000006680))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x101, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, &(0x7f0000000180)={{0x1, 0x1, 0x99, 0x1, 0x1ff}})
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r4 = openat$cgroup_int(r3, 0x0, 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000080)=ANY=[@ANYBLOB='8-'], 0x6a)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x1, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f00000004c0)=ANY=[@ANYBLOB, @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff, @void, @value}, 0x94)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, @void, @value}, 0x94)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r7, 0x29, 0x20, &(0x7f0000000280)={@mcast2, 0x800, 0x0, 0x103, 0x1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000012edfffebfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff000000003e040000000000003f000000000000005504000001ed0a002500000017ffffffcc040000000000007b0a00fe000000006e04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be3619184e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532ef58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9e104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d8582755a314d31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f1300010000949b3aab06b1e042ff2164d80c8ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fc8706869ada11390d4dbcf840fa68e7d7071b53ac29df826f8ae6d6e18c1e0600bf870768d5217e9bb5a05d9e224e67f1231bd236ed200073824d93c4e1a0f50a74bb4850486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee6330000000000000000000000000000000000004000000000000000038600008fb854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8265e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347926a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd239e4a50d7eb8e327fb5db12cbd6a9efe8e671c4f251cafffe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb66701f4578ba4cb9b706e605a88c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232697526e24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f6a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f80893220800c523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f626483632a2ab547f88dd6efec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe917d1767e38ba49e3e57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c827e02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007fe79d2d25e30830b92fca00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d07d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cf026657a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b53208ad8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2cccb15b5d7d3e37e8b7d28921c4b9280979521173f322df408d9818b6cc400090300000021911480a876fbba698801937e8b4264eb6f5137bdaa075f1488d22230592a79000000000000000000000000000000000000000000110000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb5237ea1694addebc14c3ae49f88c462ea2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399f055f2fa278783f26d0a52aefb0a5ef0b41e14a6fe6ba306206670b84894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014f38fee012365f963b2a85e7d8075c333475b9f0284405e3127dde7e41285fbe0bdd370c06c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe9c3500800000087de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af24e2bb7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c796369f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a8f01bc4b73cc31df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21c24fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a3c08bfda74a143c855030ae004ac797c575c202d8091eb77565212548ead770d68000000000099347593f67da85d1c962bfb320d1553a74ec3bf003ba62b1784dbf0168a7e85f28b77bdebce96bf386a6dd5df162a16f2b7e8a4de0ffc464a87f91f81866d2ef0af71ebb07a739c3cb1b7000000000000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

5m59.199325065s ago: executing program 37 (id=1143):
r0 = gettid()
timer_create(0xb, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = syz_open_dev$cec(&(0x7f0000000100), 0x0, 0x80)
ioctl$CEC_RECEIVE(r1, 0xc0386106, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '&\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe})
write$9p(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
accept4$inet6(0xffffffffffffffff, 0x0, 0x0, 0x80000)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mq_timedreceive(0xffffffffffffffff, 0x0, 0x0, 0x10, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x17, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000000000000000000000000085000000bb00000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_emit_ethernet(0xe, &(0x7f0000000d00)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0x28}, @multicast, @void, {@generic={0x892f}}}, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_emit_ethernet(0x52, 0x0, 0x0)

5m50.402653903s ago: executing program 7 (id=1198):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x4, &(0x7f0000000080)=@framed={{}, [@ldst={0x3, 0x0, 0x6, 0x1, 0x8}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000, @void, @value}, 0x94)
r0 = socket$packet(0x11, 0x2, 0x300)
close_range(0xffffffffffffffff, r0, 0x0)

5m50.244505803s ago: executing program 7 (id=1199):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000680)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000f0000001c0007"], 0x30}}, 0x0) (fail_nth: 3)

5m50.191599251s ago: executing program 7 (id=1200):
unshare(0x2040400)
fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
socket$nl_route(0x10, 0x3, 0x0)
fsopen(&(0x7f0000000000)='bpf\x00', 0x0)
syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x82000)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x8, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_procfs(r1, &(0x7f0000000000)='fd/3\x00')
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r0, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
shutdown(r0, 0x1)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x18800)
ioctl$DRM_IOCTL_MODE_ADDFB2(r5, 0xc06864b8, &(0x7f0000000200)={0x0, 0x7, 0xfffffffc, 0x8, 0x3, [], [0x2, 0xfffffffc, 0x3, 0x2b7], [0xffffffff, 0x4ea, 0x8000, 0x2], [0x4, 0x7, 0x7fffffffffffffff, 0x1]})
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x100012, 0x0)

5m49.053872218s ago: executing program 7 (id=1204):
sendmsg$NFT_MSG_GETTABLE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x40000c0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x1, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r5, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x60, 0x0, 0x40f00, 0x0, '\x00', 0x0, @sk_reuseport=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = syz_open_dev$loop(&(0x7f00000000c0), 0x5, 0x103b83)
r7 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc9\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\xa4(V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93i|\xc0\x00\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\xb5\x13^\x13\xcb\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5\xefo\xb8\x8f]\x14\x1d', 0x0)
ioctl$LOOP_CHANGE_FD(r6, 0x4c00, r7)
ioctl$LOOP_SET_STATUS(r6, 0x4c02, &(0x7f0000000540)={0x0, {}, 0x0, {}, 0x8001, 0x1, 0x3, 0x18, "5361b2a8ea45c7b73e237cb291f2f74a5f64db69cff4c756339051e17e6421ae3d10a8df55356863ecbb732d9491331068d0b38d4aed4876e63e6c8d2c90d43b", "1c93171ad47fae62c5f0d7b52aa168e7153826f9b5b81608c3f8e8d11ff5013f", [0x3, 0xde95]})
ioctl$LOOP_CHANGE_FD(r6, 0x4c06, r7)

5m47.215041895s ago: executing program 7 (id=1207):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x4a, &(0x7f0000000240)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "4d0300", 0x14, 0x6, 0x0, @local, @local, {[], {{0x4e25, 0x4e25, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x6, 0x0, 0x0, 0x58}}}}}}}, 0x0) (async)
sendmsg$IPSET_CMD_SWAP(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c40)=ANY=[@ANYBLOB="7c00000006060300000000000000000001000006050001"], 0x7c}, 0x1, 0x0, 0x0, 0x20000080}, 0x4) (async)
r1 = socket$nl_route(0x10, 0x3, 0x0) (async)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'ipvlan1\x00', <r3=>0x0}) (async)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000002d01000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
bpf$ENABLE_STATS(0x20, 0x0, 0x0) (async)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='rtc_irq_set_state\x00', r5}, 0x10) (async)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/fscaps', 0x0, 0x0) (async)
r7 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
dup3(r6, r7, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) (async)
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) (async)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) (async)
chdir(&(0x7f0000000080)='./file1\x00') (async)
mkdir(&(0x7f0000000440)='./file0\x00', 0x0)
r9 = openat$autofs(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) (async)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
r10 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r9, 0xc018937e, &(0x7f0000000200)={{0x1, 0x1, 0x29, r10}, './file0\x00'}) (async)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(r9, 0xc0189379, &(0x7f00000001c0)={{0x1, 0x1, 0x18, r2}, './file0\x00'}) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r8, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) (async)
sendmsg$nl_route_sched(r1, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=@newqdisc={0x50, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@TCA_EGRESS_BLOCK={0x8, 0xe, 0xffffffff}, @TCA_STAB={0x24, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0xfffd, 0x0, 0x0, 0x0, 0x20}}, {0x4}}]}]}, 0x50}}, 0x0)

5m46.957975249s ago: executing program 7 (id=1208):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)={0x40, 0x9, 0x6, 0x201, 0x0, 0x0, {0x5, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010100}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x400002}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x40c0080) (fail_nth: 3)

5m31.348559936s ago: executing program 38 (id=1208):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)={0x40, 0x9, 0x6, 0x201, 0x0, 0x0, {0x5, 0x0, 0xffff}, [@IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @rand_addr=0x64010100}}, @IPSET_ATTR_MARK={0x8, 0xa, 0x1, 0x0, 0x400002}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x40c0080) (fail_nth: 3)

31.285907182s ago: executing program 9 (id=2050):
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f00000004c0)=ANY=[@ANYBLOB="180000000000000000000000000000008500000023000000850000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000017850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00'}, 0x2e)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
recvmsg(r2, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r3, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)

29.909275871s ago: executing program 9 (id=2063):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000010007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
write$cgroup_subtree(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="8fedcb5d07081175f37538e486dd63"], 0xfdef)

25.890574821s ago: executing program 9 (id=2082):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x6, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000080000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
close(r3)

25.416767096s ago: executing program 9 (id=2089):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000200))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001580)={&(0x7f0000000000)='kmem_cache_free\x00', r3}, 0x10)
close(r1)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})

19.569277537s ago: executing program 9 (id=2108):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e000000040000000000000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f00000004c0)='sys_enter\x00', r0}, 0x10)
getrandom(0x0, 0x0, 0x0)

19.366378502s ago: executing program 9 (id=2111):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x70}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
syz_emit_ethernet(0x9a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd600101000064"], 0x0)

7.638962268s ago: executing program 3 (id=2167):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
socket$key(0xf, 0x3, 0x2)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000380)=@newsa={0x138, 0x10, 0x633, 0x0, 0x0, {{@in6=@empty, @in=@multicast1, 0x0, 0x1}, {@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x0, 0x32}, @in6=@local, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, {0x0, 0x0, 0x0, 0x3}, {}, 0x0, 0x0, 0xa, 0x4, 0x0, 0x61}, [@algo_crypt={0x48, 0x2, {{'ecb(cipher_null)\x00'}}}]}, 0x138}, 0x1, 0x0, 0x0, 0x24040000}, 0x0)

7.375664565s ago: executing program 3 (id=2169):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
unshare(0x64000600)

7.249758297s ago: executing program 8 (id=2171):
r0 = socket$inet6(0xa, 0x3, 0x3c)
setsockopt$inet6_IPV6_RTHDR(r0, 0x29, 0x39, &(0x7f0000000f00)=ANY=[@ANYBLOB="00020201"], 0x18)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, 0x1c)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000100)=',', 0x5dc}], 0x1)

7.033093839s ago: executing program 8 (id=2172):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xb, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/vlan0\x00')
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r1, 0x8982, &(0x7f0000002800)={0x1, 'vlan0\x00'})
close_range(r0, 0xffffffffffffffff, 0x0)

6.037742667s ago: executing program 3 (id=2174):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0xe, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x4, 0x0, 0x0, 0x9}, @timestamp_prespec={0x44, 0x4, 0xc0, 0x3, 0x1}, @timestamp_prespec={0x44, 0x4, 0x0, 0x3, 0x8}, @lsrr={0x83, 0x7, 0xdc, [@multicast1]}, @rr={0x7, 0xf, 0x0, [@dev, @multicast1, @private=0xa010102]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='hugetlb.2MB.usage_in_bytes\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000240), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x280000b, 0x28011, r2, 0x0)
r3 = dup(r1)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = getpid()
process_vm_readv(r5, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

5.654072404s ago: executing program 8 (id=2177):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x81, 0x5, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r1}, 0x10)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0)

5.321887779s ago: executing program 8 (id=2179):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r2 = dup(r1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000012c0)=ANY=[@ANYBLOB="b0"], 0xb0)
getresuid(&(0x7f0000000440), &(0x7f0000000480), &(0x7f00000004c0)=<r5=>0x0)
getsockopt$bt_l2cap_L2CAP_LM(r2, 0x6, 0x3, &(0x7f00000000c0), &(0x7f0000000180)=0x4)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access=', @ANYRESDEC=r5])

5.321573663s ago: executing program 3 (id=2180):
r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100))
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0xb)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="5400000010000304016100"/20, @ANYRES32=0x0, @ANYBLOB="7fff000000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r2], 0x54}}, 0x0)

4.950010707s ago: executing program 3 (id=2183):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0)
syz_usb_connect(0x0, 0x10b, &(0x7f0000000000)=ANY=[@ANYBLOB="05010900b24b6a10e6040300770100000001090224000b010000000904000302ccd4280009050b02000000040009058a02"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x5d, &(0x7f00000000c0)=ANY=[], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_control_io$uac1(r1, 0x0, &(0x7f0000001e40)={0x44, &(0x7f0000000bc0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)

4.763249085s ago: executing program 5 (id=2185):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0xa, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000002000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000380)=[@text64={0x40, 0x0}], 0x1, 0x40, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x22000, 0x1000, &(0x7f0000000000/0x1000)=nil})

4.383168584s ago: executing program 2 (id=2187):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000f82818110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='mm_page_alloc\x00', r1}, 0x10)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)

4.295016446s ago: executing program 5 (id=2188):
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x8eab01)
ioctl$EVIOCSKEYCODE_V2(r0, 0x40284504, &(0x7f0000000040)={0x8, 0x23, 0xffff, 0x1, "21000085dbb6ba542a96b78b00"})

4.250755614s ago: executing program 39 (id=2111):
r0 = socket$inet6(0xa, 0x3, 0x8000000003c)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x70}}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=@raw={'raw\x00', 0x8, 0x3, 0x528, 0x0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x458, 0xffffffff, 0xffffffff, 0x458, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@empty, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x62}, 0x0, 0x358, 0x388, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth0_to_hsr\x00', {0x4, 0x8, 0x20, 0x5e1b2d47, 0xf91, 0x5, 0x4, 0x9f7, 0x18}, {0x8}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x588)
syz_emit_ethernet(0x9a, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa86dd600101000064"], 0x0)

4.139645587s ago: executing program 2 (id=2190):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000040)=@id={0x1e, 0x3, 0x882c5d853ab8d893, {0x4e22, 0x2}}, 0x10)

4.074310045s ago: executing program 5 (id=2191):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
read$FUSE(r0, &(0x7f00000021c0)={0x2020}, 0xfffffffffffffec6)

3.893103904s ago: executing program 2 (id=2192):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0x7, &(0x7f0000000380)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000700)={&(0x7f00000001c0)='kmem_cache_free\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r4, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r4, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001500)=ANY=[@ANYBLOB="bf16000000000000b7070000060000005070000000000000480000000000e1ff95000000000000002ba7e1d30cb599e83f24b8a4efc02d459d9e32a3aa81d36bb3019c13bd23212fb56f040026fb41f2db3b1639b7bbc9af171b856de734cfe3cafafefc40056bdc17487960007102fa9ea41da123741c66be166992b2dcd72fa0fca047d41886d1d4d94f2f4e345c652fbc1626cca2a2ad35806150ae0209e62f51ee988e6e06c8cedf3ceb9fc404000000c588b277beee1cbf9b0a4def42d410f6accd3637110bec4e90a6341965c39e9ebab0e39622200e011ea661c45a3449abe802f5ab3e3101c0932ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0cd2b6d357b8000018ef4aafad197acc7dc1e955c685ceff7f000000000000491b8bc4748eda186872000007ce468ee23fd2f73902ebcfcf49822775985bf31b405b433a8acd715f5888b2007f00000000000000000100fb0000000000000000ff03000000000000b56780260ed652290f58fa64533500ebffffff00ca1276445432997f0000000000000008e75a89faff01210cce39bf405f1e846c12423a163b33e680846f26dc7add65873d9f87463ad6f7c2f3ee1a39244960b318778f2a047f6d0800000000000000e7a6520602a80d608df4d433623c850af895abba72bf14f6fbd7fbad2a436804eeae1de6d2c740cf0c0b74edbcb2d4b7746fa4bc5e32bd378af7c9136adf32ec7bf48cabecead649f96ea24c32872c490637c34360cb5d46ce680eeb80127eb23f9902519a693b85c6552051385e7e87a2db762cbb253fbd76b9117c1a11d18aa21a0c5f0c28999a639c0376678be35ffe99ff799a11d9b219c00c369a12bf8685b862d2000000bda1bae489bcef5ae59136aaacc59608f4d4e6067338b521eaf2e2465da053cfd5e95394e5520545364361d2c1465c5461a7c4174e5cd9c7976c9aa6342c5621dbc2dccedb5ab74e0b119252a23352fca272212d0c0104000014593d65d3f5e1e9b294669bcd2df061a4d6a835e40e7302f53f90da24cb256b34e95bca9c512f737486ecd037ce40d0a706a5b05e72f8c218366e321f9109ae4cf44b3b0104154a93394f42b4ab6125e0ba8b1a1d8c473852910b3cb7e8dc795ac01bad9a6b438b9db5f5c926940a3ac36daf2a9dc9d868ec11f51e08bc67a3d598039d328b4677229e8b587e8a00f1733adabd5d2837c084c164cf30010969c79a09ac7a9bffff5bc7e420baa9000cd49f77782205d3f6f4b6aa751f49a6b76e3d23635f1d33b906707563b8ec92dec767cc09fe9936acb43382bfc81c823ba32f25738d863cf20181208e23ce19966e729a7b4eefa68554fa4ccadac05c8eac1b52dd528b124285a16da468e3fcb3d9a24e9d670500956702fe9be5d8207d426450ca622e8e0197270cbb947231baf36e0567c0f5de639c99bb71ca0e60d2decb185cddd74d4f00000000000000000000006ed429a657a8203f6542e9dd19d7a70431aefcb9f1b673512e25503c603f19fa4c39ee9b08aadd2c7555543837770a812207bc2be9c86f94282b325e30971f0000000099106f0defa59616d3d18a4c8c04a45c204edfc4cefbd94c4c034dcbc90975b097ece2484b5287105335791eb3061ac500a6728677c72b5b76c18186d6f1a5c74aaddd22dc002fd4bd1bc3409e8d7144689c89f7a5e95fce153d4e9bf0fe0aaa3dfaa443c5081606fda5059146ef94586f5d1658ef0389734108a3af432c730175a7c6e3bb997ed39a0da78527b212001e573492190000d3acf262e0baae546c6bc16183f530a951ba461690245945ae55529e1aa0d80e36d945260e977f4dfe8105961ad69511a348fce1d1be1db324fb4e2f463ad9f17b4093e7f2ff1165a277e08bcc5f2411a05abff3b8f2dc2d896e9039181495414718ea32a3a6f786503f9485b3fc89409913883cec"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000005e00))
r6 = socket$inet(0x2, 0x801, 0x0)
bind$inet(r6, &(0x7f0000000000)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r6, 0x0, 0x5, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
sendto$inet(r6, &(0x7f0000000480)="ccd089f9ff864fc5ed7a5981342865cdd4895469b189619e1622c41011a94119422f7eeb05003d6ebf394b04048195d49822aa263b56fb4b7a465e2b176095e44bfc91d995a4a99282ab37a5443bc1d3e9036496458a724051b5adb093052a91d6eb61dc931cce225d00c1cca5c2749b4e1d4bdc713bb434e33ddf7723834a012474c1c90ffc911a311a3cc5adbcffa7b58ab5e2b824", 0x96, 0x4004, 0x0, 0x0)

3.781970389s ago: executing program 5 (id=2193):
socket$key(0xf, 0x3, 0x2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
request_key(&(0x7f0000000280)='asymmetric\x00', &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000300)='@\x9f+^\xbe-@(/[+\x9f{\x00', 0xfffffffffffffffe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, 0x0, 0x0)

3.247100433s ago: executing program 5 (id=2194):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000019007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000880)={{r0}, &(0x7f0000000800), &(0x7f0000000840)=r1}, 0x20)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)

2.674306997s ago: executing program 2 (id=2195):
r0 = socket(0x1e, 0x1, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
listen(r0, 0x0)
shutdown(r0, 0x2)

2.504059533s ago: executing program 8 (id=2196):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = dup2(r0, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000580), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0x4008af12, &(0x7f0000000080)={0x1, 0x7f})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@bloom_filter={0x1e, 0x3, 0x6, 0x5, 0x10810, 0xffffffffffffffff, 0x7, '\x00', 0x0, r1, 0x2, 0x2, 0x4, 0x2, @void, @value, @value=r4}, 0x50)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000540)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000740))
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f0000000140)={0x1})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000940)={0x1, 0x0, [{0x0, 0xdd, &(0x7f0000000780)=""/221}]})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x20000)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYRES64, @ANYRES32, @ANYBLOB="0300000000000300"/20, @ANYRES32=0x0, @ANYRESDEC, @ANYBLOB="0000000000000000000000000000000000000000a100000000"], 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r5, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
close(0xffffffffffffffff)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r6, &(0x7f000000a3c0)={0x2020}, 0x2020)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413e850000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r7 = eventfd2(0xffffffff, 0x1)
write$eventfd(r7, &(0x7f0000000080)=0xffffffff00000000, 0x8)

1.381865243s ago: executing program 5 (id=2197):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=@framed={{}, [@printk={@llx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x2d}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = add_key$fscrypt_v1(&(0x7f0000000040), 0x0, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
r5 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc3}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r6 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYRESHEX=r6, @ANYBLOB=',rootmode=00000000000000000100000,use', @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
keyctl$reject(0x13, r5, 0xffffffff7fffffff, 0x4e7, r4)
read$FUSE(r6, &(0x7f0000008380)={0x2020}, 0x2020)
r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$sock_linger(r7, 0x1, 0xd, &(0x7f00000000c0)={0x4, 0x3}, 0x8)
bind$bt_sco(r7, &(0x7f0000000400), 0x8)
listen(r7, 0x0)
shutdown(r7, 0x0)
syz_fuse_handle_req(r6, &(0x7f0000006380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000008dceba394fc9d73b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000070000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000070000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e7ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea2105600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8ffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000f87c00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
unlink(&(0x7f0000000180)='./file0\x00')
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r8}, 0x18)

1.358384876s ago: executing program 2 (id=2198):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000c80)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
connect$pppl2tp(r1, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r2, 0x8, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}}, 0x32)
writev(r1, &(0x7f0000000180)=[{&(0x7f0000000080)='v', 0x34000}], 0x1)

1.35776619s ago: executing program 8 (id=2199):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x143082, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
pipe2$9p(&(0x7f00000001c0), 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000a0d9a24030091502780800000001090212"], 0x0)
r2 = socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x44, 0x10, 0x403, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, 0x0, 0x88adfda5}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @vlan={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}]}}}, @IFLA_LINK={0x8, 0x5, r3}]}, 0x44}}, 0x0)

112.557408ms ago: executing program 2 (id=2200):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = socket(0x10, 0x3, 0x9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1801000000000000000000004b84ffec850000006d000000850000002a"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r6, 0x0, 0x0)
ioctl$KDSKBENT(r5, 0x4b47, &(0x7f0000000080)={0x10, 0x7d, 0x20f})
socket$nl_route(0x10, 0x3, 0x0)

0s ago: executing program 3 (id=2201):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000740)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$wireguard(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000680)=ANY=[@ANYBLOB="c8010000", @ANYRES16=r3, @ANYBLOB="0100000000000000000001000000060006000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5426c010880f4000080060005000180000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff240002001bc715ee4868b12a49f4df11bc05475489f6a27c4d6483ad2fa5e45903b0ce851400040002000000ac1414aa00000000000000008c00098028000080060001000a00000014000200ff020000000000000000000000000001050003000000000028000080060001000a000000140002000000000000000000000000000000000105000300030000001c000080060001000200da0008000200e000000105000300000000001c000080060001000200000008000200ac141400050003000000000074000080200004000a004e2200000000fc0000000000000000000000000000000400000024000100dbffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff080003000100000024000200cde20bc0d9b90ac13642d7b66459dd9db5e20b4b16d3d23f2cb03a8aa417dce6080007000000000014000200776730"], 0x1c8}}, 0x0)

kernel console output (not intermixed with test programs):

] usb 9-1: USB disconnect, device number 25
[  755.701729][ T5872] appleir 0003:05AC:8241.0017: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.2-1/input0
[  755.722754][ T5872] usb 3-1: USB disconnect, device number 16
[  757.588938][T13034] netlink: 104 bytes leftover after parsing attributes in process `syz.9.1576'.
[  757.617715][    C1] ip6_tunnel: ip6gretap0: Local routing loop detected!
[  758.300918][ T5872] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  758.533565][ T5872] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  758.591508][ T5872] usb 6-1: config 0 has no interfaces?
[  758.617409][ T5872] usb 6-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[  758.669106][T13046] program syz.3.1581 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  758.691287][ T5872] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  758.734987][ T5872] usb 6-1: config 0 descriptor??
[  758.742837][T13046] FAULT_INJECTION: forcing a failure.
[  758.742837][T13046] name failslab, interval 1, probability 0, space 0, times 0
[  758.797400][T13046] CPU: 1 UID: 0 PID: 13046 Comm: syz.3.1581 Not tainted 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0
[  758.808236][T13046] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  758.818336][T13046] Call Trace:
[  758.821665][T13046]  <TASK>
[  758.824626][T13046]  dump_stack_lvl+0x241/0x360
[  758.829360][T13046]  ? __pfx_dump_stack_lvl+0x10/0x10
[  758.834617][T13046]  ? __pfx__printk+0x10/0x10
[  758.839262][T13046]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  758.845280][T13046]  ? __pfx___might_resched+0x10/0x10
[  758.850629][T13046]  should_fail_ex+0x3b0/0x4e0
[  758.855344][T13046]  should_failslab+0xac/0x100
[  758.860069][T13046]  kmem_cache_alloc_node_noprof+0x77/0x380
[  758.865913][T13046]  ? __alloc_skb+0x1c3/0x440
[  758.870546][T13046]  __alloc_skb+0x1c3/0x440
[  758.875003][T13046]  ? __pfx___alloc_skb+0x10/0x10
[  758.880066][T13046]  ? reacquire_held_locks+0x300/0x690
[  758.885503][T13046]  alloc_skb_with_frags+0xc3/0x820
[  758.890668][T13046]  ? __pfx_reacquire_held_locks+0x10/0x10
[  758.896456][T13046]  sock_alloc_send_pskb+0x91a/0xa60
[  758.901713][T13046]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  758.907482][T13046]  ? __local_bh_enable_ip+0x168/0x200
[  758.912897][T13046]  ? dccp_sendmsg+0x3d5/0xb90
[  758.917621][T13046]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  758.923401][T13046]  dccp_sendmsg+0x3f1/0xb90
[  758.927962][T13046]  ? __pfx_dccp_sendmsg+0x10/0x10
[  758.933032][T13046]  ? sock_rps_record_flow+0x1a/0x400
[  758.938354][T13046]  ? inet_sendmsg+0x330/0x390
[  758.943068][T13046]  __sock_sendmsg+0x1a6/0x270
[  758.947796][T13046]  ____sys_sendmsg+0x52a/0x7e0
[  758.952628][T13046]  ? __pfx_____sys_sendmsg+0x10/0x10
[  758.957960][T13046]  ? __fget_files+0x2a/0x410
[  758.962589][T13046]  ? __fget_files+0x2a/0x410
[  758.967242][T13046]  __sys_sendmmsg+0x36a/0x720
[  758.971971][T13046]  ? __pfx___sys_sendmmsg+0x10/0x10
[  758.977221][T13046]  ? __pfx_lock_release+0x10/0x10
[  758.982273][T13046]  ? kstrtouint_from_user+0x128/0x190
[  758.987695][T13046]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  758.993624][T13046]  ? ksys_write+0x22a/0x2b0
[  758.998174][T13046]  ? __pfx_lock_release+0x10/0x10
[  759.003253][T13046]  ? vfs_write+0x730/0xd30
[  759.007714][T13046]  ? __mutex_unlock_slowpath+0x21e/0x790
[  759.010770][   T58] usb 6-1: USB disconnect, device number 28
[  759.013388][T13046]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  759.025358][T13046]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  759.031721][T13046]  ? do_syscall_64+0x100/0x230
[  759.036525][T13046]  __x64_sys_sendmmsg+0xa0/0xb0
[  759.041418][T13046]  do_syscall_64+0xf3/0x230
[  759.045963][T13046]  ? clear_bhb_loop+0x35/0x90
[  759.050672][T13046]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  759.056602][T13046] RIP: 0033:0x7f201ab85d29
[  759.061044][T13046] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  759.080766][T13046] RSP: 002b:00007f201b900038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  759.089306][T13046] RAX: ffffffffffffffda RBX: 00007f201ad75fa0 RCX: 00007f201ab85d29
[  759.097317][T13046] RDX: 0400000000000239 RSI: 0000000020002980 RDI: 0000000000000007
[  759.105409][T13046] RBP: 00007f201b900090 R08: 0000000000000000 R09: 0000000000000000
[  759.113416][T13046] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  759.121427][T13046] R13: 0000000000000000 R14: 00007f201ad75fa0 R15: 00007ffe3fd02888
[  759.129457][T13046]  </TASK>
[  759.132538][    C1] vkms_vblank_simulate: vblank timer overrun
[  760.448969][ T5871] usb 9-1: new high-speed USB device number 26 using dummy_hcd
[  760.811796][T13076] FAULT_INJECTION: forcing a failure.
[  760.811796][T13076] name failslab, interval 1, probability 0, space 0, times 0
[  760.825368][T13076] CPU: 1 UID: 0 PID: 13076 Comm: syz.9.1586 Not tainted 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0
[  760.836254][T13076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  760.846316][T13076] Call Trace:
[  760.849604][T13076]  <TASK>
[  760.852536][T13076]  dump_stack_lvl+0x241/0x360
[  760.857330][T13076]  ? __pfx_dump_stack_lvl+0x10/0x10
[  760.862536][T13076]  ? __pfx__printk+0x10/0x10
[  760.867135][T13076]  ? fs_reclaim_acquire+0x93/0x130
[  760.872256][T13076]  ? __pfx___might_resched+0x10/0x10
[  760.877583][T13076]  should_fail_ex+0x3b0/0x4e0
[  760.882327][T13076]  should_failslab+0xac/0x100
[  760.887042][T13076]  __kmalloc_noprof+0xdd/0x4c0
[  760.891830][T13076]  ? tomoyo_encode+0x26f/0x540
[  760.896643][T13076]  tomoyo_encode+0x26f/0x540
[  760.901262][T13076]  tomoyo_realpath_from_path+0x59e/0x5e0
[  760.906919][T13076]  tomoyo_path_number_perm+0x236/0x860
[  760.912389][T13076]  ? __lock_acquire+0x1397/0x2100
[  760.917428][T13076]  ? tomoyo_path_number_perm+0x206/0x860
[  760.923077][T13076]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  760.929100][T13076]  ? __fget_files+0x2a/0x410
[  760.933698][T13076]  ? __fget_files+0x2a/0x410
[  760.938317][T13076]  security_file_ioctl+0xc6/0x2a0
[  760.943353][T13076]  __se_sys_ioctl+0x46/0x170
[  760.948041][T13076]  do_syscall_64+0xf3/0x230
[  760.952554][T13076]  ? clear_bhb_loop+0x35/0x90
[  760.957354][T13076]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  760.963266][T13076] RIP: 0033:0x7f9213985d29
[  760.967688][T13076] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  760.987300][T13076] RSP: 002b:00007f921472e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  760.995720][T13076] RAX: ffffffffffffffda RBX: 00007f9213b76160 RCX: 00007f9213985d29
[  761.003696][T13076] RDX: 00000000200001c0 RSI: 00000000c058534f RDI: 0000000000000006
[  761.011672][T13076] RBP: 00007f921472e090 R08: 0000000000000000 R09: 0000000000000000
[  761.019643][T13076] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  761.027626][T13076] R13: 0000000000000000 R14: 00007f9213b76160 R15: 00007ffe865fd838
[  761.035613][T13076]  </TASK>
[  761.038694][    C1] vkms_vblank_simulate: vblank timer overrun
[  761.047561][T13076] ERROR: Out of memory at tomoyo_realpath_from_path.
[  761.206253][ T5871] usb 9-1: Using ep0 maxpacket: 16
[  761.275000][ T5871] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  761.328527][ T5871] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  761.347417][ T5871] usb 9-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  761.362420][ T5871] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  761.376101][   T58] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  761.385024][ T5871] usb 9-1: config 0 descriptor??
[  761.755143][T13083] FAULT_INJECTION: forcing a failure.
[  761.755143][T13083] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  761.769237][T13083] CPU: 0 UID: 0 PID: 13083 Comm: syz.3.1589 Not tainted 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0
[  761.780048][T13083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  761.790327][T13083] Call Trace:
[  761.793638][T13083]  <TASK>
[  761.796607][T13083]  dump_stack_lvl+0x241/0x360
[  761.801338][T13083]  ? __pfx_dump_stack_lvl+0x10/0x10
[  761.806583][T13083]  ? __pfx__printk+0x10/0x10
[  761.811582][T13083]  should_fail_ex+0x3b0/0x4e0
[  761.816304][T13083]  _copy_from_user+0x2f/0xc0
[  761.820946][T13083]  move_addr_to_kernel+0x82/0x150
[  761.826016][T13083]  copy_msghdr_from_user+0x43e/0x680
[  761.831376][T13083]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  761.837263][T13083]  ? __fget_files+0x2a/0x410
[  761.841882][T13083]  ? __fget_files+0x2a/0x410
[  761.846500][T13083]  __sys_sendmmsg+0x32b/0x720
[  761.851210][T13083]  ? __pfx___sys_sendmmsg+0x10/0x10
[  761.856436][T13083]  ? __pfx_lock_release+0x10/0x10
[  761.861482][T13083]  ? kstrtouint_from_user+0x128/0x190
[  761.866900][T13083]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  761.872821][T13083]  ? ksys_write+0x22a/0x2b0
[  761.877347][T13083]  ? __pfx_lock_release+0x10/0x10
[  761.882406][T13083]  ? vfs_write+0x730/0xd30
[  761.886867][T13083]  ? __mutex_unlock_slowpath+0x21e/0x790
[  761.892532][T13083]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  761.898544][T13083]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  761.904919][T13083]  ? do_syscall_64+0x100/0x230
[  761.909713][T13083]  __x64_sys_sendmmsg+0xa0/0xb0
[  761.914584][T13083]  do_syscall_64+0xf3/0x230
[  761.919119][T13083]  ? clear_bhb_loop+0x35/0x90
[  761.923843][T13083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  761.929769][T13083] RIP: 0033:0x7f201ab85d29
[  761.934203][T13083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  761.953830][T13083] RSP: 002b:00007f201b900038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  761.962260][T13083] RAX: ffffffffffffffda RBX: 00007f201ad75fa0 RCX: 00007f201ab85d29
[  761.970235][T13083] RDX: 0000000000000001 RSI: 0000000020003580 RDI: 0000000000000004
[  761.978210][T13083] RBP: 00007f201b900090 R08: 0000000000000000 R09: 0000000000000000
[  761.986183][T13083] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  761.994178][T13083] R13: 0000000000000000 R14: 00007f201ad75fa0 R15: 00007ffe3fd02888
[  762.002211][T13083]  </TASK>
[  762.051689][ T5871] input: HID 05ac:8241 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:05AC:8241.0018/input/input38
[  762.110921][   T58] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  762.133021][   T58] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  762.215446][ T5871] appleir 0003:05AC:8241.0018: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.8-1/input0
[  762.248323][   T58] usb 3-1: config 0 descriptor??
[  762.621550][ T5871] usb 9-1: USB disconnect, device number 26
[  762.974468][T13097] netlink: zone id is out of range
[  762.980625][T13100] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1592'.
[  763.017626][T13097] netlink: zone id is out of range
[  763.046205][T13097] netlink: zone id is out of range
[  763.082652][T13097] netlink: zone id is out of range
[  763.111953][T13097] netlink: zone id is out of range
[  763.119216][T13097] netlink: zone id is out of range
[  763.133051][T13104] binfmt_misc: register: failed to install interpreter file ./file2
[  763.149543][T13097] netlink: zone id is out of range
[  763.165038][   T58] usb 3-1: Cannot read MAC address
[  763.178377][T13097] netlink: zone id is out of range
[  763.197498][   T58] MOSCHIP usb-ethernet driver 3-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -32
[  763.221612][T13097] netlink: zone id is out of range
[  763.251907][T13097] netlink: zone id is out of range
[  763.519249][ T6405] usb 3-1: USB disconnect, device number 17
[  763.592621][T13119] netlink: 32 bytes leftover after parsing attributes in process `syz.8.1595'.
[  764.357394][T13133] 9pnet_fd: Insufficient options for proto=fd
[  764.515884][ T5870] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  764.554210][T13139] overlayfs: failed to resolve './file2': -2
[  764.718074][ T5870] usb 10-1: Using ep0 maxpacket: 16
[  764.962001][ T5870] usb 10-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  765.236840][ T5870] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  765.332087][ T5870] usb 10-1: Product: syz
[  765.361482][ T5870] usb 10-1: Manufacturer: syz
[  765.399648][ T5870] usb 10-1: SerialNumber: syz
[  765.943612][ T5870] r8152-cfgselector 10-1: Unknown version 0x0000
[  765.954463][ T5870] r8152-cfgselector 10-1: config 0 descriptor??
[  766.096251][T13092] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  766.282642][T13131] netlink: 40 bytes leftover after parsing attributes in process `syz.9.1599'.
[  766.306243][T13092] usb 6-1: Using ep0 maxpacket: 8
[  766.349700][T13092] usb 6-1: config 6 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  766.378722][T13092] usb 6-1: config 6 interface 0 altsetting 0 has an endpoint descriptor with address 0xEC, changing to 0x8C
[  766.444889][T13092] usb 6-1: config 6 interface 0 altsetting 0 endpoint 0x8C has invalid wMaxPacketSize 0
[  766.518784][T13092] usb 6-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  766.568939][T13092] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  766.602242][T13092] usb 6-1: Product: syz
[  766.623636][T13092] usb 6-1: Manufacturer: syz
[  766.638237][ T5870] r8152-cfgselector 10-1: USB disconnect, device number 6
[  766.663592][T13092] usb 6-1: SerialNumber: syz
[  766.708037][T13092] hso 6-1:6.0: Can't find BULK IN endpoint
[  766.935486][T13183] FAULT_INJECTION: forcing a failure.
[  766.935486][T13183] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  766.975040][T13168] syz.3.1607 (13168): drop_caches: 2
[  766.983601][T13183] CPU: 1 UID: 0 PID: 13183 Comm: syz.2.1610 Not tainted 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0
[  766.994439][T13183] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  767.004542][T13183] Call Trace:
[  767.007862][T13183]  <TASK>
[  767.010829][T13183]  dump_stack_lvl+0x241/0x360
[  767.015559][T13183]  ? __pfx_dump_stack_lvl+0x10/0x10
[  767.020779][T13183]  ? __pfx__printk+0x10/0x10
[  767.025396][T13183]  ? __pfx_lock_release+0x10/0x10
[  767.030441][T13183]  should_fail_ex+0x3b0/0x4e0
[  767.035131][T13183]  _copy_from_user+0x2f/0xc0
[  767.039749][T13183]  copy_msghdr_from_user+0xae/0x680
[  767.044972][T13183]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  767.050804][T13183]  ? __fget_files+0x2a/0x410
[  767.055447][T13183]  ? __fget_files+0x2a/0x410
[  767.060058][T13183]  __sys_sendmsg+0x209/0x350
[  767.064677][T13183]  ? __pfx_lock_release+0x10/0x10
[  767.069738][T13183]  ? __pfx___sys_sendmsg+0x10/0x10
[  767.074875][T13183]  ? __pfx_vfs_write+0x10/0x10
[  767.079677][T13183]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  767.086021][T13183]  ? do_syscall_64+0x100/0x230
[  767.090813][T13183]  ? do_syscall_64+0xb6/0x230
[  767.095513][T13183]  do_syscall_64+0xf3/0x230
[  767.100036][T13183]  ? clear_bhb_loop+0x35/0x90
[  767.104724][T13183]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  767.110639][T13183] RIP: 0033:0x7f95d2585d29
[  767.115067][T13183] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  767.134730][T13183] RSP: 002b:00007f95d3436038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  767.143177][T13183] RAX: ffffffffffffffda RBX: 00007f95d2775fa0 RCX: 00007f95d2585d29
[  767.151193][T13183] RDX: 0000000000004050 RSI: 0000000020000180 RDI: 0000000000000003
[  767.159197][T13183] RBP: 00007f95d3436090 R08: 0000000000000000 R09: 0000000000000000
[  767.167190][T13183] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  767.175182][T13183] R13: 0000000000000000 R14: 00007f95d2775fa0 R15: 00007ffe6bd96078
[  767.183181][T13183]  </TASK>
[  767.186321][    C1] vkms_vblank_simulate: vblank timer overrun
[  767.642104][   T58] usb 9-1: new high-speed USB device number 27 using dummy_hcd
[  767.802248][   T58] usb 9-1: Using ep0 maxpacket: 8
[  767.826709][   T58] usb 9-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  767.873119][   T58] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[  767.915285][T13202] netlink: 'syz.9.1614': attribute type 10 has an invalid length.
[  767.928256][   T58] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 239, changing to 11
[  767.951400][T13202] bridge0: port 1(bridge_slave_0) entered disabled state
[  767.976448][   T58] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 9059, setting to 1024
[  767.993396][T13202] bridge0: port 1(bridge_slave_0) entered blocking state
[  768.000611][T13202] bridge0: port 1(bridge_slave_0) entered forwarding state
[  768.029010][   T58] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  768.058179][T13202] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  768.094444][ T5871] usb 6-1: USB disconnect, device number 29
[  768.109553][   T58] usb 9-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[  768.137716][   T58] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  768.176179][   T58] usb 9-1: Product: syz
[  768.192273][   T58] usb 9-1: Manufacturer: syz
[  768.219525][   T58] usb 9-1: SerialNumber: syz
[  768.247197][   T58] usb 9-1: config 0 descriptor??
[  768.259731][   T58] input: KB Gear Tablet as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/input/input39
[  768.478765][T13221] netlink: 'syz.2.1617': attribute type 10 has an invalid length.
[  768.538108][T13222] net_ratelimit: 9 callbacks suppressed
[  768.538130][T13222] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  768.594460][T13221] bridge0: port 2(bridge_slave_1) entered disabled state
[  768.602027][T13221] bridge0: port 1(bridge_slave_0) entered disabled state
[  768.698907][T13221] bridge0: port 2(bridge_slave_1) entered blocking state
[  768.706179][T13221] bridge0: port 2(bridge_slave_1) entered forwarding state
[  768.713655][T13221] bridge0: port 1(bridge_slave_0) entered blocking state
[  768.720897][T13221] bridge0: port 1(bridge_slave_0) entered forwarding state
[  768.778973][T13227] 9pnet_fd: Insufficient options for proto=fd
[  768.932834][T13221] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  770.413774][   T58] usb 9-1: USB disconnect, device number 27
[  770.413863][    C1] kbtab 9-1:0.0: kbtab_irq - usb_submit_urb failed with result -19
[  770.599190][T13246] netlink: 32 bytes leftover after parsing attributes in process `syz.9.1622'.
[  770.619410][T13249] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1623'.
[  770.640181][T13246] netlink: 32 bytes leftover after parsing attributes in process `syz.9.1622'.
[  771.326233][T13092] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  771.494859][T13092] usb 10-1: Using ep0 maxpacket: 8
[  771.589006][T13092] usb 10-1: config 179 has an invalid interface number: 65 but max is 0
[  771.715207][T13092] usb 10-1: config 179 has no interface number 0
[  771.779295][T13092] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  771.793364][T13092] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  771.806836][T13092] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  771.836249][T13092] usb 10-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  771.924461][T13092] usb 10-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  772.013940][T13092] usb 10-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  772.059746][T13092] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  772.122109][T13261] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[  772.582242][T13283] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  773.194543][ T5870] input: Generic X-Box pad as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:179.65/input/input40
[  773.204245][T13286] netlink: 228 bytes leftover after parsing attributes in process `syz.8.1630'.
[  773.339141][ T5903] usb 10-1: USB disconnect, device number 7
[  773.339163][    C1] xpad 10-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  773.353644][    C1] xpad 10-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  773.381291][ T5903] xpad 10-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  774.593294][T13308] netlink: 16 bytes leftover after parsing attributes in process `syz.9.1636'.
[  774.956944][ T5871] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  776.292041][ T5871] usb 6-1: Using ep0 maxpacket: 32
[  776.318829][ T5871] usb 6-1: config 0 has an invalid interface number: 51 but max is 0
[  777.176357][ T5871] usb 6-1: config 0 has no interface number 0
[  777.182919][ T5871] usb 6-1: config 0 interface 51 altsetting 0 endpoint 0x82 has invalid maxpacket 12543, setting to 1024
[  777.209238][ T5871] usb 6-1: config 0 interface 51 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  777.236405][ T5871] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.82
[  777.245511][ T5871] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  777.273183][ T5871] usb 6-1: Product: syz
[  777.277532][ T5871] usb 6-1: Manufacturer: syz
[  777.282178][ T5871] usb 6-1: SerialNumber: syz
[  777.309344][ T5871] usb 6-1: config 0 descriptor??
[  777.318791][T13302] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  777.349118][ T5871] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  778.800976][ T5871] usb 6-1: qt2_attach - failed to power on unit: -71
[  778.810293][ T5871] quatech2 6-1:0.51: probe with driver quatech2 failed with error -71
[  778.830606][ T5871] usb 6-1: USB disconnect, device number 30
[  780.906167][ T5904] usb 9-1: new high-speed USB device number 28 using dummy_hcd
[  781.086169][T13092] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  781.135969][ T5904] usb 9-1: Using ep0 maxpacket: 32
[  781.219192][ T5870] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  781.235857][ T5904] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  781.289857][ T5904] usb 9-1: New USB device found, idVendor=03eb, idProduct=21fe, bcdDevice=17.ac
[  781.309680][ T5904] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  781.344303][ T5904] usb 9-1: Product: syz
[  781.368410][ T5904] usb 9-1: Manufacturer: syz
[  781.425970][ T5870] usb 3-1: Using ep0 maxpacket: 32
[  781.431539][T13092] usb 6-1: Using ep0 maxpacket: 16
[  781.463478][ T5904] usb 9-1: SerialNumber: syz
[  781.501305][T13092] usb 6-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  781.517280][ T5870] usb 3-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 0.01
[  781.527612][ T5904] usb 9-1: config 0 descriptor??
[  781.532792][T13092] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  781.541343][ T5870] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  781.552709][ T5904] igorplugusb 9-1:0.0: endpoint incorrect
[  781.570068][T13092] usb 6-1: Product: syz
[  781.574296][T13092] usb 6-1: Manufacturer: syz
[  781.579036][ T5870] usb 3-1: Product: syz
[  781.591793][ T5870] usb 3-1: Manufacturer: syz
[  781.606431][T13372] netlink: 'syz.9.1649': attribute type 1 has an invalid length.
[  781.615888][T13092] usb 6-1: SerialNumber: syz
[  781.620753][ T5870] usb 3-1: SerialNumber: syz
[  781.642088][T13092] r8152-cfgselector 6-1: Unknown version 0x0000
[  781.648728][ T5870] usb 3-1: config 0 descriptor??
[  781.665176][T13092] r8152-cfgselector 6-1: config 0 descriptor??
[  781.808708][   T58] usb 9-1: USB disconnect, device number 28
[  781.914718][ T5903] usb 3-1: USB disconnect, device number 18
[  782.186520][ T5903] r8152-cfgselector 6-1: USB disconnect, device number 31
[  782.435917][T13092] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  783.106403][T13092] usb 10-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  783.115611][T13092] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  783.204654][T13092] usb 10-1: config 0 descriptor??
[  783.228304][T13092] cp210x 10-1:0.0: cp210x converter detected
[  783.441749][T13092] cp210x 10-1:0.0: failed to get vendor val 0x370b size 1: -121
[  783.604436][T13092] cp210x 10-1:0.0: querying part number failed
[  784.425361][T13421] ALSA: mixer_oss: invalid OSS volume '00000000000000000'
[  784.666939][T13092] usb 10-1: cp210x converter now attached to ttyUSB0
[  785.171598][T13438] block nbd8: shutting down sockets
[  785.356133][T13092] usb 10-1: USB disconnect, device number 8
[  785.418291][T13092] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  785.465979][ T5903] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  785.480195][T13456] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1664'.
[  785.917640][ T5903] usb 4-1: Using ep0 maxpacket: 16
[  786.156346][T13092] cp210x 10-1:0.0: device disconnected
[  786.308282][ T5903] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  786.345186][ T5903] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 0
[  786.392864][ T5903] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  786.454994][ T5903] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  786.485399][ T5903] usb 4-1: Product: syz
[  786.502322][ T5903] usb 4-1: Manufacturer: syz
[  786.517852][ T5903] usb 4-1: SerialNumber: syz
[  786.538611][ T5903] usb 4-1: config 0 descriptor??
[  786.539451][T13092] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  786.562708][ T5903] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  786.574392][T13464] pim6reg1: entered promiscuous mode
[  786.583181][T13464] pim6reg1: entered allmulticast mode
[  786.604034][ T5903] em28xx 4-1:0.0: DVB interface 0 found: bulk
[  786.732970][T13092] usb 10-1: Using ep0 maxpacket: 8
[  786.776257][T13092] usb 10-1: config index 0 descriptor too short (expected 301, got 45)
[  786.784637][T13092] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  786.809245][T13092] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  786.820647][T13092] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  786.866481][ T5903] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[  786.871342][T13092] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  787.060047][ T5903] em28xx 4-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  787.176051][ T5872] usb 9-1: new high-speed USB device number 29 using dummy_hcd
[  787.294982][ T5903] em28xx 4-1:0.0: board has no eeprom
[  787.496522][ T5872] usb 9-1: Using ep0 maxpacket: 16
[  787.619374][ T5872] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  787.725973][ T5903] em28xx 4-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  787.782937][T13092] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  787.805592][T13092] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  787.809836][ T5903] em28xx 4-1:0.0: dvb set to bulk mode.
[  787.822219][ T5872] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  787.872301][   T58] em28xx 4-1:0.0: Binding DVB extension
[  787.881389][ T5872] usb 9-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  787.901179][ T5903] usb 4-1: USB disconnect, device number 15
[  787.935926][ T5872] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  787.953834][ T5903] em28xx 4-1:0.0: Disconnecting em28xx
[  788.020055][ T5872] usb 9-1: config 0 descriptor??
[  788.061208][T13092] usb 10-1: GET_CAPABILITIES returned 0
[  788.090005][   T58] em28xx 4-1:0.0: Registering input extension
[  788.091630][T13092] usbtmc 10-1:16.0: can't read capabilities
[  788.187836][ T5903] em28xx 4-1:0.0: Closing input extension
[  788.332597][ T5903] em28xx 4-1:0.0: Freeing device
[  788.469578][ T5872] input: HID 05ac:8241 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:05AC:8241.0019/input/input42
[  788.602115][ T5872] appleir 0003:05AC:8241.0019: input,hiddev1,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.8-1/input0
[  788.636076][T13457] usbtmc 10-1:16.0: usb_control_msg returned -32
[  788.681132][ T5903] usb 10-1: USB disconnect, device number 9
[  788.692998][ T5872] usb 9-1: USB disconnect, device number 29
[  791.385902][ T5903] usb 9-1: new full-speed USB device number 30 using dummy_hcd
[  793.063929][ T5903] usb 9-1: device descriptor read/all, error -71
[  794.679123][T13540] FAULT_INJECTION: forcing a failure.
[  794.679123][T13540] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  794.824872][T13540] CPU: 0 UID: 0 PID: 13540 Comm: syz.3.1682 Not tainted 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0
[  794.835697][T13540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  794.845787][T13540] Call Trace:
[  794.849069][T13540]  <TASK>
[  794.852047][T13540]  dump_stack_lvl+0x241/0x360
[  794.856784][T13540]  ? __pfx_dump_stack_lvl+0x10/0x10
[  794.862025][T13540]  ? __pfx__printk+0x10/0x10
[  794.866645][T13540]  ? __pfx_lock_release+0x10/0x10
[  794.871709][T13540]  should_fail_ex+0x3b0/0x4e0
[  794.876406][T13540]  _copy_from_user+0x2f/0xc0
[  794.881052][T13540]  memdup_user+0x64/0xc0
[  794.885332][T13540]  ucma_set_option+0x1c6/0xe60
[  794.890137][T13540]  ? __pfx_ucma_set_option+0x10/0x10
[  794.895485][T13540]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  794.901510][T13540]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  794.907889][T13540]  ? irqentry_exit+0x63/0x90
[  794.912512][T13540]  ? lockdep_hardirqs_on+0x99/0x150
[  794.917748][T13540]  ? __pfx_ucma_set_option+0x10/0x10
[  794.923080][T13540]  ? __pfx_ucma_set_option+0x10/0x10
[  794.928386][T13540]  ucma_write+0x2d9/0x420
[  794.932740][T13540]  ? __pfx_ucma_write+0x10/0x10
[  794.937619][T13540]  ? bpf_lsm_file_permission+0x9/0x10
[  794.943012][T13540]  ? security_file_permission+0x74/0x280
[  794.948689][T13540]  ? rw_verify_area+0x1c3/0x6f0
[  794.953550][T13540]  ? __pfx_ucma_write+0x10/0x10
[  794.958444][T13540]  vfs_write+0x2a3/0xd30
[  794.962705][T13540]  ? __pfx_vfs_write+0x10/0x10
[  794.967486][T13540]  ? __fget_files+0x2a/0x410
[  794.972079][T13540]  ? __fget_files+0x395/0x410
[  794.976758][T13540]  ? __fget_files+0x2a/0x410
[  794.981364][T13540]  ksys_write+0x18f/0x2b0
[  794.985704][T13540]  ? __pfx_ksys_write+0x10/0x10
[  794.990567][T13540]  ? do_syscall_64+0x100/0x230
[  794.995361][T13540]  ? do_syscall_64+0xb6/0x230
[  795.000139][T13540]  do_syscall_64+0xf3/0x230
[  795.004656][T13540]  ? clear_bhb_loop+0x35/0x90
[  795.009337][T13540]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  795.015237][T13540] RIP: 0033:0x7f201ab85d29
[  795.019674][T13540] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  795.039300][T13540] RSP: 002b:00007f201b900038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  795.047723][T13540] RAX: ffffffffffffffda RBX: 00007f201ad75fa0 RCX: 00007f201ab85d29
[  795.055700][T13540] RDX: 0000000000000020 RSI: 0000000020000100 RDI: 0000000000000003
[  795.063680][T13540] RBP: 00007f201b900090 R08: 0000000000000000 R09: 0000000000000000
[  795.071660][T13540] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  795.079643][T13540] R13: 0000000000000000 R14: 00007f201ad75fa0 R15: 00007ffe3fd02888
[  795.087635][T13540]  </TASK>
[  795.895886][T13092] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  796.075846][T13092] usb 10-1: Using ep0 maxpacket: 16
[  796.086572][T13092] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  796.440202][T13092] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  796.455781][T13092] usb 10-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  796.465201][T13092] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  796.517383][T13092] usb 10-1: config 0 descriptor??
[  797.702665][T13092] input: HID 05ac:8241 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:05AC:8241.001A/input/input43
[  798.617354][T13578] block nbd3: shutting down sockets
[  798.801690][T13092] appleir 0003:05AC:8241.001A: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.9-1/input0
[  798.917062][T13092] usb 10-1: USB disconnect, device number 10
[  799.301961][T13597] ALSA: mixer_oss: invalid OSS volume '00000000000000000'
[  800.284778][T13606] netlink: 'syz.5.1696': attribute type 3 has an invalid length.
[  800.526748][T13610] dlm: no locking on control device
[  803.425873][T13092] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  803.725968][ T6405] usb 9-1: new high-speed USB device number 32 using dummy_hcd
[  803.807811][T13092] usb 6-1: Using ep0 maxpacket: 16
[  803.927058][T13651] block nbd2: shutting down sockets
[  804.047737][T13092] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  804.174473][T13092] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  804.195906][ T6405] usb 9-1: Using ep0 maxpacket: 16
[  804.226776][ T6405] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  804.255819][T13092] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  804.269032][ T5834] Bluetooth: hci2: adv larger than maximum supported
[  804.269116][ T5834] Bluetooth: hci2: Malformed LE Event: 0x0d
[  804.507357][ T6405] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  804.517524][T13092] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  804.528924][T13092] usb 6-1: config 0 descriptor??
[  804.534108][ T6405] usb 9-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  804.549444][ T6405] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  804.560689][ T6405] usb 9-1: config 0 descriptor??
[  804.646034][T13663] ALSA: mixer_oss: invalid OSS volume '00000000000000000'
[  804.659420][ T5900] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  804.906425][ T5900] usb 4-1: Using ep0 maxpacket: 32
[  805.201122][ T5900] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  805.222366][T13092] input: HID 05ac:8241 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:05AC:8241.001B/input/input44
[  805.245013][ T6405] input: HID 05ac:8241 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:05AC:8241.001C/input/input45
[  805.289893][ T5900] usb 4-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  805.325404][ T5900] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  805.392596][ T5900] usb 4-1: Product: syz
[  805.414817][T13092] appleir 0003:05AC:8241.001B: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.5-1/input0
[  805.451350][ T5900] usb 4-1: Manufacturer: syz
[  805.478303][ T6405] appleir 0003:05AC:8241.001C: input,hiddev1,hidraw1: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.8-1/input0
[  805.495515][ T5900] usb 4-1: SerialNumber: syz
[  805.524315][T13092] usb 6-1: USB disconnect, device number 32
[  805.532972][ T5900] usb 4-1: config 0 descriptor??
[  805.548524][T13652] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  806.567901][ T5900] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  806.895029][T13668] serio: Serial port ptm0
[  807.206197][ T5871] usb 4-1: USB disconnect, device number 16
[  807.543437][T10755] udevd[10755]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  807.647121][   T46] usb 9-1: USB disconnect, device number 32
[  809.043741][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  809.050779][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  811.080590][T13726] block nbd9: shutting down sockets
[  811.173249][T13731] ALSA: mixer_oss: invalid OSS volume '00000000000000000'
[  811.699974][ T5834] Bluetooth: hci4: adv larger than maximum supported
[  811.700048][ T5834] Bluetooth: hci4: Malformed LE Event: 0x0d
[  814.519095][T13759] FAULT_INJECTION: forcing a failure.
[  814.519095][T13759] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  814.532428][T13759] CPU: 1 UID: 0 PID: 13759 Comm: syz.5.1726 Not tainted 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0
[  814.543230][T13759] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  814.553306][T13759] Call Trace:
[  814.556605][T13759]  <TASK>
[  814.559546][T13759]  dump_stack_lvl+0x241/0x360
[  814.564246][T13759]  ? __pfx_dump_stack_lvl+0x10/0x10
[  814.569463][T13759]  ? __pfx__printk+0x10/0x10
[  814.574079][T13759]  ? __pfx_lock_release+0x10/0x10
[  814.579128][T13759]  should_fail_ex+0x3b0/0x4e0
[  814.583830][T13759]  _copy_from_iter+0x1e9/0x1c20
[  814.588699][T13759]  ? __virt_addr_valid+0x183/0x530
[  814.593832][T13759]  ? __alloc_skb+0x28f/0x440
[  814.598435][T13759]  ? __pfx__copy_from_iter+0x10/0x10
[  814.603735][T13759]  ? __virt_addr_valid+0x183/0x530
[  814.608857][T13759]  ? __virt_addr_valid+0x183/0x530
[  814.613980][T13759]  ? __virt_addr_valid+0x45f/0x530
[  814.619104][T13759]  ? __phys_addr_symbol+0x2f/0x70
[  814.624141][T13759]  ? __check_object_size+0x47a/0x730
[  814.629493][T13759]  netlink_sendmsg+0x73d/0xcb0
[  814.634300][T13759]  ? __pfx_netlink_sendmsg+0x10/0x10
[  814.639607][T13759]  ? __pfx_netlink_sendmsg+0x10/0x10
[  814.644900][T13759]  __sock_sendmsg+0x221/0x270
[  814.649599][T13759]  ____sys_sendmsg+0x52a/0x7e0
[  814.654382][T13759]  ? __pfx_____sys_sendmsg+0x10/0x10
[  814.659719][T13759]  ? __fget_files+0x2a/0x410
[  814.664324][T13759]  ? __fget_files+0x2a/0x410
[  814.668939][T13759]  __sys_sendmsg+0x269/0x350
[  814.673543][T13759]  ? __pfx_lock_release+0x10/0x10
[  814.678582][T13759]  ? __pfx___sys_sendmsg+0x10/0x10
[  814.683717][T13759]  ? __pfx_vfs_write+0x10/0x10
[  814.688529][T13759]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  814.694882][T13759]  ? do_syscall_64+0x100/0x230
[  814.699699][T13759]  ? do_syscall_64+0xb6/0x230
[  814.704440][T13759]  do_syscall_64+0xf3/0x230
[  814.708976][T13759]  ? clear_bhb_loop+0x35/0x90
[  814.713679][T13759]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  814.719600][T13759] RIP: 0033:0x7f08efb85d29
[  814.724563][T13759] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  814.744186][T13759] RSP: 002b:00007f08ed9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  814.752614][T13759] RAX: ffffffffffffffda RBX: 00007f08efd75fa0 RCX: 00007f08efb85d29
[  814.760619][T13759] RDX: 0000000000040004 RSI: 00000000200001c0 RDI: 0000000000000003
[  814.768621][T13759] RBP: 00007f08ed9f6090 R08: 0000000000000000 R09: 0000000000000000
[  814.776594][T13759] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  814.784597][T13759] R13: 0000000000000000 R14: 00007f08efd75fa0 R15: 00007ffe2c834f38
[  814.792592][T13759]  </TASK>
[  814.795680][    C1] vkms_vblank_simulate: vblank timer overrun
[  815.052281][T13770] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1727'.
[  817.166353][T13779] pim6reg1: entered promiscuous mode
[  817.171742][T13779] pim6reg1: entered allmulticast mode
[  819.023786][T13782] ALSA: mixer_oss: invalid OSS volume '00000000000000000'
[  819.515957][ T5904] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  819.715899][ T5904] usb 6-1: Using ep0 maxpacket: 16
[  819.732913][ T5904] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  819.812306][ T5904] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  819.863052][ T5904] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  819.922564][ T5904] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  819.973076][ T5904] usb 6-1: config 0 descriptor??
[  820.007100][ T5903] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  820.169839][T13816] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  820.206607][ T5903] usb 4-1: Using ep0 maxpacket: 16
[  820.245606][ T5903] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  820.256503][ T5903] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  820.298232][ T5903] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  820.341992][ T5903] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  820.388412][ T5903] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  820.439795][ T5903] usb 4-1: Product: syz
[  820.444029][ T5903] usb 4-1: Manufacturer: syz
[  820.449690][ T5904] input: HID 05ac:8241 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:05AC:8241.001D/input/input47
[  820.519278][ T5903] usb 4-1: SerialNumber: syz
[  820.588571][ T5904] appleir 0003:05AC:8241.001D: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.5-1/input0
[  820.684235][ T5904] usb 6-1: USB disconnect, device number 33
[  820.761656][T13829] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1742'.
[  823.047823][T13842] proc: Bad value for 'gid'
[  823.272214][T13850] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  824.339790][T13854] FAULT_INJECTION: forcing a failure.
[  824.339790][T13854] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  824.364725][T13854] CPU: 0 UID: 0 PID: 13854 Comm: syz.5.1747 Not tainted 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0
[  824.375547][T13854] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  824.385617][T13854] Call Trace:
[  824.388933][T13854]  <TASK>
[  824.391873][T13854]  dump_stack_lvl+0x241/0x360
[  824.396561][T13854]  ? __pfx_dump_stack_lvl+0x10/0x10
[  824.401768][T13854]  ? __pfx__printk+0x10/0x10
[  824.406629][T13854]  ? snprintf+0xda/0x120
[  824.410911][T13854]  should_fail_ex+0x3b0/0x4e0
[  824.415604][T13854]  _copy_to_user+0x31/0xb0
[  824.420059][T13854]  simple_read_from_buffer+0xca/0x150
[  824.425450][T13854]  proc_fail_nth_read+0x1e9/0x250
[  824.430482][T13854]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  824.436038][T13854]  ? rw_verify_area+0x55e/0x6f0
[  824.440894][T13854]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  824.446535][T13854]  vfs_read+0x1fc/0xb70
[  824.450722][T13854]  ? __pfx___mutex_lock+0x10/0x10
[  824.455775][T13854]  ? __pfx_vfs_read+0x10/0x10
[  824.460528][T13854]  ? __fget_files+0x2a/0x410
[  824.465159][T13854]  ? __fget_files+0x395/0x410
[  824.469863][T13854]  ? __fget_files+0x2a/0x410
[  824.474471][T13854]  ksys_read+0x18f/0x2b0
[  824.478731][T13854]  ? __pfx_ksys_read+0x10/0x10
[  824.483522][T13854]  do_syscall_64+0xf3/0x230
[  824.488154][T13854]  ? clear_bhb_loop+0x35/0x90
[  824.492842][T13854]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  824.498755][T13854] RIP: 0033:0x7f08efb8473c
[  824.503182][T13854] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  824.522806][T13854] RSP: 002b:00007f08ed9f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  824.531253][T13854] RAX: ffffffffffffffda RBX: 00007f08efd75fa0 RCX: 00007f08efb8473c
[  824.539258][T13854] RDX: 000000000000000f RSI: 00007f08ed9f60a0 RDI: 0000000000000004
[  824.547253][T13854] RBP: 00007f08ed9f6090 R08: 0000000000000000 R09: 0000000000000000
[  824.555239][T13854] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  824.563225][T13854] R13: 0000000000000000 R14: 00007f08efd75fa0 R15: 00007ffe2c834f38
[  824.571233][T13854]  </TASK>
[  824.623761][ T5872] usb 9-1: new high-speed USB device number 33 using dummy_hcd
[  824.845925][ T5872] usb 9-1: Using ep0 maxpacket: 32
[  824.870821][ T5872] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  824.900887][ T5872] usb 9-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  824.947285][ T5872] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  825.006105][ T5872] usb 9-1: Product: syz
[  825.026806][ T5872] usb 9-1: Manufacturer: syz
[  825.042077][ T5872] usb 9-1: SerialNumber: syz
[  825.070870][ T5872] usb 9-1: config 0 descriptor??
[  825.100399][T13846] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[  825.750567][T13863] ALSA: mixer_oss: invalid OSS volume '00000000000000000'
[  826.141313][ T5903] usb 4-1: 0:2 : does not exist
[  826.165648][ T5872] usb 9-1: Quirk or no altset; falling back to MIDI 1.0
[  826.416374][ T5904] usb 4-1: USB disconnect, device number 17
[  826.475157][T10685] udevd[10685]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  826.550037][ T5871] usb 9-1: USB disconnect, device number 33
[  827.028820][ T5900] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[  827.145093][T13890] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1754'.
[  828.057453][ T5900] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  828.305786][ T5900] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  828.327630][ T5900] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  828.337814][ T5900] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  829.063640][T13905] tipc: Trying to set illegal importance in message
[  829.825794][ T5900] usb 4-1: Product: syz
[  829.835427][ T5900] usb 4-1: Manufacturer: syz
[  829.853734][ T5900] usb 4-1: SerialNumber: syz
[  829.956813][ T5900] usb 4-1: can't set config #1, error -71
[  830.026788][ T5900] usb 4-1: USB disconnect, device number 18
[  830.306212][T13920] overlayfs: failed to resolve './file1': -2
[  830.712365][T13924] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  833.874171][T13950] 9pnet_fd: Insufficient options for proto=fd
[  835.685015][T13974] xt_TCPMSS: Only works on TCP SYN packets
[  835.715603][T13974] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1770'.
[  835.741935][T13971] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.1770'.
[  836.130628][T13986] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1772'.
[  836.629881][T13994] ALSA: mixer_oss: invalid OSS volume '00000000000000000'
[  839.618972][T14027] tmpfs: Unknown parameter 'ÿÿÿÿ'
[  839.885946][T13092] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  840.006182][ T5903] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  840.061983][T13092] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  840.108250][T13092] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  840.128628][T13092] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  840.156345][T13092] usb 3-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00
[  840.174821][T13092] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  840.207203][ T5903] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  840.221621][T13092] usb 3-1: config 0 descriptor??
[  840.237266][ T5903] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  840.255879][ T5903] usb 6-1: Product: syz
[  840.260088][ T5903] usb 6-1: Manufacturer: syz
[  840.264709][ T5903] usb 6-1: SerialNumber: syz
[  840.324674][ T5903] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  840.399633][ T5871] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  840.658507][T13092] hid-alps 0003:044E:120B.001E: unknown main item tag 0x0
[  840.689958][T13092] hid-alps 0003:044E:120B.001E: unknown main item tag 0x0
[  840.710495][T13092] hid-alps 0003:044E:120B.001E: unknown main item tag 0x0
[  840.721028][T13092] hid-alps 0003:044E:120B.001E: unknown main item tag 0x0
[  840.734275][T13092] hid-alps 0003:044E:120B.001E: unknown main item tag 0x0
[  840.758819][T13092] hid-alps 0003:044E:120B.001E: hidraw0: USB HID v0.00 Device [HID 044e:120b] on usb-dummy_hcd.2-1/input0
[  840.888155][T13092] usb 3-1: USB disconnect, device number 19
[  840.944681][ T5904] usb 6-1: USB disconnect, device number 34
[  841.302095][T14060] netlink: 'syz.3.1784': attribute type 8 has an invalid length.
[  841.320228][T14060] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1784'.
[  841.398154][T14068] PKCS8: Unsupported PKCS#8 version
[  841.460086][ T5871] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  841.584402][ T5871] ath9k_htc: Failed to initialize the device
[  841.673353][ T5904] usb 6-1: ath9k_htc: USB layer deinitialized
[  842.396247][T14077] binder: 14076:14077 ioctl ae41 1 returned -22
[  842.532750][T14084] ALSA: mixer_oss: invalid OSS volume '00000000000000000'
[  843.321040][ T5904] usb 9-1: new high-speed USB device number 34 using dummy_hcd
[  843.519624][ T5904] usb 9-1: New USB device found, idVendor=0c45, idProduct=6005, bcdDevice=b5.55
[  843.545112][ T5904] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  843.554108][ T5904] usb 9-1: Product: syz
[  843.559896][ T5904] usb 9-1: Manufacturer: syz
[  843.564633][ T5904] usb 9-1: SerialNumber: syz
[  843.597365][ T5904] usb 9-1: config 0 descriptor??
[  843.616740][ T5904] gspca_main: sonixb-2.14.0 probing 0c45:6005
[  843.629711][T13969] syz.9.1769 (13969): drop_caches: 1
[  844.649429][T14096] Bluetooth: hci0: Opcode 0x0401 failed: -4
[  844.763892][ T5904] sonixb 9-1:0.0: Error reading register 00: -110
[  845.261848][ T5904] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  845.678451][T14115] syz.3.1795(14115): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  845.693101][ T5834] Bluetooth: hci0: command 0x0401 tx timeout
[  846.522960][ T5904] usb 10-1: Using ep0 maxpacket: 16
[  846.550512][ T5904] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  846.639121][ T5904] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  846.691330][ T5904] usb 10-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  846.691519][   T58] usb 9-1: USB disconnect, device number 34
[  846.721238][ T5904] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  846.987336][ T5904] usb 10-1: config 0 descriptor??
[  847.401981][T14132] tmpfs: Unknown parameter 'ÿÿÿÿ'
[  847.505261][ T5904] input: HID 05ac:8241 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.0/0003:05AC:8241.001F/input/input48
[  847.687780][ T5903] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  847.856720][ T5903] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  847.893693][ T5904] appleir 0003:05AC:8241.001F: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.9-1/input0
[  847.918339][ T5904] usb 10-1: USB disconnect, device number 11
[  847.954735][ T5903] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  848.077993][T14147] ALSA: mixer_oss: invalid OSS volume '00000000000000000'
[  848.776052][ T5903] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  848.791196][ T5903] usb 3-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00
[  848.801006][ T5903] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  848.836336][ T5903] usb 3-1: config 0 descriptor??
[  849.823144][ T5903] hid-alps 0003:044E:120B.0020: unknown main item tag 0x0
[  849.831167][ T5903] hid-alps 0003:044E:120B.0020: unknown main item tag 0x0
[  849.857026][ T5903] hid-alps 0003:044E:120B.0020: unknown main item tag 0x0
[  850.955144][ T5903] hid-alps 0003:044E:120B.0020: unknown main item tag 0x0
[  850.995545][ T5903] hid-alps 0003:044E:120B.0020: unknown main item tag 0x0
[  851.057714][ T5903] hid-alps 0003:044E:120B.0020: hidraw0: USB HID v0.00 Device [HID 044e:120b] on usb-dummy_hcd.2-1/input0
[  851.137219][ T5903] usb 3-1: USB disconnect, device number 20
[  851.276066][ T5900] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[  851.343375][T14176] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1810'.
[  851.486902][ T5900] usb 6-1: Using ep0 maxpacket: 8
[  851.519954][ T5900] usb 6-1: unable to get BOS descriptor or descriptor too short
[  851.548259][ T5900] usb 6-1: config 9 has an invalid interface number: 93 but max is 0
[  851.604095][ T5900] usb 6-1: config 9 has no interface number 0
[  851.611942][ T5900] usb 6-1: config 9 interface 93 altsetting 9 endpoint 0x1 has an invalid bInterval 192, changing to 11
[  851.652698][ T5900] usb 6-1: config 9 interface 93 altsetting 9 endpoint 0x1 has invalid wMaxPacketSize 0
[  851.698938][ T5900] usb 6-1: config 9 interface 93 has no altsetting 0
[  851.734617][ T5900] usb 6-1: New USB device found, idVendor=0cf3, idProduct=0004, bcdDevice=4f.8a
[  851.771914][ T5900] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  851.793859][ T5900] usb 6-1: Product: syz
[  851.840415][T14181] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1810'.
[  851.866109][T14181] nbd: device at index 64 is going down
[  851.878527][ T5900] usb 6-1: Manufacturer: syz
[  851.883236][ T5900] usb 6-1: SerialNumber: syz
[  852.053651][T14197] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  852.686527][T14210] FAULT_INJECTION: forcing a failure.
[  852.686527][T14210] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  852.701602][T14210] CPU: 0 UID: 0 PID: 14210 Comm: syz.8.1817 Not tainted 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0
[  852.712450][T14210] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  852.722535][T14210] Call Trace:
[  852.725862][T14210]  <TASK>
[  852.728817][T14210]  dump_stack_lvl+0x241/0x360
[  852.733541][T14210]  ? __pfx_dump_stack_lvl+0x10/0x10
[  852.738783][T14210]  ? __pfx__printk+0x10/0x10
[  852.743413][T14210]  ? __pfx_lock_release+0x10/0x10
[  852.748486][T14210]  should_fail_ex+0x3b0/0x4e0
[  852.753208][T14210]  _copy_from_iter+0x1e9/0x1c20
[  852.758107][T14210]  ? __virt_addr_valid+0x183/0x530
[  852.763266][T14210]  ? __alloc_skb+0x28f/0x440
[  852.767927][T14210]  ? __pfx__copy_from_iter+0x10/0x10
[  852.773345][T14210]  ? __virt_addr_valid+0x183/0x530
[  852.778512][T14210]  ? __virt_addr_valid+0x183/0x530
[  852.783657][T14210]  ? __virt_addr_valid+0x45f/0x530
[  852.788802][T14210]  ? __phys_addr_symbol+0x2f/0x70
[  852.793872][T14210]  ? __check_object_size+0x47a/0x730
[  852.799373][T14210]  netlink_sendmsg+0x73d/0xcb0
[  852.804184][T14210]  ? __pfx_netlink_sendmsg+0x10/0x10
[  852.809524][T14210]  ? __pfx_netlink_sendmsg+0x10/0x10
[  852.814846][T14210]  __sock_sendmsg+0x221/0x270
[  852.819568][T14210]  ____sys_sendmsg+0x52a/0x7e0
[  852.824372][T14210]  ? __pfx_____sys_sendmsg+0x10/0x10
[  852.829776][T14210]  ? __fget_files+0x2a/0x410
[  852.834399][T14210]  ? __fget_files+0x2a/0x410
[  852.839028][T14210]  __sys_sendmsg+0x269/0x350
[  852.843660][T14210]  ? __pfx_lock_release+0x10/0x10
[  852.848721][T14210]  ? __pfx___sys_sendmsg+0x10/0x10
[  852.853879][T14210]  ? __pfx_vfs_write+0x10/0x10
[  852.858708][T14210]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  852.865067][T14210]  ? do_syscall_64+0x100/0x230
[  852.869884][T14210]  ? do_syscall_64+0xb6/0x230
[  852.874605][T14210]  do_syscall_64+0xf3/0x230
[  852.879165][T14210]  ? clear_bhb_loop+0x35/0x90
[  852.883885][T14210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  852.889840][T14210] RIP: 0033:0x7f4c95385d29
[  852.894368][T14210] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  852.914000][T14210] RSP: 002b:00007f4c9612a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  852.922446][T14210] RAX: ffffffffffffffda RBX: 00007f4c95575fa0 RCX: 00007f4c95385d29
[  852.930447][T14210] RDX: 0000000000000010 RSI: 00000000200001c0 RDI: 0000000000000003
[  852.938446][T14210] RBP: 00007f4c9612a090 R08: 0000000000000000 R09: 0000000000000000
[  852.946457][T14210] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  852.954458][T14210] R13: 0000000000000000 R14: 00007f4c95575fa0 R15: 00007fffc73209a8
[  852.962477][T14210]  </TASK>
[  853.021268][ T5900] usb 6-1: Could not find all expected endpoints
[  853.069176][ T5904] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  853.135770][T14215] ALSA: mixer_oss: invalid OSS volume '00000000000000000'
[  853.726399][ T5900] usb 6-1: USB disconnect, device number 35
[  853.900844][ T5904] usb 4-1: Using ep0 maxpacket: 16
[  853.941251][ T5904] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  854.234136][ T5904] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  854.375959][ T5904] usb 4-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  854.501964][ T5904] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  854.526852][ T5904] usb 4-1: config 0 descriptor??
[  855.148950][ T5904] input: HID 05ac:8241 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:05AC:8241.0021/input/input49
[  855.411601][ T5904] appleir 0003:05AC:8241.0021: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.3-1/input0
[  855.848029][ T5904] usb 4-1: USB disconnect, device number 19
[  856.025065][T14247] PKCS8: Unsupported PKCS#8 version
[  857.724770][   T29] audit: type=1800 audit(1734475177.402:100): pid=14256 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.2.1826" name="SYSV00000000" dev="hugetlbfs" ino=4 res=0 errno=0
[  857.889545][   T46] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  858.161462][   T46] usb 10-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  858.227312][   T46] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  858.279958][   T46] usb 10-1: config 0 descriptor??
[  858.299078][   T46] cp210x 10-1:0.0: cp210x converter detected
[  858.414451][ T5900] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  858.816612][ T5900] usb 3-1: Using ep0 maxpacket: 16
[  858.833112][ T5900] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  858.852621][T14245] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  858.865041][T14286] x_tables: ip6_tables: NETMAP.0 target: invalid size 40 (kernel) != (user) 0
[  858.877129][T14245] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  858.887413][ T5900] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  858.920430][   T46] cp210x 10-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  858.930028][ T5900] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  858.942546][   T46] usb 10-1: cp210x converter now attached to ttyUSB0
[  858.949598][ T5900] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  858.968629][ T5900] usb 3-1: Product: syz
[  858.973381][ T5900] usb 3-1: Manufacturer: syz
[  858.979047][ T5900] usb 3-1: SerialNumber: syz
[  859.025174][ T5900] usb 3-1: config 0 descriptor??
[  859.053324][ T5900] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  859.093396][ T5900] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[  859.179085][   T58] usb 10-1: USB disconnect, device number 12
[  859.227130][   T58] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  859.308513][   T58] cp210x 10-1:0.0: device disconnected
[  859.558906][T14300] FAULT_INJECTION: forcing a failure.
[  859.558906][T14300] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  859.682523][T14300] CPU: 0 UID: 0 PID: 14300 Comm: syz.3.1834 Not tainted 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0
[  859.693488][T14300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  859.703589][T14300] Call Trace:
[  859.706909][T14300]  <TASK>
[  859.709888][T14300]  dump_stack_lvl+0x241/0x360
[  859.714624][T14300]  ? __pfx_dump_stack_lvl+0x10/0x10
[  859.719873][T14300]  ? __pfx__printk+0x10/0x10
[  859.724519][T14300]  ? snprintf+0xda/0x120
[  859.728896][T14300]  should_fail_ex+0x3b0/0x4e0
[  859.733621][T14300]  _copy_to_user+0x31/0xb0
[  859.738089][T14300]  simple_read_from_buffer+0xca/0x150
[  859.743515][T14300]  proc_fail_nth_read+0x1e9/0x250
[  859.748586][T14300]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  859.754173][T14300]  ? rw_verify_area+0x55e/0x6f0
[  859.759058][T14300]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  859.764662][T14300]  vfs_read+0x1fc/0xb70
[  859.768857][T14300]  ? __pfx___mutex_lock+0x10/0x10
[  859.773906][T14300]  ? __pfx_vfs_read+0x10/0x10
[  859.778606][T14300]  ? __fget_files+0x2a/0x410
[  859.783210][T14300]  ? __fget_files+0x395/0x410
[  859.787905][T14300]  ? __fget_files+0x2a/0x410
[  859.792519][T14300]  ksys_read+0x18f/0x2b0
[  859.796787][T14300]  ? __pfx_ksys_read+0x10/0x10
[  859.801567][T14300]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  859.807961][T14300]  ? __irq_exit_rcu+0x105/0x220
[  859.812834][T14300]  ? do_syscall_64+0xb6/0x230
[  859.817539][T14300]  do_syscall_64+0xf3/0x230
[  859.822062][T14300]  ? clear_bhb_loop+0x35/0x90
[  859.826748][T14300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  859.832656][T14300] RIP: 0033:0x7f201ab8473c
[  859.837087][T14300] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  859.856708][T14300] RSP: 002b:00007f201b8df030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  859.865145][T14300] RAX: ffffffffffffffda RBX: 00007f201ad76080 RCX: 00007f201ab8473c
[  859.873137][T14300] RDX: 000000000000000f RSI: 00007f201b8df0a0 RDI: 0000000000000011
[  859.881119][T14300] RBP: 00007f201b8df090 R08: 0000000000000000 R09: 0000000000000000
[  859.889097][T14300] R10: 0000000000000066 R11: 0000000000000246 R12: 0000000000000001
[  859.897075][T14300] R13: 0000000000000000 R14: 00007f201ad76080 R15: 00007ffe3fd02888
[  859.905078][T14300]  </TASK>
[  860.188573][ T5900] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  860.270047][ T5900] em28xx 3-1:0.0: Config register raw data: 0xfffffffb
[  860.771529][T14303] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  860.845600][T14303] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  861.377011][ T5900] em28xx 3-1:0.0: AC97 chip type couldn't be determined
[  861.537738][ T5900] em28xx 3-1:0.0: No AC97 audio processor
[  861.882107][T14333] FAULT_INJECTION: forcing a failure.
[  861.882107][T14333] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  861.906116][T14333] CPU: 1 UID: 0 PID: 14333 Comm: syz.5.1843 Not tainted 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0
[  861.916950][T14333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  861.927124][T14333] Call Trace:
[  861.930413][T14333]  <TASK>
[  861.933353][T14333]  dump_stack_lvl+0x241/0x360
[  861.938066][T14333]  ? __pfx_dump_stack_lvl+0x10/0x10
[  861.943285][T14333]  ? __pfx__printk+0x10/0x10
[  861.947894][T14333]  ? __pfx_lock_release+0x10/0x10
[  861.952941][T14333]  should_fail_ex+0x3b0/0x4e0
[  861.957653][T14333]  _copy_from_iter+0x1e9/0x1c20
[  861.962611][T14333]  ? __virt_addr_valid+0x183/0x530
[  861.967747][T14333]  ? __alloc_skb+0x28f/0x440
[  861.972346][T14333]  ? __pfx__copy_from_iter+0x10/0x10
[  861.977645][T14333]  ? __virt_addr_valid+0x183/0x530
[  861.982770][T14333]  ? __virt_addr_valid+0x183/0x530
[  861.987896][T14333]  ? __virt_addr_valid+0x45f/0x530
[  861.993025][T14333]  ? __phys_addr_symbol+0x2f/0x70
[  861.998084][T14333]  ? __check_object_size+0x47a/0x730
[  862.003394][T14333]  netlink_sendmsg+0x73d/0xcb0
[  862.008218][T14333]  ? __pfx_netlink_sendmsg+0x10/0x10
[  862.013523][T14333]  ? __pfx_netlink_sendmsg+0x10/0x10
[  862.018823][T14333]  __sock_sendmsg+0x221/0x270
[  862.023522][T14333]  ____sys_sendmsg+0x52a/0x7e0
[  862.028306][T14333]  ? __pfx_____sys_sendmsg+0x10/0x10
[  862.033600][T14333]  ? __fget_files+0x2a/0x410
[  862.038203][T14333]  ? __fget_files+0x2a/0x410
[  862.042807][T14333]  __sys_sendmsg+0x269/0x350
[  862.047441][T14333]  ? __pfx_lock_release+0x10/0x10
[  862.052484][T14333]  ? __pfx___sys_sendmsg+0x10/0x10
[  862.057619][T14333]  ? __pfx_vfs_write+0x10/0x10
[  862.062413][T14333]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  862.068750][T14333]  ? do_syscall_64+0x100/0x230
[  862.073616][T14333]  ? do_syscall_64+0xb6/0x230
[  862.078315][T14333]  do_syscall_64+0xf3/0x230
[  862.082834][T14333]  ? clear_bhb_loop+0x35/0x90
[  862.087527][T14333]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  862.093441][T14333] RIP: 0033:0x7f08efb85d29
[  862.097873][T14333] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  862.117497][T14333] RSP: 002b:00007f08ed9f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  862.125926][T14333] RAX: ffffffffffffffda RBX: 00007f08efd75fa0 RCX: 00007f08efb85d29
[  862.133905][T14333] RDX: 0000000000000020 RSI: 0000000020000140 RDI: 0000000000000003
[  862.141876][T14333] RBP: 00007f08ed9f6090 R08: 0000000000000000 R09: 0000000000000000
[  862.149848][T14333] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  862.157826][T14333] R13: 0000000000000000 R14: 00007f08efd75fa0 R15: 00007ffe2c834f38
[  862.165845][T14333]  </TASK>
[  862.168901][    C1] vkms_vblank_simulate: vblank timer overrun
[  862.246493][T13092] usb 3-1: USB disconnect, device number 21
[  862.253291][T13092] em28xx 3-1:0.0: Disconnecting em28xx
[  862.281409][T13092] em28xx 3-1:0.0: Freeing device
[  862.337950][ T5900] usb 4-1: new full-speed USB device number 20 using dummy_hcd
[  862.530512][ T5900] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  862.617873][ T5900] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  862.828165][ T5900] usb 4-1: config 0 descriptor??
[  863.065254][ T5900] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  863.117492][T14349] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  863.168181][T14349] batadv_slave_0: entered promiscuous mode
[  863.178543][ T5900] gp8psk: usb in 128 operation failed.
[  863.688646][ T5900] gp8psk: usb in 137 operation failed.
[  863.715009][ T5900] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  863.771774][ T5900] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  864.614470][   T58] usb 9-1: new high-speed USB device number 35 using dummy_hcd
[  864.728366][T14383] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  865.376861][   T58] usb 9-1: Using ep0 maxpacket: 32
[  865.932462][T13092] usb 4-1: USB disconnect, device number 20
[  866.275112][   T58] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  866.387489][   T58] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  866.537775][   T58] usb 9-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  866.613658][   T58] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  866.702268][   T58] usb 9-1: config 0 descriptor??
[  866.926238][T14404] tmpfs: Unknown parameter 'ÿÿÿÿ'
[  867.016183][   T58] usbhid 9-1:0.0: can't add hid device: -71
[  867.075420][   T58] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  867.142663][ T5133] Bluetooth: hci5: Unknown advertising packet type: 0x33
[  867.142719][ T5133] Bluetooth: hci5: Malformed LE Event: 0x0d
[  867.160630][T14407] block nbd5: shutting down sockets
[  867.186914][   T58] usb 9-1: USB disconnect, device number 35
[  867.194091][T14411] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  867.367406][ T5903] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  867.535258][T14423] 9pnet_fd: Insufficient options for proto=fd
[  867.868528][ T5903] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  867.886576][ T5903] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  867.917459][ T5903] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  867.981504][ T5903] usb 3-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00
[  868.066921][ T5903] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  868.087032][ T5903] usb 3-1: config 0 descriptor??
[  868.693376][T14437] netlink: 36 bytes leftover after parsing attributes in process `syz.8.1866'.
[  868.852850][ T5903] hid-alps 0003:044E:120B.0022: unknown main item tag 0x0
[  868.927486][ T5903] hid-alps 0003:044E:120B.0022: unknown main item tag 0x0
[  869.241880][ T5903] hid-alps 0003:044E:120B.0022: unknown main item tag 0x0
[  869.378404][ T5903] hid-alps 0003:044E:120B.0022: unknown main item tag 0x0
[  869.385625][ T5903] hid-alps 0003:044E:120B.0022: unknown main item tag 0x0
[  869.403717][ T5903] hid-alps 0003:044E:120B.0022: hidraw0: USB HID v0.00 Device [HID 044e:120b] on usb-dummy_hcd.2-1/input0
[  869.434296][T14437] netlink: 12 bytes leftover after parsing attributes in process `syz.8.1866'.
[  869.483748][T14437] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1866'.
[  869.828435][   T46] usb 3-1: USB disconnect, device number 22
[  869.849220][T14445] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1867'.
[  869.862505][T14445] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1867'.
[  869.908439][T14445] vlan2: entered allmulticast mode
[  869.960948][T14451] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  870.060503][T14453] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1867'.
[  870.110392][T14453] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1867'.
[  870.283566][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  870.292109][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  873.821515][T14494] ALSA: mixer_oss: invalid OSS volume '00000000000000000'
[  875.361008][T14509] netlink: 104 bytes leftover after parsing attributes in process `syz.3.1880'.
[  875.487256][   T58] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  875.682020][   T58] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  875.716323][ T5903] usb 9-1: new high-speed USB device number 36 using dummy_hcd
[  875.735465][   T58] usb 3-1: New USB device found, idVendor=1ac7, idProduct=0001, bcdDevice=cc.19
[  875.773591][   T58] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  875.812123][   T58] usb 3-1: Product: syz
[  875.833957][   T58] usb 3-1: Manufacturer: syz
[  875.844644][   T58] usb 3-1: SerialNumber: syz
[  875.867735][   T58] usb 3-1: config 0 descriptor??
[  875.896101][ T5903] usb 9-1: Using ep0 maxpacket: 16
[  875.911154][   T58] usbtouchscreen 3-1:0.0: probe with driver usbtouchscreen failed with error -32
[  875.932149][ T5903] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  876.104490][T14527] ALSA: mixer_oss: invalid OSS volume '00000000000000000'
[  876.895064][ T5903] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  876.979445][ T5903] usb 9-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  877.040087][ T5903] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  877.072477][ T5903] usb 9-1: config 0 descriptor??
[  877.344874][T14537] PKCS8: Unsupported PKCS#8 version
[  877.742666][T14540] vlan2: entered allmulticast mode
[  878.735619][ T5903] input: HID 05ac:8241 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/0003:05AC:8241.0023/input/input51
[  878.834359][ T5903] appleir 0003:05AC:8241.0023: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.8-1/input0
[  878.933061][ T5903] usb 9-1: USB disconnect, device number 36
[  880.060290][ T5133] Bluetooth: hci0: command 0x0401 tx timeout
[  881.021782][ T5870] usb 3-1: USB disconnect, device number 23
[  881.755982][T14564] ALSA: mixer_oss: invalid OSS volume '00000000000000000'
[  882.369138][T14576] netlink: 'syz.9.1893': attribute type 10 has an invalid length.
[  882.455923][T14576] bridge0: port 1(bridge_slave_0) entered disabled state
[  883.600809][T14592] netlink: 622 bytes leftover after parsing attributes in process `syz.5.1895'.
[  883.712329][T14600] PKCS8: Unsupported PKCS#8 version
[  884.220695][   T58] usb 9-1: new high-speed USB device number 37 using dummy_hcd
[  884.369732][T14603] tmpfs: Unknown parameter 'ÿÿÿÿ'
[  884.428930][   T58] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  884.468880][   T58] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  884.486698][   T58] usb 9-1: New USB device found, idVendor=13ec, idProduct=0006, bcdDevice= 0.00
[  884.505961][   T58] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  884.562239][   T58] usb 9-1: config 0 descriptor??
[  884.625861][ T5903] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  884.745744][ T5900] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  885.214467][ T5903] usb 10-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  885.388938][ T5900] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  885.418187][ T5903] usb 10-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  885.466190][ T5900] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  885.490769][ T5903] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 66
[  885.492321][ T5900] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  885.527817][   T58] usbhid 9-1:0.0: can't add hid device: -71
[  885.537746][   T58] usbhid 9-1:0.0: probe with driver usbhid failed with error -71
[  885.549090][ T5903] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  885.560581][ T5900] usb 3-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00
[  885.574727][   T58] usb 9-1: USB disconnect, device number 37
[  885.612161][ T5900] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  885.805084][ T5900] usb 3-1: config 0 descriptor??
[  885.809519][ T5903] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  886.145395][ T5903] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  886.162552][ T5903] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  886.171309][ T5903] usb 10-1: Product: syz
[  886.176728][ T5903] usb 10-1: Manufacturer: syz
[  886.218919][ T5903] cdc_wdm 10-1:1.0: skipping garbage
[  886.224277][ T5903] cdc_wdm 10-1:1.0: skipping garbage
[  886.402814][ T5903] cdc_wdm 10-1:1.0: cdc-wdm0: USB WDM device
[  886.500723][T14625] ALSA: mixer_oss: invalid OSS volume '00000000000000000'
[  886.924478][ T5903] cdc_wdm 10-1:1.0: Unknown control protocol
[  886.961708][ T5900] hid-alps 0003:044E:120B.0024: unknown main item tag 0x0
[  887.016505][ T5900] hid-alps 0003:044E:120B.0024: unknown main item tag 0x0
[  887.035509][    C1] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  887.042621][    C1] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  887.049245][    C1] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  887.055969][    C1] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  887.064096][    C1] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  887.070837][    C1] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  887.077286][    C1] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  887.084021][    C1] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  887.091397][    C1] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  887.098132][    C1] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  887.104624][    C1] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  887.111361][    C1] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  887.117832][    C1] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  887.124566][    C1] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  887.130993][    C1] cdc_wdm 10-1:1.0: nonzero urb status received: -71
[  887.137649][ T5872] usb 10-1: USB disconnect, device number 13
[  887.137708][    C1] cdc_wdm 10-1:1.0: wdm_int_callback - 0 bytes
[  887.149898][    C1] cdc_wdm 10-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  887.186659][ T5900] hid-alps 0003:044E:120B.0024: unknown main item tag 0x0
[  887.193872][ T5900] hid-alps 0003:044E:120B.0024: unknown main item tag 0x0
[  887.215970][ T5900] hid-alps 0003:044E:120B.0024: unknown main item tag 0x0
[  887.248137][ T5900] hid-alps 0003:044E:120B.0024: hidraw0: USB HID v0.00 Device [HID 044e:120b] on usb-dummy_hcd.2-1/input0
[  887.358363][ T5903] usb 3-1: USB disconnect, device number 24
[  887.557519][T14632] tmpfs: Unknown parameter 'ÿÿÿÿ'
[  888.525910][ T5872] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[  888.744341][ T5872] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  888.876392][ T5872] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  888.902627][ T5872] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  888.925428][ T5872] usb 6-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00
[  888.973601][T14641] netlink: 'syz.8.1909': attribute type 10 has an invalid length.
[  889.021710][ T5872] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  889.087606][T14641] bridge0: port 2(bridge_slave_1) entered disabled state
[  889.094967][T14641] bridge0: port 1(bridge_slave_0) entered disabled state
[  889.120040][ T5872] usb 6-1: config 0 descriptor??
[  889.277009][T14641] team0: Port device bridge0 removed
[  889.283684][T14641] bridge0: port 2(bridge_slave_1) entered blocking state
[  889.290925][T14641] bridge0: port 2(bridge_slave_1) entered forwarding state
[  889.298482][T14641] bridge0: port 1(bridge_slave_0) entered blocking state
[  889.305624][T14641] bridge0: port 1(bridge_slave_0) entered forwarding state
[  889.890261][ T5872] hid-alps 0003:044E:120B.0025: unknown main item tag 0x0
[  889.935181][T14641] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  889.989169][ T5872] hid-alps 0003:044E:120B.0025: unknown main item tag 0x0
[  890.007043][ T5872] hid-alps 0003:044E:120B.0025: unknown main item tag 0x0
[  890.031781][ T5872] hid-alps 0003:044E:120B.0025: unknown main item tag 0x0
[  890.039467][ T5872] hid-alps 0003:044E:120B.0025: unknown main item tag 0x0
[  890.063157][ T5872] hid-alps 0003:044E:120B.0025: hidraw0: USB HID v0.00 Device [HID 044e:120b] on usb-dummy_hcd.5-1/input0
[  890.090714][T14653] tmpfs: Bad value for 'mpol'
[  890.098275][ T5872] usb 6-1: USB disconnect, device number 36
[  891.089745][T14665] overlayfs: statfs failed on './file0'
[  892.898421][T14684] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 1, id = 0
[  894.012172][T14699] block nbd3: shutting down sockets
[  894.119056][T14705] netlink: 'syz.8.1927': attribute type 10 has an invalid length.
[  894.180842][T14705] bridge0: port 2(bridge_slave_1) entered disabled state
[  894.188205][T14705] bridge0: port 1(bridge_slave_0) entered disabled state
[  894.214985][T14712] PKCS8: Unsupported PKCS#8 version
[  894.462025][ T5903] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  894.664342][ T5903] usb 10-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  894.722748][ T5903] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  894.798709][ T5903] usb 10-1: config 0 descriptor??
[  894.814705][ T5903] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  895.089803][T14713] netlink: 'syz.9.1928': attribute type 10 has an invalid length.
[  895.230796][T14713] team0: Failed to send options change via netlink (err -105)
[  895.293205][T14713] team0: Port device netdevsim0 added
[  896.209332][ T7347] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  897.325874][ T5870] usb 6-1: new full-speed USB device number 37 using dummy_hcd
[  898.118214][ T5870] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  898.180886][ T5870] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  898.181530][ T5903] gspca_stv06xx: I2C: Read error writing address: -71
[  898.211716][ T5870] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  898.275559][ T5870] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  898.281395][ T5903] usb 10-1: USB disconnect, device number 14
[  898.324160][ T5870] usb 6-1: Product: syz
[  898.420767][ T5870] usb 6-1: Manufacturer: syz
[  898.977135][ T5870] usb 6-1: SerialNumber: syz
[  899.481271][ T5870] usb 6-1: can't set config #1, error -71
[  899.526903][ T5870] usb 6-1: USB disconnect, device number 37
[  899.705973][ T5903] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  899.915943][ T5903] usb 10-1: Using ep0 maxpacket: 8
[  899.934503][ T5903] usb 10-1: config 150 has no interfaces?
[  899.967082][ T5903] usb 10-1: New USB device found, idVendor=10d6, idProduct=2200, bcdDevice= 1.00
[  900.020166][ T5903] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  900.077294][ T5903] usb 10-1: Product: syz
[  900.127156][ T5903] usb 10-1: Manufacturer: syz
[  900.131073][T14794] FAULT_INJECTION: forcing a failure.
[  900.131073][T14794] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  900.146591][T14794] CPU: 1 UID: 0 PID: 14794 Comm: syz.2.1946 Not tainted 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0
[  900.156326][ T5903] usb 10-1: SerialNumber: syz
[  900.157379][T14794] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  900.157400][T14794] Call Trace:
[  900.157412][T14794]  <TASK>
[  900.178397][T14794]  dump_stack_lvl+0x241/0x360
[  900.183099][T14794]  ? __pfx_dump_stack_lvl+0x10/0x10
[  900.188321][T14794]  ? __pfx__printk+0x10/0x10
[  900.192930][T14794]  ? __pfx_lock_release+0x10/0x10
[  900.197972][T14794]  ? preempt_count_add+0x93/0x190
[  900.203016][T14794]  should_fail_ex+0x3b0/0x4e0
[  900.207708][T14794]  _copy_from_user+0x2f/0xc0
[  900.212320][T14794]  userfaultfd_ioctl+0xcd0/0x66f0
[  900.217381][T14794]  ? __kernel_text_address+0xd/0x40
[  900.222594][T14794]  ? unwind_get_return_address+0x4d/0x90
[  900.228248][T14794]  ? arch_stack_walk+0xfd/0x150
[  900.233117][T14794]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  900.238591][T14794]  ? stack_trace_save+0x118/0x1d0
[  900.243658][T14794]  ? __pfx_stack_trace_save+0x10/0x10
[  900.249052][T14794]  ? stack_depot_save_flags+0x37/0x940
[  900.254528][T14794]  ? kasan_save_track+0x51/0x80
[  900.259393][T14794]  ? kasan_save_track+0x3f/0x80
[  900.264257][T14794]  ? kasan_save_free_info+0x40/0x50
[  900.269462][T14794]  ? __kasan_slab_free+0x59/0x70
[  900.274411][T14794]  ? kfree+0x196/0x430
[  900.278515][T14794]  ? tomoyo_path_number_perm+0x679/0x860
[  900.284177][T14794]  ? security_file_ioctl+0xc6/0x2a0
[  900.289389][T14794]  ? __se_sys_ioctl+0x46/0x170
[  900.294184][T14794]  ? do_syscall_64+0xf3/0x230
[  900.298884][T14794]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  900.304974][T14794]  ? do_vfs_ioctl+0xf07/0x2e40
[  900.309757][T14794]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  900.314822][T14794]  ? mark_lock+0x9a/0x360
[  900.319177][T14794]  ? tomoyo_path_number_perm+0x206/0x860
[  900.324911][T14794]  ? __pfx_lock_release+0x10/0x10
[  900.329952][T14794]  ? tomoyo_path_number_perm+0x679/0x860
[  900.335591][T14794]  ? tomoyo_path_number_perm+0x679/0x860
[  900.341237][T14794]  ? tomoyo_path_number_perm+0x6f9/0x860
[  900.346881][T14794]  ? __lock_acquire+0x1397/0x2100
[  900.351918][T14794]  ? tomoyo_path_number_perm+0x206/0x860
[  900.357567][T14794]  ? smack_log+0x123/0x540
[  900.361996][T14794]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  900.367985][T14794]  ? __pfx_smack_log+0x10/0x10
[  900.372762][T14794]  ? smk_access+0x4ab/0x4e0
[  900.377284][T14794]  ? smk_tskacc+0x300/0x370
[  900.381802][T14794]  ? smack_file_ioctl+0x2f7/0x3a0
[  900.386873][T14794]  ? __pfx_smack_file_ioctl+0x10/0x10
[  900.392264][T14794]  ? __fget_files+0x2a/0x410
[  900.396876][T14794]  ? __fget_files+0x2a/0x410
[  900.401476][T14794]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  900.406993][T14794]  __se_sys_ioctl+0xf5/0x170
[  900.411598][T14794]  do_syscall_64+0xf3/0x230
[  900.416114][T14794]  ? clear_bhb_loop+0x35/0x90
[  900.420794][T14794]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  900.426712][T14794] RIP: 0033:0x7f95d2585d29
[  900.431133][T14794] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  900.450750][T14794] RSP: 002b:00007f95d3436038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  900.459266][T14794] RAX: ffffffffffffffda RBX: 00007f95d2775fa0 RCX: 00007f95d2585d29
[  900.467333][T14794] RDX: 0000000020000080 RSI: 00000000c020aa08 RDI: 0000000000000003
[  900.475321][T14794] RBP: 00007f95d3436090 R08: 0000000000000000 R09: 0000000000000000
[  900.483298][T14794] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  900.491280][T14794] R13: 0000000000000000 R14: 00007f95d2775fa0 R15: 00007ffe6bd96078
[  900.499271][T14794]  </TASK>
[  900.502413][    C1] vkms_vblank_simulate: vblank timer overrun
[  900.860494][ T5903] usb 10-1: USB disconnect, device number 15
[  903.292538][T14820] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem
[  903.575995][ T5870] usb 9-1: new full-speed USB device number 38 using dummy_hcd
[  903.598922][T14834] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1955'.
[  904.621090][ T5870] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  904.646099][ T5870] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[  904.657992][ T5870] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  904.667237][ T5870] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  904.675266][ T5870] usb 9-1: Product: syz
[  904.679801][ T5870] usb 9-1: Manufacturer: syz
[  904.684451][ T5870] usb 9-1: SerialNumber: syz
[  905.075788][ T5870] usb 9-1: 0:2 : does not exist
[  905.093893][ T5870] usb 9-1: 5:0: failed to get current value for ch 0 (-22)
[  905.113951][ T5870] usb 9-1: USB disconnect, device number 38
[  905.458678][   T46] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  905.526844][ T5900] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[  905.654795][   T46] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  905.835925][ T5900] usb 6-1: Using ep0 maxpacket: 16
[  905.845846][ T5900] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  905.847129][T10685] udevd[10685]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  905.866281][ T5900] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  905.970710][   T46] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0093, bcdDevice=23.5a
[  906.163865][   T46] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  906.258477][ T5900] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  906.292062][   T46] usb 4-1: Product: syz
[  906.306719][   T46] usb 4-1: Manufacturer: syz
[  906.311876][   T46] usb 4-1: SerialNumber: syz
[  906.326152][ T5900] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  906.405312][   T46] usb 4-1: config 0 descriptor??
[  906.445527][ T5900] usb 6-1: config 0 descriptor??
[  907.164598][T14845] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  907.206870][T14845] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  907.273209][   T46] usb 4-1: dvb_usb_v2: usb_bulk_msg() failed=-8
[  907.302382][   T46] dvb_usb_af9035 4-1:0.0: probe with driver dvb_usb_af9035 failed with error -8
[  907.361966][   T46] usb 4-1: USB disconnect, device number 21
[  908.017162][ T5900] input: HID 05ac:8241 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:05AC:8241.0026/input/input52
[  908.112593][ T5900] appleir 0003:05AC:8241.0026: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.5-1/input0
[  908.364421][ T5900] usb 6-1: USB disconnect, device number 38
[  908.455845][ T5903] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  908.649143][ T5903] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  908.669318][ T5903] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  908.692325][ T5903] usb 3-1: config 0 descriptor??
[  908.736603][ T5903] cp210x 3-1:0.0: cp210x converter detected
[  908.751065][T14884] EXT4-fs (nullb0): VFS: Can't find ext4 filesystem
[  908.803359][T14885] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1969'.
[  909.137859][T14873] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  909.191773][T14873] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  910.394277][ T5903] cp210x 3-1:0.0: failed to get vendor val 0x000e size 678: -71
[  910.455966][ T5903] cp210x 3-1:0.0: GPIO initialisation failed: -71
[  910.504198][ T5903] usb 3-1: cp210x converter now attached to ttyUSB0
[  910.568556][T14903] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1974'.
[  911.408863][ T5903] usb 3-1: USB disconnect, device number 25
[  911.438407][ T5903] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  911.489907][ T5903] cp210x 3-1:0.0: device disconnected
[  911.655446][T14911] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1975'.
[  911.765270][T14915] kAFS: Can only specify source 'none' with -o dyn
[  911.823450][T14919] FAULT_INJECTION: forcing a failure.
[  911.823450][T14919] name failslab, interval 1, probability 0, space 0, times 0
[  911.873370][T14919] CPU: 1 UID: 0 PID: 14919 Comm: syz.3.1981 Not tainted 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0
[  911.884216][T14919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  911.894401][T14919] Call Trace:
[  911.897718][T14919]  <TASK>
[  911.900675][T14919]  dump_stack_lvl+0x241/0x360
[  911.905407][T14919]  ? __pfx_dump_stack_lvl+0x10/0x10
[  911.910665][T14919]  ? __pfx__printk+0x10/0x10
[  911.915344][T14919]  should_fail_ex+0x3b0/0x4e0
[  911.920064][T14919]  should_failslab+0xac/0x100
[  911.924789][T14919]  ? skb_clone+0x20c/0x390
[  911.929248][T14919]  kmem_cache_alloc_noprof+0x70/0x380
[  911.934733][T14919]  skb_clone+0x20c/0x390
[  911.939081][T14919]  __netlink_deliver_tap+0x3cc/0x7f0
[  911.944422][T14919]  ? netlink_deliver_tap+0x2e/0x1b0
[  911.949660][T14919]  netlink_deliver_tap+0x19d/0x1b0
[  911.954825][T14919]  netlink_unicast+0x7c4/0x990
[  911.959653][T14919]  ? __pfx_netlink_unicast+0x10/0x10
[  911.964999][T14919]  ? __virt_addr_valid+0x45f/0x530
[  911.970170][T14919]  ? __phys_addr_symbol+0x2f/0x70
[  911.975234][T14919]  ? __check_object_size+0x47a/0x730
[  911.980568][T14919]  netlink_sendmsg+0x8e4/0xcb0
[  911.985384][T14919]  ? __pfx_netlink_sendmsg+0x10/0x10
[  911.990732][T14919]  ? __pfx_netlink_sendmsg+0x10/0x10
[  911.996073][T14919]  __sock_sendmsg+0x221/0x270
[  912.000799][T14919]  ____sys_sendmsg+0x52a/0x7e0
[  912.005617][T14919]  ? __pfx_____sys_sendmsg+0x10/0x10
[  912.011126][T14919]  ? __fget_files+0x2a/0x410
[  912.015760][T14919]  ? __fget_files+0x2a/0x410
[  912.020396][T14919]  __sys_sendmsg+0x269/0x350
[  912.025024][T14919]  ? __pfx_lock_release+0x10/0x10
[  912.030096][T14919]  ? __pfx___sys_sendmsg+0x10/0x10
[  912.035291][T14919]  ? __pfx_vfs_write+0x10/0x10
[  912.040149][T14919]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  912.046524][T14919]  ? do_syscall_64+0x100/0x230
[  912.051337][T14919]  ? do_syscall_64+0xb6/0x230
[  912.056067][T14919]  do_syscall_64+0xf3/0x230
[  912.060618][T14919]  ? clear_bhb_loop+0x35/0x90
[  912.065347][T14919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  912.071290][T14919] RIP: 0033:0x7f201ab85d29
[  912.075744][T14919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  912.095386][T14919] RSP: 002b:00007f201b900038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  912.103852][T14919] RAX: ffffffffffffffda RBX: 00007f201ad75fa0 RCX: 00007f201ab85d29
[  912.111900][T14919] RDX: 0000000000000000 RSI: 0000000020000240 RDI: 0000000000000003
[  912.119925][T14919] RBP: 00007f201b900090 R08: 0000000000000000 R09: 0000000000000000
[  912.127935][T14919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  912.135938][T14919] R13: 0000000000000000 R14: 00007f201ad75fa0 R15: 00007ffe3fd02888
[  912.143950][T14919]  </TASK>
[  912.147065][    C1] vkms_vblank_simulate: vblank timer overrun
[  912.528517][T14928] block nbd8: shutting down sockets
[  913.198354][T14941] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1985'.
[  914.955594][ T5900] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  915.142907][ T5900] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  915.645942][ T5900] usb 10-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  915.686510][ T5900] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  915.720695][ T5900] usb 10-1: config 0 descriptor??
[  915.747973][ T5900] pwc: Askey VC010 type 2 USB webcam detected.
[  916.035991][T14972] netlink: 'syz.2.1998': attribute type 10 has an invalid length.
[  916.055947][T14972] bridge0: port 2(bridge_slave_1) entered disabled state
[  916.063287][T14972] bridge0: port 1(bridge_slave_0) entered disabled state
[  916.066002][T11787] usb 6-1: new full-speed USB device number 39 using dummy_hcd
[  916.184344][T14976] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1999'.
[  916.281342][T11787] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  916.411441][T11787] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  916.689600][T11787] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  916.818156][T11787] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  916.864380][T11787] usb 6-1: Product: syz
[  916.871633][T11787] usb 6-1: Manufacturer: syz
[  916.888335][T11787] usb 6-1: SerialNumber: syz
[  916.917271][ T5900] pwc: recv_control_msg error -71 req 02 val 2700
[  916.924194][ T5900] pwc: recv_control_msg error -71 req 02 val 2c00
[  916.931237][ T5900] pwc: recv_control_msg error -71 req 04 val 1000
[  916.945225][ T5900] pwc: recv_control_msg error -71 req 04 val 1300
[  916.952251][ T5900] pwc: recv_control_msg error -71 req 04 val 1400
[  916.959690][ T5900] pwc: recv_control_msg error -71 req 02 val 2000
[  916.986282][ T5900] pwc: recv_control_msg error -71 req 02 val 2100
[  916.994512][ T5900] pwc: recv_control_msg error -71 req 04 val 1500
[  917.006193][ T5900] pwc: recv_control_msg error -71 req 02 val 2500
[  917.017867][ T5900] pwc: recv_control_msg error -71 req 02 val 2400
[  917.024717][ T5900] pwc: recv_control_msg error -71 req 02 val 2600
[  917.037451][ T5900] pwc: recv_control_msg error -71 req 02 val 2900
[  917.044438][ T5900] pwc: recv_control_msg error -71 req 02 val 2800
[  917.052185][ T5900] pwc: recv_control_msg error -71 req 04 val 1100
[  917.070761][ T5900] pwc: recv_control_msg error -71 req 04 val 1200
[  917.113798][T11787] usb 6-1: 0:2 : does not exist
[  917.136432][ T5900] pwc: Registered as video103.
[  917.142521][ T5900] input: PWC snapshot button as /devices/platform/dummy_hcd.9/usb10/10-1/input/input53
[  917.143038][T11787] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[  917.192007][ T5900] usb 10-1: USB disconnect, device number 16
[  917.232758][T11787] usb 6-1: USB disconnect, device number 39
[  917.336666][T14990] nbd3: detected capacity change from 0 to 32
[  917.393010][T14991] block nbd3: shutting down sockets
[  917.505094][    C0] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  917.514318][    C0] buffer_io_error: 4 callbacks suppressed
[  917.514337][    C0] Buffer I/O error on dev nbd3, logical block 0, async page read
[  917.542624][T10862] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  917.614303][T10862] Buffer I/O error on dev nbd3, logical block 0, async page read
[  917.619924][T10861] udevd[10861]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  917.664482][T10862] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  917.723434][T10862] Buffer I/O error on dev nbd3, logical block 0, async page read
[  917.775999][T10862] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  917.827282][T10862] Buffer I/O error on dev nbd3, logical block 0, async page read
[  917.886354][T10862] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  917.929518][T10862] Buffer I/O error on dev nbd3, logical block 0, async page read
[  917.968164][T10862] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  918.035769][T10862] Buffer I/O error on dev nbd3, logical block 0, async page read
[  918.056122][T10862] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  918.117773][T10862] Buffer I/O error on dev nbd3, logical block 0, async page read
[  918.156541][T10862] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  918.176941][T10862] Buffer I/O error on dev nbd3, logical block 0, async page read
[  918.208320][T10862] ldm_validate_partition_table(): Disk read failed.
[  918.215861][T10862] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  918.235550][T10862] Buffer I/O error on dev nbd3, logical block 0, async page read
[  918.245362][ T5870] usb 10-1: new full-speed USB device number 17 using dummy_hcd
[  918.281726][T10862] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  918.548465][T15020] netlink: 8 bytes leftover after parsing attributes in process `syz.8.2011'.
[  918.956964][T11787] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  918.972697][T10862] Buffer I/O error on dev nbd3, logical block 0, async page read
[  919.664811][T11787] usb 3-1: Using ep0 maxpacket: 32
[  919.680873][T10862] Dev nbd3: unable to read RDB block 0
[  919.763528][T11787] usb 3-1: config 0 has an invalid interface number: 219 but max is 0
[  919.786990][ T5870] usb 10-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  919.787464][T10862]  nbd3: unable to read partition table
[  919.796237][ T5870] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  919.817381][ T5870] usb 10-1: config 0 descriptor??
[  919.833748][T11787] usb 3-1: config 0 has no interface number 0
[  919.877220][T11787] usb 3-1: config 0 interface 219 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  919.977023][T11787] usb 3-1: config 0 interface 219 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  920.020517][T10862] ldm_validate_partition_table(): Disk read failed.
[  920.064473][T10862] Dev nbd3: unable to read RDB block 0
[  920.089018][T11787] usb 3-1: config 0 interface 219 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024
[  920.123968][T10862]  nbd3: unable to read partition table
[  920.177124][T11787] usb 3-1: config 0 interface 219 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  920.224006][T11787] usb 3-1: config 0 interface 219 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1023
[  920.286767][T11787] usb 3-1: config 0 interface 219 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  920.381511][T11787] usb 3-1: New USB device found, idVendor=108c, idProduct=0169, bcdDevice=75.b9
[  920.523749][T11787] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  921.331438][T11787] usb 3-1: Product: syz
[  921.336232][T11787] usb 3-1: Manufacturer: syz
[  921.341099][T11787] usb 3-1: SerialNumber: syz
[  921.391287][T11787] usb 3-1: config 0 descriptor??
[  921.462890][T15033] FAULT_INJECTION: forcing a failure.
[  921.462890][T15033] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  921.515730][T15033] CPU: 1 UID: 0 PID: 15033 Comm: syz.3.2015 Not tainted 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0
[  921.526614][T15033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  921.536722][T15033] Call Trace:
[  921.540034][T15033]  <TASK>
[  921.543000][T15033]  dump_stack_lvl+0x241/0x360
[  921.547734][T15033]  ? __pfx_dump_stack_lvl+0x10/0x10
[  921.552993][T15033]  ? __pfx__printk+0x10/0x10
[  921.557631][T15033]  ? __pfx_lock_release+0x10/0x10
[  921.562722][T15033]  should_fail_ex+0x3b0/0x4e0
[  921.567444][T15033]  _copy_from_user+0x2f/0xc0
[  921.572082][T15033]  btf_new_fd+0x324/0xd30
[  921.576458][T15033]  ? __pfx_btf_new_fd+0x10/0x10
[  921.581345][T15033]  ? bpf_btf_load+0xcf/0x1a0
[  921.585987][T15033]  __sys_bpf+0x6ef/0x810
[  921.590275][T15033]  ? __pfx___sys_bpf+0x10/0x10
[  921.595098][T15033]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  921.601120][T15033]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  921.607488][T15033]  ? do_syscall_64+0x100/0x230
[  921.612293][T15033]  __x64_sys_bpf+0x7c/0x90
[  921.616749][T15033]  do_syscall_64+0xf3/0x230
[  921.621293][T15033]  ? clear_bhb_loop+0x35/0x90
[  921.626003][T15033]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  921.631970][T15033] RIP: 0033:0x7f201ab85d29
[  921.636431][T15033] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  921.656078][T15033] RSP: 002b:00007f201b900038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  921.664625][T15033] RAX: ffffffffffffffda RBX: 00007f201ad75fa0 RCX: 00007f201ab85d29
[  921.672638][T15033] RDX: 0000000000000028 RSI: 0000000020000280 RDI: 0000000000000012
[  921.680663][T15033] RBP: 00007f201b900090 R08: 0000000000000000 R09: 0000000000000000
[  921.688666][T15033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  921.696764][T15033] R13: 0000000000000001 R14: 00007f201ad75fa0 R15: 00007ffe3fd02888
[  921.704799][T15033]  </TASK>
[  921.707990][    C1] vkms_vblank_simulate: vblank timer overrun
[  921.888802][T11787] usb 3-1: can't set config #0, error -71
[  921.914007][T11787] usb 3-1: USB disconnect, device number 26
[  922.077910][T15043] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  922.112470][T15042] FAULT_INJECTION: forcing a failure.
[  922.112470][T15042] name failslab, interval 1, probability 0, space 0, times 0
[  922.260877][T15042] CPU: 0 UID: 0 PID: 15042 Comm: syz.3.2017 Not tainted 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0
[  922.271814][T15042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  922.281904][T15042] Call Trace:
[  922.285225][T15042]  <TASK>
[  922.288192][T15042]  dump_stack_lvl+0x241/0x360
[  922.292924][T15042]  ? __pfx_dump_stack_lvl+0x10/0x10
[  922.298188][T15042]  ? __pfx__printk+0x10/0x10
[  922.302817][T15042]  ? kmem_cache_alloc_noprof+0x48/0x380
[  922.308402][T15042]  ? __pfx___might_resched+0x10/0x10
[  922.313744][T15042]  should_fail_ex+0x3b0/0x4e0
[  922.318476][T15042]  should_failslab+0xac/0x100
[  922.323471][T15042]  ? ptlock_alloc+0x20/0x70
[  922.328024][T15042]  kmem_cache_alloc_noprof+0x70/0x380
[  922.333449][T15042]  ptlock_alloc+0x20/0x70
[  922.337827][T15042]  pte_alloc_one+0xd3/0x510
[  922.342377][T15042]  ? __pfx_pte_alloc_one+0x10/0x10
[  922.347533][T15042]  ? free_unref_page+0x71e/0x1000
[  922.352616][T15042]  handle_pte_fault+0x2913/0x5ed0
[  922.357716][T15042]  ? mark_lock+0x9a/0x360
[  922.362123][T15042]  ? __pfx_handle_pte_fault+0x10/0x10
[  922.367538][T15042]  ? __lock_acquire+0x1397/0x2100
[  922.372623][T15042]  ? __thp_vma_allowable_orders+0x8ff/0x9c0
[  922.378596][T15042]  handle_mm_fault+0x1053/0x1ad0
[  922.383593][T15042]  ? __pfx_handle_mm_fault+0x10/0x10
[  922.388919][T15042]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  922.395275][T15042]  ? lock_mm_and_find_vma+0x9c/0x2f0
[  922.400592][T15042]  exc_page_fault+0x2b9/0x8b0
[  922.405313][T15042]  asm_exc_page_fault+0x26/0x30
[  922.410216][T15042] RIP: 0010:rep_movs_alternative+0x13/0x70
[  922.416068][T15042] Code: cc cc cc 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 83 f9 40 73 40 83 f9 08 73 21 85 c9 74 0f <8a> 06 88 07 48 ff c7 48 ff c6 48 ff c9 75 f1 c3 cc cc cc cc 66 0f
[  922.435716][T15042] RSP: 0018:ffffc9000c75fb50 EFLAGS: 00050202
[  922.441823][T15042] RAX: 0000000000000001 RBX: 00000000200000c0 RCX: 000000000000000c
[  922.449831][T15042] RDX: 0000000000000001 RSI: 00000000200000c0 RDI: ffffc9000c75fca0
[  922.457836][T15042] RBP: ffffc9000c75fd70 R08: 0000000000000003 R09: fffff520018ebf95
[  922.465830][T15042] R10: dffffc0000000000 R11: fffff520018ebf95 R12: 00000000200000c0
[  922.473855][T15042] R13: 1ffff920018ebf94 R14: ffffc9000c75fca0 R15: 000000000000000c
[  922.481892][T15042]  _copy_from_user+0x7f/0xc0
[  922.486539][T15042]  l2cap_sock_setsockopt+0xc7f/0x2bb0
[  922.491950][T15042]  ? mark_lock+0x9a/0x360
[  922.496346][T15042]  ? __pfx_l2cap_sock_setsockopt+0x10/0x10
[  922.502209][T15042]  ? lock_downgrade+0x850/0x900
[  922.507096][T15042]  ? __fget_files+0x2a/0x410
[  922.511728][T15042]  ? __pfx_l2cap_sock_setsockopt+0x10/0x10
[  922.517588][T15042]  do_sock_setsockopt+0x3af/0x720
[  922.522685][T15042]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  922.528277][T15042]  ? __fget_files+0x395/0x410
[  922.532987][T15042]  ? __fget_files+0x2a/0x410
[  922.537623][T15042]  __x64_sys_setsockopt+0x1ee/0x280
[  922.542875][T15042]  do_syscall_64+0xf3/0x230
[  922.547422][T15042]  ? clear_bhb_loop+0x35/0x90
[  922.552129][T15042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  922.558052][T15042] RIP: 0033:0x7f201ab85d29
[  922.562495][T15042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  922.582138][T15042] RSP: 002b:00007f201b900038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  922.590617][T15042] RAX: ffffffffffffffda RBX: 00007f201ad75fa0 RCX: 00007f201ab85d29
[  922.598615][T15042] RDX: 0000000000000001 RSI: 0000000000000006 RDI: 0000000000000004
[  922.606601][T15042] RBP: 00007f201b900090 R08: 000000000000000c R09: 0000000000000000
[  922.614590][T15042] R10: 00000000200000c0 R11: 0000000000000246 R12: 0000000000000001
[  922.622576][T15042] R13: 0000000000000000 R14: 00007f201ad75fa0 R15: 00007ffe3fd02888
[  922.630578][T15042]  </TASK>
[  922.875083][ T5870] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00
[  922.940558][ T5870] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  923.011497][ T5870] [drm:udl_init] *ERROR* Selecting channel failed
[  923.110853][ T5870] [drm] Initialized udl 0.0.1 for 10-1:0.0 on minor 2
[  923.153184][ T5870] [drm] Initialized udl on minor 2
[  923.205676][ T5870] udl 10-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  923.292945][ T5870] udl 10-1:0.0: [drm] Cannot find any crtc or sizes
[  923.318284][T13092] udl 10-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  923.346895][ T5870] usb 10-1: USB disconnect, device number 17
[  923.378393][T13092] udl 10-1:0.0: [drm] Cannot find any crtc or sizes
[  923.402032][T15063] PKCS8: Unsupported PKCS#8 version
[  927.146779][T15148] pim6reg1: entered promiscuous mode
[  927.175772][T15148] pim6reg1: entered allmulticast mode
[  927.461889][T15156] wg2: entered promiscuous mode
[  927.476244][T15156] wg2: entered allmulticast mode
[  931.336392][T15217] syz.3.2081[15217] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  931.336486][T15217] syz.3.2081[15217] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  931.378936][T15217] syz.3.2081[15217] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  931.704420][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  931.732674][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  931.835175][T15231] pim6reg1: entered promiscuous mode
[  931.846074][T15231] pim6reg1: entered allmulticast mode
[  932.070976][T15235] syzkaller0: entered promiscuous mode
[  932.088078][T15235] syzkaller0: entered allmulticast mode
[  932.126647][T15237] pim6reg1: entered promiscuous mode
[  932.147550][T15237] pim6reg1: entered allmulticast mode
[  932.671275][   T29] audit: type=1326 audit(1734475252.752:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15249 comm="syz.3.2096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201ab85d29 code=0x7ffc0000
[  932.692934][    C1] vkms_vblank_simulate: vblank timer overrun
[  932.737854][   T29] audit: type=1326 audit(1734475252.782:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15249 comm="syz.3.2096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201ab85d29 code=0x7ffc0000
[  932.759470][    C1] vkms_vblank_simulate: vblank timer overrun
[  932.866224][   T29] audit: type=1326 audit(1734475252.782:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15249 comm="syz.3.2096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f201ab85d29 code=0x7ffc0000
[  932.917836][   T29] audit: type=1326 audit(1734475252.782:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15249 comm="syz.3.2096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201ab85d29 code=0x7ffc0000
[  932.948511][   T29] audit: type=1326 audit(1734475252.782:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15249 comm="syz.3.2096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201ab85d29 code=0x7ffc0000
[  933.073375][   T29] audit: type=1326 audit(1734475252.782:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15249 comm="syz.3.2096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f201ab85d29 code=0x7ffc0000
[  933.095012][    C1] vkms_vblank_simulate: vblank timer overrun
[  933.103358][   T29] audit: type=1326 audit(1734475252.782:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15249 comm="syz.3.2096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201ab85d29 code=0x7ffc0000
[  933.164420][   T29] audit: type=1326 audit(1734475252.782:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15249 comm="syz.3.2096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201ab85d29 code=0x7ffc0000
[  933.198793][   T29] audit: type=1326 audit(1734475252.782:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15249 comm="syz.3.2096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f201ab85d29 code=0x7ffc0000
[  933.243294][   T29] audit: type=1326 audit(1734475252.792:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15249 comm="syz.3.2096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f201ab85d29 code=0x7ffc0000
[  935.647355][T15221] syz.3.2081 (15221) used greatest stack depth: 17136 bytes left
[  937.735463][T15281] syz.3.2109[15281] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  937.735571][T15281] syz.3.2109[15281] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  937.751380][T15281] syz.3.2109[15281] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  937.915416][T15287] xt_hashlimit: size too large, truncated to 1048576
[  939.333316][   T29] kauditd_printk_skb: 38 callbacks suppressed
[  939.333339][   T29] audit: type=1326 audit(1734475259.412:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15304 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08efb85d29 code=0x7ffc0000
[  939.361276][    C1] vkms_vblank_simulate: vblank timer overrun
[  939.566935][   T29] audit: type=1326 audit(1734475259.412:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15304 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08efb85d29 code=0x7ffc0000
[  939.664868][   T29] audit: type=1326 audit(1734475259.472:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15304 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f08efb85d29 code=0x7ffc0000
[  939.750439][   T29] audit: type=1326 audit(1734475259.472:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15304 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08efb85d29 code=0x7ffc0000
[  939.865771][   T29] audit: type=1326 audit(1734475259.472:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15304 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08efb85d29 code=0x7ffc0000
[  939.990389][   T29] audit: type=1326 audit(1734475259.482:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15304 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f08efb85d29 code=0x7ffc0000
[  940.012039][    C1] vkms_vblank_simulate: vblank timer overrun
[  940.144984][   T29] audit: type=1326 audit(1734475259.482:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15304 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08efb85d29 code=0x7ffc0000
[  940.274313][   T29] audit: type=1326 audit(1734475259.482:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15304 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08efb85d29 code=0x7ffc0000
[  940.295972][    C1] vkms_vblank_simulate: vblank timer overrun
[  940.403244][   T29] audit: type=1326 audit(1734475259.482:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15304 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f08efb85d29 code=0x7ffc0000
[  940.424992][    C1] vkms_vblank_simulate: vblank timer overrun
[  940.513227][   T29] audit: type=1326 audit(1734475259.482:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15304 comm="syz.5.2117" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08efb85d29 code=0x7ffc0000
[  940.571859][T15316] netlink: 12 bytes leftover after parsing attributes in process `syz.8.2122'.
[  940.884620][T15322] syz.3.2125[15322] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  940.884727][T15322] syz.3.2125[15322] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  940.956496][T15322] syz.3.2125[15322] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  944.196370][T15369] lo: entered allmulticast mode
[  944.252928][T15369] tunl0: entered allmulticast mode
[  944.283358][T15369] gre0: entered allmulticast mode
[  944.311554][T15369] gretap0: entered allmulticast mode
[  944.333269][T15369] erspan0: entered allmulticast mode
[  944.360018][T15369] ip_vti0: entered allmulticast mode
[  944.380657][T15369] ip6_vti0: entered allmulticast mode
[  944.402522][T15369] sit0: entered allmulticast mode
[  944.428706][T15369] ip6tnl0: entered allmulticast mode
[  944.446240][T15369] ip6gre0: entered allmulticast mode
[  944.477722][T15369] syz_tun: entered allmulticast mode
[  944.518369][T15369] ip6gretap0: entered allmulticast mode
[  944.543151][T15369] bridge0: port 2(bridge_slave_1) entered blocking state
[  944.550368][T15369] bridge0: port 2(bridge_slave_1) entered forwarding state
[  944.557924][T15369] bridge0: port 1(bridge_slave_0) entered blocking state
[  944.565052][T15369] bridge0: port 1(bridge_slave_0) entered forwarding state
[  944.634858][T15369] bridge0: entered allmulticast mode
[  944.658591][T15369] vcan0: entered allmulticast mode
[  944.689307][T15369] bond0: entered allmulticast mode
[  944.712789][T15369] bond_slave_0: entered allmulticast mode
[  944.739776][T15369] bond_slave_1: entered allmulticast mode
[  944.755465][T15369] team0: entered allmulticast mode
[  944.770844][T15369] team_slave_0: entered allmulticast mode
[  944.784059][T15369] team_slave_1: entered allmulticast mode
[  944.803224][T15369] dummy0: entered allmulticast mode
[  944.823732][T15369] nlmon0: entered allmulticast mode
[  944.855814][ T6405] usb 9-1: new high-speed USB device number 39 using dummy_hcd
[  944.877190][T15369] caif0: entered allmulticast mode
[  944.895968][T15369] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  945.034740][ T6405] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  945.062265][ T6405] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  945.288255][ T6405] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  945.310417][ T6405] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  945.319595][ T6405] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  945.331138][ T6405] usb 9-1: config 0 descriptor??
[  946.210865][   T29] kauditd_printk_skb: 5 callbacks suppressed
[  946.210886][   T29] audit: type=1326 audit(1734475266.282:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15374 comm="syz.8.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c95385d29 code=0x7ffc0000
[  946.255738][ T6405] plantronics 0003:047F:FFFF.0027: No inputs registered, leaving
[  946.281573][ T6405] plantronics 0003:047F:FFFF.0027: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[  946.314592][ T6405] usb 9-1: USB disconnect, device number 39
[  946.338407][   T29] audit: type=1326 audit(1734475266.282:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15374 comm="syz.8.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c95385d29 code=0x7ffc0000
[  946.360003][    C1] vkms_vblank_simulate: vblank timer overrun
[  946.409634][   T29] audit: type=1326 audit(1734475266.282:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15374 comm="syz.8.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f4c95385d29 code=0x7ffc0000
[  946.518608][   T29] audit: type=1326 audit(1734475266.282:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15374 comm="syz.8.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c95385d29 code=0x7ffc0000
[  946.595921][   T29] audit: type=1326 audit(1734475266.282:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15374 comm="syz.8.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c95385d29 code=0x7ffc0000
[  946.642683][   T29] audit: type=1326 audit(1734475266.282:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15374 comm="syz.8.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=109 compat=0 ip=0x7f4c95385d29 code=0x7ffc0000
[  946.673883][   T29] audit: type=1326 audit(1734475266.282:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15374 comm="syz.8.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c95385d29 code=0x7ffc0000
[  946.696158][    C1] vkms_vblank_simulate: vblank timer overrun
[  946.825903][   T29] audit: type=1326 audit(1734475266.282:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15374 comm="syz.8.2141" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4c95385d29 code=0x7ffc0000
[  946.897986][   T29] audit: type=1326 audit(1734475266.632:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15401 comm="syz.5.2149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08efb85d29 code=0x7ffc0000
[  946.979237][   T29] audit: type=1326 audit(1734475266.632:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15401 comm="syz.5.2149" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f08efb85d29 code=0x7ffc0000
[  947.005295][T15415] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  947.016490][T15415] syzkaller0: MTU too low for tipc bearer
[  947.022268][T15415] tipc: Disabling bearer <eth:syzkaller0>
[  947.033460][T15418] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  947.179748][T15411] kvm: pic: level sensitive irq not supported
[  947.184649][T15411] kvm: pic: non byte read
[  947.236325][T15411] kvm: pic: level sensitive irq not supported
[  947.236554][T15411] kvm: pic: non byte read
[  949.187854][T15444] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2163'.
[  949.392114][T15448] pim6reg1: entered promiscuous mode
[  949.405784][T15448] pim6reg1: entered allmulticast mode
[  952.059540][T15491] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2180'.
[  952.545811][ T5900] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  952.737466][ T5900] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  952.769205][ T5900] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  952.796272][ T5900] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  952.859429][ T5900] usb 4-1: config 0 descriptor??
[  953.078907][T15499] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  953.101859][T15499] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  953.174225][ T5900] usbhid 4-1:0.0: can't add hid device: -71
[  953.193685][ T5900] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  953.234407][ T5900] usb 4-1: USB disconnect, device number 22
[  953.981383][ T5900] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  954.365794][ T5900] usb 4-1: Using ep0 maxpacket: 16
[  954.416323][ T5900] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 11
[  954.483888][ T5900] usb 4-1: config 1 interface 0 altsetting 3 endpoint 0xB has invalid wMaxPacketSize 0
[  954.543558][   T29] kauditd_printk_skb: 52 callbacks suppressed
[  954.543578][   T29] audit: type=1326 audit(1734475274.612:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15526 comm="syz.5.2194" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f08efb85d29 code=0x0
[  954.582192][ T5900] usb 4-1: config 1 interface 0 altsetting 3 bulk endpoint 0xB has invalid maxpacket 0
[  954.623223][ T5900] usb 4-1: config 1 interface 0 altsetting 3 bulk endpoint 0x8A has invalid maxpacket 8
[  954.645778][ T5900] usb 4-1: config 1 interface 0 has no altsetting 0
[  954.652462][ T5900] usb 4-1: New USB device found, idVendor=04e6, idProduct=0003, bcdDevice= 1.77
[  954.663234][ T5900] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  954.684920][ T5900] ums-sddr09 4-1:1.0: USB Mass Storage device detected
[  955.026205][ T5900] scsi host1: usb-storage 4-1:1.0
[  955.026817][ T5133] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  955.052327][ T5133] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  955.063994][ T5133] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  955.213492][ T5133] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  955.249774][ T5133] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  955.267169][ T5133] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  955.979900][T15545] fuse: Unknown parameter '0x0000000000000008'
[  956.941676][   T52] scsi 1:0:0:0: Direct-Access     Sandisk  ImageMate SDDR09 0177 PQ: 0 ANSI: 0
[  957.032992][ T1337] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  957.144573][ T5873] usb 4-1: USB disconnect, device number 23
[  957.349554][T13780] sd 1:0:0:0: [sdb] Test Unit Ready failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK
[  957.366241][T11787] usb 9-1: new high-speed USB device number 40 using dummy_hcd
[  957.443241][T13780] sd 1:0:0:0: [sdb] Read Capacity(10) failed: Result: hostbyte=DID_NO_CONNECT driverbyte=DRIVER_OK
[  957.456922][ T5834] Bluetooth: hci3: command tx timeout
[  957.466827][T13780] sd 1:0:0:0: [sdb] Sense not available.
[  957.473190][T13780] sd 1:0:0:0: [sdb] 0 512-byte logical blocks: (0 B/0 B)
[  957.480912][T13780] sd 1:0:0:0: [sdb] 0-byte physical blocks
[  957.487440][T13780] sd 1:0:0:0: [sdb] Test WP failed, assume Write Enabled
[  957.495212][T13780] sd 1:0:0:0: [sdb] Asking for cache data failed
[  957.502094][T13780] sd 1:0:0:0: [sdb] Assuming drive cache: write through
[  957.511552][T13780] 
[  957.513913][T13780] ======================================================
[  957.520953][T13780] WARNING: possible circular locking dependency detected
[  957.528000][T13780] 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0 Not tainted
[  957.535144][T13780] ------------------------------------------------------
[  957.542178][T13780] kworker/u8:15/13780 is trying to acquire lock:
[  957.548529][T13780] ffff888027b0b038 (&q->debugfs_mutex){+.+.}-{4:4}, at: blk_mq_init_sched+0x3fa/0x830
[  957.558146][T13780] 
[  957.558146][T13780] but task is already holding lock:
[  957.565694][T13780] ffff888027b0a800 (&q->q_usage_counter(queue)#84){++++}-{0:0}, at: add_disk_fwnode+0x10d/0xf80
[  957.576200][T13780] 
[  957.576200][T13780] which lock already depends on the new lock.
[  957.576200][T13780] 
[  957.586622][T13780] 
[  957.586622][T13780] the existing dependency chain (in reverse order) is:
[  957.595656][T13780] 
[  957.595656][T13780] -> #5 (&q->q_usage_counter(queue)#84){++++}-{0:0}:
[  957.604568][T13780]        lock_acquire+0x1ed/0x550
[  957.609621][T13780]        blk_queue_enter+0xe1/0x600
[  957.614838][T13780]        blk_mq_alloc_request+0x4fa/0xaa0
[  957.620588][T13780]        scsi_execute_cmd+0x177/0x1090
[  957.626075][T13780]        read_capacity_10+0x256/0x9c0
[  957.631474][T13780]        sd_revalidate_disk+0x1066/0xbce0
[  957.637220][T13780]        sd_probe+0x9fa/0x1100
[  957.642016][T13780]        really_probe+0x2b8/0xad0
[  957.647064][T13780]        __driver_probe_device+0x1a2/0x390
[  957.652899][T13780]        driver_probe_device+0x50/0x430
[  957.658472][T13780]        __device_attach_driver+0x2d6/0x530
[  957.664406][T13780]        bus_for_each_drv+0x24e/0x2e0
[  957.669818][T13780]        __device_attach_async_helper+0x22d/0x300
[  957.676265][T13780]        async_run_entry_fn+0xa8/0x420
[  957.681757][T13780]        process_scheduled_works+0xa66/0x1840
[  957.687856][T13780]        worker_thread+0x870/0xd30
[  957.692988][T13780]        kthread+0x2f0/0x390
[  957.697602][T13780]        ret_from_fork+0x4b/0x80
[  957.702569][T13780]        ret_from_fork_asm+0x1a/0x30
[  957.707893][T13780] 
[  957.707893][T13780] -> #4 (&q->limits_lock){+.+.}-{4:4}:
[  957.715580][T13780]        lock_acquire+0x1ed/0x550
[  957.720627][T13780]        __mutex_lock+0x1ac/0xee0
[  957.725692][T13780]        nbd_set_size+0x2e0/0x8f0
[  957.730741][T13780]        nbd_ioctl+0x5dc/0xf40
[  957.735536][T13780]        blkdev_ioctl+0x57d/0x6a0
[  957.740581][T13780]        __se_sys_ioctl+0xf5/0x170
[  957.745720][T13780]        do_syscall_64+0xf3/0x230
[  957.750773][T13780]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  957.757236][T13780] 
[  957.757236][T13780] -> #3 (&q->q_usage_counter(io)#52){++++}-{0:0}:
[  957.765892][T13780]        lock_acquire+0x1ed/0x550
[  957.770940][T13780]        blk_mq_submit_bio+0x1536/0x2390
[  957.776605][T13780]        __submit_bio+0x2c6/0x560
[  957.781655][T13780]        submit_bio_noacct_nocheck+0x4d3/0xe30
[  957.787845][T13780]        block_read_full_folio+0x9b3/0xae0
[  957.793683][T13780]        filemap_read_folio+0x148/0x3b0
[  957.799259][T13780]        filemap_get_pages+0x18ca/0x2080
[  957.804971][T13780]        filemap_read+0x452/0xf50
[  957.810028][T13780]        blkdev_read_iter+0x2d8/0x430
[  957.815428][T13780]        vfs_read+0x991/0xb70
[  957.820149][T13780]        ksys_read+0x18f/0x2b0
[  957.824943][T13780]        do_syscall_64+0xf3/0x230
[  957.830022][T13780]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  957.836474][T13780] 
[  957.836474][T13780] -> #2 (mapping.invalidate_lock#2){++++}-{4:4}:
[  957.845039][T13780]        lock_acquire+0x1ed/0x550
[  957.850094][T13780]        down_read+0xb1/0xa40
[  957.854905][T13780]        filemap_fault+0x615/0x1490
[  957.860142][T13780]        __do_fault+0x135/0x390
[  957.865026][T13780]        handle_pte_fault+0x39eb/0x5ed0
[  957.870605][T13780]        handle_mm_fault+0x1053/0x1ad0
[  957.876106][T13780]        __get_user_pages+0x1c82/0x49e0
[  957.881681][T13780]        populate_vma_page_range+0x264/0x330
[  957.887694][T13780]        __mm_populate+0x27a/0x460
[  957.892836][T13780]        vm_mmap_pgoff+0x2c3/0x3d0
[  957.897985][T13780]        ksys_mmap_pgoff+0x4eb/0x720
[  957.903296][T13780]        do_syscall_64+0xf3/0x230
[  957.908356][T13780]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  957.914805][T13780] 
[  957.914805][T13780] -> #1 (&mm->mmap_lock){++++}-{4:4}:
[  957.922417][T13780]        lock_acquire+0x1ed/0x550
[  957.927476][T13780]        __might_fault+0xc6/0x120
[  957.932534][T13780]        _copy_from_user+0x2a/0xc0
[  957.937684][T13780]        blk_trace_ioctl+0x1ad/0x9a0
[  957.943000][T13780]        blkdev_ioctl+0x40c/0x6a0
[  957.948053][T13780]        __se_sys_ioctl+0xf5/0x170
[  957.953195][T13780]        do_syscall_64+0xf3/0x230
[  957.958254][T13780]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  957.964707][T13780] 
[  957.964707][T13780] -> #0 (&q->debugfs_mutex){+.+.}-{4:4}:
[  957.972577][T13780]        validate_chain+0x18ef/0x5920
[  957.978001][T13780]        __lock_acquire+0x1397/0x2100
[  957.983406][T13780]        lock_acquire+0x1ed/0x550
[  957.988464][T13780]        __mutex_lock+0x1ac/0xee0
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  957.993545][T13780]        blk_mq_init_sched+0x3fa/0x830
[  957.999051][T13780]        elevator_init_mq+0x20e/0x320
[  958.004455][T13780]        add_disk_fwnode+0x10d/0xf80
[  958.009755][T13780]        sd_probe+0xba6/0x1100
[  958.014535][T13780]        really_probe+0x2b8/0xad0
[  958.019573][T13780]        __driver_probe_device+0x1a2/0x390
[  958.025399][T13780]        driver_probe_device+0x50/0x430
[  958.030957][T13780]        __device_attach_driver+0x2d6/0x530
[  958.036860][T13780]        bus_for_each_drv+0x24e/0x2e0
[  958.042248][T13780]        __device_attach_async_helper+0x22d/0x300
[  958.048681][T13780]        async_run_entry_fn+0xa8/0x420
[  958.054158][T13780]        process_scheduled_works+0xa66/0x1840
[  958.060242][T13780]        worker_thread+0x870/0xd30
[  958.065359][T13780]        kthread+0x2f0/0x390
[  958.069957][T13780]        ret_from_fork+0x4b/0x80
[  958.074901][T13780]        ret_from_fork_asm+0x1a/0x30
[  958.080205][T13780] 
[  958.080205][T13780] other info that might help us debug this:
[  958.080205][T13780] 
[  958.090430][T13780] Chain exists of:
[  958.090430][T13780]   &q->debugfs_mutex --> &q->limits_lock --> &q->q_usage_counter(queue)#84
[  958.090430][T13780] 
[  958.104883][T13780]  Possible unsafe locking scenario:
[  958.104883][T13780] 
[  958.112350][T13780]        CPU0                    CPU1
[  958.117718][T13780]        ----                    ----
[  958.123088][T13780]   lock(&q->q_usage_counter(queue)#84);
[  958.128748][T13780]                                lock(&q->limits_lock);
[  958.135721][T13780]                                lock(&q->q_usage_counter(queue)#84);
[  958.143919][T13780]   lock(&q->debugfs_mutex);
[  958.148531][T13780] 
[  958.148531][T13780]  *** DEADLOCK ***
[  958.148531][T13780] 
[  958.156675][T13780] 4 locks held by kworker/u8:15/13780:
[  958.162142][T13780]  #0: ffff88801baef148 ((wq_completion)async){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1840
[  958.173050][T13780]  #1: ffffc900034dfd00 ((work_completion)(&entry->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1840
[  958.184911][T13780]  #2: ffff888024074378 (&dev->mutex){....}-{4:4}, at: __device_attach_async_helper+0xfc/0x300
[  958.195302][T13780]  #3: ffff888027b0a800 (&q->q_usage_counter(queue)#84){++++}-{0:0}, at: add_disk_fwnode+0x10d/0xf80
[  958.206201][T13780] 
[  958.206201][T13780] stack backtrace:
[  958.212087][T13780] CPU: 1 UID: 0 PID: 13780 Comm: kworker/u8:15 Not tainted 6.13.0-rc3-syzkaller-00026-g59dbb9d81adf #0
[  958.223122][T13780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 11/25/2024
[  958.233181][T13780] Workqueue: async async_run_entry_fn
[  958.238575][T13780] Call Trace:
[  958.241859][T13780]  <TASK>
[  958.244790][T13780]  dump_stack_lvl+0x241/0x360
[  958.249481][T13780]  ? __pfx_dump_stack_lvl+0x10/0x10
[  958.254703][T13780]  ? __pfx__printk+0x10/0x10
[  958.259306][T13780]  print_circular_bug+0x13a/0x1b0
[  958.264434][T13780]  check_noncircular+0x36a/0x4a0
[  958.269403][T13780]  ? __pfx_check_noncircular+0x10/0x10
[  958.274874][T13780]  ? lockdep_lock+0x123/0x2b0
[  958.279585][T13780]  validate_chain+0x18ef/0x5920
[  958.284459][T13780]  ? validate_chain+0x11e/0x5920
[  958.289406][T13780]  ? preempt_count_add+0x93/0x190
[  958.294446][T13780]  ? __pfx_validate_chain+0x10/0x10
[  958.299656][T13780]  ? stack_trace_save+0x118/0x1d0
[  958.304695][T13780]  ? unwind_next_frame+0x18e6/0x22d0
[  958.310001][T13780]  ? deref_stack_reg+0x17c/0x210
[  958.314936][T13780]  ? preempt_count_add+0x93/0x190
[  958.319962][T13780]  ? unwind_next_frame+0x193b/0x22d0
[  958.325249][T13780]  ? look_up_lock_class+0x77/0x170
[  958.330378][T13780]  ? register_lock_class+0x102/0x980
[  958.335674][T13780]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  958.341852][T13780]  ? __pfx_register_lock_class+0x10/0x10
[  958.347517][T13780]  ? arch_stack_walk+0x11c/0x150
[  958.352572][T13780]  ? mark_lock+0x9a/0x360
[  958.356936][T13780]  __lock_acquire+0x1397/0x2100
[  958.361803][T13780]  lock_acquire+0x1ed/0x550
[  958.366331][T13780]  ? blk_mq_init_sched+0x3fa/0x830
[  958.371478][T13780]  ? __pfx_lock_acquire+0x10/0x10
[  958.376595][T13780]  ? __device_attach_driver+0x2d6/0x530
[  958.382234][T13780]  ? bus_for_each_drv+0x24e/0x2e0
[  958.387272][T13780]  ? __pfx___might_resched+0x10/0x10
[  958.392574][T13780]  ? kthread+0x2f0/0x390
[  958.396822][T13780]  ? ret_from_fork+0x4b/0x80
[  958.401418][T13780]  ? ret_from_fork_asm+0x1a/0x30
[  958.406394][T13780]  __mutex_lock+0x1ac/0xee0
[  958.410926][T13780]  ? blk_mq_init_sched+0x3fa/0x830
[  958.416047][T13780]  ? __asan_memset+0x23/0x50
[  958.420658][T13780]  ? lockdep_init_map_type+0xa1/0x910
[  958.426037][T13780]  ? blk_mq_init_sched+0x3fa/0x830
[  958.431200][T13780]  ? __pfx___mutex_lock+0x10/0x10
[  958.436243][T13780]  ? blk_queue_flag_set+0x24/0x40
[  958.441297][T13780]  blk_mq_init_sched+0x3fa/0x830
[  958.446244][T13780]  ? percpu_ref_is_zero+0xe9/0x100
[  958.451373][T13780]  ? __pfx_blk_mq_init_sched+0x10/0x10
[  958.456834][T13780]  ? blk_mq_cancel_work_sync+0xf3/0x140
[  958.462386][T13780]  ? __pfx_blk_mq_cancel_work_sync+0x10/0x10
[  958.468375][T13780]  ? percpu_ref_kill_and_confirm+0xa0/0x130
[  958.474281][T13780]  ? add_disk_fwnode+0x10d/0xf80
[  958.479244][T13780]  elevator_init_mq+0x20e/0x320
[  958.484104][T13780]  add_disk_fwnode+0x10d/0xf80
[  958.488878][T13780]  ? _raw_spin_unlock_irq+0x23/0x50
[  958.494085][T13780]  ? lockdep_hardirqs_on+0x99/0x150
[  958.499298][T13780]  sd_probe+0xba6/0x1100
[  958.503563][T13780]  ? __pfx_sd_probe+0x10/0x10
[  958.508250][T13780]  really_probe+0x2b8/0xad0
[  958.512764][T13780]  __driver_probe_device+0x1a2/0x390
[  958.518067][T13780]  driver_probe_device+0x50/0x430
[  958.523097][T13780]  __device_attach_driver+0x2d6/0x530
[  958.528504][T13780]  bus_for_each_drv+0x24e/0x2e0
[  958.533376][T13780]  ? __pfx___device_attach_driver+0x10/0x10
[  958.539279][T13780]  ? __pfx_bus_for_each_drv+0x10/0x10
[  958.544671][T13780]  ? ktime_get+0x3e/0x1f0
[  958.549017][T13780]  ? lockdep_hardirqs_on+0x99/0x150
[  958.554231][T13780]  __device_attach_async_helper+0x22d/0x300
[  958.560140][T13780]  ? __pfx___device_attach_async_helper+0x10/0x10
[  958.566576][T13780]  ? process_scheduled_works+0x976/0x1840
[  958.572309][T13780]  ? read_tsc+0x9/0x20
[  958.576392][T13780]  ? ktime_get+0x1c5/0x1f0
[  958.580816][T13780]  ? __pfx___device_attach_async_helper+0x10/0x10
[  958.587239][T13780]  async_run_entry_fn+0xa8/0x420
[  958.592191][T13780]  ? process_scheduled_works+0x976/0x1840
[  958.597922][T13780]  process_scheduled_works+0xa66/0x1840
[  958.603495][T13780]  ? __pfx_process_scheduled_works+0x10/0x10
[  958.609496][T13780]  ? assign_work+0x364/0x3d0
[  958.614105][T13780]  worker_thread+0x870/0xd30
[  958.618699][T13780]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  958.624603][T13780]  ? __kthread_parkme+0x169/0x1d0
[  958.629650][T13780]  ? __pfx_worker_thread+0x10/0x10
[  958.634788][T13780]  kthread+0x2f0/0x390
[  958.638864][T13780]  ? __pfx_worker_thread+0x10/0x10
[  958.643974][T13780]  ? __pfx_kthread+0x10/0x10
[  958.648575][T13780]  ret_from_fork+0x4b/0x80
[  958.652998][T13780]  ? __pfx_kthread+0x10/0x10
[  958.657599][T13780]  ret_from_fork_asm+0x1a/0x30
[  958.662383][T13780]  </TASK>
[  958.665504][    C1] vkms_vblank_simulate: vblank timer overrun
[  958.881082][   T52] sd 1:0:0:0: Attached scsi generic sg1 type 0
[  958.970314][T13780] sd 1:0:0:0: [sdb] Attached SCSI removable disk
[  959.020485][ T1337] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  959.288060][ T1337] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  959.479841][ T1337] team0: Port device netdevsim0 removed
[  959.493885][ T1337] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  959.508976][T11787] usb 9-1: device descriptor read/all, error -71
[  959.536414][ T5834] Bluetooth: hci3: command tx timeout
[  959.645329][ T1337] bridge_slave_1: left allmulticast mode
[  959.651844][ T1337] bridge0: port 2(bridge_slave_1) entered disabled state
[  959.660686][ T1337] bridge_slave_0: left allmulticast mode
[  959.666421][ T1337] bridge_slave_0: left promiscuous mode
[  959.672094][ T1337] bridge0: port 1(bridge_slave_0) entered disabled state
[  959.690089][T13680] udevd[13680]: inotify_add_watch(7, /dev/sdb, 10) failed: No such file or directory
[  959.761512][T10685] udevd[10685]: inotify_add_watch(7, /dev/sdb, 10) failed: No such file or directory
[  959.812207][ T1337] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  959.862953][ T1337] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  959.873783][ T1337] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  959.886675][ T1337] bond0 (unregistering): Released all slaves
[  960.094232][ T1337] hsr_slave_0: left promiscuous mode
[  960.101702][ T1337] hsr_slave_1: left promiscuous mode
[  960.110242][ T1337] veth1_macvtap: left promiscuous mode
[  960.116421][ T1337] veth0_macvtap: left promiscuous mode
[  960.122013][ T1337] veth1_vlan: left promiscuous mode
[  960.129126][ T1337] veth0_vlan: left promiscuous mode
[  960.324399][ T1337] team0 (unregistering): Port device team_slave_1 removed
[  960.353076][ T1337] team0 (unregistering): Port device team_slave_0 removed
[  960.781851][ T1337] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  960.827347][ T1337] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  960.892701][ T1337] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  960.941762][ T1337] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  961.050405][ T1337] netdevsim netdevsim8 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  961.061345][ T1337] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  961.121252][ T1337] netdevsim netdevsim8 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  961.132626][ T1337] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  961.184449][ T1337] netdevsim netdevsim8 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  961.198186][ T1337] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  961.270872][ T1337] netdevsim netdevsim8 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  961.281955][ T1337] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  961.408607][ T1337] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  961.450523][ T1337] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  961.514439][ T1337] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  961.582932][ T1337] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  961.699629][ T1337] bridge_slave_1: left allmulticast mode
[  961.705316][ T1337] bridge_slave_1: left promiscuous mode
[  961.711443][ T1337] bridge0: port 2(bridge_slave_1) entered disabled state
[  961.721588][ T1337] bridge_slave_0: left allmulticast mode
[  961.727969][ T1337] bridge_slave_0: left promiscuous mode
[  961.733728][ T1337] bridge0: port 1(bridge_slave_0) entered disabled state
[  961.743041][ T1337] bridge_slave_1: left allmulticast mode
[  961.748738][ T1337] bridge_slave_1: left promiscuous mode
[  961.754387][ T1337] bridge0: port 2(bridge_slave_1) entered disabled state
[  961.763129][ T1337] bridge_slave_0: left allmulticast mode
[  961.768994][ T1337] bridge_slave_0: left promiscuous mode
[  961.774628][ T1337] bridge0: port 1(bridge_slave_0) entered disabled state
[  961.785352][ T1337] bridge_slave_1: left allmulticast mode
[  961.791755][ T1337] bridge_slave_1: left promiscuous mode
[  961.797561][ T1337] bridge0: port 2(bridge_slave_1) entered disabled state
[  961.805572][ T1337] bridge_slave_0: left allmulticast mode
[  961.812162][ T1337] bridge_slave_0: left promiscuous mode
[  961.818756][ T1337] bridge0: port 1(bridge_slave_0) entered disabled state
[  961.830483][ T1337] tipc: Resetting bearer <eth:geneve1>
[  962.042040][ T1337] tipc: Disabling bearer <eth:geneve1>
[  962.179097][ T1337] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  962.290161][ T1337] bond0 (unregistering): (slave bridge0): Releasing backup interface
[  962.331253][ T1337] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  962.342130][ T1337] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  962.351851][ T1337] bond0 (unregistering): Released all slaves
[  962.365050][ T1337] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  962.380003][ T1337] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  962.390133][ T1337] bond0 (unregistering): Released all slaves
[  962.403857][ T1337] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  962.414308][ T1337] bond_slave_0: left allmulticast mode
[  962.422862][ T1337] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  962.432020][ T1337] bond_slave_1: left allmulticast mode
[  962.439417][ T1337] bond0 (unregistering): Released all slaves
[  962.558799][ T1337] tipc: Left network mode
[  962.599803][ T1337] IPVS: stopping backup sync thread 14684 ...
[  962.983347][ T1337] hsr_slave_0: left promiscuous mode
[  962.990855][ T1337] hsr_slave_1: left promiscuous mode
[  962.997236][ T1337] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  963.004675][ T1337] batman_adv: batadv0: Removing interface: batadv_slave_0
[  963.014482][ T1337] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  963.024454][ T1337] batman_adv: batadv0: Removing interface: batadv_slave_1
[  963.048370][ T1337] hsr_slave_0: left promiscuous mode
[  963.055039][ T1337] hsr_slave_1: left promiscuous mode
[  963.062586][ T1337] batman_adv: batadv0: Removing interface: batadv_slave_0
[  963.077755][ T1337] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  963.085205][ T1337] batman_adv: batadv0: Removing interface: batadv_slave_1
[  963.099505][ T1337] hsr_slave_0: left promiscuous mode
[  963.105341][ T1337] hsr_slave_1: left promiscuous mode
[  963.112042][ T1337] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  963.119909][ T1337] batman_adv: batadv0: Removing interface: batadv_slave_0
[  963.129556][ T1337] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  963.137671][ T1337] batman_adv: batadv0: Removing interface: batadv_slave_1
[  963.150307][ T1337] veth1_macvtap: left promiscuous mode
[  963.156037][ T1337] veth0_macvtap: left promiscuous mode
[  963.161822][ T1337] veth1_vlan: left promiscuous mode
[  963.167264][ T1337] veth0_vlan: left promiscuous mode
[  963.173200][ T1337] veth1_macvtap: left promiscuous mode
[  963.179013][ T1337] veth0_macvtap: left promiscuous mode
[  963.184587][ T1337] veth1_vlan: left promiscuous mode
[  963.189871][ T1337] veth0_vlan: left promiscuous mode
[  963.197831][ T1337] veth1_macvtap: left promiscuous mode
[  963.203327][ T1337] veth0_macvtap: left promiscuous mode
[  963.209151][ T1337] veth1_vlan: left promiscuous mode
[  963.214417][ T1337] veth0_vlan: left promiscuous mode
[  963.442054][ T1337] team0 (unregistering): Port device team_slave_1 removed
[  963.470324][ T1337] team0 (unregistering): Port device team_slave_0 removed
[  963.685297][ T1337] team0 (unregistering): Port device team_slave_1 removed
[  963.702220][ T1337] team0 (unregistering): Port device team_slave_0 removed
[  963.930543][ T1337] team_slave_1 (unregistering): left allmulticast mode
[  963.940428][ T1337] team0 (unregistering): Port device team_slave_1 removed
[  963.970219][ T1337] team_slave_0 (unregistering): left allmulticast mode
[  963.979151][ T1337] team0 (unregistering): Port device team_slave_0 removed
[  964.732036][ T1337] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  964.770786][ T1337] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  964.821088][ T1337] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  964.891151][ T1337] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  965.342001][ T1337] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  965.351784][ T1337] bond0 (unregistering): Released all slaves
[  965.438844][ T1337] : left promiscuous mode
[  965.626959][ T1337] hsr_slave_0: left promiscuous mode
[  965.632706][ T1337] hsr_slave_1: left promiscuous mode
[  965.641462][ T1337] veth1_macvtap: left promiscuous mode
[  965.648126][ T1337] veth0_macvtap: left promiscuous mode
[  965.653649][ T1337] veth1_vlan: left promiscuous mode
[  965.659066][ T1337] veth0_vlan: left promiscuous mode