last executing test programs:

7m28.71633768s ago: executing program 2 (id=1435):
socketpair$unix(0x1, 0x5, 0x0, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r0}, 0x14)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x80, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2, @void, @value}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="05000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r6, 0xc0f85403, &(0x7f0000000040)={{0x1, 0x0, 0x0, 0x3}, 0x0, 0x0, 'id1\x00', 'timer1\x00', 0x0, 0x81, 0x1, 0xffffffffffffd0c4})

7m26.971786439s ago: executing program 2 (id=1440):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x13, 0x17, &(0x7f00000007c0)=ANY=[@ANYBLOB="180000009d00421891dba8a60078fe8678110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000008000000bf09000000000000b60904000000000065000600090000001801000020646c2500000000002020207b9af8ff000000002d9a00000000000034090000f8ffffffb702000008000000b70300000000000015000000060000003d93000000000000b5030000000000008500000076000000b7000000000000009500000000000000"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
iopl(0x3)
setuid(0xee00)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

7m25.834130714s ago: executing program 2 (id=1442):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000001c40)={0x26, 'hash\x00', 0x0, 0x0, 'ghash\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(0xffffffffffffffff, &(0x7f0000006a40)={&(0x7f00000007c0)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000004f80)={&(0x7f0000006a80)=ANY=[@ANYBLOB="77093d58a52a0c0c7733ea40ede66a2100", @ANYRES16=0x0, @ANYBLOB="00022bbd7000ffdbdf256200000008000300", @ANYRES32, @ANYBLOB="0600b300010000000600b300030000000600b400dd0200000600b400070700000600b300030000000600b300010000000600b400571300000600b300010000000600b30001000000"], 0x64}, 0x1, 0x0, 0x0, 0x40}, 0x24000000)

7m24.35840138s ago: executing program 2 (id=1446):
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x80000000000001, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000240)=@filter={'filter\x00', 0xe, 0x1, 0x130, [0x0, 0x20000100, 0x20000130, 0x20000160], 0x0, 0x0, 0x0}, 0x78)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
r2 = syz_open_dev$vim2m(&(0x7f0000000140), 0x1e, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r2, 0xc02c564a, &(0x7f0000000180)={0x0, 0x33424752, 0x1, @stepwise={0x0, 0xbd, 0x9, 0xf, 0xe, 0x703}})
chdir(&(0x7f00000001c0)='./file0\x00')
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r4 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet_opts(r4, 0x0, 0xd, &(0x7f00000008c0)=';', 0x1)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x25, &(0x7f0000000200)=0x632a, 0x4)
setsockopt$inet6_int(r4, 0x29, 0x31, &(0x7f0000000000)=0xb2, 0x4)
sendmmsg$inet6(r4, &(0x7f0000000e00)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c, 0x0}}], 0x1, 0x0)
recvmmsg(r4, &(0x7f0000000340)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000014c0)=""/171, 0xab}, 0x20000}], 0x1, 0x12141, 0x0)
syz_clone(0x9005000, &(0x7f0000000000), 0x0, &(0x7f0000000100), 0x0, 0x0)
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000680)={0x700, 0x0, 0x0, 0x1, 0x1000000000000, &(0x7f0000000780)="cb"})
r6 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8}, &(0x7f0000010080), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r6, 0x0, &(0x7f0000010300)=[{0x0}, {0x0}, {&(0x7f0000010380)=""/47, 0x2f}], 0x3)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r6, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

7m20.872387438s ago: executing program 2 (id=1452):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r1, &(0x7f00000001c0)={0x1a, 0x0, 0x3, 0x0, 0x0, 0x0, @dev}, 0x10)
r2 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r2, 0x0, 0x20000000)
sendfile(r1, r0, 0x0, 0xffefffff)
shutdown(r1, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r5, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000077e000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000040)="0f01c2b805000000b9030000000f01c166ba430066b8003866efc4c105f141d0f3260f35c4e17c50e80f23090f825d00000067650f01ca2e0f08", 0x3a}], 0x1, 0x0, 0x0, 0x0)
preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000000240)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000200)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWTABLE={0x2b8, 0x0, 0xa, 0x201, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFTA_TABLE_USERDATA={0xd0, 0x6, "ef0439a962a44ff39df1c1913b5846f5b3dda09ddd6bc7aa1dac9c644339c558a5fe56191c3af81783bbef52ce82c754dc514c52078db8115edf0530f07cbff2f04dcdedd54d2159ad43e3653352689564d0cc77a61c4163979c4dba2b9e4cb880ee522577ca2fb8ae26293a44b3bb844c80ad57b5c4b84263526d70c6bf0dd7ab7c25bdce586ab90baeb346dde0e99effe1fcfb8ad23279ee3510b5f06f1e53daee08814204b7325a4d16d9ced20dd58cd8352495cebd0e11c5e13bbda2092c663e7e488edbf252dccef7ba"}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_USERDATA={0x77, 0x6, "ebd1cc9ed2157b60afd5fc3ab1736d7284b2a01f92d54cb8aabe5f2f3259a9419ec138ea0dd4f713839541fc5716b34aae0e9b5131cfcd1b8d3b09cdd05596c4004219d73b862576c262e96a026d049175a2b7fdf323245631eb0f51adf780369c01e72c7cf1bfc32b95e49e54147fb45caf4b"}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_USERDATA={0xab, 0x6, "508216d0afcb21d790219c9c73b10f25757b9278a738aa46d5b67d108b8700a01ef1876938b9f71c5d34e405c848b855a3522d0c0ec222fb6a80dfe847f327b29fd5534af4edbe7cc83568e75ff8c2c04ab5686d79e874c1cb9b6cf62e1e441b63e1068fa69ebd32fe7ed8179bd9b34184ae04244e7620e23657cfc08f033bc262b8dce8684c050938db1457ad7715c0f5c102dab91b82e49661c2e17c38369710216a84cecbf4"}, @NFTA_TABLE_USERDATA={0x8a, 0x6, "51ad26dfb9d4047244888f0c8267fce1d78bc74cfb45a84731a83fd399a7f3a2af256f083d3fa4c6bf88447de9f8ba40b96514618aca85beeb37fcb09b0f2220103bc07069f824f7a460e9f473527e8909b3fe865e8cff64b9d2bc5afbbb2b5dd1cc40b5c6509608701f2eaa3dd6948a34ca15c74a1440fc14fc9227be0bc99ce6e0a64fe203"}]}, @NFT_MSG_DELTABLE={0xe8, 0x2, 0xa, 0x101, 0x0, 0x0, {0x7, 0x0, 0x2}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x5}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x4}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_USERDATA={0x8b, 0x6, "c69c7d493958bb4d318154e462f5ca8ce50ded7501df31e1a2f209f171d317a94c06bc26f411ba1d180ee0d163d6ce90d5e88fa85a19bbf7919f8a4afb784bdf0d8dfa323299b8e29abbf43a20a4e17c4f0cba766031f9ac8fcf8d58c0a9f6d4c6489319fd4711e91407a378ac5f207baab2287860a8d75336b065fe189446ba330b238024210a"}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x4}]}, @NFT_MSG_DELSETELEM={0x5c0, 0xe, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x4}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x588, 0x3, 0x0, 0x1, [{0x1d0, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x1cc, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFTA_DATA_VALUE={0xff, 0x1, "6361b885d9f5569879a09ee85fea1f6dc1f68569c0e3111746dab0494fdb46162bb0bcb884ffcd6b8a20e4253e1c657cfda154d4440aabec33dbb8af11a089103de07f9499a76e3cc115793aaa88b522d69ba830e8df82be1929951abb914627619d39c439ee2a79a17c11d1a01c183f3c0abd5c5174f686b126b0e3a6addd7fdb85ac4b2d30b172cf7d746f36becfa906cbc62c9dacb801ba3c920a50ba7886df3c124e9d52d85b68968c1d646d6e62fa35c6340c0fc16ab8cf6ee6fc0f3affca88ffff3ff078e1d326f07454dc31f1ed8b8f875b944d3581c12246978b607d15833d81a8e7a543a0d4c4e1132fc37582c790a294efa5071988a2"}, @NFTA_DATA_VALUE={0x90, 0x1, "448a3714fbabc41f3b9edf30f33ae7f387595ce6c3eac9eaf729a89c5e717ef9c05b3e3c7d3e0cd3723881168f900c67c1b82dd8b2a90b421eaa18f053e4af913e9e69d0d73269f8fc789e8fb8f06b13660a28d983f1786ee8386f35e3913ca24b3fce23b0c1a9ba43d420debbec4718f94aa87108dcd7adb795b8bb8aa1125c6509f351c09647b76097327b"}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VERDICT={0x20, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffc}]}]}]}, {0x58, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x6}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz0\x00'}, @NFTA_SET_ELEM_EXPRESSIONS={0x1c, 0xb, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @dup={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_DUP_SREG_DEV={0x8, 0x2, 0x1, 0x0, 0x1c}]}}}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}, {0x35c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_USERDATA={0x45, 0x6, 0x1, 0x0, "31680bc103365b5e9c98ddaf0a5803edbc1d2d4d7449c00310e6761f2e0560f83c4dd2b3d649cd6355f6d3776d6fe4215c0c15a37adc1b9c64f9e74be7c6f1ab69"}, @NFTA_SET_ELEM_USERDATA={0xa9, 0x6, 0x1, 0x0, "1e301b6b180dd1975a5550533227b500b235c708836b8c24fc25d117f8d5b1cea73e7366f791dcd3d520079fb4b0394efdfdacc9226f0fa9d2043fbe65c40d9c9cf3c2ae141d8b7de2874d5ff63644a11cb03bf8c33ac70016c24a33bf0caa32276d28ad738649177b997a7709f53f15e386ac7ddfab3c0166c0f4369fb9a3b062e44b79d8f0fe50e863a1c4790726e4b2a08e4836575b9e367ec6627156acb4a8574b6025"}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz0\x00'}, @NFTA_SET_ELEM_EXPR={0x1d0, 0x7, 0x0, 0x1, @match={{0xa}, @val={0x1c0, 0x2, 0x0, 0x1, [@NFTA_MATCH_INFO={0x7d, 0x3, "1c9b42d1b1cb68eab62a16f3f3e77428ffc2557b67eb6153fbfded00105510ac00b2a2e804142f9710bd068786a6229ea3f4a7db2628d3a709f9066341b66df5ccd34a148e65f27df0419a7abceca2b38d3138d9b0038a815149b585a2aacc26b9cf98de521909253066a4c69b0e9e61c370522570ede7208e"}, @NFTA_MATCH_INFO={0xc5, 0x3, "6173c3f0aa35056851dd5af53b985ba5bb020a632c0ab41b3a0445d564083e04a21cacd6dd13e891d57acd63dd76deb730e7463aafa2ae29364fe3efcaab4ad07c70bf30d832435460913a32f57bdbd7c208a199476a8fef63b54dbfd89b444517e6fa0c2e3956f923e57da3d82465945f0b52ccf4690aca80a52d936871724b2ef0129bf29498a64382e392afbfa8a4dbfc50dfa0e9074a58e34583be6c3074e7783ee28a6b71ed9e1af43bb7eeb153d07c5f8c3b500f6f659d40154869dbd88a"}, @NFTA_MATCH_REV={0x8}, @NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_MATCH_REV={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_MATCH_INFO={0x41, 0x3, "1e11540c173cfa853f67e4e816b2c7f6176035b89d19e6dd60c8bc57cb8d1a0239ded85c5aae6a3d6741db1424a9bc60871661e68e8244f0d3ed1fb1bb"}]}}}, @NFTA_SET_ELEM_USERDATA={0x7e, 0x6, 0x1, 0x0, "282d58c9d0b5671cd35f059b89fd6dbc7cf1990d3c60a5f29db75d8c62c14621b3bfdf915d04016e4f3a7fcf625c4f1425cc545442f285981a6caecc1e068467c25bafd0b48ca319784b47d2ca1ae90b5ede23a25ec1354c9db0a2a3436a688348da70bdc3b2c9f4688ab1459abde768d8618c90184665d3f80b"}]}]}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELSETELEM={0x24, 0xe, 0xa, 0x201, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x2}]}, @NFT_MSG_DELRULE={0x68, 0x8, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x4}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x2}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x4}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_POSITION_ID={0x8, 0xa, 0x1, 0x0, 0x2}, @NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x4}, @NFTA_RULE_COMPAT={0x14, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0xeda3}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8}]}]}, @NFT_MSG_DELFLOWTABLE={0x2cc, 0x18, 0xa, 0x301, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_HOOK={0xd8, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x101}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x9}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x50}, @NFTA_FLOWTABLE_HOOK_DEVS={0xa4, 0x3, 0x0, 0x1, [{0x14, 0x1, 'ipvlan1\x00'}, {0x14, 0x1, 'pim6reg\x00'}, {0x14, 0x1, 'dvmrp0\x00'}, {0x14, 0x1, 'veth1_macvtap\x00'}, {0x14, 0x1, 'erspan0\x00'}, {0x14, 0x1, 'dvmrp1\x00'}, {0x14, 0x1, 'bridge_slave_0\x00'}, {0x14, 0x1, 'veth1_to_hsr\x00'}]}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x8}]}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_HOOK={0x1b0, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x7c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth0_to_batadv\x00'}, {0x14, 0x1, 'vlan0\x00'}, {0x14, 0x1, 'veth0_to_hsr\x00'}, {0x14, 0x1, 'veth0\x00'}, {0x14, 0x1, 'syzkaller0\x00'}, {0x14, 0x1, 'netdevsim0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x7c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wg2\x00'}, {0x14, 0x1, 'veth1_macvtap\x00'}, {0x14, 0x1, 'veth1_to_bridge\x00'}, {0x14, 0x1, 'ip6erspan0\x00'}, {0x14, 0x1, 'vlan1\x00'}, {0x14, 0x1, 'pimreg1\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x7c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wg1\x00'}, {0x14, 0x1, 'ipvlan1\x00'}, {0x14, 0x1, 'macsec0\x00'}, {0x14, 0x1, 'vlan1\x00'}, {0x14, 0x1, 'veth1_to_batadv\x00'}, {0x14, 0x1, 'veth1_to_team\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'bond_slave_0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x10}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_DELTABLE={0x240, 0x2, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFTA_TABLE_USERDATA={0xa0, 0x6, "a6aa4743b5688625e0c908a5984bfe98ecee5179d08ea7f93d062ef2de88c55a478daed580de49b989c83fdafb90089c2468a992477374667f727c12b67c2e2325e098c87c998dc7b1a93dba6ca9f01e70cc5f3a596d5bd28c38870718518dafd2e2a5cadc4c45cf779447cb2bfb9fb2da23afbf6f8b02c5adb59f46b8c57e03a13b5272b04c39a3ddef4db86d6df5181a5e5a8f6c0ded1c06a0628f"}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_USERDATA={0xde, 0x6, "bb8a64f6469ec59ef98761ba2af0ed94202fb3bcb3db8c2ba00ed2e175b5a32fe867f13e2304d31420721e708e3fbc2aaee4a89517a59db875d7527dce27c26d0dccdf31d560d10239173943984f2ed5ce02f284d83ff9c1042a8b0259e6b09e620dea15c0db17a7663f3f32a08f7200e684cf04c9e9b97352b48726637a53355a67744dce6455649cacc21710d62eb885d3052b143ade4aaa209f8c9039a7a0383cef8f7a2e630f4835585987b65f5f0eba8e135f66535ccded1ca16717661b98de01b828637f09f76aa03e990b1d984b0c0785437a8268a08a"}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_USERDATA={0x71, 0x6, "0a057d481bdc3cd68fe7ed5fc8473a37125eec8b081bac1c7c7004a7dbba75c9ca7a477b465d4e56f8df203fa243d88c678f2b9a83f393b67c2c47d8c48007a3380856114ab13020eaf59bd21e01888a3806ed374b4f7ebb0402c6900248f56feda6b83413eedbe17ff6cbca32"}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0xf20}, 0x1, 0x0, 0x0, 0x41}, 0x10)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x2, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="3c0000001000010800"/20, @ANYRES32=0x0, @ANYBLOB="0000000090020100670e1a80100002800c00018008001d000600000008001b0000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x1, 0x2, 0x2, 0x1f8})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
rseq(&(0x7f0000000280)={0x0, 0x0, 0x0, 0x6}, 0x20, 0x0, 0x0)
r8 = socket(0xa, 0x40000000002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r8, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x20000600, 0x0, 0x0, 0x20000630, 0x20000660], 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0200000005000000000000000000766574683098c76f5f7465616d00000064756d6d79300000000000000000000064756d0004300000000000000000000073797a6b616c6c8279a7e00000000000ffffffffffff000000000000ffffffff7fff00000000000000087000000070000000a000000072656469726563740000000000000000000000000000000000000000000000000800000000000000ffffffff000000000b00000000000000000073797a6b616c6c65723100000000000067726574617030000000000000000000766c616e30000000000000000000000064756d6d7930000000000000000000000180c2000000000000000000aaaaaaaaaabb00000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000001b700000000000010000000000000000000000000000000ffffffff00000000"]}, 0x280)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r5, 0x89f0, &(0x7f0000000300)={'ip_vti0\x00', &(0x7f0000000280)={'sit0\x00', <r9=>0x0, 0x10, 0x20, 0x6, 0x3, {{0x14, 0x4, 0x2, 0x1, 0x50, 0x68, 0x0, 0x6, 0x2f, 0x0, @dev={0xac, 0x14, 0x14, 0x10}, @broadcast, {[@cipso={0x86, 0x3a, 0x0, [{0x6, 0x7, "b729c9d84e"}, {0x5, 0x8, "7a6c50ed7a39"}, {0x5, 0xd, "26d805214779c7b901dbe7"}, {0x5, 0x8, "45ba99210193"}, {0x1, 0xe, "7258ebe6ef600f83b74c7c28"}, {0x5, 0x2}]}]}}}}})
setsockopt$inet_mreqn(r5, 0x0, 0x20, &(0x7f0000000340)={@local, @local, r9}, 0xc)

7m18.539698048s ago: executing program 2 (id=1457):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x0)
bind$inet(r0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000611200000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, 0x0)
syz_open_dev$radio(0x0, 0x3, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x4)
fsopen(&(0x7f0000000080)='9p\x00', 0x1)
mount(&(0x7f0000000000)=@nullb, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='hfsplus\x00', 0x8002, 0x0)

7m18.204658502s ago: executing program 32 (id=1457):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x0)
bind$inet(r0, 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="18000000000000000000000000000000611200000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xe, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$vim2m_VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0405602, 0x0)
syz_open_dev$radio(0x0, 0x3, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x4)
fsopen(&(0x7f0000000080)='9p\x00', 0x1)
mount(&(0x7f0000000000)=@nullb, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000040)='hfsplus\x00', 0x8002, 0x0)

1m4.467887018s ago: executing program 3 (id=2828):
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x6a855000)
syz_open_dev$midi(&(0x7f0000000000), 0x2, 0x0)
semget$private(0x0, 0x207, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r1, 0x0)
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x15)

1m2.638827778s ago: executing program 3 (id=2832):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
ioctl$SIOCGSTAMPNS(0xffffffffffffffff, 0x8907, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, 0x0)
syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000014c0), 0xffffffffffffffff)
r4 = socket(0xa, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r4, 0x0, 0x80, &(0x7f0000000300)=@broute={'broute\x00', 0x20, 0x2, 0x230, [0x0, 0x0, 0x0, 0x0, 0x0, 0x200004c0], 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff01000000030000000000000081006e7230000000000000002000000000007465616d300000000000000000000000766c616e30000000000000010001000000000068307b746f5f7465616d000000aaaaaaaaaabb000000000000aaaaaaaaaabb0000000000000000d0000000d000000000010000766c616e0069df4e5100000000000000000000079ba31300000000000000000008000000000001010000650000000600636f6e6e6c6162656c0000000000000000000000000000000000000020000000080000000000000000000000000000004e4651544555450000000000007f0000faffffff000000000000000000000000080000000000000000000000000000040000000000000000000000004b5d0000000000000000000000000000000000000000000001000000ffffffff0000000000000000000000000004000000000000000000000000000000000000000000000000000001000000feffffff010000000b000000000000000000626f6e643000000000000000000000007465616d300000000000000000000000626f6e64300000000000006c73c387735cc18268315f746f5f62726964676500aaaaaaaaaabb000000000000ffffffffffff00000008000000007000000070000000a0000000434f4e4e5345434d41524b0000000000827900000000000000000000000000000800"/560]}, 0x2a8)
r5 = socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)}, 0x0)
sendmsg$nl_route(r5, &(0x7f0000004380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="240000001800090400000000000000000a000000000000000000000008001e0001000000d75f0f8f801b94cd1b866db41edcd7fd34383fbb1f8e33c73e74cb058ebd971385572c297cfeb0680934990b850995d643b523cc95662f89853e1d11375b0c5ddc94c78dc428c09087e66da67d4848e9afa56f06a771e5d0b5ae2fa11b8b19285a"], 0x24}}, 0x0)
r7 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r7, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000380)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
r8 = socket$inet(0x2, 0x80001, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
getsockopt$inet_sctp_SCTP_MAX_BURST(r8, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)

59.056876337s ago: executing program 3 (id=2840):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r5}, 0x10)
r6 = syz_open_dev$usbfs(&(0x7f0000000100), 0x75, 0x1a9a81)
ioctl$USBDEVFS_FREE_STREAMS(r6, 0x802c550a, &(0x7f0000000000)=ANY=[])
ioctl$USBDEVFS_CONTROL(r6, 0x4004550c, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='kmem_cache_free\x00', r1}, 0x10)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
syz_io_uring_setup(0x4b6, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x3d8}, &(0x7f0000ff0000), &(0x7f0000000000))
syz_open_dev$evdev(&(0x7f0000000040), 0x1, 0xc8000)
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r8 = dup(r7)
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000280)={'trans=fd,', {'rfdno', 0x3d, r8}})
r9 = syz_io_uring_setup(0x7e53, &(0x7f0000000200)={0x0, 0xee56, 0x1, 0x1, 0x35a}, &(0x7f0000000280), &(0x7f00000002c0))
io_uring_register$IORING_REGISTER_BUFFERS2(r9, 0xf, &(0x7f0000000480)={0x3, 0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000300)=""/27, 0x1b}, {&(0x7f0000000340)=""/82, 0x52}, {&(0x7f00000003c0)=""/60, 0x3c}], &(0x7f0000000440)=[0x1, 0x4]}, 0x20)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2b, 0x1, 0x0, 0x0, "", [@nested={0x103, 0x0, 0x0, 0x1, [@typed={0xc, 0x11, 0x0, 0x0, @u64=0x20}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x32}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8c"]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)

57.700741596s ago: executing program 3 (id=2846):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0) (async)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) (async)
mount$bind(0x0, &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x100000, 0x0) (async)
mount$bind(&(0x7f0000000300)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x9101a, 0x0) (async)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0) (async)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x3041008, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0) (async)
syz_clone(0x20000100, 0x0, 0xfe44, 0x0, 0x0, 0x0) (async)
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$VFAT_IOCTL_READDIR_SHORT(r0, 0x82307202, &(0x7f0000000380)=[{0x0, 0x0, 0x100}, {0x0, 0x0, 0x100}]) (async)
madvise(&(0x7f0000777000/0x3000)=nil, 0x3000, 0xe)

56.717880383s ago: executing program 3 (id=2852):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
socket$pptp(0x18, 0x1, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_open_dev$vivid(&(0x7f0000000100), 0x1, 0x2)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000280)={0x4000, 0x40004, 0x1000000}, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=ANY=[@ANYBLOB="200000001600010a00000000000000000a0000000c0000800800", @ANYRES64=r1], 0x20}, 0x1, 0x0, 0x0, 0x4044}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_init_net_socket$nfc_raw(0x27, 0x5, 0x0)
fsopen(0x0, 0x0)
r6 = socket(0xa, 0x40000000002, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r6, 0x0, 0x80, &(0x7f0000000280)=@nat={'nat\x00', 0x19, 0x2, 0x208, [0x20000600, 0x0, 0x0, 0x20000630, 0x20000660], 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0000000000000001000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0200000005000000000000000000766574683098c76f5f7465616d00000064756d6d79300000000000000000000064756d0004300000000000000000000073797a6b616c6c8279a7e00000000000ffffffffffff000000000000ffffffff7fff00000000000000087000000070000000a000000072656469726563740000000000000000000000000000000000000000000000000800000000000000ffffffff000000000b00000000000000000073797a6b616c6c65723100000000000067726574617030000000000000000000766c616e30000000000000000000000064756d6d7930000000000000000000000180c2000000000000000000aaaaaaaaaabb00000000000000007000000070000000a8000000736e6174000000000000000000000000000000000000000001b700000000000010000000000000000000000000000000ffffffff00000000"]}, 0x280)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x16, 0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0x40f00, 0x6, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffff9, @void, @value}, 0x94)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040fea00011c"], 0x7)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='smaps_rollup\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
preadv(r7, &(0x7f0000000080)=[{&(0x7f0000000000)=""/92, 0x5c}], 0x24, 0x0, 0x0)

54.863704055s ago: executing program 3 (id=2860):
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x0, 0x0, 0x80, {0x0, 0x1}, {0x49, 0x2}, @rumble={0x4ee9, 0x7}})
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x12d8)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1038, 0x1410, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0x7, {[@local=@item_012={0x1, 0x2, 0x1, "cc"}, @main=@item_4={0x3, 0x0, 0x9, "5a521589"}]}}, 0x0}, 0x0)

54.008680765s ago: executing program 33 (id=2860):
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000006c0)={0x0, 0x0, 0x80, {0x0, 0x1}, {0x49, 0x2}, @rumble={0x4ee9, 0x7}})
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
write$char_usb(r0, &(0x7f0000000040)="e2", 0x12d8)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1038, 0x1410, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0x7, {[@local=@item_012={0x1, 0x2, 0x1, "cc"}, @main=@item_4={0x3, 0x0, 0x9, "5a521589"}]}}, 0x0}, 0x0)

15.24367654s ago: executing program 1 (id=3010):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000084c0)=ANY=[@ANYBLOB="140000001000010000000000000000020000000a20000000000a03000000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020025642532000000000900010073797a30000000000800054000000002"], 0x40c4}}, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000100)={{{@in=@local, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@multicast1}, 0x0, @in=@multicast2}}, &(0x7f0000000200)=0xe8)
mount$overlay(0x0, &(0x7f0000000040)='\x00', &(0x7f0000000080), 0x808024, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}}], [{@mask={'mask', 0x3d, '^MAY_APPEND'}}, {@fowner_gt={'fowner>', r1}}, {@smackfsroot={'smackfsroot', 0x3d, '*@'}}]})
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r2, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000100)={<r3=>0x0, 0x1c, &(0x7f00000001c0)=[@in6={0xa, 0x0, 0x0, @private0}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x66, &(0x7f00000000c0)={<r4=>r3}, &(0x7f0000000140)=0xc)
r5 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r5, 0x84, 0x7c, &(0x7f0000001040)={r4, 0x2a68, 0x6}, &(0x7f00000010c0)=0x8)
mount$nfs(&(0x7f00000002c0)='^MAY_APPEND', &(0x7f0000000300)='./file0\x00', &(0x7f0000000340), 0x80002, &(0x7f0000000380)={[{'mask'}], [{@hash}]})

15.10767488s ago: executing program 1 (id=3011):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
unshare(0x0)
r0 = memfd_create(&(0x7f0000000480)='\x02\a\xc5(\xec[r\xe1:', 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r1, 0x0)
getsockopt$inet6_mptcp_buf(r1, 0x11c, 0x4, &(0x7f0000000000)=""/152, &(0x7f00000000c0)=0x98)
pwritev(r0, &(0x7f0000000540)=[{&(0x7f0000000580)='?', 0x1}], 0x300, 0x0, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000080)={{}, {0x20}, [], {}, [], {}, {0x20, 0x5}}, 0x24, 0x0)

15.030127223s ago: executing program 1 (id=3012):
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0), 0x801, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_clone(0x2000, &(0x7f00000005c0)="9b437bb00288dfb181c6428675857b9bb25b6afe6840b80abe3aaaf7403e6130fc0bb0413915f67bf51f9798e83821cc213f21c25b9a6834abc1abb397ece0da17d2b74b87e0df3ec4f5b5629eafd66e190bcae3ad5f41302af0b7b7dc6c7488e21c61c6ff0ab288bd2856aecb361c1a60d526d383315810ba9a9341afd85789188c5c4e5ce9dc676a809277e0f6ef6fafd96ec57e8b7ca1ea813f46c121d357575a618d11505ec9ed7efcc61839b4d63b7b98512a355e54452799d709988af3712feb2aa3ce54f9726ec5fb2999f29c87f9e2f2c15db24ffd", 0xd9, &(0x7f0000000400), &(0x7f00000006c0), &(0x7f0000000700)="44d15175c86b03b22ace2750b896a40a8f50")
prctl$PR_SCHED_CORE(0x3e, 0x800000001, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
gettid()
r1 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0xfffffffd, @mcast1, 0x2}, 0x1c)
ioctl$UI_SET_ABSBIT(0xffffffffffffffff, 0x40045567, 0x0)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_VENDOR(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000340)={0x38, r2, 0x701, 0x0, 0x0, {{}, {@val={0x8, 0x1, 0xc}, @void, @val={0xc, 0x99, {0x9, 0x29}}}}, [@NL80211_ATTR_VENDOR_ID={0x8}, @NL80211_ATTR_VENDOR_SUBCMD={0x8}]}, 0x38}}, 0x4000000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=ANY=[@ANYBLOB="1c0000001d001102000000000000000007000000", @ANYRES32=r4, @ANYBLOB="0000370076cecbf7c022f63773f34d78ef0948178654cfa27a3d52ed3c4bae60031ce7c21079e71e3dd92702649bbc40121caf8b601ff279f12546dc1077c7e8a2816a4c31a0401a54b40ed2c410922963edb48c1655221f859d72b62cd8114c25c9ae0f6501ea390b0e16707f9d41a405f110c4b7b1f9c200cab6409cfe59211533"], 0x1c}}, 0x0)

14.191831914s ago: executing program 1 (id=3016):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000002c0)=0xcf5)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f00000018c0)=0x13)
r2 = dup(r1)
ioctl$TCXONC(r2, 0x540a, 0x2) (fail_nth: 2)

13.76734567s ago: executing program 1 (id=3018):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB="1e000000", @ANYRES16=r1, @ANYBLOB="01000000e76958a2a9000100"], 0x30}, 0x1, 0x0, 0x0, 0x4044}, 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, &(0x7f00000001c0)={'wpan0\x00', <r5=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000540)={0x40, r4, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r5}, @NL802154_ATTR_SEC_DEVKEY={0x24, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_ID={0xfffffffffffffcb1, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x0, 0x2, 0x2}]}, @NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0302}}, @NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x6}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x5396ebcfacd913b0}, 0x10)

13.535280325s ago: executing program 1 (id=3020):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
write$P9_RCREATE(0xffffffffffffffff, &(0x7f00000000c0)={0x18, 0x73, 0x1, {{0x40, 0x2, 0x5}, 0x6}}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x10, 0x4, 0x8, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000000000040850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r6, 0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf2ffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r7 = dup(r3)
write$UHID_INPUT(r7, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b34383b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31310d076d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r8, 0xc0a85320, &(0x7f00000003c0)={{0x80}, 'port1\x00', 0x7b, 0x1b1c07, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6})
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r9 = socket$netlink(0x10, 0x3, 0x0)
r10 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r10, &(0x7f0000000580)=[{&(0x7f000004ca80)=""/102396, 0x18ffc}, {&(0x7f0000000400)=""/134, 0x86}, {0x0}], 0x3, 0x0, 0x10000)
read$msr(r10, 0x0, 0x0)
sendmsg$nl_route(r9, 0x0, 0x0)

10.679491173s ago: executing program 0 (id=3026):
r0 = getpid()
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r2 = dup(r1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r2, 0x0)
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}], 0x1, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x15)

10.233916331s ago: executing program 0 (id=3028):
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

9.238305189s ago: executing program 0 (id=3032):
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000dc232240c80a2103c90000090468200063741100"], 0x0)
r1 = socket(0x21, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000001080)=0x8)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r3, &(0x7f0000000080)={0x7, 0x8, 0xfa00, {r4}}, 0x10)
write$RDMA_USER_CM_CMD_DESTROY_ID(r3, &(0x7f0000000180)={0x1, 0x10, 0xfa00, {&(0x7f0000000140), r4}}, 0x18)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000480)=@sack_info={r2, 0xb2d, 0xf}, &(0x7f0000000140)=0xc)
socket$unix(0x1, 0x1, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000180), 0x3ffffffffffffffd, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, 0x0)
prlimit64(0x0, 0x8, &(0x7f0000000400)={0x8, 0x8b}, 0x0)
r7 = landlock_create_ruleset(&(0x7f0000000000)={0x8000}, 0x10, 0x0)
landlock_restrict_self(r7, 0x0)
r8 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$VIDIOC_S_FBUF(r8, 0x80811501, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5)
r9 = getpid()
sched_setscheduler(r9, 0x2, &(0x7f0000000200)=0x300006)
mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0xb635773f07ebbee6, 0x8031, r8, 0x0)
r10 = syz_usb_connect(0x3, 0x2d, &(0x7f00000004c0)=ANY=[], 0x0)
syz_usb_control_io(r10, 0x0, 0x0)
gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @thr={&(0x7f00000002c0)="c47c9f6194eaaf47d96867a4a4fb66e86994a03cf56e7addf0c21b886a872eef2da1fe6d5d1f148c4c83f60e24969e8f47f050cb1391c89f473eb241118ca6f181ec6d745a5ed4c4fd9f70cc2f980e0dd920d8dcecea5d89f490d432e475ea252ad50a7c743b54015d90234418d5b774a3", &(0x7f0000000340)="cdb4493ad7da3604014cd92b1a35a1c7884d9b62b649223140a31a091ed65ee429b5058ffee5023330f0d996899937c790c146792dcb32f1f70eed98e2b937aa0c789e787a039ee3ec58955eb48fc396bed24edb89eab24cedd157c56157cb3090f10e8b37ceb68303fc109daf3aeaa102c2f6d0e77058146aa91a25d22f077cb770cbb18dd9d14251df358b0b3c6184875675505ded0ad2b51ad1c462e25ec76407c40dda8e890b34b9eeb3449f7efc45becabf"}}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)

6.374178348s ago: executing program 5 (id=3041):
ioperm(0x0, 0x100000000, 0x7)
r0 = io_uring_setup(0x269, &(0x7f0000000000)={0x0, 0xa72, 0x800, 0x89e, 0x14c})
fcntl$getown(r0, 0x9)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x5}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
splice(0xffffffffffffffff, 0x0, r3, 0x0, 0x8000f28, 0x0)
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x7f, 0xe)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0)
futex(&(0x7f0000000000), 0x8c, 0x1, 0x0, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x0, 0x3)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

5.66771174s ago: executing program 0 (id=3042):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000580)=@newqdisc={0x24, 0x24, 0x400, 0x70bd27, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xfff3, 0xe}, {0x3, 0xffff}, {0xfff2, 0xe}}}, 0x3f}, 0x1, 0x0, 0x0, 0x4000}, 0x80)

3.975509174s ago: executing program 6 (id=3045):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
setxattr$smack_xattr_label(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='security.SMACK64EXEC\x00', &(0x7f0000000240)=ANY=[@ANYBLOB='/de'], 0xb, 0x2)

3.90759807s ago: executing program 0 (id=3046):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xa, 0xc, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x8, &(0x7f0000000000)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x8b}, {0x6}}]}, &(0x7f0000001140)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
ioctl$FS_IOC_GETFSLABEL(r5, 0x400452c9, &(0x7f0000000100))
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = io_uring_setup(0x4752, &(0x7f0000000240)={0x0, 0x841d, 0x80, 0x0, 0x235})
io_uring_register$IORING_REGISTER_PBUF_STATUS(r6, 0x1a, &(0x7f00000000c0)={0xfb}, 0x1)
open(&(0x7f0000000100)='./file0\x00', 0x80ff, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000040)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r7 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_control_io(r7, 0x0, 0x0)
syz_usb_control_io$hid(r7, 0x0, 0x0)
syz_usb_control_io$hid(r7, 0x0, 0x0)
syz_usb_control_io(r7, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000300)={0x20, 0x8, 0x6, "3c00dc171e3d"}, 0x0, &(0x7f00000003c0)={0x0, 0x8, 0x1, 0x1}, 0x0, &(0x7f0000000440)={0x20, 0x0, 0x4, {0x120, 0x40}}, 0x0, &(0x7f00000004c0)={0x40, 0x9, 0x1, 0x1}, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)={0x40, 0x19, 0x2, "001d"}, 0x0, &(0x7f00000006c0)={0x40, 0x1c, 0x1, 0x6}, 0x0, 0x0})
mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x0, &(0x7f0000000000)={[{@dyn}]})

3.818597894s ago: executing program 6 (id=3047):
io_setup(0x3fe, &(0x7f0000000100)=<r0=>0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0xe0, 0x7ffffdbf}]})
io_submit(r0, 0x1, &(0x7f0000000240)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x8, 0xffff, 0xffffffffffffffff, 0x0}])

3.538704435s ago: executing program 6 (id=3048):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='net/netlink\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
write$binfmt_aout(r0, 0x0, 0x0)

3.404990368s ago: executing program 4 (id=3050):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x50}, 0x1, 0xba01}, 0x20)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@newtaction={0x1c8, 0x30, 0x800, 0x70b52d, 0x25dfdbff, {}, [{0x1b4, 0x1, [@m_skbmod={0x180, 0x1f, 0x0, 0x0, {{0xb}, {0x78, 0x2, 0x0, 0x1, [@TCA_SKBMOD_SMAC={0xa, 0x4, @local}, @TCA_SKBMOD_SMAC={0xa}, @TCA_SKBMOD_DMAC={0xa, 0x3, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x81}, @TCA_SKBMOD_PARMS={0x24, 0x2, {{0x0, 0x0, 0xffffffffffffffff, 0x6, 0x10}, 0x7}}, @TCA_SKBMOD_DMAC={0xa, 0x3, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x34}}, @TCA_SKBMOD_DMAC={0xa, 0x3, @remote}, @TCA_SKBMOD_SMAC={0xa}]}, {0xdd, 0x6, "f35b172d7baa6650224966c3f64eab2c30518026962cf5e57280dcc6e0b661da29afad601525508fce3d07af5dbb2381b08ccd78556c2f647620132671db1d7c309ebf6ed9bc2f6b34c06c478c617dcc6317198463a26239ee99dff9479ece66ca5a638081721d7abf577a62661f2fd72b9861bd4c0ec269d5a8d476a77a8d3e900d3ab9594606b9a1193813c8fa3b6eae4487242a39bb08c3fb5efe0513a176efe7d453756955a40048b74b617760e6e0ab30fae7f4eb7e131dbd8abb4dc20c8a58b1ebd68afbb719dbdcc144b12d5e71f885dad6ce7ecace"}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}, @m_skbedit={0x30, 0x11, 0x0, 0x0, {{0xc}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x1c8}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0xa6ffffff}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

3.255286061s ago: executing program 4 (id=3051):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000000073113f000000000085100000020000008500ffff0500000095000000000000009500a505bf"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xa2, &(0x7f0000000140)=""/162, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$unix(0x1, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r5=>0xffffffffffffffff})
fcntl$setstatus(r5, 0x4, 0x2400)
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={0x0, r1, 0x0, 0x6}, 0x18)
timer_getoverrun(0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWCHAIN={0x34, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x4}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_DELCHAIN={0x2c, 0x5, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x2000}, [@NFTA_CHAIN_HANDLE={0xc, 0x2, 0x1, 0x0, 0x1}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14}}, 0xa8}}, 0x44)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f00000001c0)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x20}, {0x6}]}, 0x10)
sendmmsg$unix(r7, &(0x7f00000000c0), 0x3f, 0x0)
r9 = open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(r9, 0xc0189372, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r10=>r0, {0x6}}, './file0\x00'})
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r10, 0x84, 0x12, &(0x7f0000000100)=0xfffffffe, 0x4)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
r12 = syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GET(r11, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000540)={0x50, r12, 0x1, 0x0, 0x0, {0x26}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c, 0x51}}]}, 0x50}}, 0x0)
mount$nfs4(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040), 0x0, 0x0)

3.059037253s ago: executing program 5 (id=3052):
mkdir(&(0x7f0000000000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000002240), r0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000040), r0)
syz_open_dev$vbi(&(0x7f0000002440), 0x3, 0x2)
ioctl$VIDIOC_G_SLICED_VBI_CAP(0xffffffffffffffff, 0xc0745645, &(0x7f00000022c0)={0x1, [0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x4, 0x0, 0x0, 0x2, 0xc, 0xff, 0x0, 0x6, 0x43, 0x6, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4000, 0x8, 0x0, 0x0, 0xffe2, 0x0, 0x0, 0x0, 0x0, 0x7fff, 0x0, 0x21, 0x72, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x2, 0x8011], 0xb})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0x9362, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000002180), 0x0, 0x3b1a40)
r3 = socket(0xf, 0x3, 0x6)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
fchdir(r4)
close(r4)
r5 = socket$unix(0x1, 0x2, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r6, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000002280)={&(0x7f00000020c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000002100)={&(0x7f00000021c0)=ANY=[@ANYBLOB="84000000020601080000000000000000020000020900020073797a32000000005800078008000b400000000405001500ff0000001800028014000240fc02000000000000000000000000000108000b40000000070c00028008000140ac14000000080008510000000808000b40008000080900020073797a3000000000"], 0x84}}, 0x20000002)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
listen(r6, 0x0)
connect$unix(r5, &(0x7f0000000000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r4, &(0x7f0000002340)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
close_range(r3, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r4, 0xc1105517, &(0x7f0000000340)={{0xffffffff, 0x0, 0x1, 0x0, 'syz1\x00'}, 0x0, 0x40, 0x4, 0x0, 0x0, 0x6, 'syz1\x00', 0x0})
r7 = dup(r2)
read$FUSE(r7, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000002040)={&(0x7f0000002000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000002140)={&(0x7f00000021c0)=ANY=[], 0xf0}, 0x1, 0x0, 0x0, 0x1}, 0x4008065)
umount2(&(0x7f0000001000)='./cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
ioctl$BTRFS_IOC_LOGICAL_INO(r2, 0xc0389424, &(0x7f0000002080)={0x2, 0x0, '\x00', 0x0, 0x0})
openat$hwrng(0xffffffffffffff9c, &(0x7f00000023c0), 0x3d1120, 0x0)

2.99246757s ago: executing program 5 (id=3053):
openat$rfkill(0xffffffffffffff9c, &(0x7f0000001700), 0x48680, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f0000000200)={0x50, 0x0, 0x0, {0x7, 0x29, 0x20200}}, 0x50)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, 0x0, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000000380)={0x3, 0x40, 0xfa00, {{0xa, 0x0, 0x0, @loopback}, {0xa, 0x0, 0x0, @mcast1}}}, 0x48)
write$RDMA_USER_CM_CMD_GET_EVENT(r3, &(0x7f0000000100)={0xc, 0x8, 0xfa00, {0xffffffffffffffff}}, 0x10)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
writev(r4, &(0x7f0000000140)=[{&(0x7f00000000c0)="14", 0x1}], 0x1)

2.095198642s ago: executing program 6 (id=3054):
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x183)
fcntl$setlease(r0, 0x400, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, &(0x7f0000000480)={0x80000000, &(0x7f0000000340), 0x0})
ioctl$MEDIA_IOC_ENUM_LINKS(r0, 0xc0287c02, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
getsockopt$inet_sctp_SCTP_HMAC_IDENT(0xffffffffffffffff, 0x84, 0x14, 0x0, &(0x7f0000000040))
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r5}, 0x10)
r7 = socket$inet(0x2, 0x4000000000000001, 0x0)
openat$ptp0(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bind$inet(r7, 0x0, 0x0)
add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xffffffffffffffff)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000000)='sysfs\x00', 0x0, 0x0)
r8 = fspick(r6, &(0x7f00000000c0)='./file0\x00', 0x1)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r8, 0x7, 0x0, 0x0, 0x0)

2.093949186s ago: executing program 4 (id=3055):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000340)={0x26, 'hash\x00', 0x0, 0x0, 'sha224-avx\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(r1, 0x0, 0x80)

1.927693211s ago: executing program 4 (id=3056):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
io_setup(0x2, &(0x7f0000000380)=<r1=>0x0)
pipe(&(0x7f00000005c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
write$binfmt_script(r3, 0x0, 0xb)
write$binfmt_misc(r4, &(0x7f00000000c0), 0xfdef)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r6 = accept4(r5, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000540)=ANY=[], 0xf0}, 0x1, 0x0, 0x0, 0xc001}, 0x4008011)
recvmsg$can_j1939(r6, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000002c0)=""/197, 0xc5}], 0x1}, 0x41)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), r6)
splice(r2, 0x0, r4, 0x0, 0x80, 0x2)
io_submit(r1, 0x1, &(0x7f00000000c0)=[&(0x7f00000001c0)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x2}])

1.047151385s ago: executing program 5 (id=3057):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = syz_clone(0x20002000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = fcntl$getown(r0, 0x9)
kcmp$KCMP_EPOLL_TFD(r2, r1, 0x7, 0xffffffffffffffff, &(0x7f0000000040))
sched_setattr(r1, 0x0, 0x0)
getpid()
syz_open_dev$media(&(0x7f0000000dc0), 0x0, 0x0)
socket$key(0xf, 0x3, 0x2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000700)=@raw={'raw\x00', 0x3c1, 0x3, 0x4e8, 0x2e0, 0x940c, 0x3002, 0x0, 0x2c0, 0x418, 0x3d8, 0x3d8, 0x418, 0x3d8, 0x8000000, 0x0, {[{{@uncond, 0x0, 0x298, 0x2e0, 0x0, {}, [@common=@inet=@recent0={{0xf8}, {0x0, 0x0, 0x1, 0x0, 'syz0\x00'}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x2, 0x2, 0x0, 'syz0\x00'}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, 'virt_wifi0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, '\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x548)

950.347253ms ago: executing program 6 (id=3058):
r0 = open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x1000001, 0x13, r0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000980)=@deltfilter={0x1750, 0x2d, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xe, 0xb}, {0x5, 0x4}, {0xffff, 0xa}}, [@TCA_RATE={0x6, 0x5, {0x0, 0x4}}, @filter_kind_options=@f_cgroup={{0xb}, {0x814, 0x2, [@TCA_CGROUP_POLICE={0x80c, 0x2, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0xffffffff, 0x9, 0x2, 0x3, 0x7fffffff, 0x84, 0xffffff7f, 0x80000000, 0x7fff, 0x4, 0x80, 0x9, 0x3, 0x3, 0x4, 0x8001, 0x4, 0x6, 0x9, 0x4, 0x3ff, 0x7, 0x18000000, 0x9, 0x0, 0x4, 0xe2, 0x1, 0xfffffffc, 0x1, 0x883, 0x5, 0x4, 0xa, 0xfffffffe, 0x60, 0x4, 0x10000, 0x1, 0x9, 0x0, 0x0, 0x0, 0x8, 0x401, 0x5, 0x0, 0x5, 0x81, 0x6b, 0x9, 0x626a29e7, 0x8, 0x6, 0x9, 0x0, 0x5, 0x9, 0x1, 0x6, 0x0, 0x2, 0x19, 0x140, 0x4000000, 0x5, 0xa6e, 0x100, 0x5, 0x10, 0x1ff, 0x5, 0xffffffff, 0xfffffffd, 0x3, 0xf2a, 0xfffffff8, 0x4, 0x31, 0x7ff, 0xe49c, 0xa74, 0x10000003, 0x5, 0x401, 0x47, 0x3, 0xc, 0x48, 0x20004, 0x2, 0x193, 0xf, 0x5, 0x9f, 0x8001, 0x1a0c, 0x8, 0x3, 0xe7b, 0x7, 0xf, 0xde, 0x7, 0x7, 0x8, 0x3, 0x88, 0xf2, 0x800, 0x40, 0xd56, 0x0, 0x4, 0x5, 0x7fffffff, 0x5, 0x8, 0x3, 0x3, 0x20000, 0x6, 0x2dfe, 0x2, 0x7, 0x5, 0x6, 0xfffffffe, 0xc, 0x10001, 0x80000000, 0x0, 0x74, 0xd51, 0x81, 0x0, 0x10, 0x202, 0x7e, 0xe, 0x200004, 0x3, 0x7083, 0x9, 0x3, 0x6, 0x5, 0x6, 0x1000, 0x8, 0x7ff, 0x1175, 0x6, 0xa, 0x1, 0xc, 0x4, 0xfffffff9, 0xffff, 0x1000, 0xffffffff, 0x5, 0xfffffff7, 0x1, 0x3, 0x3, 0x28, 0x0, 0x200, 0x57c7, 0x8, 0x10000000, 0x6, 0x9, 0x8, 0x1, 0x9, 0xfff, 0x3, 0x8001, 0x0, 0x7, 0xa5, 0x3, 0x4, 0x22, 0x800, 0x4, 0xfff, 0xfffffff8, 0x9, 0x3, 0x7, 0x3, 0x0, 0xa, 0xfffffffe, 0x7, 0x8, 0x9, 0x7f, 0x539, 0x10001, 0x8, 0x10e1, 0x8, 0x3, 0x0, 0x200, 0x0, 0x6, 0x4, 0x6, 0x6, 0x25, 0x1, 0x5, 0x10000, 0x7f, 0xfffffffc, 0xfffffffd, 0x400, 0x3ff, 0x0, 0x80000000, 0xffff, 0x66e, 0x2, 0x8f, 0x6, 0xfffeffff, 0x9, 0x6, 0x8, 0x6, 0x7, 0x2, 0x4, 0x73, 0x45, 0x7, 0x6, 0x200, 0x6, 0x0, 0x7ff, 0x40, 0x3, 0x5, 0x1, 0x7, 0x7, 0x0, 0x8, 0x6, 0x4]}, @TCA_POLICE_RATE={0x404, 0x2, [0x80000000, 0x0, 0x7f, 0x2, 0x8, 0x6, 0x3, 0x80, 0x9, 0x1000, 0x8, 0x401, 0x1, 0x2, 0x2, 0x1, 0x3, 0x6, 0x2, 0x6, 0x3, 0x2, 0x9, 0x9, 0x2991, 0x0, 0xd2, 0x0, 0x7, 0x5, 0xc07, 0x4, 0x9, 0x8, 0x4000000, 0x4, 0x9, 0x7, 0x3, 0x5, 0x9, 0xac, 0x0, 0x8, 0x7646, 0x40, 0x4, 0x0, 0x2, 0x4, 0x1ff, 0x7, 0x7, 0x40, 0xb0, 0x7f, 0xae7, 0x1, 0x9, 0x5, 0x3, 0x6, 0xefff, 0x3, 0x2, 0x9, 0x6bdfbae7, 0x7, 0x0, 0x2, 0x9, 0x8, 0x1, 0x6bd1, 0x100, 0x9, 0x80000001, 0x800, 0x9, 0x1ff, 0x9, 0x4, 0x3, 0x0, 0x9, 0x9, 0x6698211, 0xfffffffa, 0x0, 0x5, 0x2, 0x8, 0x3, 0x81, 0x1, 0x20009, 0x1000, 0x8, 0x6c, 0x9, 0xe, 0x2, 0x80000000, 0x80000002, 0xffffffff, 0xfffffffc, 0x4, 0x4, 0x9, 0x9, 0x3ff, 0x4, 0x100, 0x2, 0xd0be, 0x5, 0x36508, 0xffffff1d, 0xfffffff9, 0x400, 0xfffffffe, 0x9, 0x2, 0x6, 0x401, 0x80, 0x1, 0x2, 0x7, 0x1e, 0xf, 0x8, 0xfff, 0x1, 0x8, 0x6, 0x18, 0x8001, 0x3, 0x9, 0x1ff, 0x77, 0x100, 0xfffffffe, 0xc, 0x10000, 0x35, 0x3, 0x8, 0x7fffffff, 0xffff8000, 0x7, 0x568, 0x5b2c958b, 0x1, 0x1, 0x7, 0x3, 0x80000001, 0x9, 0x2, 0x1, 0xff, 0x4, 0x4, 0x7d2e, 0x8000, 0xb086, 0xa1d, 0x8000, 0xffffff20, 0x8, 0x2f, 0x622f, 0x4, 0x2, 0xff, 0x1, 0xda61, 0x6, 0x5, 0x10, 0x7, 0x27, 0x6, 0x1, 0x1, 0x10a, 0xfffeffff, 0xd, 0x0, 0x0, 0x80000000, 0x461, 0x80000001, 0x7, 0x0, 0x3, 0x0, 0x7fffffff, 0xb, 0x0, 0x4, 0x4, 0x8, 0x3, 0xff, 0x7, 0xffff, 0x4, 0x4, 0x8000, 0x8, 0xb2, 0x8000, 0x8, 0x4, 0x3ff, 0x53079775, 0x1, 0x8, 0x6, 0x7000, 0x3ff, 0x2, 0x7, 0x4, 0x4, 0xe74, 0x9, 0x8, 0x4, 0x4, 0x10, 0x2, 0x1, 0x101, 0x6, 0x3, 0x7, 0x0, 0x0, 0x4, 0x3, 0x8, 0x1, 0x8, 0x6, 0x6, 0x200, 0x24000, 0x10000, 0xa7, 0x8, 0x54, 0x3]}]}, @TCA_CGROUP_ACT={0x4}]}}, @filter_kind_options=@f_bpf={{0x8}, {0xefc, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4}}, @TCA_BPF_ACT={0xeec, 0x1, [@m_xt={0xee8, 0x4, 0x0, 0x0, {{0x7}, {0xec0, 0x2, 0x0, 0x1, [@TCA_IPT_TARG={0xeb9, 0x6, {0x6, 'mangle\x00', 0x7, 0x80, "31188d082e62b9cafa263d481bfb3dd3e585907fc6d32cb2df6e06174fe9162f55ee2c86e27418be094244f885cc425f54ac591c8b86042c0fbd003073b7381d7b3b06e92ae95113eb578be5fa0ac9045a151da5200950bdcfb84112a026b7fe797832ab5305270eb0d1eeb19fdd6ff0eabe051749cc80e32dc93c08e343a73870f761e0493bc09fc455a0d976ec5784750f65984d75769d388330bbc4550c483ae93cfb45cd35e8264ac610241d60290283a4f5a084d58626c6617e6067af7959ea4a05724b8532d299739c89daaa0b5631daac6a394c10d031457b3f5bdf5fb2ea71a8dd241df10a96033e0e4a8e7eb74e1bb4fe16c8d67f434b3c8cc00ea34087354db5b90da2ffe99cabc0de1a470b1fd28826b3dd1c6c684a0a11e613d50fcc24e5c0499fd7eb5cb74cf19997b0b9704d161db0c106b387d0e4b32b4e870c062759885b65fc99ca19004990f86186f5a27c3be242749954728f59af73f30120140aaaf21ff54485f99f67f96e3e9888f8b8cd5e249793ed383dfafdb0d112547349707e9bdbaf5fdb658054b0df9b7de85bcc1dd54475998383e0639101708c59baded32d85fd6d0ab68ea1e173de2c52b7cdc7c8c711d975cc58b56fc21c128cc20f16e79531c93142065e146e1939a52b37b74c3a46d94e6fda3c591b7a139c4874fe44efad74ae50a2e268bff5588ad3652300c80a419e37fadc2000dcfabbecdc5180f7b5832997c87db846cb44cb2d34c5ae43dd5788f573c69e2ab347d133dbac3d3bb56680d524faa1f3e68d2b2ece5f099c70a5b4e754e81f2017efb804399fc99608044da43114bf8343ec22736c405a30f7c22d411464cf2a7914fed1def5ad3c9ad69d8e8a9683587992a0dbded7a5ff644b9c49887e29c32dc40edb2ce51d2ed9d8e5bd0a3c5c057e6c70ffd075abaa99af904e1db9722c1aa26612441d30c19b017e7e8da967eb168e317ac42f91fd3e3e7fabdd46a05aeb11d7a5bdf4d67899008a15a9c8a65a802129d68e8ff9155f6dd21585ae9684667b19ef66f856108fe7b3c55b31c0ce2ae0abe9bdeb9b7c72de3073a5af2aa3a83154cfa09b0c2712d052c3545b06238380ef5b71b2d7a6bd17028aff77f61230154a3d79b9f881dd50f312d01ed2f45c8df33b6d27bd0d6dfbe2c031045954dd58360853eb51133273e3c231e267d66e32a3b61a027648da5341d96440b7000a793ad72c7ae2591a936eee202eacda4a4b9c2484bc111aa5e4e1ae749d6b92259e7760247eae905b1b978ee21f2ee3347bdb2c8bedebd0b5aabd98e959c4690ba5c5f95a35714475b2b0d9df151af922bd1ea2f58791ca150d90d72e009d690b2b99dc6ce325d68237dde7a54b8438e3e4c9a403e18c6966d23e84125a99b8aef46b9a55296ba9753ad3526a368d32024ed6e60c3c3dcca9136b9328ec32315a849a8abceb7099ea7c95bf14872209d0fae9219668631d00889caa78c41d22351042fe725848086fef5908e813e6104cd64082f4c5f33f5a2cbfcd4e293a4d08f8d6683ab1166b821b4b84a29ac34fad672b9b2c53b45b55d1aade9f52e343d02a1f80079af92bcc04eb09571d868345d6a66e9ddbbec0b0a289e2b5be585f211b7f78d0c2f7c68026ba05a81691522050cd46bf2e1a1e360f03ec77024045d2ec7f15cb5484f4d4034eeeada9dc07552d183139b5666907a2f4c53eae40930d208ffc97a3c42ca1b29b1b6eb15916fbab0677b312e289211f816665ce0eb1fdf2bff58a200f65424b9048c16f5f18241ff33c0f00d404580589f00bdc63a7d469611b043dfdd8cd2891f83c90d849bf8cfe5eb94ee8aed76a277205b5e10e1aa79fa6166ce1fc1d8b9d46721e1e9d445fe7d18e6c6da7764104dfb77e984c8b66c5a77a4bd583270df11bff0ef7652eb4e19353d52e8849b38ef133cd3e6b800136cc36387ac72ca894fe39a67566c3c0869033df40b743ce8eea814d2fb7988f131f28965c9b10a4b4590187b3b5ed1457ec9f8ed064c262e7eb09026a6eab5659203211424d9119d234ceded9af7876a39917429d5e4815ddb22e65a9e7808f0545ac1c0e80fd759014f3eb888adfaa4514b8a9bd6a11826010b9da447eb5730c2af661a23ea5b9ae638694b1422cd91e4ae375f0c510ffe479a285d86abdea194e71814449b709df690626d68665f20b57a3960713e65e00bff9daf9e37459686b42de246be6b552ccbd89eec5f2e44ca287a2d648cf5b0fb0a00cd7cd91b0f93cfaf915e2e149946f1644b09b9b624cd1e3b7177f9692a11a08323f52e9c83e9e7fc46e1904de72a37856d70e656922cd3599567b50c9530dc256c8ab7706bef9e87be8b0a69cd776fe675e7b8ed91108e51bd5b7c7d07103823bd5bbadc37d919eb6f953800de78a86cc5117d6d7f18574e66c981f3cf77286b122a9da97f6aa33116d6963341f34d0b5e8efbd27fda3216addbf23865845d34c4aaaa55e2216d6b0703e90cb8809264a2c64cf82b9cc591180d94ea8a52566c6d9842faceeea9e676ac5c95eed92237f8d2d98d61c5203d8eb4cecabce1d1746b9e3a7f4efa3fa67c2a9c582796e7152f1f48f7ad11c7d2468468b671bb89acc3bebb7b1d9d6c3970718945fa4d11fff24fbed85ec093dcffe6ee76b39a04c79ec8504fd7e500fe190e5a7288bdeaae07bffdfe827f8ed677346842c5177585a65f1b6040f383a16967306ed0fc52ce1f40d0a5ed74d6556225ef1ab7c8ef596b4eae153818c54ba9ffcc5b9ec71117aa003708f57d166cd3f43060ffe1b57c437d1180da428bdeeae9940b33b3118fc18e66a60282a8a74c8b138f11fa082ff6d817ed14725397e05ee63d8df59cd860138bffd4bc2a4a61532a177b7910b90b8d8bb28a2ecdd9b5e11f220dd74043f7652fad245062c3bc6b2dba6111cf7cc660ebd9e1bc86f1259e8c17dbfc209a0d0988dec08a84db8d1d32b26923248b5d1a6689ba5c77d20630e0039cba14c4c0f68c5d5fbbd4cb45d171779d94756f86ae2e606d35e8a8218b578c7d43fc622005277105421e616f57744a7e784b8a3c4ef58485369d712d25afcd6f80e01461f57d502a797db105f65cf169eafd203ae86bd049bd2477a3804a7861a92d3a631504c2e2565446c3a368f67d3f5a351cd8accaf2dd695d5e6442179b277722fd29d3b3bdad9c21369fe6293c1fd87e1a78fec295911a572246f4d10681d08e07bfb5a90da2c410f35cdbed5db6195a342affc3c8ee9789dfa964089013d5e5ca88fb0adae16d24a337d4eea93632626e950eaf17d78179aa529e6fadbe1d2dfbb2435bb413d324cd17c6e1ac2930f544b76f7b002df58bdf6629fb32fb97d751aa1292168fed8fdf9b1b6a55e326826d03e14b4c09a25b77a2676050bfcc6e32502b80258d73776ce046146e5ec867f05a74667b44f89a9c0bbf9bd1658d7a998546a2964d18e40585dc2178e92da3d32d609afd96b2fe228f3c574e7bdaff7ff9b0ba90dd8a145e92070e126660cc02b364dcb7f3446d451e25e1a457dd51e50ac72f4a81b3e091c6b7072f10bd2d72188a24b7414f0588770ec7259eddf7ceeb1eec476bf67c8d0161bca9e5db4bdca5d4fdb1c2ee7e10bfb86ab47eddc35a7b33e540df5b7b7e000a53fa45902962ec19c54d56c0580e37331891cac5f3e0d53b1121b07ede04bdd1b059a5de140603af57de17bbb383a35554e749019118c0a734272a6856ef097d956453b4a354dd5cacc0d4599370fecd293196271de78cb115abaecd5eb6a55cc872202c82df1e3a1d4cac8e9905e90812009ee8c561893934f0f01075a7dece18cf05e0ea85000f00ff0e1f2f14e58968eb9dadfe9a6f7ac046d26208cfa406c9ebb3db519d9e5a1df08985bb9fb61e74421ec890c12a346a2ec664b3b4c958a459efd219a0ea8f4c65d802d106418416881f352f12ef78b4ae24f254fbe57868a222bf18d02acb58a96be3aa0cd789c365c7203e60d178b7540609a22179a625aa0ea3ea9c074626c2ba3cb9dfc027a58b61788d5336afd772d97806f7e4607f387a48e07cefa7d0b23c079114f99ee8323a33e5d3cbbcacfa9228af106f90b30b009345cc08946022ceb447f043020db94a398f2c5fd8278e2e08fcdb55ed765f73f895a2f62bc8ed3d2877b15514fa769f5e28451279ee311fd15bb0dcdaa44b31842d7cd1043952e68bffebd1c9f11456dd3284a7922580dc9dfeca205fef5c02100af28bbac6d9f92de9ab27046779a8221db1c92e8fab63f0e29be5ca8cc30a76c8fb3590afbf2750f0cf74553a09e76a7b9ee79d25898ecc0856d262fcffb5c3085c838a765b611324d4283cc6d47d123f0290e56c362370423c13d5ac29d69332e1c5be20baa8735ec0475b4a7d876098e5533680b8769ace7096c756b6389eea95ed6b5728b1df008df6bb860e066207db8bdbef3ca8b894a276b638ce0d76008ba8c97e7fe910496ec8da4531d8c3fdb0fffde53f7e3a32580aa6fc5349639c6b4615258e4e8617240e6e7f312577e97aee074d795c0b2d3583057ea054b3543bf46a47f5ecd364ff1621b1ed5cd2acfe24152b63cb4d7af969672e54c8fa320fe1445309da701efd9749818583100787a3915665a747e48ef7ff8687a63af12bebe67b2c3a0cf6cb93f7db1bbbdfe852247a81afcfad08cf8d8d244fead1ef8bade88c33a8bdd0ede04b4e9aada45d77d753c148cd69e2d8eae2287abfdebfcd6cbee5e5bbdf1ff85a8817baf267546d163fecf71f6c381818fbb53a5f910183749f9c68bb47910ff4ad4f75eb67b1da1e92097c2b06dae5f66f5da8cd1f423296e4754b1042b56c2c3a1c0ffe4be6d204601d84898b31b304fe7453d5b35ff4f726b09f6c2819f28fa0226ddbd6b6d31b1d87fef6558e0b947da6e97a05e4d912beb98980ed1026c46b37a8d43a871ff8a164da2e9be3c49fd93cb28092aeb5828437ea18034dbdfb6720788e582691e808d28102d74b64db0da9057e28c30db36c7e939e1ef94993f27625d5de801395da179b0d85bdd3a648431cafd95cb9566dcd782bbf88da998ea17b2d2d56871dc36968c19778014dcfa740bab896e9229e2dca66a71509ed426bc0accd9088fbec5a59d6ae7af5c2d75b2221bb5299fdc5ff0458002bac7d52f5ac94db3ff9109a292b24b3ae7372f1acf538e3b4355484fd6a9f4feaf322bd43dacafc21d317f31aa8cb528ec941c863e293312dbc80351ac607e84b891e5f7bfbb47ea8b32"}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x1750}, 0x1, 0x0, 0x0, 0x4000}, 0x40000)
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x0, 0x11, r2, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ed56", 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil)
r3 = syz_open_procfs(0x0, &(0x7f00000001c0)='environ\x00')
r4 = memfd_create(&(0x7f0000000540)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d \x06\x00\x00\x00\x97A\xc2\xd8\xf0Uq!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\x16\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xf1k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9k\x83\xfc\xa4\xad4\x03\xa2X\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xdfY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96?\x00\x00\x00\x00\x00\x00\x00\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcb\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93>m\xd7q\'\xdf\xfajo\xd8n\xa7\xecJi\xde\xdf\x7f\xe3\xc4*Z 4\xe8S$\xa1H=\xdf\x05\xf3\xe3T\xd1\xdd\xc6f\xa4\xb4\x96\\\xa0\xf9\x0f\x17\x11{\xb6\x9d\xd21\xc1\x90Vj\x13r\x00\x00\xde\x03\xab\xff\x8as0\xc6E\xca\"\xd9*\x9a\x15\xb95r\x8f\xaaj\x82\xd6\xd2%\xed\xa2WQ\xec2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xccX\xfdRB\xffU\xe9\xfa\x1f\xf6\xce\b\xde@\x061\xc6z\xe4\xe0\xc9?\xa7\x94>\x9c\xd1\xa5o\x04\xaaim\xae\xfe\xc7f\xa3\x96\xd7\xb4c)r{\r#\xddI&\n\xf2\xec\xd4\xff\x9f\x136zZ-2\x80\xfbH+\x9b8\xf3\xed\xdf\xa2my\xb28c[\xc3\xfe\xb5M\x84\x97\xa5\'s\xe9\xdc=)I\xabLt2\x9c\v\xd9S', 0x6)
fallocate(r4, 0x0, 0x9, 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0)
mbind(&(0x7f0000195000/0x2000)=nil, 0x2000, 0x4000, &(0x7f0000000400)=0xfb, 0x9, 0x3)
preadv(r3, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0x0, 0x0)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0) (async)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x1000001, 0x13, r0, 0x0) (async)
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000980)=@deltfilter={0x1750, 0x2d, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0xe, 0xb}, {0x5, 0x4}, {0xffff, 0xa}}, [@TCA_RATE={0x6, 0x5, {0x0, 0x4}}, @filter_kind_options=@f_cgroup={{0xb}, {0x814, 0x2, [@TCA_CGROUP_POLICE={0x80c, 0x2, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0xffffffff, 0x9, 0x2, 0x3, 0x7fffffff, 0x84, 0xffffff7f, 0x80000000, 0x7fff, 0x4, 0x80, 0x9, 0x3, 0x3, 0x4, 0x8001, 0x4, 0x6, 0x9, 0x4, 0x3ff, 0x7, 0x18000000, 0x9, 0x0, 0x4, 0xe2, 0x1, 0xfffffffc, 0x1, 0x883, 0x5, 0x4, 0xa, 0xfffffffe, 0x60, 0x4, 0x10000, 0x1, 0x9, 0x0, 0x0, 0x0, 0x8, 0x401, 0x5, 0x0, 0x5, 0x81, 0x6b, 0x9, 0x626a29e7, 0x8, 0x6, 0x9, 0x0, 0x5, 0x9, 0x1, 0x6, 0x0, 0x2, 0x19, 0x140, 0x4000000, 0x5, 0xa6e, 0x100, 0x5, 0x10, 0x1ff, 0x5, 0xffffffff, 0xfffffffd, 0x3, 0xf2a, 0xfffffff8, 0x4, 0x31, 0x7ff, 0xe49c, 0xa74, 0x10000003, 0x5, 0x401, 0x47, 0x3, 0xc, 0x48, 0x20004, 0x2, 0x193, 0xf, 0x5, 0x9f, 0x8001, 0x1a0c, 0x8, 0x3, 0xe7b, 0x7, 0xf, 0xde, 0x7, 0x7, 0x8, 0x3, 0x88, 0xf2, 0x800, 0x40, 0xd56, 0x0, 0x4, 0x5, 0x7fffffff, 0x5, 0x8, 0x3, 0x3, 0x20000, 0x6, 0x2dfe, 0x2, 0x7, 0x5, 0x6, 0xfffffffe, 0xc, 0x10001, 0x80000000, 0x0, 0x74, 0xd51, 0x81, 0x0, 0x10, 0x202, 0x7e, 0xe, 0x200004, 0x3, 0x7083, 0x9, 0x3, 0x6, 0x5, 0x6, 0x1000, 0x8, 0x7ff, 0x1175, 0x6, 0xa, 0x1, 0xc, 0x4, 0xfffffff9, 0xffff, 0x1000, 0xffffffff, 0x5, 0xfffffff7, 0x1, 0x3, 0x3, 0x28, 0x0, 0x200, 0x57c7, 0x8, 0x10000000, 0x6, 0x9, 0x8, 0x1, 0x9, 0xfff, 0x3, 0x8001, 0x0, 0x7, 0xa5, 0x3, 0x4, 0x22, 0x800, 0x4, 0xfff, 0xfffffff8, 0x9, 0x3, 0x7, 0x3, 0x0, 0xa, 0xfffffffe, 0x7, 0x8, 0x9, 0x7f, 0x539, 0x10001, 0x8, 0x10e1, 0x8, 0x3, 0x0, 0x200, 0x0, 0x6, 0x4, 0x6, 0x6, 0x25, 0x1, 0x5, 0x10000, 0x7f, 0xfffffffc, 0xfffffffd, 0x400, 0x3ff, 0x0, 0x80000000, 0xffff, 0x66e, 0x2, 0x8f, 0x6, 0xfffeffff, 0x9, 0x6, 0x8, 0x6, 0x7, 0x2, 0x4, 0x73, 0x45, 0x7, 0x6, 0x200, 0x6, 0x0, 0x7ff, 0x40, 0x3, 0x5, 0x1, 0x7, 0x7, 0x0, 0x8, 0x6, 0x4]}, @TCA_POLICE_RATE={0x404, 0x2, [0x80000000, 0x0, 0x7f, 0x2, 0x8, 0x6, 0x3, 0x80, 0x9, 0x1000, 0x8, 0x401, 0x1, 0x2, 0x2, 0x1, 0x3, 0x6, 0x2, 0x6, 0x3, 0x2, 0x9, 0x9, 0x2991, 0x0, 0xd2, 0x0, 0x7, 0x5, 0xc07, 0x4, 0x9, 0x8, 0x4000000, 0x4, 0x9, 0x7, 0x3, 0x5, 0x9, 0xac, 0x0, 0x8, 0x7646, 0x40, 0x4, 0x0, 0x2, 0x4, 0x1ff, 0x7, 0x7, 0x40, 0xb0, 0x7f, 0xae7, 0x1, 0x9, 0x5, 0x3, 0x6, 0xefff, 0x3, 0x2, 0x9, 0x6bdfbae7, 0x7, 0x0, 0x2, 0x9, 0x8, 0x1, 0x6bd1, 0x100, 0x9, 0x80000001, 0x800, 0x9, 0x1ff, 0x9, 0x4, 0x3, 0x0, 0x9, 0x9, 0x6698211, 0xfffffffa, 0x0, 0x5, 0x2, 0x8, 0x3, 0x81, 0x1, 0x20009, 0x1000, 0x8, 0x6c, 0x9, 0xe, 0x2, 0x80000000, 0x80000002, 0xffffffff, 0xfffffffc, 0x4, 0x4, 0x9, 0x9, 0x3ff, 0x4, 0x100, 0x2, 0xd0be, 0x5, 0x36508, 0xffffff1d, 0xfffffff9, 0x400, 0xfffffffe, 0x9, 0x2, 0x6, 0x401, 0x80, 0x1, 0x2, 0x7, 0x1e, 0xf, 0x8, 0xfff, 0x1, 0x8, 0x6, 0x18, 0x8001, 0x3, 0x9, 0x1ff, 0x77, 0x100, 0xfffffffe, 0xc, 0x10000, 0x35, 0x3, 0x8, 0x7fffffff, 0xffff8000, 0x7, 0x568, 0x5b2c958b, 0x1, 0x1, 0x7, 0x3, 0x80000001, 0x9, 0x2, 0x1, 0xff, 0x4, 0x4, 0x7d2e, 0x8000, 0xb086, 0xa1d, 0x8000, 0xffffff20, 0x8, 0x2f, 0x622f, 0x4, 0x2, 0xff, 0x1, 0xda61, 0x6, 0x5, 0x10, 0x7, 0x27, 0x6, 0x1, 0x1, 0x10a, 0xfffeffff, 0xd, 0x0, 0x0, 0x80000000, 0x461, 0x80000001, 0x7, 0x0, 0x3, 0x0, 0x7fffffff, 0xb, 0x0, 0x4, 0x4, 0x8, 0x3, 0xff, 0x7, 0xffff, 0x4, 0x4, 0x8000, 0x8, 0xb2, 0x8000, 0x8, 0x4, 0x3ff, 0x53079775, 0x1, 0x8, 0x6, 0x7000, 0x3ff, 0x2, 0x7, 0x4, 0x4, 0xe74, 0x9, 0x8, 0x4, 0x4, 0x10, 0x2, 0x1, 0x101, 0x6, 0x3, 0x7, 0x0, 0x0, 0x4, 0x3, 0x8, 0x1, 0x8, 0x6, 0x6, 0x200, 0x24000, 0x10000, 0xa7, 0x8, 0x54, 0x3]}]}, @TCA_CGROUP_ACT={0x4}]}}, @filter_kind_options=@f_bpf={{0x8}, {0xefc, 0x2, [@TCA_BPF_OPS={{0x6}, {0x4}}, @TCA_BPF_ACT={0xeec, 0x1, [@m_xt={0xee8, 0x4, 0x0, 0x0, {{0x7}, {0xec0, 0x2, 0x0, 0x1, [@TCA_IPT_TARG={0xeb9, 0x6, {0x6, 'mangle\x00', 0x7, 0x80, "31188d082e62b9cafa263d481bfb3dd3e585907fc6d32cb2df6e06174fe9162f55ee2c86e27418be094244f885cc425f54ac591c8b86042c0fbd003073b7381d7b3b06e92ae95113eb578be5fa0ac9045a151da5200950bdcfb84112a026b7fe797832ab5305270eb0d1eeb19fdd6ff0eabe051749cc80e32dc93c08e343a73870f761e0493bc09fc455a0d976ec5784750f65984d75769d388330bbc4550c483ae93cfb45cd35e8264ac610241d60290283a4f5a084d58626c6617e6067af7959ea4a05724b8532d299739c89daaa0b5631daac6a394c10d031457b3f5bdf5fb2ea71a8dd241df10a96033e0e4a8e7eb74e1bb4fe16c8d67f434b3c8cc00ea34087354db5b90da2ffe99cabc0de1a470b1fd28826b3dd1c6c684a0a11e613d50fcc24e5c0499fd7eb5cb74cf19997b0b9704d161db0c106b387d0e4b32b4e870c062759885b65fc99ca19004990f86186f5a27c3be242749954728f59af73f30120140aaaf21ff54485f99f67f96e3e9888f8b8cd5e249793ed383dfafdb0d112547349707e9bdbaf5fdb658054b0df9b7de85bcc1dd54475998383e0639101708c59baded32d85fd6d0ab68ea1e173de2c52b7cdc7c8c711d975cc58b56fc21c128cc20f16e79531c93142065e146e1939a52b37b74c3a46d94e6fda3c591b7a139c4874fe44efad74ae50a2e268bff5588ad3652300c80a419e37fadc2000dcfabbecdc5180f7b5832997c87db846cb44cb2d34c5ae43dd5788f573c69e2ab347d133dbac3d3bb56680d524faa1f3e68d2b2ece5f099c70a5b4e754e81f2017efb804399fc99608044da43114bf8343ec22736c405a30f7c22d411464cf2a7914fed1def5ad3c9ad69d8e8a9683587992a0dbded7a5ff644b9c49887e29c32dc40edb2ce51d2ed9d8e5bd0a3c5c057e6c70ffd075abaa99af904e1db9722c1aa26612441d30c19b017e7e8da967eb168e317ac42f91fd3e3e7fabdd46a05aeb11d7a5bdf4d67899008a15a9c8a65a802129d68e8ff9155f6dd21585ae9684667b19ef66f856108fe7b3c55b31c0ce2ae0abe9bdeb9b7c72de3073a5af2aa3a83154cfa09b0c2712d052c3545b06238380ef5b71b2d7a6bd17028aff77f61230154a3d79b9f881dd50f312d01ed2f45c8df33b6d27bd0d6dfbe2c031045954dd58360853eb51133273e3c231e267d66e32a3b61a027648da5341d96440b7000a793ad72c7ae2591a936eee202eacda4a4b9c2484bc111aa5e4e1ae749d6b92259e7760247eae905b1b978ee21f2ee3347bdb2c8bedebd0b5aabd98e959c4690ba5c5f95a35714475b2b0d9df151af922bd1ea2f58791ca150d90d72e009d690b2b99dc6ce325d68237dde7a54b8438e3e4c9a403e18c6966d23e84125a99b8aef46b9a55296ba9753ad3526a368d32024ed6e60c3c3dcca9136b9328ec32315a849a8abceb7099ea7c95bf14872209d0fae9219668631d00889caa78c41d22351042fe725848086fef5908e813e6104cd64082f4c5f33f5a2cbfcd4e293a4d08f8d6683ab1166b821b4b84a29ac34fad672b9b2c53b45b55d1aade9f52e343d02a1f80079af92bcc04eb09571d868345d6a66e9ddbbec0b0a289e2b5be585f211b7f78d0c2f7c68026ba05a81691522050cd46bf2e1a1e360f03ec77024045d2ec7f15cb5484f4d4034eeeada9dc07552d183139b5666907a2f4c53eae40930d208ffc97a3c42ca1b29b1b6eb15916fbab0677b312e289211f816665ce0eb1fdf2bff58a200f65424b9048c16f5f18241ff33c0f00d404580589f00bdc63a7d469611b043dfdd8cd2891f83c90d849bf8cfe5eb94ee8aed76a277205b5e10e1aa79fa6166ce1fc1d8b9d46721e1e9d445fe7d18e6c6da7764104dfb77e984c8b66c5a77a4bd583270df11bff0ef7652eb4e19353d52e8849b38ef133cd3e6b800136cc36387ac72ca894fe39a67566c3c0869033df40b743ce8eea814d2fb7988f131f28965c9b10a4b4590187b3b5ed1457ec9f8ed064c262e7eb09026a6eab5659203211424d9119d234ceded9af7876a39917429d5e4815ddb22e65a9e7808f0545ac1c0e80fd759014f3eb888adfaa4514b8a9bd6a11826010b9da447eb5730c2af661a23ea5b9ae638694b1422cd91e4ae375f0c510ffe479a285d86abdea194e71814449b709df690626d68665f20b57a3960713e65e00bff9daf9e37459686b42de246be6b552ccbd89eec5f2e44ca287a2d648cf5b0fb0a00cd7cd91b0f93cfaf915e2e149946f1644b09b9b624cd1e3b7177f9692a11a08323f52e9c83e9e7fc46e1904de72a37856d70e656922cd3599567b50c9530dc256c8ab7706bef9e87be8b0a69cd776fe675e7b8ed91108e51bd5b7c7d07103823bd5bbadc37d919eb6f953800de78a86cc5117d6d7f18574e66c981f3cf77286b122a9da97f6aa33116d6963341f34d0b5e8efbd27fda3216addbf23865845d34c4aaaa55e2216d6b0703e90cb8809264a2c64cf82b9cc591180d94ea8a52566c6d9842faceeea9e676ac5c95eed92237f8d2d98d61c5203d8eb4cecabce1d1746b9e3a7f4efa3fa67c2a9c582796e7152f1f48f7ad11c7d2468468b671bb89acc3bebb7b1d9d6c3970718945fa4d11fff24fbed85ec093dcffe6ee76b39a04c79ec8504fd7e500fe190e5a7288bdeaae07bffdfe827f8ed677346842c5177585a65f1b6040f383a16967306ed0fc52ce1f40d0a5ed74d6556225ef1ab7c8ef596b4eae153818c54ba9ffcc5b9ec71117aa003708f57d166cd3f43060ffe1b57c437d1180da428bdeeae9940b33b3118fc18e66a60282a8a74c8b138f11fa082ff6d817ed14725397e05ee63d8df59cd860138bffd4bc2a4a61532a177b7910b90b8d8bb28a2ecdd9b5e11f220dd74043f7652fad245062c3bc6b2dba6111cf7cc660ebd9e1bc86f1259e8c17dbfc209a0d0988dec08a84db8d1d32b26923248b5d1a6689ba5c77d20630e0039cba14c4c0f68c5d5fbbd4cb45d171779d94756f86ae2e606d35e8a8218b578c7d43fc622005277105421e616f57744a7e784b8a3c4ef58485369d712d25afcd6f80e01461f57d502a797db105f65cf169eafd203ae86bd049bd2477a3804a7861a92d3a631504c2e2565446c3a368f67d3f5a351cd8accaf2dd695d5e6442179b277722fd29d3b3bdad9c21369fe6293c1fd87e1a78fec295911a572246f4d10681d08e07bfb5a90da2c410f35cdbed5db6195a342affc3c8ee9789dfa964089013d5e5ca88fb0adae16d24a337d4eea93632626e950eaf17d78179aa529e6fadbe1d2dfbb2435bb413d324cd17c6e1ac2930f544b76f7b002df58bdf6629fb32fb97d751aa1292168fed8fdf9b1b6a55e326826d03e14b4c09a25b77a2676050bfcc6e32502b80258d73776ce046146e5ec867f05a74667b44f89a9c0bbf9bd1658d7a998546a2964d18e40585dc2178e92da3d32d609afd96b2fe228f3c574e7bdaff7ff9b0ba90dd8a145e92070e126660cc02b364dcb7f3446d451e25e1a457dd51e50ac72f4a81b3e091c6b7072f10bd2d72188a24b7414f0588770ec7259eddf7ceeb1eec476bf67c8d0161bca9e5db4bdca5d4fdb1c2ee7e10bfb86ab47eddc35a7b33e540df5b7b7e000a53fa45902962ec19c54d56c0580e37331891cac5f3e0d53b1121b07ede04bdd1b059a5de140603af57de17bbb383a35554e749019118c0a734272a6856ef097d956453b4a354dd5cacc0d4599370fecd293196271de78cb115abaecd5eb6a55cc872202c82df1e3a1d4cac8e9905e90812009ee8c561893934f0f01075a7dece18cf05e0ea85000f00ff0e1f2f14e58968eb9dadfe9a6f7ac046d26208cfa406c9ebb3db519d9e5a1df08985bb9fb61e74421ec890c12a346a2ec664b3b4c958a459efd219a0ea8f4c65d802d106418416881f352f12ef78b4ae24f254fbe57868a222bf18d02acb58a96be3aa0cd789c365c7203e60d178b7540609a22179a625aa0ea3ea9c074626c2ba3cb9dfc027a58b61788d5336afd772d97806f7e4607f387a48e07cefa7d0b23c079114f99ee8323a33e5d3cbbcacfa9228af106f90b30b009345cc08946022ceb447f043020db94a398f2c5fd8278e2e08fcdb55ed765f73f895a2f62bc8ed3d2877b15514fa769f5e28451279ee311fd15bb0dcdaa44b31842d7cd1043952e68bffebd1c9f11456dd3284a7922580dc9dfeca205fef5c02100af28bbac6d9f92de9ab27046779a8221db1c92e8fab63f0e29be5ca8cc30a76c8fb3590afbf2750f0cf74553a09e76a7b9ee79d25898ecc0856d262fcffb5c3085c838a765b611324d4283cc6d47d123f0290e56c362370423c13d5ac29d69332e1c5be20baa8735ec0475b4a7d876098e5533680b8769ace7096c756b6389eea95ed6b5728b1df008df6bb860e066207db8bdbef3ca8b894a276b638ce0d76008ba8c97e7fe910496ec8da4531d8c3fdb0fffde53f7e3a32580aa6fc5349639c6b4615258e4e8617240e6e7f312577e97aee074d795c0b2d3583057ea054b3543bf46a47f5ecd364ff1621b1ed5cd2acfe24152b63cb4d7af969672e54c8fa320fe1445309da701efd9749818583100787a3915665a747e48ef7ff8687a63af12bebe67b2c3a0cf6cb93f7db1bbbdfe852247a81afcfad08cf8d8d244fead1ef8bade88c33a8bdd0ede04b4e9aada45d77d753c148cd69e2d8eae2287abfdebfcd6cbee5e5bbdf1ff85a8817baf267546d163fecf71f6c381818fbb53a5f910183749f9c68bb47910ff4ad4f75eb67b1da1e92097c2b06dae5f66f5da8cd1f423296e4754b1042b56c2c3a1c0ffe4be6d204601d84898b31b304fe7453d5b35ff4f726b09f6c2819f28fa0226ddbd6b6d31b1d87fef6558e0b947da6e97a05e4d912beb98980ed1026c46b37a8d43a871ff8a164da2e9be3c49fd93cb28092aeb5828437ea18034dbdfb6720788e582691e808d28102d74b64db0da9057e28c30db36c7e939e1ef94993f27625d5de801395da179b0d85bdd3a648431cafd95cb9566dcd782bbf88da998ea17b2d2d56871dc36968c19778014dcfa740bab896e9229e2dca66a71509ed426bc0accd9088fbec5a59d6ae7af5c2d75b2221bb5299fdc5ff0458002bac7d52f5ac94db3ff9109a292b24b3ae7372f1acf538e3b4355484fd6a9f4feaf322bd43dacafc21d317f31aa8cb528ec941c863e293312dbc80351ac607e84b891e5f7bfbb47ea8b32"}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x1750}, 0x1, 0x0, 0x0, 0x4000}, 0x40000) (async)
socket$alg(0x26, 0x5, 0x0) (async)
socket$inet6(0xa, 0x1, 0x0) (async)
mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x0, 0x11, r2, 0x0) (async)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58) (async)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000c18000)="ed56", 0x2) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) (async)
prctl$PR_SET_MM(0x23, 0xa, &(0x7f00002d5000/0x2000)=nil) (async)
syz_open_procfs(0x0, &(0x7f00000001c0)='environ\x00') (async)
memfd_create(&(0x7f0000000540)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d \x06\x00\x00\x00\x97A\xc2\xd8\xf0Uq!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\x16\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xf1k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9k\x83\xfc\xa4\xad4\x03\xa2X\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xdfY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96?\x00\x00\x00\x00\x00\x00\x00\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcb\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93>m\xd7q\'\xdf\xfajo\xd8n\xa7\xecJi\xde\xdf\x7f\xe3\xc4*Z 4\xe8S$\xa1H=\xdf\x05\xf3\xe3T\xd1\xdd\xc6f\xa4\xb4\x96\\\xa0\xf9\x0f\x17\x11{\xb6\x9d\xd21\xc1\x90Vj\x13r\x00\x00\xde\x03\xab\xff\x8as0\xc6E\xca\"\xd9*\x9a\x15\xb95r\x8f\xaaj\x82\xd6\xd2%\xed\xa2WQ\xec2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xccX\xfdRB\xffU\xe9\xfa\x1f\xf6\xce\b\xde@\x061\xc6z\xe4\xe0\xc9?\xa7\x94>\x9c\xd1\xa5o\x04\xaaim\xae\xfe\xc7f\xa3\x96\xd7\xb4c)r{\r#\xddI&\n\xf2\xec\xd4\xff\x9f\x136zZ-2\x80\xfbH+\x9b8\xf3\xed\xdf\xa2my\xb28c[\xc3\xfe\xb5M\x84\x97\xa5\'s\xe9\xdc=)I\xabLt2\x9c\v\xd9S', 0x6) (async)
fallocate(r4, 0x0, 0x9, 0x4) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r4, 0x0) (async)
mbind(&(0x7f0000195000/0x2000)=nil, 0x2000, 0x4000, &(0x7f0000000400)=0xfb, 0x9, 0x3) (async)
preadv(r3, &(0x7f0000001400)=[{&(0x7f0000000040)=""/113, 0x200000b1}], 0x1, 0x0, 0x0) (async)

791.51925ms ago: executing program 4 (id=3059):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x8002, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x14, 0x2, 0x0, "b427ececbbe6d400fd00000200ef00ffffffffffff00", 0x3631564e})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
bpf$BPF_LINK_CREATE(0x8, &(0x7f0000000340)={0xffffffffffffffff, 0xffffffffffffffff, 0xf, 0x0, @val=@tracing}, 0x40)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
remap_file_pages(&(0x7f000013e000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x1)
sendmsg$OSF_MSG_ADD(0xffffffffffffffff, &(0x7f0000001340)={0x0, 0x0, 0x0}, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x3)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="b40500000000000071108600000000000600000000000000950000008000000030289c81e05a2c500a74d1d6882ea5df338cdf4ed2c2ebffeba7bfcd1b462a086792b04c4df3ae7bd4add30add75dd3a2438c1eebe70b92680614fdbb4ce82e64ff21f30595ca23902f197da990d2b9af8fcefeb4c575343932f5076d15d01b1c31ceb70383b7e13f5dffcf16b61a5a1a5eeffa7fdbc3d92e4d6c493fb1701ba53981d67a3114dd10176b4631baecf8bfd665985a76bf0a0f50224b133989e30c40d2ba571ae18728002cb4c4c217b32ab669b30e86b8b2661b0a6987ecd533744c1c15bcae990697bf92d0e4534b97321c938015eb597e2945b9b33c707bc9d6d2565b35413365eb75ed1ef76dd4858bcf11c22ace836c8b2920b083808b791cf421be31ad26828aa0117182a8b59afe911e24f3286a847db2dbe1c7dadf9fc6ac71be90904c69200123824134ab69dfaf2597b17fe09b042cf7523d38f1701b4761b4ba1284acbd2e3bc3ea4"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd96, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd56, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
setxattr$smack_xattr_label(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='security.SMACK64EXEC\x00', &(0x7f0000000240)=ANY=[@ANYBLOB='/de'], 0xb, 0x2)

791.133438ms ago: executing program 5 (id=3060):
r0 = socket$netlink(0x10, 0x3, 0x4)
seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x1)
r2 = syz_open_dev$usbfs(0x0, 0x206, 0x8341)
read$msr(r1, &(0x7f0000019680)=""/102360, 0x18fd8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$USBDEVFS_ALLOW_SUSPEND(r2, 0x5522)
syz_open_dev$usbfs(0x0, 0x8, 0x0)
bind$netlink(r0, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
setsockopt(r4, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1) (fail_nth: 1)
r5 = getpid()
sched_setscheduler(r5, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
connect$inet(r4, &(0x7f0000000080)={0x2, 0x4e20, @loopback}, 0x10)
sendmmsg$inet(r4, &(0x7f0000003040)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="dc0e4ddb", 0x4}], 0x1}}, {{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000600)}], 0x1}}], 0x2, 0x800)
openat$audio1(0xffffffffffffff9c, &(0x7f00000000c0), 0x8000, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0xfe, 0x0, 0x7ffffffe}]})
ptrace(0x10, 0x0)
clock_getres(0x9, 0x0)

368.537461ms ago: executing program 0 (id=3061):
ioperm(0x0, 0x100000000, 0x7)
r0 = io_uring_setup(0x269, &(0x7f0000000000)={0x0, 0xa72, 0x800, 0x89e, 0x14c})
fcntl$getown(r0, 0x9)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), 0x0, 0x5}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
pipe(&(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
splice(0xffffffffffffffff, 0x0, r3, 0x0, 0x8000f28, 0x0)
splice(r2, 0x0, 0xffffffffffffffff, 0x0, 0x7f, 0xe)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x1000002, 0x4012831, 0xffffffffffffffff, 0x0)
futex(&(0x7f0000000000), 0x8c, 0x1, 0x0, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x1, 0x0, 0x0, 0x3)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

77.216988ms ago: executing program 5 (id=3062):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0)
timer_create(0x3, 0x0, &(0x7f0000044000)=<r0=>0x0)
timer_settime(0x0, 0x1, &(0x7f00000000c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
timer_gettime(r0, &(0x7f0000000140))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r1 = gettid()
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xffffffed]}, 0x0, 0x8)
timer_create(0x3, &(0x7f000049efa0)={0x0, 0x14, 0x4, @tid=r1}, &(0x7f0000044000))
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
rt_sigsuspend(&(0x7f0000000000), 0x8)

23.699935ms ago: executing program 6 (id=3063):
r0 = openat$tcp_mem(0xffffffffffffff9c, 0x0, 0x1, 0x0)
io_setup(0x3fe, &(0x7f0000000100)=<r1=>0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0xe0, 0x7ffffdbf}]})
io_submit(r1, 0x1, &(0x7f0000000240)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x8, 0xffff, r0, 0x0}])

0s ago: executing program 4 (id=3064):
syz_open_dev$tty1(0xc, 0x4, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x7, 0x4008032, 0xffffffffffffffff, 0x3000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15)
socket$inet6_tcp(0xa, 0x1, 0x0)
open(&(0x7f0000001080)='./file1\x00', 0x145142, 0xc)
r0 = epoll_create1(0x0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000001040)={0x9000001d})
read(r1, &(0x7f0000002e00)=""/4088, 0xff8)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000300))
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x100000000000000}, 0x0, &(0x7f0000000080)={0x3ff}, 0x0, 0x0)
write$UHID_INPUT(0xffffffffffffffff, 0x0, 0x0)

kernel console output (not intermixed with test programs):

20c/0x390
[  734.239992][T14414]  kmem_cache_alloc_noprof+0x70/0x380
[  734.245393][T14414]  skb_clone+0x20c/0x390
[  734.249650][T14414]  __netlink_deliver_tap+0x3cc/0x7f0
[  734.254961][T14414]  ? netlink_deliver_tap+0x2e/0x1b0
[  734.260170][T14414]  netlink_deliver_tap+0x19d/0x1b0
[  734.265291][T14414]  __netlink_sendskb+0x60/0xd0
[  734.270071][T14414]  netlink_dump+0x9f0/0xe10
[  734.274598][T14414]  ? __pfx_netlink_dump+0x10/0x10
[  734.279665][T14414]  __netlink_dump_start+0x5a2/0x790
[  734.284901][T14414]  smc_diag_handler_dump+0x1ab/0x250
[  734.290206][T14414]  ? __pfx_smc_diag_handler_dump+0x10/0x10
[  734.296034][T14414]  ? __pfx_smc_diag_dump+0x10/0x10
[  734.301173][T14414]  ? sock_diag_lock_handler+0x19/0x280
[  734.306649][T14414]  ? __pfx_smc_diag_handler_dump+0x10/0x10
[  734.312479][T14414]  sock_diag_rcv_msg+0x3dc/0x5f0
[  734.317441][T14414]  netlink_rcv_skb+0x1e3/0x430
[  734.322262][T14414]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  734.327746][T14414]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  734.333087][T14414]  ? __rcu_read_unlock+0xa1/0x110
[  734.338142][T14414]  netlink_unicast+0x7f6/0x990
[  734.342939][T14414]  ? __pfx_netlink_unicast+0x10/0x10
[  734.348241][T14414]  ? __virt_addr_valid+0x45f/0x530
[  734.353371][T14414]  ? __phys_addr_symbol+0x2f/0x70
[  734.358414][T14414]  ? __check_object_size+0x47a/0x730
[  734.363744][T14414]  netlink_sendmsg+0x8e4/0xcb0
[  734.368544][T14414]  ? __pfx_netlink_sendmsg+0x10/0x10
[  734.373857][T14414]  ? __pfx_netlink_sendmsg+0x10/0x10
[  734.379156][T14414]  __sock_sendmsg+0x221/0x270
[  734.383855][T14414]  ____sys_sendmsg+0x52a/0x7e0
[  734.388652][T14414]  ? __pfx_____sys_sendmsg+0x10/0x10
[  734.393952][T14414]  ? __fget_files+0x2a/0x410
[  734.398559][T14414]  ? __fget_files+0x2a/0x410
[  734.403170][T14414]  __sys_sendmsg+0x269/0x350
[  734.407778][T14414]  ? __pfx___sys_sendmsg+0x10/0x10
[  734.412948][T14414]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  734.419313][T14414]  ? do_syscall_64+0x100/0x230
[  734.424100][T14414]  ? do_syscall_64+0xb6/0x230
[  734.428800][T14414]  do_syscall_64+0xf3/0x230
[  734.433318][T14414]  ? clear_bhb_loop+0x35/0x90
[  734.438016][T14414]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  734.443928][T14414] RIP: 0033:0x7fb26177fed9
[  734.448356][T14414] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  734.467977][T14414] RSP: 002b:00007fb2625e7058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  734.476394][T14414] RAX: ffffffffffffffda RBX: 00007fb261946160 RCX: 00007fb26177fed9
[  734.484366][T14414] RDX: 0000000000000600 RSI: 0000000020000540 RDI: 0000000000000005
[  734.492331][T14414] RBP: 00007fb2625e70a0 R08: 0000000000000000 R09: 0000000000000000
[  734.500302][T14414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  734.508267][T14414] R13: 0000000000000000 R14: 00007fb261946160 R15: 00007ffe18d78508
[  734.516245][T14414]  </TASK>
[  734.527089][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  734.535275][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  734.535741][ T5824] usb 2-1: Using ep0 maxpacket: 16
[  734.586905][ T5824] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  734.620209][ T5824] usb 2-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  734.646471][ T5824] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  734.668848][ T5824] usb 2-1: config 0 descriptor??
[  734.687444][ T5824] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input82
[  734.917603][   T25] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[  734.932180][T14403] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  735.088462][T14403] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  735.129498][   T25] usb 5-1: device descriptor read/64, error -71
[  735.396859][   T25] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[  735.653244][   T25] usb 5-1: device descriptor read/64, error -71
[  735.664675][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  735.749448][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  735.774634][   T25] usb usb5-port1: attempt power cycle
[  736.244344][T14428] x_tables: ip_tables: osf match: used from hooks OUTPUT, but only valid from PREROUTING/INPUT/FORWARD
[  736.972292][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  737.004401][ T5180] bcm5974 2-1:0.0: could not read from device
[  737.028206][ T5180] bcm5974 2-1:0.0: could not read from device
[  737.036410][ T5824] usb 2-1: USB disconnect, device number 43
[  737.053560][   T25] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[  737.096480][   T25] usb 5-1: device descriptor read/8, error -71
[  737.262101][T14439] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.2467'.
[  737.271821][T14439] openvswitch: netlink: Message has 44053 unknown bytes.
[  737.385306][   T25] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[  737.723720][ T3518] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  737.777152][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  737.871628][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  737.958512][   T25] usb 5-1: device descriptor read/8, error -71
[  738.091000][   T25] usb usb5-port1: unable to enumerate USB device
[  739.438873][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  739.469272][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  739.948022][T14462] tipc: Failed to obtain node identity
[  739.953859][T14462] tipc: Enabling of bearer <ib:veth1_vlan> rejected, failed to enable media
[  740.537332][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  740.585996][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  740.633753][T14465] ALSA: mixer_oss: invalid OSS volume ''
[  741.811433][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  742.610062][T14484] ALSA: mixer_oss: invalid OSS volume 'u'
[  742.617962][   T25] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  742.645156][T14484] trusted_key: encrypted_key: master key parameter '' is invalid
[  742.805231][   T25] usb 1-1: Using ep0 maxpacket: 16
[  743.012982][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  743.023927][   T25] usb 1-1: config index 0 descriptor too short (expected 16456, got 72)
[  743.050893][   T25] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  743.059089][   T25] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  743.167955][   T25] usb 1-1: config 0 has an invalid descriptor of length 52, skipping remainder of the config
[  743.307353][   T25] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  743.520504][   T25] usb 1-1: config 0 has no interface number 0
[  743.802893][   T25] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  743.814072][   T25] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  743.824924][   T25] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  743.835694][   T25] usb 1-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  743.850591][   T25] usb 1-1: config 0 interface 125 has no altsetting 0
[  743.929157][T14502] netlink: 168864 bytes leftover after parsing attributes in process `syz.4.2486'.
[  743.938739][T14502] openvswitch: netlink: Message has 44053 unknown bytes.
[  744.539828][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  744.560156][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  744.582175][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  744.758633][   T25] usb 1-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  744.769203][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  744.777380][   T25] usb 1-1: Product: syz
[  744.781562][   T25] usb 1-1: Manufacturer: syz
[  744.786244][   T25] usb 1-1: SerialNumber: syz
[  744.803629][   T25] usb 1-1: config 0 descriptor??
[  744.960255][T14506] tipc: Failed to obtain node identity
[  744.966090][T14506] tipc: Enabling of bearer <ib:veth1_vlan> rejected, failed to enable media
[  745.453772][T14481] FAULT_INJECTION: forcing a failure.
[  745.453772][T14481] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  745.493294][T14481] CPU: 0 UID: 0 PID: 14481 Comm: syz.0.2480 Not tainted 6.13.0-rc2-syzkaller #0
[  745.502384][T14481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  745.512451][T14481] Call Trace:
[  745.515726][T14481]  <TASK>
[  745.518651][T14481]  dump_stack_lvl+0x241/0x360
[  745.523331][T14481]  ? __pfx_dump_stack_lvl+0x10/0x10
[  745.528533][T14481]  ? __pfx__printk+0x10/0x10
[  745.533123][T14481]  ? __pfx_lock_release+0x10/0x10
[  745.538147][T14481]  should_fail_ex+0x3b0/0x4e0
[  745.542912][T14481]  _copy_from_user+0x2f/0xc0
[  745.547501][T14481]  bpf_ctx_init+0x135/0x1b0
[  745.552006][T14481]  bpf_prog_test_run_xdp+0x338/0x11e0
[  745.557387][T14481]  ? __pfx_lock_release+0x10/0x10
[  745.562417][T14481]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  745.568223][T14481]  ? __fget_files+0x2a/0x410
[  745.572829][T14481]  ? __fget_files+0x2a/0x410
[  745.577436][T14481]  ? fput+0x21b/0x290
[  745.581426][T14481]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  745.587229][T14481]  bpf_prog_test_run+0x2e4/0x360
[  745.592163][T14481]  __sys_bpf+0x48d/0x810
[  745.596408][T14481]  ? __pfx___sys_bpf+0x10/0x10
[  745.601175][T14481]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  745.607161][T14481]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  745.613486][T14481]  ? do_syscall_64+0x100/0x230
[  745.618252][T14481]  __x64_sys_bpf+0x7c/0x90
[  745.622666][T14481]  do_syscall_64+0xf3/0x230
[  745.627166][T14481]  ? clear_bhb_loop+0x35/0x90
[  745.631849][T14481]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  745.637740][T14481] RIP: 0033:0x7feef7d7fed9
[  745.642153][T14481] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  745.661755][T14481] RSP: 002b:00007feef8b13058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  745.670168][T14481] RAX: ffffffffffffffda RBX: 00007feef7f45fa0 RCX: 00007feef7d7fed9
[  745.678134][T14481] RDX: 0000000000000048 RSI: 0000000020000040 RDI: 000000000000000a
[  745.686102][T14481] RBP: 00007feef8b130a0 R08: 0000000000000000 R09: 0000000000000000
[  745.694065][T14481] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  745.702031][T14481] R13: 0000000000000000 R14: 00007feef7f45fa0 R15: 00007ffdfbe33ee8
[  745.710011][T14481]  </TASK>
[  745.745123][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  745.816569][ T5875] usb 1-1: USB disconnect, device number 54
[  746.961168][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  747.120040][T14535] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2494'.
[  747.151513][T14535] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2494'.
[  747.278943][T14538] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  747.466314][   T25] usb 5-1: new full-speed USB device number 64 using dummy_hcd
[  747.495267][T14539] ip_vti0: entered allmulticast mode
[  747.807300][T14547] Bluetooth: hci5: Frame reassembly failed (-84)
[  747.883906][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  748.026725][T14551] tipc: Failed to obtain node identity
[  748.032342][T14551] tipc: Enabling of bearer <ib:veth1_vlan> rejected, failed to enable media
[  748.683807][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  748.725346][T14542] tmpfs: Bad value for 'mpol'
[  748.736081][T14542] netlink: 128 bytes leftover after parsing attributes in process `syz.1.2498'.
[  748.757067][   T25] usb 5-1: config 36 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  748.768759][   T25] usb 5-1: config 36 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  748.779918][   T25] usb 5-1: config 36 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  748.791264][   T25] usb 5-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=3d.29
[  748.800381][   T25] usb 5-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16
[  748.808707][   T25] usb 5-1: Manufacturer: syz
[  748.813363][   T25] usb 5-1: SerialNumber: syz
[  748.877409][ T7228] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  749.094855][T14534] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  749.105088][T14534] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  749.470379][T14560] fuse: Bad value for 'user_id'
[  749.475701][T14560] fuse: Bad value for 'user_id'
[  749.607682][T14534] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  749.629341][T14534] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  749.679753][ T7228] usb 4-1: Using ep0 maxpacket: 32
[  749.904123][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  749.917140][ T7228] usb 4-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b
[  749.935118][ T7228] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  749.943600][ T7228] usb 4-1: Product: syz
[  749.954100][ T7228] usb 4-1: Manufacturer: syz
[  749.962605][ T5830] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  749.981003][ T7228] usb 4-1: SerialNumber: syz
[  750.175710][ T7228] usb 4-1: config 0 descriptor??
[  750.315035][T14564] kvm: user requested TSC rate below hardware speed
[  750.748366][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  750.964064][ T7228] peak_usb 4-1:0.0 can0: unable to request usb[type=2 value=5] err=-71
[  751.082624][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  751.145297][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  751.176778][ T7228] peak_usb 4-1:0.0: probe with driver peak_usb failed with error -71
[  751.188401][ T7228] usb 4-1: USB disconnect, device number 55
[  751.367249][   T25] yealink 5-1:36.0: invalid payload size 0, expected 16
[  751.391071][   T25] input: Yealink usb-p1k as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:36.0/input/input84
[  752.155973][T14580] netlink: 168864 bytes leftover after parsing attributes in process `syz.0.2506'.
[  752.166170][T14580] openvswitch: netlink: Message has 44053 unknown bytes.
[  752.791005][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  752.810410][    C1] yealink 5-1:36.0: urb_ctl_callback - urb status -71
[  752.817527][    C1] yealink 5-1:36.0: urb_ctl_callback - urb status -71
[  752.820627][   T29] kauditd_printk_skb: 7 callbacks suppressed
[  752.820643][   T29] audit: type=1326 audit(2000003124.135:5536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14572 comm="syz.1.2505" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa72977fed9 code=0x7fc00000
[  752.824570][    C1] yealink 5-1:36.0: urb_ctl_callback - urb status -71
[  752.859457][    C1] yealink 5-1:36.0: urb_ctl_callback - urb status -71
[  752.866437][    C1] yealink 5-1:36.0: urb_ctl_callback - urb status -71
[  752.873382][    C1] yealink 5-1:36.0: urb_ctl_callback - urb status -71
[  752.880301][    C1] yealink 5-1:36.0: urb_ctl_callback - urb status -71
[  752.887247][    C1] yealink 5-1:36.0: urb_ctl_callback - urb status -71
[  752.894037][    C1] yealink 5-1:36.0: urb_ctl_callback - usb_submit_urb failed -90
[  752.946743][   T25] usb 5-1: USB disconnect, device number 64
[  754.088077][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  754.804788][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  754.839682][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  755.195581][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  756.054198][T14628] FAULT_INJECTION: forcing a failure.
[  756.054198][T14628] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  756.079816][T14628] CPU: 1 UID: 0 PID: 14628 Comm: syz.0.2519 Not tainted 6.13.0-rc2-syzkaller #0
[  756.088872][T14628] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  756.098922][T14628] Call Trace:
[  756.102193][T14628]  <TASK>
[  756.105118][T14628]  dump_stack_lvl+0x241/0x360
[  756.109791][T14628]  ? __pfx_dump_stack_lvl+0x10/0x10
[  756.114988][T14628]  ? __pfx__printk+0x10/0x10
[  756.119598][T14628]  ? drm_ioctl_kernel+0x337/0x440
[  756.124633][T14628]  should_fail_ex+0x3b0/0x4e0
[  756.129307][T14628]  _copy_to_user+0x31/0xb0
[  756.133719][T14628]  drm_ioctl+0x635/0xad0
[  756.137963][T14628]  ? __pfx_drm_setmaster_ioctl+0x10/0x10
[  756.143598][T14628]  ? __pfx_drm_ioctl+0x10/0x10
[  756.148374][T14628]  ? __fget_files+0x2a/0x410
[  756.152962][T14628]  ? __pfx_drm_ioctl+0x10/0x10
[  756.157720][T14628]  __se_sys_ioctl+0xf5/0x170
[  756.162307][T14628]  do_syscall_64+0xf3/0x230
[  756.166802][T14628]  ? clear_bhb_loop+0x35/0x90
[  756.171485][T14628]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  756.177390][T14628] RIP: 0033:0x7feef7d7fed9
[  756.181799][T14628] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  756.201399][T14628] RSP: 002b:00007feef8b13058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  756.209810][T14628] RAX: ffffffffffffffda RBX: 00007feef7f45fa0 RCX: 00007feef7d7fed9
[  756.217775][T14628] RDX: 0000000000000000 RSI: 000000000000641e RDI: 0000000000000003
[  756.225740][T14628] RBP: 00007feef8b130a0 R08: 0000000000000000 R09: 0000000000000000
[  756.233701][T14628] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  756.241661][T14628] R13: 0000000000000000 R14: 00007feef7f45fa0 R15: 00007ffdfbe33ee8
[  756.249632][T14628]  </TASK>
[  756.310817][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  757.516187][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  757.767919][T14638] xt_TCPMSS: Only works on TCP SYN packets
[  758.071748][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  758.073482][T14647] binder: 14646:14647 ioctl c018620c 0 returned -14
[  758.824534][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  759.870225][T14662] netlink: 168864 bytes leftover after parsing attributes in process `syz.4.2527'.
[  759.879938][T14662] openvswitch: netlink: Message has 44053 unknown bytes.
[  760.537670][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  761.124740][T14666] sp0: Synchronizing with TNC
[  761.263074][   T29] audit: type=1800 audit(2000003132.609:5537): pid=14669 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed(directio) comm="syz.3.2528" name="/" dev="fuse" ino=1 res=0 errno=0
[  761.283176][T14666] sp0: Found TNC
[  761.316471][T14673] netlink: 80 bytes leftover after parsing attributes in process `syz.1.2530'.
[  761.344910][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  761.881831][ T5875] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  762.029294][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  762.142028][T14680] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  762.188506][ T5875] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  762.200015][ T5875] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  762.213958][ T5875] usb 4-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00
[  762.228181][ T5875] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  762.243158][ T5875] usb 4-1: config 0 descriptor??
[  762.285758][ T5933] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  762.796532][ T5933] usb 2-1: Using ep0 maxpacket: 8
[  762.868453][ T5933] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  762.891476][ T5933] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  762.906934][ T5933] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  762.918962][ T5933] usb 2-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[  762.931937][ T5933] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  762.995144][ T5933] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  763.003571][ T5933] usb 2-1: Product: syz
[  763.007781][ T5933] usb 2-1: Manufacturer: syz
[  763.012603][ T5933] usb 2-1: SerialNumber: syz
[  763.054389][ T5933] usb 2-1: selecting invalid altsetting 1
[  763.098205][T14665] [U] è``è
[  763.098205][ T5875] usbhid 4-1:0.0: can't add hid device: -71
[  763.098328][ T5875] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  763.120637][ T5875] usb 4-1: USB disconnect, device number 56
[  763.342561][T14682] FAULT_INJECTION: forcing a failure.
[  763.342561][T14682] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  763.374046][T14682] CPU: 0 UID: 0 PID: 14682 Comm: syz.5.2533 Not tainted 6.13.0-rc2-syzkaller #0
[  763.383118][T14682] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  763.393191][T14682] Call Trace:
[  763.396491][T14682]  <TASK>
[  763.399433][T14682]  dump_stack_lvl+0x241/0x360
[  763.404133][T14682]  ? __pfx_dump_stack_lvl+0x10/0x10
[  763.409351][T14682]  ? __pfx__printk+0x10/0x10
[  763.413965][T14682]  ? snprintf+0xda/0x120
[  763.417948][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  763.418213][T14682]  should_fail_ex+0x3b0/0x4e0
[  763.430944][T14682]  _copy_to_user+0x31/0xb0
[  763.435369][T14682]  simple_read_from_buffer+0xca/0x150
[  763.440753][T14682]  proc_fail_nth_read+0x1e9/0x250
[  763.445880][T14682]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  763.451440][T14682]  ? rw_verify_area+0x55e/0x6f0
[  763.456298][T14682]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  763.461854][T14682]  vfs_read+0x1fc/0xb70
[  763.466025][T14682]  ? __pfx___mutex_lock+0x10/0x10
[  763.471056][T14682]  ? __pfx_vfs_read+0x10/0x10
[  763.475733][T14682]  ? __fget_files+0x2a/0x410
[  763.480324][T14682]  ? __fget_files+0x395/0x410
[  763.484997][T14682]  ? __fget_files+0x2a/0x410
[  763.489586][T14682]  ksys_read+0x18f/0x2b0
[  763.493830][T14682]  ? __pfx_ksys_read+0x10/0x10
[  763.498590][T14682]  ? do_syscall_64+0x100/0x230
[  763.503354][T14682]  ? do_syscall_64+0xb6/0x230
[  763.508033][T14682]  do_syscall_64+0xf3/0x230
[  763.512553][T14682]  ? clear_bhb_loop+0x35/0x90
[  763.517256][T14682]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  763.523156][T14682] RIP: 0033:0x7ff67417e8ec
[  763.527571][T14682] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  763.547186][T14682] RSP: 002b:00007ff674f22050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  763.555606][T14682] RAX: ffffffffffffffda RBX: 00007ff674345fa0 RCX: 00007ff67417e8ec
[  763.563577][T14682] RDX: 000000000000000f RSI: 00007ff674f220b0 RDI: 0000000000000005
[  763.571542][T14682] RBP: 00007ff674f220a0 R08: 0000000000000000 R09: 0000000000000000
[  763.579506][T14682] R10: 000000000000001e R11: 0000000000000246 R12: 0000000000000001
[  763.587471][T14682] R13: 0000000000000000 R14: 00007ff674345fa0 R15: 00007ffc388265f8
[  763.595453][T14682]  </TASK>
[  763.653616][ T5933] cdc_ncm 2-1:1.0: bind() failure
[  763.661910][ T5933] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  763.751096][T14696] tipc: Failed to obtain node identity
[  763.756672][T14696] tipc: Enabling of bearer <ib:veth1_vlan> rejected, failed to enable media
[  764.288597][ T5933] cdc_ncm 2-1:1.1: bind() failure
[  764.303409][ T5933] usb 2-1: USB disconnect, device number 44
[  764.431863][T14701] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2537'.
[  765.085005][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  765.266911][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  765.276331][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  765.576490][ T5933] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  766.752037][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  766.905328][ T5933] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  766.940705][ T5933] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  767.103048][ T5933] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  767.359256][ T5933] usb 2-1: New USB device found, idVendor=a9cd, idProduct=cdee, bcdDevice= 5.b9
[  767.576148][ T5933] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  767.589521][ T5933] usb 2-1: config 0 descriptor??
[  767.632797][ T5933] usb 2-1: can't set config #0, error -71
[  767.649156][ T5933] usb 2-1: USB disconnect, device number 45
[  767.672484][ T6891] udevd[6891]: setting mode of /dev/bus/usb/002/045 to 020664 failed: No such file or directory
[  767.703872][ T6891] udevd[6891]: setting owner of /dev/bus/usb/002/045 to uid=0, gid=0 failed: No such file or directory
[  767.921714][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  768.019783][T14747] tipc: Enabling of bearer <ib:veth1_vlan> rejected, already enabled
[  768.659941][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  769.540112][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  770.328824][T14779] FAULT_INJECTION: forcing a failure.
[  770.328824][T14779] name failslab, interval 1, probability 0, space 0, times 0
[  770.405448][T14779] CPU: 1 UID: 0 PID: 14779 Comm: syz.5.2560 Not tainted 6.13.0-rc2-syzkaller #0
[  770.414520][T14779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  770.424589][T14779] Call Trace:
[  770.427862][T14779]  <TASK>
[  770.430780][T14779]  dump_stack_lvl+0x241/0x360
[  770.435448][T14779]  ? __pfx_dump_stack_lvl+0x10/0x10
[  770.440637][T14779]  ? __pfx__printk+0x10/0x10
[  770.445217][T14779]  ? kmem_cache_alloc_noprof+0x48/0x380
[  770.450753][T14779]  ? __pfx___might_resched+0x10/0x10
[  770.456033][T14779]  should_fail_ex+0x3b0/0x4e0
[  770.460708][T14779]  should_failslab+0xac/0x100
[  770.465393][T14779]  ? getname_flags+0xb7/0x540
[  770.470058][T14779]  kmem_cache_alloc_noprof+0x70/0x380
[  770.475422][T14779]  getname_flags+0xb7/0x540
[  770.479912][T14779]  do_sys_openat2+0xd2/0x1d0
[  770.484485][T14779]  ? __pfx_do_sys_openat2+0x10/0x10
[  770.489681][T14779]  ? __fget_files+0x2a/0x410
[  770.494269][T14779]  ? __fget_files+0x2a/0x410
[  770.498871][T14779]  __x64_sys_openat+0x247/0x2a0
[  770.503711][T14779]  ? __pfx___x64_sys_openat+0x10/0x10
[  770.509076][T14779]  ? do_syscall_64+0x100/0x230
[  770.513838][T14779]  ? do_syscall_64+0xb6/0x230
[  770.518516][T14779]  do_syscall_64+0xf3/0x230
[  770.523015][T14779]  ? clear_bhb_loop+0x35/0x90
[  770.527685][T14779]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  770.533569][T14779] RIP: 0033:0x7ff67417fed9
[  770.537970][T14779] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  770.557564][T14779] RSP: 002b:00007ff674f22058 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  770.565967][T14779] RAX: ffffffffffffffda RBX: 00007ff674345fa0 RCX: 00007ff67417fed9
[  770.573925][T14779] RDX: 000000000008e383 RSI: 0000000020000080 RDI: ffffffffffffff9c
[  770.581884][T14779] RBP: 00007ff674f220a0 R08: 0000000000000000 R09: 0000000000000000
[  770.589846][T14779] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  770.597812][T14779] R13: 0000000000000000 R14: 00007ff674345fa0 R15: 00007ffc388265f8
[  770.605773][T14779]  </TASK>
[  770.608897][    C1] vkms_vblank_simulate: vblank timer overrun
[  770.666364][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  770.807232][ T5874] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  770.964280][ T5874] usb 4-1: device descriptor read/64, error -71
[  771.242242][ T5874] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  771.391953][ T5874] usb 4-1: device descriptor read/64, error -71
[  771.511561][ T5874] usb usb4-port1: attempt power cycle
[  771.875988][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  771.968630][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  771.981113][ T5874] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  772.059433][ T5874] usb 4-1: device descriptor read/8, error -71
[  773.631183][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  773.642466][ T5874] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[  773.907308][ T5874] usb 4-1: device descriptor read/8, error -71
[  774.034034][ T5874] usb usb4-port1: unable to enumerate USB device
[  774.560556][T14841] FAULT_INJECTION: forcing a failure.
[  774.560556][T14841] name failslab, interval 1, probability 0, space 0, times 0
[  774.589097][T14837] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2577'.
[  774.806384][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  774.845516][T14841] CPU: 1 UID: 0 PID: 14841 Comm: syz.0.2578 Not tainted 6.13.0-rc2-syzkaller #0
[  774.854593][T14841] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  774.864675][T14841] Call Trace:
[  774.867972][T14841]  <TASK>
[  774.870907][T14841]  dump_stack_lvl+0x241/0x360
[  774.875588][T14841]  ? __pfx_dump_stack_lvl+0x10/0x10
[  774.880787][T14841]  ? __pfx__printk+0x10/0x10
[  774.885378][T14841]  ? kmem_cache_alloc_noprof+0x48/0x380
[  774.890928][T14841]  ? __pfx___might_resched+0x10/0x10
[  774.896221][T14841]  should_fail_ex+0x3b0/0x4e0
[  774.900908][T14841]  should_failslab+0xac/0x100
[  774.905589][T14841]  ? vm_area_dup+0x61/0x290
[  774.910095][T14841]  kmem_cache_alloc_noprof+0x70/0x380
[  774.915474][T14841]  vm_area_dup+0x61/0x290
[  774.919812][T14841]  __split_vma+0x1cb/0xc50
[  774.924241][T14841]  ? __pfx___split_vma+0x10/0x10
[  774.929186][T14841]  vma_modify+0x244/0x330
[  774.933523][T14841]  vma_modify_flags+0x3a5/0x430
[  774.938379][T14841]  ? __pfx_vma_modify_flags+0x10/0x10
[  774.943770][T14841]  mlock_fixup+0x21d/0x350
[  774.948187][T14841]  apply_vma_lock_flags+0x38d/0x510
[  774.953384][T14841]  ? __pfx_apply_vma_lock_flags+0x10/0x10
[  774.959101][T14841]  ? __pfx_down_write_killable+0x10/0x10
[  774.964734][T14841]  ? __mutex_unlock_slowpath+0x21e/0x790
[  774.970365][T14841]  ? __pfx_vfs_write+0x10/0x10
[  774.975129][T14841]  do_mlock+0x53d/0x7e0
[  774.979280][T14841]  ? __fget_files+0x2a/0x410
[  774.983877][T14841]  ? __pfx_do_mlock+0x10/0x10
[  774.988557][T14841]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  774.994539][T14841]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  775.000880][T14841]  ? do_syscall_64+0x100/0x230
[  775.005659][T14841]  __x64_sys_mlock+0x60/0x70
[  775.010246][T14841]  do_syscall_64+0xf3/0x230
[  775.014745][T14841]  ? clear_bhb_loop+0x35/0x90
[  775.019425][T14841]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  775.025315][T14841] RIP: 0033:0x7feef7d7fed9
[  775.029724][T14841] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  775.049327][T14841] RSP: 002b:00007feef8af2058 EFLAGS: 00000246 ORIG_RAX: 0000000000000095
[  775.057737][T14841] RAX: ffffffffffffffda RBX: 00007feef7f46080 RCX: 00007feef7d7fed9
[  775.065704][T14841] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000000020000000
[  775.073667][T14841] RBP: 00007feef8af20a0 R08: 0000000000000000 R09: 0000000000000000
[  775.081633][T14841] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  775.089596][T14841] R13: 0000000000000001 R14: 00007feef7f46080 R15: 00007ffdfbe33ee8
[  775.097577][T14841]  </TASK>
[  775.100605][    C1] vkms_vblank_simulate: vblank timer overrun
[  775.188191][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  775.348013][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  775.416133][T14844] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2579'.
[  775.511630][T14848] IPVS: set_ctl: invalid protocol: 108 172.20.20.170:20003
[  776.270953][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  776.676626][T14860] ALSA: mixer_oss: invalid OSS volume ''
[  777.020959][T14875] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2589'.
[  777.123841][T14882] syz.4.2592 (14882): attempted to duplicate a private mapping with mremap.  This is not supported.
[  777.186141][   T46] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  777.357230][   T46] usb 1-1: Using ep0 maxpacket: 8
[  777.364192][   T46] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  777.373769][   T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  777.392149][   T46] usb 1-1: config 0 descriptor??
[  777.408495][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  778.426333][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  778.603081][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  780.028160][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  780.091600][T14909] netlink: 80 bytes leftover after parsing attributes in process `syz.3.2599'.
[  781.537450][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  781.676574][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  782.184743][   T46] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  782.196509][   T46] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9
[  782.252990][   T46] asix 1-1:0.0: probe with driver asix failed with error -71
[  782.540983][   T46] usb 1-1: USB disconnect, device number 55
[  782.618325][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  782.995101][T14942] fuse: Bad value for 'fd'
[  784.005621][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  784.634212][   T25] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[  785.386757][   T25] usb 4-1: Using ep0 maxpacket: 32
[  785.427000][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  785.440136][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  785.464824][   T25] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  785.556700][   T25] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  785.667563][   T25] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  785.698654][   T25] usb 4-1: Product: syz
[  785.714231][   T25] usb 4-1: Manufacturer: syz
[  785.719245][   T25] usb 4-1: SerialNumber: syz
[  785.815948][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  786.107799][   T25] usb 4-1: config 0 descriptor??
[  786.114387][T14954] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  787.162408][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  787.198420][ T5824] usb 4-1: USB disconnect, device number 61
[  787.439497][T14984] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  787.448253][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  788.637360][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  788.728168][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  790.317173][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  790.631155][T15018] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2626'.
[  791.474233][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  791.495799][ T5833] Bluetooth: hci4: command 0x0405 tx timeout
[  791.685638][T15027] netlink: 'syz.4.2627': attribute type 10 has an invalid length.
[  791.974129][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  792.221519][T15008] tmpfs: Bad value for 'mpol'
[  792.227387][T15008] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2625'.
[  793.336257][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  793.388003][T15054] netlink: 'syz.3.2635': attribute type 10 has an invalid length.
[  793.421176][T15052] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  794.451566][ T5875] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[  794.492261][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  794.971983][T15086] fuse: Bad value for 'fd'
[  795.295993][ T5875] usb 5-1: Using ep0 maxpacket: 8
[  795.302908][ T5875] usb 5-1: config 0 has an invalid interface number: 141 but max is 0
[  795.316125][ T5875] usb 5-1: config 0 has no interface number 0
[  795.329666][ T5875] usb 5-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=ee.8a
[  795.339150][ T5875] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  795.347331][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  795.386296][ T5875] usb 5-1: Product: syz
[  795.390496][ T5875] usb 5-1: Manufacturer: syz
[  795.395166][ T5875] usb 5-1: SerialNumber: syz
[  795.907786][T15096] loop6: detected capacity change from 0 to 524287952
[  795.912745][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  795.923137][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  795.934722][ T5875] usb 5-1: config 0 descriptor??
[  796.072599][ T5875] gspca_main: sq905-2.14.0 probing 2770:9120
[  796.928296][ T5875] gspca_sq905: sq905_command: usb_control_msg failed (-110)
[  796.936427][ T5875] sq905 5-1:0.141: probe with driver sq905 failed with error -110
[  796.994091][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  797.000992][ T5875] usb 5-1: USB disconnect, device number 65
[  797.298032][T15118] FAULT_INJECTION: forcing a failure.
[  797.298032][T15118] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  797.311307][T15118] CPU: 0 UID: 0 PID: 15118 Comm: syz.3.2652 Not tainted 6.13.0-rc2-syzkaller #0
[  797.320360][T15118] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  797.330447][T15118] Call Trace:
[  797.333742][T15118]  <TASK>
[  797.336686][T15118]  dump_stack_lvl+0x241/0x360
[  797.341391][T15118]  ? __pfx_dump_stack_lvl+0x10/0x10
[  797.346617][T15118]  ? __pfx__printk+0x10/0x10
[  797.351227][T15118]  ? __pfx_lock_release+0x10/0x10
[  797.356283][T15118]  should_fail_ex+0x3b0/0x4e0
[  797.360995][T15118]  strncpy_from_user+0x36/0x270
[  797.365880][T15118]  getname_flags+0xf1/0x540
[  797.370411][T15118]  __x64_sys_mknod+0x79/0xa0
[  797.370532][ T7228] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[  797.375007][T15118]  do_syscall_64+0xf3/0x230
[  797.375039][T15118]  ? clear_bhb_loop+0x35/0x90
[  797.375066][T15118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  797.375089][T15118] RIP: 0033:0x7fb26177fed9
[  797.375107][T15118] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  797.375123][T15118] RSP: 002b:00007fb262629058 EFLAGS: 00000246 ORIG_RAX: 0000000000000085
[  797.375145][T15118] RAX: ffffffffffffffda RBX: 00007fb261945fa0 RCX: 00007fb26177fed9
[  797.375159][T15118] RDX: 0000000000000706 RSI: 0000000000000000 RDI: 00000000200002c0
[  797.375172][T15118] RBP: 00007fb2626290a0 R08: 0000000000000000 R09: 0000000000000000
[  797.375186][T15118] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  797.375198][T15118] R13: 0000000000000000 R14: 00007fb261945fa0 R15: 00007ffe18d78508
[  797.375225][T15118]  </TASK>
[  797.712255][ T7228] usb 6-1: Using ep0 maxpacket: 32
[  798.089581][T15124] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2653'.
[  798.252920][ T7228] usb 6-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  798.267700][ T7228] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  798.296284][ T7228] usb 6-1: config 0 descriptor??
[  798.329842][ T7228] gspca_main: sunplus-2.14.0 probing 041e:400b
[  798.653803][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  798.689626][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  798.747356][ T3559] Bluetooth: Error in BCSP hdr checksum
[  798.845942][T15131] mkiss: ax0: crc mode is auto.
[  799.187501][ T5875] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[  799.401221][   T29] audit: type=1326 audit(2000003168.229:5538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15135 comm="syz.1.2657" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa72977fed9 code=0x0
[  799.422404][    C1] vkms_vblank_simulate: vblank timer overrun
[  799.828920][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  799.871616][ T5875] usb 4-1: Using ep0 maxpacket: 16
[  799.886648][ T5875] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  799.897960][ T5875] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  799.909390][ T5875] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  800.523660][ T7228] gspca_sunplus: reg_w_riv err -110
[  800.529068][ T7228] sunplus 6-1:0.0: probe with driver sunplus failed with error -110
[  800.577364][ T5875] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  800.586454][ T5875] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  800.595406][ T5875] usb 4-1: Product: syz
[  800.599809][ T5875] usb 4-1: Manufacturer: syz
[  800.604487][ T5875] usb 4-1: SerialNumber: syz
[  800.816677][ T7228] usb 6-1: USB disconnect, device number 26
[  801.018645][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  801.055694][ T5830] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  802.081559][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  802.187484][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  803.296363][ T5875] usb 4-1: 0:2 : does not exist
[  803.343027][ T5875] usb 4-1: 1:0: cannot get min/max values for control 4 (id 1)
[  803.444635][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  803.467520][ T5875] usb 4-1: USB disconnect, device number 62
[  803.621502][T15182] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2669'.
[  804.516817][T15190] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2671'.
[  804.605014][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  805.215071][T15190] tmpfs: Unknown parameter 'usrqck_hardlimit'
[  805.366721][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  805.864042][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  806.467781][T15222] netlink: 88 bytes leftover after parsing attributes in process `syz.5.2676'.
[  806.915960][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  806.953968][ T7228] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  807.171238][T15220] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2676'.
[  807.266984][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  807.646596][ T7228] usb 1-1: Using ep0 maxpacket: 8
[  807.676122][ T7228] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  807.687208][ T7228] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  807.697039][ T7228] usb 1-1: New USB device found, idVendor=046d, idProduct=c707, bcdDevice= 0.00
[  807.706128][ T7228] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  807.717163][ T7228] usb 1-1: config 0 descriptor??
[  808.374234][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  808.403143][ T7228] usbhid 1-1:0.0: can't add hid device: -71
[  808.409488][ T7228] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  808.419643][ T7228] usb 1-1: USB disconnect, device number 56
[  808.538242][T15241] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2687'.
[  808.550630][T15241] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2687'.
[  808.561097][T15241] netlink: 'syz.1.2687': attribute type 12 has an invalid length.
[  808.569391][T15241] netlink: 'syz.1.2687': attribute type 11 has an invalid length.
[  809.024615][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  809.088232][T15241] trusted_key: encrypted_key: keyword 'ë?w' not recognized
[  809.536637][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  809.966589][T15260] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2690'.
[  810.017239][T15260] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2690'.
[  811.511701][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  812.122633][T15281] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2698'.
[  812.208758][   T25] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  812.242277][T15284] ALSA: mixer_oss: invalid OSS volume ''
[  812.337537][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  812.353229][T15289] Invalid option length (1048261) for dns_resolver key
[  812.945930][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  812.955463][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  812.965325][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  812.989616][   T25] usb 2-1: New USB device found, idVendor=1b5c, idProduct=0105, bcdDevice= 1.f1
[  813.001497][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  813.010728][   T25] usb 2-1: Product: syz
[  813.015262][   T25] usb 2-1: Manufacturer: syz
[  813.019963][   T25] usb 2-1: SerialNumber: syz
[  813.028451][   T25] usb 2-1: config 0 descriptor??
[  813.044629][   T25] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[  813.055214][   T25] usb 2-1: Detected SIO
[  813.061741][   T25] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 4
[  813.074295][   T25] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 7
[  813.089863][   T25] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  813.092009][T15298] netlink: 'syz.5.2704': attribute type 2 has an invalid length.
[  813.120875][T15298] netlink: 'syz.5.2704': attribute type 9 has an invalid length.
[  813.139398][T15298] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.2704'.
[  813.293114][   T25] usb 2-1: USB disconnect, device number 46
[  813.307619][   T25] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  813.336600][   T25] ftdi_sio 2-1:0.0: device disconnected
[  814.100337][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  814.665866][T15319] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2710'.
[  814.736997][T15322] ALSA: mixer_oss: invalid OSS volume ''
[  815.220406][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  816.128809][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  816.191455][T15313] tmpfs: Bad value for 'mpol'
[  816.202539][T15313] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2708'.
[  816.499084][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  816.985113][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  817.124385][T15344] netlink: 'syz.5.2718': attribute type 2 has an invalid length.
[  817.132315][T15344] netlink: 'syz.5.2718': attribute type 9 has an invalid length.
[  817.140104][T15344] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.2718'.
[  817.166632][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  818.127720][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  818.846046][T15368] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2723'.
[  819.289407][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  819.349839][ T5933] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[  819.429947][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  819.587206][ T5933] usb 4-1: Using ep0 maxpacket: 16
[  819.635426][ T5933] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  819.680092][ T5933] usb 4-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79
[  819.730506][ T5933] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  819.756129][ T5933] usb 4-1: Product: syz
[  819.766757][ T5933] usb 4-1: Manufacturer: syz
[  819.777543][ T5933] usb 4-1: SerialNumber: syz
[  819.794937][ T5933] usb 4-1: config 0 descriptor??
[  820.232442][ T5933] usb 4-1: Invalid number of CPorts: 0
[  820.328857][ T5933] es2_ap_driver 4-1:0.0: probe with driver es2_ap_driver failed with error -22
[  820.425379][T15374] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  820.489639][T15374] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  820.515422][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  820.978673][T15404] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2734'.
[  821.116291][T15406] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2735'.
[  821.130076][T15406] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2735'.
[  821.637473][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  821.742800][T15415] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2737'.
[  821.793312][T15417] hsr0: entered promiscuous mode
[  822.191843][T15424] netlink: 68 bytes leftover after parsing attributes in process `syz.5.2739'.
[  822.349592][ T5824] usb 4-1: USB disconnect, device number 63
[  822.642851][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  822.792626][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  823.109064][T15446] netlink: 'syz.3.2747': attribute type 1 has an invalid length.
[  823.116334][T15444] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2746'.
[  823.262775][T15444] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2746'.
[  824.021508][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  824.041589][T15449] IPVS: dh: UDP 224.0.0.2:0 - no destination available
[  824.088823][T15452] bridge0: entered promiscuous mode
[  824.094799][T15452] macvlan3: entered promiscuous mode
[  824.107304][T15452] bridge0: left promiscuous mode
[  824.265130][T15459] FAULT_INJECTION: forcing a failure.
[  824.265130][T15459] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  824.308940][T15459] CPU: 0 UID: 0 PID: 15459 Comm: syz.3.2752 Not tainted 6.13.0-rc2-syzkaller #0
[  824.318021][T15459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  824.328101][T15459] Call Trace:
[  824.331402][T15459]  <TASK>
[  824.334354][T15459]  dump_stack_lvl+0x241/0x360
[  824.339057][T15459]  ? __pfx_dump_stack_lvl+0x10/0x10
[  824.344278][T15459]  ? __pfx__printk+0x10/0x10
[  824.348897][T15459]  ? snprintf+0xda/0x120
[  824.353160][T15459]  should_fail_ex+0x3b0/0x4e0
[  824.357874][T15459]  _copy_to_user+0x31/0xb0
[  824.362316][T15459]  simple_read_from_buffer+0xca/0x150
[  824.367716][T15459]  proc_fail_nth_read+0x1e9/0x250
[  824.372765][T15459]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  824.378337][T15459]  ? rw_verify_area+0x55e/0x6f0
[  824.383207][T15459]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  824.388775][T15459]  vfs_read+0x1fc/0xb70
[  824.392951][T15459]  ? __pfx___mutex_lock+0x10/0x10
[  824.397997][T15459]  ? __pfx_vfs_read+0x10/0x10
[  824.402696][T15459]  ? __fget_files+0x2a/0x410
[  824.407305][T15459]  ? __fget_files+0x395/0x410
[  824.412000][T15459]  ? __fget_files+0x2a/0x410
[  824.416617][T15459]  ksys_read+0x18f/0x2b0
[  824.420885][T15459]  ? __pfx_ksys_read+0x10/0x10
[  824.425668][T15459]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  824.432013][T15459]  ? do_syscall_64+0xb6/0x230
[  824.436711][T15459]  do_syscall_64+0xf3/0x230
[  824.441236][T15459]  ? clear_bhb_loop+0x35/0x90
[  824.445944][T15459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  824.451859][T15459] RIP: 0033:0x7fb26177e8ec
[  824.456289][T15459] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  824.475910][T15459] RSP: 002b:00007fb262629050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  824.484323][T15459] RAX: ffffffffffffffda RBX: 00007fb261945fa0 RCX: 00007fb26177e8ec
[  824.492286][T15459] RDX: 000000000000000f RSI: 00007fb2626290b0 RDI: 0000000000000003
[  824.500267][T15459] RBP: 00007fb2626290a0 R08: 0000000000000000 R09: 0000000000000000
[  824.508237][T15459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  824.516203][T15459] R13: 0000000000000000 R14: 00007fb261945fa0 R15: 00007ffe18d78508
[  824.524193][T15459]  </TASK>
[  824.609689][ T5933] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[  824.684977][T15471] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2755'.
[  824.725942][T15466] 9pnet_fd: Insufficient options for proto=fd
[  824.967332][T15478] netlink: 'syz.1.2754': attribute type 10 has an invalid length.
[  824.967360][T15478] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2754'.
[  825.000819][ T5933] usb 5-1: Using ep0 maxpacket: 8
[  825.018278][ T5933] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  825.030111][T15478] team0: Device geneve0 is of different type
[  825.036140][T15478] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[  825.133344][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  825.460074][ T5933] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  825.472702][ T5933] usb 5-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  825.482072][ T5933] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  825.490334][ T5933] usb 5-1: Product: syz
[  825.494599][ T5933] usb 5-1: Manufacturer: syz
[  825.499368][ T5933] usb 5-1: SerialNumber: syz
[  825.506886][ T5933] usb 5-1: config 0 descriptor??
[  825.659692][T15495] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2761'.
[  825.715272][T15495] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2761'.
[  825.766518][T15457] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  825.789297][T15457] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  825.949246][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  825.961380][ T5933] usb 5-1: USB disconnect, device number 66
[  826.500256][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  826.647812][T15504] netlink: 'syz.0.2764': attribute type 2 has an invalid length.
[  826.661555][T15504] netlink: 'syz.0.2764': attribute type 9 has an invalid length.
[  826.715695][T15504] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2764'.
[  827.346892][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  827.518641][T15515] FAULT_INJECTION: forcing a failure.
[  827.518641][T15515] name failslab, interval 1, probability 0, space 0, times 0
[  828.143177][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  828.180376][T15515] CPU: 0 UID: 0 PID: 15515 Comm: syz.4.2767 Not tainted 6.13.0-rc2-syzkaller #0
[  828.189438][T15515] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  828.199488][T15515] Call Trace:
[  828.202770][T15515]  <TASK>
[  828.205695][T15515]  dump_stack_lvl+0x241/0x360
[  828.210372][T15515]  ? __pfx_dump_stack_lvl+0x10/0x10
[  828.215562][T15515]  ? __pfx__printk+0x10/0x10
[  828.220142][T15515]  ? fs_reclaim_acquire+0x93/0x130
[  828.225242][T15515]  ? __pfx___might_resched+0x10/0x10
[  828.230521][T15515]  ? lockdep_init_map_type+0xa1/0x910
[  828.235907][T15515]  should_fail_ex+0x3b0/0x4e0
[  828.240620][T15515]  should_failslab+0xac/0x100
[  828.245296][T15515]  ? security_inode_alloc+0x37/0x310
[  828.250571][T15515]  kmem_cache_alloc_noprof+0x70/0x380
[  828.255932][T15515]  security_inode_alloc+0x37/0x310
[  828.261036][T15515]  inode_init_always_gfp+0xa0f/0xd90
[  828.266311][T15515]  ? __pfx_sock_alloc_inode+0x10/0x10
[  828.271677][T15515]  alloc_inode+0x9f/0x1a0
[  828.276009][T15515]  do_accept+0x130/0x6d0
[  828.280353][T15515]  ? __pfx_do_accept+0x10/0x10
[  828.285128][T15515]  __sys_accept4+0x11f/0x1d0
[  828.289735][T15515]  ? __pfx___sys_accept4+0x10/0x10
[  828.295059][T15515]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  828.301415][T15515]  ? do_syscall_64+0x100/0x230
[  828.306205][T15515]  __x64_sys_accept+0x7d/0x90
[  828.310923][T15515]  do_syscall_64+0xf3/0x230
[  828.315450][T15515]  ? clear_bhb_loop+0x35/0x90
[  828.320158][T15515]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  828.326074][T15515] RIP: 0033:0x7fd58217fed9
[  828.330502][T15515] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  828.350134][T15515] RSP: 002b:00007fd582fed058 EFLAGS: 00000246 ORIG_RAX: 000000000000002b
[  828.358583][T15515] RAX: ffffffffffffffda RBX: 00007fd582345fa0 RCX: 00007fd58217fed9
[  828.366584][T15515] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  828.374579][T15515] RBP: 00007fd582fed0a0 R08: 0000000000000000 R09: 0000000000000000
[  828.382568][T15515] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  828.390555][T15515] R13: 0000000000000000 R14: 00007fd582345fa0 R15: 00007ffeaa50ec58
[  828.398575][T15515]  </TASK>
[  828.401734][    C0] vkms_vblank_simulate: vblank timer overrun
[  829.261980][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  829.315574][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  829.965930][ T5903] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[  830.372585][ T5903] usb 6-1: too many configurations: 36, using maximum allowed: 8
[  830.474033][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  830.528869][ T5903] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  830.561925][ T5903] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  830.582024][ T5903] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  830.608985][ T5903] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  830.648984][ T5903] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  830.679802][ T5903] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  830.734139][ T5903] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  830.767525][ T5903] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  830.799350][ T5903] usb 6-1: New USB device found, idVendor=03da, idProduct=2820, bcdDevice=52.3c
[  830.817205][ T5903] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  830.869016][ T5903] usb 6-1: config 0 descriptor??
[  830.897169][ T5903] usb 6-1: bad CDC descriptors
[  831.032408][T15553] FAULT_INJECTION: forcing a failure.
[  831.032408][T15553] name failslab, interval 1, probability 0, space 0, times 0
[  831.121117][T15553] CPU: 1 UID: 0 PID: 15553 Comm: syz.3.2780 Not tainted 6.13.0-rc2-syzkaller #0
[  831.130189][T15553] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  831.140256][T15553] Call Trace:
[  831.143533][T15553]  <TASK>
[  831.146458][T15553]  dump_stack_lvl+0x241/0x360
[  831.151136][T15553]  ? __pfx_dump_stack_lvl+0x10/0x10
[  831.156333][T15553]  ? __pfx__printk+0x10/0x10
[  831.160926][T15553]  ? __kmalloc_cache_noprof+0x48/0x390
[  831.166382][T15553]  ? __pfx___might_resched+0x10/0x10
[  831.171689][T15553]  should_fail_ex+0x3b0/0x4e0
[  831.176382][T15553]  should_failslab+0xac/0x100
[  831.181064][T15553]  ? __pfx_io_ring_ctx_ref_free+0x10/0x10
[  831.186785][T15553]  __kmalloc_cache_noprof+0x70/0x390
[  831.192072][T15553]  ? percpu_ref_init+0xbf/0x360
[  831.196924][T15553]  ? __pfx_io_ring_ctx_ref_free+0x10/0x10
[  831.202643][T15553]  percpu_ref_init+0xbf/0x360
[  831.207322][T15553]  io_ring_ctx_alloc+0x2b5/0x1990
[  831.212345][T15553]  io_uring_create+0x40/0xc00
[  831.217021][T15553]  __se_sys_io_uring_setup+0x2ba/0x330
[  831.222480][T15553]  ? __pfx___se_sys_io_uring_setup+0x10/0x10
[  831.228468][T15553]  ? do_syscall_64+0x100/0x230
[  831.233234][T15553]  ? do_syscall_64+0xb6/0x230
[  831.237911][T15553]  do_syscall_64+0xf3/0x230
[  831.242416][T15553]  ? clear_bhb_loop+0x35/0x90
[  831.247094][T15553]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  831.252986][T15553] RIP: 0033:0x7fb26177fed9
[  831.257408][T15553] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  831.277006][T15553] RSP: 002b:00007fb262628fe8 EFLAGS: 00000206 ORIG_RAX: 00000000000001a9
[  831.285420][T15553] RAX: ffffffffffffffda RBX: 00007fb261945fa0 RCX: 00007fb26177fed9
[  831.293384][T15553] RDX: 00000000200001c0 RSI: 0000000020000080 RDI: 0000000000000239
[  831.301351][T15553] RBP: 0000000020000080 R08: 0000000000000000 R09: 00000000200001c0
[  831.309316][T15553] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  831.317280][T15553] R13: 0000000020000000 R14: 0000000000000239 R15: 00000000200001c0
[  831.325257][T15553]  </TASK>
[  831.707879][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  831.814721][T15529] loop2: detected capacity change from 0 to 7
[  831.860469][T15529] Dev loop2: unable to read RDB block 7
[  831.908594][T15529]  loop2: unable to read partition table
[  831.969309][T15560] netlink: 'syz.3.2781': attribute type 4 has an invalid length.
[  831.999452][T15529] loop2: partition table beyond EOD, truncated
[  832.005658][T15529] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  832.018341][T15559] 9p: Unknown access argument 18446744073709551615: -34
[  832.183904][T15572] FAULT_INJECTION: forcing a failure.
[  832.183904][T15572] name failslab, interval 1, probability 0, space 0, times 0
[  832.196652][T15572] CPU: 0 UID: 0 PID: 15572 Comm: syz.1.2782 Not tainted 6.13.0-rc2-syzkaller #0
[  832.205690][T15572] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  832.215751][T15572] Call Trace:
[  832.219037][T15572]  <TASK>
[  832.221979][T15572]  dump_stack_lvl+0x241/0x360
[  832.226674][T15572]  ? __pfx_dump_stack_lvl+0x10/0x10
[  832.231886][T15572]  ? __pfx__printk+0x10/0x10
[  832.236490][T15572]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  832.242481][T15572]  ? __pfx___might_resched+0x10/0x10
[  832.247785][T15572]  should_fail_ex+0x3b0/0x4e0
[  832.252481][T15572]  should_failslab+0xac/0x100
[  832.257176][T15572]  kmem_cache_alloc_node_noprof+0x77/0x380
[  832.262997][T15572]  ? __alloc_skb+0x1c3/0x440
[  832.267603][T15572]  __alloc_skb+0x1c3/0x440
[  832.272036][T15572]  ? __pfx___alloc_skb+0x10/0x10
[  832.276983][T15572]  ? netlink_autobind+0xd6/0x2f0
[  832.281929][T15572]  ? netlink_autobind+0x2b0/0x2f0
[  832.286968][T15572]  netlink_sendmsg+0x638/0xcb0
[  832.291760][T15572]  ? __pfx_netlink_sendmsg+0x10/0x10
[  832.297073][T15572]  ? __pfx_netlink_sendmsg+0x10/0x10
[  832.302378][T15572]  __sock_sendmsg+0x221/0x270
[  832.307086][T15572]  ____sys_sendmsg+0x52a/0x7e0
[  832.311883][T15572]  ? __pfx_____sys_sendmsg+0x10/0x10
[  832.317186][T15572]  ? __fget_files+0x2a/0x410
[  832.321799][T15572]  ? __fget_files+0x2a/0x410
[  832.326409][T15572]  __sys_sendmsg+0x269/0x350
[  832.331015][T15572]  ? __pfx_lock_release+0x10/0x10
[  832.336062][T15572]  ? __pfx___sys_sendmsg+0x10/0x10
[  832.341204][T15572]  ? __pfx_vfs_write+0x10/0x10
[  832.346013][T15572]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  832.352354][T15572]  ? do_syscall_64+0x100/0x230
[  832.357145][T15572]  ? do_syscall_64+0xb6/0x230
[  832.361844][T15572]  do_syscall_64+0xf3/0x230
[  832.366365][T15572]  ? clear_bhb_loop+0x35/0x90
[  832.371075][T15572]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  832.376984][T15572] RIP: 0033:0x7fa72977fed9
[  832.381411][T15572] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  832.401031][T15572] RSP: 002b:00007fa72a5e2058 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  832.409460][T15572] RAX: ffffffffffffffda RBX: 00007fa729946160 RCX: 00007fa72977fed9
[  832.417452][T15572] RDX: 0000000000000000 RSI: 0000000020000140 RDI: 0000000000000007
[  832.425433][T15572] RBP: 00007fa72a5e20a0 R08: 0000000000000000 R09: 0000000000000000
[  832.433411][T15572] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  832.441393][T15572] R13: 0000000000000000 R14: 00007fa729946160 R15: 00007ffea19c6538
[  832.449387][T15572]  </TASK>
[  832.890194][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  833.106278][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  833.119526][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  834.208208][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  834.482476][T15565] tmpfs: Bad value for 'mpol'
[  834.506659][T15565] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2784'.
[  834.545017][T15580] netlink: 120 bytes leftover after parsing attributes in process `syz.4.2787'.
[  834.602779][T15580] A link change request failed with some changes committed already. Interface wlan1 may have been left with an inconsistent configuration, please check.
[  835.076578][ T5903] usb 6-1: USB disconnect, device number 27
[  835.435573][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  836.326664][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  836.359301][T15606] ieee802154 phy0 wpan0: encryption failed: -22
[  837.231744][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  837.745730][T15604] hfs: unable to load iocharset "io#harset"
[  838.163697][T15631] netlink: 132 bytes leftover after parsing attributes in process `syz.4.2800'.
[  838.389694][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  838.484688][T15638] FAULT_INJECTION: forcing a failure.
[  838.484688][T15638] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  838.603996][T15638] CPU: 1 UID: 0 PID: 15638 Comm: syz.1.2801 Not tainted 6.13.0-rc2-syzkaller #0
[  838.613073][T15638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  838.623137][T15638] Call Trace:
[  838.626429][T15638]  <TASK>
[  838.629357][T15638]  dump_stack_lvl+0x241/0x360
[  838.634042][T15638]  ? __pfx_dump_stack_lvl+0x10/0x10
[  838.639242][T15638]  ? __pfx__printk+0x10/0x10
[  838.643837][T15638]  ? snprintf+0xda/0x120
[  838.648082][T15638]  should_fail_ex+0x3b0/0x4e0
[  838.652769][T15638]  _copy_to_user+0x31/0xb0
[  838.657189][T15638]  simple_read_from_buffer+0xca/0x150
[  838.662589][T15638]  proc_fail_nth_read+0x1e9/0x250
[  838.667614][T15638]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  838.673172][T15638]  ? rw_verify_area+0x55e/0x6f0
[  838.678019][T15638]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  838.683569][T15638]  vfs_read+0x1fc/0xb70
[  838.687729][T15638]  ? __pfx___mutex_lock+0x10/0x10
[  838.692757][T15638]  ? __pfx_vfs_read+0x10/0x10
[  838.697432][T15638]  ? __fget_files+0x2a/0x410
[  838.702018][T15638]  ? __fget_files+0x395/0x410
[  838.706686][T15638]  ? __fget_files+0x2a/0x410
[  838.711276][T15638]  ksys_read+0x18f/0x2b0
[  838.715522][T15638]  ? __pfx_ksys_read+0x10/0x10
[  838.720280][T15638]  ? do_syscall_64+0x100/0x230
[  838.725048][T15638]  ? do_syscall_64+0xb6/0x230
[  838.729723][T15638]  do_syscall_64+0xf3/0x230
[  838.734224][T15638]  ? clear_bhb_loop+0x35/0x90
[  838.738900][T15638]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  838.744794][T15638] RIP: 0033:0x7fa72977e8ec
[  838.749205][T15638] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  838.768807][T15638] RSP: 002b:00007fa72a624050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  838.777219][T15638] RAX: ffffffffffffffda RBX: 00007fa729945fa0 RCX: 00007fa72977e8ec
[  838.785184][T15638] RDX: 000000000000000f RSI: 00007fa72a6240b0 RDI: 0000000000000007
[  838.793251][T15638] RBP: 00007fa72a6240a0 R08: 0000000000000000 R09: 0000000000000000
[  838.801223][T15638] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  838.809193][T15638] R13: 0000000000000000 R14: 00007fa729945fa0 R15: 00007ffea19c6538
[  838.817169][T15638]  </TASK>
[  839.521480][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  839.578347][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  840.426933][T15681] 9pnet_fd: Insufficient options for proto=fd
[  840.680754][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  841.009247][   T46] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[  841.350243][T15675] tmpfs: Bad value for 'mpol'
[  841.356979][T15675] netlink: 128 bytes leftover after parsing attributes in process `syz.3.2816'.
[  841.565369][T15691] bridge0: port 1(vlan4) entered blocking state
[  841.581072][T15691] bridge0: port 1(vlan4) entered disabled state
[  841.603127][T15691] vlan4: entered allmulticast mode
[  841.625155][T15691] bridge0: entered allmulticast mode
[  841.640200][   T46] usb 6-1: Using ep0 maxpacket: 8
[  841.649912][   T46] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  841.658601][T15691] vlan4: left allmulticast mode
[  841.663673][   T46] usb 6-1: config 0 has no interface number 0
[  841.669778][T15691] bridge0: left allmulticast mode
[  841.681416][   T46] usb 6-1: New USB device found, idVendor=0b48, idProduct=1003, bcdDevice=7b.54
[  841.691506][   T46] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  841.704425][   T46] usb 6-1: Product: syz
[  841.718682][   T46] usb 6-1: Manufacturer: syz
[  841.723404][   T46] usb 6-1: SerialNumber: syz
[  841.747233][   T46] usb 6-1: config 0 descriptor??
[  841.756330][   T46] usb 6-1: selecting invalid altsetting 1
[  841.772593][   T46] dvb_ttusb_budget: ttusb_init_controller: error
[  841.776920][T15689] bridge0: port 1(vlan4) entered blocking state
[  841.784203][   T46] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  841.809862][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  841.847828][T15689] bridge0: port 1(vlan4) entered disabled state
[  841.867020][   T46] DVB: Unable to find symbol stv0299_attach()
[  841.890726][T15689] vlan4: entered allmulticast mode
[  841.904961][   T46] DVB: Unable to find symbol tda8083_attach()
[  841.916377][   T46] dvb_ttusb_budget: no frontend driver found for device [0b48:1003]
[  841.929145][T15689] bridge0: entered allmulticast mode
[  841.945788][T15689] vlan4: left allmulticast mode
[  841.950869][T15689] bridge0: left allmulticast mode
[  841.987922][   T46] usb 6-1: USB disconnect, device number 28
[  842.157562][T15706] netlink: 'syz.0.2825': attribute type 2 has an invalid length.
[  842.801953][T15706] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(6)
[  842.808512][T15706] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  842.892352][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  842.917306][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  842.944233][T15706] vhci_hcd vhci_hcd.0: Device attached
[  843.423598][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  843.434671][T15703] tmpfs: Bad value for 'mpol'
[  843.597320][ T5824] usb 1-1: new low-speed USB device number 57 using dummy_hcd
[  843.714250][ T5875] vhci_hcd: vhci_device speed not set
[  844.109518][ T5875] usb 33-1: new full-speed USB device number 3 using vhci_hcd
[  844.132257][ T5824] usb 1-1: config 0 has no interfaces?
[  844.137770][ T5824] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  844.414567][ T5824] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  844.430801][ T5824] usb 1-1: config 0 descriptor??
[  844.444592][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  844.694244][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  844.756118][   T67] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  844.788573][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  844.797850][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  844.798056][T15710] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 2
[  844.808759][T15706] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  844.829304][T11248] vhci_hcd: stop threads
[  844.833665][T11248] vhci_hcd: release socket
[  844.838370][T11248] vhci_hcd: disconnect device
[  844.849172][T15706] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  844.875685][T15706] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  844.891966][T15706] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  845.704203][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  845.898474][ T5824] usb 1-1: string descriptor 0 read error: -71
[  845.921264][ T5824] usb 1-1: USB disconnect, device number 57
[  846.165541][T13794] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  846.333794][ T5933] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  846.404383][ T5824] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  846.579873][ T5824] usb 2-1: Using ep0 maxpacket: 8
[  846.591324][ T5933] usb 6-1: Using ep0 maxpacket: 8
[  846.620247][ T5824] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  846.643655][ T5824] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  846.661569][ T5933] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  846.677973][ T5824] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  846.686669][ T5933] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  846.698182][ T5824] usb 2-1: config 0 descriptor??
[  846.703229][ T5933] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  846.721228][ T5933] usb 6-1: config 0 descriptor??
[  846.892920][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  847.418608][ T5824] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  847.465427][ T5933] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior1
[  847.752275][ T5903] usb 2-1: USB disconnect, device number 47
[  848.296291][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  848.312279][ T5824] usb 6-1: USB disconnect, device number 29
[  848.789043][T15765] 9pnet_fd: Insufficient options for proto=fd
[  848.848986][T15765] netlink: 'syz.3.2840': attribute type 1 has an invalid length.
[  848.856869][T15765] netlink: 224 bytes leftover after parsing attributes in process `syz.3.2840'.
[  848.988596][   T29] audit: type=1326 audit(2000003214.457:5539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15757 comm="syz.3.2840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb26177fed9 code=0x7ffc0000
[  849.216507][   T29] audit: type=1326 audit(2000003214.457:5540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15757 comm="syz.3.2840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb26177fed9 code=0x7ffc0000
[  849.238505][   T29] audit: type=1326 audit(2000003214.457:5541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15757 comm="syz.3.2840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fb26177fed9 code=0x7ffc0000
[  849.260511][   T29] audit: type=1326 audit(2000003214.457:5542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15757 comm="syz.3.2840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb26177ff13 code=0x7ffc0000
[  849.282204][   T29] audit: type=1326 audit(2000003214.466:5543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15757 comm="syz.3.2840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fb26177ff13 code=0x7ffc0000
[  849.303894][   T29] audit: type=1326 audit(2000003214.466:5544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15757 comm="syz.3.2840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb26177fed9 code=0x7ffc0000
[  849.325690][   T29] audit: type=1326 audit(2000003214.466:5545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15757 comm="syz.3.2840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb26177fed9 code=0x7ffc0000
[  849.347728][   T29] audit: type=1326 audit(2000003214.466:5546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15757 comm="syz.3.2840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb26177e840 code=0x7ffc0000
[  849.369627][   T29] audit: type=1326 audit(2000003214.466:5547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15757 comm="syz.3.2840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb26177fed9 code=0x7ffc0000
[  849.391551][   T29] audit: type=1326 audit(2000003214.475:5548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15757 comm="syz.3.2840" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb26177fed9 code=0x7ffc0000
[  849.433506][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  850.267679][ T5875] vhci_hcd: vhci_device speed not set
[  850.642349][T15790] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2850'.
[  850.759291][ T7228] net_ratelimit: 1 callbacks suppressed
[  850.759312][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  851.849208][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  851.901219][ T5873] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  851.964788][T15801] bridge0: port 1(vlan3) entered blocking state
[  852.005103][T15801] bridge0: port 1(vlan3) entered disabled state
[  852.021719][T15801] vlan3: entered allmulticast mode
[  852.036680][T15801] bond0: entered allmulticast mode
[  852.047862][T15801] vlan3: entered promiscuous mode
[  852.076602][T15803] usb usb9: usbfs: process 15803 (syz.1.2855) did not claim interface 4 before use
[  852.100998][T15801] bond0: entered promiscuous mode
[  852.435002][ T5817] syz-executor (5817) used greatest stack depth: 19120 bytes left
[  852.516414][ T5873] usb 6-1: Using ep0 maxpacket: 16
[  852.523484][ T5873] usb 6-1: config 0 has an invalid interface number: 61 but max is 0
[  852.538344][ T5873] usb 6-1: config 0 has no interface number 0
[  852.544483][ T5873] usb 6-1: config 0 interface 61 altsetting 1 bulk endpoint 0xB has invalid maxpacket 8
[  852.560030][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  852.570991][ T5873] usb 6-1: config 0 interface 61 altsetting 1 bulk endpoint 0xF has invalid maxpacket 8
[  852.582831][ T5873] usb 6-1: config 0 interface 61 has no altsetting 0
[  852.629813][ T5824] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  852.723683][ T3518] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  852.734857][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  852.778835][ T5824] usb 1-1: Using ep0 maxpacket: 16
[  852.828505][ T5824] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  852.854965][ T5873] usb 6-1: New USB device found, idVendor=0a5c, idProduct=368b, bcdDevice=68.32
[  852.904482][ T5873] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  852.986256][ T5824] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  853.039768][ T5873] usb 6-1: Product: syz
[  853.094306][ T5873] usb 6-1: Manufacturer: syz
[  853.131487][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  853.141137][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  853.157965][ T5824] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  853.177310][ T5873] usb 6-1: SerialNumber: syz
[  853.198727][ T5873] usb 6-1: config 0 descriptor??
[  853.234375][ T5824] usb 1-1: New USB device found, idVendor=056a, idProduct=0304, bcdDevice= 0.00
[  853.262112][T15790] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  853.279367][T15790] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  853.298962][ T5824] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  853.316523][ T5824] usb 1-1: config 0 descriptor??
[  853.530603][ T5873] usb 6-1: USB disconnect, device number 30
[  853.599831][ T5824] usbhid 1-1:0.0: can't add hid device: -71
[  853.605819][ T5824] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  853.646709][ T5824] usb 1-1: USB disconnect, device number 58
[  854.097497][ T5830] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  854.116762][ T5830] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  854.325531][ T5830] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  854.340486][ T5830] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  854.373910][ T5830] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  854.389614][ T5830] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  854.836916][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  854.845426][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  855.012509][T15841] ALSA: mixer_oss: invalid OSS volume ''
[  855.144238][T15848] 9pnet_fd: Insufficient options for proto=fd
[  855.158911][T15855] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2871'.
[  855.797395][T15832] chnl_net:caif_netlink_parms(): no params data found
[  855.881200][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  856.462321][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  856.523415][T15844] tmpfs: Bad value for 'mpol'
[  856.544015][T15844] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2869'.
[  856.563482][T15832] bridge0: port 1(bridge_slave_0) entered blocking state
[  856.570724][T15832] bridge0: port 1(bridge_slave_0) entered disabled state
[  856.578048][T15832] bridge_slave_0: entered allmulticast mode
[  856.585389][T15832] bridge_slave_0: entered promiscuous mode
[  856.595492][T15832] bridge0: port 2(bridge_slave_1) entered blocking state
[  856.606408][T15832] bridge0: port 2(bridge_slave_1) entered disabled state
[  856.613729][T15832] bridge_slave_1: entered allmulticast mode
[  856.628139][T15832] bridge_slave_1: entered promiscuous mode
[  856.668067][T15832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  856.679522][T15832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  856.720943][T15832] team0: Port device team_slave_0 added
[  856.730164][T15832] team0: Port device team_slave_1 added
[  856.764451][T15832] batman_adv: batadv0: Adding interface: batadv_slave_0
[  856.771419][T15832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  856.805876][ T7228] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  856.808028][T15832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  856.813587][   T25] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  856.829069][T15832] batman_adv: batadv0: Adding interface: batadv_slave_1
[  856.840335][T15832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  856.867171][T15832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  856.933249][T15832] hsr_slave_0: entered promiscuous mode
[  856.939982][T15832] hsr_slave_1: entered promiscuous mode
[  856.949154][T15832] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  856.958773][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  856.967666][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  856.967898][T15832] Cannot create hsr debugfs directory
[  856.976300][ T5833] Bluetooth: hci0: command tx timeout
[  857.002587][ T7228] usb 2-1: Using ep0 maxpacket: 8
[  857.016753][ T7228] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0069, bcdDevice=6e.55
[  857.026530][   T25] usb 6-1: Using ep0 maxpacket: 32
[  857.032360][ T7228] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  857.041663][ T7228] usb 2-1: Product: syz
[  857.046359][ T7228] usb 2-1: Manufacturer: syz
[  857.051358][ T7228] usb 2-1: SerialNumber: syz
[  857.056876][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  857.068637][   T25] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  857.079970][ T7228] usb 2-1: config 0 descriptor??
[  857.086275][   T25] usb 6-1: New USB device found, idVendor=044f, idProduct=b320, bcdDevice= 0.00
[  857.095963][   T25] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  857.108549][   T25] usb 6-1: config 0 descriptor??
[  857.352113][T15832] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  857.375858][ T5873] usb 1-1: new full-speed USB device number 59 using dummy_hcd
[  857.393089][T15832] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  857.415280][T15832] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  857.416590][ T7228] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  857.440700][T15832] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  857.444363][ T7228] dvb_usb_af9015 2-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[  857.472340][ T7228] usb 2-1: USB disconnect, device number 48
[  857.540989][ T5873] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 4
[  857.544088][   T25] thrustmaster 0003:044F:B320.0012: unknown main item tag 0x0
[  857.560282][ T5873] usb 1-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=93.a8
[  857.568210][   T25] thrustmaster 0003:044F:B320.0012: unknown main item tag 0x0
[  857.587072][ T5873] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  857.588148][   T25] thrustmaster 0003:044F:B320.0012: unknown main item tag 0x0
[  857.604913][ T5873] usb 1-1: Product: syz
[  857.612826][T15832] 8021q: adding VLAN 0 to HW filter on device bond0
[  857.619972][ T5873] usb 1-1: Manufacturer: syz
[  857.624595][ T5873] usb 1-1: SerialNumber: syz
[  857.630867][   T25] thrustmaster 0003:044F:B320.0012: unknown main item tag 0x0
[  857.644331][ T5873] usb 1-1: config 0 descriptor??
[  857.648577][   T25] thrustmaster 0003:044F:B320.0012: unknown main item tag 0x0
[  857.661850][T15881] input: syz0 as /devices/virtual/input/input89
[  857.673342][   T25] thrustmaster 0003:044F:B320.0012: hidraw0: USB HID v0.00 Device [HID 044f:b320] on usb-dummy_hcd.5-1/input0
[  857.693174][   T25] thrustmaster 0003:044F:B320.0012: no inputs found
[  857.709500][T15832] 8021q: adding VLAN 0 to HW filter on device team0
[  857.723263][ T3559] bridge0: port 1(bridge_slave_0) entered blocking state
[  857.730419][ T3559] bridge0: port 1(bridge_slave_0) entered forwarding state
[  857.743287][T15883] af_packet: tpacket_rcv: packet too big, clamped from 92 to 4294967272. macoff=96
[  857.750042][T11248] bridge0: port 2(bridge_slave_1) entered blocking state
[  857.760133][T11248] bridge0: port 2(bridge_slave_1) entered forwarding state
[  857.780338][T15883] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2878'.
[  857.809789][T15881] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2878'.
[  857.872783][   T25] usb 6-1: USB disconnect, device number 31
[  858.244972][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  858.255394][ T3559] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  858.273460][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  858.291413][ T5903] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  858.404724][T15832] 8021q: adding VLAN 0 to HW filter on device batadv0
[  858.447437][ T5873] ath6kl: Failed to submit usb control message: -71
[  858.447480][ T5873] ath6kl: unable to send the bmi data to the device: -71
[  858.447498][ T5873] ath6kl: Unable to send get target info: -71
[  858.450193][ T5873] ath6kl: Failed to init ath6kl core: -71
[  858.462544][ T5873] ath6kl_usb 1-1:0.0: probe with driver ath6kl_usb failed with error -71
[  858.476170][ T5873] usb 1-1: USB disconnect, device number 59
[  858.633801][T15902] ALSA: mixer_oss: invalid OSS volume ''
[  858.864067][T15832] veth0_vlan: entered promiscuous mode
[  858.875463][T15832] veth1_vlan: entered promiscuous mode
[  858.897152][T15832] veth0_macvtap: entered promiscuous mode
[  858.906093][T15832] veth1_macvtap: entered promiscuous mode
[  858.920516][T15832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  858.931139][T15832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  858.942507][T15832] batman_adv: batadv0: Interface activated: batadv_slave_0
[  858.951989][T15832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  858.962705][T15832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  858.973642][T15832] batman_adv: batadv0: Interface activated: batadv_slave_1
[  858.983684][T15832] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  858.992525][T15832] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  859.001327][T15832] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  859.010120][T15832] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  859.124189][ T5833] Bluetooth: hci0: command tx timeout
[  859.762889][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  860.112001][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  860.119841][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  860.234642][T11248] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  860.254501][T11248] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  860.374257][T15926] netlink: 'syz.5.2889': attribute type 2 has an invalid length.
[  860.408393][T15926] netlink: 'syz.5.2889': attribute type 9 has an invalid length.
[  860.416886][T15928] ALSA: mixer_oss: invalid OSS volume ''
[  860.426998][T15926] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.2889'.
[  861.390952][ T5833] Bluetooth: hci0: command tx timeout
[  861.406394][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  861.599004][ T5875] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  862.494364][   T25] usb 7-1: new low-speed USB device number 2 using dummy_hcd
[  862.583998][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  862.757783][T15952] wireguard0: entered promiscuous mode
[  862.765759][T15952] wireguard0: entered allmulticast mode
[  863.091256][   T25] usb 7-1: Invalid ep0 maxpacket: 64
[  863.626371][ T5833] Bluetooth: hci0: command tx timeout
[  863.719149][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  864.039950][T15976] ALSA: mixer_oss: invalid OSS volume ''
[  864.465460][ T5873] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  864.469637][T15986] netlink: 'syz.5.2908': attribute type 2 has an invalid length.
[  864.478266][ T3518] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  864.532418][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  864.560021][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  864.630134][T15986] netlink: 'syz.5.2908': attribute type 9 has an invalid length.
[  864.684970][T15986] netlink: 209852 bytes leftover after parsing attributes in process `syz.5.2908'.
[  864.804743][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  865.489815][T16003] FAULT_INJECTION: forcing a failure.
[  865.489815][T16003] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  865.516198][T16003] CPU: 1 UID: 0 PID: 16003 Comm: syz.6.2912 Not tainted 6.13.0-rc2-syzkaller #0
[  865.525352][T16003] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  865.535435][T16003] Call Trace:
[  865.538732][T16003]  <TASK>
[  865.541680][T16003]  dump_stack_lvl+0x241/0x360
[  865.546390][T16003]  ? __pfx_dump_stack_lvl+0x10/0x10
[  865.551624][T16003]  ? __pfx__printk+0x10/0x10
[  865.556244][T16003]  ? snprintf+0xda/0x120
[  865.560516][T16003]  should_fail_ex+0x3b0/0x4e0
[  865.565224][T16003]  _copy_to_user+0x31/0xb0
[  865.569670][T16003]  simple_read_from_buffer+0xca/0x150
[  865.575081][T16003]  proc_fail_nth_read+0x1e9/0x250
[  865.580139][T16003]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  865.585726][T16003]  ? rw_verify_area+0x55e/0x6f0
[  865.590606][T16003]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  865.596181][T16003]  vfs_read+0x1fc/0xb70
[  865.600369][T16003]  ? __pfx_vfs_read+0x10/0x10
[  865.605074][T16003]  ? lockdep_hardirqs_on+0x99/0x150
[  865.610300][T16003]  ? do_mkdirat+0x354/0x3a0
[  865.614831][T16003]  ? kmem_cache_free+0x195/0x410
[  865.619791][T16003]  ? do_mkdirat+0x354/0x3a0
[  865.624320][T16003]  ksys_read+0x18f/0x2b0
[  865.628572][T16003]  ? __pfx_ksys_read+0x10/0x10
[  865.633338][T16003]  ? do_syscall_64+0x100/0x230
[  865.638103][T16003]  ? do_syscall_64+0xb6/0x230
[  865.642779][T16003]  do_syscall_64+0xf3/0x230
[  865.647280][T16003]  ? clear_bhb_loop+0x35/0x90
[  865.651961][T16003]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  865.657857][T16003] RIP: 0033:0x7f8a2557e8ec
[  865.662268][T16003] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  865.681868][T16003] RSP: 002b:00007f8a26385050 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  865.690279][T16003] RAX: ffffffffffffffda RBX: 00007f8a25745fa0 RCX: 00007f8a2557e8ec
[  865.698261][T16003] RDX: 000000000000000f RSI: 00007f8a263850b0 RDI: 0000000000000006
[  865.706226][T16003] RBP: 00007f8a263850a0 R08: 0000000000000000 R09: 0000000000000000
[  865.714195][T16003] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  865.722201][T16003] R13: 0000000000000000 R14: 00007f8a25745fa0 R15: 00007ffd3d07a978
[  865.730183][T16003]  </TASK>
[  865.910126][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  867.030046][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  867.155185][T16021] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2919'.
[  867.174624][T16018] ALSA: mixer_oss: invalid OSS volume ''
[  867.877447][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  868.378666][   T46] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  868.982955][ T7228] usb 2-1: new full-speed USB device number 49 using dummy_hcd
[  868.995815][T16056] netlink: 'syz.0.2930': attribute type 2 has an invalid length.
[  869.011178][T16056] netlink: 'syz.0.2930': attribute type 9 has an invalid length.
[  869.020522][T16056] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.2930'.
[  869.145158][ T7228] usb 2-1: not running at top speed; connect to a high speed hub
[  869.154339][ T7228] usb 2-1: config 1 interface 0 altsetting 9 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[  869.165577][ T7228] usb 2-1: config 1 interface 0 has no altsetting 0
[  869.176566][ T7228] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  869.185637][ T7228] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  869.196464][ T7228] usb 2-1: Product: syz
[  869.200658][ T7228] usb 2-1: Manufacturer: syz
[  869.205507][ T7228] usb 2-1: SerialNumber: syz
[  869.256710][T16038] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  869.506746][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  869.524133][ T7228] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 49 if 0 alt 9 proto 1 vid 0x0525 pid 0xA4A8
[  869.538408][ T7228] usb 2-1: USB disconnect, device number 49
[  869.547212][ T7228] usblp0: removed
[  869.715678][T16061] ALSA: mixer_oss: invalid OSS volume ''
[  870.623393][T11248] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  870.631573][T11248] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  870.640614][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  870.663644][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  870.739843][T16072] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2935'.
[  871.391250][T16088] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  871.493716][ T5933] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  871.549209][T16096] ALSA: mixer_oss: invalid OSS volume ''
[  871.643652][ T7228] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  871.655458][ T5933] usb 2-1: New USB device found, idVendor=054c, idProduct=0df2, bcdDevice= 0.00
[  871.672669][ T5933] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  871.683047][ T5933] usb 2-1: config 0 descriptor??
[  871.719232][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  871.857599][ T7228] usb 6-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  871.868147][ T7228] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  871.881487][ T7228] usb 6-1: Product: syz
[  871.903593][ T7228] usb 6-1: Manufacturer: syz
[  871.926932][ T7228] usb 6-1: SerialNumber: syz
[  872.032151][ T7228] usb 6-1: config 0 descriptor??
[  872.416347][ T5933] playstation 0003:054C:0DF2.0013: hidraw0: USB HID v1.01 Device [HID 054c:0df2] on usb-dummy_hcd.1-1/input0
[  872.529572][T16098] tmpfs: Bad value for 'mpol'
[  872.540409][T16098] netlink: 128 bytes leftover after parsing attributes in process `syz.0.2942'.
[  872.689302][ T7228] usb 6-1: Firmware version (0.0) predates our first public release.
[  872.702539][ T7228] usb 6-1: Please update to version 0.2 or newer
[  872.917945][ T5933] playstation 0003:054C:0DF2.0013: Failed to retrieve feature with reportID 32: -71
[  872.961713][   T25] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  872.972194][ T7228] usb 6-1: USB disconnect, device number 32
[  872.975257][ T5933] playstation 0003:054C:0DF2.0013: Failed to retrieve DualSense firmware info: -71
[  873.641515][ T5933] playstation 0003:054C:0DF2.0013: Failed to get firmware info from DualSense
[  873.651240][ T5933] playstation 0003:054C:0DF2.0013: Failed to create dualsense.
[  873.754799][ T5933] playstation 0003:054C:0DF2.0013: probe with driver playstation failed with error -71
[  873.767108][ T5933] usb 2-1: USB disconnect, device number 50
[  874.215435][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  874.648840][ T5830] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  874.696577][ T5830] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  874.711265][ T5830] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  874.719935][ T5830] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  874.735110][ T5830] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  874.752776][ T5830] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  875.010113][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  875.040826][ T5933] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  875.603482][ T7228] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  875.774769][ T6795] bridge0: port 1(syz_tun) entered disabled state
[  875.885363][T16149] ALSA: mixer_oss: invalid OSS volume ''
[  876.017677][ T6795] syz_tun (unregistering): left allmulticast mode
[  876.026672][ T6795] syz_tun (unregistering): left promiscuous mode
[  876.033102][ T6795] bridge0: port 1(syz_tun) entered disabled state
[  876.071853][T16156] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  876.164031][   T11] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  876.272985][   T11] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  876.302636][ T5874] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  876.409642][   T11] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  876.415689][T16172] FAULT_INJECTION: forcing a failure.
[  876.415689][T16172] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  876.433224][T16172] CPU: 1 UID: 0 PID: 16172 Comm: syz.5.2963 Not tainted 6.13.0-rc2-syzkaller #0
[  876.442274][T16172] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  876.452346][T16172] Call Trace:
[  876.455642][T16172]  <TASK>
[  876.458589][T16172]  dump_stack_lvl+0x241/0x360
[  876.463294][T16172]  ? __pfx_dump_stack_lvl+0x10/0x10
[  876.468498][T16172]  ? __pfx__printk+0x10/0x10
[  876.473103][T16172]  should_fail_ex+0x3b0/0x4e0
[  876.477803][T16172]  _copy_to_user+0x31/0xb0
[  876.482225][T16172]  bpf_test_finish+0x2e6/0x890
[  876.487003][T16172]  ? __pfx_bpf_test_finish+0x10/0x10
[  876.492289][T16172]  ? perf_event_namespaces+0x48b/0xca0
[  876.497752][T16172]  ? convert___skb_to_skb+0x41/0x620
[  876.503044][T16172]  ? convert_skb_to___skb+0x2d3/0x510
[  876.508411][T16172]  bpf_prog_test_run_skb+0xff0/0x1820
[  876.513800][T16172]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  876.519611][T16172]  ? __fget_files+0x2a/0x410
[  876.524196][T16172]  ? fput+0x21b/0x290
[  876.528187][T16172]  ? __pfx_bpf_prog_test_run_skb+0x10/0x10
[  876.534002][T16172]  bpf_prog_test_run+0x2e4/0x360
[  876.538942][T16172]  __sys_bpf+0x48d/0x810
[  876.543182][T16172]  ? __pfx___sys_bpf+0x10/0x10
[  876.547961][T16172]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  876.553951][T16172]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  876.560275][T16172]  ? do_syscall_64+0x100/0x230
[  876.565045][T16172]  __x64_sys_bpf+0x7c/0x90
[  876.569461][T16172]  do_syscall_64+0xf3/0x230
[  876.573963][T16172]  ? clear_bhb_loop+0x35/0x90
[  876.578641][T16172]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  876.584533][T16172] RIP: 0033:0x7ff67417fed9
[  876.588949][T16172] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  876.608564][T16172] RSP: 002b:00007ff674f22058 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  876.616996][T16172] RAX: ffffffffffffffda RBX: 00007ff674345fa0 RCX: 00007ff67417fed9
[  876.624968][T16172] RDX: 0000000000000050 RSI: 00000000200002c0 RDI: 000000000000000a
[  876.632933][T16172] RBP: 00007ff674f220a0 R08: 0000000000000000 R09: 0000000000000000
[  876.640897][T16172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  876.648868][T16172] R13: 0000000000000000 R14: 00007ff674345fa0 R15: 00007ffc388265f8
[  876.656851][T16172]  </TASK>
[  876.698723][T16133] chnl_net:caif_netlink_parms(): no params data found
[  876.721344][ T5874] usb 2-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=26.50
[  876.730866][ T5874] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  876.738872][ T5874] usb 2-1: Product: syz
[  876.758858][ T5874] usb 2-1: Manufacturer: syz
[  876.770472][ T5874] usb 2-1: SerialNumber: syz
[  876.783477][ T5874] usb 2-1: config 0 descriptor??
[  876.797742][ T5874] usb 2-1: Waiting for MOTU Microbook II to boot up...
[  876.809745][ T5874] usb 2-1: failed setting the sample rate for Motu MicroBook II: -22
[  876.838342][   T11] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  876.868913][ T5874] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -22
[  876.907646][T16176] ALSA: mixer_oss: invalid OSS volume ''
[  876.932914][ T5833] Bluetooth: hci1: command tx timeout
[  877.014403][T16133] bridge0: port 1(bridge_slave_0) entered blocking state
[  877.022173][T16133] bridge0: port 1(bridge_slave_0) entered disabled state
[  877.030469][T16133] bridge_slave_0: entered allmulticast mode
[  877.037533][T16133] bridge_slave_0: entered promiscuous mode
[  877.050592][T16158] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  877.052565][T16133] bridge0: port 2(bridge_slave_1) entered blocking state
[  877.059079][T16158] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  877.066100][T16133] bridge0: port 2(bridge_slave_1) entered disabled state
[  877.081237][T16133] bridge_slave_1: entered allmulticast mode
[  877.089083][T16133] bridge_slave_1: entered promiscuous mode
[  877.123712][   T25] usb 2-1: USB disconnect, device number 51
[  877.202935][T16133] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  877.310879][T16188] fuse: Unknown parameter '0x0000000000000007'
[  877.358956][T16133] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  877.990115][ T5874] IPVS: starting estimator thread 0...
[  878.077185][T16133] team0: Port device team_slave_0 added
[  878.086349][T16133] team0: Port device team_slave_1 added
[  878.194271][T16195] IPVS: using max 21 ests per chain, 50400 per kthread
[  879.156327][ T5833] Bluetooth: hci1: command tx timeout
[  879.591214][T16222] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  880.795194][T16202] tipc: Failed to obtain node identity
[  880.800756][T16202] tipc: Enabling of bearer <ib:veth1_vlan> rejected, failed to enable media
[  880.920835][T16133] batman_adv: batadv0: Adding interface: batadv_slave_0
[  880.927823][T16133] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  880.955266][T16133] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  880.968362][T16133] batman_adv: batadv0: Adding interface: batadv_slave_1
[  880.975399][T16133] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  881.001588][T16133] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  882.150592][ T1295] ieee802154 phy0 wpan0: encryption failed: -22
[  882.214383][ T5833] Bluetooth: hci1: command tx timeout
[  882.232161][T16236] netlink: 'syz.4.2976': attribute type 8 has an invalid length.
[  883.028199][ T5933] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[  883.488679][T16133] hsr_slave_0: entered promiscuous mode
[  883.495845][T16133] hsr_slave_1: entered promiscuous mode
[  883.504681][T16133] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  883.518459][T16133] Cannot create hsr debugfs directory
[  883.646109][ T5933] usb 5-1: Using ep0 maxpacket: 32
[  883.653318][ T5933] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  883.868408][ T5933] usb 5-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  883.877717][ T5933] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  883.887247][ T5933] usb 5-1: Product: syz
[  883.940681][ T5933] usb 5-1: Manufacturer: syz
[  883.981368][ T5933] usb 5-1: SerialNumber: syz
[  884.204402][ T5933] usb 5-1: config 0 descriptor??
[  884.371559][   T11] hsr_slave_0: left promiscuous mode
[  884.377542][ T5833] Bluetooth: hci1: command tx timeout
[  884.384492][   T11] hsr_slave_1: left promiscuous mode
[  884.399732][   T11] veth1_macvtap: left promiscuous mode
[  884.406842][   T11] veth0_macvtap: left promiscuous mode
[  884.412389][   T11] veth1_vlan: left promiscuous mode
[  884.418213][   T11] veth0_vlan: left promiscuous mode
[  884.426937][ T5875] usb 5-1: USB disconnect, device number 67
[  884.533461][ T5933] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  884.698059][ T5933] usb 2-1: Using ep0 maxpacket: 32
[  884.708866][ T5933] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  884.721950][ T5933] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  884.733496][ T5933] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  884.745242][ T5933] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  884.754644][ T5933] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  884.766956][ T5933] usb 2-1: config 0 descriptor??
[  884.778761][T16256] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  884.796255][ T5933] hub 2-1:0.0: USB hub found
[  885.016890][T16256] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  885.025745][T16256] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  885.169458][ T5933] hub 2-1:0.0: 2 ports detected
[  885.608109][ T5933] hub 2-1:0.0: set hub depth failed
[  885.646073][ T5933] usb 2-1: USB disconnect, device number 52
[  886.394680][T16279] Bluetooth: MGMT ver 1.23
[  887.139711][T16258] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2982'.
[  888.542438][T16292] netlink: 300 bytes leftover after parsing attributes in process `syz.1.2993'.
[  888.575458][T16293] tun0: tun_chr_ioctl cmd 1074025677
[  888.581922][T16293] tun0: linktype set to 512
[  889.003945][   T11] IPVS: stop unused estimator thread 0...
[  889.012130][T16308] netlink: 108 bytes leftover after parsing attributes in process `syz.5.2996'.
[  889.063898][T16307] syzkaller1: entered promiscuous mode
[  889.069630][T16307] syzkaller1: entered allmulticast mode
[  890.049517][T16326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  890.060522][T16326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  890.965568][T16133] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  891.022218][T16133] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  891.054704][ T5830] Bluetooth: hci1: command 0x0405 tx timeout
[  891.088277][T16133] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  891.242051][T16133] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  891.962602][T16133] 8021q: adding VLAN 0 to HW filter on device bond0
[  891.983990][T16133] 8021q: adding VLAN 0 to HW filter on device team0
[  891.994965][ T2121] bridge0: port 1(bridge_slave_0) entered blocking state
[  892.002138][ T2121] bridge0: port 1(bridge_slave_0) entered forwarding state
[  892.078694][ T6745] bridge0: port 2(bridge_slave_1) entered blocking state
[  892.085854][ T6745] bridge0: port 2(bridge_slave_1) entered forwarding state
[  892.174785][T16133] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  892.230388][T16133] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  892.266537][T16336] netlink: 128 bytes leftover after parsing attributes in process `syz.4.3006'.
[  893.082642][T16133] 8021q: adding VLAN 0 to HW filter on device batadv0
[  893.166330][T16133] veth0_vlan: entered promiscuous mode
[  893.196761][T16133] veth1_vlan: entered promiscuous mode
[  893.206200][T16372] FAULT_INJECTION: forcing a failure.
[  893.206200][T16372] name failslab, interval 1, probability 0, space 0, times 0
[  893.231435][T16372] CPU: 0 UID: 0 PID: 16372 Comm: syz.1.3016 Not tainted 6.13.0-rc2-syzkaller #0
[  893.240506][T16372] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  893.250574][T16372] Call Trace:
[  893.253859][T16372]  <TASK>
[  893.256796][T16372]  dump_stack_lvl+0x241/0x360
[  893.261493][T16372]  ? __pfx_dump_stack_lvl+0x10/0x10
[  893.266705][T16372]  ? __pfx__printk+0x10/0x10
[  893.271314][T16372]  ? fs_reclaim_acquire+0x93/0x130
[  893.276442][T16372]  ? __pfx___might_resched+0x10/0x10
[  893.281751][T16372]  should_fail_ex+0x3b0/0x4e0
[  893.286445][T16372]  should_failslab+0xac/0x100
[  893.291127][T16372]  __kmalloc_noprof+0xdd/0x4c0
[  893.295898][T16372]  ? tomoyo_encode+0x26f/0x540
[  893.300675][T16372]  tomoyo_encode+0x26f/0x540
[  893.305265][T16372]  tomoyo_realpath_from_path+0x59e/0x5e0
[  893.310909][T16372]  tomoyo_path_number_perm+0x236/0x860
[  893.316367][T16372]  ? __lock_acquire+0x1397/0x2100
[  893.321395][T16372]  ? tomoyo_path_number_perm+0x206/0x860
[  893.327027][T16372]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  893.333033][T16372]  ? __fget_files+0x2a/0x410
[  893.337620][T16372]  ? __fget_files+0x2a/0x410
[  893.342209][T16372]  security_file_ioctl+0xc6/0x2a0
[  893.347234][T16372]  __se_sys_ioctl+0x46/0x170
[  893.351827][T16372]  do_syscall_64+0xf3/0x230
[  893.356332][T16372]  ? clear_bhb_loop+0x35/0x90
[  893.361012][T16372]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  893.366905][T16372] RIP: 0033:0x7fa72977fed9
[  893.371317][T16372] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  893.390915][T16372] RSP: 002b:00007fa72a624058 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  893.399331][T16372] RAX: ffffffffffffffda RBX: 00007fa729945fa0 RCX: 00007fa72977fed9
[  893.407299][T16372] RDX: 0000000000000002 RSI: 000000000000540a RDI: 0000000000000005
[  893.415262][T16372] RBP: 00007fa72a6240a0 R08: 0000000000000000 R09: 0000000000000000
[  893.423226][T16372] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  893.431191][T16372] R13: 0000000000000000 R14: 00007fa729945fa0 R15: 00007ffea19c6538
[  893.439165][T16372]  </TASK>
[  893.451340][T16133] veth0_macvtap: entered promiscuous mode
[  893.460175][T16133] veth1_macvtap: entered promiscuous mode
[  893.474607][T16133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  893.477231][T16372] ERROR: Out of memory at tomoyo_realpath_from_path.
[  893.485108][T16133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  893.485129][T16133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  893.485146][T16133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  893.486133][T16133] batman_adv: batadv0: Interface activated: batadv_slave_0
[  893.562386][T16133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  893.574619][T16133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  893.594539][T16133] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  893.620346][T16133] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  893.632553][T16133] batman_adv: batadv0: Interface activated: batadv_slave_1
[  893.667448][T16133] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  893.686355][T16133] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  893.705794][T16133] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  893.714501][T16133] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  893.733347][T16378] netlink: 32 bytes leftover after parsing attributes in process `syz.1.3018'.
[  893.845433][ T5873] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  893.859421][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  893.883362][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  893.934186][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  893.945878][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  894.037592][ T5873] usb 7-1: Using ep0 maxpacket: 8
[  894.046300][ T5873] usb 7-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  894.056015][ T5873] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=239
[  894.064422][ T5873] usb 7-1: Product: syz
[  894.075431][ T5873] usb 7-1: Manufacturer: syz
[  894.080305][ T5873] usb 7-1: SerialNumber: syz
[  894.088110][ T5873] usb 7-1: config 0 descriptor??
[  894.097735][ T5873] gspca_main: sq905-2.14.0 probing 2770:9120
[  896.068724][ T5873] gspca_sq905: sq905_command: usb_control_msg failed (-110)
[  896.076119][ T5873] sq905 7-1:0.0: probe with driver sq905 failed with error -110
[  897.093342][ T5830] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  897.124426][ T5830] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  897.231856][T16415] overlay: Unknown parameter 'context'
[  897.328863][ T5830] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  897.342976][ T5830] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  897.398366][T12693] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  897.409026][T12693] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  897.977839][   T46] usb 7-1: USB disconnect, device number 4
[  899.163016][T16438] trusted_key: encrypted_key: insufficient parameters specified
[  899.298836][T16410] chnl_net:caif_netlink_parms(): no params data found
[  899.739358][   T46] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  899.883547][T16410] bridge0: port 1(bridge_slave_0) entered blocking state
[  899.891098][T16410] bridge0: port 1(bridge_slave_0) entered disabled state
[  899.908533][T16410] bridge_slave_0: entered allmulticast mode
[  899.916008][T16410] bridge_slave_0: entered promiscuous mode
[  899.929738][T16410] bridge0: port 2(bridge_slave_1) entered blocking state
[  899.937156][   T46] usb 1-1: too many configurations: 104, using maximum allowed: 8
[  899.937411][T16410] bridge0: port 2(bridge_slave_1) entered disabled state
[  899.952457][T16410] bridge_slave_1: entered allmulticast mode
[  899.957314][   T46] usb 1-1: unable to read config index 0 descriptor/start: -61
[  899.960607][T16410] bridge_slave_1: entered promiscuous mode
[  899.966885][   T46] usb 1-1: can't read configurations, error -61
[  900.185560][T12693] Bluetooth: hci5: command tx timeout
[  900.464091][T16410] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  900.648184][T16410] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  900.796525][T16410] team0: Port device team_slave_0 added
[  900.808655][   T46] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  900.824822][T16410] team0: Port device team_slave_1 added
[  900.889244][T16410] batman_adv: batadv0: Adding interface: batadv_slave_0
[  900.898442][T16410] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  900.936377][T16410] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  900.980634][T16410] batman_adv: batadv0: Adding interface: batadv_slave_1
[  900.992583][T16410] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  901.025413][T16410] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  901.044186][   T46] usb 1-1: too many configurations: 104, using maximum allowed: 8
[  901.076501][   T46] usb 1-1: unable to read config index 0 descriptor/start: -61
[  901.135774][   T46] usb 1-1: can't read configurations, error -61
[  901.168921][   T46] usb usb1-port1: attempt power cycle
[  901.582507][   T46] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  901.632438][   T46] usb 1-1: device descriptor read/8, error -71
[  901.737359][T16410] hsr_slave_0: entered promiscuous mode
[  901.745820][T16410] hsr_slave_1: entered promiscuous mode
[  901.767243][T16410] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  901.774836][T16410] Cannot create hsr debugfs directory
[  902.554741][T12693] Bluetooth: hci5: command tx timeout
[  903.823608][T16410] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  903.906645][   T29] kauditd_printk_skb: 20 callbacks suppressed
[  903.906663][   T29] audit: type=1326 audit(2000003266.532:5569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=16489 comm="syz.6.3048" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8a2557fed9 code=0x0
[  903.989041][T16410] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  904.151533][   T46] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[  904.168686][T16410] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  904.185453][   T46] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  904.210456][   T46] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  904.245410][   T46] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  904.320481][   T46] usb 1-1: config 0 descriptor??
[  904.336171][   T46] pwc: Askey VC010 type 2 USB webcam detected.
[  904.400021][T16410] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  904.728469][T12693] Bluetooth: hci5: command tx timeout
[  905.135219][   T46] pwc: recv_control_msg error -32 req 02 val 2b00
[  905.142847][   T46] pwc: recv_control_msg error -32 req 02 val 2700
[  905.345571][T16410] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  905.360626][T16410] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  905.376606][T16410] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  905.388179][T16410] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  905.956096][T16410] 8021q: adding VLAN 0 to HW filter on device bond0
[  906.222508][T16410] 8021q: adding VLAN 0 to HW filter on device team0
[  906.272231][ T6739] bridge0: port 1(bridge_slave_0) entered blocking state
[  906.279455][ T6739] bridge0: port 1(bridge_slave_0) entered forwarding state
[  906.342771][ T6739] bridge0: port 2(bridge_slave_1) entered blocking state
[  906.349930][ T6739] bridge0: port 2(bridge_slave_1) entered forwarding state
[  906.696351][   T46] pwc: recv_control_msg error -71 req 04 val 1000
[  906.971325][   T46] pwc: recv_control_msg error -71 req 04 val 1300
[  907.081127][   T46] pwc: recv_control_msg error -71 req 04 val 1400
[  907.089014][T12693] Bluetooth: hci5: command tx timeout
[  907.095062][   T46] pwc: recv_control_msg error -71 req 02 val 2000
[  907.113262][   T46] pwc: recv_control_msg error -71 req 02 val 2100
[  907.121034][   T46] pwc: recv_control_msg error -71 req 04 val 1500
[  907.128933][   T46] pwc: recv_control_msg error -71 req 02 val 2500
[  907.137320][   T46] pwc: recv_control_msg error -71 req 02 val 2400
[  907.144813][   T46] pwc: recv_control_msg error -71 req 02 val 2600
[  907.152512][   T46] pwc: recv_control_msg error -71 req 02 val 2900
[  907.160827][   T46] pwc: recv_control_msg error -71 req 02 val 2800
[  907.169674][   T46] pwc: recv_control_msg error -71 req 04 val 1100
[  907.177985][   T46] pwc: recv_control_msg error -71 req 04 val 1200
[  907.195260][   T46] pwc: Registered as video103.
[  907.210977][   T46] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input90
[  907.273677][   T46] usb 1-1: USB disconnect, device number 63
[  907.409837][T16410] 8021q: adding VLAN 0 to HW filter on device batadv0
[  907.483036][T16410] veth0_vlan: entered promiscuous mode
[  907.562253][T16410] veth1_vlan: entered promiscuous mode
[  907.583754][T16539] ------------[ cut here ]------------
[  907.589828][T16539] WARNING: CPU: 0 PID: 16539 at kernel/signal.c:2050 posixtimer_send_sigqueue+0xa08/0xce0
[  907.599761][T16539] Modules linked in:
[  907.603681][T16539] CPU: 0 UID: 0 PID: 16539 Comm: syz.5.3062 Not tainted 6.13.0-rc2-syzkaller #0
[  907.612724][T16539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  907.617245][T16410] veth0_macvtap: entered promiscuous mode
[  907.622783][T16539] RIP: 0010:posixtimer_send_sigqueue+0xa08/0xce0
[  907.634863][T16539] Code: 00 0f 85 f4 02 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 73 1a 3b 00 4c 8b 64 24 08 e9 28 ff ff ff 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 80 3c 03 00 74 08 4c 89 f7
[  907.654484][T16539] RSP: 0018:ffffc90004d17a80 EFLAGS: 00010082
[  907.660545][T16539] RAX: dffffc0000000000 RBX: 1ffff11006514a5b RCX: 0000000000080000
[  907.668503][T16539] RDX: ffffc9000d4fa000 RSI: 0000000000000041 RDI: 0000000000000042
[  907.676466][T16539] RBP: ffffc90004d17b70 R08: ffffffff81645080 R09: 1ffffffff284db12
[  907.684419][T16539] R10: dffffc0000000000 R11: fffffbfff284db13 R12: ffff8880328a52c0
[  907.692375][T16539] R13: 1ffff11006514a68 R14: ffff8880328a52d8 R15: ffff8880328a5380
[  907.700331][T16539] FS:  00007ff674f226c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  907.709242][T16539] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  907.715808][T16539] CR2: 0000000000000000 CR3: 0000000033a98000 CR4: 00000000003526f0
[  907.723767][T16539] DR0: 0000000000002800 DR1: 0000000000000000 DR2: 0000000000000000
[  907.731733][T16539] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  907.739692][T16539] Call Trace:
[  907.742958][T16539]  <TASK>
[  907.745879][T16539]  ? __warn+0x165/0x4d0
[  907.750022][T16539]  ? posixtimer_send_sigqueue+0xa08/0xce0
[  907.755749][T16539]  ? report_bug+0x2b3/0x500
[  907.760248][T16539]  ? posixtimer_send_sigqueue+0xa08/0xce0
[  907.765961][T16539]  ? handle_bug+0x60/0x90
[  907.770276][T16539]  ? exc_invalid_op+0x1a/0x50
[  907.774940][T16539]  ? asm_exc_invalid_op+0x1a/0x20
[  907.780206][T16539]  ? prepare_signal+0x6c0/0xc90
[  907.785054][T16539]  ? posixtimer_send_sigqueue+0xa08/0xce0
[  907.790764][T16539]  ? posixtimer_send_sigqueue+0xd3/0xce0
[  907.796392][T16539]  ? __pfx_posixtimer_send_sigqueue+0x10/0x10
[  907.802451][T16539]  posix_cpu_timer_set+0xa25/0xe80
[  907.807554][T16539]  ? posix_cpu_timer_set+0x136/0xe80
[  907.812846][T16539]  ? __pfx_posix_cpu_timer_set+0x10/0x10
[  907.818472][T16539]  ? __lock_timer+0x36f/0x3f0
[  907.823135][T16539]  ? __lock_timer+0x34/0x3f0
[  907.827729][T16539]  do_timer_settime+0x2f0/0x3e0
[  907.832567][T16539]  ? __pfx_do_timer_settime+0x10/0x10
[  907.837926][T16539]  ? __pfx_do_futex+0x10/0x10
[  907.842599][T16539]  __x64_sys_timer_settime+0x19e/0x240
[  907.848045][T16539]  ? __pfx___x64_sys_timer_settime+0x10/0x10
[  907.854014][T16539]  ? do_syscall_64+0x100/0x230
[  907.858778][T16539]  ? do_syscall_64+0xb6/0x230
[  907.863446][T16539]  do_syscall_64+0xf3/0x230
[  907.867936][T16539]  ? clear_bhb_loop+0x35/0x90
[  907.872611][T16539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  907.878491][T16539] RIP: 0033:0x7ff67417fed9
[  907.882895][T16539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  907.902482][T16539] RSP: 002b:00007ff674f22058 EFLAGS: 00000246 ORIG_RAX: 00000000000000df
[  907.910877][T16539] RAX: ffffffffffffffda RBX: 00007ff674345fa0 RCX: 00007ff67417fed9
[  907.918832][T16539] RDX: 0000000020000340 RSI: 0000000000000001 RDI: 0000000000000000
[  907.926798][T16539] RBP: 00007ff6741f3cc8 R08: 0000000000000000 R09: 0000000000000000
[  907.934757][T16539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  907.942708][T16539] R13: 0000000000000000 R14: 00007ff674345fa0 R15: 00007ffc388265f8
[  907.950678][T16539]  </TASK>
[  907.953696][T16539] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  907.960955][T16539] CPU: 0 UID: 0 PID: 16539 Comm: syz.5.3062 Not tainted 6.13.0-rc2-syzkaller #0
[  907.969953][T16539] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  907.979990][T16539] Call Trace:
[  907.983254][T16539]  <TASK>
[  907.986177][T16539]  dump_stack_lvl+0x241/0x360
[  907.990849][T16539]  ? __pfx_dump_stack_lvl+0x10/0x10
[  907.996027][T16539]  ? __pfx__printk+0x10/0x10
[  908.000596][T16539]  ? _printk+0xd5/0x120
[  908.004737][T16539]  ? __init_begin+0x41000/0x41000
[  908.009745][T16539]  ? vscnprintf+0x5d/0x90
[  908.014056][T16539]  panic+0x349/0x880
[  908.017948][T16539]  ? __warn+0x174/0x4d0
[  908.022087][T16539]  ? __pfx_panic+0x10/0x10
[  908.026497][T16539]  __warn+0x344/0x4d0
[  908.030462][T16539]  ? posixtimer_send_sigqueue+0xa08/0xce0
[  908.036169][T16539]  report_bug+0x2b3/0x500
[  908.040490][T16539]  ? posixtimer_send_sigqueue+0xa08/0xce0
[  908.046199][T16539]  handle_bug+0x60/0x90
[  908.050344][T16539]  exc_invalid_op+0x1a/0x50
[  908.054834][T16539]  asm_exc_invalid_op+0x1a/0x20
[  908.059670][T16539] RIP: 0010:posixtimer_send_sigqueue+0xa08/0xce0
[  908.065982][T16539] Code: 00 0f 85 f4 02 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc e8 73 1a 3b 00 4c 8b 64 24 08 e9 28 ff ff ff 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 80 3c 03 00 74 08 4c 89 f7
[  908.085565][T16539] RSP: 0018:ffffc90004d17a80 EFLAGS: 00010082
[  908.091613][T16539] RAX: dffffc0000000000 RBX: 1ffff11006514a5b RCX: 0000000000080000
[  908.099567][T16539] RDX: ffffc9000d4fa000 RSI: 0000000000000041 RDI: 0000000000000042
[  908.107518][T16539] RBP: ffffc90004d17b70 R08: ffffffff81645080 R09: 1ffffffff284db12
[  908.115468][T16539] R10: dffffc0000000000 R11: fffffbfff284db13 R12: ffff8880328a52c0
[  908.123421][T16539] R13: 1ffff11006514a68 R14: ffff8880328a52d8 R15: ffff8880328a5380
[  908.131376][T16539]  ? prepare_signal+0x6c0/0xc90
[  908.136224][T16539]  ? posixtimer_send_sigqueue+0xd3/0xce0
[  908.141850][T16539]  ? __pfx_posixtimer_send_sigqueue+0x10/0x10
[  908.147908][T16539]  posix_cpu_timer_set+0xa25/0xe80
[  908.153007][T16539]  ? posix_cpu_timer_set+0x136/0xe80
[  908.158292][T16539]  ? __pfx_posix_cpu_timer_set+0x10/0x10
[  908.163910][T16539]  ? __lock_timer+0x36f/0x3f0
[  908.168566][T16539]  ? __lock_timer+0x34/0x3f0
[  908.173138][T16539]  do_timer_settime+0x2f0/0x3e0
[  908.177978][T16539]  ? __pfx_do_timer_settime+0x10/0x10
[  908.183330][T16539]  ? __pfx_do_futex+0x10/0x10
[  908.187997][T16539]  __x64_sys_timer_settime+0x19e/0x240
[  908.193438][T16539]  ? __pfx___x64_sys_timer_settime+0x10/0x10
[  908.199405][T16539]  ? do_syscall_64+0x100/0x230
[  908.204220][T16539]  ? do_syscall_64+0xb6/0x230
[  908.208908][T16539]  do_syscall_64+0xf3/0x230
[  908.213403][T16539]  ? clear_bhb_loop+0x35/0x90
[  908.218087][T16539]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  908.223977][T16539] RIP: 0033:0x7ff67417fed9
[  908.228375][T16539] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  908.247980][T16539] RSP: 002b:00007ff674f22058 EFLAGS: 00000246 ORIG_RAX: 00000000000000df
[  908.256379][T16539] RAX: ffffffffffffffda RBX: 00007ff674345fa0 RCX: 00007ff67417fed9
[  908.264333][T16539] RDX: 0000000020000340 RSI: 0000000000000001 RDI: 0000000000000000
[  908.272289][T16539] RBP: 00007ff6741f3cc8 R08: 0000000000000000 R09: 0000000000000000
[  908.280243][T16539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  908.288195][T16539] R13: 0000000000000000 R14: 00007ff674345fa0 R15: 00007ffc388265f8
[  908.296163][T16539]  </TASK>
[  909.370003][T16539] Shutting down cpus with NMI
[  909.374976][T16539] Kernel Offset: disabled
[  909.379525][T16539] Rebooting in 86400 seconds..