last executing test programs:

9.825089765s ago: executing program 3 (id=669):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f0000000400000004000000120000000000", @ANYRES32], 0x50)
sendto$inet(r0, &(0x7f0000000580)="e1", 0xfffffffffffffef1, 0x40000, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=ANY=[@ANYBLOB="0a00000009000000080000000200000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000000000a8ab0000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x6, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@map_fd={0x18, 0x3, 0x1, 0x0, r2}, @call={0x85, 0x0, 0x0, 0x26}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYRES32=r3, @ANYBLOB="0500"], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f0000000340), &(0x7f0000000040)=@tcp=r0}, 0x20)
recvmsg(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000800)=""/140, 0x8c}], 0x1}, 0x10000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
socket$inet_mptcp(0x2, 0x1, 0x106)
fstat(0xffffffffffffffff, &(0x7f0000006b40))
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, 0x0)
fstat(0xffffffffffffffff, &(0x7f000000a3c0))
getresgid(&(0x7f000000a440), 0x0, &(0x7f000000a4c0))
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f000000a580), 0x1000)
openat$adsp1(0xffffffffffffff9c, &(0x7f000000a640), 0x800, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
getegid()

9.668378977s ago: executing program 0 (id=673):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) (async)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000240)={0x38, 0x2d, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x800}, @nested={0x21, 0x11, 0x0, 0x1, [@generic="2fe5afbf24fbcccc554cd9761e79b8dad8a2018544a3f855448c77987d"]}]}, 0x38}], 0x1}, 0x0) (async)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000240)={0x38, 0x2d, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x800}, @nested={0x21, 0x11, 0x0, 0x1, [@generic="2fe5afbf24fbcccc554cd9761e79b8dad8a2018544a3f855448c77987d"]}]}, 0x38}], 0x1}, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090f040000000000000000008500000005000000850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r1}, 0x10)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x1000, 0x1)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x2) (async)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x2)
ioperm(0x8, 0x1, 0x7fffffff)
socket$inet6(0xa, 0x2, 0x0)
gettid() (async)
r2 = gettid()
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r3, &(0x7f0000000b80)=""/215, 0xd7)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r3, 0x4040534e, &(0x7f0000000040)={0x32f, @tick=0xfffffffc, 0x0, {0x4}, 0x1, 0x1})
syz_open_dev$amidi(&(0x7f0000000080), 0x6, 0xc201)
r4 = open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
fallocate(r4, 0x0, 0x0, 0x1000f8) (async)
fallocate(r4, 0x0, 0x0, 0x1000f8)
sendfile(r4, r4, 0x0, 0x100000008)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r4, 0xc08c5336, &(0x7f0000000300)={0x405, 0x0, 0x0, 'queue1\x00', 0x8})
tkill(r2, 0x7)
syz_open_procfs(0x0, &(0x7f00000006c0)='fdinfo/3\x00') (async)
r5 = syz_open_procfs(0x0, &(0x7f00000006c0)='fdinfo/3\x00')
ioctl$FS_IOC_FIEMAP(r5, 0xc020660b, &(0x7f00000001c0)={0x6, 0x51, 0x1, 0x80, 0x5, 0x0, [{0x8eb4, 0x8000000000000000, 0xe20, '\x00', 0x880}, {0x1, 0xfffffffffffffffb, 0xffffffffffffffff, '\x00', 0x80}, {0x6, 0x8, 0x1, '\x00', 0x804}, {0x8000000000000000, 0x3a7c, 0x7, '\x00', 0x280}, {0xfffffffffffeffff, 0x1, 0x3}]})
pread64(r5, &(0x7f0000000140)=""/116, 0x74, 0x4)
ioperm(0xd, 0xd2, 0x9)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0) (async)
openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0) (async)
recvmmsg(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0, 0x0)

9.252618236s ago: executing program 0 (id=676):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r2, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x20, 0x140b, 0x1, 0x74bd23, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_RES_CM_IDN={0x5, 0x3f, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}}, 0x40000)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000002a80)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0xdc, 0x18, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_HOOK={0x48, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'gre0\x00'}, {0x14, 0x1, 'pim6reg1\x00'}]}]}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}]}, @NFT_MSG_DELCHAIN={0x20, 0x5, 0xa, 0x0, 0x0, 0x0, {0x1, 0x0, 0xa}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWOBJ={0x64, 0x12, 0xa, 0x401, 0x0, 0x0, {0x7}, @NFT_OBJECT_TUNNEL=@NFTA_OBJ_DATA={0x50, 0x4, 0x0, 0x1, [@NFTA_TUNNEL_KEY_TTL={0x5, 0x6, 0x80}, @NFTA_TUNNEL_KEY_ID={0x8, 0x1, 0x1, 0x0, 0x10}, @NFTA_TUNNEL_KEY_TTL={0x5, 0x6, 0xe}, @NFTA_TUNNEL_KEY_IP={0x24, 0x2, 0x0, 0x1, [@NFTA_TUNNEL_KEY_IP_SRC={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x6}}, @NFTA_TUNNEL_KEY_IP_SRC={0x8, 0x1, 0x1, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NFTA_TUNNEL_KEY_IP_DST={0x8, 0x2, 0x1, 0x0, @local}, @NFTA_TUNNEL_KEY_IP_DST={0x8, 0x2, 0x1, 0x0, @local}]}, @NFTA_TUNNEL_KEY_TTL={0x5, 0x6, 0x5}, @NFTA_TUNNEL_KEY_FLAGS={0x8, 0x4, 0x1, 0x0, 0x4}]}}, @NFT_MSG_DELSETELEM={0x41c, 0xe, 0xa, 0x801, 0x0, 0x0, {0x7, 0x0, 0x2}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x408, 0x3, 0x0, 0x1, [{0x404, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x7}, @NFTA_SET_ELEM_FLAGS={0x8}, @NFTA_SET_ELEM_EXPRESSIONS={0x3e0, 0xb, 0x0, 0x1, [{0x54, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x17}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x6b}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0xf8}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}]}}}, {0x388, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x37c, 0x2, 0x0, 0x1, [@NFTA_CMP_SREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_CMP_DATA={0x84, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x7d, 0x1, "145f8209549a325e96e7f9cf49a66f51cb2c5850d59f75ec5aa12d43ab078da800407cb16964b3447a109cb61f7338222cee311fb7833d044041af543e0490c176d0c7b1da33307718579050a8f1aa347fafabe9e03ba0ecebabac2c01a4519c753d486db34bf24c02e59a6c1f35a5de104eaab8e645948954"}]}, @NFTA_CMP_OP={0x8, 0x2, 0x1, 0x0, 0x5}, @NFTA_CMP_DATA={0x2e4, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x4}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VALUE={0xb5, 0x1, "3d76dc2e69a03585504853772b2e3e1ca90c6d95cfcc0c2eafb4d22508c736ddca7b4797e7ac120225c1a3dcd5838976d40fae9c3ad7c54b97ad15f94eaaeeaa778e682c189cff96e3f8bb9e1b568c34e6f84b8e3a87f3820616c4bee65eb9b19d6a35f7a135ce7fbde56d34495666c835a3a697fe1b792fdb4345548699fabe87df35f8097ec32930a77d658dfd8d25d91c391c44c77d48223401449880f86e083ea0f57ea70ba920f1ca6ae15ac22b2a"}, @NFTA_DATA_VERDICT={0x2c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VERDICT={0x68, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VALUE={0x182, 0x1, "2dd322ee6064f916b16493c6f990ebc835b79bef174251b63b4004f3f4b7a6d38b572872ff71102b2070ea1620cd94d93333aa3e86c9c3cd9238da6cdc381b05c6475a58d375bab7bd367031d19ef355efe3c6e2e821bbc358f33be8b8c7ee2a966355ec14e7866108eb14a968f63bc94c229ad8523e6efc9bb3c5ed21d38ca4dc5fd575e078df0c63ce14a0b0801268c03d46e0c4c22068b5bcbf79990a8d610a428085a9427a358852e91295f13330c1cf8b4a2cc7ebc896fe0c0f7c68547885caf79c0042aa0445b8d186e89b9863f735be771eec9f09167e162ad65933160e9c6105f3fe9b1b64c53573d10af65e13fc0621128636d5e03f1dfc0ab154a360c3474210196217cfa9740b222cf810f997735773b1ad4c8ddd92d2e3a29d585d0484a81ec7f624dc44073bd0be33ed6b73043a752432b407f5f3738cf5dc42756d0b6f891d76d8c6e0e2c81753c68331dfe359efb76e7556d88cfd65b7973ee42a6bba65ee3880823f52f499553223213899236cd2cdf49551427b719d"}]}]}}}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x5a4}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
r3 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x4000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000680)={&(0x7f0000000500)="69c17d", &(0x7f0000000580)=""/112, &(0x7f0000001440), &(0x7f0000000600), 0x5, r5}, 0x38)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
socket$nl_rdma(0x10, 0x3, 0x14) (async)
sendmsg$RDMA_NLDEV_CMD_RES_CM_ID_GET(r2, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x20, 0x140b, 0x1, 0x74bd23, 0x25dfdbfd, "", [@RDMA_NLDEV_ATTR_RES_CM_IDN={0x5, 0x3f, 0x4}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8}]}, 0x20}}, 0x40000) (async)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000002a80)={{0x14}, [@NFT_MSG_DELFLOWTABLE={0xdc, 0x18, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_HOOK={0x48, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_HOOK_DEVS={0x2c, 0x3, 0x0, 0x1, [{0x14, 0x1, 'gre0\x00'}, {0x14, 0x1, 'pim6reg1\x00'}]}]}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x5}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_FLAGS={0x8}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x2}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_FLAGS={0x8, 0x7, 0x1, 0x0, 0x3}]}, @NFT_MSG_DELCHAIN={0x20, 0x5, 0xa, 0x0, 0x0, 0x0, {0x1, 0x0, 0xa}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWOBJ={0x64, 0x12, 0xa, 0x401, 0x0, 0x0, {0x7}, @NFT_OBJECT_TUNNEL=@NFTA_OBJ_DATA={0x50, 0x4, 0x0, 0x1, [@NFTA_TUNNEL_KEY_TTL={0x5, 0x6, 0x80}, @NFTA_TUNNEL_KEY_ID={0x8, 0x1, 0x1, 0x0, 0x10}, @NFTA_TUNNEL_KEY_TTL={0x5, 0x6, 0xe}, @NFTA_TUNNEL_KEY_IP={0x24, 0x2, 0x0, 0x1, [@NFTA_TUNNEL_KEY_IP_SRC={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x6}}, @NFTA_TUNNEL_KEY_IP_SRC={0x8, 0x1, 0x1, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, @NFTA_TUNNEL_KEY_IP_DST={0x8, 0x2, 0x1, 0x0, @local}, @NFTA_TUNNEL_KEY_IP_DST={0x8, 0x2, 0x1, 0x0, @local}]}, @NFTA_TUNNEL_KEY_TTL={0x5, 0x6, 0x5}, @NFTA_TUNNEL_KEY_FLAGS={0x8, 0x4, 0x1, 0x0, 0x4}]}}, @NFT_MSG_DELSETELEM={0x41c, 0xe, 0xa, 0x801, 0x0, 0x0, {0x7, 0x0, 0x2}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x408, 0x3, 0x0, 0x1, [{0x404, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_OBJREF={0x9, 0x9, 'syz2\x00'}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0x7}, @NFTA_SET_ELEM_FLAGS={0x8}, @NFTA_SET_ELEM_EXPRESSIONS={0x3e0, 0xb, 0x0, 0x1, [{0x54, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x44, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x17}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0x6b}, @NFTA_SOCKET_LEVEL={0x8, 0x3, 0xf8}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x3}]}}}, {0x388, 0x1, 0x0, 0x1, @cmp={{0x8}, @val={0x37c, 0x2, 0x0, 0x1, [@NFTA_CMP_SREG={0x8, 0x1, 0x1, 0x0, 0x13}, @NFTA_CMP_DATA={0x84, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x7d, 0x1, "145f8209549a325e96e7f9cf49a66f51cb2c5850d59f75ec5aa12d43ab078da800407cb16964b3447a109cb61f7338222cee311fb7833d044041af543e0490c176d0c7b1da33307718579050a8f1aa347fafabe9e03ba0ecebabac2c01a4519c753d486db34bf24c02e59a6c1f35a5de104eaab8e645948954"}]}, @NFTA_CMP_OP={0x8, 0x2, 0x1, 0x0, 0x5}, @NFTA_CMP_DATA={0x2e4, 0x3, 0x0, 0x1, [@NFTA_DATA_VALUE={0x4}, @NFTA_DATA_VERDICT={0xc, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VALUE={0xb5, 0x1, "3d76dc2e69a03585504853772b2e3e1ca90c6d95cfcc0c2eafb4d22508c736ddca7b4797e7ac120225c1a3dcd5838976d40fae9c3ad7c54b97ad15f94eaaeeaa778e682c189cff96e3f8bb9e1b568c34e6f84b8e3a87f3820616c4bee65eb9b19d6a35f7a135ce7fbde56d34495666c835a3a697fe1b792fdb4345548699fabe87df35f8097ec32930a77d658dfd8d25d91c391c44c77d48223401449880f86e083ea0f57ea70ba920f1ca6ae15ac22b2a"}, @NFTA_DATA_VERDICT={0x2c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}]}, @NFTA_DATA_VERDICT={0x68, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xffffffffffffffff}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffb}, @NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CODE={0x8}, @NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz0\x00'}]}, @NFTA_DATA_VALUE={0x182, 0x1, "2dd322ee6064f916b16493c6f990ebc835b79bef174251b63b4004f3f4b7a6d38b572872ff71102b2070ea1620cd94d93333aa3e86c9c3cd9238da6cdc381b05c6475a58d375bab7bd367031d19ef355efe3c6e2e821bbc358f33be8b8c7ee2a966355ec14e7866108eb14a968f63bc94c229ad8523e6efc9bb3c5ed21d38ca4dc5fd575e078df0c63ce14a0b0801268c03d46e0c4c22068b5bcbf79990a8d610a428085a9427a358852e91295f13330c1cf8b4a2cc7ebc896fe0c0f7c68547885caf79c0042aa0445b8d186e89b9863f735be771eec9f09167e162ad65933160e9c6105f3fe9b1b64c53573d10af65e13fc0621128636d5e03f1dfc0ab154a360c3474210196217cfa9740b222cf810f997735773b1ad4c8ddd92d2e3a29d585d0484a81ec7f624dc44073bd0be33ed6b73043a752432b407f5f3738cf5dc42756d0b6f891d76d8c6e0e2c81753c68331dfe359efb76e7556d88cfd65b7973ee42a6bba65ee3880823f52f499553223213899236cd2cdf49551427b719d"}]}]}}}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x5a4}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000) (async)
dup(r1) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x4000, 0x1000, &(0x7f0000003000/0x1000)=nil}) (async)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) (async)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000680)={&(0x7f0000000500)="69c17d", &(0x7f0000000580)=""/112, &(0x7f0000001440), &(0x7f0000000600), 0x5, r5}, 0x38) (async)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (async)

8.329740059s ago: executing program 0 (id=678):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
sched_setaffinity(0x0, 0xfffffffffffffdc5, &(0x7f00000002c0)=0x800002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
r2 = fsmount(r1, 0x0, 0x0)
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r3, 0x0, 0x10)
dup(0xffffffffffffffff)
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r5=>0xffffffffffffffff})
process_madvise(r2, &(0x7f0000000380)=[{&(0x7f0000000540)="6509ab6f37f7f05bbbd1ee123e0ac51d51662b30a0dcd16a1c972292c2e3bf21f5c3b7e0fa93ba33f3728168f40db4684dfcc9e0b6c2b25feaf51b733522208bf0cdfa407efee4128aa0ad64ccc3694aebb43b360626e2e400e3e7030505f0ea4847a137f72fe9009e281447f435351d4ddc91fcafef5fbda85309a39cbb93e4201ecf4f4c5c0ebc689607b85342b6e5e3d6cf029dd26cd06bc098a813b8b07b737e3ca62dd78c196dc1c77d7e52e81853dbbc80ac3c69e2655a0f6a0f22cbd493042c6bec42c9c9031cc652fe4863eb97ada3a9104adb6e4dbaa9a95a25c280bb02e1553b136e61cc8a004e12f7462d177eefa9dcd8b160d24289e114968fbead104494bd8e3a48d8830ad53e5f62564c8818e117d9e4eae8c7c9e2772569f688bca41a0a15a3201575ae4f06fb62579f0773f0c030000361ed278c539338de8f74d8e09df84abb53241c14972ea59f754d6f7837a66a9a80f1b89a696fe891c2dff6f048566a9c51ede5e4f87fb7ddaefcd431f5b610d866b6fa6f56a7eec046edc83aa6f8812ecae1dc86f0e967d92142959c7e308f4d8d44016baac1042a16c8249238b7ce5a00d22cc00464c2bb8a1b6cbd0344448ffe975fc821c266ac0496f8d8e495e8e75b553cdc0999ae1c8987848f580d6386eeeb6349c3434095096c20d921860bb93583799b943dc28499031a2c5bb9616f5a5b9222c613d7d210b2f1e31e854a5b3a0a2d061b3e64b7754796023b7c1c4d332b9157847e84bfb49a73437d38cfebe455d55e0b222c68c5ae8caddb7df74598d9f15aaa14e9d7dae2cb5ef96cdc937697f6ae2da0f31b33ff303c8d391845bceea31e214ec40aa821bca7702701256c6e04f6a52f8c39f7ed1097cc1ac086347480a8c8b7a0ada066dccfc4b0e9044be81fef7d0a103bbd10cd7ffd59576b24e65512a8107458a61b83139a62431aee3aa9ce2f140cf0de51fe2bb81b9bce3de8d631c6f44e0b032c5363edec45e2b713de53fe56dfb4899692a7c74452903b65f8d9979c7dcf3a58d7d0ec67c9cc1df6a3b78b7929236cd96fbeab8d57777acd2b8d5444b93602d5aa4803e7d3ce3022d81075af2b2badcc339e1f8768b0b649753c28e612f8bba1b282450546206afa7d90a0e8691c6d5744838e58a71da68eff2f84cea3e76ba603c7c04adec3cf99280451f1410056ca8ca837aacdaed500780b44bd5fa12b7793edcac781f0c8c7c4e27d83a51193c002d4805412eaed36517b1b0e2615f69c081aac6f3ad5fce2c486a42a0e40b413569c00c5b34bf273757283b5e99fb096f16a774714aa9040faed404dafeaa51593baba04fdc30ba7d5123d17a5cecfd541478122b7edbb22cdceb07ed1fd07d85d481afec5ac99b18234faec1626a152d038a049731d7217ebe9c3ff759f11d0f555017bb457111f624d7890a43feb916ba7757ae8584aa68e2ff2170044516f92ae8d4876d2658feaf9d3db5b30c1a6a51833076fc305f3257ed6d6039b7f3f310a8fa98c340bcd4341d4e07e73888d3166099a11dca0202a946d46523ceb85d35e8122b9391f62bbef1729c452b347aeaa2e810607b90306944aa974d4e8c27acf6ae714b51b5a1e486002425aac06047f0d4f40f740c2945d9e4876ebc3834ae398a3b4d3afee3d6f9b8d02e9227f724f09dc582ae3e921a31276d01c9fe1d27ea48f8cd099335f1b3b0558580b61bd03e1bb2a69320f9e7a42c9519dbcdf6c0e6141a9eb623bcb9586512b7163e4a722f904021195b9a1ff3f0b28d4366ed1cd91f7b59703c72a94fa37571bba94e38fb84496a392baed916184818391eabc23c31148254020d8542441220470a5d27f9bd22b2de543e2e950b390e5c6544e6c5c8698aa29fecdbd1a54a53ef4560f1d715975a92bae84cfbbfe04ea4cf74cddf461118baaccad7ed9267c551296ced74655f0e95cf872319e4355721fe6e6cd329631bd502f402f7b5ca130769b45bfd5b0087eaf99eabf31ca1eafb1f18a93d7b46ce6853ff2182c4130e192c64b0b2e7767846dd8f28f60dc8d58b4af28aafad68b2e2b5cf566607117fc9433cf9d45258055985d15dd9fe116ec190e363d57f4a5179f838bba8868df4739c4f9197e9c17a6ce26c26fc09492df85b980a8e7ac4ff5840a2b24b428aad96a27d94815a5a246d8feb46be2aa22fd314e4f9d94b608a14a67cc2aa807525059d3323d467aff04470dee89d2f53e2adcceeded7d607ec5df6778ddd567d93137978ceeb6cfa30ac214e790bd90f3b70ee9ac109926b086c98dfcfd60603df07bb89ec257dcb95b3238fc9f95d96bcec4a5445b1fbc27567947f2450dfa731718c5fe1ad5a15936b176ad16067ef8216fa7a5d56861e4134cf3dabfa0af3ea63de357932de9910d06b0d35f5f7e7e1b676525cd2de7b087e628c80ab9242f41a06259562b00dd453231f13f0fd54600bf0e0239855ada9cafb6a676dfe23bc2f21d8e438d98ebe5da34e02902ff53a3cb84a891bd3270c7940c965dfdc27eb55ff8088a8440d733dea5ad3e9b85454aba3ca67dd8a2763c793719f0703a022e5eef523059be203ab1e8e20ef4f9a40f2fc5e1937ff066614013a374dafd67a10e84f0e7f18071137e8167b8e8fe3b109f08641ee66b67a7d2eca9e1c815abae4cf17965552fca4240b61e5e82e1e3cfdb37db62d4a001f97b0a8c20e0b8dedb739725df2d4bea0c9a5c3042f89ddf396b67325ba16e4b83357e34c76aacbced787fc5172fde0b10c2d1c396bda4998a9d8ac04bf53f753bd9b42eac86dbd490b1363c6b221ed10d7f595a664d0f964f2786308cec5dbe2e7472616c9cb105bc9b05cdd8e98dd98a359a76d741fd91edb37cb165f7fa7e7025cc4d0d6b32e1e669168fd60925b7dda0879bf63a8a1b326487a20260106f028fd30c0eafb381d97d89daeca359f70e998f14b8d286261c3c952caa24ffd6c0be3da26b77d441ded329df5f3097963588028263096ddced5a8f2cd8944175f61eaaa51be193d7a53878517ac489b13fa587578b8bea12ddfc9b8f0d1b5ed114aa0de1c765d4323ca20d7522ddd3a549076a935e161ee2bba96184a23fac11ca74123a06aad2ce17d0f756e82b44790d981c0ff2575d63cad6248f5e3edf64d49dbfce23f6fb9415423c4c1827ae9aa774d653c486f1a99835f6915c2849744a54719e6761c126af1426a1052d46946fa5218867ea94d2746341da363acea1267d105916867fa3cfd10a10df4f88078521f92bac8be94e494b8fe3bcbdbaac9d066891551b69cbbb94bedece033e55a13480131be3f6b340e780c35f477ef5a6c54006f49a0e49193acad8ba4210e5b0f49f66a56acb770d627bbb9c92a05e2a411e5f7f2688223ce56319b1196b74549bcbe841a126dd91e2def62a1c3ac52b76bf78c7c68e1971cc4ecce9cc3b9983fd8c1cd5c009e4620284a1f4124335e55cabdf6e5c7ec0f03f9a487623b1c08f4bdbcb2304e6e26e1f35163d5492ec4bfa41fed708030cb0bc5089e58e0822a58bbb1d5105d9ca704c1e9e21b828a716b200f6347c65cc1d2f5ad5bea812560ea784b4970441fa91174681427379c9c9eddae9f313a7814af329590a1546de63f740a617ba2009415a9155051ec4c4e1394fa6b287607a007f88fa06da8ec72bf660cedf64b2b8f342c44aca2bc16dca1495ecb0cde9b24f46b558adec20082b403b1747f12cfbfc96eb30cfb4c0810b7c41acd2d74cb1e123f151c4c1497dfeb1dd15990a42bb86c488667ac1886e0428a7d998f422005b1bbcca998314495fbb8b784b4eedaa5606f9f8f1e9a2fb57c0a0f794aa02e7b78ce1e4d18ca978bee8df0fe9db396b1b7f6b72dcb799a7de39f1f7acb7dc8c1ae671afdac606d191d351cc89c21be1084b4c5da444601dccb36c83832637166d7dc2407bf55d71af81465f0d535f20767eb4fd156bb9dccb21e18b5e69d258cb896d2fac86ec8761e6fccc41517772586f838897e97a1a7b23c6649d124f354c7da7a97db3b86c38b78d142da331f8b0f610e422504fd91b9c95c730a08a62cd19e3ca7710c03013eb9dfcd7449f5e169121ec927b8d47853c9a519ec695fccd07a6ca8058bc46a204a8ee38bb2695fd7007ae0f7e6de7836643323103d6fd5044a25669b8162aa2843bc3bd8ea763e7dbdf1c111879ba0f9fc17f13599706e421dfb33a01ce52eff62745625f210f4a32477e7771ead4b9dd475f3571fe75517e981d8b482bed43a9223298d3956d6ef8dd9bcc158c3148514c199217db8cae5718362ae0dde41b58d042438d0a9a19f21eb753bf2b43ce5a60b4bc8b134f5f11c62a21c62b4827a7ec058f444c4078019faa833f733881a2e4d4d5455d272fa8f86917a00c1fa53741176a77ddbf826a1cc862a55bcf1f39aec29192704e280bcbcf8d35a75d81a0502dcb719b1c79139b253ef0da891eedd591107fc6ea5240ea2b01d85af13ec6e3b10cbed0d6565e5dace9451d9e80f2aa5a7698362615856b0e899e4699dee4352297e3bcca3f158f6c822a26e03f3871eb90a641f7a99d348c083220a4fb4bb708714055939ccf52af68fb82d9cf31a3fa1dae1002333b840c3fc1efe98597f3e16a772c853ad9e512de14b63015eb83ba26bbd3f0892bc3771fe05febedd3c997687fc23293a84f091fccdb34a5bb4f64ec4675c126fbd6ef43fc37e92bad694990f5f72fcecb83a3e2ba6d0982189e99bc6bd06627e9b17a708910050cd36e6d97f02666727c069dad77bed8d312bac43da28e4b3d44ab97bdc0170b506599bb15f0b2e7cddd09e03a4611727f632caf969ec966a5e64248ab2b783b701bba17e287f21f59d6c882147bf3d514052b80c45cf31c54fe08da60a1b155550d06d7fea891e61d256a8d5ed878623674ab65c2214589e422df067d425b39ccdc35493030055888ca8ac6089679a6e0959d55cf063d229b439ad207244224de771fdbb544440e733be9938bada87350c9c924e440757ccadc304ecbf53f59b451af4048ce1ebbcb6947d58f989b6e8aae53dcf1ff85a653725b8a0bee1fcb2bcd01b1c30e56bff46d794e612ed0f1c6730d9fbb8f6b48ae67e80feb0ea7b1b3a44b376d51d93f5f05847d8ffdbb585659ed0185737dd5bd8bb3307d8a5cd930a354fe52473ca73d5bfbfe56e804e666b01a5547293f12f894072aa7668f39196c68bcf4e3df41684591c6871f63f9de54ef8f5c40ae21c8523fdf23209b990d561d95f7a21b758770c66b80bc71d08f04d0976a6ef6b9f1e9f5f7c30536f90386a177d75e3ebf9d7f471ef757cc7a27a26d45c9f71b579873f58c9f6287b86dc447a9139fdd9381f8ef831725c2c21788d29674ec6a5993de497232d246875786eb6008a00bb4915949b279f2d67e91263c40e78ac5c859fff54f07b03d97b941b7c41d46932276a521c4858ec8eefccec71f60d4108afa787ab90f50175688ba557717e714a522937ac724a23ebd9c365e71f24141636a237ca45eeee8a82c1ff0558048a5117d0c95d3fd59bf019580084045c70962a3144b3efb8ed23093d0faaa4a3e590ede7c37eae4156f1152b8052428c449062b19bf024f982470cd4dc2877f83a6219ecff0ed57e1f96fabc81a5a3785ed59ba3207842c97c7c13628c0e5871d55c497fbca303ed578b55c2f363816a0c5e4a5e0c8f3496f923c95e1b950ccbb17742d61f50a0893389cbe98440b0507bc319289d25025c97a18d01d60d03e05d3887ffe6ba84baa347cfb03ebae824e2aefd7", 0x1000}, {&(0x7f0000001540)="f5d52ba25bc6706d70ece34e93e3c6fde681561e2d579786ca5a692e66107729e8c7b3a6661ca97d63a4e283c5e40c0666b7c3682052de3ab88c64de8252e246bc63fbf20e4c76a73f11fc0dccb2f80b3cfa5d73577ffce15406eef883d997a0c11c24eace9732cb4e9b87fdd01d62ad6ccc8099a4a06fb53ab5870776c78b23f88cc622b69df073750204a90caf974fff0bf07ac9ba4e48fafd5863ac51006e78b3ba2a1200c76da2732d2bb4b5315e6d307d2e72507d070fc72f4e589f257196cd0e9121c5", 0xc6}, {&(0x7f0000000000)="f5e22d2936a65012ac697191857115917adddfc76d40192ba32d45", 0x1b}, {&(0x7f0000000180)="3cad217d43a158f5520c969a091ca0b5cb3f35bfc57174f62fad81a337039d7ac30dc00dc86f1e8f571ec14f5345", 0x2e}, {&(0x7f0000000200)="658b437bc18970665f6d3ac4e27400aa26a7eeea2655948f4eab8aca2f38b21e69cefe76610f573ed8ad3f1bee0cb3e7dbc341f638cb055b38", 0x39}], 0x5, 0xc, 0x0)
sendmmsg$unix(r5, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@cred={{0x1c}}], 0x20}}], 0x2, 0x0)

7.323798446s ago: executing program 1 (id=680):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, 0x0, 0x0)
bind$inet6(r1, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
pread64(r0, &(0x7f0000000100)=""/89, 0x59, 0x9d)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
syz_open_dev$ptys(0xc, 0x3, 0x1)
r3 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r3, &(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10)
r4 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r4, &(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x4}}, 0x10)
bind$tipc(r5, &(0x7f0000000100)=@name={0x1e, 0x2, 0x0, {{0x42, 0x3}}}, 0x10)
bind$tipc(r5, &(0x7f0000000540)=@name={0x1e, 0x2, 0x0, {{0x42, 0x2}}}, 0x10)
r6 = socket$tipc(0x1e, 0x2, 0x0)
r7 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r7, &(0x7f0000000500)=@name={0x1e, 0x2, 0x3, {{0x42, 0x1}, 0x1}}, 0x10)
sendmsg$tipc(r6, &(0x7f0000000340)={&(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x2}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x20044094}, 0x0)

7.307681487s ago: executing program 2 (id=681):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = syz_open_dev$swradio(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r1, 0xc0405665, &(0x7f00000011c0)={0x0, 0x2, 0x0, 0x400, 0x4, 0x7, 0x4})
r2 = socket$inet(0x2, 0x80001, 0x84)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r5=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000140)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000f000000050030000000000005002f000000000008000300", @ANYRES32=r5], 0x2c}}, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f0000000040)=0x8)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000002380)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000f0ffffff7a0a00fe1100000079a4f0ff00000000b706000000000081ad64020000000000450404000100ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd844a954b26c933f7ffffffffe4fbffffff55bb2007ee51050512b5b4090a79507df79f298129da487130d5f24b46001e04aeacea799a22a2fa798b5adc43eb27d53319d0ad379e5752548300000000dbc2777df150b7cdd77b85b941092314fd085f028f2ed1a4b9535550614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024a0041b1df65b3e1b9bf115646d14ce53d13d0ccacda1efc5f9094fa737c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c7a53ac271d6d7f4fdc4b4861004eefbc17f54f82a804d4a69bf9bc5fa77ee293fbd165a5a68488a010030166565a097b103b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f940b6f0e8c7db4bf23242a18159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97ad791fa99dac06b57479321a0574fb30ff0000001989328c8ddc20ea011bf5742e0e0d4334db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c2d7962b0d22772c25a61ec45c3af97a8f17da954aff3fc8c108755f75ca13fb7c8bbd8b6e7dac2bba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f407000000000000006d294d366501753a7ac7fedb8d34f5bc381604fcd46105c457e7dd13cab669ab377e4c2422a47e9ffe2d4a2d32f7528751313694bf57704400b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b059b90b8aa49afb9a79ae5498f6589880ed6eea7b9c670100be05e7de0940313c5870786554df26236ebced9390cb6940b8375d936a7d2120eca291963eb2d537d8ee4de5c183c160119451c31539b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2bacf13464ca03aff14a9aa4bd9539f5096412b92012e095b84c20243ff98df3347f0e399d1b9f27e3c33269c0e153b28b2d4410572bc45b9d30902208d300e4d455c36300000000022320178b00cc6ed7966130b547dbf8b497af002000000cd1d0000002000000001c8000000000000003a48cea769470424d28804c024ab7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf9ef40662d7836d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0282a12043408cd60b687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c031578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c252b28a60ca770663da451790cc36000906d5a9fad98c308e39bd5ffb6155e3633be3f00000015762e5f5a3a0bc33fdbe28a5ffc83f2f085185cc92fe7f791e8f6429309d6adab4b7e508e5bf024ed8f8a005f2bcdb7c89739f5d81e750d50517a59a3ad09e8802e8f4f000000000facd5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f296115d4a31838eeb20c20bb82aa31771cd379ec83554cea5b473332f2011e6539db7384e1f58d81f2f2653c4d9818708e27c89b552d3fcd116bce9c764c714c9402c21d181aae59efb28d4f91652f6750b6ec962802c0320f8059195729d60c534ee8e8ff0755367fe4c25edb85bcff24c757aa8090000000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f862f8c3c14fa9ecd1e877b0d8ca84c044859e85e6158f9184bc05000000000000006c25b96174327d82761c26e329555f9290af4100000000000000749e1338636555009edf66be445d6975d534b8d63e4ca3b671f2de1cdf519192c6b59a601fd419adc16e2055b85058f793484305d7a1759782e4c571ee855a47bc00edf5e9020c09ab0043ebf7c79a953e023f74afad591821610b857e8717764b633b21cb32f0e03280e09758bd445ab91d20baca005452b79d7b574a247f1d2fe45b3c4e93da3d51de647c10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9120be61e58c79d497247d278888901d442ad7f8536605a644e9e3d769db497c1960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f31019876026888c8ccb85c86b4f8ffffff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8fa8a14dc4810f61ae96c18cc7130000000000002100000000000000000000000027c9a4619a9375de5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee214e49666c464d35ca9b5143ed3b3dc8c17a23692759ccf5a205311b7ab22532697b861dfb54609fd88e6043bd5c17d5486b0c8a6c769f952283a1f4e3842edb3d42c68a27ef6a1296dff7aa46e820a74f9530bdcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fdca4e9eda0072f6df342f3e7071e28ef6806b90cc39c49b91c76b0d3958f7f05b47d3e519f1634e8fbd8d3133319e069f9648a2ff93060ff073b3a113e47e447c030931651dd315003b7a6a47c912853826c4c65433a2bb560ae99ec4b227eda2e63a1cb1a2c2bd48a822cbe92b6524e0cd8020ecaa34e19e7194d1eb3de6a5f99f301f89c2ee627e949cdd22000026a9960503a26e9a714ee5f72d8805dd1bfbd081f6a5d1f1289dfe14cb9194e26a44fac273461fc5c0e0a33db7f2d43ea8086cf059f40fa2640000cd9e5f2e236ef5f1e3a94b108eb9750b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a2050000c375c705c798e0e208e4a5259d0bda526b462af45a6e9a84aebe025c8a7f65819f397574db7ab01bd2b3e3cd28c5aec90f8edfe39a00bafd688a7eea04efdeed96f67012bc3f795edb68b5dec80ad31a858eb756c815e7695d00000000000000000000000000000000000000000000000000007ccf0ce549d97510f7f8765408bb702f0000006d4754c68b7064cf31a681421994e1f307f0ab4ff2e33d3c88fea5d218a276b77adfee7c8fb145783ee1f8adbd2c2604eab3a62a28611da1dae5ce60003111ce5c96a1d6e45ee144ffa3dcca32a33f8f0ce2995b7b7aa0bce228cbf37412cbbdebae06edb51a134301d2627d4927287daf9dcae6720334862d3a18094f1edd9e350337cbb804004d1755cfe7d7fa01872fb99815dcfbbc8141f6e1bbb0901ae91357677fd9d2bb00d4f17fb441c2dfa2b424bf46ae299d68ac27792cdac2b63a6038ab5546ba1e5ad6a329f2c627100e0442f865fc6c179ad3edcb6b000000000000000b0000000000000000ac192d48d76e2a8cae83ae850f73fdfbaca81b6b7b1a0d7b517f41fbd46aa24b0f4b8e0202e3a580947f1925ba4de097e8dcb6bd7f686322b45d4a544ca1e83b592d4a6d46d0a0dc39634550bc77d4cabba01b283082e66778de7c61a1a36838d36c2f8e58cef603770ee3d6a9625be0bc21d2be2da69ac9e9c5e88278d39239501b465102ad16d651ea8bb8cee35527c1ad42ac6a565e449929ccb4469bdd6824b64e13579b7188566e735200000000000000000094e05bcda1e96e4c33ccf6d74046e45bafe9d512c43a3e485dedad9a38b34f7fcd00fafcc25dc36716f0e21e0632425b7a1c1a6bc15c3fc07d914c88103411d8d2b77b72a796fd3aaa7ea493c7bc43e63b2b0d05ad5682121682096b224933fa20255d58a680cc2ec200"/3002], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=@newspdinfo={0x1c, 0x24, 0x1, 0x70bd26, 0x25dfdbfc, 0x6, [@XFRMA_SPD_IPV4_HTHRESH={0x6}]}, 0x1c}, 0x1, 0x0, 0x0, 0x801}, 0x20000004)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000540)={r7, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000800)="d2ffdd934517f3e145fa02e086dd", 0x0, 0x1, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x4c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000002c0)={r6, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x304, 0x0, 0x2}, 0x9c)
sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)={0x20, 0x140a, 0x100, 0x70bd2b, 0x25dfdbfc, "", [@RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x2}, @RDMA_NLDEV_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0x20}, 0x1, 0x0, 0x0, 0x90}, 0x4000)

7.116844477s ago: executing program 3 (id=683):
socket$tipc(0x1e, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="61123000000000006113100000000000bf2000000000000016000200071b48013d030100000000009500000000000000bc26000000000000bf67000000000000070200000fff07006702000003000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

6.855940314s ago: executing program 4 (id=684):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000009c0)=ANY=[@ANYBLOB="440000001800010000000000000000000a000000000000000000000018001600140001000500000000000000000010000000000008000400", @ANYRES32=r1, @ANYBLOB="0600150007"], 0x44}}, 0x0)

6.842239263s ago: executing program 2 (id=685):
write(0xffffffffffffffff, &(0x7f0000000100), 0x0)
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f00000013c0)={0x3, 0x2, 0x2, {0x5, @vbi={0xb5, 0x0, 0x3, 0x20363159, [0x0, 0x8000000], [0x8200, 0x1]}}})

6.713086161s ago: executing program 4 (id=686):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)={0x1c, 0x41, 0xb, 0x70bd27, 0x4000, {0x3}, [@typed={0x8, 0x2, 0x0, 0x0, @pid}]}, 0x1c}}, 0x4040080)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x48e80, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000ef0000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000040)='contention_end\x00', r2, 0x0, 0x3}, 0x18)
r3 = socket(0x10, 0x3, 0x0)
ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000080)={'team0\x00', 0x101})
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000001940)={0x4, 0x0, [{0x2000, 0x1c, &(0x7f0000000180)=""/28}, {0x2, 0x6f, &(0x7f0000000300)=""/111}, {0x8000000, 0xe7, &(0x7f0000000580)=""/231}, {0x1, 0xc7, &(0x7f0000001680)=""/199}]})
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000680))
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x200)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r5, 0x4008af60, &(0x7f0000000380)={@hyper})
ioctl$KVM_SET_MP_STATE(r6, 0x4004ae99, &(0x7f0000000000)=0x3)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r8}, 0x10)
r9 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$SO_TIMESTAMPING(r9, 0x1, 0x25, &(0x7f0000000080)=0x2308, 0x4)
sendmmsg$inet6(r9, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x1, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0)
recvfrom(r9, 0x0, 0x0, 0x40002160, 0x0, 0x0)
ioctl$KVM_CAP_HALT_POLL(r4, 0x4068aea3, &(0x7f0000000040)={0xb6, 0x0, 0x2})
r10 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), r0)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(r0, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80180559}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x8c, r10, 0x100, 0x70bd2a, 0x25dfdbff, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0xffff}, {0xc, 0x90, 0x324b}}, {@pci={{0x8}, {0x11}}, {0x8, 0x8e, 0x3}, {0xc, 0x8f, 0x7}, {0xc, 0x90, 0x7}}]}, 0x8c}}, 0x10)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r4, 0x8208ae63, &(0x7f00000003c0)={0x2, 0x0, @ioapic={0x0, 0x2, 0x3, 0xeffffdff, 0x0, [{0x0, 0x80}, {0x19, 0x5, 0x0, '\x00', 0x10}, {0xfc, 0x4}, {0xfe, 0x0, 0x7f, '\x00', 0x2}, {0x8, 0x0, 0x5, '\x00', 0x9}, {}, {0x0, 0x85, 0xbe}, {0x0, 0x6}, {0x0, 0x0, 0x0, '\x00', 0x7f}, {0x8, 0x6, 0xfe, '\x00', 0x42}, {0x0, 0x2}, {0x0, 0x50}, {0x4, 0x0, 0x4, '\x00', 0x3}, {0x1, 0x4e}, {0x2, 0x2, 0x4, '\x00', 0xfe}, {}, {0x1, 0x0, 0x4, '\x00', 0x4}, {0x0, 0x0, 0x0, '\x00', 0xfd}, {0x1, 0x4, 0x7, '\x00', 0x3}, {0x80, 0x0, 0x0, '\x00', 0x40}, {0x0, 0x4}, {0x0, 0x0, 0x0, '\x00', 0x70}, {0x1, 0x0, 0x0, '\x00', 0xe}, {0x10, 0x83, 0xe}]}})

6.620792269s ago: executing program 2 (id=687):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000001140), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, 0x0}], 0x1, 0x38, &(0x7f0000000180)=[@cr4={0x1, 0x40002}], 0x1)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@textreal={0x8, &(0x7f0000000200)="0f0d51f40f01d10fc75800f30fc73600102e0f71e100b800008ec0640f017400aa26b9e408000066b81f6269e766ba000000000f30653e0f01c50c0cb8d09bbc8966efbafc0cedba4300ba210066ed3626f00fc70d", 0x55}], 0x1, 0x0, 0x0, 0x0) (async)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="60000000020601160000000000000000000000001c0007800500140007000400080012400005000008000840000000000900020073797a30"], 0x60}}, 0x0) (async)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1e, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f00000001c0)='syzkaller\x00', 0x9997, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r3}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='tlb_flush\x00', r3, 0x0, 0x10000000000000}, 0x18) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19) (async, rerun: 32)
ioctl$sock_inet_SIOCDARP(0xffffffffffffffff, 0xc0189436, 0x0) (rerun: 32)
r4 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) (async)
r5 = fsopen(&(0x7f00000003c0)='exofs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x8)
fchdir(r6)
lseek(0xffffffffffffffff, 0xafa, 0x3)
socket(0x2a, 0x2, 0x0) (async)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="010000000400000004009300020000220062794226240ed534b876c832080000", @ANYRES64, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000003a995f6e7ded9f51fb2bd8a7710c29635b85fdc4fe3dfa5b28714dfad105aa2acf703ada22f47afab92f136b8d9147f21ece08e6eecae5c2215ade6282d7f97daa4d5877e135bda38336a420a1e78a46e5d18d5c980c7d225ae6e1dc240b70acb6002c854643e98c4e9c35ad6a1cc9b0935a1b13db32eb8aa92b1a3fad4163b6102ec25d79a1aa29e0c3d7f0c60a04acd4e78d76b75d15a10e6edd40991bae09b5242f9fa80bb7042c142eae31cd3b7044021523e6892efdbbee29737ee3"], 0x50) (async)
bpf$MAP_GET_NEXT_KEY(0x2, 0x0, 0x0) (async)
read$rfkill(r4, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000440)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r7, 0x0) (async)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x2000008, 0x4000010, r7, 0x220e7000) (async, rerun: 64)
write$UHID_DESTROY(0xffffffffffffffff, 0x0, 0x0) (rerun: 64)
r8 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$IPT_SO_GET_REVISION_MATCH(r8, 0x0, 0x42, &(0x7f0000000080)={'ipvs\x00'}, &(0x7f0000000100)=0x1e)

6.24839228s ago: executing program 4 (id=688):
r0 = fsopen(&(0x7f0000000100)='configfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0x80045505, &(0x7f0000000040)=@usbdevfs_connect)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r4 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$setperm(0x5, r4, 0xe200129) (fail_nth: 1)
keyctl$search(0xa, r4, &(0x7f0000000400)='keyring\x00', &(0x7f0000000440)={'syz', 0x2}, r4)
fchdir(0xffffffffffffffff)
r5 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
lseek(r5, 0x7ff, 0x1)

6.01971272s ago: executing program 1 (id=689):
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000006000000ff0f000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="a800000000010904000500000000000002000000240001801400018008000100e000000108000200ac1e01010c00028005000100000009002400028014000180080001000000010908000200ac1e00010c000280050001000000000044000f800800014000000006080003400000002b080003400000000808"], 0xa8}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'ip6gretap0\x00', <r7=>0x0})
sendto$packet(r1, &(0x7f0000000180)="0b036c00e0ff64000200475400f6a13bb10000000800894f4820", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x0, r7}, 0x14)
socket$nl_netfilter(0x10, 0x3, 0xc)

6.018785036s ago: executing program 3 (id=690):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f00000009c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='signal_generate\x00', r1}, 0x10)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(0xffffffffffffffff, 0x80045530, &(0x7f0000000040)=""/124)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
bind$llc(0xffffffffffffffff, 0x0, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
mount(&(0x7f0000000040)=@nullb, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080)='adfs\x00', 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000940)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305\x00'}, 0x58)
r4 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendmmsg$alg(r4, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000300)="f78d9ca38fff48f3be52163448412ba8c5b0da33c8d89a76cd99f87301774deb7fdbcdc533de4c729a83", 0x2a}, {&(0x7f0000000140)="c21504239e", 0x5}], 0x2, 0x0, 0x0, 0x44000}], 0x1, 0x4000000)
bind$alg(0xffffffffffffffff, &(0x7f0000000300)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha512\x00'}, 0x58)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800"/15, @ANYRES32=r5, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x6, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000200)={<r6=>0x0, @empty, @remote}, &(0x7f00000002c0)=0xc)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x12, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000001000002000000008d08000071122b000000000095"], &(0x7f0000000280)='GPL\x00', 0x6, 0x0, 0x0, 0x41000, 0x4a, '\x00', r6, @fallback=0x26, 0xffffffffffffffff, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94)

5.58468913s ago: executing program 4 (id=691):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x5, @local, 0x8, 0x2}, 0x20)
r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x400000001fc, 0x301)
openat(0xffffffffffffff9c, 0x0, 0x281c2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010009000000000000000000000000b72800000000a999850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
ioctl$USBDEVFS_SUBMITURB(r1, 0x8038550a, &(0x7f0000000280)=@urb_type_control={0x2, {}, 0x4, 0x40, &(0x7f0000000000)={0x4b5a9da54893e123, 0x14, 0x8, 0x2}, 0x8, 0x7, 0x200, 0x0, 0x0, 0x20000, 0x0})
r3 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x5ac, 0x244, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0xa, 0x0, 0x5, [{{0x9, 0x4, 0x0, 0x8, 0x1, 0x3, 0x1, 0x1, 0x5, {0x9, 0x21, 0x0, 0x3, 0x1, {0x22, 0xf1c}}, {{{0x9, 0x5, 0x81, 0x3, 0x8, 0x3, 0x0, 0x3}}, [{{0x9, 0x5, 0x2, 0x3, 0x200, 0x80, 0x0, 0x1}}]}}}]}}]}}, &(0x7f0000000580)={0xa, &(0x7f0000000240)={0xa, 0x6, 0x300, 0x5, 0x3, 0xca, 0xff, 0xef}, 0x91, &(0x7f0000000380)={0x5, 0xf, 0x91, 0x4, [@ptm_cap={0x3}, @generic={0x63, 0x10, 0x7, "82f78591b0a0b9dc7c5ea403f832c1b0209dafa143a7871758eef6572c216376a3aae836803cee6f0dc0b4c67582fe7e3fdda5c2649feff825c2cf3e66e7d740792f7ceb2c8b7b7e368cbcd0ddaffb898c90e4f753412074dbf7c86fdda56315"}, @ssp_cap={0x1c, 0x10, 0xa, 0x2, 0x4, 0x3ff, 0xf, 0xfffa, [0xff0000, 0x3f00, 0xc00f, 0xff006f]}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0xc, 0x1, 0xd, 0x9bb2}]}, 0x3, [{0x2b, &(0x7f00000002c0)=@string={0x2b, 0x3, "791151663405757fb0bc25bab227180461d3cd0486a5630b812fc1e03affbcccc5d453a2d42be15942"}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x42d}}, {0x0, 0x0}]})
syz_usb_control_io$hid(r3, &(0x7f0000000840)={0x24, &(0x7f0000000600)={0x40, 0x1, 0xfd, {0xfd, 0x30, "cc9fca19d93fb322b24de89a9fb3eb9eb6de83ddb18b0c27fe37a0a93b88cd41f074f110cc4efe4125672cc3007cfce53fcc651ee60cc9f7203587873a6b9375139d92acb9ecb336d739da2e67c6014c72b316bef1eeb5411ade599dd56aeedf0761cc4f085bbe4972a6a9f3989145296187edfa38ff60ac764d0e86082ab08a34e7959f0d830e33b12ec0d196966db5aff340fe5c8696cbac53727dba956e94b558a406c7c41bd7df4b5715fbe8f3a3cbb31a573bf2914863647a44a270d9c144d9698bc92963d018fb5cc9acce1e22dc8b5fc7e3a40a3d593bb13991a4b28f506ade176d7f8e4c7df5c83b00822a27fc11da9246bd147a6be0c6"}}, &(0x7f0000000740)={0x0, 0x3, 0x6b, @string={0x6b, 0x3, "52e6412f32fb3ac8176ffa17a54d85e3f80147df12c3736386bf5249aa5d3e0577ea2b7d137b24d13fb4fcc96dc7c9ed1c327ed6dc9f6cf27f5f7fe48095b20373a9d758685c7ae80114cfc108774bbad8f1c522ae8aa4f6f8254b9dd27b04e816471b4a0e42726e82"}}, &(0x7f00000007c0)={0x0, 0x22, 0x14, {[@global=@item_4={0x3, 0x1, 0xa, "e12ae251"}, @local=@item_4={0x3, 0x2, 0x4, "87c7668d"}, @local=@item_4={0x3, 0x2, 0x1, "b7cf10c2"}, @global=@item_012={0x1, 0x1, 0x8, "8a"}, @main=@item_012={0x2, 0x0, 0xc, "a01f"}]}}, &(0x7f0000000800)={0x0, 0x21, 0x9, {0x9, 0x21, 0xfff, 0xfd, 0x1, {0x22, 0x686}}}}, &(0x7f0000000ac0)={0x2c, &(0x7f0000000880)={0x20, 0x14, 0xd9, "d0d314b7fed4799ff26d4442b1c65a55a17a8432839a088f645ba808b8ecebbdc0ded183d9e7f2235c17b874b55a334e2814ba2472d3702f46cac03c3f98cd37d33ca7402c0503828bc866f2eb57b5ecf02f745cea72510c895c0cc90fd4a4ad62438b171dfd00133159436e062262d2a905d001d3c6817640c6f2f0bb0e33f9936ad92899740dc81f440eb11faf223a30db66fcaf57661859a20a9e6261ad5744e0bfea51bd1abbc79a25ccd61a6971a522349e08c703ba2123433d1ae06b08b9edff360ed45658f593a6ae7357faf29fed65fb834056cb6d"}, &(0x7f0000000980)={0x0, 0xa, 0x1, 0x1}, &(0x7f00000009c0)={0x0, 0x8, 0x1, 0x5}, &(0x7f0000000a00)={0x20, 0x1, 0x57, "bce6f333e6c5bee2396f04e7908d45b3a7b199a9e763fec8f8c870ea001bfc4bb3cfbb10037c68f29b83df591ce2ae5fad86880c51c6bff90b84614b1ac8f14fb782a459058f4eb79811335b8b19477ba87c001e8039d1"}, &(0x7f0000000a80)={0x20, 0x3, 0x1, 0xf}})
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x29, &(0x7f0000001500)=[{&(0x7f0000001580)="d80000001a0081044e81f782db4cb9040a1d08007b490d4f1e81f8d815000100ff03142603600e12080005007a010401a80016002000034004000000035c0461c9d67f6f940071342e875fab7cb6cec6cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b141993c034e653fe8efe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9ee5350db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e", 0xd8}], 0x1}, 0x0)
connect$inet6(r0, &(0x7f0000000280)={0xa, 0xfffd, 0x10001, @local, 0x6}, 0x1c)

4.325320289s ago: executing program 1 (id=692):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xe, 0x4008032, 0xffffffffffffffff, 0x2000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r0 = socket$kcm(0x21, 0x2, 0x2)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$getregset(0x4205, r1, 0x2, 0x0)
ptrace$setregs(0x15, r1, 0x3fd, &(0x7f00000000c0))
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000003c0)={0x0, &(0x7f0000000180)})
ioperm(0x0, 0x9, 0x5)
set_mempolicy(0x4000, &(0x7f00000003c0)=0x8000000000000001, 0xdc)
sendmsg$kcm(r0, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x8c, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffdef}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0xff4c)

4.31602461s ago: executing program 3 (id=693):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e20, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x20020084, &(0x7f00000018c0)={0x2, 0x4e20}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f0000000400000004000000120000000000", @ANYRES32], 0x50)
sendto$inet(r0, &(0x7f0000000580)="e1", 0xfffffffffffffef1, 0x40000, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=ANY=[@ANYBLOB="0a00000009000000080000000200000000000000", @ANYRES32, @ANYBLOB="00000000000000000000000000000000a8ab0000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0xe, 0x6, &(0x7f0000000180)=@framed={{0x18, 0x2}, [@map_fd={0x18, 0x3, 0x1, 0x0, r2}, @call={0x85, 0x0, 0x0, 0x26}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000280)=ANY=[@ANYRES32=r1, @ANYRES32=r3, @ANYBLOB="0500"], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f0000000340), &(0x7f0000000040)=@tcp=r0}, 0x20)
recvmsg(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000800)=""/140, 0x8c}], 0x1}, 0x10000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
socket$inet_mptcp(0x2, 0x1, 0x106)
fstat(0xffffffffffffffff, &(0x7f0000006b40))
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, 0x0)
fstat(0xffffffffffffffff, &(0x7f000000a3c0))
getresgid(&(0x7f000000a440), 0x0, &(0x7f000000a4c0))
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, 0x0)
newfstatat(0xffffffffffffff9c, 0x0, &(0x7f000000a580), 0x1000)
openat$adsp1(0xffffffffffffff9c, &(0x7f000000a640), 0x800, 0x0)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, 0x0)
getegid()

3.796704069s ago: executing program 2 (id=694):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x50)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r2 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x1)
fchdir(r3)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90)
getdents64(r4, 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_CONTROL(r5, 0xc0185500, &(0x7f00000000c0)={0x0, 0xb, 0xe0, 0x0, 0x0, 0x2, 0x0})

3.460660204s ago: executing program 2 (id=695):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(r0, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newlink={0x44, 0x10, 0x403, 0x70bd25, 0x0, {0x0, 0x0, 0x0, 0x0, 0x500}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x44}, 0x1, 0x0, 0x0, 0x20000804}, 0x8000)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x3)
syz_open_dev$usbfs(0x0, 0x3, 0x40000)
socket$packet(0x11, 0x3, 0x300)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000002700)=""/102392, 0x18ff8)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000c00)=ANY=[@ANYBLOB="b7020000c3000000bf230000000000002703000000fefeff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400011000000404000001007d60b7030000000000006a0a00fe800000008500000026000000b7000000000000009500001000000000acaa8e53a53cb864c300094c07000000000000d94cf0987b00a749a8e53b5c9491cd1f2b94a64f1de23d03a8f0362ebfc44c77511e60070e25510070f7778d3e77ad85319f0113abbac795f8c24abca246150226eb93fe39233add8f68f87699162334343befce832cb8075c5f0ae30cde221371ff00000067e4b75da95370ae6fd2b99ac18f98403494d4a94e95fb8dcd813487b2bdb006c6465c15f04485a9f8c8e49d00000097184c8e9d34b1e382b25e9614634e8e09194f7b83138f5275d9ab463797a2f6dcb45d5f278cd4fb74559575da3560c01cdf1eaa3fc7a3fb4f1689dfd5b626174770e4dfd1c82a694efc62f9ef9c8c0ea1efa5b949ce22827f6fd1dfc69d03482d8ec264e3d96ad19a0c99a234b4b71b0bc22573f8594b91781cd8ff7f000000000000299ebf94588e60abe9a565c5bbdc0358226f8580dc1a83c6a44408de23475a74ef0deda8da4089269ccb4e728dee6320444576c87cc576291e5367a5f1a5d5a12f8313ffff0b7f73335279aa2b68c9f045831119881764c71bb65b5138c50e06024e80fd9656bc077e4e259695748989335ba9eeef288de73815f20fefd4acfb6813ffff00000b971aec1a3e618a08a94ecbd401c8109c87ee3f5c0501857538d2a766bfcf4128fbe726903aca577aa8943af747760718dee5a21396dce6f61c6f3c7e000000cb0868b48719e47296f2299df3ecfb5f3f0e42f6f1eb1dc64dcc8e397366d12033f6288edbda3b838100000000000000000000800000edd4e1266dc9d73223fe614f025a7f284de76b3b676a13c57a0ed24f6270c4cbbf93472eb8093d8296c68dfbb03ddedc3e029b08959b145a7b110068ba071e75d75716243052ad24b624fddc2f0f3a018c0085c2319c248d643cd09fa855b20a6d453f2e954ff0e55c010000008547c5a0ecefcc44cc9532f729167f215937357a4bb9746193c1ec000000000000dd43c108c2109d221b7b26b7c9c209000005b7918a6cd856b8fa806c85480443159c6bed51a0e021f05f7caa1b99cdb4d08d9031210ac00e67d8c40a18503cb7aabcc066dfbfd7f87abe1122f00e5454bec3563a19582e0000000000000000000000000084b27fc6a3f95bf02b4eb5f1599dd46edcad432cc216316fe07afe27649c89cf022a90d895a2d70fcde7a9c37ede0c47c27f44595ab4b1fb1ed5b1d91314b2d50f94a768fb605679485041a6376b8344a39af68aed2be39794dd86ae82f9660cf4f935255d71f9fab2e430ac42bba1f54141cf39d4d50c4ded504beacb0de210d7a3716dca7362c134b91cef3efc514fbcb4747e6814ac16449ac02a43d9d4151697b4b7890ec6b481c5f0ca8c52a6322f34a796fa5941d23409ecf73458223baaffb94a89ee2884df000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x36, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r9 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000002c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, r5, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x11)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r9}, &(0x7f0000000080), &(0x7f00000000c0)=r8}, 0x20)
getsockname$packet(r6, 0x0, &(0x7f0000000200))
mkdir(&(0x7f00000000c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f0000001740)='.\x00', 0x513883, 0x488)

3.240096681s ago: executing program 1 (id=696):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYRES32=0x1, @ANYBLOB, @ANYRES32], 0x50)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
r6 = fsmount(r5, 0x0, 0x1)
fchdir(r6)
getdents64(0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r7 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)
ioctl$USBDEVFS_CONTROL(r7, 0xc0185500, &(0x7f00000000c0)={0x0, 0xb, 0xe0, 0x0, 0x0, 0x2, 0x0})
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01080000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d657461000000001400028008000140000000120800024000000001"], 0xd8}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)

2.670297059s ago: executing program 0 (id=697):
r0 = syz_open_dev$vbi(0x0, 0x1, 0x2)
write(r0, &(0x7f0000000100), 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f00000013c0)={0x3, 0x2, 0x2, {0x5, @vbi={0xb5, 0x0, 0x3, 0x20363159, [0x0, 0x8000000], [0x8200, 0x1]}}})

2.545713595s ago: executing program 4 (id=698):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0xf, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0xfffffffc, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x400}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2000002, 0xd50, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

2.288643564s ago: executing program 3 (id=699):
openat$tun(0xffffffffffffff9c, 0x0, 0x8000, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0xa, 0x4, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="18020000000000000000000000000030850000002c00000095000000000000002b4003fe37a077ae55f52c0d80a2749b71bd7663be96d5a45bbbdb5ff7ffffffd075b3eee14473f51be98dcb6f2abd71e7b9f470e8e04acb807fbbabc68abdcce9f672b6bb61c302dfd5c1f870adac29fd64d33a3502fbeb1ed99dd0e792f24c420bfcc2635421d339ad521d6953b1137850d9e9ebf65ee9889751cd7c86c3c9b8ff31043965b56bea2dbee528678eb47efb7a3f19046c6f1bd1bf56e5853ed96137f95b3a11954ed1c8a8676468cf2405e48723d4b1ff3698422f88ffed63c6dd64330f4c38ba86a3b50da03f4b1e4808aa5c9e9546d7190747c6abc5bc89da8bad11ca7f91c6ab28cec4ff7faa3fab49cdb3d64cfd5d698416752a16f32a54ccef577832e4cf684fce2cb0bab7f6a5821b26483322263b2e6f4c9b81e7eddb26d7b5b003e874acdcc771516133b866a3303c9dc210ea014785547e0ba97dfb45b5775cc2c5e880d7da37de8afb5fda8f1d455e8f1455fb76d5bab21aea9d24f64a95b9ba6dde17af422930c8d8788f6a5b8ebb5f249bafbad1"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x1000, &(0x7f0000001400)=""/4106, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x18)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@newlink={0x2c, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_XDP={0x4}, @IFLA_GROUP={0x8}]}, 0x2c}}, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000300)={0x43, 0x0, 0x1}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devpts\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x118d861, 0x0)
unshare(0x22020400)
mount$tmpfs(0x0, &(0x7f0000000400)='./file0\x00', 0x0, 0x100021, 0x0)
r7 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00'})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000004c0)={{r3}, &(0x7f0000000280), &(0x7f0000000240)=r4}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{0x1}, &(0x7f0000000300), &(0x7f0000000340)}, 0x20)

2.140377671s ago: executing program 1 (id=700):
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x1c}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0xbe8}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

2.058882889s ago: executing program 0 (id=701):
socket$tipc(0x1e, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x10, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="61123000000000006113100000000000bf2000000000000016000200071b48013d030100000000009500000000000000bc26000000000000bf67000000000000070200000fff07006702000003000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

2.012704444s ago: executing program 4 (id=702):
r0 = syz_clone(0xb00200, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r1)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
r5 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r5, 0xc004500a, &(0x7f0000000000))
ioctl$SNDCTL_DSP_CHANNELS(r5, 0xc0045006, &(0x7f0000000180)=0x70)
write$dsp(r5, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
syz_usb_connect$hid(0x11fa84518aecd852, 0x0, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000000000000000000400000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r7 = syz_open_procfs(r0, &(0x7f00000003c0)='syscall\x00')
pread64(r7, &(0x7f0000000140)=""/15, 0xf, 0x4)

1.322095479s ago: executing program 1 (id=703):
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000006000000ff0f000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="a800000000010904000500000000000002000000240001801400018008000100e000000108000200ac1e01010c00028005000100000009002400028014000180080001000000010908000200ac1e00010c000280050001000000000044000f800800014000000006080003400000002b080003400000000808"], 0xa8}}, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'ip6gretap0\x00', <r7=>0x0})
sendto$packet(r1, &(0x7f0000000180)="0b036c00e0ff64000200475400f6a13bb10000000800894f4820", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x0, r7}, 0x14)
socket$nl_netfilter(0x10, 0x3, 0xc)

1.242640603s ago: executing program 3 (id=704):
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000080)={0x0, 0x4, 0x1, 0x5, 0x7})
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/sockstat6\x00')
pread64(r1, 0x0, 0x0, 0x7fff)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r2}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0x1, <r3=>0xffffffffffffffff}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002380)={&(0x7f0000001240)=ANY=[@ANYBLOB="9feb01001800000000000000f9000000f9000000070000000600000003000006040000000b000000ff0f00000a000000faffffff0e00000008000000000000000700000d0000000005eaff000200000005000000040000000d0000000000000004000000020000000d000000020000000e000000020000000d00000005000000070000000000000c050000000b0000000500000f0100000002000000fcffffffff07000004000000f8ffffff0400000004000000050000000e000000010000000000010005000000020000000200000004000000910a00000000000012050000000000000000000003000000000400000003000000020000000f00000000000012010000000e0000000000000c0200000000000000005f615f5f00"], &(0x7f0000001380)=""/4096, 0x11b, 0x1000, 0x1, 0x4, 0x10000, @value}, 0x28)
r5 = syz_open_dev$vcsa(&(0x7f0000002400), 0x5, 0x800)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000002540)={0x6, 0x1a, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @map_val={0x18, 0x3, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0xe}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @btf_id={0x18, 0x8, 0x3, 0x0, 0x1}, @map_idx={0x18, 0x9, 0x5, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2dc}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x8}]}, &(0x7f0000000200)='GPL\x00', 0x2, 0x1000, &(0x7f0000000240)=""/4096, 0x41100, 0x4, '\x00', 0x0, 0x25, r4, 0x8, &(0x7f00000023c0)={0x8, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000002440)=[r5], &(0x7f0000002480)=[{0x1, 0x2, 0xf}, {0x3, 0x3, 0x9, 0x3}, {0x2, 0x4, 0xb, 0xa}, {0x3, 0x1, 0x3, 0x8}, {0x1, 0x5, 0x0, 0x3}, {0x3, 0x5, 0x4, 0x1}, {0x0, 0x4, 0x5, 0xb}, {0x4, 0x5, 0x6, 0x5}, {0x2, 0x4, 0xa, 0x4}], 0x10, 0x3, @void, @value}, 0x94)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2)
ioctl$VT_RESIZEX(0xffffffffffffffff, 0x560a, &(0x7f0000000080)={0x0, 0x4, 0x1, 0x5, 0x7}) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
syz_open_procfs(0x0, &(0x7f0000000080)='net/sockstat6\x00') (async)
pread64(r1, 0x0, 0x0, 0x7fff) (async)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r2}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20) (async)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{0x1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20) (async)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000002380)={&(0x7f0000001240)=ANY=[@ANYBLOB="9feb01001800000000000000f9000000f9000000070000000600000003000006040000000b000000ff0f00000a000000faffffff0e00000008000000000000000700000d0000000005eaff000200000005000000040000000d0000000000000004000000020000000d000000020000000e000000020000000d00000005000000070000000000000c050000000b0000000500000f0100000002000000fcffffffff07000004000000f8ffffff0400000004000000050000000e000000010000000000010005000000020000000200000004000000910a00000000000012050000000000000000000003000000000400000003000000020000000f00000000000012010000000e0000000000000c0200000000000000005f615f5f00"], &(0x7f0000001380)=""/4096, 0x11b, 0x1000, 0x1, 0x4, 0x10000, @value}, 0x28) (async)
syz_open_dev$vcsa(&(0x7f0000002400), 0x5, 0x800) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000002540)={0x6, 0x1a, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2}, [@kfunc={0x85, 0x0, 0x2, 0x0, 0x4}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r1}}, @map_val={0x18, 0x3, 0x2, 0x0, r2, 0x0, 0x0, 0x0, 0xe}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @btf_id={0x18, 0x8, 0x3, 0x0, 0x1}, @map_idx={0x18, 0x9, 0x5, 0x0, 0x2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2dc}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x800000, 0x0, 0x0, 0x0, 0x8}]}, &(0x7f0000000200)='GPL\x00', 0x2, 0x1000, &(0x7f0000000240)=""/4096, 0x41100, 0x4, '\x00', 0x0, 0x25, r4, 0x8, &(0x7f00000023c0)={0x8, 0x1}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x9, &(0x7f0000002440)=[r5], &(0x7f0000002480)=[{0x1, 0x2, 0xf}, {0x3, 0x3, 0x9, 0x3}, {0x2, 0x4, 0xb, 0xa}, {0x3, 0x1, 0x3, 0x8}, {0x1, 0x5, 0x0, 0x3}, {0x3, 0x5, 0x4, 0x1}, {0x0, 0x4, 0x5, 0xb}, {0x4, 0x5, 0x6, 0x5}, {0x2, 0x4, 0xa, 0x4}], 0x10, 0x3, @void, @value}, 0x94) (async)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x2) (async)

987.02947ms ago: executing program 2 (id=705):
socket$netlink(0x10, 0x3, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$kcm(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
socket(0x1e, 0x805, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c00000010001ffe00989837a182138b00268f1c", @ANYRES32=0x0, @ANYBLOB="ff7f000080000000140012800a00010076786c616e000000040002800800", @ANYRES64=r0], 0x3c}, 0x1, 0x8000a0ffffffff}, 0x0)

0s ago: executing program 0 (id=706):
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8b}, 0x0)
openat$tcp_mem(0xffffffffffffff9c, 0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
syz_clone(0x0, 0x0, 0xfffffe11, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f0000000140), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{0x1, <r2=>0xffffffffffffffff}, &(0x7f0000000100), &(0x7f00000001c0)}, 0x20)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)={0x1b, 0x0, 0x0, 0x10, 0x0, r2, 0x7, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x1, 0x0, @void, @value, @void, @value}, 0x50)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}}, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_GET(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x20, r6, 0x1, 0x70bd29, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0xc, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x70}, 0xc00)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x1f, 0x11, &(0x7f0000000380)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x202}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [@initr0={0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x2}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10001, @void, @value}, 0x94)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
creat(0x0, 0x0)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r7, &(0x7f0000001280), 0x6)

kernel console output (not intermixed with test programs):

1612][ T7095] netlink: 16 bytes leftover after parsing attributes in process `syz.0.324'.
[  187.643911][ T7095] netlink: 44 bytes leftover after parsing attributes in process `syz.0.324'.
[  187.774776][ T1207] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  188.422692][ T7102] block nbd2: shutting down sockets
[  188.467856][ T1207] usb 5-1: Using ep0 maxpacket: 32
[  188.498116][ T1207] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  188.590472][ T1207] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  188.600724][ T1207] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  188.610865][ T1207] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.624338][ T7109] netlink: 12 bytes leftover after parsing attributes in process `syz.3.329'.
[  188.635669][ T1207] usb 5-1: config 0 descriptor??
[  188.829720][ T1207] usbhid 5-1:0.0: can't add hid device: -71
[  188.873810][ T1207] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  188.942363][ T1207] usb 5-1: USB disconnect, device number 5
[  190.613782][ T7130] ubi: mtd0 is already attached to ubi31
[  191.235642][ T7140] netlink: 28 bytes leftover after parsing attributes in process `syz.4.337'.
[  192.329519][ T7142] FAULT_INJECTION: forcing a failure.
[  192.329519][ T7142] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  192.373752][ T7142] CPU: 0 UID: 0 PID: 7142 Comm: syz.4.339 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  192.373777][ T7142] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  192.373786][ T7142] Call Trace:
[  192.373793][ T7142]  <TASK>
[  192.373801][ T7142]  dump_stack_lvl+0x241/0x360
[  192.373830][ T7142]  ? __pfx_dump_stack_lvl+0x10/0x10
[  192.373850][ T7142]  ? __pfx__printk+0x10/0x10
[  192.373885][ T7142]  should_fail_ex+0x424/0x570
[  192.373908][ T7142]  _copy_from_user+0x2d/0xb0
[  192.373931][ T7142]  memdup_user+0x5e/0xd0
[  192.373947][ T7142]  snd_ctl_ioctl+0x4a5/0x1c30
[  192.373972][ T7142]  ? __pfx_snd_ctl_ioctl+0x10/0x10
[  192.373990][ T7142]  ? kasan_save_track+0x51/0x80
[  192.374010][ T7142]  ? kasan_save_track+0x3f/0x80
[  192.374027][ T7142]  ? kasan_save_free_info+0x40/0x50
[  192.374044][ T7142]  ? __kasan_slab_free+0x59/0x70
[  192.374063][ T7142]  ? kfree+0x198/0x430
[  192.374076][ T7142]  ? tomoyo_path_number_perm+0x5fd/0x790
[  192.374095][ T7142]  ? security_file_ioctl+0xc6/0x2a0
[  192.374114][ T7142]  ? __se_sys_ioctl+0x46/0x160
[  192.374134][ T7142]  ? do_syscall_64+0xf3/0x230
[  192.374151][ T7142]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.374171][ T7142]  ? do_vfs_ioctl+0xef8/0x2750
[  192.374205][ T7142]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  192.374252][ T7142]  ? kasan_quarantine_put+0xdc/0x230
[  192.374270][ T7142]  ? lockdep_hardirqs_on+0x9d/0x150
[  192.374298][ T7142]  ? tomoyo_path_number_perm+0x215/0x790
[  192.374323][ T7142]  ? tomoyo_path_number_perm+0x684/0x790
[  192.374347][ T7142]  ? tomoyo_path_number_perm+0x215/0x790
[  192.374368][ T7142]  ? smack_log+0x132/0x630
[  192.374385][ T7142]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  192.374409][ T7142]  ? __pfx_smack_log+0x10/0x10
[  192.374426][ T7142]  ? ksys_write+0x24e/0x2d0
[  192.374444][ T7142]  ? smk_access+0x4ab/0x4e0
[  192.374466][ T7142]  ? smk_tskacc+0x300/0x370
[  192.374488][ T7142]  ? smack_file_ioctl+0x306/0x3b0
[  192.374510][ T7142]  ? __pfx_smack_file_ioctl+0x10/0x10
[  192.374535][ T7142]  ? __fget_files+0x2a/0x420
[  192.374555][ T7142]  ? __fget_files+0x2a/0x420
[  192.374577][ T7142]  ? __pfx_snd_ctl_ioctl+0x10/0x10
[  192.374596][ T7142]  __se_sys_ioctl+0xf1/0x160
[  192.374619][ T7142]  do_syscall_64+0xf3/0x230
[  192.374639][ T7142]  ? clear_bhb_loop+0x45/0xa0
[  192.374657][ T7142]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  192.374681][ T7142] RIP: 0033:0x7ff80458d169
[  192.374696][ T7142] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  192.374708][ T7142] RSP: 002b:00007ff805315038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  192.374724][ T7142] RAX: ffffffffffffffda RBX: 00007ff8047a5fa0 RCX: 00007ff80458d169
[  192.374735][ T7142] RDX: 0000200000000480 RSI: 00000000c4c85512 RDI: 0000000000000004
[  192.374746][ T7142] RBP: 00007ff805315090 R08: 0000000000000000 R09: 0000000000000000
[  192.374756][ T7142] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  192.374765][ T7142] R13: 0000000000000000 R14: 00007ff8047a5fa0 R15: 00007fffda659648
[  192.374792][ T7142]  </TASK>
[  193.050008][ T7156] netlink: 12 bytes leftover after parsing attributes in process `syz.3.342'.
[  193.429832][ T7155] capability: warning: `syz.4.345' uses 32-bit capabilities (legacy support in use)
[  194.013771][   T59] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  194.259946][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  194.266579][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  194.318991][   T59] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  194.388015][   T59] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  194.460609][ T7172] 9pnet_fd: Insufficient options for proto=fd
[  194.505031][   T59] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.525107][   T59] usb 3-1: config 0 descriptor??
[  194.535028][   T59] pwc: Askey VC010 type 2 USB webcam detected.
[  195.463737][   T59] pwc: recv_control_msg error -32 req 02 val 2b00
[  195.534421][   T59] pwc: recv_control_msg error -32 req 02 val 2700
[  195.589937][   T59] pwc: recv_control_msg error -32 req 02 val 2c00
[  195.671274][ T7182] FAULT_INJECTION: forcing a failure.
[  195.671274][ T7182] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  195.685372][ T7182] CPU: 1 UID: 0 PID: 7182 Comm: syz.0.353 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  195.685395][ T7182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  195.685404][ T7182] Call Trace:
[  195.685411][ T7182]  <TASK>
[  195.685418][ T7182]  dump_stack_lvl+0x241/0x360
[  195.685447][ T7182]  ? __pfx_dump_stack_lvl+0x10/0x10
[  195.685468][ T7182]  ? __pfx__printk+0x10/0x10
[  195.685501][ T7182]  should_fail_ex+0x424/0x570
[  195.685524][ T7182]  strncpy_from_user+0x36/0x280
[  195.685545][ T7182]  getname_flags+0xf0/0x530
[  195.685569][ T7182]  __x64_sys_renameat2+0xba/0xe0
[  195.685589][ T7182]  do_syscall_64+0xf3/0x230
[  195.685609][ T7182]  ? clear_bhb_loop+0x45/0xa0
[  195.685629][ T7182]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.685645][ T7182] RIP: 0033:0x7fb202d8d169
[  195.685660][ T7182] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  195.685673][ T7182] RSP: 002b:00007fb203c43038 EFLAGS: 00000246 ORIG_RAX: 000000000000013c
[  195.685691][ T7182] RAX: ffffffffffffffda RBX: 00007fb202fa6160 RCX: 00007fb202d8d169
[  195.685704][ T7182] RDX: ffffffffffffff9c RSI: 0000200000000480 RDI: ffffffffffffff9c
[  195.685715][ T7182] RBP: 00007fb203c43090 R08: 0000000000000002 R09: 0000000000000000
[  195.685726][ T7182] R10: 00002000000004c0 R11: 0000000000000246 R12: 0000000000000001
[  195.685736][ T7182] R13: 0000000000000000 R14: 00007fb202fa6160 R15: 00007ffed5babc18
[  195.685764][ T7182]  </TASK>
[  195.866039][   T59] pwc: recv_control_msg error -32 req 04 val 1000
[  195.996658][   T59] pwc: recv_control_msg error -32 req 04 val 1300
[  196.005504][   T59] pwc: recv_control_msg error -32 req 04 val 1400
[  196.259464][   T59] pwc: recv_control_msg error -71 req 02 val 2100
[  196.267820][   T59] pwc: recv_control_msg error -71 req 04 val 1500
[  196.284915][   T59] pwc: recv_control_msg error -71 req 02 val 2500
[  196.286540][   T30] audit: type=1326 audit(1744518529.818:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7185 comm="syz.4.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  196.304895][   T59] pwc: recv_control_msg error -71 req 02 val 2400
[  196.338368][ T5851] Bluetooth: hci1: command 0x0406 tx timeout
[  196.338389][ T5841] Bluetooth: hci3: command 0x0406 tx timeout
[  196.346045][ T5851] Bluetooth: hci2: command 0x0406 tx timeout
[  196.360351][   T30] audit: type=1326 audit(1744518529.818:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7185 comm="syz.4.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  196.381833][   T30] audit: type=1326 audit(1744518529.818:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7185 comm="syz.4.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=217 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  196.394638][ T7189] netlink: 12 bytes leftover after parsing attributes in process `syz.0.356'.
[  196.404460][   T30] audit: type=1326 audit(1744518529.818:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7185 comm="syz.4.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  196.434076][   T30] audit: type=1326 audit(1744518529.818:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7185 comm="syz.4.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  196.455467][   T59] pwc: recv_control_msg error -71 req 02 val 2600
[  196.455550][   T30] audit: type=1326 audit(1744518529.818:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7185 comm="syz.4.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  196.487162][   T30] audit: type=1326 audit(1744518529.818:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7185 comm="syz.4.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  196.491310][   T59] pwc: recv_control_msg error -71 req 02 val 2900
[  196.524431][   T30] audit: type=1326 audit(1744518529.818:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7185 comm="syz.4.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  196.555136][   T59] pwc: recv_control_msg error -71 req 02 val 2800
[  196.562740][   T59] pwc: recv_control_msg error -71 req 04 val 1100
[  196.572992][   T30] audit: type=1326 audit(1744518529.848:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7185 comm="syz.4.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  196.595999][   T59] pwc: recv_control_msg error -71 req 04 val 1200
[  196.609328][   T59] pwc: Registered as video103.
[  196.614571][   T30] audit: type=1326 audit(1744518529.848:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7185 comm="syz.4.355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  196.638017][   T59] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input12
[  196.661540][   T59] usb 3-1: USB disconnect, device number 10
[  197.639612][ T7164] syz.3.348 (7164): drop_caches: 2
[  198.053977][ T7212] 9pnet_fd: Insufficient options for proto=fd
[  198.103897][ T5890] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  198.199777][ T7215] netlink: 28 bytes leftover after parsing attributes in process `syz.2.364'.
[  198.545213][ T5950] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  198.776399][ T5890] usb 5-1: Using ep0 maxpacket: 8
[  198.783567][ T5890] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  198.791070][ T5890] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  198.812711][ T5890] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  198.854215][ T5890] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  198.876212][ T5890] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  198.905738][ T5890] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  198.934261][ T5890] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  198.975052][ T5950] usb 3-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  198.983644][ T5890] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  198.996016][ T5950] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.010322][ T5950] usb 3-1: Product: syz
[  199.014582][ T5950] usb 3-1: Manufacturer: syz
[  199.019228][ T5950] usb 3-1: SerialNumber: syz
[  199.024161][ T5890] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  199.024188][ T5890] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  199.025292][ T5890] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  199.044719][ T5950] usb 3-1: config 0 descriptor??
[  199.057908][ T5890] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  199.068298][ T5950] i2c-tiny-usb 3-1:0.0: version 6d.cc found at bus 003 address 011
[  199.075930][ T5890] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  199.097115][ T5890] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  199.110701][ T5890] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  199.129224][ T5890] usb 5-1: string descriptor 0 read error: -22
[  199.137355][ T5890] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  199.147008][ T5890] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.168347][ T5890] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  199.213219][ T7226] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  199.222557][ T7226] ref_ctr increment failed for inode: 0x157 offset: 0x7 ref_ctr_offset: 0x2 of mm: 0xffff88807f623200
[  199.381485][ T7208] FAULT_INJECTION: forcing a failure.
[  199.381485][ T7208] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  199.408537][ T7208] CPU: 0 UID: 0 PID: 7208 Comm: syz.4.361 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  199.408562][ T7208] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  199.408571][ T7208] Call Trace:
[  199.408578][ T7208]  <TASK>
[  199.408585][ T7208]  dump_stack_lvl+0x241/0x360
[  199.408615][ T7208]  ? __pfx_dump_stack_lvl+0x10/0x10
[  199.408636][ T7208]  ? __pfx__printk+0x10/0x10
[  199.408669][ T7208]  should_fail_ex+0x424/0x570
[  199.408693][ T7208]  _copy_to_user+0x31/0xb0
[  199.408718][ T7208]  simple_read_from_buffer+0xc4/0x170
[  199.408742][ T7208]  proc_fail_nth_read+0x1ef/0x260
[  199.408766][ T7208]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  199.408799][ T7208]  ? rw_verify_area+0x246/0x630
[  199.408819][ T7208]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  199.408841][ T7208]  vfs_read+0x21f/0xb90
[  199.408868][ T7208]  ? __pfx___mutex_lock+0x10/0x10
[  199.408888][ T7208]  ? __pfx_vfs_read+0x10/0x10
[  199.408912][ T7208]  ? __fget_files+0x2a/0x420
[  199.408933][ T7208]  ? __fget_files+0x39d/0x420
[  199.408949][ T7208]  ? __fget_files+0x2a/0x420
[  199.408978][ T7208]  ksys_read+0x19d/0x2d0
[  199.409001][ T7208]  ? __pfx_ksys_read+0x10/0x10
[  199.409029][ T7208]  ? do_syscall_64+0xb6/0x230
[  199.409051][ T7208]  do_syscall_64+0xf3/0x230
[  199.409070][ T7208]  ? clear_bhb_loop+0x45/0xa0
[  199.409089][ T7208]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  199.409105][ T7208] RIP: 0033:0x7ff80458bb7c
[  199.409120][ T7208] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  199.409132][ T7208] RSP: 002b:00007ff805315030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  199.409150][ T7208] RAX: ffffffffffffffda RBX: 00007ff8047a5fa0 RCX: 00007ff80458bb7c
[  199.409162][ T7208] RDX: 000000000000000f RSI: 00007ff8053150a0 RDI: 0000000000000005
[  199.409173][ T7208] RBP: 00007ff805315090 R08: 0000000000000000 R09: 0000000000000000
[  199.409183][ T7208] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  199.409192][ T7208] R13: 0000000000000000 R14: 00007ff8047a5fa0 R15: 00007fffda659648
[  199.409221][ T7208]  </TASK>
[  199.651567][ T5950]  (null): failure reading functionality
[  199.667805][ T5950] i2c i2c-1: failure reading functionality
[  199.689453][ T5950] i2c i2c-1: connected i2c-tiny-usb device
[  199.968982][ T5887] usb 3-1: USB disconnect, device number 11
[  200.934241][ T7248] 9pnet_fd: Insufficient options for proto=fd
[  201.050421][ T7255] FAULT_INJECTION: forcing a failure.
[  201.050421][ T7255] name failslab, interval 1, probability 0, space 0, times 0
[  201.081868][ T7255] CPU: 1 UID: 0 PID: 7255 Comm: syz.1.375 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  201.081892][ T7255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  201.081902][ T7255] Call Trace:
[  201.081909][ T7255]  <TASK>
[  201.081916][ T7255]  dump_stack_lvl+0x241/0x360
[  201.081946][ T7255]  ? __pfx_dump_stack_lvl+0x10/0x10
[  201.081967][ T7255]  ? __pfx__printk+0x10/0x10
[  201.081990][ T7255]  ? __lock_acquire+0xad5/0xd80
[  201.082014][ T7255]  should_fail_ex+0x424/0x570
[  201.082038][ T7255]  should_failslab+0xac/0x100
[  201.082058][ T7255]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  201.082075][ T7255]  ? __alloc_skb+0x1c2/0x480
[  201.082089][ T7255]  ? trace_contention_end+0x3c/0x120
[  201.082113][ T7255]  __alloc_skb+0x1c2/0x480
[  201.082127][ T7255]  ? __lock_acquire+0xad5/0xd80
[  201.082148][ T7255]  ? __pfx___alloc_skb+0x10/0x10
[  201.082163][ T7255]  ? hci_sock_sendmsg+0x580/0x11f0
[  201.082185][ T7255]  ? __pfx___mutex_lock+0x10/0x10
[  201.082208][ T7255]  hci_mgmt_cmd+0x1c5/0xf20
[  201.082244][ T7255]  hci_sock_sendmsg+0x7b8/0x11f0
[  201.082264][ T7255]  ? __pfx_tomoyo_socket_sendmsg_permission+0x10/0x10
[  201.082291][ T7255]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  201.082322][ T7255]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  201.082339][ T7255]  __sock_sendmsg+0x221/0x270
[  201.082363][ T7255]  sock_write_iter+0x2d9/0x3f0
[  201.082387][ T7255]  ? __pfx_sock_write_iter+0x10/0x10
[  201.082418][ T7255]  ? bpf_lsm_file_permission+0x9/0x10
[  201.082445][ T7255]  vfs_write+0x70f/0xd10
[  201.082474][ T7255]  ? __pfx_sock_write_iter+0x10/0x10
[  201.082496][ T7255]  ? __pfx_vfs_write+0x10/0x10
[  201.082520][ T7255]  ? __fget_files+0x2a/0x420
[  201.082543][ T7255]  ? __fget_files+0x2a/0x420
[  201.082571][ T7255]  ksys_write+0x19d/0x2d0
[  201.082595][ T7255]  ? __pfx_ksys_write+0x10/0x10
[  201.082627][ T7255]  ? do_syscall_64+0xb6/0x230
[  201.082651][ T7255]  do_syscall_64+0xf3/0x230
[  201.082670][ T7255]  ? clear_bhb_loop+0x45/0xa0
[  201.082690][ T7255]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.082706][ T7255] RIP: 0033:0x7f549718d169
[  201.082721][ T7255] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.082734][ T7255] RSP: 002b:00007f5497f61038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  201.082752][ T7255] RAX: ffffffffffffffda RBX: 00007f54973a5fa0 RCX: 00007f549718d169
[  201.082764][ T7255] RDX: 0000000000000006 RSI: 0000200000000040 RDI: 0000000000000005
[  201.082773][ T7255] RBP: 00007f5497f61090 R08: 0000000000000000 R09: 0000000000000000
[  201.082783][ T7255] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  201.082793][ T7255] R13: 0000000000000000 R14: 00007f54973a5fa0 R15: 00007fff1ac57468
[  201.082825][ T7255]  </TASK>
[  201.696288][ T1207] usb 5-1: USB disconnect, device number 6
[  201.757009][ T7265] FAULT_INJECTION: forcing a failure.
[  201.757009][ T7265] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  201.893920][ T7265] CPU: 0 UID: 0 PID: 7265 Comm: syz.1.379 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  201.893947][ T7265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  201.893956][ T7265] Call Trace:
[  201.893963][ T7265]  <TASK>
[  201.893970][ T7265]  dump_stack_lvl+0x241/0x360
[  201.893999][ T7265]  ? __pfx_dump_stack_lvl+0x10/0x10
[  201.894020][ T7265]  ? __pfx__printk+0x10/0x10
[  201.894054][ T7265]  should_fail_ex+0x424/0x570
[  201.894081][ T7265]  _copy_from_iter+0x211/0x1c70
[  201.894109][ T7265]  ? __build_skb_around+0x247/0x3d0
[  201.894130][ T7265]  ? __alloc_skb+0x298/0x480
[  201.894144][ T7265]  ? __pfx__copy_from_iter+0x10/0x10
[  201.894168][ T7265]  ? __pfx___alloc_skb+0x10/0x10
[  201.894186][ T7265]  ? skb_put+0x114/0x1f0
[  201.894206][ T7265]  netlink_sendmsg+0x73c/0xcd0
[  201.894249][ T7265]  ? __pfx_netlink_sendmsg+0x10/0x10
[  201.894284][ T7265]  ? __pfx_netlink_sendmsg+0x10/0x10
[  201.894304][ T7265]  __sock_sendmsg+0x221/0x270
[  201.894328][ T7265]  ____sys_sendmsg+0x523/0x860
[  201.894355][ T7265]  ? __pfx_____sys_sendmsg+0x10/0x10
[  201.894370][ T7265]  ? __fget_files+0x2a/0x420
[  201.894392][ T7265]  ? __fget_files+0x2a/0x420
[  201.894419][ T7265]  __sys_sendmsg+0x271/0x360
[  201.894442][ T7265]  ? __pfx___sys_sendmsg+0x10/0x10
[  201.894512][ T7265]  ? do_syscall_64+0xb6/0x230
[  201.894536][ T7265]  do_syscall_64+0xf3/0x230
[  201.894554][ T7265]  ? clear_bhb_loop+0x45/0xa0
[  201.894573][ T7265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.894588][ T7265] RIP: 0033:0x7f549718d169
[  201.894603][ T7265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  201.894618][ T7265] RSP: 002b:00007f5497f61038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  201.894636][ T7265] RAX: ffffffffffffffda RBX: 00007f54973a5fa0 RCX: 00007f549718d169
[  201.894650][ T7265] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  201.894660][ T7265] RBP: 00007f5497f61090 R08: 0000000000000000 R09: 0000000000000000
[  201.894671][ T7265] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  201.894681][ T7265] R13: 0000000000000000 R14: 00007f54973a5fa0 R15: 00007fff1ac57468
[  201.894709][ T7265]  </TASK>
[  202.731954][ T7271] tunl0: entered allmulticast mode
[  202.742127][ T7271] tunl0: left allmulticast mode
[  202.789721][ T7273] FAULT_INJECTION: forcing a failure.
[  202.789721][ T7273] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  202.873774][ T7273] CPU: 0 UID: 0 PID: 7273 Comm: syz.1.382 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  202.873800][ T7273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  202.873811][ T7273] Call Trace:
[  202.873817][ T7273]  <TASK>
[  202.873824][ T7273]  dump_stack_lvl+0x241/0x360
[  202.873854][ T7273]  ? __pfx_dump_stack_lvl+0x10/0x10
[  202.873875][ T7273]  ? __pfx__printk+0x10/0x10
[  202.873909][ T7273]  should_fail_ex+0x424/0x570
[  202.873933][ T7273]  _copy_from_iter+0x211/0x1c70
[  202.873959][ T7273]  ? __build_skb_around+0x247/0x3d0
[  202.873980][ T7273]  ? __alloc_skb+0x298/0x480
[  202.873994][ T7273]  ? __pfx__copy_from_iter+0x10/0x10
[  202.874016][ T7273]  ? __pfx___alloc_skb+0x10/0x10
[  202.874034][ T7273]  ? skb_put+0x114/0x1f0
[  202.874053][ T7273]  netlink_sendmsg+0x73c/0xcd0
[  202.874088][ T7273]  ? __pfx_netlink_sendmsg+0x10/0x10
[  202.874123][ T7273]  ? __pfx_netlink_sendmsg+0x10/0x10
[  202.874143][ T7273]  __sock_sendmsg+0x221/0x270
[  202.874168][ T7273]  ____sys_sendmsg+0x523/0x860
[  202.874194][ T7273]  ? __pfx_____sys_sendmsg+0x10/0x10
[  202.874229][ T7273]  ? __fget_files+0x2a/0x420
[  202.874251][ T7273]  ? __fget_files+0x2a/0x420
[  202.874278][ T7273]  __sys_sendmsg+0x271/0x360
[  202.874301][ T7273]  ? __pfx___sys_sendmsg+0x10/0x10
[  202.874370][ T7273]  ? do_syscall_64+0xb6/0x230
[  202.874398][ T7273]  do_syscall_64+0xf3/0x230
[  202.874417][ T7273]  ? clear_bhb_loop+0x45/0xa0
[  202.874437][ T7273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  202.874454][ T7273] RIP: 0033:0x7f549718d169
[  202.874467][ T7273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  202.874481][ T7273] RSP: 002b:00007f5497f61038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  202.874499][ T7273] RAX: ffffffffffffffda RBX: 00007f54973a5fa0 RCX: 00007f549718d169
[  202.874511][ T7273] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  202.874521][ T7273] RBP: 00007f5497f61090 R08: 0000000000000000 R09: 0000000000000000
[  202.874532][ T7273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  202.874542][ T7273] R13: 0000000000000000 R14: 00007f54973a5fa0 R15: 00007fff1ac57468
[  202.874569][ T7273]  </TASK>
[  203.336650][ T7278] netlink: 16 bytes leftover after parsing attributes in process `syz.1.384'.
[  203.643658][ T7283] 9pnet_fd: Insufficient options for proto=fd
[  205.065509][ T7297] FAULT_INJECTION: forcing a failure.
[  205.065509][ T7297] name failslab, interval 1, probability 0, space 0, times 0
[  205.143717][ T7297] CPU: 1 UID: 0 PID: 7297 Comm: syz.3.391 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  205.143743][ T7297] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  205.143754][ T7297] Call Trace:
[  205.143760][ T7297]  <TASK>
[  205.143767][ T7297]  dump_stack_lvl+0x241/0x360
[  205.143795][ T7297]  ? __pfx_dump_stack_lvl+0x10/0x10
[  205.143815][ T7297]  ? __pfx__printk+0x10/0x10
[  205.143839][ T7297]  ? __pfx___might_resched+0x10/0x10
[  205.143861][ T7297]  should_fail_ex+0x424/0x570
[  205.143883][ T7297]  should_failslab+0xac/0x100
[  205.143901][ T7297]  kmem_cache_alloc_noprof+0x78/0x390
[  205.143916][ T7297]  ? alloc_empty_file+0x56/0x1d0
[  205.143935][ T7297]  alloc_empty_file+0x56/0x1d0
[  205.143953][ T7297]  alloc_file_pseudo+0x206/0x320
[  205.143977][ T7297]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  205.143996][ T7297]  ? security_inode_alloc+0xd2/0x310
[  205.144025][ T7297]  sock_alloc_file+0xb7/0x2e0
[  205.144050][ T7297]  do_accept+0x374/0x700
[  205.144078][ T7297]  ? __pfx_do_accept+0x10/0x10
[  205.144123][ T7297]  __sys_accept4+0x121/0x1d0
[  205.144148][ T7297]  ? __pfx___sys_accept4+0x10/0x10
[  205.144196][ T7297]  __x64_sys_accept4+0x9a/0xb0
[  205.144220][ T7297]  do_syscall_64+0xf3/0x230
[  205.144241][ T7297]  ? clear_bhb_loop+0x45/0xa0
[  205.144260][ T7297]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.144276][ T7297] RIP: 0033:0x7fe09358d169
[  205.144291][ T7297] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  205.144305][ T7297] RSP: 002b:00007fe0944ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  205.144324][ T7297] RAX: ffffffffffffffda RBX: 00007fe0937a5fa0 RCX: 00007fe09358d169
[  205.144336][ T7297] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  205.144346][ T7297] RBP: 00007fe0944ab090 R08: 0000000000000000 R09: 0000000000000000
[  205.144357][ T7297] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  205.144367][ T7297] R13: 0000000000000000 R14: 00007fe0937a5fa0 R15: 00007ffffa17bb08
[  205.144395][ T7297]  </TASK>
[  205.520698][ T7301] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  205.613830][ T5887] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  205.698544][ T7307] netlink: 16 bytes leftover after parsing attributes in process `syz.0.396'.
[  205.773775][ T7311] 9pnet_fd: Insufficient options for proto=fd
[  205.935399][ T5887] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  205.946532][ T5887] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  205.958978][ T5887] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.969767][ T5887] usb 3-1: config 0 descriptor??
[  206.050538][ T7315] ubi: mtd0 is already attached to ubi31
[  206.742827][ T5887] keytouch 0003:0926:3333.0001: fixing up Keytouch IEC report descriptor
[  206.755582][ T7317] tunl0: entered allmulticast mode
[  206.767556][ T5887] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0001/input/input13
[  206.787225][ T7317] tunl0: left allmulticast mode
[  208.316993][ T5887] keytouch 0003:0926:3333.0001: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[  208.501220][ T7335] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input14
[  208.513353][ T5950] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  208.675473][ T5950] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  208.702219][ T7341] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  208.719819][ T5950] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  208.793129][ T5950] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  208.959416][ T5950] usb 2-1: config 0 descriptor??
[  209.098413][ T7349] evm: overlay not supported
[  209.115739][ T7349] FAULT_INJECTION: forcing a failure.
[  209.115739][ T7349] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  209.129539][ T7349] CPU: 0 UID: 0 PID: 7349 Comm: syz.3.409 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  209.129562][ T7349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  209.129573][ T7349] Call Trace:
[  209.129579][ T7349]  <TASK>
[  209.129586][ T7349]  dump_stack_lvl+0x241/0x360
[  209.129616][ T7349]  ? __pfx_dump_stack_lvl+0x10/0x10
[  209.129638][ T7349]  ? __pfx__printk+0x10/0x10
[  209.129673][ T7349]  should_fail_ex+0x424/0x570
[  209.129697][ T7349]  _copy_from_user+0x2d/0xb0
[  209.129720][ T7349]  do_ip6t_set_ctl+0x73f/0x1270
[  209.129749][ T7349]  ? __pfx___mutex_trylock_common+0x10/0x10
[  209.129770][ T7349]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  209.129816][ T7349]  ? __mutex_unlock_slowpath+0x229/0x800
[  209.129847][ T7349]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  209.129884][ T7349]  nf_setsockopt+0x295/0x2c0
[  209.129913][ T7349]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  209.129934][ T7349]  do_sock_setsockopt+0x3b1/0x710
[  209.129958][ T7349]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  209.129985][ T7349]  ? __x64_sys_setsockopt+0x1cd/0x280
[  209.130009][ T7349]  __x64_sys_setsockopt+0x1ee/0x280
[  209.130033][ T7349]  do_syscall_64+0xf3/0x230
[  209.130053][ T7349]  ? clear_bhb_loop+0x45/0xa0
[  209.130074][ T7349]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.130090][ T7349] RIP: 0033:0x7fe09358d169
[  209.130105][ T7349] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.130119][ T7349] RSP: 002b:00007fe094469038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  209.130138][ T7349] RAX: ffffffffffffffda RBX: 00007fe0937a6160 RCX: 00007fe09358d169
[  209.130150][ T7349] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 000000000000000b
[  209.130160][ T7349] RBP: 00007fe094469090 R08: 0000000000000598 R09: 0000000000000000
[  209.130171][ T7349] R10: 0000200000000600 R11: 0000000000000246 R12: 0000000000000001
[  209.130181][ T7349] R13: 0000000000000000 R14: 00007fe0937a6160 R15: 00007ffffa17bb08
[  209.130209][ T7349]  </TASK>
[  209.377125][ T5887] usb 3-1: USB disconnect, device number 12
[  209.696878][ T7352] 9pnet_fd: Insufficient options for proto=fd
[  209.724606][ T5950] keytouch 0003:0926:3333.0002: fixing up Keytouch IEC report descriptor
[  209.788008][ T5950] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0002/input/input15
[  209.834015][ T7357] xt_hashlimit: size too large, truncated to 1048576
[  209.938027][ T5950] keytouch 0003:0926:3333.0002: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  209.971229][ T5950] usb 2-1: USB disconnect, device number 8
[  210.303932][ T5887] usb 3-1: new full-speed USB device number 13 using dummy_hcd
[  210.669826][ T5887] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  210.855809][ T5887] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  211.034138][ T5887] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  211.047346][ T5887] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  211.062039][ T5887] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  211.076222][ T5887] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  211.105667][ T5887] usb 3-1: Manufacturer: syz
[  211.124068][ T5887] usb 3-1: config 0 descriptor??
[  211.421608][ T7374] FAULT_INJECTION: forcing a failure.
[  211.421608][ T7374] name failslab, interval 1, probability 0, space 0, times 0
[  211.434600][ T7374] CPU: 1 UID: 0 PID: 7374 Comm: syz.4.416 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  211.434623][ T7374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  211.434633][ T7374] Call Trace:
[  211.434640][ T7374]  <TASK>
[  211.434648][ T7374]  dump_stack_lvl+0x241/0x360
[  211.434677][ T7374]  ? __pfx_dump_stack_lvl+0x10/0x10
[  211.434698][ T7374]  ? __pfx__printk+0x10/0x10
[  211.434719][ T7374]  ? __pfx_hlock_conflict+0x10/0x10
[  211.434741][ T7374]  ? __pfx___might_resched+0x10/0x10
[  211.434760][ T7374]  ? lock_acquire+0x167/0x2f0
[  211.434780][ T7374]  should_fail_ex+0x424/0x570
[  211.434803][ T7374]  should_failslab+0xac/0x100
[  211.434823][ T7374]  __kmalloc_cache_noprof+0x73/0x370
[  211.434840][ T7374]  ? fanout_add+0x23c/0x12c0
[  211.434867][ T7374]  fanout_add+0x23c/0x12c0
[  211.434893][ T7374]  ? packet_setsockopt+0xc21/0x1870
[  211.434912][ T7374]  ? packet_setsockopt+0xc48/0x1870
[  211.434940][ T7374]  packet_setsockopt+0xc55/0x1870
[  211.434968][ T7374]  ? __pfx_packet_setsockopt+0x10/0x10
[  211.434989][ T7374]  ? rcu_is_watching+0x15/0xb0
[  211.435008][ T7374]  ? trace_irq_disable+0x3b/0x120
[  211.435031][ T7374]  ? preempt_schedule_irq+0x145/0x1c0
[  211.435050][ T7374]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  211.435077][ T7374]  ? irqentry_exit+0x63/0x90
[  211.435093][ T7374]  ? lockdep_hardirqs_on+0x9d/0x150
[  211.435123][ T7374]  ? do_sock_setsockopt+0x23e/0x710
[  211.435138][ T7374]  ? do_sock_setsockopt+0x308/0x710
[  211.435160][ T7374]  ? __pfx_packet_setsockopt+0x10/0x10
[  211.435181][ T7374]  do_sock_setsockopt+0x3b1/0x710
[  211.435204][ T7374]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  211.435219][ T7374]  ? __fget_files+0x2a/0x420
[  211.435242][ T7374]  ? __fget_files+0x39d/0x420
[  211.435259][ T7374]  ? __fget_files+0x2a/0x420
[  211.435284][ T7374]  __x64_sys_setsockopt+0x1ee/0x280
[  211.435309][ T7374]  do_syscall_64+0xf3/0x230
[  211.435329][ T7374]  ? clear_bhb_loop+0x45/0xa0
[  211.435349][ T7374]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  211.435366][ T7374] RIP: 0033:0x7ff80458d169
[  211.435381][ T7374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  211.435394][ T7374] RSP: 002b:00007ff8023d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  211.435412][ T7374] RAX: ffffffffffffffda RBX: 00007ff8047a6160 RCX: 00007ff80458d169
[  211.435425][ T7374] RDX: 0000000000000012 RSI: 0000000000000107 RDI: 0000000000000007
[  211.435436][ T7374] RBP: 00007ff8023d5090 R08: 0000000000000004 R09: 0000000000000000
[  211.435446][ T7374] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[  211.435457][ T7374] R13: 0000000000000000 R14: 00007ff8047a6160 R15: 00007fffda659648
[  211.435485][ T7374]  </TASK>
[  211.875499][ T7376] tmpfs: Bad value for 'mpol'
[  212.534833][ T7381] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  212.609073][   T30] kauditd_printk_skb: 48 callbacks suppressed
[  212.609090][   T30] audit: type=1326 audit(1744518546.148:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7384 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f549718d169 code=0x7ffc0000
[  212.636932][ T5887] rc_core: IR keymap rc-hauppauge not found
[  212.681934][ T5887] Registered IR keymap rc-empty
[  212.700441][ T5887] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  212.721566][   T30] audit: type=1326 audit(1744518546.148:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7384 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f549718d169 code=0x7ffc0000
[  212.743414][ T5887] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  212.763260][   T30] audit: type=1326 audit(1744518546.218:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7384 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f549718d169 code=0x7ffc0000
[  212.785704][ T5887] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  212.873545][ T5887] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input16
[  212.896137][   T30] audit: type=1326 audit(1744518546.228:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7384 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f549718d169 code=0x7ffc0000
[  212.918566][ T5887] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  212.926048][ T5888] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  212.935685][   T30] audit: type=1326 audit(1744518546.228:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7384 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f549718d169 code=0x7ffc0000
[  212.959264][ T5887] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  212.985104][ T5887] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  212.998206][   T30] audit: type=1326 audit(1744518546.238:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7384 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f549718d169 code=0x7ffc0000
[  213.025163][ T5887] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  213.044352][ T7394] netlink: 36 bytes leftover after parsing attributes in process `syz.1.422'.
[  213.055135][   T30] audit: type=1326 audit(1744518546.238:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7384 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f549718d169 code=0x7ffc0000
[  213.078069][ T5887] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  213.096421][   T30] audit: type=1326 audit(1744518546.238:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7384 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f549718d169 code=0x7ffc0000
[  213.121158][ T5887] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  213.128760][ T5888] usb 5-1: Using ep0 maxpacket: 8
[  213.143542][ T5888] usb 5-1: config 4 has an invalid interface number: 244 but max is 0
[  213.155504][ T5887] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  213.164712][ T5888] usb 5-1: config 4 has no interface number 0
[  213.171633][ T5888] usb 5-1: config 4 interface 244 altsetting 1 endpoint 0x1 has an invalid bInterval 41, changing to 7
[  213.185947][ T5887] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  213.195538][   T30] audit: type=1326 audit(1744518546.238:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7384 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f549718d169 code=0x7ffc0000
[  213.217921][ T5887] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  213.231024][ T5888] usb 5-1: config 4 interface 244 altsetting 1 endpoint 0x2 has invalid wMaxPacketSize 0
[  213.243906][ T5888] usb 5-1: config 4 interface 244 has no altsetting 0
[  213.254078][ T5887] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  213.269690][   T30] audit: type=1326 audit(1744518546.238:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7384 comm="syz.1.422" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f549718d169 code=0x7ffc0000
[  213.297903][ T5887] mceusb 3-1:0.0: Registered  with mce emulator interface version 1
[  213.306869][ T5887] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  213.323042][ T5888] usb 5-1: New USB device found, idVendor=05ac, idProduct=fa33, bcdDevice=cb.aa
[  213.341490][ T5888] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.390304][ T5888] usb 5-1: Product: syz
[  213.404154][ T5887] usb 3-1: USB disconnect, device number 13
[  213.426613][ T5888] usb 5-1: Manufacturer: syz
[  213.462852][ T5888] usb 5-1: SerialNumber: syz
[  215.533275][ T5888] ipheth 5-1:4.244: Unable to find endpoints
[  215.616004][ T5888] usb 5-1: USB disconnect, device number 7
[  215.653204][ T7399] 9pnet_fd: Insufficient options for proto=fd
[  215.715864][ T7401] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  215.724625][ T7401] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  215.733327][ T7401] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  215.742076][ T7401] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  215.947467][ T7409] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  218.100645][ T7422] FAULT_INJECTION: forcing a failure.
[  218.100645][ T7422] name failslab, interval 1, probability 0, space 0, times 0
[  218.118437][ T7422] CPU: 1 UID: 0 PID: 7422 Comm: syz.4.431 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  218.118462][ T7422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  218.118472][ T7422] Call Trace:
[  218.118479][ T7422]  <TASK>
[  218.118501][ T7422]  dump_stack_lvl+0x241/0x360
[  218.118528][ T7422]  ? __pfx_dump_stack_lvl+0x10/0x10
[  218.118548][ T7422]  ? __pfx__printk+0x10/0x10
[  218.118578][ T7422]  ? __pfx___might_resched+0x10/0x10
[  218.118600][ T7422]  should_fail_ex+0x424/0x570
[  218.118622][ T7422]  should_failslab+0xac/0x100
[  218.118642][ T7422]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  218.118660][ T7422]  ? __alloc_skb+0x1c2/0x480
[  218.118699][ T7422]  __alloc_skb+0x1c2/0x480
[  218.118721][ T7422]  ? __pfx___alloc_skb+0x10/0x10
[  218.118739][ T7422]  ? netlink_autobind+0xd6/0x2f0
[  218.118761][ T7422]  ? netlink_autobind+0x2b0/0x2f0
[  218.118787][ T7422]  netlink_sendmsg+0x638/0xcd0
[  218.118819][ T7422]  ? __pfx_netlink_sendmsg+0x10/0x10
[  218.118853][ T7422]  ? __pfx_netlink_sendmsg+0x10/0x10
[  218.118873][ T7422]  __sock_sendmsg+0x221/0x270
[  218.118897][ T7422]  ____sys_sendmsg+0x523/0x860
[  218.118922][ T7422]  ? __pfx_____sys_sendmsg+0x10/0x10
[  218.118990][ T7422]  ? __fget_files+0x2a/0x420
[  218.119014][ T7422]  ? __fget_files+0x2a/0x420
[  218.119041][ T7422]  __sys_sendmsg+0x271/0x360
[  218.119066][ T7422]  ? __pfx___sys_sendmsg+0x10/0x10
[  218.119138][ T7422]  ? do_syscall_64+0xb6/0x230
[  218.119162][ T7422]  do_syscall_64+0xf3/0x230
[  218.119181][ T7422]  ? clear_bhb_loop+0x45/0xa0
[  218.119201][ T7422]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.119216][ T7422] RIP: 0033:0x7ff80458d169
[  218.119232][ T7422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.119245][ T7422] RSP: 002b:00007ff805315038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  218.119264][ T7422] RAX: ffffffffffffffda RBX: 00007ff8047a5fa0 RCX: 00007ff80458d169
[  218.119276][ T7422] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000004
[  218.119287][ T7422] RBP: 00007ff805315090 R08: 0000000000000000 R09: 0000000000000000
[  218.119297][ T7422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  218.119307][ T7422] R13: 0000000000000000 R14: 00007ff8047a5fa0 R15: 00007fffda659648
[  218.119336][ T7422]  </TASK>
[  219.230597][ T7435] netlink: 1216 bytes leftover after parsing attributes in process `syz.3.432'.
[  219.261647][ T7435] netlink: 4436 bytes leftover after parsing attributes in process `syz.3.432'.
[  219.658712][ T7446] netlink: 8 bytes leftover after parsing attributes in process `syz.0.434'.
[  220.735351][ T7463] FAULT_INJECTION: forcing a failure.
[  220.735351][ T7463] name failslab, interval 1, probability 0, space 0, times 0
[  220.748322][ T7463] CPU: 1 UID: 0 PID: 7463 Comm: syz.4.439 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  220.748344][ T7463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  220.748355][ T7463] Call Trace:
[  220.748362][ T7463]  <TASK>
[  220.748369][ T7463]  dump_stack_lvl+0x241/0x360
[  220.748398][ T7463]  ? __pfx_dump_stack_lvl+0x10/0x10
[  220.748420][ T7463]  ? __pfx__printk+0x10/0x10
[  220.748442][ T7463]  ? lockdep_hardirqs_on+0x9d/0x150
[  220.748469][ T7463]  should_fail_ex+0x424/0x570
[  220.748493][ T7463]  should_failslab+0xac/0x100
[  220.748513][ T7463]  kmem_cache_alloc_noprof+0x78/0x390
[  220.748530][ T7463]  ? dst_alloc+0x12b/0x190
[  220.748554][ T7463]  dst_alloc+0x12b/0x190
[  220.748577][ T7463]  ip_route_output_key_hash_rcu+0x1378/0x2290
[  220.748611][ T7463]  ip_route_output_key_hash+0x195/0x2b0
[  220.748630][ T7463]  ? ip_route_output_key_hash+0xe1/0x2b0
[  220.748647][ T7463]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  220.748683][ T7463]  tcp_v4_connect+0x6e1/0x1ba0
[  220.748733][ T7463]  ? __pfx_tcp_v4_connect+0x10/0x10
[  220.748749][ T7463]  ? __pfx_tcp_v4_connect+0x10/0x10
[  220.748767][ T7463]  ? __inet_stream_connect+0x168/0xfb0
[  220.748784][ T7463]  ? __inet_stream_connect+0x242/0xfb0
[  220.748810][ T7463]  __inet_stream_connect+0x2a7/0xfb0
[  220.748841][ T7463]  ? __local_bh_enable_ip+0x168/0x200
[  220.748864][ T7463]  ? lockdep_hardirqs_on+0x9d/0x150
[  220.748884][ T7463]  ? __pfx___inet_stream_connect+0x10/0x10
[  220.748900][ T7463]  ? __local_bh_enable_ip+0x168/0x200
[  220.748925][ T7463]  ? inet_stream_connect+0x50/0xa0
[  220.748942][ T7463]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  220.748978][ T7463]  inet_stream_connect+0x65/0xa0
[  220.749000][ T7463]  kernel_connect+0x11b/0x190
[  220.749024][ T7463]  ? __pfx_kernel_connect+0x10/0x10
[  220.749056][ T7463]  ? do_raw_spin_unlock+0x13c/0x8b0
[  220.749088][ T7463]  smc_connect+0x72c/0xde0
[  220.749117][ T7463]  __sys_connect+0x28c/0x2d0
[  220.749143][ T7463]  ? __pfx___sys_connect+0x10/0x10
[  220.749192][ T7463]  __x64_sys_connect+0x7a/0x90
[  220.749217][ T7463]  do_syscall_64+0xf3/0x230
[  220.749237][ T7463]  ? clear_bhb_loop+0x45/0xa0
[  220.749258][ T7463]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  220.749275][ T7463] RIP: 0033:0x7ff80458d169
[  220.749290][ T7463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  220.749304][ T7463] RSP: 002b:00007ff8023d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  220.749322][ T7463] RAX: ffffffffffffffda RBX: 00007ff8047a6160 RCX: 00007ff80458d169
[  220.749335][ T7463] RDX: 0000000000000010 RSI: 0000200000001980 RDI: 0000000000000008
[  220.749346][ T7463] RBP: 00007ff8023d5090 R08: 0000000000000000 R09: 0000000000000000
[  220.749357][ T7463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  220.749367][ T7463] R13: 0000000000000000 R14: 00007ff8047a6160 R15: 00007fffda659648
[  220.749396][ T7463]  </TASK>
[  221.750665][ T7468] xt_cluster: node mask cannot exceed total number of nodes
[  222.015783][ T7475] syz.2.443: attempt to access beyond end of device
[  222.015783][ T7475] loop5: rw=4096, sector=2, nr_sectors = 2 limit=0
[  222.032553][ T7475] EXT4-fs (loop5): unable to read superblock
[  222.968620][   T30] kauditd_printk_skb: 19 callbacks suppressed
[  222.968637][   T30] audit: type=1326 audit(1744518556.508:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7472 comm="syz.4.445" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff80458d169 code=0x0
[  223.115893][ T7484] syz.0.446 uses obsolete (PF_INET,SOCK_PACKET)
[  223.244379][ T7488] program syz.2.448 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  223.449408][ T7497] FAULT_INJECTION: forcing a failure.
[  223.449408][ T7497] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  223.463006][ T7497] CPU: 1 UID: 0 PID: 7497 Comm: syz.1.450 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  223.463029][ T7497] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  223.463039][ T7497] Call Trace:
[  223.463046][ T7497]  <TASK>
[  223.463052][ T7497]  dump_stack_lvl+0x241/0x360
[  223.463080][ T7497]  ? __pfx_dump_stack_lvl+0x10/0x10
[  223.463101][ T7497]  ? __pfx__printk+0x10/0x10
[  223.463132][ T7497]  should_fail_ex+0x424/0x570
[  223.463153][ T7497]  _copy_to_user+0x31/0xb0
[  223.463176][ T7497]  simple_read_from_buffer+0xc4/0x170
[  223.463198][ T7497]  proc_fail_nth_read+0x1ef/0x260
[  223.463223][ T7497]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  223.463245][ T7497]  ? rw_verify_area+0x246/0x630
[  223.463265][ T7497]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  223.463286][ T7497]  vfs_read+0x21f/0xb90
[  223.463310][ T7497]  ? __pfx___mutex_lock+0x10/0x10
[  223.463331][ T7497]  ? __pfx_vfs_read+0x10/0x10
[  223.463356][ T7497]  ? __fget_files+0x2a/0x420
[  223.463376][ T7497]  ? __fget_files+0x39d/0x420
[  223.463392][ T7497]  ? __fget_files+0x2a/0x420
[  223.463428][ T7497]  ksys_read+0x19d/0x2d0
[  223.463450][ T7497]  ? __pfx_ksys_read+0x10/0x10
[  223.463475][ T7497]  ? do_syscall_64+0xb6/0x230
[  223.463496][ T7497]  do_syscall_64+0xf3/0x230
[  223.463515][ T7497]  ? clear_bhb_loop+0x45/0xa0
[  223.463533][ T7497]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  223.463548][ T7497] RIP: 0033:0x7f549718bb7c
[  223.463567][ T7497] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  223.463579][ T7497] RSP: 002b:00007f5497f40030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  223.463596][ T7497] RAX: ffffffffffffffda RBX: 00007f54973a6080 RCX: 00007f549718bb7c
[  223.463607][ T7497] RDX: 000000000000000f RSI: 00007f5497f400a0 RDI: 0000000000000004
[  223.463617][ T7497] RBP: 00007f5497f40090 R08: 0000000000000000 R09: 0000000000000000
[  223.463626][ T7497] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  223.463635][ T7497] R13: 0000000000000001 R14: 00007f54973a6080 R15: 00007fff1ac57468
[  223.463661][ T7497]  </TASK>
[  223.803441][ T7502] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[  223.803721][ T5888] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  223.810137][ T7502] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  223.813486][ T7502] vhci_hcd vhci_hcd.0: Device attached
[  223.833266][ T7505] usbip_core: unknown command
[  223.839472][ T7505] vhci_hcd: unknown pdu 0
[  223.844343][ T7505] usbip_core: unknown command
[  223.851299][ T2940] vhci_hcd: stop threads
[  223.864148][ T2940] vhci_hcd: release socket
[  223.877561][ T2940] vhci_hcd: disconnect device
[  223.920083][ T7508] netlink: 'syz.1.456': attribute type 29 has an invalid length.
[  223.930792][ T7508] netlink: 'syz.1.456': attribute type 29 has an invalid length.
[  223.940978][ T7508] netlink: 500 bytes leftover after parsing attributes in process `syz.1.456'.
[  223.952589][ T7508] unsupported nla_type 58
[  223.953694][ T5887] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  223.967329][ T5888] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  223.976133][ T5888] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  223.986388][ T5888] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  223.995631][ T5888] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  224.010863][ T5888] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  224.040421][ T5888] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  224.051814][ T5888] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  224.062205][ T5888] usb 4-1: Product: syz
[  224.066487][ T5888] usb 4-1: Manufacturer: syz
[  224.077784][ T5888] cdc_wdm 4-1:1.0: skipping garbage
[  224.082983][ T5888] cdc_wdm 4-1:1.0: skipping garbage
[  224.089676][ T5888] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  224.095837][ T5888] cdc_wdm 4-1:1.0: Unknown control protocol
[  224.127123][ T5887] usb 5-1: Using ep0 maxpacket: 8
[  224.135685][ T5887] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  224.146913][ T5887] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  224.158612][ T5887] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[  224.169634][ T5887] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  224.179394][ T5887] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  224.196269][ T5887] usb 5-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  224.205456][ T5887] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  224.213525][ T5887] usb 5-1: Product: syz
[  224.219905][ T5887] usb 5-1: Manufacturer: syz
[  224.224660][ T5887] usb 5-1: SerialNumber: syz
[  224.231303][ T5887] usb 5-1: config 0 descriptor??
[  224.439717][ T5887] radio-si470x 5-1:0.0: DeviceID=0x0000 ChipID=0x0000
[  224.447070][ T5887] radio-si470x 5-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[  225.139064][ T5887] radio-si470x 5-1:0.0: software version 97, hardware version 23
[  225.148805][ T5887] radio-si470x 5-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[  225.158086][ T5891] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  225.181577][ T5887] radio-si470x 5-1:0.0: si470x_set_report: usb_control_msg returned -71
[  225.213712][ T5887] radio-si470x 5-1:0.0: submitting int urb failed (-90)
[  225.233741][ T5887] radio-si470x 5-1:0.0: si470x_set_report: usb_control_msg returned -71
[  225.246056][ T5887] radio-si470x 5-1:0.0: probe with driver radio-si470x failed with error -22
[  225.270538][ T5887] usb 5-1: USB disconnect, device number 8
[  225.333750][ T5891] usb 3-1: Using ep0 maxpacket: 16
[  225.342368][ T5891] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x5D, changing to 0xD
[  225.356543][ T5891] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[  225.367525][ T5891] usb 3-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  225.378419][ T5891] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.388848][ T5891] usb 3-1: config 0 descriptor??
[  225.396648][ T5891] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  225.533739][ T5890] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  225.683782][ T5890] usb 2-1: Using ep0 maxpacket: 16
[  225.690528][ T5890] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  225.701981][ T5890] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  225.727705][ T5890] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  225.737207][ T5890] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.758650][ T5890] usb 2-1: config 0 descriptor??
[  226.033704][ T5891] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  226.362290][ T5891] usb 5-1: Using ep0 maxpacket: 32
[  226.406666][ T5891] usb 5-1: New USB device found, idVendor=046d, idProduct=08b7, bcdDevice=99.db
[  226.416228][ T5891] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.427814][ T5891] usb 5-1: config 0 descriptor??
[  226.439278][ T5891] pwc: Logitech ViewPort AV 100 webcam detected.
[  226.521339][ T7525] lo speed is unknown, defaulting to 1000
[  226.528022][ T7525] lo speed is unknown, defaulting to 1000
[  226.541992][ T7525] lo speed is unknown, defaulting to 1000
[  226.573236][ T7525] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  226.637579][ T7525] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  226.930666][ T7525] lo speed is unknown, defaulting to 1000
[  226.945829][ T7525] lo speed is unknown, defaulting to 1000
[  226.962406][ T7525] lo speed is unknown, defaulting to 1000
[  226.981138][ T7525] lo speed is unknown, defaulting to 1000
[  226.997824][ T7525] lo speed is unknown, defaulting to 1000
[  227.138145][ T5887] usb 4-1: USB disconnect, device number 6
[  227.520940][ T5888] usb 3-1: USB disconnect, device number 14
[  227.619980][ T5891] pwc: send_video_command error -71
[  227.667133][ T5891] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  227.707512][ T5891] Philips webcam 5-1:0.0: probe with driver Philips webcam failed with error -71
[  227.751444][ T5891] usb 5-1: USB disconnect, device number 9
[  228.007251][ T7547] FAULT_INJECTION: forcing a failure.
[  228.007251][ T7547] name failslab, interval 1, probability 0, space 0, times 0
[  228.019984][ T7547] CPU: 0 UID: 0 PID: 7547 Comm: syz.3.467 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  228.019998][ T7547] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  228.020005][ T7547] Call Trace:
[  228.020010][ T7547]  <TASK>
[  228.020014][ T7547]  dump_stack_lvl+0x241/0x360
[  228.020033][ T7547]  ? __pfx_dump_stack_lvl+0x10/0x10
[  228.020046][ T7547]  ? __pfx__printk+0x10/0x10
[  228.020061][ T7547]  ? __ip_dev_find+0x49b/0x580
[  228.020080][ T7547]  should_fail_ex+0x424/0x570
[  228.020093][ T7547]  should_failslab+0xac/0x100
[  228.020105][ T7547]  kmem_cache_alloc_noprof+0x78/0x390
[  228.020114][ T7547]  ? dst_alloc+0x12b/0x190
[  228.020128][ T7547]  dst_alloc+0x12b/0x190
[  228.020141][ T7547]  ip_route_output_key_hash_rcu+0x1378/0x2290
[  228.020159][ T7547]  ip_route_output_key_hash+0x195/0x2b0
[  228.020169][ T7547]  ? ip_route_output_key_hash+0xe1/0x2b0
[  228.020178][ T7547]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[  228.020198][ T7547]  ip_route_output_flow+0x29/0x140
[  228.020213][ T7547]  udp_sendmsg+0x17d6/0x2ca0
[  228.020236][ T7547]  ? __pfx_ip_generic_getfrag+0x10/0x10
[  228.020246][ T7547]  ? __pfx_udp_sendmsg+0x10/0x10
[  228.020260][ T7547]  ? smack_socket_sendmsg+0x184/0x580
[  228.020276][ T7547]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  228.020290][ T7547]  ? tomoyo_socket_sendmsg_permission+0x285/0x420
[  228.020309][ T7547]  ? sock_rps_record_flow+0x1a/0x410
[  228.020321][ T7547]  ? inet_sendmsg+0x2ba/0x390
[  228.020334][ T7547]  __sock_sendmsg+0x1a6/0x270
[  228.020348][ T7547]  ____sys_sendmsg+0x523/0x860
[  228.020364][ T7547]  ? __pfx_____sys_sendmsg+0x10/0x10
[  228.020372][ T7547]  ? __fget_files+0x2a/0x420
[  228.020385][ T7547]  ? __fget_files+0x2a/0x420
[  228.020400][ T7547]  __sys_sendmmsg+0x3a0/0x7b0
[  228.020419][ T7547]  ? __pfx___sys_sendmmsg+0x10/0x10
[  228.020470][ T7547]  ? rcu_read_lock_any_held+0xbb/0x160
[  228.020492][ T7547]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  228.020510][ T7547]  ? vfs_write+0xb29/0xd10
[  228.020528][ T7547]  ? ksys_write+0x24e/0x2d0
[  228.020542][ T7547]  ? __mutex_unlock_slowpath+0x229/0x800
[  228.020570][ T7547]  ? ksys_write+0x275/0x2d0
[  228.020589][ T7547]  __x64_sys_sendmmsg+0xa0/0xb0
[  228.020601][ T7547]  do_syscall_64+0xf3/0x230
[  228.020612][ T7547]  ? clear_bhb_loop+0x45/0xa0
[  228.020624][ T7547]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  228.020633][ T7547] RIP: 0033:0x7fe09358d169
[  228.020642][ T7547] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  228.020650][ T7547] RSP: 002b:00007fe0944ab038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  228.020661][ T7547] RAX: ffffffffffffffda RBX: 00007fe0937a5fa0 RCX: 00007fe09358d169
[  228.020668][ T7547] RDX: 000000000800001d RSI: 0000200000007fc0 RDI: 0000000000000004
[  228.020675][ T7547] RBP: 00007fe0944ab090 R08: 0000000000000000 R09: 0000000000000000
[  228.020682][ T7547] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  228.020689][ T7547] R13: 0000000000000000 R14: 00007fe0937a5fa0 R15: 00007ffffa17bb08
[  228.020704][ T7547]  </TASK>
[  228.463010][ T5890] usbhid 2-1:0.0: can't add hid device: -71
[  228.473553][ T5890] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  228.500656][ T5890] usb 2-1: USB disconnect, device number 9
[  228.775468][ T7560] netlink: 4 bytes leftover after parsing attributes in process `syz.3.472'.
[  229.204613][ T7557] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  229.226649][ T5890] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  229.569742][ T7566] openvswitch: netlink: Message has 8 unknown bytes.
[  229.598457][ T5890] usb 2-1: New USB device found, idVendor=0545, idProduct=808b, bcdDevice=31.ad
[  229.614494][ T5890] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.703975][ T5890] usb 2-1: config 0 descriptor??
[  229.746980][ T5890] gspca_main: tv8532-2.14.0 probing 0545:808b
[  230.017588][ T5890] usb 2-1: USB disconnect, device number 10
[  231.169699][ T7596] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  231.623701][   T24] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  231.704303][   T55] Bluetooth: hci1: unexpected event for opcode 0x203c
[  231.712040][ T7610] netlink: 80 bytes leftover after parsing attributes in process `syz.3.487'.
[  231.729845][ T7611] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  231.731194][ T7610] netlink: 8 bytes leftover after parsing attributes in process `syz.3.487'.
[  231.855578][   T24] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  231.881585][ T7614] syz.3.489 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  232.023680][   T24] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  232.056529][   T24] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  232.074254][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  232.082521][   T24] usb 3-1: SerialNumber: syz
[  232.133670][ T5950] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  232.296735][ T5950] usb 2-1: config 1 interface 0 altsetting 8 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  232.341825][   T24] usb 3-1: 0:2 : does not exist
[  232.351281][ T5950] usb 2-1: config 1 interface 0 has no altsetting 0
[  232.365065][   T24] usb 3-1: unit 48 not found!
[  232.380961][ T5950] usb 2-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.40
[  232.405270][ T5950] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.423513][ T5950] usb 2-1: Product: Э
[  232.436023][ T5950] usb 2-1: Manufacturer: ᅹ晑Դ罵벰먥➲И퍡Ӎꖆୣ⾁Ｚ첼퓅ꉓ
[  232.456922][   T24] usb 3-1: USB disconnect, device number 15
[  232.650840][ T6099] udevd[6099]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  232.873261][ T7611] netlink: 'syz.1.486': attribute type 3 has an invalid length.
[  232.897401][ T7611] netlink: 132 bytes leftover after parsing attributes in process `syz.1.486'.
[  232.914314][ T5950] usbhid 2-1:1.0: can't add hid device: -71
[  232.930741][ T5950] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  232.965976][ T5950] usb 2-1: USB disconnect, device number 11
[  233.058036][ T7627] syzkaller0: entered promiscuous mode
[  233.067561][ T7627] syzkaller0: entered allmulticast mode
[  233.133328][ T7633] 8021q: VLANs not supported on vcan0
[  233.646834][ T7652] FAULT_INJECTION: forcing a failure.
[  233.646834][ T7652] name failslab, interval 1, probability 0, space 0, times 0
[  233.663731][ T7652] CPU: 1 UID: 0 PID: 7652 Comm: syz.1.498 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  233.663754][ T7652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  233.663765][ T7652] Call Trace:
[  233.663771][ T7652]  <TASK>
[  233.663778][ T7652]  dump_stack_lvl+0x241/0x360
[  233.663806][ T7652]  ? __pfx_dump_stack_lvl+0x10/0x10
[  233.663826][ T7652]  ? __pfx__printk+0x10/0x10
[  233.663851][ T7652]  ? __pfx___might_resched+0x10/0x10
[  233.663873][ T7652]  should_fail_ex+0x424/0x570
[  233.663895][ T7652]  should_failslab+0xac/0x100
[  233.663914][ T7652]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  233.663931][ T7652]  ? __alloc_skb+0x1c2/0x480
[  233.663952][ T7652]  __alloc_skb+0x1c2/0x480
[  233.663973][ T7652]  ? __pfx___alloc_skb+0x10/0x10
[  233.663991][ T7652]  ? netlink_autobind+0xd6/0x2f0
[  233.664011][ T7652]  ? netlink_autobind+0x2b0/0x2f0
[  233.664037][ T7652]  netlink_sendmsg+0x638/0xcd0
[  233.664071][ T7652]  ? __pfx_netlink_sendmsg+0x10/0x10
[  233.664112][ T7652]  ? __pfx_netlink_sendmsg+0x10/0x10
[  233.664132][ T7652]  __sock_sendmsg+0x221/0x270
[  233.664156][ T7652]  ____sys_sendmsg+0x523/0x860
[  233.664182][ T7652]  ? __pfx_____sys_sendmsg+0x10/0x10
[  233.664198][ T7652]  ? __fget_files+0x2a/0x420
[  233.664219][ T7652]  ? __fget_files+0x2a/0x420
[  233.664246][ T7652]  __sys_sendmsg+0x271/0x360
[  233.664269][ T7652]  ? __pfx___sys_sendmsg+0x10/0x10
[  233.664339][ T7652]  ? do_syscall_64+0xb6/0x230
[  233.664361][ T7652]  do_syscall_64+0xf3/0x230
[  233.664380][ T7652]  ? clear_bhb_loop+0x45/0xa0
[  233.664400][ T7652]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  233.664416][ T7652] RIP: 0033:0x7f549718d169
[  233.664431][ T7652] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  233.664444][ T7652] RSP: 002b:00007f5497f61038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  233.664462][ T7652] RAX: ffffffffffffffda RBX: 00007f54973a5fa0 RCX: 00007f549718d169
[  233.664474][ T7652] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[  233.664485][ T7652] RBP: 00007f5497f61090 R08: 0000000000000000 R09: 0000000000000000
[  233.664495][ T7652] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  233.664504][ T7652] R13: 0000000000000000 R14: 00007f54973a5fa0 R15: 00007fff1ac57468
[  233.664532][ T7652]  </TASK>
[  234.672172][ T7668] kvm: emulating exchange as write
[  237.071836][ T7693] tmpfs: Bad value for 'mpol'
[  239.211170][ T7711] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  239.453704][ T5950] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  239.625737][ T5950] usb 3-1: config 1 interface 0 altsetting 8 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  239.639747][ T5950] usb 3-1: config 1 interface 0 has no altsetting 0
[  239.683430][ T5950] usb 3-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.40
[  239.693260][ T5950] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  239.715833][ T5950] usb 3-1: Product: Э
[  239.726032][ T5950] usb 3-1: Manufacturer: ᅹ晑Դ罵벰먥➲И퍡Ӎꖆୣ⾁Ｚ첼퓅ꉓ
[  240.115673][ T5890] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  240.169902][ T7711] netlink: 'syz.2.508': attribute type 3 has an invalid length.
[  240.177936][ T7711] netlink: 132 bytes leftover after parsing attributes in process `syz.2.508'.
[  240.202046][ T5950] usbhid 3-1:1.0: can't add hid device: -71
[  240.208262][ T5950] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[  240.223100][ T5950] usb 3-1: USB disconnect, device number 16
[  240.274546][ T5890] usb 2-1: Using ep0 maxpacket: 32
[  240.281887][ T5890] usb 2-1: config 0 has an invalid interface number: 16 but max is 0
[  240.290418][ T5890] usb 2-1: config 0 has no interface number 0
[  240.296712][ T5890] usb 2-1: config 0 interface 16 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  240.311098][ T5890] usb 2-1: config 0 interface 16 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  240.325593][ T5890] usb 2-1: New USB device found, idVendor=0499, idProduct=102a, bcdDevice=85.2d
[  240.334781][ T5890] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  240.342807][ T5890] usb 2-1: Product: syz
[  240.347230][ T5890] usb 2-1: Manufacturer: syz
[  240.351846][ T5890] usb 2-1: SerialNumber: syz
[  240.372422][ T5890] usb 2-1: config 0 descriptor??
[  240.378651][ T7721] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  240.384349][ T7718] lo speed is unknown, defaulting to 1000
[  240.386433][ T7721] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  240.403414][ T5890] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  240.638836][ T5890] usb 2-1: USB disconnect, device number 12
[  241.578843][ T7733] FAULT_INJECTION: forcing a failure.
[  241.578843][ T7733] name failslab, interval 1, probability 0, space 0, times 0
[  241.625914][ T7733] CPU: 1 UID: 0 PID: 7733 Comm: syz.4.514 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  241.625940][ T7733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  241.625949][ T7733] Call Trace:
[  241.625962][ T7733]  <TASK>
[  241.625969][ T7733]  dump_stack_lvl+0x241/0x360
[  241.626000][ T7733]  ? __pfx_dump_stack_lvl+0x10/0x10
[  241.626021][ T7733]  ? __pfx__printk+0x10/0x10
[  241.626047][ T7733]  ? __pfx___might_resched+0x10/0x10
[  241.626071][ T7733]  should_fail_ex+0x424/0x570
[  241.626094][ T7733]  should_failslab+0xac/0x100
[  241.626114][ T7733]  __kmalloc_noprof+0xdf/0x4d0
[  241.626130][ T7733]  ? tomoyo_encode+0x26f/0x540
[  241.626150][ T7733]  tomoyo_encode+0x26f/0x540
[  241.626173][ T7733]  tomoyo_realpath_from_path+0x59e/0x5e0
[  241.626201][ T7733]  tomoyo_path_number_perm+0x245/0x790
[  241.626228][ T7733]  ? tomoyo_path_number_perm+0x215/0x790
[  241.626253][ T7733]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  241.626281][ T7733]  ? ksys_write+0x24e/0x2d0
[  241.626312][ T7733]  ? __lock_acquire+0xad5/0xd80
[  241.626347][ T7733]  ? __fget_files+0x2a/0x420
[  241.626365][ T7733]  ? __fget_files+0x2a/0x420
[  241.626387][ T7733]  ? __fget_files+0x2a/0x420
[  241.626410][ T7733]  security_file_ioctl+0xc6/0x2a0
[  241.626434][ T7733]  __se_sys_ioctl+0x46/0x160
[  241.626458][ T7733]  do_syscall_64+0xf3/0x230
[  241.626479][ T7733]  ? clear_bhb_loop+0x45/0xa0
[  241.626500][ T7733]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  241.626516][ T7733] RIP: 0033:0x7ff80458d169
[  241.626531][ T7733] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  241.626544][ T7733] RSP: 002b:00007ff8023f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  241.626563][ T7733] RAX: ffffffffffffffda RBX: 00007ff8047a6080 RCX: 00007ff80458d169
[  241.626575][ T7733] RDX: 00002000000000c0 RSI: 00000000000089f0 RDI: 0000000000000003
[  241.626586][ T7733] RBP: 00007ff8023f6090 R08: 0000000000000000 R09: 0000000000000000
[  241.626595][ T7733] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  241.626605][ T7733] R13: 0000000000000000 R14: 00007ff8047a6080 R15: 00007fffda659648
[  241.626639][ T7733]  </TASK>
[  241.626658][ T7733] ERROR: Out of memory at tomoyo_realpath_from_path.
[  241.908594][ T7736] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  241.931663][ T7736] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  241.972847][ T7736] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  241.994734][ T7736] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  242.030632][ T7736] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  242.039801][ T7736] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  242.059713][ T7736] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  242.071351][ T7736] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  242.094927][ T7736] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  242.365636][ T5887] usb 2-1: new full-speed USB device number 13 using dummy_hcd
[  242.427043][ T7757] netlink: 28 bytes leftover after parsing attributes in process `syz.4.518'.
[  242.942991][ T5890] usb 3-1: new full-speed USB device number 17 using dummy_hcd
[  243.320989][ T5890] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  243.449886][ T5887] usb 2-1: config 0 has an invalid interface number: 175 but max is 0
[  243.471451][ T5890] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  243.493690][ T5887] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  243.533837][ T5890] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  243.551783][ T5887] usb 2-1: config 0 has no interface number 0
[  243.563648][ T5890] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  243.576683][ T5887] usb 2-1: config 0 interface 175 altsetting 0 has an endpoint descriptor with address 0xBC, changing to 0x8C
[  243.589909][ T5887] usb 2-1: config 0 interface 175 altsetting 0 endpoint 0x8C has an invalid bInterval 0, changing to 10
[  243.660415][ T5887] usb 2-1: config 0 interface 175 altsetting 0 endpoint 0x8C has invalid wMaxPacketSize 0
[  243.671450][ T5890] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  243.690589][ T5890] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  243.710800][ T7761] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  243.727247][ T5887] usb 2-1: config 0 interface 175 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 16
[  243.743893][ T5890] usb 3-1: Manufacturer: syz
[  243.764574][ T5890] usb 3-1: config 0 descriptor??
[  243.779241][ T5887] usb 2-1: New USB device found, idVendor=05e0, idProduct=0600, bcdDevice=f9.9b
[  243.799079][ T5887] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.838399][ T5887] usb 2-1: Product: syz
[  243.853831][ T5887] usb 2-1: Manufacturer: syz
[  243.858486][ T5887] usb 2-1: SerialNumber: syz
[  243.898623][ T5887] usb 2-1: config 0 descriptor??
[  243.919526][ T5887] symbolserial 2-1:0.175: symbol converter detected
[  243.933684][   T55] Bluetooth: hci1: command 0x0406 tx timeout
[  244.005176][ T5887] usb 2-1: symbol converter now attached to ttyUSB0
[  244.015215][   T55] Bluetooth: hci2: command 0x0406 tx timeout
[  244.084278][ T7766] kvm: kvm [7765]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0xcf
[  244.093543][ T7766] kvm: kvm [7765]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x2d
[  244.094065][ T5890] rc_core: IR keymap rc-hauppauge not found
[  244.120247][   T55] Bluetooth: hci3: command 0x0406 tx timeout
[  244.127028][ T5843] Bluetooth: hci4: command 0x0c1a tx timeout
[  244.136028][ T5887] usb 2-1: USB disconnect, device number 13
[  244.180985][ T5890] Registered IR keymap rc-empty
[  244.189154][ T5890] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  244.207776][ T5887] symbol ttyUSB0: symbol converter now disconnected from ttyUSB0
[  244.223021][ T5890] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  244.240036][ T7766] kvm: kvm [7765]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0xc2) = 0x85
[  244.273289][ T5887] symbolserial 2-1:0.175: device disconnected
[  244.305389][ T5890] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  244.846240][ T5890] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input17
[  244.892756][ T5890] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  244.974036][ T5890] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  245.013741][ T5890] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  245.051608][ T5890] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  245.125501][ T5890] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  245.170356][ T5890] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  245.386502][ T5890] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  245.567528][ T5890] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  245.769048][ T7799] tmpfs: Bad value for 'mpol'
[  246.293650][   T55] Bluetooth: hci1: command 0x0406 tx timeout
[  246.299731][   T55] Bluetooth: hci2: command 0x0406 tx timeout
[  246.305988][ T5843] Bluetooth: hci3: command 0x0406 tx timeout
[  246.312007][ T5843] Bluetooth: hci4: command 0x0c1a tx timeout
[  246.733815][ T5890] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  246.774194][ T5890] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  247.175763][ T5890] mceusb 3-1:0.0: Registered  with mce emulator interface version 1
[  247.225226][ T5890] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  247.595300][ T5890] usb 3-1: USB disconnect, device number 17
[  247.815966][ T7817] syz.3.532(7817): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  248.051909][ T7822] FAULT_INJECTION: forcing a failure.
[  248.051909][ T7822] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  248.093976][ T7822] CPU: 1 UID: 0 PID: 7822 Comm: syz.0.533 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  248.094001][ T7822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  248.094012][ T7822] Call Trace:
[  248.094018][ T7822]  <TASK>
[  248.094026][ T7822]  dump_stack_lvl+0x241/0x360
[  248.094055][ T7822]  ? __pfx_dump_stack_lvl+0x10/0x10
[  248.094077][ T7822]  ? __pfx__printk+0x10/0x10
[  248.094113][ T7822]  should_fail_ex+0x424/0x570
[  248.094135][ T7822]  _copy_from_user+0x2d/0xb0
[  248.094158][ T7822]  kstrtouint_from_user+0xce/0x1a0
[  248.094181][ T7822]  ? __pfx_kstrtouint_from_user+0x10/0x10
[  248.094202][ T7822]  ? __lock_acquire+0xad5/0xd80
[  248.094230][ T7822]  proc_fail_nth_write+0xac/0x2d0
[  248.094250][ T7822]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  248.094271][ T7822]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  248.094296][ T7822]  ? __pfx_proc_fail_nth_write+0x10/0x10
[  248.094316][ T7822]  vfs_write+0x2bc/0xd10
[  248.094343][ T7822]  ? fdget_pos+0x247/0x310
[  248.094365][ T7822]  ? __pfx_vfs_write+0x10/0x10
[  248.094389][ T7822]  ? __fget_files+0x2a/0x420
[  248.094410][ T7822]  ? __fget_files+0x39d/0x420
[  248.094426][ T7822]  ? __fget_files+0x2a/0x420
[  248.094454][ T7822]  ksys_write+0x19d/0x2d0
[  248.094477][ T7822]  ? __pfx_ksys_write+0x10/0x10
[  248.094504][ T7822]  ? do_syscall_64+0xb6/0x230
[  248.094527][ T7822]  do_syscall_64+0xf3/0x230
[  248.094546][ T7822]  ? clear_bhb_loop+0x45/0xa0
[  248.094566][ T7822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.094581][ T7822] RIP: 0033:0x7fb202d8bc1f
[  248.094596][ T7822] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  248.094610][ T7822] RSP: 002b:00007fb203c85030 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  248.094627][ T7822] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb202d8bc1f
[  248.094639][ T7822] RDX: 0000000000000001 RSI: 00007fb203c850a0 RDI: 0000000000000004
[  248.094649][ T7822] RBP: 00007fb203c85090 R08: 0000000000000000 R09: 000000000001517f
[  248.094660][ T7822] R10: 0000000000000002 R11: 0000000000000293 R12: 0000000000000001
[  248.094669][ T7822] R13: 0000000000000000 R14: 00007fb202fa5fa0 R15: 00007ffed5babc18
[  248.094706][ T7822]  </TASK>
[  248.336064][ T7827] netlink: 8 bytes leftover after parsing attributes in process `syz.2.531'.
[  248.443239][   T55] Bluetooth: hci4: command 0x0c1a tx timeout
[  248.782350][ T5888] kernel write not supported for file /345/attr/exec (pid: 5888 comm: kworker/0:4)
[  248.809612][ T7836] FAULT_INJECTION: forcing a failure.
[  248.809612][ T7836] name failslab, interval 1, probability 0, space 0, times 0
[  248.832980][ T7836] CPU: 0 UID: 0 PID: 7836 Comm: syz.1.537 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  248.833005][ T7836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  248.833015][ T7836] Call Trace:
[  248.833023][ T7836]  <TASK>
[  248.833030][ T7836]  dump_stack_lvl+0x241/0x360
[  248.833061][ T7836]  ? __pfx_dump_stack_lvl+0x10/0x10
[  248.833083][ T7836]  ? __pfx__printk+0x10/0x10
[  248.833109][ T7836]  ? __pfx___might_resched+0x10/0x10
[  248.833132][ T7836]  should_fail_ex+0x424/0x570
[  248.833155][ T7836]  should_failslab+0xac/0x100
[  248.833175][ T7836]  __kmalloc_noprof+0xdf/0x4d0
[  248.833190][ T7836]  ? io_cache_alloc_new+0x44/0x100
[  248.833212][ T7836]  ? __lock_acquire+0xad5/0xd80
[  248.833232][ T7836]  io_cache_alloc_new+0x44/0x100
[  248.833257][ T7836]  __io_prep_rw+0x228/0xd30
[  248.833280][ T7836]  ? __pfx___io_prep_rw+0x10/0x10
[  248.833295][ T7836]  ? percpu_ref_get_many+0x1f/0x1d0
[  248.833324][ T7836]  ? __asan_memset+0x23/0x50
[  248.833347][ T7836]  io_prep_rwv+0x96/0x460
[  248.833367][ T7836]  ? __pfx_io_prep_rwv+0x10/0x10
[  248.833392][ T7836]  ? io_task_refs_refill+0xbb/0x180
[  248.833416][ T7836]  io_submit_sqes+0x94c/0x1ce0
[  248.833466][ T7836]  __se_sys_io_uring_enter+0x2cd/0x3560
[  248.833491][ T7836]  ? rcu_read_lock_any_held+0xbb/0x160
[  248.833511][ T7836]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  248.833534][ T7836]  ? vfs_write+0xb29/0xd10
[  248.833568][ T7836]  ? ksys_write+0x24e/0x2d0
[  248.833595][ T7836]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  248.833620][ T7836]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  248.833640][ T7836]  ? __fget_files+0x2a/0x420
[  248.833661][ T7836]  ? __fget_files+0x2a/0x420
[  248.833685][ T7836]  ? fput+0x9b/0xd0
[  248.833702][ T7836]  ? ksys_write+0x275/0x2d0
[  248.833734][ T7836]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  248.833756][ T7836]  do_syscall_64+0xf3/0x230
[  248.833776][ T7836]  ? clear_bhb_loop+0x45/0xa0
[  248.833796][ T7836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.833812][ T7836] RIP: 0033:0x7f549718d169
[  248.833828][ T7836] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  248.833841][ T7836] RSP: 002b:00007f5497f61038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  248.833859][ T7836] RAX: ffffffffffffffda RBX: 00007f54973a5fa0 RCX: 00007f549718d169
[  248.833871][ T7836] RDX: 000000000000a1ff RSI: 0000000000000567 RDI: 0000000000000004
[  248.833882][ T7836] RBP: 00007f5497f61090 R08: 0000000000000000 R09: 0000000000000000
[  248.833892][ T7836] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  248.833902][ T7836] R13: 0000000000000000 R14: 00007f54973a5fa0 R15: 00007fff1ac57468
[  248.833938][ T7836]  </TASK>
[  249.099440][    C0] vkms_vblank_simulate: vblank timer overrun
[  249.660409][ T7840] Cannot find map_set index 0 as target
[  251.232610][ T5890] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  251.477762][ T5890] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  251.548464][ T5890] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  251.608314][ T5890] usb 3-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00
[  251.880530][ T5890] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  252.642044][ T5890] usb 3-1: config 0 descriptor??
[  252.671937][ T5890] usb 3-1: can't set config #0, error -71
[  252.712557][ T7859] ubi: mtd0 is already attached to ubi31
[  253.365342][ T7858] tmpfs: Bad value for 'mpol'
[  253.544667][ T5890] usb 3-1: USB disconnect, device number 18
[  253.729787][ T5950] usb 2-1: new full-speed USB device number 14 using dummy_hcd
[  253.973317][ T5950] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  254.753623][ T5950] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  254.766396][ T5950] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  254.776269][ T5950] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  254.813752][ T5950] usb 2-1: string descriptor 0 read error: -71
[  254.819977][ T5950] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  255.191680][ T7867] netlink: 8 bytes leftover after parsing attributes in process `syz.2.544'.
[  255.209493][ T5950] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  255.220605][ T5950] usb 2-1: config 0 descriptor??
[  255.226532][ T7878] syz.0.545: attempt to access beyond end of device
[  255.226532][ T7878] nbd0: rw=4096, sector=0, nr_sectors = 1 limit=0
[  255.249067][ T5950] usb 2-1: can't set config #0, error -71
[  255.264191][ T5950] usb 2-1: USB disconnect, device number 14
[  255.447529][ T7889] overlay: Unknown parameter 'fowner>00000000000000000000'
[  255.699071][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  255.706770][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  258.532357][ T7917] FAULT_INJECTION: forcing a failure.
[  258.532357][ T7917] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  258.762193][ T7917] CPU: 0 UID: 0 PID: 7917 Comm: syz.1.554 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  258.762221][ T7917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  258.762231][ T7917] Call Trace:
[  258.762239][ T7917]  <TASK>
[  258.762246][ T7917]  dump_stack_lvl+0x241/0x360
[  258.762275][ T7917]  ? __pfx_dump_stack_lvl+0x10/0x10
[  258.762296][ T7917]  ? __pfx__printk+0x10/0x10
[  258.762330][ T7917]  should_fail_ex+0x424/0x570
[  258.762354][ T7917]  _copy_to_user+0x31/0xb0
[  258.762379][ T7917]  simple_read_from_buffer+0xc4/0x170
[  258.762403][ T7917]  proc_fail_nth_read+0x1ef/0x260
[  258.762428][ T7917]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  258.762451][ T7917]  ? rw_verify_area+0x246/0x630
[  258.762471][ T7917]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  258.762493][ T7917]  vfs_read+0x21f/0xb90
[  258.762519][ T7917]  ? __pfx___mutex_lock+0x10/0x10
[  258.762540][ T7917]  ? __pfx_vfs_read+0x10/0x10
[  258.762564][ T7917]  ? __fget_files+0x2a/0x420
[  258.762610][ T7917]  ? __fget_files+0x39d/0x420
[  258.762625][ T7917]  ? __fget_files+0x2a/0x420
[  258.762654][ T7917]  ksys_read+0x19d/0x2d0
[  258.762678][ T7917]  ? __pfx_ksys_read+0x10/0x10
[  258.762706][ T7917]  ? do_syscall_64+0xb6/0x230
[  258.762729][ T7917]  do_syscall_64+0xf3/0x230
[  258.762749][ T7917]  ? clear_bhb_loop+0x45/0xa0
[  258.762767][ T7917]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  258.762789][ T7917] RIP: 0033:0x7f549718bb7c
[  258.762806][ T7917] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  258.762819][ T7917] RSP: 002b:00007f5497f40030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  258.762837][ T7917] RAX: ffffffffffffffda RBX: 00007f54973a6080 RCX: 00007f549718bb7c
[  258.762849][ T7917] RDX: 000000000000000f RSI: 00007f5497f400a0 RDI: 0000000000000008
[  258.762859][ T7917] RBP: 00007f5497f40090 R08: 0000000000000000 R09: 0000000000000000
[  258.762870][ T7917] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000001
[  258.762880][ T7917] R13: 0000000000000000 R14: 00007f54973a6080 R15: 00007fff1ac57468
[  258.762909][ T7917]  </TASK>
[  258.972455][    C0] vkms_vblank_simulate: vblank timer overrun
[  259.178714][ T7925] Bluetooth: MGMT ver 1.23
[  260.823657][ T5888] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  260.973734][ T5888] usb 3-1: Using ep0 maxpacket: 8
[  261.134598][ T5888] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  261.707587][ T5888] usb 3-1: config 1 has no interface number 1
[  261.722893][ T5888] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  261.734324][ T5888] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.771252][ T5888] usb 3-1: Product: syz
[  261.811431][ T5888] usb 3-1: Manufacturer: syz
[  261.893798][ T5888] usb 3-1: SerialNumber: syz
[  262.053467][ T7944] loop6: detected capacity change from 0 to 524287999
[  262.111038][    C1] blk_print_req_error: 24 callbacks suppressed
[  262.111061][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  262.126527][    C1] buffer_io_error: 23 callbacks suppressed
[  262.126542][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  262.184597][ T7946] support for cryptoloop has been removed.  Use dm-crypt instead.
[  262.221481][    C1] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  262.230729][    C1] Buffer I/O error on dev loop6, logical block 0, async page read
[  262.239604][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  262.248781][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  262.257601][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  262.266755][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  262.277447][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  262.286595][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  262.296655][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  262.305804][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  262.314085][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  262.323269][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  262.331416][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  262.340584][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  262.348880][ T7944] ldm_validate_partition_table(): Disk read failed.
[  262.356391][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  262.365632][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  262.373724][    C0] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  262.382825][    C0] Buffer I/O error on dev loop6, logical block 0, async page read
[  262.410172][ T7944] Dev loop6: unable to read RDB block 0
[  262.436025][ T5888] usb 3-1: 2:1: invalid format type 0x1002 is detected, processed as PCM
[  262.444834][ T7944]  loop6: unable to read partition table
[  262.456253][ T7944] loop_reread_partitions: partition scan of loop6 (��������6�tPΪŔ���A���8�*V^��3c) failed (rc=-5)
[  262.465679][ T5888] usb 3-1: 2:1: cannot set freq 9021872 to ep 0x82
[  262.593721][ T5888] usb 3-1: USB disconnect, device number 19
[  262.909124][ T7942] DRBG: could not allocate digest TFM handle: hmac(sha512)
[  263.781221][ T5885] udevd[5885]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  264.314480][ T5950] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  264.443918][   T30] audit: type=1326 audit(1744518597.978:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7967 comm="syz.4.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  264.661230][   T30] audit: type=1326 audit(1744518598.168:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7967 comm="syz.4.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  264.723621][ T5950] usb 2-1: Using ep0 maxpacket: 16
[  264.733938][ T7974] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(9)
[  264.740480][ T7974] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  264.961445][ T5950] usb 2-1: unable to get BOS descriptor or descriptor too short
[  264.981978][   T30] audit: type=1326 audit(1744518598.168:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7967 comm="syz.4.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  265.033144][ T5950] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  265.072747][ T7980] netlink: 8 bytes leftover after parsing attributes in process `syz.0.571'.
[  265.727155][ T5950] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[  265.757714][   T30] audit: type=1326 audit(1744518598.168:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7967 comm="syz.4.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  265.780767][ T5950] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  265.810419][ T7974] vhci_hcd vhci_hcd.0: Device attached
[  265.863722][ T5950] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  265.919510][ T5950] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.962320][   T30] audit: type=1326 audit(1744518598.168:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7967 comm="syz.4.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  266.010798][ T7976] vhci_hcd: connection closed
[  266.036458][ T5950] usb 2-1: Product: syz
[  266.048188][   T53] vhci_hcd: stop threads
[  266.052459][   T53] vhci_hcd: release socket
[  266.065211][ T5891] usb 41-1: new low-speed USB device number 2 using vhci_hcd
[  266.136221][ T5950] usb 2-1: Manufacturer: syz
[  266.140856][ T5950] usb 2-1: SerialNumber: syz
[  266.149347][   T53] vhci_hcd: disconnect device
[  266.413372][   T30] audit: type=1326 audit(1744518598.168:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7967 comm="syz.4.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=303 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  266.503877][ T7996] netlink: 8 bytes leftover after parsing attributes in process `syz.3.573'.
[  266.979386][   T30] audit: type=1326 audit(1744518598.168:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7967 comm="syz.4.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  267.042895][   T30] audit: type=1326 audit(1744518598.168:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7967 comm="syz.4.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  267.236693][ T8003] overlayfs: missing 'lowerdir'
[  267.274272][   T30] audit: type=1326 audit(1744518598.168:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7967 comm="syz.4.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  267.306158][   T30] audit: type=1326 audit(1744518598.168:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7967 comm="syz.4.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7ff80458d169 code=0x7ffc0000
[  267.472119][ T5887] IPVS: starting estimator thread 0...
[  267.603849][ T8005] IPVS: using max 35 ests per chain, 84000 per kthread
[  268.743953][ T5890] usb 4-1: new full-speed USB device number 7 using dummy_hcd
[  269.035798][ T8026] netlink: 8 bytes leftover after parsing attributes in process `syz.0.582'.
[  269.541445][ T5950] usb 2-1: 0:2 : does not exist
[  269.571790][ T5890] usb 4-1: unable to get BOS descriptor or descriptor too short
[  269.637030][ T5950] usb 2-1: USB disconnect, device number 15
[  269.653474][ T5890] usb 4-1: not running at top speed; connect to a high speed hub
[  269.875231][ T5890] usb 4-1: config 129 has an invalid interface number: 135 but max is 0
[  269.891251][ T5890] usb 4-1: config 129 descriptor has 1 excess byte, ignoring
[  269.907419][ T5890] usb 4-1: config 129 has 2 interfaces, different from the descriptor's value: 1
[  270.446104][ T5890] usb 4-1: config 129 has no interface number 1
[  270.452503][ T5890] usb 4-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[  270.465807][ T5890] usb 4-1: config 129 interface 135 has no altsetting 0
[  270.490215][ T5890] usb 4-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.62
[  270.516477][ T5890] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.546329][ T5890] usb 4-1: Product: syz
[  270.550535][ T5890] usb 4-1: Manufacturer: syz
[  270.575760][ T5890] usb 4-1: SerialNumber: syz
[  270.683317][ T8040] FAULT_INJECTION: forcing a failure.
[  270.683317][ T8040] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  270.721405][ T8040] CPU: 0 UID: 0 PID: 8040 Comm: syz.1.587 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  270.721430][ T8040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  270.721440][ T8040] Call Trace:
[  270.721447][ T8040]  <TASK>
[  270.721454][ T8040]  dump_stack_lvl+0x241/0x360
[  270.721486][ T8040]  ? __pfx_dump_stack_lvl+0x10/0x10
[  270.721506][ T8040]  ? __pfx__printk+0x10/0x10
[  270.721540][ T8040]  should_fail_ex+0x424/0x570
[  270.721564][ T8040]  _copy_from_iter+0x211/0x1c70
[  270.721590][ T8040]  ? __build_skb_around+0x247/0x3d0
[  270.721611][ T8040]  ? __alloc_skb+0x298/0x480
[  270.721626][ T8040]  ? __pfx__copy_from_iter+0x10/0x10
[  270.721649][ T8040]  ? __pfx___alloc_skb+0x10/0x10
[  270.721665][ T8040]  ? smack_socket_getpeersec_dgram+0x170/0x410
[  270.721695][ T8040]  ? skb_put+0x114/0x1f0
[  270.721715][ T8040]  netlink_sendmsg+0x73c/0xcd0
[  270.721748][ T8040]  ? __pfx_netlink_sendmsg+0x10/0x10
[  270.721783][ T8040]  ? __pfx_netlink_sendmsg+0x10/0x10
[  270.721803][ T8040]  __sock_sendmsg+0x221/0x270
[  270.721827][ T8040]  ____sys_sendmsg+0x523/0x860
[  270.721854][ T8040]  ? __pfx_____sys_sendmsg+0x10/0x10
[  270.721869][ T8040]  ? __fget_files+0x2a/0x420
[  270.721891][ T8040]  ? __fget_files+0x2a/0x420
[  270.721918][ T8040]  __sys_sendmsg+0x271/0x360
[  270.721942][ T8040]  ? __pfx___sys_sendmsg+0x10/0x10
[  270.722016][ T8040]  ? do_syscall_64+0xb6/0x230
[  270.722039][ T8040]  do_syscall_64+0xf3/0x230
[  270.722058][ T8040]  ? clear_bhb_loop+0x45/0xa0
[  270.722078][ T8040]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.722095][ T8040] RIP: 0033:0x7f549718d169
[  270.722109][ T8040] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  270.722123][ T8040] RSP: 002b:00007f5497f61038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  270.722141][ T8040] RAX: ffffffffffffffda RBX: 00007f54973a5fa0 RCX: 00007f549718d169
[  270.722153][ T8040] RDX: 000000002000c094 RSI: 0000200000000b00 RDI: 0000000000000004
[  270.722165][ T8040] RBP: 00007f5497f61090 R08: 0000000000000000 R09: 0000000000000000
[  270.722175][ T8040] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  270.722185][ T8040] R13: 0000000000000000 R14: 00007f54973a5fa0 R15: 00007fff1ac57468
[  270.722213][ T8040]  </TASK>
[  271.165037][ T6099] udevd[6099]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  271.334566][ T5891] vhci_hcd: vhci_device speed not set
[  271.455461][ T5890] au0828: au0828: Device initialization failed.
[  271.461749][ T5890] au0828: au0828: Device must be connected to a high-speed USB 2.0 port.
[  271.492372][ T5890] usb 4-1: USB disconnect, device number 7
[  273.503946][ T8073] netlink: 8 bytes leftover after parsing attributes in process `syz.3.594'.
[  275.515645][ T8083] netlink: 32 bytes leftover after parsing attributes in process `syz.1.599'.
[  276.700153][ T8091] netlink: 8 bytes leftover after parsing attributes in process `syz.1.603'.
[  277.975234][ T8104] netlink: 8 bytes leftover after parsing attributes in process `syz.2.606'.
[  279.519508][ T8118] ubi: mtd0 is already attached to ubi31
[  280.379161][ T8120] FAULT_INJECTION: forcing a failure.
[  280.379161][ T8120] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  280.414318][ T8120] CPU: 0 UID: 0 PID: 8120 Comm: syz.4.611 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  280.414346][ T8120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  280.414357][ T8120] Call Trace:
[  280.414364][ T8120]  <TASK>
[  280.414371][ T8120]  dump_stack_lvl+0x241/0x360
[  280.414400][ T8120]  ? __pfx_dump_stack_lvl+0x10/0x10
[  280.414422][ T8120]  ? __pfx__printk+0x10/0x10
[  280.414457][ T8120]  should_fail_ex+0x424/0x570
[  280.414480][ T8120]  _copy_from_iter+0x211/0x1c70
[  280.414507][ T8120]  ? __build_skb_around+0x247/0x3d0
[  280.414528][ T8120]  ? __alloc_skb+0x298/0x480
[  280.414544][ T8120]  ? __pfx__copy_from_iter+0x10/0x10
[  280.414567][ T8120]  ? __pfx___alloc_skb+0x10/0x10
[  280.414584][ T8120]  ? smack_socket_getpeersec_dgram+0x170/0x410
[  280.414609][ T8120]  ? skb_put+0x114/0x1f0
[  280.414630][ T8120]  netlink_sendmsg+0x73c/0xcd0
[  280.414666][ T8120]  ? __pfx_netlink_sendmsg+0x10/0x10
[  280.414701][ T8120]  ? __pfx_netlink_sendmsg+0x10/0x10
[  280.414728][ T8120]  __sock_sendmsg+0x221/0x270
[  280.414753][ T8120]  ____sys_sendmsg+0x523/0x860
[  280.414779][ T8120]  ? __pfx_____sys_sendmsg+0x10/0x10
[  280.414795][ T8120]  ? __fget_files+0x2a/0x420
[  280.414817][ T8120]  ? __fget_files+0x2a/0x420
[  280.414845][ T8120]  __sys_sendmsg+0x271/0x360
[  280.414868][ T8120]  ? __pfx___sys_sendmsg+0x10/0x10
[  280.414940][ T8120]  ? do_syscall_64+0xb6/0x230
[  280.414963][ T8120]  do_syscall_64+0xf3/0x230
[  280.414983][ T8120]  ? clear_bhb_loop+0x45/0xa0
[  280.415003][ T8120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  280.415020][ T8120] RIP: 0033:0x7ff80458d169
[  280.415035][ T8120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  280.415049][ T8120] RSP: 002b:00007ff8023f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  280.415068][ T8120] RAX: ffffffffffffffda RBX: 00007ff8047a6080 RCX: 00007ff80458d169
[  280.415081][ T8120] RDX: 0000000004000000 RSI: 0000200000006040 RDI: 0000000000000004
[  280.415092][ T8120] RBP: 00007ff8023f6090 R08: 0000000000000000 R09: 0000000000000000
[  280.415103][ T8120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  280.415113][ T8120] R13: 0000000000000001 R14: 00007ff8047a6080 R15: 00007fffda659648
[  280.415141][ T8120]  </TASK>
[  280.772704][ T8122] tmpfs: Bad value for 'mpol'
[  281.605427][ T8133] netlink: 8 bytes leftover after parsing attributes in process `syz.3.615'.
[  281.653399][ T8130] FAULT_INJECTION: forcing a failure.
[  281.653399][ T8130] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  281.667068][ T8130] CPU: 1 UID: 0 PID: 8130 Comm: syz.0.613 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  281.667092][ T8130] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  281.667103][ T8130] Call Trace:
[  281.667110][ T8130]  <TASK>
[  281.667118][ T8130]  dump_stack_lvl+0x241/0x360
[  281.667148][ T8130]  ? __pfx_dump_stack_lvl+0x10/0x10
[  281.667170][ T8130]  ? __pfx__printk+0x10/0x10
[  281.667206][ T8130]  should_fail_ex+0x424/0x570
[  281.667230][ T8130]  _copy_from_iter+0x211/0x1c70
[  281.667252][ T8130]  ? __mutex_lock+0x380/0x10c0
[  281.667276][ T8130]  ? __pfx_kstrtoull+0x10/0x10
[  281.667299][ T8130]  ? alloc_pages_mpol+0x4e6/0x690
[  281.667316][ T8130]  ? __pfx__copy_from_iter+0x10/0x10
[  281.667348][ T8130]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  281.667362][ T8130]  ? kstrtouint+0xfc/0x190
[  281.667385][ T8130]  ? page_copy_sane+0x46/0x260
[  281.667408][ T8130]  copy_page_from_iter+0x7a/0x100
[  281.667432][ T8130]  anon_pipe_write+0x784/0x14f0
[  281.667474][ T8130]  ? __pfx_anon_pipe_write+0x10/0x10
[  281.667491][ T8130]  ? rcu_read_lock_any_held+0xbb/0x160
[  281.667511][ T8130]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  281.667535][ T8130]  ? bpf_lsm_file_permission+0x9/0x10
[  281.667562][ T8130]  vfs_write+0x70f/0xd10
[  281.667592][ T8130]  ? __pfx_anon_pipe_write+0x10/0x10
[  281.667612][ T8130]  ? __pfx_vfs_write+0x10/0x10
[  281.667637][ T8130]  ? __fget_files+0x2a/0x420
[  281.667659][ T8130]  ? __fget_files+0x2a/0x420
[  281.667688][ T8130]  ksys_write+0x19d/0x2d0
[  281.667712][ T8130]  ? __pfx_ksys_write+0x10/0x10
[  281.667740][ T8130]  ? do_syscall_64+0xb6/0x230
[  281.667763][ T8130]  do_syscall_64+0xf3/0x230
[  281.667783][ T8130]  ? clear_bhb_loop+0x45/0xa0
[  281.667804][ T8130]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  281.667820][ T8130] RIP: 0033:0x7fb202d8d169
[  281.667837][ T8130] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  281.667850][ T8130] RSP: 002b:00007fb203c85038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  281.667869][ T8130] RAX: ffffffffffffffda RBX: 00007fb202fa5fa0 RCX: 00007fb202d8d169
[  281.667882][ T8130] RDX: 0000000000011000 RSI: 0000200000000040 RDI: 0000000000000006
[  281.667893][ T8130] RBP: 00007fb203c85090 R08: 0000000000000000 R09: 0000000000000000
[  281.667904][ T8130] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  281.667913][ T8130] R13: 0000000000000000 R14: 00007fb202fa5fa0 R15: 00007ffed5babc18
[  281.667942][ T8130]  </TASK>
[  281.918802][    C1] vkms_vblank_simulate: vblank timer overrun
[  283.045757][ T8146] netlink: 'syz.4.618': attribute type 10 has an invalid length.
[  283.054885][ T8146] netlink: 40 bytes leftover after parsing attributes in process `syz.4.618'.
[  283.071207][ T8146] batman_adv: batadv0: Adding interface: virt_wifi0
[  283.080872][ T8146] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  283.157210][ T8146] batman_adv: batadv0: Interface activated: virt_wifi0
[  284.653001][ T8181] syz.4.621: attempt to access beyond end of device
[  284.653001][ T8181] nbd4: rw=4096, sector=0, nr_sectors = 1 limit=0
[  285.035632][ T8194] FAULT_INJECTION: forcing a failure.
[  285.035632][ T8194] name failslab, interval 1, probability 0, space 0, times 0
[  285.048419][ T8194] CPU: 1 UID: 0 PID: 8194 Comm: syz.2.623 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  285.048441][ T8194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  285.048452][ T8194] Call Trace:
[  285.048459][ T8194]  <TASK>
[  285.048466][ T8194]  dump_stack_lvl+0x241/0x360
[  285.048496][ T8194]  ? __pfx_dump_stack_lvl+0x10/0x10
[  285.048517][ T8194]  ? __pfx__printk+0x10/0x10
[  285.048552][ T8194]  should_fail_ex+0x424/0x570
[  285.048576][ T8194]  should_failslab+0xac/0x100
[  285.048596][ T8194]  kmem_cache_alloc_noprof+0x78/0x390
[  285.048613][ T8194]  ? skb_clone+0x20c/0x390
[  285.048636][ T8194]  skb_clone+0x20c/0x390
[  285.048659][ T8194]  __netlink_deliver_tap+0x3c4/0x7f0
[  285.048693][ T8194]  ? netlink_deliver_tap+0x2e/0x1b0
[  285.048714][ T8194]  netlink_deliver_tap+0x19d/0x1b0
[  285.048737][ T8194]  netlink_dump+0x8e6/0xeb0
[  285.048771][ T8194]  ? __pfx_netlink_dump+0x10/0x10
[  285.048809][ T8194]  ? netlink_recvmsg+0x620/0x1180
[  285.048834][ T8194]  ? netlink_recvmsg+0x620/0x1180
[  285.048861][ T8194]  netlink_recvmsg+0x6c7/0x1180
[  285.048893][ T8194]  ? __pfx_netlink_recvmsg+0x10/0x10
[  285.048918][ T8194]  ? __lock_acquire+0xad5/0xd80
[  285.048946][ T8194]  ? __import_iovec+0x3c2/0x830
[  285.048967][ T8194]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[  285.048988][ T8194]  ? __pfx_netlink_recvmsg+0x10/0x10
[  285.049013][ T8194]  sock_recvmsg+0x22f/0x280
[  285.049039][ T8194]  ____sys_recvmsg+0x1c8/0x480
[  285.049067][ T8194]  ? __pfx_____sys_recvmsg+0x10/0x10
[  285.049101][ T8194]  ? fdget+0x150/0x1e0
[  285.049125][ T8194]  do_recvmmsg+0x428/0xab0
[  285.049156][ T8194]  ? __pfx_do_recvmmsg+0x10/0x10
[  285.049198][ T8194]  ? preempt_schedule_thunk+0x16/0x30
[  285.049216][ T8194]  ? sb_end_write+0xdc/0x1c0
[  285.049249][ T8194]  ? ksys_write+0x24e/0x2d0
[  285.049275][ T8194]  ? __mutex_unlock_slowpath+0x229/0x800
[  285.049305][ T8194]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  285.049324][ T8194]  ? __fget_files+0x2a/0x420
[  285.049359][ T8194]  __x64_sys_recvmmsg+0x1ab/0x260
[  285.049381][ T8194]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  285.049407][ T8194]  ? do_syscall_64+0xb6/0x230
[  285.049430][ T8194]  do_syscall_64+0xf3/0x230
[  285.049450][ T8194]  ? clear_bhb_loop+0x45/0xa0
[  285.049469][ T8194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.049486][ T8194] RIP: 0033:0x7f100a78d169
[  285.049502][ T8194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  285.049516][ T8194] RSP: 002b:00007f100b5be038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  285.049534][ T8194] RAX: ffffffffffffffda RBX: 00007f100a9a6160 RCX: 00007f100a78d169
[  285.049547][ T8194] RDX: 0400000000000054 RSI: 0000200000000780 RDI: 0000000000000005
[  285.049558][ T8194] RBP: 00007f100b5be090 R08: 0000000000000000 R09: 0000000000000000
[  285.049569][ T8194] R10: 0000000040012100 R11: 0000000000000246 R12: 0000000000000001
[  285.049579][ T8194] R13: 0000000000000000 R14: 00007f100a9a6160 R15: 00007fffecc80b28
[  285.049608][ T8194]  </TASK>
[  285.348467][    C1] vkms_vblank_simulate: vblank timer overrun
[  287.050543][ T8231] FAULT_INJECTION: forcing a failure.
[  287.050543][ T8231] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  287.074087][ T8232] ubi: mtd0 is already attached to ubi31
[  287.206488][ T8231] CPU: 1 UID: 0 PID: 8231 Comm: syz.4.637 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  287.206516][ T8231] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  287.206526][ T8231] Call Trace:
[  287.206533][ T8231]  <TASK>
[  287.206541][ T8231]  dump_stack_lvl+0x241/0x360
[  287.206571][ T8231]  ? __pfx_dump_stack_lvl+0x10/0x10
[  287.206593][ T8231]  ? __pfx__printk+0x10/0x10
[  287.206627][ T8231]  should_fail_ex+0x424/0x570
[  287.206651][ T8231]  _copy_from_iter+0x211/0x1c70
[  287.206678][ T8231]  ? __build_skb_around+0x247/0x3d0
[  287.206700][ T8231]  ? __alloc_skb+0x298/0x480
[  287.206715][ T8231]  ? __pfx__copy_from_iter+0x10/0x10
[  287.206738][ T8231]  ? __pfx___alloc_skb+0x10/0x10
[  287.206756][ T8231]  ? skb_put+0x114/0x1f0
[  287.206778][ T8231]  netlink_sendmsg+0x73c/0xcd0
[  287.206799][ T8231]  ? trace_irq_disable+0x3b/0x120
[  287.206834][ T8231]  ? __pfx_netlink_sendmsg+0x10/0x10
[  287.206869][ T8231]  ? __pfx_netlink_sendmsg+0x10/0x10
[  287.206889][ T8231]  __sock_sendmsg+0x221/0x270
[  287.206914][ T8231]  ____sys_sendmsg+0x523/0x860
[  287.206942][ T8231]  ? __pfx_____sys_sendmsg+0x10/0x10
[  287.206958][ T8231]  ? __fget_files+0x2a/0x420
[  287.206980][ T8231]  ? __fget_files+0x2a/0x420
[  287.207008][ T8231]  __sys_sendmsg+0x271/0x360
[  287.207032][ T8231]  ? __pfx___sys_sendmsg+0x10/0x10
[  287.207047][ T8231]  ? trace_sched_exit_tp+0x3c/0x120
[  287.207107][ T8231]  ? __pfx___schedule+0x10/0x10
[  287.207145][ T8231]  ? do_syscall_64+0xb6/0x230
[  287.207168][ T8231]  do_syscall_64+0xf3/0x230
[  287.207187][ T8231]  ? clear_bhb_loop+0x45/0xa0
[  287.207207][ T8231]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  287.207224][ T8231] RIP: 0033:0x7ff80458d169
[  287.207240][ T8231] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  287.207254][ T8231] RSP: 002b:00007ff805315038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  287.207275][ T8231] RAX: ffffffffffffffda RBX: 00007ff8047a5fa0 RCX: 00007ff80458d169
[  287.207288][ T8231] RDX: 0000000004000044 RSI: 0000200000000500 RDI: 0000000000000003
[  287.207299][ T8231] RBP: 00007ff805315090 R08: 0000000000000000 R09: 0000000000000000
[  287.207310][ T8231] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  287.207320][ T8231] R13: 0000000000000000 R14: 00007ff8047a5fa0 R15: 00007fffda659648
[  287.207348][ T8231]  </TASK>
[  287.443796][    C1] vkms_vblank_simulate: vblank timer overrun
[  287.768516][ T8241] FAULT_INJECTION: forcing a failure.
[  287.768516][ T8241] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  287.926875][ T8245] netlink: 'syz.4.641': attribute type 11 has an invalid length.
[  287.934971][ T8245] netlink: 224 bytes leftover after parsing attributes in process `syz.4.641'.
[  288.055961][ T8241] CPU: 1 UID: 0 PID: 8241 Comm: syz.1.640 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  288.055987][ T8241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  288.055997][ T8241] Call Trace:
[  288.056004][ T8241]  <TASK>
[  288.056012][ T8241]  dump_stack_lvl+0x241/0x360
[  288.056041][ T8241]  ? __pfx_dump_stack_lvl+0x10/0x10
[  288.056063][ T8241]  ? __pfx__printk+0x10/0x10
[  288.056098][ T8241]  should_fail_ex+0x424/0x570
[  288.056121][ T8241]  _copy_from_iter+0x211/0x1c70
[  288.056149][ T8241]  ? __build_skb_around+0x247/0x3d0
[  288.056170][ T8241]  ? __alloc_skb+0x298/0x480
[  288.056185][ T8241]  ? __pfx__copy_from_iter+0x10/0x10
[  288.056208][ T8241]  ? __pfx___alloc_skb+0x10/0x10
[  288.056227][ T8241]  ? skb_put+0x114/0x1f0
[  288.056248][ T8241]  netlink_sendmsg+0x73c/0xcd0
[  288.056283][ T8241]  ? __pfx_netlink_sendmsg+0x10/0x10
[  288.056318][ T8241]  ? __pfx_netlink_sendmsg+0x10/0x10
[  288.056338][ T8241]  __sock_sendmsg+0x221/0x270
[  288.056362][ T8241]  ____sys_sendmsg+0x523/0x860
[  288.056390][ T8241]  ? __pfx_____sys_sendmsg+0x10/0x10
[  288.056405][ T8241]  ? __fget_files+0x2a/0x420
[  288.056428][ T8241]  ? __fget_files+0x2a/0x420
[  288.056456][ T8241]  __sys_sendmsg+0x271/0x360
[  288.056479][ T8241]  ? __pfx___sys_sendmsg+0x10/0x10
[  288.056494][ T8241]  ? trace_sched_exit_tp+0x3c/0x120
[  288.056549][ T8241]  ? __pfx___schedule+0x10/0x10
[  288.056586][ T8241]  ? do_syscall_64+0xb6/0x230
[  288.056612][ T8241]  do_syscall_64+0xf3/0x230
[  288.056631][ T8241]  ? clear_bhb_loop+0x45/0xa0
[  288.056651][ T8241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.056667][ T8241] RIP: 0033:0x7f549718d169
[  288.056682][ T8241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  288.056696][ T8241] RSP: 002b:00007f5497f61038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  288.056722][ T8241] RAX: ffffffffffffffda RBX: 00007f54973a5fa0 RCX: 00007f549718d169
[  288.056734][ T8241] RDX: 0000000004004014 RSI: 0000200000000100 RDI: 0000000000000005
[  288.056745][ T8241] RBP: 00007f5497f61090 R08: 0000000000000000 R09: 0000000000000000
[  288.056756][ T8241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  288.056766][ T8241] R13: 0000000000000000 R14: 00007f54973a5fa0 R15: 00007fff1ac57468
[  288.056794][ T8241]  </TASK>
[  288.059416][ T8244] workqueue: Failed to create a rescuer kthread for wq "xfs-buf/nbd2": -EINTR
[  288.477729][ T8242] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  288.815606][ T8258] FAULT_INJECTION: forcing a failure.
[  288.815606][ T8258] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  288.833770][ T8258] CPU: 0 UID: 0 PID: 8258 Comm: syz.0.646 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  288.833795][ T8258] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  288.833805][ T8258] Call Trace:
[  288.833811][ T8258]  <TASK>
[  288.833819][ T8258]  dump_stack_lvl+0x241/0x360
[  288.833848][ T8258]  ? __pfx_dump_stack_lvl+0x10/0x10
[  288.833869][ T8258]  ? __pfx__printk+0x10/0x10
[  288.833901][ T8258]  should_fail_ex+0x424/0x570
[  288.833926][ T8258]  _copy_to_user+0x31/0xb0
[  288.833951][ T8258]  simple_read_from_buffer+0xc4/0x170
[  288.833974][ T8258]  proc_fail_nth_read+0x1ef/0x260
[  288.833999][ T8258]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  288.834022][ T8258]  ? rw_verify_area+0x246/0x630
[  288.834043][ T8258]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  288.834065][ T8258]  vfs_read+0x21f/0xb90
[  288.834091][ T8258]  ? __pfx___mutex_lock+0x10/0x10
[  288.834112][ T8258]  ? __pfx_vfs_read+0x10/0x10
[  288.834136][ T8258]  ? __fget_files+0x2a/0x420
[  288.834156][ T8258]  ? __fget_files+0x39d/0x420
[  288.834173][ T8258]  ? __fget_files+0x2a/0x420
[  288.834201][ T8258]  ksys_read+0x19d/0x2d0
[  288.834224][ T8258]  ? __pfx_ksys_read+0x10/0x10
[  288.834251][ T8258]  ? do_syscall_64+0xb6/0x230
[  288.834274][ T8258]  do_syscall_64+0xf3/0x230
[  288.834294][ T8258]  ? clear_bhb_loop+0x45/0xa0
[  288.834315][ T8258]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  288.834330][ T8258] RIP: 0033:0x7fb202d8bb7c
[  288.834346][ T8258] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  288.834359][ T8258] RSP: 002b:00007fb203c85030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  288.834376][ T8258] RAX: ffffffffffffffda RBX: 00007fb202fa5fa0 RCX: 00007fb202d8bb7c
[  288.834388][ T8258] RDX: 000000000000000f RSI: 00007fb203c850a0 RDI: 0000000000000004
[  288.834399][ T8258] RBP: 00007fb203c85090 R08: 0000000000000000 R09: 0000000000000000
[  288.834409][ T8258] R10: 00002000000001c0 R11: 0000000000000246 R12: 0000000000000001
[  288.834420][ T8258] R13: 0000000000000000 R14: 00007fb202fa5fa0 R15: 00007ffed5babc18
[  288.834448][ T8258]  </TASK>
[  288.993783][ T8260] netlink: 8 bytes leftover after parsing attributes in process `syz.2.644'.
[  289.178140][ T8263] netlink: 8 bytes leftover after parsing attributes in process `syz.1.645'.
[  289.953674][   T24] IPVS: starting estimator thread 0...
[  289.972458][ T8272] FAULT_INJECTION: forcing a failure.
[  289.972458][ T8272] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  290.043630][ T8273] IPVS: using max 34 ests per chain, 81600 per kthread
[  290.068568][ T8272] CPU: 0 UID: 0 PID: 8272 Comm: syz.0.650 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  290.068593][ T8272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  290.068604][ T8272] Call Trace:
[  290.068610][ T8272]  <TASK>
[  290.068618][ T8272]  dump_stack_lvl+0x241/0x360
[  290.068648][ T8272]  ? __pfx_dump_stack_lvl+0x10/0x10
[  290.068669][ T8272]  ? __pfx__printk+0x10/0x10
[  290.068703][ T8272]  should_fail_ex+0x424/0x570
[  290.068727][ T8272]  _copy_from_iter+0x211/0x1c70
[  290.068753][ T8272]  ? __build_skb_around+0x247/0x3d0
[  290.068774][ T8272]  ? __alloc_skb+0x298/0x480
[  290.068789][ T8272]  ? __pfx__copy_from_iter+0x10/0x10
[  290.068812][ T8272]  ? __pfx___alloc_skb+0x10/0x10
[  290.068830][ T8272]  ? skb_put+0x114/0x1f0
[  290.068851][ T8272]  netlink_sendmsg+0x73c/0xcd0
[  290.068886][ T8272]  ? __pfx_netlink_sendmsg+0x10/0x10
[  290.068922][ T8272]  ? __pfx_netlink_sendmsg+0x10/0x10
[  290.068942][ T8272]  __sock_sendmsg+0x221/0x270
[  290.068966][ T8272]  ____sys_sendmsg+0x523/0x860
[  290.068994][ T8272]  ? __pfx_____sys_sendmsg+0x10/0x10
[  290.069010][ T8272]  ? __fget_files+0x2a/0x420
[  290.069032][ T8272]  ? __fget_files+0x2a/0x420
[  290.069059][ T8272]  __sys_sendmsg+0x271/0x360
[  290.069083][ T8272]  ? __pfx___sys_sendmsg+0x10/0x10
[  290.069154][ T8272]  ? do_syscall_64+0xb6/0x230
[  290.069178][ T8272]  do_syscall_64+0xf3/0x230
[  290.069198][ T8272]  ? clear_bhb_loop+0x45/0xa0
[  290.069218][ T8272]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  290.069234][ T8272] RIP: 0033:0x7fb202d8d169
[  290.069249][ T8272] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  290.069262][ T8272] RSP: 002b:00007fb203c85038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  290.069281][ T8272] RAX: ffffffffffffffda RBX: 00007fb202fa5fa0 RCX: 00007fb202d8d169
[  290.069292][ T8272] RDX: 0000000000000000 RSI: 0000200000001240 RDI: 0000000000000005
[  290.069303][ T8272] RBP: 00007fb203c85090 R08: 0000000000000000 R09: 0000000000000000
[  290.069313][ T8272] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  290.069323][ T8272] R13: 0000000000000000 R14: 00007fb202fa5fa0 R15: 00007ffed5babc18
[  290.069351][ T8272]  </TASK>
[  291.640046][ T8286] syz.0.654: attempt to access beyond end of device
[  291.640046][ T8286] nbd0: rw=4096, sector=0, nr_sectors = 1 limit=0
[  292.339992][ T8298] batadv0: entered promiscuous mode
[  292.346503][ T8298] batadv_slave_0: entered promiscuous mode
[  292.354821][ T8298] batadv_slave_0: left promiscuous mode
[  292.381134][ T8298] batadv0: left promiscuous mode
[  294.928780][ T8322] netlink: 8 bytes leftover after parsing attributes in process `syz.4.660'.
[  296.853257][ T8332] syz.4.665: attempt to access beyond end of device
[  296.853257][ T8332] nbd4: rw=4096, sector=0, nr_sectors = 1 limit=0
[  296.911506][ T8341] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  297.225553][ T8348] sp0: Synchronizing with TNC
[  297.381374][ T8356] capability: warning: `syz.1.674' uses deprecated v2 capabilities in a way that may be insecure
[  297.525222][ T8356] netlink: 68 bytes leftover after parsing attributes in process `syz.1.674'.
[  297.679954][ T8364] netlink: 8 bytes leftover after parsing attributes in process `syz.4.675'.
[  298.264236][ T8365] netlink: 'syz.0.676': attribute type 63 has an invalid length.
[  298.822211][ T8374] tmpfs: Bad value for 'mpol'
[  299.916246][ T8392] netlink: 'syz.4.684': attribute type 1 has an invalid length.
[  300.104863][ T8398] netlink: 4 bytes leftover after parsing attributes in process `syz.4.686'.
[  300.752534][ T8408] FAULT_INJECTION: forcing a failure.
[  300.752534][ T8408] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  300.765726][ T8408] CPU: 0 UID: 0 PID: 8408 Comm: syz.4.688 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  300.765749][ T8408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  300.765768][ T8408] Call Trace:
[  300.765777][ T8408]  <TASK>
[  300.765784][ T8408]  dump_stack_lvl+0x241/0x360
[  300.765813][ T8408]  ? __pfx_dump_stack_lvl+0x10/0x10
[  300.765835][ T8408]  ? __pfx__printk+0x10/0x10
[  300.765868][ T8408]  should_fail_ex+0x424/0x570
[  300.765892][ T8408]  _copy_to_user+0x31/0xb0
[  300.765917][ T8408]  simple_read_from_buffer+0xc4/0x170
[  300.765941][ T8408]  proc_fail_nth_read+0x1ef/0x260
[  300.765965][ T8408]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  300.765989][ T8408]  ? rw_verify_area+0x246/0x630
[  300.766009][ T8408]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  300.766031][ T8408]  vfs_read+0x21f/0xb90
[  300.766057][ T8408]  ? __pfx___mutex_lock+0x10/0x10
[  300.766079][ T8408]  ? __pfx_vfs_read+0x10/0x10
[  300.766103][ T8408]  ? __fget_files+0x2a/0x420
[  300.766124][ T8408]  ? __fget_files+0x39d/0x420
[  300.766140][ T8408]  ? __fget_files+0x2a/0x420
[  300.766169][ T8408]  ksys_read+0x19d/0x2d0
[  300.766192][ T8408]  ? __pfx_ksys_read+0x10/0x10
[  300.766218][ T8408]  ? trace_irq_enable+0x2c/0x120
[  300.766245][ T8408]  do_syscall_64+0xf3/0x230
[  300.766266][ T8408]  ? clear_bhb_loop+0x45/0xa0
[  300.766286][ T8408]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  300.766307][ T8408] RIP: 0033:0x7ff80458bb7c
[  300.766322][ T8408] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  300.766336][ T8408] RSP: 002b:00007ff8023d5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  300.766354][ T8408] RAX: ffffffffffffffda RBX: 00007ff8047a6160 RCX: 00007ff80458bb7c
[  300.766367][ T8408] RDX: 000000000000000f RSI: 00007ff8023d50a0 RDI: 0000000000000007
[  300.766377][ T8408] RBP: 00007ff8023d5090 R08: 0000000000000000 R09: 0000000000000000
[  300.766388][ T8408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  300.766398][ T8408] R13: 0000000000000000 R14: 00007ff8047a6160 R15: 00007fffda659648
[  300.766432][ T8408]  </TASK>
[  301.198782][ T8413] usb usb2: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  301.370121][ T8417] netlink: 8 bytes leftover after parsing attributes in process `syz.1.689'.
[  301.938825][ T8419] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  302.313654][ T5890] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  302.605580][ T5890] usb 5-1: config 1 interface 0 altsetting 8 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  302.626126][ T5890] usb 5-1: config 1 interface 0 has no altsetting 0
[  302.639165][ T5890] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.40
[  302.649019][ T5890] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  302.664345][ T5890] usb 5-1: Manufacturer: Э
[  302.676469][ T5890] usb 5-1: SerialNumber: syz
[  303.134705][ T8413] netlink: 'syz.4.691': attribute type 3 has an invalid length.
[  303.142660][ T8413] netlink: 132 bytes leftover after parsing attributes in process `syz.4.691'.
[  303.194939][ T5890] usbhid 5-1:1.0: can't add hid device: -71
[  303.232192][ T5890] usbhid 5-1:1.0: probe with driver usbhid failed with error -71
[  303.280274][ T5890] usb 5-1: USB disconnect, device number 10
[  303.422744][ T8430] ip6erspan0: entered promiscuous mode
[  306.527766][ T8459] netlink: 8 bytes leftover after parsing attributes in process `syz.1.703'.
[  306.956140][ T8468] netlink: 'syz.2.705': attribute type 16 has an invalid length.
[  306.968155][ T8468] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000055: 0000 [#1] SMP KASAN PTI
[  306.980065][ T8468] KASAN: null-ptr-deref in range [0x00000000000002a8-0x00000000000002af]
[  306.988465][ T8468] CPU: 0 UID: 0 PID: 8468 Comm: syz.2.705 Not tainted 6.15.0-rc1-syzkaller-00308-gecd5d67ad602 #0 PREEMPT(full) 
[  307.000341][ T8468] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  307.010384][ T8468] RIP: 0010:rtnl_create_link+0x6af/0xea0
[  307.016011][ T8468] Code: 24 20 42 80 3c 28 00 74 08 48 89 df e8 7a 54 40 f8 4c 89 64 24 28 bd a8 02 00 00 48 89 5c 24 08 48 03 2b 48 89 e8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 ef e8 52 54 40 f8 45 31 e4 48 83 7d 00
[  307.035604][ T8468] RSP: 0018:ffffc9000b886e70 EFLAGS: 00010206
[  307.041661][ T8468] RAX: 0000000000000055 RBX: ffff888031690008 RCX: 0000000000080000
[  307.049615][ T8468] RDX: ffffc9000c4c9000 RSI: 0000000000002ffb RDI: 0000000000002ffc
[  307.057569][ T8468] RBP: 00000000000002a8 R08: ffffffff89ea8669 R09: 1ffff92001710dfa
[  307.065524][ T8468] R10: dffffc0000000000 R11: fffff52001710dfb R12: ffff888022ab9080
[  307.073480][ T8468] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888031690000
[  307.081437][ T8468] FS:  00007f100b6006c0(0000) GS:ffff888124fc9000(0000) knlGS:0000000000000000
[  307.090353][ T8468] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  307.096926][ T8468] CR2: 00007fb203c84f98 CR3: 000000005e192000 CR4: 00000000003526f0
[  307.104886][ T8468] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  307.112854][ T8468] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  307.120813][ T8468] Call Trace:
[  307.124079][ T8468]  <TASK>
[  307.126998][ T8468]  rtnl_newlink_create+0x2f2/0xcb0
[  307.132095][ T8468]  ? __mutex_lock+0x380/0x10c0
[  307.136851][ T8468]  ? __pfx_rtnl_newlink_create+0x10/0x10
[  307.142468][ T8468]  ? __pfx___mutex_lock+0x10/0x10
[  307.147483][ T8468]  ? ns_capable+0x8a/0xf0
[  307.151800][ T8468]  rtnl_newlink+0x18b0/0x1fe0
[  307.156465][ T8468]  ? stack_depot_save_flags+0x44/0x940
[  307.161914][ T8468]  ? __pfx_rtnl_newlink+0x10/0x10
[  307.166924][ T8468]  ? __netlink_deliver_tap+0x561/0x7f0
[  307.172368][ T8468]  ? netlink_deliver_tap+0x19d/0x1b0
[  307.177640][ T8468]  ? netlink_unicast+0x7c6/0x9a0
[  307.182562][ T8468]  ? netlink_sendmsg+0x8c3/0xcd0
[  307.187490][ T8468]  ? __sock_sendmsg+0x221/0x270
[  307.192329][ T8468]  ? ____sys_sendmsg+0x523/0x860
[  307.197256][ T8468]  ? __sys_sendmsg+0x271/0x360
[  307.202006][ T8468]  ? do_syscall_64+0xf3/0x230
[  307.206674][ T8468]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.212742][ T8468]  ? kasan_quarantine_put+0xdc/0x230
[  307.218016][ T8468]  ? lockdep_hardirqs_on+0x9d/0x150
[  307.223205][ T8468]  ? nlmon_xmit+0xaf/0x100
[  307.227611][ T8468]  ? __local_bh_enable_ip+0x168/0x200
[  307.232969][ T8468]  ? lockdep_hardirqs_on+0x9d/0x150
[  307.238152][ T8468]  ? __local_bh_enable_ip+0x168/0x200
[  307.243512][ T8468]  ? __dev_queue_xmit+0x2f9/0x3f60
[  307.248613][ T8468]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  307.254329][ T8468]  ? __lock_acquire+0xad5/0xd80
[  307.259173][ T8468]  ? __pfx_rtnl_newlink+0x10/0x10
[  307.264186][ T8468]  rtnetlink_rcv_msg+0x80f/0xd70
[  307.269111][ T8468]  ? rtnetlink_rcv_msg+0x1ba/0xd70
[  307.274211][ T8468]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  307.279663][ T8468]  ? ref_tracker_free+0x63e/0x7e0
[  307.284675][ T8468]  netlink_rcv_skb+0x208/0x480
[  307.289428][ T8468]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  307.294880][ T8468]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  307.300159][ T8468]  ? netlink_deliver_tap+0x2e/0x1b0
[  307.305348][ T8468]  ? netlink_deliver_tap+0x2e/0x1b0
[  307.310536][ T8468]  netlink_unicast+0x7f8/0x9a0
[  307.315289][ T8468]  ? __pfx_netlink_unicast+0x10/0x10
[  307.320559][ T8468]  ? skb_put+0x114/0x1f0
[  307.324787][ T8468]  netlink_sendmsg+0x8c3/0xcd0
[  307.329544][ T8468]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.334824][ T8468]  ? __pfx_netlink_sendmsg+0x10/0x10
[  307.340097][ T8468]  __sock_sendmsg+0x221/0x270
[  307.344764][ T8468]  ____sys_sendmsg+0x523/0x860
[  307.349516][ T8468]  ? __pfx_____sys_sendmsg+0x10/0x10
[  307.354785][ T8468]  ? __fget_files+0x2a/0x420
[  307.359360][ T8468]  ? __fget_files+0x2a/0x420
[  307.363938][ T8468]  __sys_sendmsg+0x271/0x360
[  307.368510][ T8468]  ? __pfx_futex_wake+0x10/0x10
[  307.373342][ T8468]  ? __pfx___sys_sendmsg+0x10/0x10
[  307.378452][ T8468]  ? do_syscall_64+0xb6/0x230
[  307.383114][ T8468]  do_syscall_64+0xf3/0x230
[  307.387602][ T8468]  ? clear_bhb_loop+0x45/0xa0
[  307.392265][ T8468]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  307.398141][ T8468] RIP: 0033:0x7f100a78d169
[  307.402542][ T8468] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  307.422136][ T8468] RSP: 002b:00007f100b600038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  307.430540][ T8468] RAX: ffffffffffffffda RBX: 00007f100a9a5fa0 RCX: 00007f100a78d169
[  307.438497][ T8468] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000010
[  307.446452][ T8468] RBP: 00007f100a80e990 R08: 0000000000000000 R09: 0000000000000000
[  307.454406][ T8468] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  307.462360][ T8468] R13: 0000000000000000 R14: 00007f100a9a5fa0 R15: 00007fffecc80b28
[  307.470321][ T8468]  </TASK>
[  307.473334][ T8468] Modules linked in:
[  307.478216][ T8468] ---[ end trace 0000000000000000 ]---
[  307.582083][ T8468] RIP: 0010:rtnl_create_link+0x6af/0xea0
[  307.588665][ T8468] Code: 24 20 42 80 3c 28 00 74 08 48 89 df e8 7a 54 40 f8 4c 89 64 24 28 bd a8 02 00 00 48 89 5c 24 08 48 03 2b 48 89 e8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 ef e8 52 54 40 f8 45 31 e4 48 83 7d 00
[  307.609355][ T8468] RSP: 0018:ffffc9000b886e70 EFLAGS: 00010206
[  307.615619][ T8468] RAX: 0000000000000055 RBX: ffff888031690008 RCX: 0000000000080000
[  307.623829][ T8468] RDX: ffffc9000c4c9000 RSI: 0000000000002ffb RDI: 0000000000002ffc
[  307.830300][ T8468] RBP: 00000000000002a8 R08: ffffffff89ea8669 R09: 1ffff92001710dfa
[  307.860086][ T8468] R10: dffffc0000000000 R11: fffff52001710dfb R12: ffff888022ab9080
[  307.878557][ T8468] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff888031690000
[  307.888737][ T8468] FS:  00007f100b6006c0(0000) GS:ffff8881250c9000(0000) knlGS:0000000000000000
[  307.900857][ T8468] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  307.909221][ T8468] CR2: 00007fe09377a178 CR3: 000000005e192000 CR4: 00000000003526f0
[  307.919452][ T8468] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  307.927901][ T8468] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  307.948868][ T8468] Kernel panic - not syncing: Fatal exception
[  307.955152][ T8468] Kernel Offset: disabled
[  307.959473][ T8468] Rebooting in 86400 seconds..