last executing test programs:

2m22.174537004s ago: executing program 4 (id=1663):
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r0 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x10}, 0x884)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1f, 0x0, 0x0, 0x8000}, 0x48)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000140)={&(0x7f0000000dc0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xc}}, [@NFT_MSG_NEWSET={0xb4, 0x9, 0xa, 0x5, 0x0, 0x0, {0x5, 0x0, 0x7}, [@NFTA_SET_POLICY={0x8}, @NFTA_SET_POLICY={0x8, 0x8, 0x1, 0x0, 0x1}, @NFTA_SET_USERDATA={0x85, 0xd, 0x1, 0x0, "4d3ad083c8b6e95a095571341af58351d44fb2cdf5c195455f2d50047302e95dcccb9f3cc842551688e32b99a33224b4fbb104cde12b419cef3152c523fb7eb79917a6a409e615f472ab468df267475e91b525277af9a63ea50acd44b6381c330b7d1cd73bb5b6bebe755e8a19b746c1dbff3d2dbf45eac92f110f990131a12275"}, @NFTA_SET_POLICY={0x8}]}, @NFT_MSG_NEWSETELEM={0x13a8, 0xc, 0xa, 0x201, 0x0, 0x0, {0x3, 0x0, 0x5}, [@NFTA_SET_ELEM_LIST_ELEMENTS={0x1378, 0x3, 0x0, 0x1, [{0x128c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0xedf2}, @NFTA_SET_ELEM_DATA={0x4}, @NFTA_SET_ELEM_USERDATA={0x32, 0x6, 0x1, 0x0, "0b7f43d4df11902a5608e7882164c0682c95997800eb4792f1370ae31bd98897d6d12387011f1c4a94f28b110825"}, @NFTA_SET_ELEM_DATA={0x11ac, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0xfec, 0x1, "2e1f67b81fee96e74c536773760b85f9a7bdf9263b997c113f9d8d8b7b73eeba974797f1bf036a602d27882addb31cc99faf65df1708158311050fbfddd5ab4e29ac41d8a092a027f5662a23685bd4013fb4c1ae2ba7bf0b77e480c0da1f3005fb9d7eb6a3473d1e1b83fd107a7eca40e963d5bac6d61f1f15d6083310daaf6e79c95f897dabfba92f362d37f97523cbdb4e76ec6838c8b25b6f1be900cce179ba964cefa39422de5ce447d95e2b2e8246b77b5b9506fcd267802086b40a77a266f01cffb1efdf724f0bff4a21d1024591d3a65329f68c49772061f5baf0c03a01ece7b886462845145b4470d3ed41997d8750e7cd0ad75f558b47d2435276f5d0aed4b671081d43b1f05585620341586d2d8e997b878554ad0f79f9c12c02387898c6a70577261b528c4c4862099fdc890d2b20458f069fd542863ba432105712401a66089dfcf665efa6bb18c50e8e5b5f33874b0acc1b37eba907adcd6d92a1f7e7e78280ea822dde9fbc835c86f340e991f3ef77bcd2be6a491b3551949887cc8f8e208cbe7d3581998527926bc39b31c6dbab1363b80e6fdf80346ff01810fbb2cc5099a684ad7def4e517018328e07aad5d03e94ec3a645feb8a0def2515f94282d4e572ea5ee33c2968df967396de72116f9602e3bd3f14a56e35ba83b91f3911f930b2ade8c6ae6b68345f40134c3ffb85bf64bad98f3fb508c3bbfdf4c0f855291454b1a8f31bbb3acf3a71a5b3e943c3356faf30ab0d0f488781c07bebdd4c1b87940d07b88ebdcda03e9262cea1ad2f27dce7837e22e5c163f4e76e7b44360461698e36ac14a9c2a6512ca1a632a57810c26d163d0bb4c31a2c3daec3185375e1f1186e9e5e1f1333c615509b1e2281ff92291fbb691a2f71171d3ad7db50f759d7e9f9469526cf521b3448ecaba7973510cf834540775ad3e1956fdc09666e4c3b591f399248dc097130ccd2a9dd7310a51d692d3dc96d827513cf0cbe4d1c0e5daf6f3775d96a554dd889ebb30859f30487c066164c03184d103df568f0bc6a3f321aeb760d1b910095d22f0ba149c2e30d1c03b0ae374aad1ad65f3be390a79dc19f21689ee0374602b5701c8d5c25e7bb31c97acfc6b171a062c1b29a33a2a8bfba30f62fe14bcc1393213e0742a7d00b2e68ae48ad8edb3f7f498727f4586cf142c7eff5d302fd726ebf631140dbc0be197d7e58fb399c22db755ca4ae9654745d6bc26db80573996a3c5d94dbfa369f27e8971f4c156b3fad1743249aa71ae4b66b03cc24cf4ea02a66f821e0fdf9ad2c80823a58dfaa2d756353b344942b75bf2900593c69623cf4a26354703a677244c8413f15499c1228b4b92c5e5e92d2fb08eac026f375b5fd6100adc5d9e01b1ab953ab2affeed5a4197ad495177139085aec3edf6edbe94104d1140420234ea1f96bab7c0caa119184fc5c3bf047908b0c52011f507c3b2180340c222493d826fe0cf3abcf5d5bfcf7f3f072ce10459f6df2e2af5d25087fd4d22131368665feced564659ccf8632cc323837f454b8d2dcd4177c0cceee8cbe450ce659124680827df8b98e00f23266158c26948c69b13439b82735aa41d5c4b91fd91d45841f6b7b0bf43ac5ee854888781b6f083d58b6a665c08aa7cd0d4ec5724b768e9d63d851c42f18b7bd1c6f9cfc83498b2f59412a45e0aa0b4bd3a709cbc4070141b3cadec37368a710000df6d9366252d610a2e85473dc5fecae46d73b2bf088b28e65221a323d11b08dd9b1f7079dc3da62b0df22fe453437c250c01209a6e6f47f49d14712c0034ac64a6b3f603f7a4287344248b5ed3c76e33a62706de00eb0bec8d6bf8494634c48dfce511a7fd403109bd77749f9a7e647af004ce37755d0acb5baf5fafc6d63fee8c58f8b7168a05075dcf0f66631a1b63e6e7cfb1b0171bc828b0b612a27a54ec7a2d5b4841ab167e9205d2fff91b5624ff471b20d50bd332c04006a99d60d03875eedc281dd00b5169b5c56c14d5910c34fca20eb7b37a607fe53f39bca27179476b9cbb867d16553ce24c72d8b257d7f80dcd74407a5add799257e7dcce7c1304bb761187b5fad753897c9e702124c5da1d1d46c0279bfa8c23569de1b0d04f16b72e245d53e1e913146ea80de3c1685fa91f5004af05ae4ea3801a872a99a150405a6341ba51e7fa20eb074fdf8ed2a9fdc79c7b1bf0ac97357925100642b9d67c0cfffb30ab9a989fcb3fa4a61ad498d932afa9befbd6446017637cf4c00c184966355b15e2b98f39964d6e6ae67cffcc9b0afbf0a9abc2059fca077c226b29baa6c42ac8c7e0e84aa5bdd66482583d4c4fa485d40af74dccc2c8c5b8dad553f6740c353ef2b250fb35d8fa156e2d6a9902349e6dbcf8a7b00f82548802642fb87bf74a44d137a1e7b60c28a56e65ca15d12ddfee853e24b87b3c71fbd8b920ca67163adb9dae68fc15b29bea1ab7b5024d5a79d9bca28812cd28fd5885ad5d6bd41ddaa5a2f650d83bf11ac295cc964b6e971e338176f56615fa13efaabb2827eda812fa3318429cbe20df44650a3e1c80ca876ce70fd4316775784fd06e404d53ecc9ec262f31de633f13eafab03d892b157b2416fdbc4bc3ac5aad73a5e419430eed4fd9f9d864447ab6f919cc1d38d3c4a4930a7fddf06596720acf9d20e5c082bf1473edc04d64738175bfd8823088b7af36b5554ce093fbf29af28f4d5ee44ce4c6ddc86eb25c6d473a23dada223de9594ffa5e51b09b0caf39f3fa76534018bea3750ab7a72662ac7febe94bff6a2c1e660d09f867fa58767d91e883256e12d8e65d1743f7a87457c820d8004bfb4c121e0e5dee6fa5b3236c2290a6813a5b2a752b16585d7ee20e8e64ba99ff6a8bd1451612eb9011e8a39c3bdd2822f6e5143498be5941d8eeac6bb792c8e59c2e227dc7acbaaa748aff4b5779b5b43e087072444a8940cfd796ad15ba7b6d84141455d6a252887c54eff42a01676bbd88695d0d3a122ae3d1801c05d35f036947ade2fe28ad588edba5409a7a0c67ac257f067b0490b907a56600ed698ae8824baeafc10b2349727489d43f86449f2083e84ac15df5182038921d6f8b58700e9dfbe09d12288625d95207363c14306788ff3bf98997f80e096795b6f3b7116e3c09685f371047713deededb0593f2c394f4e646f544ae25d0cd08d5cf24c2c9f3e6d3dd9ae416c06e2d229d74ce7448208b14d06f492448afc881998d29a8b5c8c8e77dc2c667efd36a00e2947305f6b4d0b28cb80aa19c3a9e01f205f2f940c6c39972bd66d48e4aea8524d86d3ffbc709b01c30a8c06d10750a031c7c031eb7e23d14cc5d5679bd301c4a63164f7b6ec9b75c377a8e89971775b0b05cd5f2dbcbfad40290282507b13ad73dfb4cab7c41e0fb40c55b896e100a4ad8868d32338266065f36082e8ff5466f2da6ded54c37c4def2d99678866f74847d1f7fb49ba80f488d99c8b47ae615b35394ab8eebedd5ea75867d00dcc26bd35374e7f50c1c09bbc789fd8e80142732d7d987941d507d462f8474bb02b39ea76d361caa62cbaa4b93e5d89a186bbf98131e190fbecac4ac4c5d30740798410d77a6fc5d91608563222fe420f7d9cc7c0fe079b1746c3de22579fcca8c5355fa3e83ed32051aedbc752ff4fa12b82ffa753b611c29bd20a0b6b51f48d6130b5d2514588c1de5080e0aa05e83807c979aa99da66e492d0d437d19dc48784b94d6d46280db5ca3dfda47c79c772d235352e8e343cb070054b93d547916c17368dd9013976acdea199db5eb39d688b96784009cc495a2a5c6a08f9005dfc52d0b00ea8b3af2f9a21e67218b55eb688a9985fbd8dd081df8b5495ab88d9a4496fbf912570df32ccedc0e87de1558a61d6ce5dfbb210d7412970e4c708192f480f190bdc06bd332bd11886968f6f934d6e324fc0c669092bd9d0830ac06112c25db4ae0932ca70b9f67d6d4d27319c61ede8d11b80e855cdd6a1efb2a2ded888d80b033114ea5caecbb74f26ceb2ab96b3e5b8e21477226eb61d3012345c5c71b8def1f47f56502fd9abb84cd757d7608a0802ba95c790722b577572ee8fe4c120624b452537f27209ad019d509bfa2792e2959da5935ac0f2097e4e963d7053f156955e2341a9ea073121011d2b4014698313ac01f5e648e064a4686485a5b82bc83f013ab7c77efca930dd619c31fe1677e173a0699bca10e45e1a004ecf2de3b49d2c1dba8c418ccb7d982dd855b8f6e29e45f027a351dca1cc3e3577368b068457c6ced549fea18e64444af01983ae02f479ca5a80b078c1451ffd18d68b95b60347bb0f24891f61a92096080f731e92edf9c120884e179dd6d51e35fec31e2220209ad0aa156892198f8a8adf1bfb06899cab55c064822eb097727edde48129b91aacbba4dd12705c8e9bd6e3176a3910d3857a42fc7a9e718c5418d15c706282727f6fde99c95e7973b5fd0c8189e16052e13d7eb6512c05a16af960308636cbd370c5e5089bba5b7d9e3768f25299a94b6fe5dc7bf4139c73f5ab8c70ca3cd55934c2d437c9c00ea9509d8c6e32d6611a671e4a9853347bcea1e820ea4b83bd0a805534d8c8b461d8e1722105631243d168ce2b928c20a1c52a99ef8b45cfe4d8bc9d0644eab70080dc9e02cd03478d230f2900a669aa8865a24642ea33bdaaa829f9f5a296ebd9fb7eb3a07f23f57491173deeafdeb50c31f93a517e32b0b75ed8f4ed760e001ab82aa996d5917c1ed2317211d3864d5a21a9bad2ef3507e39059df81917c09c4400606cc4c17d0e98084b6e67dad967a1cefad9940cb1942429df534397ae7eb98bef07abe44427d025ad53cb43ab8101b528e86e58d8d13743d3deb4a6ea053d453168f13153f18df4b93349c26cbcc90dafaa920d1448d28a1c014b527ad5f74cacd0b1778ccf66a20c535008e3e33fd38355eadd17e1b87525a91544655d2cb699c0fb3cde021639ddb1526e24603f71552c5135bf870661312b832c3ae21bef06aae590f597ce5cea2e5e6a98e20640581562e954348c8dad7a8fd509988e901d344586115304b11c5c40586f505d9494de18434c021914ba47e7b7b5b4e390a4ff34761d1f6a7857b45c917db3e502f60349d59e842eda87b70b362eb92a512c23d81f12981adeada8ffa52c229c159dc9162031b18a48fa83f06df56b61025ff21b8d3b912036326444cd651bc09cdbcb499e1656318d304eba54753489ba532aa81ec1729bfcafea16e781f38c65231fb103dcf5ac59aef70460c825a6766be12145ae11713a3e4bc8e53983ab38c9c297c7afb3e76d9ff5efe5e07b1e9fa45b6e88f31d1fdc5d011e2804bf63dc4cacc96e998b4922983e4b1e13dc4a12e7d4417ac0444e04bf08dad455f21166a7dda7996e4b2b0a8a2daaea7b737700292f08904f75eb0e72570fb32cb682ad222be90dc1f1fb0a0459e8dbae8cde74b6b52449677928a5f76360a9b1c2178d3fada381745a9b2458bc02f81185b1bee322e38e5e60c5217a922d95deb5034eb54ac713e9cd1aaa6e07c26e52bbda775fa5cb45777ac2fe27e581dbceb88b04b767e54688a17eaf7509c534cf109e6b264924515ff38948ae5d872f3a275f1557821df89cfa7839e4b8f1e773c5f3fcc1f7d12e1274fde7b816d1ddc869f491500ffde2e9c24b508d71d37763f31f8a4075a6dbef7fd994c16b499b76f220477802b4475a3a60f3ab01a7f83d41f495354dee2d50278ff265d1f0a7dad"}, @NFTA_DATA_VERDICT={0x1c, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CODE={0x8, 0x1, 0x0, 0x1, 0xfffffffffffffffe}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_VERDICT_CHAIN_ID={0x8, 0x3, 0x1, 0x0, 0x4}]}, @NFTA_DATA_VALUE={0xa8, 0x1, "dfe239117eae3d07dda59c18a9fab8bcdb12e28253e992932b77552a7269bea17d609c4561c37c2eafe629bfa67273e6d5510830ad0e876ee8e36f6be5031beb0507f5567e90747909f8d460fad4790a2593ff3fbedf255e329d663d19b42e8b413947e702eb2e57ece010fb993b5d854787b393f913090a7c925d2d46e2e0a0feb81b5d81802df9ccdf87bb884c749297c44936b8d29840a087db4d23f4883249feb558"}, @NFTA_DATA_VALUE={0x7e, 0x1, "4e651bb230c712ef96a42b8dd715345eafecf7f7734dd0ca5deff94d955960880df20f4e840429d2d5dc016f9ec4afb55c49cff3d91d44801c5afa0146415c9c9478be242691ac4070674dbd985f0e5f7e292bb281e728952ac5ee59dad3458fbdfbeace4544d31a2fd91921f6127ff38cce65bbdbde960c9aba"}, @NFTA_DATA_VALUE={0x77, 0x1, "c6c18a2da71f89290df89febe9d25072489b15070704696e0b6b95f09b83f88dd978d625cf117729276d9bcc89a6306c7520e7d23aa9048932d5f726adba33dc5f0538b0dbb42372da532b0e9d4773b37712d8f8da29ae5de0d94438fd43e33bc78a205cb02b98d877a06fe59218fc63479eb5"}]}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x8}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x200}, @NFTA_SET_ELEM_KEY_END={0x80, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0x7b, 0x1, "6e937192a33b30e1a0be739ae858f49b9bdece219095b07b764ec09c25b80a5f7ae4fb8b38fce6fd948565df6788883bdf20942dc6b7bb251040771d18bbb1bc97c5f4d667b8e0334ed6853a8be90e85500bddd5aed78949523289b064ab3f968ecc5dcbcc0c61f0f6d81ce4ada18117052352ccad657a"}]}]}, {0xe8, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPR={0x10, 0x7, 0x0, 0x1, @counter={{0xc}, @void}}, @NFTA_SET_ELEM_EXPR={0x1c, 0x7, 0x0, 0x1, @socket={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0xb}]}}}, @NFTA_SET_ELEM_KEY_END={0xb0, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0xab, 0x1, "b07f8f4d92d5f22bcefb27cb5fe46533cd0d27ebc69550b20634e5e9a4f4396c0a9663957f2e037fda37cdb716c412798e400fe196fe1ca929134af16a61ec2f265b35a403a3cbdc1d97827d4357071e4ed2161ebb87fb825b937c5ad95d32f8fb5cd50bf534142e3a9968930ae31697297e88af154eae8b07bc11bf96abd3f58cf8b3af31e577352db5ee8d4fc4ad345fc57b46eb908ebe0764b8861d14290241afa37e0c0569"}]}, @NFTA_SET_ELEM_DATA={0x8, 0x2, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x4}]}]}]}, @NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}]}, @NFT_MSG_NEWRULE={0xfc, 0x6, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_RULE_COMPAT={0xc, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x33}]}, @NFTA_RULE_EXPRESSIONS={0x60, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0x2d}, @NFTA_INNER_HDRSIZE={0x8, 0x4, 0x1, 0x0, 0x2e}]}}}, {0xc, 0x1, 0x0, 0x1, @dup={{0x8}, @void}}, {0x10, 0x1, 0x0, 0x1, @inner={{0xa}, @void}}, {0xc, 0x1, 0x0, 0x1, @ct={{0x7}, @void}}, {0x10, 0x1, 0x0, 0x1, @redir={{0xa}, @void}}]}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x3}, @NFTA_RULE_USERDATA={0x50, 0x7, 0x1, 0x0, "6784d85b48ca72f4e940288d25c7fc911b091fb41337011a579e56f96daf81d81278273aa0630dbae0d88da19d57044b2f04334072e4a6eb93de7b704585d0198298d4b5ebf7a61d1d239bd3"}, @NFTA_RULE_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x1}, @NFTA_RULE_POSITION={0xc, 0x6, 0x1, 0x0, 0x3}, @NFTA_RULE_ID={0x8}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x1580}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8fff7ff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001000000b70500000000e000720aa3fe00000000850000000a000000b70000000000000095000000000000004e6258941c823b7505608556ba4ababb42684e890d31ae450400373a0a5447a801b8c1c4f0c4bd97c6555e61345400f9bd42abeb9ade0105000000000000a21902ff07000094a2b51c21df74924f5436a6ed89b98f75e800230c49c90fe1336481f3b92a63336c36fcd745d61d7739c6554ca201000000bebbe8282f8b1e26407437a397bf8f50e87ed4d27adfd876bffc402887781979461c4363bc5c9b6202ea471428197ef88bc333fbcec0ea4334f1ddb9d679ae95a90fd41d528f587e05000000435883df6c10ce86188c92292b2d0226082960be682836bdff8b0971f2a5405e453228e7b1005bd73479358a90df3e481947de6453736aa572158af6ea63d6d418fbbd2bba050000001da000ef78df03000000d19913a5fb03c79dac2e489f68127892658115e7ffb588a71dffffff951b8535167ab8069a2c92a3aa18e22517000026637b4c34bf2d0aa304ed42bf70480e9e97203fd169411f37fddd1f7fbe16dbbc0f307bceb5064f388a0350c3dc9271aa8b0e638b1e2b2a9d25264233e5d45eb377f56b95241024dbe30f67191c2b56b70328d6d3215dfffe5d89af1d10599bd494d921d1fb2db99b6aba0fa978f41eb1d4c553e5a9326ed550c13f8dd36716a899a1e79234294707c5312b924d142c17b20bb80ee202222c03fa84ccc374e717f694018630366397266090a82343aedfbf7afe892390c2eb775b0d16073da2229958db05de7df6ab7600004000010000006d8081cb3bf251d906c00da0e23b50465f8394820be571e3592d0000c7ef10fdc462e7040e7074ec43aa461fc54401a76406db718d4efd6c1bd10ce1d087cf9bba461162555a95524c84df0952d32093082b7aa71304e0d2d9ec310d1b676b378a5879e47941de1a28c3a8f400000000000000000e032b7d2badd0bc6617a859b7ac273b6304555f664469cec152030f06cc0ca1765838eb5590264736fbccfc3a8f4e3b10daf6a275daf5db2dac7096fe8ac8876acaad043663b3b0fedb05e6d31408fa20140c9d2db1c59ac8a3ce28e489d67d87d3a107ccea3007f58f2c5017e8807107f79ac50cc1d4f546b4443d137eb706b71b1767a10cca7a7c82b76c96e874aff249f36329a6526b354b6e674b08f7ef492b804c4b08fb10de807d79fd782027318cd7632e22d2faa16209272b39b5ec8d239832ea02cc88e249a2e77753a58987547571fbc8de747faab724bebb6401412b496e078fcb6c78ab447e871b76a8b0506f49594aa1d610567e14d739a60ff3ce04d0d2e5681e787c7e1ad25467bb81f2f440128207fe07a83759ec30cf9e0a3fd3f2fcee97fe8d273f8e712a8a64eaf2d89a1fa44554357fcd7ab531ff7a41c27164fca430a62d015b477de61853f5ee2e25b00a63642ec32ece2ff3bb5883deb895f52a923b5c744d8dccdd6a09ded8b90f1eeda8e6e884a4f090edb6ab9fc8107846508d51f3735493d5860cf80200ce31b92eb3563d485b5a7d192092d7a9fd2bc67d305d1d1b4b8345f6501d1cd27657ce17330402dacb78d72d776330711645eed7d4c292f4448733c0826c4eb950f3d40457f82d7f792d106518f6bde874aff9e2bea7d73f74bebeeacfc700000000000000000000d40d73be47803297db004264c8c70b7761b22a7114a078a87d63d63b0c9dcc263a5b773bfeba212abef4181ad9e4872e328c0f105d5100000000b717051d7681ba04552eeba18a000000b22b50d76d85040c9000ea68a528049a60d5e26b20455194f4be3b8466fd66d0e6cefcff7891c485d61cb66f4076cd60a22733cb00cf7cc12ca7d9bb864c0e650236a79a5c85349a9b1e6bbc3bace197e72490c566431cd3a08e9d1b641c1ba1f661d01573b904c3fa1427370fa15cecd294ac21fefe3d161fdf58e8bc5957ef145839f4370176e1be88d2e3516a1998c1621a00b4438b85a4dfee6f61827a1e50e158038b037dfda3ffb35069e41fc740ae720800de53948f176c3c15f3a529c02434b920d87f12a6e3420a2fdcb3559e7a5b1ddbb06b7a5977f63bfac701e673bf626d126b213c92e7169a930beb8d76f9db34e8098bea301baa96916d6458c923866dc192928b320738d1b298fb55f2a64500000000000000000000000000509885a38d9d995a46817e7ff7acddcc5f9253c63f86baf33f92820c9ff497cf76b6482c3ab53fb6ecea6d220b91b99b2fb4279ab09ae0645ab92df309000000000000a4868411948f8e3e259b717d722a1eebd3f6860a17f1ae9e10a1178f6aef4951b192d13e9600c1f700ca7b1d127e45103446"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
ioctl$FICLONE(r0, 0x40049409, r0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={r1, 0x300f000, 0x0, 0x0, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socket$inet(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x200000087}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r2}, 0x10)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
flock(0xffffffffffffffff, 0xc)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0x6, 0x4, 0x1010, 0x89}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000840)={0x0, &(0x7f0000000780)=""/106, &(0x7f0000000380), &(0x7f0000000000), 0x80, r6, 0x0, 0x7}, 0x38)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x3fffebe, 0x12040, 0x0)

2m21.031815158s ago: executing program 4 (id=1667):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
readv(r0, &(0x7f0000000300)=[{&(0x7f0000000340)=""/113, 0x71}], 0x1)
r3 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$EVIOCGMASK(r3, 0x80104592, &(0x7f0000000300)={0x0, 0xffffffffffffff36, &(0x7f0000000200)="952bb3e006ae9a4c3a"})
syz_open_dev$evdev(&(0x7f0000000a80), 0x0, 0x0) (fail_nth: 1)

2m19.819004616s ago: executing program 4 (id=1671):
ioprio_set$uid(0x3, 0x0, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
r1 = open(&(0x7f0000000200)='./bus\x00', 0x141a42, 0x0)
sendfile(r1, r0, 0x0, 0xffffffff)

2m19.749160343s ago: executing program 4 (id=1672):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6(0xa, 0x1, 0x8010000000000084)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000280)='./file0/../file0\x00', 0x0, 0x1adc51, 0x0)
r3 = syz_open_dev$ndb(&(0x7f0000000380), 0x0, 0x0)
ioctl$BLKPG(r3, 0x1269, &(0x7f0000000480)={0x1, 0x0, 0x98, &(0x7f00000003c0)={0xfffffffffffffafd, 0x2aa6, 0x3}})
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f00000003c0)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x12f451, 0x0)
mount$bind(&(0x7f00000000c0)='.\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x80700a, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)

2m17.085336189s ago: executing program 4 (id=1678):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000a40)}], 0x1}, 0x856)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
mbind(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x4000, &(0x7f0000000a40)=0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x10, 0x6, 0x9d8, 0x2c0, 0x2c0, 0xf0, 0xf0, 0xf0, 0x908, 0x908, 0x908, 0x908, 0x908, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xf0, 0x0, {0x7a00000000000000}}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@private0, @ipv4=@empty, 0xe}}}, {{@ipv6={@dev, @loopback, [], [], 'pimreg0\x00', 'dvmrp0\x00'}, 0x0, 0x1a8, 0x1d0, 0x0, {}, [@common=@unspec=@conntrack3={{0xc8}, {{@ipv6=@dev={0xfe, 0x80, '\x00', 0x35}, [0xff000000, 0xffffffff, 0xffffffff, 0xffffff00], @ipv4=@multicast2, [0x0, 0xffffff00, 0x0, 0xffffff00], @ipv6=@rand_addr=' \x01\x00', [0xffffffff, 0x0, 0x9a0ac21175bc306d, 0xffffffff], @ipv6=@dev={0xfe, 0x80, '\x00', 0x40}, [0xffffffff, 0xff, 0xffffffff], 0x6, 0x5, 0x21, 0x4e21, 0x4e24, 0x4e21, 0x4e24, 0x54, 0x400}, 0x0, 0x2ef, 0x4e23, 0x4e21, 0x4e22, 0x4e21}}, @common=@unspec=@connbytes={{0x38}}]}, @common=@unspec=@AUDIT={0x28}}, {{@uncond, 0x0, 0x1e0, 0x208, 0x0, {}, [@common=@rt={{0x138}, {0x0, [], 0x0, 0x0, 0x0, [@empty, @private2, @loopback, @mcast2, @local, @private1, @local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, @dev, @private1, @private1, @loopback, @loopback]}}]}, @unspec=@CHECKSUM={0x28}}, {{@uncond, 0x0, 0x2d8, 0x300, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0xfffd}]}}]}, @common=@unspec=@MARK={0x28}}, {{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @private0, [], [], 'bond_slave_1\x00', 'gretap0\x00'}, 0x0, 0xf8, 0x140, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4, @ipv6=@empty}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0xa38)

2m16.798490391s ago: executing program 4 (id=1681):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x806c0, 0x0) (fail_nth: 1)

2m16.342985383s ago: executing program 32 (id=1681):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x806c0, 0x0) (fail_nth: 1)

12.538051781s ago: executing program 0 (id=2007):
creat(&(0x7f0000000000)='./bus\x00', 0x102)
mount(&(0x7f00000003c0)=@filename='./bus\x00', &(0x7f0000000280)='./bus\x00', &(0x7f00000002c0)='9p\x00', 0x0, &(0x7f0000000300)='trans=rdma,')
futex(0xffffffffffffffff, 0x3, 0x0, 0x0, 0x0, 0x3)
socket$packet(0x11, 0xa, 0x300)
syz_emit_ethernet(0xfb6, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r0}, 0x18)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_sys\x00', 0x275a, 0x0)
fcntl$lock(r5, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r5, 0x26, &(0x7f0000000080)={0x1, 0x0, 0x2007, 0x1fd})
fcntl$lock(r5, 0x26, &(0x7f00000000c0)={0x1, 0x2, 0x9, 0x401})

9.839730129s ago: executing program 0 (id=2010):
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x3938700}}, &(0x7f0000000080))
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
r1 = socket$inet(0x2, 0xa, 0x10)
setsockopt$inet_group_source_req(r1, 0x0, 0x2f, &(0x7f00000000c0)={0x40, {{0x2, 0x4e24, @multicast1}}, {{0x2, 0x4e24, @broadcast}}}, 0x108)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)

9.694886723s ago: executing program 2 (id=2012):
prctl$PR_GET_CHILD_SUBREAPER(0x25)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x262200, 0x0)
close(r0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
fcntl$setstatus(r0, 0x4, 0x2000)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0xd)
r2 = epoll_create(0x1)
ioctl$FAT_IOCTL_SET_ATTRIBUTES(r2, 0x40047211, &(0x7f0000000100)=0x20)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000080)={0x6})
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000180)=0x4)

9.514232714s ago: executing program 0 (id=2013):
r0 = memfd_create(&(0x7f0000000200)='\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xfe\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xa8ddj\x03\xbd\x16\x93\xb9r\x04h\xaa\x1aT\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\xa3[\x00\xa9C%}C\xf4c\xba\xf9H\x98}<\x98m#\xf5\x9e\xd3\xea\x00\x00\x00\x00', 0x3)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
r1 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r1, &(0x7f00000055c0)=[{{&(0x7f0000001640)={0xa, 0xf, 0xfffffc01, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x12}}, 0xe}, 0x1c, 0x0}}, {{&(0x7f0000002980)={0xa, 0x4e21, 0x3, @dev={0xfe, 0x80, '\x00', 0x2f}, 0xffff}, 0x1c, 0x0, 0x0, &(0x7f0000002b00)=[@hopopts_2292={{0x18, 0x29, 0x36, {0x73}}}, @hoplimit={{0x14, 0x29, 0x34, 0x4}}, @rthdr_2292={{0x18, 0x29, 0x39, {0x87, 0x0, 0x2, 0x7f}}}], 0x48}}], 0x2, 0x4001c00)
capset(&(0x7f0000000300)={0x20071026}, &(0x7f0000000040)={0x0, 0x0, 0x2ba, 0x0, 0x0, 0xfffffe41})
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000280)=[{&(0x7f00000001c0)="580000001400192340834b80040d8c560a067f0202ff000000000001000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100060c10000000010000000000", 0x58}], 0x1)
syz_usb_connect(0x2, 0x62, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000095e7d086d04c308166b0102030109025000010000000009041f0000ff0100000a24010400050201020724070500000508240805040004960d240601010302000100060006092403050503060581092403060103"], 0x0)

9.446782393s ago: executing program 2 (id=2015):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000000c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000003c0)={0x2, 0x3, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r2, 0x40605346, &(0x7f0000000540)={0x0, 0x0, {0x3}}) (fail_nth: 1)

9.056827821s ago: executing program 2 (id=2016):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000400)={r0, 0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfda2, 0x0, 0x0}, 0x50)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r1, 0x10c, 0x7, &(0x7f0000000040)=0x7f00, 0x4)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="1209000c040050400a040200c416362674276e2b0f0001000000004e73297a6f6a404eaea1b543095ea0090400000098d93c00"], 0x0)
syz_usb_control_io$uac1(r2, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30) (async)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (async)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000001000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) (async)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000400)={r0, 0x3, 0x16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfda2, 0x0, 0x0}, 0x50) (async)
syz_init_net_socket$llc(0x1a, 0x1, 0x0) (async)
setsockopt$llc_int(r1, 0x10c, 0x7, &(0x7f0000000040)=0x7f00, 0x4) (async)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="1209000c040050400a040200c416362674276e2b0f0001000000004e73297a6f6a404eaea1b543095ea0090400000098d93c00"], 0x0) (async)
syz_usb_control_io$uac1(r2, 0x0, 0x0) (async)

8.942847413s ago: executing program 3 (id=2018):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x10c4, 0xea90, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000040), 0x4)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000140)=ANY=[@ANYBLOB="0000080000000800fd5dd8b784392cdaab4b73"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000500)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="208e3a0bdaa0b328d64e"], 0x0})
io_uring_setup(0x5de1, &(0x7f0000000000)={0x0, 0x6cae, 0x1000, 0x1, 0x1e0})
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = epoll_create1(0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40088a01, &(0x7f0000000000))
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f0000000340)={0xa000001c})
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000540)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="20010e6708627c6c096300"/20], 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xffffffffffffff1a, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0c0583b, &(0x7f0000000640)=ANY=[@ANYBLOB="0000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000fdffffff000000000000008001800000000000000100000000000000ffffffffffffffff0000000000000000000000000000000000000000000000000400000002000000ff0300000000000003000000000000000200000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f643e799e53000"/448])
syz_usb_connect$printer(0x2, 0x2d, &(0x7f0000000240)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x20, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x5, 0xb0, 0x4f, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x7, 0x1, 0x1, 0x8, "", {{{0x9, 0x5, 0x1, 0x2, 0x400, 0x6, 0x7, 0x8}}}}}]}}]}}, &(0x7f0000000940)={0xa, &(0x7f0000000280)={0xa, 0x6, 0x250, 0x9, 0x7, 0xb4, 0x20, 0x4e}, 0x11f, &(0x7f0000000a40)=ANY=[@ANYBLOB="050f1f010614100400ac5e6efc6e3718b15e6552786255418403100b03100b0c100a0840ffffff00ff880850100ba59247b64b16b6255da2e108264de69997a740b23b303700000000000000003c736920822ef6dd9b59648de3700c52aea58d586fa51f1f1eee540c90fd3b9c51c5051c8ac8385e0c9c7cc54988a41004e47df10624526dd80ed19c09a2e1bde093bdbf57accfe2fa2ba443424fbc8e7372da03556c11b44d97df15d0487f7a085f6f2fed7a37ed9f764851eb3c5e49ad822737136cb52572a1958045d5c0987c16a7d59dd5b2d691e94704786937f78b1e8ee158d2f6edb45c57319577a8e3283ced673373c4163f07750a6e946a955c6bcaa78f912a3178f9dfe8bd917e6489a30703e75014b5f037697d1b196ca15c87a692950cd23cc3e57bb41f32d9f50eff51604730d3c123abc590161b9f2fbebb80b8ef0718ed5d15700038d1e3649501400a53ce552fdf1f5d9be5dfda306842f7ba1deb7e1ab90f98f98f5fbb94a2b1b2fde6a8bde89c747bc148c4938b1184648e3c5390f3eb4d9d17e2774d9615156665299653053a08c227fa15b5884b435d7f973d4ff72ca00c759bec588b679cb19edd52f0b651a4ca6151b9b14a7b91a22f5029e1fc20af0ebe"], 0x5, [{0x6d, &(0x7f00000009c0)=@string={0x6d, 0x3, "8ef12b27776078b223d4602747071ce6260aaf72d0eadfff3060d0d0f301c4dd6ae54b3b3394041869bf8e9b44eded83e3e53031428ce59689a66db7446de45a6e5a66e50fbc270394738c3859deb42fb3074d93ae703ad484288581d993b01bdf7deade936ac257d2a201"}}, {0x4, &(0x7f0000000380)=@lang_id={0x4, 0x3, 0x2801}}, {0x4, &(0x7f0000000300)=@lang_id={0x4, 0x3, 0x44c}}, {0x4, &(0x7f00000004c0)=@lang_id={0x4, 0x3, 0x1809}}, {0x21, &(0x7f0000000580)=@string={0x21, 0x3, "8a21a59da6702b75bad268639a23ecdc187f30cba4468130bc6d9d24442a87"}}]})

8.551479234s ago: executing program 1 (id=2020):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20181, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet6(0xa, 0x1, 0x84)
sendto$inet6(r4, &(0x7f00000002c0)='\x00', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x3, @private2={0xfc, 0x2, '\x00', 0xff}, 0x8080}, 0x1c)
getsockopt$bt_hci(r4, 0x84, 0x6d, &(0x7f0000002280)=""/4086, &(0x7f0000000040)=0xff6)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x48, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0xf9, 0x3, 0x3, '\x00', 0x8})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

7.718856634s ago: executing program 0 (id=2021):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, 0x0)
r1 = userfaultfd(0x1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010000000000000000001b0000000700210062"], 0x1c}}, 0x48004)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_MAC_ACL(r2, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0xa8, r4, 0x800, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x7, 0x25}}}}, [@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x40, 0xa6, 0x0, 0x1, [{0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa}, {0xa}, {0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x28, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa}, {0x1b, 0x6, @broadcast}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x20004081}, 0x11)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x60, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5}, @IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}]}, 0x60}}, 0x0)

7.681923546s ago: executing program 5 (id=2022):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
clock_nanosleep(0xfa75360d476b8898, 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_FREE_BUFS(r1, 0x4010641a, 0x0)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000080)=[@in={0x2, 0x4e20, @empty}], 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x44}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000840)={0x0, @in6={{0xa, 0x4e20, 0x3ae, @empty, 0x129}}, 0x2, 0x2, 0x614, 0x1, 0xd, 0x7, 0x4}, 0x9c)
add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r4 = syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
syz_usb_disconnect(r4)
syz_usb_connect(0x6, 0x24, &(0x7f0000000740)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r4, 0xc0085508, &(0x7f0000000000)=0x3)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r6, &(0x7f0000000140)={0xa, 0x1, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=@ipv6_newrule={0x38, 0x20, 0x1, 0x0, 0x0, {0xa, 0x0, 0x20, 0x40, 0x0, 0x0, 0x0, 0x7}, [@FRA_SRC={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x12}}, @FIB_RULE_POLICY=@FRA_L3MDEV={0x5, 0x13, 0x1}]}, 0x38}, 0x1, 0x0, 0x0, 0x24040804}, 0x800)
sendmsg$nl_route(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB='\\\x00\x00\x00!'], 0x5c}}, 0x0)

5.534129178s ago: executing program 1 (id=2023):
syz_emit_ethernet(0x11e, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb86dd60122d9200e83afffe8000000000000000000000000000bbff0200000000000000000000000000018f0090780180000207040008fc020000000000000000000000000001fe8000000000000000000000000000aa20010000000000000000000000000000fe8000000000000000000000000000270000000000000000000000000000000000000000000000000000000000000000fe8000000000000000000000000000bb00000000000000000000ffff00000000fc00000000000000000000000c0000010000010055000000010100000100008005060001fc0100000000000000000000000000012001000000000000000000000000000002000000e2060000000000a0070000000800000066600000"], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x9)
r0 = getpid()
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0a00000004000000040000000c"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='mmap_lock_acquire_returned\x00', r4}, 0x10)
writev(0xffffffffffffffff, &(0x7f0000000780)=[{&(0x7f00000004c0)='5', 0x2b}], 0x1)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r6, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xa}}, 0x2}}, 0x2e)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r7, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r7, {0x2, 0xfffc}, 0x2, 0x4}}, 0x26)
ioctl$PPPIOCGL2TPSTATS(r7, 0x8004745a, 0x0)

5.533663254s ago: executing program 2 (id=2024):
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0xa, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000d208100000000000000000007301b80000000000950a000000000000"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000003140), 0x2, 0x0)
mq_timedreceive(r0, 0x0, 0x0, 0x4, 0x0)
r1 = syz_open_procfs$namespace(0x0, &(0x7f00000000c0)='ns/uts\x00')
ioctl$NS_GET_PARENT(r1, 0xb702, 0x0)
r2 = socket$phonet(0x23, 0x2, 0x1)
r3 = syz_open_dev$vbi(&(0x7f0000000240), 0x1, 0x2)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$VIDIOC_S_MODULATOR(r0, 0x40445637, &(0x7f0000000100)={0x30000000, "beebc78fe329aacf432da037a0b1cb8b3e3c420341c0141a77720530a1b43665", 0x400, 0x7, 0x0, 0xf, 0x2})
r5 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
write$P9_RXATTRWALK(r4, &(0x7f0000000000)={0xf, 0x1f, 0x2, 0x4}, 0xca80)
r6 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r6, 0x8916, 0x0)
mprotect(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x0)
ioctl$sock_SIOCINQ(r2, 0x541b, &(0x7f0000000280))

5.477286329s ago: executing program 3 (id=2025):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r0, &(0x7f0000000300)="ca0e808bb35bdabb", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r3, 0xffffffffffffffff, 0x0)

5.104154448s ago: executing program 2 (id=2026):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$KVM_SET_MP_STATE(0xffffffffffffffff, 0x4004ae99, 0x0)
r1 = userfaultfd(0x1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000300)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="010000000000000000001b0000000700210062"], 0x1c}}, 0x48004)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_MAC_ACL(r2, &(0x7f0000000440)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000400)={&(0x7f0000000340)={0xa8, r4, 0x800, 0x70bd27, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x7, 0x25}}}}, [@NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x40, 0xa6, 0x0, 0x1, [{0xa, 0x6, @broadcast}, {0xa, 0x6, @device_b}, {0xa}, {0xa}, {0xa, 0x6, @device_b}]}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_ACL_POLICY={0x8}, @NL80211_ATTR_MAC_ADDRS={0x28, 0xa6, 0x0, 0x1, [{0xa, 0x6, @device_b}, {0xa}, {0x1b, 0x6, @broadcast}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x20004081}, 0x11)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x60, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_BUCKETSIZE={0x5}, @IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_TYPENAME={0x11, 0x3, 'hash:net,net\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}]}, 0x60}}, 0x0)

4.982003816s ago: executing program 3 (id=2027):
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20181, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet6(0xa, 0x1, 0x84)
sendto$inet6(r4, &(0x7f00000002c0)='\x00', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x3, @private2={0xfc, 0x2, '\x00', 0xff}, 0x8080}, 0x1c)
getsockopt$bt_hci(r4, 0x84, 0x6d, &(0x7f0000002280)=""/4086, &(0x7f0000000040)=0xff6)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x48, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0xf9, 0x3, 0x3, '\x00', 0x8})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.45209632s ago: executing program 1 (id=2028):
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20181, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet6(0xa, 0x1, 0x84)
sendto$inet6(r4, &(0x7f00000002c0)='\x00', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x3, @private2={0xfc, 0x2, '\x00', 0xff}, 0x8080}, 0x1c)
getsockopt$bt_hci(r4, 0x84, 0x6d, &(0x7f0000002280)=""/4086, &(0x7f0000000040)=0xff6)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x48, 0x0, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0xf9, 0x3, 0x3, '\x00', 0x8})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.09348175s ago: executing program 5 (id=2029):
r0 = socket$inet6(0xa, 0x3, 0x4)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000100)="9077bad915bcb369112470a9ff10c4f98be21e38", 0x14}, {&(0x7f0000000140)="5c01ef5198430a1c072a", 0xa}, {&(0x7f0000000180)="a03c0783974085fb8b48042a43dbd183d0ef9e68872f372d07c55b6cea1c5309eefbc841f385e8354cb39fd7e755e80876ae3db9454ede42b40a16dd78408ad2575eda0a7db6c525a9ecb8e0d0daecf1ad7a825690e2", 0x56}, {&(0x7f0000000240)="ad96220153008d051df1684892161266f99c456560a122575b8f23b1a5595dd26734b82b117e427a8554a3860aa62dcda3ca0cba716ebccd3135d75e50f640b224afbd1780c94c57c661fe86a14fa202d89a02847860e471cb296f0819", 0x5d}], 0x4)
sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_LEVEL(r1, &(0x7f0000000500)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x34, 0x0, 0x2, 0x70bd25, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r2}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008000}, 0xc000)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x43, &(0x7f0000000340)={{{@in=@broadcast, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x8, 0x404, 0x0, 0x0, 0x0, 0xc0, 0x80, 0x3a}, {0x0, 0xfffffffffffffffc, 0x0, 0x6cc, 0x4, 0x0, 0xfffffffffffffffe}, {0x0, 0x100, 0x3, 0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{@in6=@loopback, 0x0, 0x6c}, 0xa, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0xfffffffd, 0x1, 0x0, 0x0, 0x0, 0x93}}, 0xf2)
r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
r4 = syz_open_dev$radio(&(0x7f0000000040), 0x1, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r4, 0x4020565a, &(0x7f0000000080)={0x8000000, 0x7, 0x2})
ioctl$SNDCTL_SEQ_TESTMIDI(r3, 0x40045108, &(0x7f0000000200)=0x4)
close(r3)

3.469744456s ago: executing program 3 (id=2030):
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x3, 0xcd, &(0x7f0000000780)=""/205, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f00000002c0)="9e", 0x1, 0x0, &(0x7f0000000200)={0xa, 0x4e23, 0x0, @loopback, 0xe}, 0x1c)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000300)={0x0, 0x7, 0x30}, 0xc)
sendto$inet6(r0, &(0x7f0000000480)="88", 0x1, 0xc000, 0x0, 0x0)
writev(r0, &(0x7f0000000600)=[{&(0x7f0000000040)="bb", 0x1}], 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCGSOFTCAR(r1, 0x5414, &(0x7f0000000040))

3.189742335s ago: executing program 1 (id=2031):
r0 = openat$nullb(0xffffffffffffff9c, 0x0, 0x80101, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = dup3(r1, r0, 0x80000)
openat$userio(0xffffffffffffff9c, 0x0, 0x2002, 0x0)
write$USERIO_CMD_REGISTER(r2, 0x0, 0x0)
r3 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r3, &(0x7f0000000140)=@in4={0x21, 0xfffc, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24)
sendmmsg(r3, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0)
recvmmsg(r3, &(0x7f0000000d00), 0xf000, 0x10002, 0x0)
recvmsg$kcm(r3, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x12040)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x44000)
r4 = open(0x0, 0x0, 0x0)
mkdirat(r4, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'bond0\x00', <r6=>0x0})
sendto$packet(r5, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9", 0x5ee, 0x0, &(0x7f0000000540)={0xc9, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)

2.446542677s ago: executing program 5 (id=2032):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bond0\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9", 0x5ee, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

2.445902321s ago: executing program 3 (id=2033):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0x3, 0x5, &(0x7f0000000100)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x987}, 0x94)
syz_usb_connect(0x0, 0x0, 0x0, &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x403}}]})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f00000012c0)=0x100000001, 0x4)
connect$inet6(r0, 0x0, 0x0)
rename(0x0, &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
syz_open_procfs(0xffffffffffffffff, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="f800000016008502000000000000000020010000000000000000000000000002a600000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032"], 0xf8}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
r3 = socket$netlink(0x10, 0x3, 0xc)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000140)=0x6, 0x4)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000004c0)={0x7c, 0x0, 0x1, 0x401, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @empty}, {0x14, 0x4, @mcast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x7c}}, 0x0)
sendmsg$IPCTNL_MSG_CT_DELETE(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000640)={0x14, 0x2, 0x1, 0x5, 0x0, 0x0, {0x2, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x20044804}, 0x40040)
r5 = syz_open_dev$sg(&(0x7f0000000240), 0x6, 0x408002)
r6 = fcntl$dupfd(r5, 0x0, r5)
write$sndseq(r6, &(0x7f0000000280)=[{0x5, 0x5, 0x40, 0x0, @time={0x8, 0x7}, {0xf7, 0xf}, {0x3, 0x9}, @queue={0x0, {0x17, 0x9}}}, {0x5, 0x9, 0x3, 0x2, @time={0xffffffff, 0x7}, {0xff, 0xb}, {0x6, 0xfc}, @queue={0xe, {0x1, 0x7}}}], 0x38)
readv(r5, 0x0, 0x0)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[], 0x134}}, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
fcntl$dupfd(r0, 0x0, r0)

2.323457614s ago: executing program 5 (id=2034):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
pipe(&(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
splice(r0, 0x0, r1, 0x0, 0x800000008ec0, 0xa)

1.696018376s ago: executing program 5 (id=2035):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20181, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet6(0xa, 0x1, 0x84)
sendto$inet6(r4, &(0x7f00000002c0)='\x00', 0x1, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x3, @private2={0xfc, 0x2, '\x00', 0xff}, 0x8080}, 0x1c)
getsockopt$bt_hci(r4, 0x84, 0x6d, &(0x7f0000002280)=""/4086, &(0x7f0000000040)=0xff6)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000001200)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x48, 0x0, 0x0)

1.01552997s ago: executing program 0 (id=2036):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x437, 0xfefffffe, 0xfffffffd, {0x0, 0x0, 0x0, 0x0, 0x4048b, 0x2}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}, @IFLA_MTU={0x8, 0x4, 0x1ce}]}, 0x40}}, 0x0)

919.000165ms ago: executing program 1 (id=2037):
r0 = memfd_create(&(0x7f0000000540)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d \x06\x00\x00\x00\x97A\xc2\xd8\xf0Uq!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\x16\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xf1k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9k\x83\xfc\xa4\xad4\x03\xa2X\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xdfY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96?\x00\x00\x00\x00\x00\x00\x00\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcb\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93>m\xd7q\'\xdf\xfajo\xd8n\xa7\xecJi\xde\xdf\x7f\xe3\xc4*Z 4\xe8S$\xa1H=\xdf\x05\xf3\xe3T\xd1\xdd\xc6f\xa4\xb4\x96\\\xa0\xf9\x0f\x17\x11{\xb6\x9d\xd21\xc1\x90Vj\x13r\x00\x00\xde\x03\xab\xff\x8as0\xc6E\xca\"\xd9*\x9a\x15\xb95r\x8f\xaaj\x82\xd6\xd2%\xed\xa2WQ\xec2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xccX\xfdRB\xffU\xe9\xfa\x1f\xf6\xce\b\xde@\x061\xc6z\xe4\xe0\xc9?\xa7\x94>\x9c\xd1\xa5o\x04\xaaim\xae\xfe\xc7f\xa3\x96\xd7\xb4c)r{\r#\xddI&\n\xf2\xec\xd4\xff\x9f\x136zZ-2\x80\xfbH+\x9b8\xf3\xed\xdf\xa2my\xb28c[\xc3\xfe\xb5M\x84\x97\xa5\'s\xe9\xdc=)I\xabLt2\x9c\v\xd9S', 0x6)
fallocate(r0, 0x0, 0x9, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x5, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = creat(&(0x7f0000000340)='./file0\x00', 0xe8)
close(r2)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000680), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x2000}})
read$FUSE(r3, &(0x7f0000006300)={0x2020}, 0x2020)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r4=>0xffffffffffffffff})
write$binfmt_elf64(r4, &(0x7f0000000000)=ANY=[], 0x10132)
mount$9p_fd(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000040), 0x208000, &(0x7f0000000500)=ANY=[@ANYBLOB='trans=fY,rfdno=', @ANYRESHEX=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',\x00'])
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010200000000000000020000000900010073797a300000000040000000030a01010000000000000000020000000900010073797a30000000000900030073797a320000000014000480080001400000000008000240000000002c000000030a03000000000000000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x400c0d1}, 0x0)
dup(0xffffffffffffffff)
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))

673.448921ms ago: executing program 3 (id=2038):
syz_emit_ethernet(0x11e, &(0x7f0000000000)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb86dd60122d9200e83afffe8000000000000000000000000000bbff0200000000000000000000000000018f0090780180000207040008fc020000000000000000000000000001fe8000000000000000000000000000aa20010000000000000000000000000000fe8000000000000000000000000000270000000000000000000000000000000000000000000000000000000000000000fe8000000000000000000000000000bb00000000000000000000ffff00000000fc00000000000000000000000c0000010000010055000000010100000100008005060001fc0100000000000000000000000000012001000000000000000000000000000002000000e2060000000000a0070000000800000066600000"], 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000280)=0x9)
r0 = getpid()
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0a00000004000000040000000c"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b00000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r4, &(0x7f0000000780)=[{&(0x7f00000004c0)='5', 0x2b}], 0x1)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r6, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xa}}, 0x2}}, 0x2e)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r7, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r7, {0x2, 0xfffc}, 0x2, 0x4}}, 0x26)
ioctl$PPPIOCGL2TPSTATS(r7, 0x8004745a, 0x0)

415.195818ms ago: executing program 0 (id=2039):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r0, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
r1 = syz_io_uring_setup(0x39, &(0x7f00000004c0)={0x0, 0x8000e7b8, 0x8000, 0x1, 0x3da}, &(0x7f0000000240), &(0x7f0000001880))
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r1, 0x21, &(0x7f0000000440), 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
write(r2, &(0x7f00000002c0)="43e1c5272107a1b68e86bf8e0505fcae53671699fb3af58c8a622fcbf1663f14d396853a88c8622ed0e27bf85ba0d8682d88766851dda4f790747dba51f665a1deac8f67c43feb9b2e6b199d360034f5880a7d4a3d880033ff30c9dc", 0x5c)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bond0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000009c0)=ANY=[@ANYBLOB="4c00000010003b15000800"/20, @ANYRES32=0x0, @ANYBLOB="0000000000b401002400128009000100626f6e6400000000140002800500010006000000080003000000000008000a00", @ANYRES32=r5], 0x4c}}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x1e, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000071182d000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
ptrace$getregset(0x4204, 0x0, 0x202, &(0x7f0000000480)={&(0x7f00000018c0)=""/4096, 0x1000})
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000340), 0x103800, 0x0)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, 0x0, 0x0)
getrlimit(0x3, &(0x7f0000000240))
r9 = memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000640)={'#! ', '', [{0x20, '\v\xbb\x9b\x81\xa61\xdd\xd6\xe6\x05R\xb9\xdb?\xbe\xd3&n\xe2\xb6\xf5%\xb2\xdf\xf5\x83\xba\xeb\x93~\x88\xdc\xec[6=\x01p\xcd\x8ay\x0ez\\U\xae\x9fj@5q\xb2\x94\x00\x17\x1c\x10\xf8\xf3\xd4\xddI<%\xbb\xa6\xab\x9a\xe5\xec\x19\xfa\xcb\x94\x90u\x9b\x13W\xbd\x9f\xfa\x032-{\x96{\x11\xddy\xb8\x0e%\xabx/\x9cb\xfe\xccO\x00\xf0\xf2\x9dZ\x19_\xc7\xff\xffI\x00\x00\x00\x00\x00\x00\x00'}], 0xa, "9f1191e0bf21197a7033b37418e8af61ad87dd3240b07cc3db29baa025bbc23323be786d81158cde9cd332530acdccaa5c5c6a5ea312e484d08830af97ffe87bd1208a1fede50e1ae6088eff9b82532fd81ddf2be5c0862c0f3f36188231a34c527c519df4d081f97dfe056e8ac73e1c6d2f35a3ff4c13e6bb50f6dd4c095cecff0c6429924c54d8c4431e91f99fa55ce9328b1320650d6414b33a3df50e589683f27ea76801a3710ef9e50a94d048daebab3a64472330c875d14b35b19ea6bd2a97da4b66985793ac673f37e02ca99d1a3fb38f87bd62"}, 0x154)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000380), 0x1, 0x0)
execveat(r9, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

316.501027ms ago: executing program 5 (id=2040):
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x81c0, 0x0)
execve(&(0x7f0000000140)='./file2\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201010200000010f3044d074000010203010902240001010330"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x10, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r6 = mq_open(&(0x7f0000000180)='\x00', 0x2, 0x0, &(0x7f00000001c0)={0x9, 0x97, 0xa, 0x7})
mq_timedreceive(r6, &(0x7f0000001300)=""/4096, 0x1000, 0x1000, &(0x7f0000000200))
sendmsg$nl_route_sched(r3, &(0x7f0000003640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000003580)=@newtfilter={0x40, 0x2c, 0xd27, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0x9, 0x7}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0xf, 0xf9939adb6716afc8}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x44)
setsockopt$sock_int(r2, 0x1, 0x8, 0x0, 0x0)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_open_dev$sndpcmp(&(0x7f00000000c0), 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r7, 0xc0884123, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000400)=<r8=>0x0)
sched_setscheduler(r8, 0x1, &(0x7f0000000440)=0xd81e)

900.189µs ago: executing program 1 (id=2041):
openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x81c0, 0x0)
execve(&(0x7f0000000140)='./file2\x00', 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201010200000010f3044d074000010203010902240001010330"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r2 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r2, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x10, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r6 = mq_open(&(0x7f0000000180)='\x00', 0x2, 0x0, &(0x7f00000001c0)={0x9, 0x100000000000e7, 0xa, 0x7})
mq_timedreceive(r6, &(0x7f0000001300)=""/4096, 0x1000, 0x1000, &(0x7f0000000200))
sendmsg$nl_route_sched(r3, &(0x7f0000003640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000003580)=@newtfilter={0x40, 0x2c, 0xd27, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0x9, 0x7}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0xf, 0xf9939adb6716afc8}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x44)
setsockopt$sock_int(r2, 0x1, 0x8, 0x0, 0x0)
bind$inet(r2, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r2, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_open_dev$sndpcmp(&(0x7f00000000c0), 0x1, 0x0)
ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r7, 0xc0884123, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000400)=<r8=>0x0)
sched_setscheduler(r8, 0x1, &(0x7f0000000440)=0xd81e)

0s ago: executing program 2 (id=2042):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$UHID_CREATE(r0, &(0x7f0000000540)={0x0, {'syz0\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000240)=""/14, 0xe, 0x2, 0x4, 0x9, 0x4, 0xc08}}, 0x11c)
read$FUSE(0xffffffffffffffff, &(0x7f0000000680)={0x2020}, 0x2020)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_PKTINFO(r1, 0x10e, 0xc, &(0x7f0000000040)=0x8, 0x4)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r2, 0xae04)
openat$comedi(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/comedi3\x00', 0x2, 0x0)
r3 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r3, &(0x7f0000000040), 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f00000003c0)='rcu_utilization\x00', r4}, 0x18)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="1400000000020104000000000000005bbedd817335a12e696a6e2f18eddd"], 0x14}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x540a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r8 = syz_open_dev$vim2m(&(0x7f0000000240), 0x6, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r8, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r8, 0x40045612, &(0x7f0000000100)=0x1)

kernel console output (not intermixed with test programs):

0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  630.910282][T12224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  630.910293][T12224] Call Trace:
[  630.910300][T12224]  <TASK>
[  630.910307][T12224]  dump_stack_lvl+0x189/0x250
[  630.910330][T12224]  ? __pfx____ratelimit+0x10/0x10
[  630.910357][T12224]  ? __pfx_dump_stack_lvl+0x10/0x10
[  630.910375][T12224]  ? __pfx__printk+0x10/0x10
[  630.910397][T12224]  ? __might_fault+0xb0/0x130
[  630.910431][T12224]  should_fail_ex+0x414/0x560
[  630.910459][T12224]  _copy_from_user+0x2d/0xb0
[  630.910478][T12224]  get_timespec64+0x8e/0x1a0
[  630.910506][T12224]  ? __pfx_get_timespec64+0x10/0x10
[  630.910542][T12224]  __se_sys_pselect6+0x129/0x300
[  630.910573][T12224]  ? __pfx___se_sys_pselect6+0x10/0x10
[  630.910597][T12224]  ? __pfx_ksys_write+0x10/0x10
[  630.910618][T12224]  ? rcu_is_watching+0x15/0xb0
[  630.910640][T12224]  ? __x64_sys_pselect6+0x21/0xf0
[  630.910667][T12224]  do_syscall_64+0xfa/0x3b0
[  630.910684][T12224]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  630.910699][T12224]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  630.910715][T12224]  ? clear_bhb_loop+0x60/0xb0
[  630.910735][T12224]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  630.910751][T12224] RIP: 0033:0x7fd40318e929
[  630.910766][T12224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  630.910781][T12224] RSP: 002b:00007fd403f28038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  630.910799][T12224] RAX: ffffffffffffffda RBX: 00007fd4033b5fa0 RCX: 00007fd40318e929
[  630.910812][T12224] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000040
[  630.910822][T12224] RBP: 00007fd403f28090 R08: 0000200000000280 R09: 0000000000000000
[  630.910833][T12224] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[  630.910843][T12224] R13: 0000000000000000 R14: 00007fd4033b5fa0 R15: 00007ffdfef3d3c8
[  630.910868][T12224]  </TASK>
[  631.116085][    C0] vkms_vblank_simulate: vblank timer overrun
[  631.298536][T12066] team0: Port device team_slave_0 added
[  631.309196][T12066] team0: Port device team_slave_1 added
[  631.321719][ T1156] IPVS: stop unused estimator thread 0...
[  631.420374][T12066] batman_adv: batadv0: Adding interface: batadv_slave_0
[  631.432512][T12066] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  631.622143][ T5911] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  631.987332][T12066] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  632.009651][T12066] batman_adv: batadv0: Adding interface: batadv_slave_1
[  632.016678][T12066] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  632.053516][ T5911] usb 2-1: config index 0 descriptor too short (expected 64843, got 72)
[  632.069433][ T5911] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  632.082331][ T5911] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  632.090860][ T5911] usb 2-1: Product: syz
[  632.095171][T12066] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  632.112840][ T5911] usb 2-1: Manufacturer: syz
[  632.120655][ T5911] usb 2-1: SerialNumber: syz
[  632.126515][T12244] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1721'.
[  632.174996][ T5911] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  632.194615][ T5925] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  632.440311][T12066] hsr_slave_0: entered promiscuous mode
[  632.551688][T12252] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1725'.
[  632.589360][T12066] hsr_slave_1: entered promiscuous mode
[  632.658942][   T44] usb 2-1: USB disconnect, device number 27
[  632.763138][T12252] syz.0.1725: attempt to access beyond end of device
[  632.763138][T12252] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0
[  632.798234][T12252] syz.0.1725: attempt to access beyond end of device
[  632.798234][T12252] nbd0: rw=0, sector=120, nr_sectors = 8 limit=0
[  632.829191][T12252] Mount JFS Failure: -5
[  633.004776][T12066] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  633.012673][T12066] Cannot create hsr debugfs directory
[  633.318875][ T5925] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[  633.347553][ T5925] ath9k_htc: Failed to initialize the device
[  633.374813][   T44] usb 2-1: ath9k_htc: USB layer deinitialized
[  633.845971][T12066] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  633.921390][T12066] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  633.945813][T12241] syz.2.1723 (12241): drop_caches: 2
[  633.949527][T12066] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  633.969162][T12261] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  633.977582][T12066] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  634.009671][T12261] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  634.032827][T12261] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  634.167412][T12261] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  634.224114][T12066] 8021q: adding VLAN 0 to HW filter on device bond0
[  634.241803][T12261] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  634.284349][T12066] 8021q: adding VLAN 0 to HW filter on device team0
[  634.382886][ T3504] bridge0: port 1(bridge_slave_0) entered blocking state
[  634.390111][ T3504] bridge0: port 1(bridge_slave_0) entered forwarding state
[  634.469876][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[  634.477131][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[  634.642097][T12300] FAULT_INJECTION: forcing a failure.
[  634.642097][T12300] name failslab, interval 1, probability 0, space 0, times 0
[  634.669251][T12297] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1732'.
[  634.678440][T12300] CPU: 1 UID: 0 PID: 12300 Comm: syz.2.1733 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  634.678466][T12300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  634.678479][T12300] Call Trace:
[  634.678487][T12300]  <TASK>
[  634.678496][T12300]  dump_stack_lvl+0x189/0x250
[  634.678533][T12300]  ? __pfx____ratelimit+0x10/0x10
[  634.678564][T12300]  ? __pfx_dump_stack_lvl+0x10/0x10
[  634.678587][T12300]  ? __pfx__printk+0x10/0x10
[  634.678619][T12300]  ? __pfx___might_resched+0x10/0x10
[  634.678641][T12300]  ? fs_reclaim_acquire+0x7d/0x100
[  634.678667][T12300]  should_fail_ex+0x414/0x560
[  634.678701][T12300]  should_failslab+0xa8/0x100
[  634.678734][T12300]  __kmalloc_noprof+0xcb/0x4f0
[  634.678760][T12300]  ? kfree+0x4d/0x440
[  634.678782][T12300]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  634.678809][T12300]  tomoyo_realpath_from_path+0xe3/0x5d0
[  634.678838][T12300]  ? tomoyo_domain+0xda/0x130
[  634.678865][T12300]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  634.678895][T12300]  tomoyo_path_number_perm+0x1e8/0x5a0
[  634.678935][T12300]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  634.678983][T12300]  ? __lock_acquire+0xab9/0xd20
[  634.679025][T12300]  ? __fget_files+0x2a/0x420
[  634.679047][T12300]  ? __fget_files+0x2a/0x420
[  634.679064][T12300]  ? __fget_files+0x3a0/0x420
[  634.679081][T12300]  ? __fget_files+0x2a/0x420
[  634.679104][T12300]  security_file_ioctl+0xcb/0x2d0
[  634.679138][T12300]  __se_sys_ioctl+0x47/0x170
[  634.679167][T12300]  do_syscall_64+0xfa/0x3b0
[  634.679186][T12300]  ? lockdep_hardirqs_on+0x9c/0x150
[  634.679215][T12300]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  634.679241][T12300]  ? clear_bhb_loop+0x60/0xb0
[  634.679266][T12300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  634.679303][T12300] RIP: 0033:0x7f92c7b8e929
[  634.679321][T12300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  634.679340][T12300] RSP: 002b:00007f92c8931038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  634.679362][T12300] RAX: ffffffffffffffda RBX: 00007f92c7db5fa0 RCX: 00007f92c7b8e929
[  634.679378][T12300] RDX: 0000200000000a40 RSI: 00000000000089f1 RDI: 0000000000000003
[  634.679391][T12300] RBP: 00007f92c8931090 R08: 0000000000000000 R09: 0000000000000000
[  634.679404][T12300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  634.679416][T12300] R13: 0000000000000000 R14: 00007f92c7db5fa0 R15: 00007fff90ca14c8
[  634.679450][T12300]  </TASK>
[  634.679569][T12300] ERROR: Out of memory at tomoyo_realpath_from_path.
[  635.287496][T12066] 8021q: adding VLAN 0 to HW filter on device batadv0
[  635.354431][T12323] FAULT_INJECTION: forcing a failure.
[  635.354431][T12323] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  635.391632][T12323] CPU: 0 UID: 0 PID: 12323 Comm: syz.3.1738 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  635.391660][T12323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  635.391673][T12323] Call Trace:
[  635.391682][T12323]  <TASK>
[  635.391690][T12323]  dump_stack_lvl+0x189/0x250
[  635.391731][T12323]  ? __pfx____ratelimit+0x10/0x10
[  635.391761][T12323]  ? __pfx_dump_stack_lvl+0x10/0x10
[  635.391782][T12323]  ? __pfx__printk+0x10/0x10
[  635.391820][T12323]  should_fail_ex+0x414/0x560
[  635.391852][T12323]  _copy_to_user+0x31/0xb0
[  635.391876][T12323]  simple_read_from_buffer+0xe1/0x170
[  635.391912][T12323]  proc_fail_nth_read+0x1df/0x250
[  635.391937][T12323]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  635.391961][T12323]  ? rw_verify_area+0x258/0x650
[  635.391994][T12323]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  635.392014][T12323]  vfs_read+0x200/0x980
[  635.392045][T12323]  ? __pfx___mutex_lock+0x10/0x10
[  635.392064][T12323]  ? __pfx_vfs_read+0x10/0x10
[  635.392092][T12323]  ? __fget_files+0x2a/0x420
[  635.392141][T12323]  ? __fget_files+0x3a0/0x420
[  635.392157][T12323]  ? __fget_files+0x2a/0x420
[  635.392185][T12323]  ksys_read+0x145/0x250
[  635.392215][T12323]  ? __pfx_ksys_read+0x10/0x10
[  635.392238][T12323]  ? rcu_is_watching+0x15/0xb0
[  635.392267][T12323]  ? do_syscall_64+0xbe/0x3b0
[  635.392290][T12323]  do_syscall_64+0xfa/0x3b0
[  635.392307][T12323]  ? lockdep_hardirqs_on+0x9c/0x150
[  635.392337][T12323]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  635.392357][T12323]  ? clear_bhb_loop+0x60/0xb0
[  635.392383][T12323]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  635.392402][T12323] RIP: 0033:0x7f58ad38d33c
[  635.392419][T12323] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  635.392435][T12323] RSP: 002b:00007f58ab1f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  635.392457][T12323] RAX: ffffffffffffffda RBX: 00007f58ad5b5fa0 RCX: 00007f58ad38d33c
[  635.392472][T12323] RDX: 000000000000000f RSI: 00007f58ab1f60a0 RDI: 0000000000000004
[  635.392484][T12323] RBP: 00007f58ab1f6090 R08: 0000000000000000 R09: 0000000000000000
[  635.392496][T12323] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  635.392508][T12323] R13: 0000000000000000 R14: 00007f58ad5b5fa0 R15: 00007ffdbb599d78
[  635.392540][T12323]  </TASK>
[  635.628473][    C0] vkms_vblank_simulate: vblank timer overrun
[  635.725668][ T5845] Bluetooth: hci1: command 0x0406 tx timeout
[  636.033496][ T5845] Bluetooth: hci3: command 0x0406 tx timeout
[  636.107688][ T5845] Bluetooth: hci4: command 0x0405 tx timeout
[  636.359860][T12066] veth0_vlan: entered promiscuous mode
[  636.397607][ T5925] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  636.408991][T12066] veth1_vlan: entered promiscuous mode
[  636.501572][T12066] veth0_macvtap: entered promiscuous mode
[  636.540338][T12066] veth1_macvtap: entered promiscuous mode
[  636.568965][ T5925] usb 2-1: Using ep0 maxpacket: 16
[  636.591745][ T5925] usb 2-1: config 0 has an invalid interface number: 145 but max is 0
[  636.617363][ T5925] usb 2-1: config 0 has no interface number 0
[  636.626973][T12066] batman_adv: batadv0: Interface activated: batadv_slave_0
[  636.646506][ T5925] usb 2-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  636.662296][T12066] batman_adv: batadv0: Interface activated: batadv_slave_1
[  636.669881][ T5925] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  636.688371][ T5925] usb 2-1: Product: syz
[  636.702667][ T5925] usb 2-1: Manufacturer: syz
[  636.719380][T12066] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  636.728184][ T5925] usb 2-1: SerialNumber: syz
[  636.743814][ T5925] usb 2-1: config 0 descriptor??
[  636.753307][T12066] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  636.779481][ T5925] hub 2-1:0.145: bad descriptor, ignoring hub
[  636.795960][T12066] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  636.804920][ T5925] hub 2-1:0.145: probe with driver hub failed with error -5
[  636.822612][T12066] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  636.846191][ T5925] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.145/input/input30
[  637.427512][T12354] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=7 (14 ns) > initial count (10 ns). Using initial count to start timer.
[  637.710132][T12350] kvm: pic: non byte write
[  638.187690][ T5845] Bluetooth: hci4: command 0x0405 tx timeout
[  638.321235][ T1167] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  638.329321][ T3504] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  638.358940][ T3504] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  638.367560][ T1167] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  640.278017][ T5845] Bluetooth: hci4: command 0x0405 tx timeout
[  640.863894][T12398] sch_tbf: peakrate 4 is lower than or equals to rate 11294731968500527568 !
[  641.532980][T12419] Invalid ELF header magic: != ELF
[  642.321918][T12436] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1754'.
[  642.552209][T12423] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1754'.
[  642.657349][ T5911] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  642.710347][T12439] FAULT_INJECTION: forcing a failure.
[  642.710347][T12439] name failslab, interval 1, probability 0, space 0, times 0
[  642.733457][T12439] CPU: 1 UID: 0 PID: 12439 Comm: syz.2.1756 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  642.733483][T12439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  642.733495][T12439] Call Trace:
[  642.733502][T12439]  <TASK>
[  642.733510][T12439]  dump_stack_lvl+0x189/0x250
[  642.733536][T12439]  ? __pfx____ratelimit+0x10/0x10
[  642.733566][T12439]  ? __pfx_dump_stack_lvl+0x10/0x10
[  642.733591][T12439]  ? __pfx__printk+0x10/0x10
[  642.733620][T12439]  ? __pfx___might_resched+0x10/0x10
[  642.733640][T12439]  ? fs_reclaim_acquire+0x7d/0x100
[  642.733663][T12439]  should_fail_ex+0x414/0x560
[  642.733695][T12439]  should_failslab+0xa8/0x100
[  642.733725][T12439]  kmem_cache_alloc_noprof+0x73/0x3c0
[  642.733750][T12439]  ? getname_flags+0xb8/0x540
[  642.733773][T12439]  getname_flags+0xb8/0x540
[  642.733795][T12439]  __x64_sys_execve+0x7a/0xb0
[  642.733821][T12439]  do_syscall_64+0xfa/0x3b0
[  642.733838][T12439]  ? lockdep_hardirqs_on+0x9c/0x150
[  642.733865][T12439]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  642.733883][T12439]  ? clear_bhb_loop+0x60/0xb0
[  642.733906][T12439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  642.733924][T12439] RIP: 0033:0x7f92c7b8e929
[  642.733941][T12439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  642.733957][T12439] RSP: 002b:00007f92c8931038 EFLAGS: 00000246 ORIG_RAX: 000000000000003b
[  642.733977][T12439] RAX: ffffffffffffffda RBX: 00007f92c7db5fa0 RCX: 00007f92c7b8e929
[  642.733990][T12439] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000080
[  642.734002][T12439] RBP: 00007f92c8931090 R08: 0000000000000000 R09: 0000000000000000
[  642.734013][T12439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  642.734024][T12439] R13: 0000000000000000 R14: 00007f92c7db5fa0 R15: 00007fff90ca14c8
[  642.734071][T12439]  </TASK>
[  643.148218][ T5911] usb 4-1: Using ep0 maxpacket: 16
[  643.185344][ T5911] usb 4-1: config 1 has an invalid descriptor of length 115, skipping remainder of the config
[  643.196342][ T5925] usb 2-1: USB disconnect, device number 28
[  643.204857][ T5911] usb 4-1: too many endpoints for config 1 interface 0 altsetting 0: 254, using maximum allowed: 30
[  643.241804][ T5911] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  643.370151][ T5911] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  643.374786][T12454] genirq: Flags mismatch irq 8. 00200000 (comedi_parport) vs. 00200000 (rtc0)
[  643.443388][ T5911] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  643.535950][ T5911] usb 4-1: SerialNumber: syz
[  644.794668][T12463] sch_tbf: peakrate 4 is lower than or equals to rate 11294731968500527568 !
[  645.897632][T12472] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1763'.
[  646.061254][T12479] netlink: 'syz.1.1764': attribute type 3 has an invalid length.
[  646.087018][T12479] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1764'.
[  646.896226][ T5911] usb 4-1: USB disconnect, device number 49
[  647.229094][T12509] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=7 (14 ns) > initial count (10 ns). Using initial count to start timer.
[  647.398039][T12511] FAULT_INJECTION: forcing a failure.
[  647.398039][T12511] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  647.412590][T12511] CPU: 1 UID: 0 PID: 12511 Comm: syz.3.1771 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  647.412618][T12511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  647.412631][T12511] Call Trace:
[  647.412640][T12511]  <TASK>
[  647.412648][T12511]  dump_stack_lvl+0x189/0x250
[  647.412676][T12511]  ? __pfx____ratelimit+0x10/0x10
[  647.412708][T12511]  ? __pfx_dump_stack_lvl+0x10/0x10
[  647.412731][T12511]  ? __pfx__printk+0x10/0x10
[  647.412757][T12511]  ? __might_fault+0xb0/0x130
[  647.412799][T12511]  should_fail_ex+0x414/0x560
[  647.412833][T12511]  _copy_from_user+0x2d/0xb0
[  647.412857][T12511]  core_sys_select+0x4b7/0xa20
[  647.412900][T12511]  ? __pfx_core_sys_select+0x10/0x10
[  647.412963][T12511]  ? __pfx_set_user_sigmask+0x10/0x10
[  647.412999][T12511]  __se_sys_pselect6+0x27a/0x300
[  647.413035][T12511]  ? __pfx___se_sys_pselect6+0x10/0x10
[  647.413066][T12511]  ? __pfx_ksys_write+0x10/0x10
[  647.413099][T12511]  ? __x64_sys_pselect6+0x21/0xf0
[  647.413131][T12511]  do_syscall_64+0xfa/0x3b0
[  647.413150][T12511]  ? lockdep_hardirqs_on+0x9c/0x150
[  647.413180][T12511]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  647.413199][T12511]  ? clear_bhb_loop+0x60/0xb0
[  647.413224][T12511]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  647.413244][T12511] RIP: 0033:0x7f58ad38e929
[  647.413261][T12511] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  647.413278][T12511] RSP: 002b:00007f58ab1d5038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  647.413299][T12511] RAX: ffffffffffffffda RBX: 00007f58ad5b6080 RCX: 00007f58ad38e929
[  647.413314][T12511] RDX: 0000000000000000 RSI: 0000200000000600 RDI: 0000000000000040
[  647.413326][T12511] RBP: 00007f58ab1d5090 R08: 0000000000000000 R09: 0000000000000000
[  647.413338][T12511] R10: 0000200000000400 R11: 0000000000000246 R12: 0000000000000001
[  647.413351][T12511] R13: 0000000000000001 R14: 00007f58ad5b6080 R15: 00007ffdbb599d78
[  647.413383][T12511]  </TASK>
[  648.272830][T12520] sch_tbf: peakrate 4 is lower than or equals to rate 11294731968500527568 !
[  648.441446][T12533] 9pnet_fd: Insufficient options for proto=fd
[  649.551484][T12537] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1778'.
[  651.032638][T12555] bpf: Bad value for 'smackfsfloor'
[  652.097502][   T44] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  652.286696][   T44] usb 6-1: device descriptor read/64, error -71
[  652.380920][T12576] delete_channel: no stack
[  652.547452][   T44] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  652.567332][T12582] FAULT_INJECTION: forcing a failure.
[  652.567332][T12582] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  652.597338][   T30] audit: type=1326 audit(1752400507.242:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12579 comm="syz.3.1790" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f58ad38e929 code=0x0
[  652.627512][T12582] CPU: 1 UID: 0 PID: 12582 Comm: syz.1.1791 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  652.627542][T12582] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  652.627559][T12582] Call Trace:
[  652.627567][T12582]  <TASK>
[  652.627576][T12582]  dump_stack_lvl+0x189/0x250
[  652.627604][T12582]  ? __pfx____ratelimit+0x10/0x10
[  652.627641][T12582]  ? __pfx_dump_stack_lvl+0x10/0x10
[  652.627665][T12582]  ? __pfx__printk+0x10/0x10
[  652.627709][T12582]  should_fail_ex+0x414/0x560
[  652.627749][T12582]  _copy_to_user+0x31/0xb0
[  652.627776][T12582]  simple_read_from_buffer+0xe1/0x170
[  652.627824][T12582]  proc_fail_nth_read+0x1df/0x250
[  652.627848][T12582]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  652.627873][T12582]  ? rw_verify_area+0x258/0x650
[  652.627904][T12582]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  652.627927][T12582]  vfs_read+0x200/0x980
[  652.627960][T12582]  ? __pfx___mutex_lock+0x10/0x10
[  652.627985][T12582]  ? __pfx_vfs_read+0x10/0x10
[  652.628014][T12582]  ? __fget_files+0x2a/0x420
[  652.628042][T12582]  ? __fget_files+0x3a0/0x420
[  652.628063][T12582]  ? __fget_files+0x2a/0x420
[  652.628092][T12582]  ksys_read+0x145/0x250
[  652.628126][T12582]  ? __pfx_ksys_read+0x10/0x10
[  652.628158][T12582]  ? rcu_is_watching+0x15/0xb0
[  652.628202][T12582]  ? do_syscall_64+0xbe/0x3b0
[  652.628230][T12582]  do_syscall_64+0xfa/0x3b0
[  652.628247][T12582]  ? lockdep_hardirqs_on+0x9c/0x150
[  652.628276][T12582]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.628303][T12582]  ? clear_bhb_loop+0x60/0xb0
[  652.628327][T12582]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.628347][T12582] RIP: 0033:0x7fd40318d33c
[  652.628375][T12582] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  652.628392][T12582] RSP: 002b:00007fd403f28030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  652.628414][T12582] RAX: ffffffffffffffda RBX: 00007fd4033b5fa0 RCX: 00007fd40318d33c
[  652.628428][T12582] RDX: 000000000000000f RSI: 00007fd403f280a0 RDI: 0000000000000004
[  652.628440][T12582] RBP: 00007fd403f28090 R08: 0000000000000000 R09: 0000000000000000
[  652.628459][T12582] R10: 0000000040000002 R11: 0000000000000246 R12: 0000000000000001
[  652.628476][T12582] R13: 0000000000000000 R14: 00007fd4033b5fa0 R15: 00007ffdfef3d3c8
[  652.628507][T12582]  </TASK>
[  652.957437][   T44] usb 6-1: device descriptor read/64, error -71
[  653.067775][   T44] usb usb6-port1: attempt power cycle
[  653.094098][T12589] ISOFS: Unable to identify CD-ROM format.
[  653.188094][T10460] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  653.417610][   T44] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  653.470203][   T44] usb 6-1: device descriptor read/8, error -71
[  653.987317][T10460] usb 4-1: device descriptor read/64, error -71
[  654.189147][   T44] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  654.227591][T10460] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  654.235830][   T44] usb 6-1: device descriptor read/8, error -71
[  654.349305][   T44] usb usb6-port1: unable to enumerate USB device
[  654.370239][T12608] FAULT_INJECTION: forcing a failure.
[  654.370239][T12608] name failslab, interval 1, probability 0, space 0, times 0
[  654.387507][T10460] usb 4-1: device descriptor read/64, error -71
[  654.397045][T12608] CPU: 0 UID: 0 PID: 12608 Comm: syz.2.1797 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  654.397072][T12608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  654.397083][T12608] Call Trace:
[  654.397091][T12608]  <TASK>
[  654.397099][T12608]  dump_stack_lvl+0x189/0x250
[  654.397126][T12608]  ? __pfx____ratelimit+0x10/0x10
[  654.397154][T12608]  ? __pfx_dump_stack_lvl+0x10/0x10
[  654.397174][T12608]  ? __pfx__printk+0x10/0x10
[  654.397207][T12608]  ? __pfx___might_resched+0x10/0x10
[  654.397227][T12608]  ? fs_reclaim_acquire+0x7d/0x100
[  654.397250][T12608]  should_fail_ex+0x414/0x560
[  654.397282][T12608]  should_failslab+0xa8/0x100
[  654.397312][T12608]  __kmalloc_noprof+0xcb/0x4f0
[  654.397337][T12608]  ? kfree+0x4d/0x440
[  654.397359][T12608]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  654.397385][T12608]  tomoyo_realpath_from_path+0xe3/0x5d0
[  654.397408][T12608]  ? tomoyo_domain+0xda/0x130
[  654.397431][T12608]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  654.397457][T12608]  tomoyo_path_number_perm+0x1e8/0x5a0
[  654.397485][T12608]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  654.397527][T12608]  ? __lock_acquire+0xab9/0xd20
[  654.397563][T12608]  ? __fget_files+0x2a/0x420
[  654.397589][T12608]  ? __fget_files+0x2a/0x420
[  654.397604][T12608]  ? __fget_files+0x3a0/0x420
[  654.397621][T12608]  ? __fget_files+0x2a/0x420
[  654.397642][T12608]  security_file_ioctl+0xcb/0x2d0
[  654.397674][T12608]  __se_sys_ioctl+0x47/0x170
[  654.397701][T12608]  do_syscall_64+0xfa/0x3b0
[  654.397718][T12608]  ? lockdep_hardirqs_on+0x9c/0x150
[  654.397745][T12608]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  654.397764][T12608]  ? clear_bhb_loop+0x60/0xb0
[  654.397787][T12608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  654.397805][T12608] RIP: 0033:0x7f92c7b8e929
[  654.397822][T12608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  654.397838][T12608] RSP: 002b:00007f92c8931038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  654.397857][T12608] RAX: ffffffffffffffda RBX: 00007f92c7db5fa0 RCX: 00007f92c7b8e929
[  654.397871][T12608] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  654.397882][T12608] RBP: 00007f92c8931090 R08: 0000000000000000 R09: 0000000000000000
[  654.397894][T12608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  654.397905][T12608] R13: 0000000000000000 R14: 00007f92c7db5fa0 R15: 00007fff90ca14c8
[  654.397935][T12608]  </TASK>
[  654.641829][    C0] vkms_vblank_simulate: vblank timer overrun
[  654.648897][T10460] usb usb4-port1: attempt power cycle
[  654.675851][T12608] ERROR: Out of memory at tomoyo_realpath_from_path.
[  654.934025][T12620] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1798'.
[  655.007776][T10460] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  655.175895][T12627] syz.1.1799: attempt to access beyond end of device
[  655.175895][T12627] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0
[  655.193393][T12627] syz.1.1799: attempt to access beyond end of device
[  655.193393][T12627] nbd1: rw=0, sector=120, nr_sectors = 8 limit=0
[  655.206878][T12625] netlink: 72 bytes leftover after parsing attributes in process `syz.1.1799'.
[  655.219539][T12627] Mount JFS Failure: -5
[  655.220278][T10460] usb 4-1: device descriptor read/8, error -71
[  655.677595][T10460] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  655.765307][T10460] usb 4-1: device descriptor read/8, error -71
[  655.999628][T10460] usb usb4-port1: unable to enumerate USB device
[  656.737362][ T5911] usb 6-1: new full-speed USB device number 6 using dummy_hcd
[  656.924185][ T5911] usb 6-1: unable to get BOS descriptor or descriptor too short
[  656.985326][ T5911] usb 6-1: unable to read config index 0 descriptor/start: -71
[  657.033860][ T5911] usb 6-1: can't read configurations, error -71
[  657.759604][T12661] FAULT_INJECTION: forcing a failure.
[  657.759604][T12661] name failslab, interval 1, probability 0, space 0, times 0
[  657.772692][T12661] CPU: 1 UID: 0 PID: 12661 Comm: syz.5.1808 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  657.772718][T12661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  657.772727][T12661] Call Trace:
[  657.772733][T12661]  <TASK>
[  657.772739][T12661]  dump_stack_lvl+0x189/0x250
[  657.772760][T12661]  ? __pfx____ratelimit+0x10/0x10
[  657.772782][T12661]  ? __pfx_dump_stack_lvl+0x10/0x10
[  657.772798][T12661]  ? __pfx__printk+0x10/0x10
[  657.772821][T12661]  ? __pfx___might_resched+0x10/0x10
[  657.772835][T12661]  ? fs_reclaim_acquire+0x7d/0x100
[  657.772853][T12661]  should_fail_ex+0x414/0x560
[  657.772878][T12661]  should_failslab+0xa8/0x100
[  657.772901][T12661]  __kmalloc_noprof+0xcb/0x4f0
[  657.772920][T12661]  ? kfree+0x4d/0x440
[  657.772936][T12661]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  657.772955][T12661]  tomoyo_realpath_from_path+0xe3/0x5d0
[  657.772972][T12661]  ? tomoyo_domain+0xda/0x130
[  657.772991][T12661]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  657.773012][T12661]  tomoyo_path_number_perm+0x1e8/0x5a0
[  657.773035][T12661]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  657.773070][T12661]  ? __lock_acquire+0xab9/0xd20
[  657.773099][T12661]  ? __fget_files+0x2a/0x420
[  657.773133][T12661]  ? __fget_files+0x2a/0x420
[  657.773146][T12661]  ? __fget_files+0x3a0/0x420
[  657.773158][T12661]  ? __fget_files+0x2a/0x420
[  657.773175][T12661]  security_file_ioctl+0xcb/0x2d0
[  657.773200][T12661]  __se_sys_ioctl+0x47/0x170
[  657.773221][T12661]  do_syscall_64+0xfa/0x3b0
[  657.773235][T12661]  ? lockdep_hardirqs_on+0x9c/0x150
[  657.773257][T12661]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  657.773271][T12661]  ? clear_bhb_loop+0x60/0xb0
[  657.773289][T12661]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  657.773303][T12661] RIP: 0033:0x7f964578e929
[  657.773323][T12661] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  657.773336][T12661] RSP: 002b:00007f964664a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  657.773352][T12661] RAX: ffffffffffffffda RBX: 00007f96459b5fa0 RCX: 00007f964578e929
[  657.773363][T12661] RDX: 0000000000000000 RSI: 0000000080885659 RDI: 0000000000000003
[  657.773372][T12661] RBP: 00007f964664a090 R08: 0000000000000000 R09: 0000000000000000
[  657.773381][T12661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  657.773390][T12661] R13: 0000000000000000 R14: 00007f96459b5fa0 R15: 00007ffdd33fd308
[  657.773413][T12661]  </TASK>
[  657.773419][T12661] ERROR: Out of memory at tomoyo_realpath_from_path.
[  660.141784][T12702] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  660.150482][   T44] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  660.350854][T12704] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1816'.
[  660.446325][T12702] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  660.484257][T12710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  660.507418][T10460] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  660.537446][   T44] usb 2-1: Using ep0 maxpacket: 8
[  660.550417][T12710] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  660.587700][   T44] usb 2-1: unable to get BOS descriptor or descriptor too short
[  660.638545][   T44] usb 2-1: config 3 has an invalid interface number: 182 but max is 0
[  660.716648][    T9] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  660.778700][T10460] usb 3-1: Using ep0 maxpacket: 8
[  660.861388][   T44] usb 2-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  660.951379][T12717] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  661.267547][   T44] usb 2-1: config 3 has no interface number 0
[  661.277408][T10460] usb 3-1: device descriptor read/all, error -71
[  661.287382][   T44] usb 2-1: config 3 interface 182 altsetting 8 has an endpoint descriptor with address 0xC1, changing to 0x81
[  661.347392][   T44] usb 2-1: config 3 interface 182 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  661.383419][   T44] usb 2-1: config 3 interface 182 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0
[  661.400709][   T44] usb 2-1: config 3 interface 182 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  661.487393][   T44] usb 2-1: config 3 interface 182 has no altsetting 0
[  661.504684][   T44] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=90.57
[  661.519880][   T44] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  661.529891][   T44] usb 2-1: Product: syz
[  661.534659][   T44] usb 2-1: Manufacturer: syz
[  661.589350][   T44] usb 2-1: SerialNumber: syz
[  662.056383][    T9] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  662.275664][T12721] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1818'.
[  662.447181][   T44] usbtest 2-1:3.182: couldn't get endpoints, -71
[  662.457698][T12721] vlan2: entered promiscuous mode
[  662.479223][   T44] usbtest 2-1:3.182: probe with driver usbtest failed with error -71
[  662.488302][T12721] dummy0: entered promiscuous mode
[  662.608959][   T44] usb 2-1: USB disconnect, device number 29
[  662.834831][    T9] usb 6-1: unable to get BOS descriptor or descriptor too short
[  662.893326][    T9] usb 6-1: unable to read config index 0 descriptor/start: -71
[  662.946960][    T9] usb 6-1: can't read configurations, error -71
[  663.002427][    T9] usb usb6-port1: attempt power cycle
[  663.542222][T12754] FAULT_INJECTION: forcing a failure.
[  663.542222][T12754] name failslab, interval 1, probability 0, space 0, times 0
[  663.555205][T12754] CPU: 0 UID: 0 PID: 12754 Comm: syz.1.1822 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  663.555234][T12754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  663.555247][T12754] Call Trace:
[  663.555256][T12754]  <TASK>
[  663.555265][T12754]  dump_stack_lvl+0x189/0x250
[  663.555294][T12754]  ? __pfx____ratelimit+0x10/0x10
[  663.555326][T12754]  ? __pfx_dump_stack_lvl+0x10/0x10
[  663.555349][T12754]  ? __pfx__printk+0x10/0x10
[  663.555383][T12754]  ? __pfx___might_resched+0x10/0x10
[  663.555404][T12754]  ? fs_reclaim_acquire+0x7d/0x100
[  663.555431][T12754]  should_fail_ex+0x414/0x560
[  663.555464][T12754]  ? __pfx_sock_alloc_inode+0x10/0x10
[  663.555495][T12754]  should_failslab+0xa8/0x100
[  663.555528][T12754]  ? __pfx_sock_alloc_inode+0x10/0x10
[  663.555557][T12754]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[  663.555594][T12754]  ? sock_alloc_inode+0x28/0xc0
[  663.555629][T12754]  ? __pfx_sock_alloc_inode+0x10/0x10
[  663.555658][T12754]  sock_alloc_inode+0x28/0xc0
[  663.555688][T12754]  alloc_inode+0x6a/0x1b0
[  663.555721][T12754]  __sock_create+0x12d/0x9f0
[  663.555752][T12754]  __sys_socket+0xd7/0x1b0
[  663.555788][T12754]  __x64_sys_socket+0x7a/0x90
[  663.555810][T12754]  do_syscall_64+0xfa/0x3b0
[  663.555831][T12754]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.555850][T12754]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  663.555870][T12754]  ? clear_bhb_loop+0x60/0xb0
[  663.555894][T12754]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.555914][T12754] RIP: 0033:0x7fd40318e929
[  663.555932][T12754] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  663.555950][T12754] RSP: 002b:00007fd400fd5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000029
[  663.555971][T12754] RAX: ffffffffffffffda RBX: 00007fd4033b6160 RCX: 00007fd40318e929
[  663.555986][T12754] RDX: 0000000000000106 RSI: 0000000000000001 RDI: 000000000000000a
[  663.555998][T12754] RBP: 00007fd400fd5090 R08: 0000000000000000 R09: 0000000000000000
[  663.556011][T12754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  663.556022][T12754] R13: 0000000000000000 R14: 00007fd4033b6160 R15: 00007ffdfef3d3c8
[  663.556054][T12754]  </TASK>
[  663.556086][T12754] socket: no more sockets
[  664.012865][T12753] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1823'.
[  664.616941][  T978] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  664.679747][    T9] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  664.857560][  T978] usb 6-1: Using ep0 maxpacket: 8
[  665.679098][  T978] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[  665.737378][  T978] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  665.776313][    T9] usb 2-1: Using ep0 maxpacket: 8
[  665.859168][    T9] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  665.880044][  T978] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  665.927416][    T9] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  665.971901][  T978] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  665.991743][    T9] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  666.007558][  T978] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  666.026343][    T9] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  666.038309][  T978] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  666.090883][    T9] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  666.154828][  T978] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  666.237384][    T9] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  666.300329][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  666.487694][  T978] usb 6-1: usb_control_msg returned -32
[  666.514034][  T978] usbtmc 6-1:16.0: can't read capabilities
[  666.567334][    T9] usb 2-1: usb_control_msg returned -32
[  666.603488][    T9] usbtmc 2-1:16.0: can't read capabilities
[  667.000974][T12824] FAULT_INJECTION: forcing a failure.
[  667.000974][T12824] name failslab, interval 1, probability 0, space 0, times 0
[  667.098180][T12828] FAULT_INJECTION: forcing a failure.
[  667.098180][T12828] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  667.111410][T12828] CPU: 0 UID: 0 PID: 12828 Comm: syz.2.1829 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  667.111438][T12828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  667.111451][T12828] Call Trace:
[  667.111460][T12828]  <TASK>
[  667.111469][T12828]  dump_stack_lvl+0x189/0x250
[  667.111497][T12828]  ? __pfx____ratelimit+0x10/0x10
[  667.111529][T12828]  ? __pfx_dump_stack_lvl+0x10/0x10
[  667.111552][T12828]  ? __pfx__printk+0x10/0x10
[  667.111580][T12828]  ? __might_fault+0xb0/0x130
[  667.111622][T12828]  should_fail_ex+0x414/0x560
[  667.111657][T12828]  _copy_from_user+0x2d/0xb0
[  667.111682][T12828]  ___sys_sendmsg+0x158/0x2a0
[  667.111713][T12828]  ? __pfx____sys_sendmsg+0x10/0x10
[  667.111791][T12828]  ? __fget_files+0x2a/0x420
[  667.111808][T12828]  ? __fget_files+0x3a0/0x420
[  667.111838][T12828]  __x64_sys_sendmsg+0x19b/0x260
[  667.111867][T12828]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  667.111920][T12828]  do_syscall_64+0xfa/0x3b0
[  667.111940][T12828]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  667.111959][T12828]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  667.111982][T12828]  ? clear_bhb_loop+0x60/0xb0
[  667.112006][T12828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  667.112026][T12828] RIP: 0033:0x7f92c7b8e929
[  667.112044][T12828] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  667.112061][T12828] RSP: 002b:00007f92c59f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  667.112082][T12828] RAX: ffffffffffffffda RBX: 00007f92c7db6160 RCX: 00007f92c7b8e929
[  667.112097][T12828] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000005
[  667.112110][T12828] RBP: 00007f92c59f6090 R08: 0000000000000000 R09: 0000000000000000
[  667.112122][T12828] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  667.112135][T12828] R13: 0000000000000000 R14: 00007f92c7db6160 R15: 00007fff90ca14c8
[  667.112166][T12828]  </TASK>
[  667.310904][    C0] vkms_vblank_simulate: vblank timer overrun
[  667.494241][    T9] usb 6-1: USB disconnect, device number 11
[  667.509466][T12824] CPU: 1 UID: 0 PID: 12824 Comm: syz.1.1825 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  667.509495][T12824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  667.509506][T12824] Call Trace:
[  667.509514][T12824]  <TASK>
[  667.509523][T12824]  dump_stack_lvl+0x189/0x250
[  667.509550][T12824]  ? __pfx____ratelimit+0x10/0x10
[  667.509592][T12824]  ? __pfx_dump_stack_lvl+0x10/0x10
[  667.509614][T12824]  ? __pfx__printk+0x10/0x10
[  667.509647][T12824]  ? __pfx___might_resched+0x10/0x10
[  667.509669][T12824]  ? fs_reclaim_acquire+0x7d/0x100
[  667.509695][T12824]  should_fail_ex+0x414/0x560
[  667.509731][T12824]  should_failslab+0xa8/0x100
[  667.509764][T12824]  __kmalloc_noprof+0xcb/0x4f0
[  667.509792][T12824]  ? kfree+0x4d/0x440
[  667.509815][T12824]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  667.509843][T12824]  tomoyo_realpath_from_path+0xe3/0x5d0
[  667.509867][T12824]  ? tomoyo_domain+0xda/0x130
[  667.509896][T12824]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  667.509927][T12824]  tomoyo_path_number_perm+0x1e8/0x5a0
[  667.509960][T12824]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  667.510011][T12824]  ? __lock_acquire+0xab9/0xd20
[  667.510055][T12824]  ? __fget_files+0x2a/0x420
[  667.510078][T12824]  ? __fget_files+0x2a/0x420
[  667.510096][T12824]  ? __fget_files+0x3a0/0x420
[  667.510113][T12824]  ? __fget_files+0x2a/0x420
[  667.510137][T12824]  security_file_ioctl+0xcb/0x2d0
[  667.510172][T12824]  __se_sys_ioctl+0x47/0x170
[  667.510202][T12824]  do_syscall_64+0xfa/0x3b0
[  667.510222][T12824]  ? lockdep_hardirqs_on+0x9c/0x150
[  667.510252][T12824]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  667.510272][T12824]  ? clear_bhb_loop+0x60/0xb0
[  667.510297][T12824]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  667.510317][T12824] RIP: 0033:0x7fd40318e929
[  667.510335][T12824] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  667.510354][T12824] RSP: 002b:00007fd400ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  667.510375][T12824] RAX: ffffffffffffffda RBX: 00007fd4033b6080 RCX: 00007fd40318e929
[  667.510391][T12824] RDX: 0000000000000000 RSI: 0000000080015b12 RDI: 0000000000000006
[  667.510403][T12824] RBP: 00007fd400ff6090 R08: 0000000000000000 R09: 0000000000000000
[  667.510415][T12824] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  667.510427][T12824] R13: 0000000000000000 R14: 00007fd4033b6080 R15: 00007ffdfef3d3c8
[  667.510457][T12824]  </TASK>
[  667.510990][T12824] ERROR: Out of memory at tomoyo_realpath_from_path.
[  668.482081][T12840] FAULT_INJECTION: forcing a failure.
[  668.482081][T12840] name failslab, interval 1, probability 0, space 0, times 0
[  668.495426][T12840] CPU: 1 UID: 0 PID: 12840 Comm: syz.2.1833 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  668.495455][T12840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  668.495469][T12840] Call Trace:
[  668.495477][T12840]  <TASK>
[  668.495486][T12840]  dump_stack_lvl+0x189/0x250
[  668.495516][T12840]  ? __pfx____ratelimit+0x10/0x10
[  668.495549][T12840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  668.495572][T12840]  ? __pfx__printk+0x10/0x10
[  668.495602][T12840]  ? __pfx___might_resched+0x10/0x10
[  668.495625][T12840]  ? fs_reclaim_acquire+0x7d/0x100
[  668.495652][T12840]  should_fail_ex+0x414/0x560
[  668.495687][T12840]  should_failslab+0xa8/0x100
[  668.495721][T12840]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  668.495763][T12840]  ? __alloc_skb+0x112/0x2d0
[  668.495792][T12840]  __alloc_skb+0x112/0x2d0
[  668.495821][T12840]  alloc_skb_with_frags+0xca/0x890
[  668.495850][T12840]  ? trace_irq_disable+0x37/0x110
[  668.495880][T12840]  ? preempt_schedule_irq+0xde/0x150
[  668.495924][T12840]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  668.495958][T12840]  sock_alloc_send_pskb+0x857/0x990
[  668.495986][T12840]  ? irqentry_exit+0x74/0x90
[  668.496035][T12840]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  668.496079][T12840]  ? __local_bh_enable_ip+0x135/0x1c0
[  668.496105][T12840]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  668.496140][T12840]  qrtr_sendmsg+0x487/0x860
[  668.496168][T12840]  ? __pfx_qrtr_bcast_enqueue+0x10/0x10
[  668.496198][T12840]  ? __pfx_qrtr_sendmsg+0x10/0x10
[  668.496228][T12840]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  668.496257][T12840]  ? __pfx_qrtr_sendmsg+0x10/0x10
[  668.496282][T12840]  __sock_sendmsg+0x219/0x270
[  668.496318][T12840]  sock_write_iter+0x258/0x330
[  668.496352][T12840]  ? __pfx_sock_write_iter+0x10/0x10
[  668.496393][T12840]  ? preempt_schedule_irq+0xde/0x150
[  668.496432][T12840]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  668.496472][T12840]  do_iter_readv_writev+0x56b/0x7f0
[  668.496507][T12840]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  668.496545][T12840]  ? vfs_writev+0x2fb/0x960
[  668.496574][T12840]  vfs_writev+0x31a/0x960
[  668.496600][T12840]  ? __lock_acquire+0xab9/0xd20
[  668.496622][T12840]  ? __pfx_vfs_writev+0x10/0x10
[  668.496661][T12840]  ? __fget_files+0x2a/0x420
[  668.496685][T12840]  ? __fget_files+0x3a0/0x420
[  668.496703][T12840]  ? __fget_files+0x2a/0x420
[  668.496733][T12840]  do_writev+0x14d/0x2d0
[  668.496756][T12840]  ? __pfx_do_writev+0x10/0x10
[  668.496795][T12840]  ? do_syscall_64+0xbe/0x3b0
[  668.496819][T12840]  do_syscall_64+0xfa/0x3b0
[  668.496839][T12840]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  668.496858][T12840]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  668.496897][T12840]  ? clear_bhb_loop+0x60/0xb0
[  668.496922][T12840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  668.496942][T12840] RIP: 0033:0x7f92c7b8e929
[  668.496961][T12840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  668.496978][T12840] RSP: 002b:00007f92c59f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  668.497000][T12840] RAX: ffffffffffffffda RBX: 00007f92c7db6160 RCX: 00007f92c7b8e929
[  668.497015][T12840] RDX: 0000000000000001 RSI: 0000200000000380 RDI: 0000000000000006
[  668.497028][T12840] RBP: 00007f92c59f6090 R08: 0000000000000000 R09: 0000000000000000
[  668.497041][T12840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  668.497053][T12840] R13: 0000000000000000 R14: 00007f92c7db6160 R15: 00007fff90ca14c8
[  668.497087][T12840]  </TASK>
[  669.194781][    T9] usb 2-1: USB disconnect, device number 30
[  674.757342][T10460] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  675.347977][T10460] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  675.387480][T10460] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  675.440263][T10460] usb 1-1: Product: syz
[  675.482716][T10460] usb 1-1: Manufacturer: syz
[  675.519176][T10460] usb 1-1: SerialNumber: syz
[  675.757596][T10460] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  676.309119][T12913] FAULT_INJECTION: forcing a failure.
[  676.309119][T12913] name failslab, interval 1, probability 0, space 0, times 0
[  676.321975][T12913] CPU: 0 UID: 0 PID: 12913 Comm: syz.5.1847 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  676.322002][T12913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  676.322015][T12913] Call Trace:
[  676.322024][T12913]  <TASK>
[  676.322033][T12913]  dump_stack_lvl+0x189/0x250
[  676.322061][T12913]  ? __pfx____ratelimit+0x10/0x10
[  676.322093][T12913]  ? __pfx_dump_stack_lvl+0x10/0x10
[  676.322116][T12913]  ? __pfx__printk+0x10/0x10
[  676.322150][T12913]  ? __pfx___might_resched+0x10/0x10
[  676.322172][T12913]  ? fs_reclaim_acquire+0x7d/0x100
[  676.322198][T12913]  should_fail_ex+0x414/0x560
[  676.322232][T12913]  should_failslab+0xa8/0x100
[  676.322265][T12913]  __kmalloc_noprof+0xcb/0x4f0
[  676.322292][T12913]  ? kfree+0x4d/0x440
[  676.322315][T12913]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  676.322343][T12913]  tomoyo_realpath_from_path+0xe3/0x5d0
[  676.322367][T12913]  ? tomoyo_domain+0xda/0x130
[  676.322395][T12913]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  676.322425][T12913]  tomoyo_path_number_perm+0x1e8/0x5a0
[  676.322476][T12913]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  676.322527][T12913]  ? __lock_acquire+0xab9/0xd20
[  676.322579][T12913]  ? __fget_files+0x2a/0x420
[  676.322604][T12913]  ? __fget_files+0x2a/0x420
[  676.322621][T12913]  ? __fget_files+0x3a0/0x420
[  676.322639][T12913]  ? __fget_files+0x2a/0x420
[  676.322662][T12913]  security_file_ioctl+0xcb/0x2d0
[  676.322698][T12913]  __se_sys_ioctl+0x47/0x170
[  676.322729][T12913]  do_syscall_64+0xfa/0x3b0
[  676.322752][T12913]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  676.322772][T12913]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  676.322792][T12913]  ? clear_bhb_loop+0x60/0xb0
[  676.322818][T12913]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  676.322839][T12913] RIP: 0033:0x7f964578e929
[  676.322858][T12913] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  676.322877][T12913] RSP: 002b:00007f9646629038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  676.322899][T12913] RAX: ffffffffffffffda RBX: 00007f96459b6080 RCX: 00007f964578e929
[  676.322914][T12913] RDX: 0000000000000001 RSI: 0000000000004611 RDI: 0000000000000007
[  676.322927][T12913] RBP: 00007f9646629090 R08: 0000000000000000 R09: 0000000000000000
[  676.322940][T12913] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  676.322952][T12913] R13: 0000000000000000 R14: 00007f96459b6080 R15: 00007ffdd33fd308
[  676.322986][T12913]  </TASK>
[  676.323054][T12913] ERROR: Out of memory at tomoyo_realpath_from_path.
[  677.212577][T12915] netlink: 'syz.2.1848': attribute type 3 has an invalid length.
[  677.236426][ T5922] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  677.282659][T12915] netlink: 'syz.2.1848': attribute type 3 has an invalid length.
[  677.627459][T12926] FAULT_INJECTION: forcing a failure.
[  677.627459][T12926] name failslab, interval 1, probability 0, space 0, times 0
[  677.640277][T12926] CPU: 0 UID: 0 PID: 12926 Comm: syz.5.1849 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  677.640306][T12926] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  677.640319][T12926] Call Trace:
[  677.640327][T12926]  <TASK>
[  677.640336][T12926]  dump_stack_lvl+0x189/0x250
[  677.640365][T12926]  ? __pfx____ratelimit+0x10/0x10
[  677.640398][T12926]  ? __pfx_dump_stack_lvl+0x10/0x10
[  677.640421][T12926]  ? __pfx__printk+0x10/0x10
[  677.640456][T12926]  ? __pfx___might_resched+0x10/0x10
[  677.640478][T12926]  ? fs_reclaim_acquire+0x7d/0x100
[  677.640505][T12926]  should_fail_ex+0x414/0x560
[  677.640538][T12926]  ? __pfx_sock_alloc_inode+0x10/0x10
[  677.640570][T12926]  should_failslab+0xa8/0x100
[  677.640602][T12926]  ? __pfx_sock_alloc_inode+0x10/0x10
[  677.640630][T12926]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[  677.640660][T12926]  ? sock_alloc_inode+0x28/0xc0
[  677.640702][T12926]  ? __pfx_sock_alloc_inode+0x10/0x10
[  677.640732][T12926]  sock_alloc_inode+0x28/0xc0
[  677.640762][T12926]  alloc_inode+0x6a/0x1b0
[  677.640794][T12926]  do_accept+0x111/0x680
[  677.640823][T12926]  ? __pfx_do_accept+0x10/0x10
[  677.640872][T12926]  __sys_accept4+0x11c/0x1c0
[  677.640897][T12926]  ? __pfx___sys_accept4+0x10/0x10
[  677.640919][T12926]  ? __pfx_ksys_write+0x10/0x10
[  677.640945][T12926]  ? rcu_is_watching+0x15/0xb0
[  677.640975][T12926]  __x64_sys_accept4+0x9a/0xb0
[  677.641000][T12926]  do_syscall_64+0xfa/0x3b0
[  677.641019][T12926]  ? lockdep_hardirqs_on+0x9c/0x150
[  677.641050][T12926]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  677.641070][T12926]  ? clear_bhb_loop+0x60/0xb0
[  677.641095][T12926]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  677.641116][T12926] RIP: 0033:0x7f964578e929
[  677.641135][T12926] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  677.641152][T12926] RSP: 002b:00007f9646608038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  677.641175][T12926] RAX: ffffffffffffffda RBX: 00007f96459b6160 RCX: 00007f964578e929
[  677.641190][T12926] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  677.641202][T12926] RBP: 00007f9646608090 R08: 0000000000000000 R09: 0000000000000000
[  677.641215][T12926] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  677.641227][T12926] R13: 0000000000000000 R14: 00007f96459b6160 R15: 00007ffdd33fd308
[  677.641260][T12926]  </TASK>
[  678.758439][   T44] usb 1-1: USB disconnect, device number 46
[  678.773667][ T5922] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  678.787520][ T5922] ath9k_htc: Failed to initialize the device
[  678.794254][   T44] usb 1-1: ath9k_htc: USB layer deinitialized
[  678.986646][T12938] FAULT_INJECTION: forcing a failure.
[  678.986646][T12938] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  679.002597][T12938] CPU: 1 UID: 0 PID: 12938 Comm: syz.3.1854 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  679.002626][T12938] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  679.002639][T12938] Call Trace:
[  679.002648][T12938]  <TASK>
[  679.002656][T12938]  dump_stack_lvl+0x189/0x250
[  679.002685][T12938]  ? __pfx____ratelimit+0x10/0x10
[  679.002715][T12938]  ? __pfx_dump_stack_lvl+0x10/0x10
[  679.002737][T12938]  ? __pfx__printk+0x10/0x10
[  679.002764][T12938]  ? __might_fault+0xb0/0x130
[  679.002805][T12938]  should_fail_ex+0x414/0x560
[  679.002839][T12938]  _copy_from_user+0x2d/0xb0
[  679.002863][T12938]  ___sys_sendmsg+0x158/0x2a0
[  679.002893][T12938]  ? __pfx____sys_sendmsg+0x10/0x10
[  679.002977][T12938]  ? __fget_files+0x2a/0x420
[  679.002995][T12938]  ? __fget_files+0x3a0/0x420
[  679.003025][T12938]  __x64_sys_sendmsg+0x19b/0x260
[  679.003055][T12938]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  679.003093][T12938]  ? __pfx_ksys_write+0x10/0x10
[  679.003119][T12938]  ? rcu_is_watching+0x15/0xb0
[  679.003148][T12938]  ? do_syscall_64+0xbe/0x3b0
[  679.003172][T12938]  do_syscall_64+0xfa/0x3b0
[  679.003190][T12938]  ? lockdep_hardirqs_on+0x9c/0x150
[  679.003221][T12938]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  679.003241][T12938]  ? clear_bhb_loop+0x60/0xb0
[  679.003267][T12938]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  679.003287][T12938] RIP: 0033:0x7f58ad38e929
[  679.003306][T12938] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  679.003323][T12938] RSP: 002b:00007f58ab1f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  679.003345][T12938] RAX: ffffffffffffffda RBX: 00007f58ad5b5fa0 RCX: 00007f58ad38e929
[  679.003361][T12938] RDX: 0000000000004000 RSI: 0000200000000180 RDI: 0000000000000003
[  679.003374][T12938] RBP: 00007f58ab1f6090 R08: 0000000000000000 R09: 0000000000000000
[  679.003387][T12938] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  679.003399][T12938] R13: 0000000000000000 R14: 00007f58ad5b5fa0 R15: 00007ffdbb599d78
[  679.003432][T12938]  </TASK>
[  679.367769][T12948] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1855'.
[  679.393207][T12948] syz.0.1855: attempt to access beyond end of device
[  679.393207][T12948] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0
[  679.427834][T12948] syz.0.1855: attempt to access beyond end of device
[  679.427834][T12948] nbd0: rw=0, sector=120, nr_sectors = 8 limit=0
[  679.455632][T12948] Mount JFS Failure: -5
[  679.526003][T12942] usb usb8: usbfs: process 12942 (syz.2.1852) did not claim interface 0 before use
[  680.173678][T12962] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1856'.
[  680.266303][T12962] syz.3.1856: attempt to access beyond end of device
[  680.266303][T12962] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0
[  680.279675][T12962] syz.3.1856: attempt to access beyond end of device
[  680.279675][T12962] nbd3: rw=0, sector=120, nr_sectors = 8 limit=0
[  680.296723][T12962] Mount JFS Failure: -5
[  680.669992][ T5911] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  680.828971][ T5911] usb 3-1: Using ep0 maxpacket: 32
[  680.855714][ T5911] usb 3-1: config 0 has an invalid interface number: 223 but max is 0
[  680.879396][T12974] netlink: 148 bytes leftover after parsing attributes in process `syz.0.1858'.
[  680.890380][ T5911] usb 3-1: config 0 has no interface number 0
[  680.946525][ T5911] usb 3-1: New USB device found, idVendor=0471, idProduct=0602, bcdDevice=10.fe
[  680.987937][ T5911] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  681.017625][T12978] netlink: 148 bytes leftover after parsing attributes in process `syz.3.1859'.
[  681.053893][ T5911] usb 3-1: Product: syz
[  681.063896][ T5911] usb 3-1: Manufacturer: syz
[  681.085364][ T5911] usb 3-1: SerialNumber: syz
[  681.112220][ T5911] usb 3-1: config 0 descriptor??
[  681.286865][T12986] netlink: 148 bytes leftover after parsing attributes in process `syz.5.1860'.
[  682.031413][ T5922] usb 2-1: new full-speed USB device number 31 using dummy_hcd
[  682.269874][T12991] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1861'.
[  682.291881][T12991] vlan2: entered promiscuous mode
[  682.304894][T12991] dummy0: entered promiscuous mode
[  682.644865][ T5922] usb 2-1: unable to get BOS descriptor or descriptor too short
[  682.655069][ T5922] usb 2-1: unable to read config index 0 descriptor/start: -71
[  682.752513][ T5911] usb 3-1: USB disconnect, device number 54
[  682.760735][ T5922] usb 2-1: can't read configurations, error -71
[  682.940115][T13000] netlink: 'syz.2.1862': attribute type 74 has an invalid length.
[  682.977403][T13000] netlink: 'syz.2.1862': attribute type 1 has an invalid length.
[  683.025940][T13000] netlink: 'syz.2.1862': attribute type 1 has an invalid length.
[  683.084741][T13000] netlink: 1 bytes leftover after parsing attributes in process `syz.2.1862'.
[  683.241004][T13004] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1863'.
[  683.505011][T13014] FAULT_INJECTION: forcing a failure.
[  683.505011][T13014] name failslab, interval 1, probability 0, space 0, times 0
[  683.534996][T13014] CPU: 0 UID: 0 PID: 13014 Comm: syz.3.1866 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  683.535027][T13014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  683.535040][T13014] Call Trace:
[  683.535048][T13014]  <TASK>
[  683.535057][T13014]  dump_stack_lvl+0x189/0x250
[  683.535085][T13014]  ? __pfx____ratelimit+0x10/0x10
[  683.535117][T13014]  ? __pfx_dump_stack_lvl+0x10/0x10
[  683.535140][T13014]  ? __pfx__printk+0x10/0x10
[  683.535197][T13014]  ? __pfx___might_resched+0x10/0x10
[  683.535220][T13014]  ? fs_reclaim_acquire+0x7d/0x100
[  683.535247][T13014]  should_fail_ex+0x414/0x560
[  683.535283][T13014]  should_failslab+0xa8/0x100
[  683.535317][T13014]  __kmalloc_noprof+0xcb/0x4f0
[  683.535343][T13014]  ? kfree+0x4d/0x440
[  683.535366][T13014]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  683.535395][T13014]  tomoyo_realpath_from_path+0xe3/0x5d0
[  683.535420][T13014]  ? tomoyo_domain+0xda/0x130
[  683.535449][T13014]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  683.535491][T13014]  tomoyo_path_number_perm+0x1e8/0x5a0
[  683.535523][T13014]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  683.535572][T13014]  ? __lock_acquire+0xab9/0xd20
[  683.535613][T13014]  ? __fget_files+0x2a/0x420
[  683.535635][T13014]  ? __fget_files+0x2a/0x420
[  683.535652][T13014]  ? __fget_files+0x3a0/0x420
[  683.535669][T13014]  ? __fget_files+0x2a/0x420
[  683.535692][T13014]  security_file_ioctl+0xcb/0x2d0
[  683.535725][T13014]  __se_sys_ioctl+0x47/0x170
[  683.535754][T13014]  do_syscall_64+0xfa/0x3b0
[  683.535773][T13014]  ? lockdep_hardirqs_on+0x9c/0x150
[  683.535802][T13014]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  683.535822][T13014]  ? clear_bhb_loop+0x60/0xb0
[  683.535847][T13014]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  683.535867][T13014] RIP: 0033:0x7f58ad38e929
[  683.535884][T13014] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  683.535901][T13014] RSP: 002b:00007f58ab1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  683.535922][T13014] RAX: ffffffffffffffda RBX: 00007f58ad5b5fa0 RCX: 00007f58ad38e929
[  683.535936][T13014] RDX: 00002000000000c0 RSI: 000000004048aecb RDI: 0000000000000009
[  683.535949][T13014] RBP: 00007f58ab1f6090 R08: 0000000000000000 R09: 0000000000000000
[  683.535961][T13014] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  683.535973][T13014] R13: 0000000000000000 R14: 00007f58ad5b5fa0 R15: 00007ffdbb599d78
[  683.536005][T13014]  </TASK>
[  683.536013][T13014] ERROR: Out of memory at tomoyo_realpath_from_path.
[  685.437317][ T5911] usb 3-1: new full-speed USB device number 55 using dummy_hcd
[  685.742677][T13068] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1876'.
[  685.903293][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  685.925935][T13059] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1875'.
[  686.049626][T13059] vlan2: entered promiscuous mode
[  686.204217][T13074] mmap: syz.3.1878 (13074): VmData 37728256 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[  686.293195][T13080] 9pnet_fd: Insufficient options for proto=fd
[  686.342882][ T5911] usb 3-1: unable to get BOS descriptor or descriptor too short
[  686.378982][ T5911] usb 3-1: unable to read config index 0 descriptor/start: -71
[  686.399991][ T5911] usb 3-1: can't read configurations, error -71
[  686.503645][T13088] netlink: 64 bytes leftover after parsing attributes in process `syz.1.1877'.
[  686.878767][T13096] FAULT_INJECTION: forcing a failure.
[  686.878767][T13096] name failslab, interval 1, probability 0, space 0, times 0
[  686.891726][T13096] CPU: 0 UID: 0 PID: 13096 Comm: syz.0.1881 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  686.891755][T13096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  686.891768][T13096] Call Trace:
[  686.891777][T13096]  <TASK>
[  686.891786][T13096]  dump_stack_lvl+0x189/0x250
[  686.891815][T13096]  ? __pfx____ratelimit+0x10/0x10
[  686.891847][T13096]  ? __pfx_dump_stack_lvl+0x10/0x10
[  686.891870][T13096]  ? __pfx__printk+0x10/0x10
[  686.891912][T13096]  ? __pfx___might_resched+0x10/0x10
[  686.891935][T13096]  ? fs_reclaim_acquire+0x7d/0x100
[  686.891962][T13096]  should_fail_ex+0x414/0x560
[  686.891998][T13096]  should_failslab+0xa8/0x100
[  686.892031][T13096]  __kmalloc_cache_noprof+0x70/0x3d0
[  686.892060][T13096]  ? futex_lock_pi+0x883/0xa60
[  686.892095][T13096]  futex_lock_pi+0x883/0xa60
[  686.892121][T13096]  ? finish_task_switch+0x18b/0x950
[  686.892162][T13096]  ? __pfx_futex_lock_pi+0x10/0x10
[  686.892224][T13096]  ? __pfx_futex_wake_mark+0x10/0x10
[  686.892260][T13096]  ? vfs_write+0x8d8/0xa90
[  686.892300][T13096]  ? ksys_write+0x1cb/0x250
[  686.892332][T13096]  do_futex+0x292/0x420
[  686.892365][T13096]  ? __pfx_do_futex+0x10/0x10
[  686.892391][T13096]  ? preempt_schedule_irq+0xde/0x150
[  686.892429][T13096]  __se_sys_futex+0x36f/0x400
[  686.892463][T13096]  ? __pfx___se_sys_futex+0x10/0x10
[  686.892500][T13096]  ? __x64_sys_futex+0x21/0xf0
[  686.892531][T13096]  do_syscall_64+0xfa/0x3b0
[  686.892552][T13096]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  686.892572][T13096]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  686.892592][T13096]  ? clear_bhb_loop+0x60/0xb0
[  686.892618][T13096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  686.892638][T13096] RIP: 0033:0x7f169298e929
[  686.892658][T13096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  686.892676][T13096] RSP: 002b:00007f16907f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  686.892699][T13096] RAX: ffffffffffffffda RBX: 00007f1692bb6160 RCX: 00007f169298e929
[  686.892714][T13096] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 000020000000cffc
[  686.892728][T13096] RBP: 00007f16907f6090 R08: 0000000000000000 R09: 0000000000000000
[  686.892741][T13096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  686.892753][T13096] R13: 0000000000000001 R14: 00007f1692bb6160 R15: 00007fffcd782e58
[  686.892787][T13096]  </TASK>
[  688.960118][T13109] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1884'.
[  688.971335][T13109] syz.3.1884: attempt to access beyond end of device
[  688.971335][T13109] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0
[  688.985120][T13109] syz.3.1884: attempt to access beyond end of device
[  688.985120][T13109] nbd3: rw=0, sector=120, nr_sectors = 8 limit=0
[  688.998137][T13109] Mount JFS Failure: -5
[  689.834663][T13132] FAULT_INJECTION: forcing a failure.
[  689.834663][T13132] name failslab, interval 1, probability 0, space 0, times 0
[  689.847672][T13132] CPU: 1 UID: 0 PID: 13132 Comm: syz.2.1888 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  689.847700][T13132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  689.847719][T13132] Call Trace:
[  689.847728][T13132]  <TASK>
[  689.847736][T13132]  dump_stack_lvl+0x189/0x250
[  689.847764][T13132]  ? __pfx____ratelimit+0x10/0x10
[  689.847795][T13132]  ? __pfx_dump_stack_lvl+0x10/0x10
[  689.847818][T13132]  ? __pfx__printk+0x10/0x10
[  689.847850][T13132]  ? __pfx___might_resched+0x10/0x10
[  689.847871][T13132]  ? fs_reclaim_acquire+0x7d/0x100
[  689.847897][T13132]  should_fail_ex+0x414/0x560
[  689.847932][T13132]  should_failslab+0xa8/0x100
[  689.847964][T13132]  kmem_cache_alloc_noprof+0x73/0x3c0
[  689.847991][T13132]  ? vm_area_dup+0x2b/0x680
[  689.848014][T13132]  vm_area_dup+0x2b/0x680
[  689.848038][T13132]  __split_vma+0x1a9/0xa00
[  689.848075][T13132]  ? __pfx___split_vma+0x10/0x10
[  689.848113][T13132]  ? rcu_is_watching+0x15/0xb0
[  689.848136][T13132]  ? trace_sched_exit_tp+0x38/0x120
[  689.848170][T13132]  vms_gather_munmap_vmas+0x2de/0x12b0
[  689.848210][T13132]  ? preempt_schedule_irq+0xb5/0x150
[  689.848243][T13132]  ? __pfx_vms_gather_munmap_vmas+0x10/0x10
[  689.848267][T13132]  ? __pfx___schedule+0x10/0x10
[  689.848299][T13132]  ? finish_task_switch+0x266/0x950
[  689.848328][T13132]  ? lockdep_hardirqs_on+0x9c/0x150
[  689.848367][T13132]  do_vmi_align_munmap+0x25d/0x420
[  689.848389][T13132]  ? rcu_is_watching+0x15/0xb0
[  689.848431][T13132]  ? __pfx_do_vmi_align_munmap+0x10/0x10
[  689.848480][T13132]  ? mas_find+0x962/0xc10
[  689.848514][T13132]  do_vmi_munmap+0x253/0x2e0
[  689.848545][T13132]  do_munmap+0xe1/0x140
[  689.848572][T13132]  ? __lock_acquire+0xab9/0xd20
[  689.848593][T13132]  ? __pfx_do_munmap+0x10/0x10
[  689.848644][T13132]  mremap_to+0x56a/0x8b0
[  689.848677][T13132]  ? __pfx_mremap_to+0x10/0x10
[  689.848708][T13132]  ? __pfx_down_write_killable+0x10/0x10
[  689.848748][T13132]  __se_sys_mremap+0x8ac/0xc00
[  689.848793][T13132]  ? __pfx___se_sys_mremap+0x10/0x10
[  689.848814][T13132]  ? ksys_write+0x22a/0x250
[  689.848844][T13132]  ? __pfx_ksys_write+0x10/0x10
[  689.848878][T13132]  ? do_syscall_64+0xbe/0x3b0
[  689.848895][T13132]  ? __x64_sys_mremap+0x20/0xc0
[  689.848921][T13132]  do_syscall_64+0xfa/0x3b0
[  689.848941][T13132]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  689.848960][T13132]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  689.848979][T13132]  ? clear_bhb_loop+0x60/0xb0
[  689.849004][T13132]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  689.849024][T13132] RIP: 0033:0x7f92c7b8e929
[  689.849042][T13132] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  689.849059][T13132] RSP: 002b:00007f92c59f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000019
[  689.849081][T13132] RAX: ffffffffffffffda RBX: 00007f92c7db6160 RCX: 00007f92c7b8e929
[  689.849095][T13132] RDX: 0000000000001000 RSI: 0000000000003000 RDI: 0000200000532000
[  689.849108][T13132] RBP: 00007f92c59f6090 R08: 0000200000190000 R09: 0000000000000000
[  689.849139][T13132] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000001
[  689.849151][T13132] R13: 0000000000000000 R14: 00007f92c7db6160 R15: 00007fff90ca14c8
[  689.849184][T13132]  </TASK>
[  690.953652][T13153] FAULT_INJECTION: forcing a failure.
[  690.953652][T13153] name failslab, interval 1, probability 0, space 0, times 0
[  691.011536][T13153] CPU: 1 UID: 0 PID: 13153 Comm: syz.1.1891 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  691.011568][T13153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  691.011581][T13153] Call Trace:
[  691.011590][T13153]  <TASK>
[  691.011599][T13153]  dump_stack_lvl+0x189/0x250
[  691.011629][T13153]  ? __pfx____ratelimit+0x10/0x10
[  691.011661][T13153]  ? __pfx_dump_stack_lvl+0x10/0x10
[  691.011685][T13153]  ? __pfx__printk+0x10/0x10
[  691.011718][T13153]  ? __pfx___might_resched+0x10/0x10
[  691.011739][T13153]  ? fs_reclaim_acquire+0x7d/0x100
[  691.011765][T13153]  should_fail_ex+0x414/0x560
[  691.011800][T13153]  should_failslab+0xa8/0x100
[  691.011833][T13153]  kmem_cache_alloc_noprof+0x73/0x3c0
[  691.011862][T13153]  ? getname_flags+0xb8/0x540
[  691.011880][T13153]  ? __pfx_ksys_write+0x10/0x10
[  691.011912][T13153]  getname_flags+0xb8/0x540
[  691.011937][T13153]  __x64_sys_unlink+0x3a/0x50
[  691.011965][T13153]  do_syscall_64+0xfa/0x3b0
[  691.011983][T13153]  ? lockdep_hardirqs_on+0x9c/0x150
[  691.012014][T13153]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  691.012035][T13153]  ? clear_bhb_loop+0x60/0xb0
[  691.012061][T13153]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  691.012081][T13153] RIP: 0033:0x7fd40318e929
[  691.012099][T13153] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  691.012118][T13153] RSP: 002b:00007fd400ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[  691.012140][T13153] RAX: ffffffffffffffda RBX: 00007fd4033b6080 RCX: 00007fd40318e929
[  691.012155][T13153] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000100
[  691.012168][T13153] RBP: 00007fd400ff6090 R08: 0000000000000000 R09: 0000000000000000
[  691.012180][T13153] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  691.012193][T13153] R13: 0000000000000000 R14: 00007fd4033b6080 R15: 00007ffdfef3d3c8
[  691.012225][T13153]  </TASK>
[  691.030526][ T5845] Bluetooth: hci3: unexpected event 0x03 length: 1 < 11
[  695.034301][T13200] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1900'.
[  695.185906][T13209] FAULT_INJECTION: forcing a failure.
[  695.185906][T13209] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  695.199320][T13209] CPU: 0 UID: 0 PID: 13209 Comm: syz.1.1901 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  695.199349][T13209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  695.199362][T13209] Call Trace:
[  695.199371][T13209]  <TASK>
[  695.199380][T13209]  dump_stack_lvl+0x189/0x250
[  695.199408][T13209]  ? __pfx____ratelimit+0x10/0x10
[  695.199440][T13209]  ? __pfx_dump_stack_lvl+0x10/0x10
[  695.199464][T13209]  ? __pfx__printk+0x10/0x10
[  695.199492][T13209]  ? __might_fault+0xb0/0x130
[  695.199535][T13209]  should_fail_ex+0x414/0x560
[  695.199571][T13209]  _copy_from_user+0x2d/0xb0
[  695.199596][T13209]  core_sys_select+0x4b7/0xa20
[  695.199640][T13209]  ? __pfx_core_sys_select+0x10/0x10
[  695.199698][T13209]  ? __pfx_set_user_sigmask+0x10/0x10
[  695.199734][T13209]  __se_sys_pselect6+0x27a/0x300
[  695.199772][T13209]  ? __pfx___se_sys_pselect6+0x10/0x10
[  695.199803][T13209]  ? rcu_is_watching+0x15/0xb0
[  695.199832][T13209]  ? __x64_sys_pselect6+0x21/0xf0
[  695.199866][T13209]  do_syscall_64+0xfa/0x3b0
[  695.199887][T13209]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  695.199907][T13209]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  695.199927][T13209]  ? clear_bhb_loop+0x60/0xb0
[  695.199953][T13209]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  695.199973][T13209] RIP: 0033:0x7fd40318e929
[  695.199991][T13209] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  695.200009][T13209] RSP: 002b:00007fd400ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  695.200031][T13209] RAX: ffffffffffffffda RBX: 00007fd4033b6080 RCX: 00007fd40318e929
[  695.200047][T13209] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000040
[  695.200060][T13209] RBP: 00007fd400ff6090 R08: 0000000000000000 R09: 0000000000000000
[  695.200073][T13209] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000001
[  695.200086][T13209] R13: 0000000000000001 R14: 00007fd4033b6080 R15: 00007ffdfef3d3c8
[  695.200118][T13209]  </TASK>
[  700.276815][T13267] FAULT_INJECTION: forcing a failure.
[  700.276815][T13267] name failslab, interval 1, probability 0, space 0, times 0
[  700.321732][T13267] CPU: 1 UID: 0 PID: 13267 Comm: syz.5.1913 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  700.321772][T13267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  700.321785][T13267] Call Trace:
[  700.321793][T13267]  <TASK>
[  700.321802][T13267]  dump_stack_lvl+0x189/0x250
[  700.321830][T13267]  ? __pfx____ratelimit+0x10/0x10
[  700.321859][T13267]  ? __pfx_dump_stack_lvl+0x10/0x10
[  700.321882][T13267]  ? __pfx__printk+0x10/0x10
[  700.321915][T13267]  ? __pfx___might_resched+0x10/0x10
[  700.321937][T13267]  ? fs_reclaim_acquire+0x7d/0x100
[  700.321962][T13267]  should_fail_ex+0x414/0x560
[  700.321997][T13267]  should_failslab+0xa8/0x100
[  700.322028][T13267]  __kmalloc_noprof+0xcb/0x4f0
[  700.322055][T13267]  ? kfree+0x4d/0x440
[  700.322077][T13267]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  700.322104][T13267]  tomoyo_realpath_from_path+0xe3/0x5d0
[  700.322128][T13267]  ? tomoyo_domain+0xda/0x130
[  700.322154][T13267]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  700.322183][T13267]  tomoyo_path_number_perm+0x1e8/0x5a0
[  700.322214][T13267]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  700.322261][T13267]  ? __lock_acquire+0xab9/0xd20
[  700.322302][T13267]  ? __fget_files+0x2a/0x420
[  700.322324][T13267]  ? __fget_files+0x2a/0x420
[  700.322341][T13267]  ? __fget_files+0x3a0/0x420
[  700.322357][T13267]  ? __fget_files+0x2a/0x420
[  700.322379][T13267]  security_file_ioctl+0xcb/0x2d0
[  700.322411][T13267]  __se_sys_ioctl+0x47/0x170
[  700.322440][T13267]  do_syscall_64+0xfa/0x3b0
[  700.322459][T13267]  ? lockdep_hardirqs_on+0x9c/0x150
[  700.322488][T13267]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  700.322506][T13267]  ? clear_bhb_loop+0x60/0xb0
[  700.322531][T13267]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  700.322574][T13267] RIP: 0033:0x7f964578e929
[  700.322611][T13267] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  700.322629][T13267] RSP: 002b:00007f964664a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  700.322651][T13267] RAX: ffffffffffffffda RBX: 00007f96459b5fa0 RCX: 00007f964578e929
[  700.322666][T13267] RDX: 0000200000001280 RSI: 00000000c01c64d0 RDI: 0000000000000003
[  700.322679][T13267] RBP: 00007f964664a090 R08: 0000000000000000 R09: 0000000000000000
[  700.322692][T13267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  700.322704][T13267] R13: 0000000000000000 R14: 00007f96459b5fa0 R15: 00007ffdd33fd308
[  700.322737][T13267]  </TASK>
[  700.322745][T13267] ERROR: Out of memory at tomoyo_realpath_from_path.
[  700.417620][ T5911] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  700.582582][ T5911] usb 3-1: too many configurations: 180, using maximum allowed: 8
[  700.646852][ T5911] usb 3-1: config index 0 descriptor too short (expected 65384, got 72)
[  700.670673][ T5911] usb 3-1: config index 1 descriptor too short (expected 65384, got 72)
[  700.687044][ T5911] usb 3-1: config index 2 descriptor too short (expected 65384, got 72)
[  700.700713][ T5911] usb 3-1: config index 3 descriptor too short (expected 65384, got 72)
[  700.717431][ T5911] usb 3-1: config index 4 descriptor too short (expected 65384, got 72)
[  700.735064][ T5911] usb 3-1: config index 5 descriptor too short (expected 65384, got 72)
[  700.785836][ T5911] usb 3-1: config index 6 descriptor too short (expected 65384, got 72)
[  700.820158][ T5911] usb 3-1: config index 7 descriptor too short (expected 65384, got 72)
[  700.871699][ T5911] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  700.893336][ T5911] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  701.547260][ T5911] usb 3-1: Product: syz
[  701.551509][ T5911] usb 3-1: Manufacturer: syz
[  701.556161][ T5911] usb 3-1: SerialNumber: syz
[  701.599031][ T5911] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  701.623347][T12766] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  702.102625][T13291] FAULT_INJECTION: forcing a failure.
[  702.102625][T13291] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  702.116244][T13291] CPU: 0 UID: 0 PID: 13291 Comm: syz.5.1917 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  702.116273][T13291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  702.116286][T13291] Call Trace:
[  702.116298][T13291]  <TASK>
[  702.116307][T13291]  dump_stack_lvl+0x189/0x250
[  702.116335][T13291]  ? __pfx____ratelimit+0x10/0x10
[  702.116367][T13291]  ? __pfx_dump_stack_lvl+0x10/0x10
[  702.116391][T13291]  ? __pfx__printk+0x10/0x10
[  702.116418][T13291]  ? __might_fault+0xb0/0x130
[  702.116468][T13291]  should_fail_ex+0x414/0x560
[  702.116504][T13291]  _copy_from_user+0x2d/0xb0
[  702.116529][T13291]  ___sys_recvmsg+0x12e/0x510
[  702.116555][T13291]  ? rcu_is_watching+0x15/0xb0
[  702.116584][T13291]  ? __pfx____sys_recvmsg+0x10/0x10
[  702.116635][T13291]  ? __rcu_read_unlock+0x84/0xe0
[  702.116666][T13291]  ? __fget_files+0x3a0/0x420
[  702.116698][T13291]  do_recvmmsg+0x307/0x770
[  702.116736][T13291]  ? __pfx_do_recvmmsg+0x10/0x10
[  702.116778][T13291]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  702.116819][T13291]  __x64_sys_recvmmsg+0x190/0x240
[  702.116850][T13291]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  702.116896][T13291]  ? do_syscall_64+0xbe/0x3b0
[  702.116919][T13291]  do_syscall_64+0xfa/0x3b0
[  702.116940][T13291]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  702.116959][T13291]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  702.116979][T13291]  ? clear_bhb_loop+0x60/0xb0
[  702.117004][T13291]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  702.117023][T13291] RIP: 0033:0x7f964578e929
[  702.117059][T13291] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  702.117092][T13291] RSP: 002b:00007f9646608038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  702.117115][T13291] RAX: ffffffffffffffda RBX: 00007f96459b6160 RCX: 00007f964578e929
[  702.117130][T13291] RDX: 0000000000000360 RSI: 0000200000000b80 RDI: 0000000000000005
[  702.117142][T13291] RBP: 00007f9646608090 R08: 0000000000000000 R09: 0000000000000000
[  702.117154][T13291] R10: 0000000000000120 R11: 0000000000000246 R12: 0000000000000001
[  702.117166][T13291] R13: 0000000000000000 R14: 00007f96459b6160 R15: 00007ffdd33fd308
[  702.117198][T13291]  </TASK>
[  702.336202][    C0] vkms_vblank_simulate: vblank timer overrun
[  702.917710][T12766] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  702.924830][T12766] ath9k_htc: Failed to initialize the device
[  702.934537][    T9] usb 3-1: USB disconnect, device number 57
[  702.972209][    T9] usb 3-1: ath9k_htc: USB layer deinitialized
[  704.197276][ T5911] usb 2-1: new full-speed USB device number 33 using dummy_hcd
[  704.634127][T13318] FAULT_INJECTION: forcing a failure.
[  704.634127][T13318] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  704.703580][T13318] CPU: 1 UID: 0 PID: 13318 Comm: syz.5.1924 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  704.703610][T13318] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  704.703623][T13318] Call Trace:
[  704.703632][T13318]  <TASK>
[  704.703641][T13318]  dump_stack_lvl+0x189/0x250
[  704.703670][T13318]  ? __pfx____ratelimit+0x10/0x10
[  704.703701][T13318]  ? __pfx_dump_stack_lvl+0x10/0x10
[  704.703725][T13318]  ? __pfx__printk+0x10/0x10
[  704.703765][T13318]  should_fail_ex+0x414/0x560
[  704.703799][T13318]  _copy_to_user+0x31/0xb0
[  704.703825][T13318]  simple_read_from_buffer+0xe1/0x170
[  704.703861][T13318]  proc_fail_nth_read+0x1df/0x250
[  704.703886][T13318]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  704.703911][T13318]  ? rw_verify_area+0x258/0x650
[  704.703937][T13318]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  704.703959][T13318]  vfs_read+0x200/0x980
[  704.703992][T13318]  ? __pfx___mutex_lock+0x10/0x10
[  704.704012][T13318]  ? __pfx_vfs_read+0x10/0x10
[  704.704041][T13318]  ? __fget_files+0x2a/0x420
[  704.704065][T13318]  ? __fget_files+0x3a0/0x420
[  704.704082][T13318]  ? __fget_files+0x2a/0x420
[  704.704111][T13318]  ksys_read+0x145/0x250
[  704.704137][T13318]  ? __fget_files+0x3a0/0x420
[  704.704157][T13318]  ? __pfx_ksys_read+0x10/0x10
[  704.704189][T13318]  ? do_syscall_64+0xbe/0x3b0
[  704.704214][T13318]  do_syscall_64+0xfa/0x3b0
[  704.704230][T13318]  ? lockdep_hardirqs_on+0x9c/0x150
[  704.704261][T13318]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  704.704282][T13318]  ? clear_bhb_loop+0x60/0xb0
[  704.704307][T13318]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  704.704327][T13318] RIP: 0033:0x7f964578d33c
[  704.704345][T13318] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  704.704363][T13318] RSP: 002b:00007f964664a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  704.704385][T13318] RAX: ffffffffffffffda RBX: 00007f96459b5fa0 RCX: 00007f964578d33c
[  704.704400][T13318] RDX: 000000000000000f RSI: 00007f964664a0a0 RDI: 0000000000000003
[  704.704413][T13318] RBP: 00007f964664a090 R08: 0000000000000000 R09: 0000000000000000
[  704.704426][T13318] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  704.704438][T13318] R13: 0000000000000000 R14: 00007f96459b5fa0 R15: 00007ffdd33fd308
[  704.704471][T13318]  </TASK>
[  705.003257][ T5911] usb 2-1: unable to get BOS descriptor or descriptor too short
[  705.211908][ T5911] usb 2-1: not running at top speed; connect to a high speed hub
[  705.284824][ T5911] usb 2-1: config 253 has an invalid interface number: 140 but max is 0
[  705.305899][ T5911] usb 2-1: config 253 has an invalid descriptor of length 204, skipping remainder of the config
[  705.803200][ T5911] usb 2-1: config 253 has no interface number 0
[  705.817033][ T5911] usb 2-1: config 253 interface 140 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  707.210450][ T5911] usb 2-1: string descriptor 0 read error: -71
[  707.231531][ T5911] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=3e.5b
[  707.281811][ T5911] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  707.325154][ T5911] usb 2-1: can't set config #253, error -71
[  707.378691][ T5911] usb 2-1: USB disconnect, device number 33
[  707.455234][T13344] tipc: Started in network mode
[  707.460774][T13344] tipc: Node identity 6, cluster identity 4711
[  707.467103][T13344] tipc: Node number set to 6
[  707.941458][T13361] FAULT_INJECTION: forcing a failure.
[  707.941458][T13361] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  707.954760][T13361] CPU: 1 UID: 0 PID: 13361 Comm: syz.5.1935 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  707.954787][T13361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  707.954800][T13361] Call Trace:
[  707.954808][T13361]  <TASK>
[  707.954817][T13361]  dump_stack_lvl+0x189/0x250
[  707.954845][T13361]  ? __pfx____ratelimit+0x10/0x10
[  707.954881][T13361]  ? __pfx_dump_stack_lvl+0x10/0x10
[  707.954904][T13361]  ? __pfx__printk+0x10/0x10
[  707.954934][T13361]  ? __might_fault+0xb0/0x130
[  707.954977][T13361]  should_fail_ex+0x414/0x560
[  707.955017][T13361]  _copy_from_user+0x2d/0xb0
[  707.955041][T13361]  __sys_bpf+0x1ed/0x860
[  707.955074][T13361]  ? __pfx___sys_bpf+0x10/0x10
[  707.955100][T13361]  ? preempt_schedule_irq+0xde/0x150
[  707.955161][T13361]  __x64_sys_bpf+0x7c/0x90
[  707.955189][T13361]  do_syscall_64+0xfa/0x3b0
[  707.955210][T13361]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  707.955229][T13361]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  707.955248][T13361]  ? clear_bhb_loop+0x60/0xb0
[  707.955273][T13361]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  707.955311][T13361] RIP: 0033:0x7f964578e929
[  707.955329][T13361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  707.955347][T13361] RSP: 002b:00007f9646608038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  707.955368][T13361] RAX: ffffffffffffffda RBX: 00007f96459b6160 RCX: 00007f964578e929
[  707.955384][T13361] RDX: 0000000000000094 RSI: 0000200000000440 RDI: 0000000000000005
[  707.955397][T13361] RBP: 00007f9646608090 R08: 0000000000000000 R09: 0000000000000000
[  707.955409][T13361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  707.955422][T13361] R13: 0000000000000000 R14: 00007f96459b6160 R15: 00007ffdd33fd308
[  707.955454][T13361]  </TASK>
[  708.379145][T13357] program syz.1.1934 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  708.407423][T13357] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  708.730983][T13370] FAULT_INJECTION: forcing a failure.
[  708.730983][T13370] name failslab, interval 1, probability 0, space 0, times 0
[  708.744615][T13370] CPU: 0 UID: 0 PID: 13370 Comm: syz.3.1938 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  708.744644][T13370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  708.744657][T13370] Call Trace:
[  708.744665][T13370]  <TASK>
[  708.744674][T13370]  dump_stack_lvl+0x189/0x250
[  708.744704][T13370]  ? __pfx____ratelimit+0x10/0x10
[  708.744737][T13370]  ? __pfx_dump_stack_lvl+0x10/0x10
[  708.744761][T13370]  ? __pfx__printk+0x10/0x10
[  708.744796][T13370]  ? __pfx___might_resched+0x10/0x10
[  708.744817][T13370]  ? fs_reclaim_acquire+0x7d/0x100
[  708.744844][T13370]  should_fail_ex+0x414/0x560
[  708.744879][T13370]  ? file_tty_write+0x2a8/0x990
[  708.744908][T13370]  should_failslab+0xa8/0x100
[  708.744943][T13370]  __kvmalloc_node_noprof+0x161/0x5f0
[  708.744974][T13370]  ? file_tty_write+0x2a8/0x990
[  708.745002][T13370]  file_tty_write+0x2a8/0x990
[  708.745035][T13370]  vfs_write+0x548/0xa90
[  708.745070][T13370]  ? __pfx_tty_write+0x10/0x10
[  708.745093][T13370]  ? __pfx_vfs_write+0x10/0x10
[  708.745134][T13370]  ? __fget_files+0x2a/0x420
[  708.745164][T13370]  ksys_write+0x145/0x250
[  708.745196][T13370]  ? __pfx_ksys_write+0x10/0x10
[  708.745220][T13370]  ? rcu_is_watching+0x15/0xb0
[  708.745250][T13370]  ? do_syscall_64+0xbe/0x3b0
[  708.745275][T13370]  do_syscall_64+0xfa/0x3b0
[  708.745294][T13370]  ? lockdep_hardirqs_on+0x9c/0x150
[  708.745324][T13370]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  708.745345][T13370]  ? clear_bhb_loop+0x60/0xb0
[  708.745371][T13370]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  708.745391][T13370] RIP: 0033:0x7f58ad38e929
[  708.745410][T13370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  708.745429][T13370] RSP: 002b:00007f58ab1d5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  708.745451][T13370] RAX: ffffffffffffffda RBX: 00007f58ad5b6080 RCX: 00007f58ad38e929
[  708.745466][T13370] RDX: 0000000000001006 RSI: 0000200000002080 RDI: 0000000000000007
[  708.745479][T13370] RBP: 00007f58ab1d5090 R08: 0000000000000000 R09: 0000000000000000
[  708.745492][T13370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  708.745504][T13370] R13: 0000000000000000 R14: 00007f58ad5b6080 R15: 00007ffdbb599d78
[  708.745542][T13370]  </TASK>
[  708.974066][    C0] vkms_vblank_simulate: vblank timer overrun
[  709.280157][T13373] FAULT_INJECTION: forcing a failure.
[  709.280157][T13373] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  709.437635][ T5911] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[  709.508394][T13373] CPU: 1 UID: 0 PID: 13373 Comm: syz.0.1940 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  709.508424][T13373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  709.508436][T13373] Call Trace:
[  709.508444][T13373]  <TASK>
[  709.508453][T13373]  dump_stack_lvl+0x189/0x250
[  709.508480][T13373]  ? __pfx____ratelimit+0x10/0x10
[  709.508510][T13373]  ? __pfx_dump_stack_lvl+0x10/0x10
[  709.508532][T13373]  ? __pfx__printk+0x10/0x10
[  709.508558][T13373]  ? __might_fault+0xb0/0x130
[  709.508599][T13373]  should_fail_ex+0x414/0x560
[  709.508634][T13373]  _copy_from_user+0x2d/0xb0
[  709.508658][T13373]  ___sys_recvmsg+0x12e/0x510
[  709.508691][T13373]  ? __pfx____sys_recvmsg+0x10/0x10
[  709.508746][T13373]  ? __fget_files+0x3a0/0x420
[  709.508776][T13373]  do_recvmmsg+0x307/0x770
[  709.508811][T13373]  ? __pfx_do_recvmmsg+0x10/0x10
[  709.508849][T13373]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  709.508888][T13373]  __x64_sys_recvmmsg+0x190/0x240
[  709.508918][T13373]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  709.508950][T13373]  ? do_syscall_64+0xbe/0x3b0
[  709.508972][T13373]  do_syscall_64+0xfa/0x3b0
[  709.508992][T13373]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  709.509011][T13373]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  709.509030][T13373]  ? clear_bhb_loop+0x60/0xb0
[  709.509053][T13373]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  709.509072][T13373] RIP: 0033:0x7f169298e929
[  709.509098][T13373] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  709.509116][T13373] RSP: 002b:00007f169373c038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  709.509137][T13373] RAX: ffffffffffffffda RBX: 00007f1692bb5fa0 RCX: 00007f169298e929
[  709.509151][T13373] RDX: 0000000000000004 RSI: 0000200000002c00 RDI: 0000000000000003
[  709.509163][T13373] RBP: 00007f169373c090 R08: 0000000000000000 R09: 0000000000000000
[  709.509176][T13373] R10: 0000000040010020 R11: 0000000000000246 R12: 0000000000000001
[  709.509188][T13373] R13: 0000000000000000 R14: 00007f1692bb5fa0 R15: 00007fffcd782e58
[  709.509220][T13373]  </TASK>
[  709.847499][ T5911] usb 3-1: Using ep0 maxpacket: 32
[  709.860221][ T5911] usb 3-1: config 0 has an invalid interface number: 126 but max is 0
[  709.992525][ T5911] usb 3-1: config 0 has no interface number 0
[  710.132809][ T5911] usb 3-1: config 0 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[  710.819233][T13377] netlink: 452 bytes leftover after parsing attributes in process `syz.0.1941'.
[  711.298548][ T5911] usb 3-1: config 0 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8
[  711.309870][ T5911] usb 3-1: config 0 interface 126 has no altsetting 0
[  711.319742][ T5911] usb 3-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c
[  711.329287][ T5911] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  711.347293][ T5911] usb 3-1: Product: syz
[  711.351527][ T5911] usb 3-1: Manufacturer: syz
[  711.356150][ T5911] usb 3-1: SerialNumber: syz
[  711.378340][ T5911] usb 3-1: config 0 descriptor??
[  711.385061][T13371] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  711.398828][T13371] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  713.695074][ T5911] ir_usb 3-1:0.126: IR Dongle converter detected
[  713.706651][ T5911] usb 3-1: IRDA class descriptor not found, device not bound
[  713.754206][T13393] vlan2: entered promiscuous mode
[  713.761087][ T5911] usb 3-1: USB disconnect, device number 58
[  713.839065][T13400] FAULT_INJECTION: forcing a failure.
[  713.839065][T13400] name failslab, interval 1, probability 0, space 0, times 0
[  713.870851][T13400] CPU: 1 UID: 0 PID: 13400 Comm: syz.5.1949 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  713.870882][T13400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  713.870895][T13400] Call Trace:
[  713.870904][T13400]  <TASK>
[  713.870913][T13400]  dump_stack_lvl+0x189/0x250
[  713.870942][T13400]  ? __pfx____ratelimit+0x10/0x10
[  713.870974][T13400]  ? __pfx_dump_stack_lvl+0x10/0x10
[  713.870998][T13400]  ? __pfx__printk+0x10/0x10
[  713.871030][T13400]  ? __pfx___might_resched+0x10/0x10
[  713.871053][T13400]  ? fs_reclaim_acquire+0x7d/0x100
[  713.871079][T13400]  should_fail_ex+0x414/0x560
[  713.871114][T13400]  should_failslab+0xa8/0x100
[  713.871147][T13400]  __kmalloc_noprof+0xcb/0x4f0
[  713.871174][T13400]  ? kfree+0x4d/0x440
[  713.871197][T13400]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  713.871225][T13400]  tomoyo_realpath_from_path+0xe3/0x5d0
[  713.871249][T13400]  ? tomoyo_domain+0xda/0x130
[  713.871278][T13400]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  713.871307][T13400]  tomoyo_path_number_perm+0x1e8/0x5a0
[  713.871340][T13400]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  713.871389][T13400]  ? __lock_acquire+0xab9/0xd20
[  713.871432][T13400]  ? __fget_files+0x2a/0x420
[  713.871454][T13400]  ? __fget_files+0x2a/0x420
[  713.871471][T13400]  ? __fget_files+0x3a0/0x420
[  713.871496][T13400]  ? __fget_files+0x2a/0x420
[  713.871519][T13400]  security_file_ioctl+0xcb/0x2d0
[  713.871554][T13400]  __se_sys_ioctl+0x47/0x170
[  713.871583][T13400]  do_syscall_64+0xfa/0x3b0
[  713.871601][T13400]  ? lockdep_hardirqs_on+0x9c/0x150
[  713.871632][T13400]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  713.871651][T13400]  ? clear_bhb_loop+0x60/0xb0
[  713.871677][T13400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  713.871696][T13400] RIP: 0033:0x7f964578e929
[  713.871715][T13400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  713.871733][T13400] RSP: 002b:00007f964664a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  713.871755][T13400] RAX: ffffffffffffffda RBX: 00007f96459b5fa0 RCX: 00007f964578e929
[  713.871770][T13400] RDX: 0000200000000540 RSI: 00000000000007a8 RDI: 0000000000000004
[  713.871783][T13400] RBP: 00007f964664a090 R08: 0000000000000000 R09: 0000000000000000
[  713.871795][T13400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  713.871807][T13400] R13: 0000000000000000 R14: 00007f96459b5fa0 R15: 00007ffdd33fd308
[  713.871840][T13400]  </TASK>
[  713.871849][T13400] ERROR: Out of memory at tomoyo_realpath_from_path.
[  714.141075][T13408] FAULT_INJECTION: forcing a failure.
[  714.141075][T13408] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  714.182007][T13408] CPU: 0 UID: 0 PID: 13408 Comm: syz.2.1952 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  714.182040][T13408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  714.182053][T13408] Call Trace:
[  714.182062][T13408]  <TASK>
[  714.182071][T13408]  dump_stack_lvl+0x189/0x250
[  714.182100][T13408]  ? __pfx____ratelimit+0x10/0x10
[  714.182132][T13408]  ? __pfx_dump_stack_lvl+0x10/0x10
[  714.182163][T13408]  ? __pfx__printk+0x10/0x10
[  714.182190][T13408]  ? __might_fault+0xb0/0x130
[  714.182233][T13408]  should_fail_ex+0x414/0x560
[  714.182268][T13408]  copy_fpstate_to_sigframe+0xa8d/0xce0
[  714.182306][T13408]  ? copy_fpstate_to_sigframe+0x181/0xce0
[  714.182343][T13408]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  714.182391][T13408]  ? __lock_acquire+0xab9/0xd20
[  714.182429][T13408]  ? fpu__alloc_mathframe+0xad/0x130
[  714.182462][T13408]  get_sigframe+0x58d/0x7d0
[  714.182500][T13408]  ? __pfx_get_sigframe+0x10/0x10
[  714.182550][T13408]  x64_setup_rt_frame+0x15c/0xd40
[  714.182587][T13408]  ? lockdep_hardirqs_on+0x9c/0x150
[  714.182621][T13408]  ? _raw_spin_unlock_irq+0x2e/0x50
[  714.182648][T13408]  ? get_signal+0x1122/0x1310
[  714.182679][T13408]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  714.182728][T13408]  arch_do_signal_or_restart+0x3dc/0x750
[  714.182767][T13408]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  714.182816][T13408]  ? exit_to_user_mode_loop+0x40/0x110
[  714.182840][T13408]  exit_to_user_mode_loop+0x75/0x110
[  714.182862][T13408]  do_syscall_64+0x2bd/0x3b0
[  714.182880][T13408]  ? lockdep_hardirqs_on+0x9c/0x150
[  714.182911][T13408]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  714.182939][T13408]  ? clear_bhb_loop+0x60/0xb0
[  714.182965][T13408]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  714.182985][T13408] RIP: 0033:0x7f92c7b8e927
[  714.183004][T13408] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[  714.183028][T13408] RSP: 002b:00007f92c8931038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  714.183051][T13408] RAX: 0000000000000000 RBX: 00007f92c7db5fa0 RCX: 00007f92c7b8e929
[  714.183065][T13408] RDX: 0000000000000023 RSI: 0000200000000000 RDI: 0000000000000004
[  714.183079][T13408] RBP: 00007f92c8931090 R08: 0000000000000000 R09: 0000000000000000
[  714.183091][T13408] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  714.183104][T13408] R13: 0000000000000000 R14: 00007f92c7db5fa0 R15: 00007fff90ca14c8
[  714.183137][T13408]  </TASK>
[  714.431605][    C0] vkms_vblank_simulate: vblank timer overrun
[  714.452527][    T9] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  714.589020][    T9] usb 4-1: device descriptor read/64, error -71
[  715.027863][T13421] FAULT_INJECTION: forcing a failure.
[  715.027863][T13421] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  715.041104][T13421] CPU: 1 UID: 0 PID: 13421 Comm: syz.2.1955 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  715.041134][T13421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  715.041147][T13421] Call Trace:
[  715.041156][T13421]  <TASK>
[  715.041165][T13421]  dump_stack_lvl+0x189/0x250
[  715.041194][T13421]  ? __pfx____ratelimit+0x10/0x10
[  715.041226][T13421]  ? __pfx_dump_stack_lvl+0x10/0x10
[  715.041250][T13421]  ? __pfx__printk+0x10/0x10
[  715.041278][T13421]  ? __might_fault+0xb0/0x130
[  715.041320][T13421]  should_fail_ex+0x414/0x560
[  715.041379][T13421]  _copy_from_user+0x2d/0xb0
[  715.041405][T13421]  ___sys_sendmsg+0x158/0x2a0
[  715.041437][T13421]  ? __pfx____sys_sendmsg+0x10/0x10
[  715.041503][T13421]  ? __fget_files+0x2a/0x420
[  715.041522][T13421]  ? __fget_files+0x3a0/0x420
[  715.041553][T13421]  __x64_sys_sendmsg+0x19b/0x260
[  715.041582][T13421]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  715.041630][T13421]  ? do_syscall_64+0xbe/0x3b0
[  715.041660][T13421]  do_syscall_64+0xfa/0x3b0
[  715.041682][T13421]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  715.041701][T13421]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  715.041721][T13421]  ? clear_bhb_loop+0x60/0xb0
[  715.041746][T13421]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  715.041765][T13421] RIP: 0033:0x7f92c7b8e929
[  715.041784][T13421] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  715.041802][T13421] RSP: 002b:00007f92c59f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  715.041825][T13421] RAX: ffffffffffffffda RBX: 00007f92c7db6160 RCX: 00007f92c7b8e929
[  715.041841][T13421] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000005
[  715.041853][T13421] RBP: 00007f92c59f6090 R08: 0000000000000000 R09: 0000000000000000
[  715.041866][T13421] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  715.041878][T13421] R13: 0000000000000000 R14: 00007f92c7db6160 R15: 00007fff90ca14c8
[  715.041911][T13421]  </TASK>
[  715.458411][    T9] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  715.597530][    T9] usb 4-1: device descriptor read/64, error -71
[  715.864178][    T9] usb usb4-port1: attempt power cycle
[  716.870026][    T9] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  716.933972][    T9] usb 4-1: device descriptor read/8, error -71
[  717.145114][T13431] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1957'.
[  717.420117][ T5845] Bluetooth: hci3: unexpected event for opcode 0x0c25
[  719.436612][T13452] netlink: 72 bytes leftover after parsing attributes in process `syz.5.1959'.
[  719.488090][T13448] block nbd3: NBD_DISCONNECT
[  719.490379][T13452] syz.5.1959: attempt to access beyond end of device
[  719.490379][T13452] nbd5: rw=0, sector=64, nr_sectors = 8 limit=0
[  719.523135][T13452] syz.5.1959: attempt to access beyond end of device
[  719.523135][T13452] nbd5: rw=0, sector=120, nr_sectors = 8 limit=0
[  719.548161][T13452] Mount JFS Failure: -5
[  719.810169][T13453] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[  719.866588][T13448] ieee802154 phy1 wpan1: encryption failed: -22
[  720.035508][T13462] FAULT_INJECTION: forcing a failure.
[  720.035508][T13462] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  720.048782][T13462] CPU: 1 UID: 0 PID: 13462 Comm: syz.1.1965 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  720.048809][T13462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  720.048822][T13462] Call Trace:
[  720.048830][T13462]  <TASK>
[  720.048837][T13462]  dump_stack_lvl+0x189/0x250
[  720.048863][T13462]  ? __pfx____ratelimit+0x10/0x10
[  720.048891][T13462]  ? __pfx_dump_stack_lvl+0x10/0x10
[  720.048909][T13462]  ? __pfx__printk+0x10/0x10
[  720.048932][T13462]  ? __might_fault+0xb0/0x130
[  720.048965][T13462]  should_fail_ex+0x414/0x560
[  720.049002][T13462]  _copy_from_user+0x2d/0xb0
[  720.049024][T13462]  ___sys_sendmsg+0x158/0x2a0
[  720.049051][T13462]  ? __pfx____sys_sendmsg+0x10/0x10
[  720.049118][T13462]  ? __fget_files+0x2a/0x420
[  720.049140][T13462]  ? __fget_files+0x3a0/0x420
[  720.049175][T13462]  __x64_sys_sendmsg+0x19b/0x260
[  720.049207][T13462]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  720.049248][T13462]  ? __pfx_ksys_write+0x10/0x10
[  720.049277][T13462]  ? rcu_is_watching+0x15/0xb0
[  720.049309][T13462]  ? do_syscall_64+0xbe/0x3b0
[  720.049337][T13462]  do_syscall_64+0xfa/0x3b0
[  720.049359][T13462]  ? lockdep_hardirqs_on+0x9c/0x150
[  720.049391][T13462]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  720.049416][T13462]  ? clear_bhb_loop+0x60/0xb0
[  720.049444][T13462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  720.049467][T13462] RIP: 0033:0x7fd40318e929
[  720.049487][T13462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  720.049507][T13462] RSP: 002b:00007fd403f28038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  720.049534][T13462] RAX: ffffffffffffffda RBX: 00007fd4033b5fa0 RCX: 00007fd40318e929
[  720.049551][T13462] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000004
[  720.049565][T13462] RBP: 00007fd403f28090 R08: 0000000000000000 R09: 0000000000000000
[  720.049581][T13462] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  720.049595][T13462] R13: 0000000000000000 R14: 00007fd4033b5fa0 R15: 00007ffdfef3d3c8
[  720.049632][T13462]  </TASK>
[  720.235269][T13466] FAULT_INJECTION: forcing a failure.
[  720.235269][T13466] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  720.235304][T13466] CPU: 0 UID: 0 PID: 13466 Comm: syz.1.1967 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  720.235330][T13466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  720.235343][T13466] Call Trace:
[  720.235350][T13466]  <TASK>
[  720.235359][T13466]  dump_stack_lvl+0x189/0x250
[  720.235387][T13466]  ? __pfx____ratelimit+0x10/0x10
[  720.235418][T13466]  ? __pfx_dump_stack_lvl+0x10/0x10
[  720.235441][T13466]  ? __pfx__printk+0x10/0x10
[  720.235467][T13466]  ? __might_fault+0xb0/0x130
[  720.235508][T13466]  should_fail_ex+0x414/0x560
[  720.235543][T13466]  _copy_from_user+0x2d/0xb0
[  720.235567][T13466]  ___sys_sendmsg+0x158/0x2a0
[  720.235596][T13466]  ? __pfx____sys_sendmsg+0x10/0x10
[  720.235660][T13466]  ? __fget_files+0x2a/0x420
[  720.235678][T13466]  ? __fget_files+0x3a0/0x420
[  720.235708][T13466]  __x64_sys_sendmsg+0x19b/0x260
[  720.235738][T13466]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  720.235773][T13466]  ? __pfx_ksys_write+0x10/0x10
[  720.235798][T13466]  ? rcu_is_watching+0x15/0xb0
[  720.235826][T13466]  ? do_syscall_64+0xbe/0x3b0
[  720.235850][T13466]  do_syscall_64+0xfa/0x3b0
[  720.235867][T13466]  ? lockdep_hardirqs_on+0x9c/0x150
[  720.235897][T13466]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  720.235917][T13466]  ? clear_bhb_loop+0x60/0xb0
[  720.235941][T13466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  720.235960][T13466] RIP: 0033:0x7fd40318e929
[  720.235989][T13466] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  720.236006][T13466] RSP: 002b:00007fd403f28038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  720.236027][T13466] RAX: ffffffffffffffda RBX: 00007fd4033b5fa0 RCX: 00007fd40318e929
[  720.236042][T13466] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000003
[  720.236055][T13466] RBP: 00007fd403f28090 R08: 0000000000000000 R09: 0000000000000000
[  720.236066][T13466] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  720.236078][T13466] R13: 0000000000000000 R14: 00007fd4033b5fa0 R15: 00007ffdfef3d3c8
[  720.236109][T13466]  </TASK>
[  720.294405][T13469] misc userio: No port type given on /dev/userio
[  721.701508][T13477] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma?
[  721.705418][T13477] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1969'.
[  723.784415][T13480] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma?
[  723.791022][T13480] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1970'.
[  725.069956][T13465] ttyprintk ttyprintk: ldisc open failed (-12), clearing slot 0
[  725.185661][ T5845] Bluetooth: hci1: unexpected event for opcode 0x0c25
[  725.389473][T13492] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  726.156864][T13494] 9pnet_fd: Insufficient options for proto=fd
[  726.192157][ T5922] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[  726.878862][ T5922] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  726.945386][ T5922] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  726.987086][ T5922] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  727.051744][ T5922] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  727.088691][ T5922] usb 3-1: config 0 descriptor??
[  727.157981][T13514] FAULT_INJECTION: forcing a failure.
[  727.157981][T13514] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  727.171285][T13514] CPU: 0 UID: 0 PID: 13514 Comm: syz.0.1978 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  727.171313][T13514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  727.171327][T13514] Call Trace:
[  727.171335][T13514]  <TASK>
[  727.171342][T13514]  dump_stack_lvl+0x189/0x250
[  727.171363][T13514]  ? __pfx____ratelimit+0x10/0x10
[  727.171400][T13514]  ? __pfx_dump_stack_lvl+0x10/0x10
[  727.171424][T13514]  ? __pfx__printk+0x10/0x10
[  727.171450][T13514]  ? __might_fault+0xb0/0x130
[  727.171490][T13514]  should_fail_ex+0x414/0x560
[  727.171515][T13514]  _copy_from_user+0x2d/0xb0
[  727.171534][T13514]  do_sock_getsockopt+0x1cd/0x650
[  727.171566][T13514]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  727.171591][T13514]  ? do_syscall_64+0x20/0x3b0
[  727.171609][T13514]  ? __fget_files+0x3a0/0x420
[  727.171626][T13514]  ? __fget_files+0x2a/0x420
[  727.171652][T13514]  __x64_sys_getsockopt+0x1a5/0x250
[  727.171670][T13514]  ? do_syscall_64+0x20/0x3b0
[  727.171686][T13514]  ? do_syscall_64+0x20/0x3b0
[  727.171722][T13514]  do_syscall_64+0xfa/0x3b0
[  727.171741][T13514]  ? lockdep_hardirqs_on+0x9c/0x150
[  727.171769][T13514]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  727.171788][T13514]  ? clear_bhb_loop+0x60/0xb0
[  727.171810][T13514]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  727.171824][T13514] RIP: 0033:0x7f169298e929
[  727.171838][T13514] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  727.171850][T13514] RSP: 002b:00007f169373c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  727.171871][T13514] RAX: ffffffffffffffda RBX: 00007f1692bb5fa0 RCX: 00007f169298e929
[  727.171887][T13514] RDX: 0000000000000053 RSI: 0000000000000000 RDI: 0000000000000003
[  727.171899][T13514] RBP: 00007f169373c090 R08: 0000200000000080 R09: 0000000000000000
[  727.171911][T13514] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  727.171922][T13514] R13: 0000000000000000 R14: 00007f1692bb5fa0 R15: 00007fffcd782e58
[  727.171954][T13514]  </TASK>
[  727.661739][T13483] sctp: [Deprecated]: syz.2.1971 (pid 13483) Use of int in maxseg socket option.
[  727.661739][T13483] Use struct sctp_assoc_value instead
[  728.533907][ T5922] cp2112 0003:10C4:EA90.0008: unknown main item tag 0x0
[  728.587375][ T5922] cp2112 0003:10C4:EA90.0008: item fetching failed at offset 2/7
[  728.892905][T13528] FAULT_INJECTION: forcing a failure.
[  728.892905][T13528] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  728.906240][T13528] CPU: 1 UID: 0 PID: 13528 Comm: syz.3.1983 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  728.906269][T13528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  728.906282][T13528] Call Trace:
[  728.906291][T13528]  <TASK>
[  728.906299][T13528]  dump_stack_lvl+0x189/0x250
[  728.906328][T13528]  ? __pfx____ratelimit+0x10/0x10
[  728.906360][T13528]  ? __pfx_dump_stack_lvl+0x10/0x10
[  728.906384][T13528]  ? __pfx__printk+0x10/0x10
[  728.906411][T13528]  ? __might_fault+0xb0/0x130
[  728.906453][T13528]  should_fail_ex+0x414/0x560
[  728.906492][T13528]  _copy_from_user+0x2d/0xb0
[  728.906518][T13528]  ___sys_sendmsg+0x158/0x2a0
[  728.906548][T13528]  ? __pfx____sys_sendmsg+0x10/0x10
[  728.906622][T13528]  ? __fget_files+0x2a/0x420
[  728.906640][T13528]  ? __fget_files+0x3a0/0x420
[  728.906671][T13528]  __x64_sys_sendmsg+0x19b/0x260
[  728.906701][T13528]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  728.906749][T13528]  ? do_syscall_64+0xbe/0x3b0
[  728.906773][T13528]  do_syscall_64+0xfa/0x3b0
[  728.906794][T13528]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  728.906819][T13528]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  728.906839][T13528]  ? clear_bhb_loop+0x60/0xb0
[  728.906865][T13528]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  728.906885][T13528] RIP: 0033:0x7f58ad38e929
[  728.906903][T13528] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  728.906921][T13528] RSP: 002b:00007f58ab1b4038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  728.906942][T13528] RAX: ffffffffffffffda RBX: 00007f58ad5b6160 RCX: 00007f58ad38e929
[  728.906959][T13528] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000009
[  728.906973][T13528] RBP: 00007f58ab1b4090 R08: 0000000000000000 R09: 0000000000000000
[  728.906986][T13528] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  728.906999][T13528] R13: 0000000000000000 R14: 00007f58ad5b6160 R15: 00007ffdbb599d78
[  728.907033][T13528]  </TASK>
[  729.634761][T13532] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma?
[  729.650593][T13532] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1982'.
[  730.258186][ T5922] cp2112 0003:10C4:EA90.0008: parse failed
[  731.046868][ T5922] cp2112 0003:10C4:EA90.0008: probe with driver cp2112 failed with error -22
[  731.049978][T13533] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  731.082569][T13533] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  731.551524][ T5922] usb 3-1: USB disconnect, device number 59
[  731.864466][ T5845] Bluetooth: hci3: unexpected event for opcode 0x0c25
[  732.420049][T13552] pim6reg: entered allmulticast mode
[  734.199039][T13566] netlink: 2384 bytes leftover after parsing attributes in process `syz.3.1991'.
[  735.251662][T13576] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=7 (14 ns) > initial count (10 ns). Using initial count to start timer.
[  735.687657][T10460] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  735.867610][   T44] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  735.877455][T10460] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  735.890727][T10460] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  735.902405][T10460] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  735.912454][T10460] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  735.931016][T10460] usb 2-1: config 0 descriptor??
[  736.040550][   T44] usb 4-1: New USB device found, idVendor=249c, idProduct=9002, bcdDevice=5e.ad
[  736.051225][   T44] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  736.071821][   T44] usb 4-1: config 0 descriptor??
[  736.207506][T13584] sctp: [Deprecated]: syz.1.1996 (pid 13584) Use of int in maxseg socket option.
[  736.207506][T13584] Use struct sctp_assoc_value instead
[  736.299007][   T44] snd-usb-hiface 4-1:0.0: probe with driver snd-usb-hiface failed with error -22
[  736.308900][ T5845] Bluetooth: hci4: unexpected event for opcode 0x0c25
[  736.445833][T10460] cp2112 0003:10C4:EA90.0009: unknown main item tag 0x0
[  736.459564][T10460] cp2112 0003:10C4:EA90.0009: item fetching failed at offset 2/7
[  736.468734][T10460] cp2112 0003:10C4:EA90.0009: parse failed
[  736.474967][T10460] cp2112 0003:10C4:EA90.0009: probe with driver cp2112 failed with error -22
[  736.491905][   T44] usb 4-1: USB disconnect, device number 58
[  737.822963][T13617] fuse: root generation should be zero
[  738.006133][T13618] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma?
[  738.021895][T13618] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2002'.
[  738.646945][T13620] FAULT_INJECTION: forcing a failure.
[  738.646945][T13620] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  738.670090][T13620] CPU: 1 UID: 0 PID: 13620 Comm: syz.0.2006 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  738.670122][T13620] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  738.670135][T13620] Call Trace:
[  738.670145][T13620]  <TASK>
[  738.670154][T13620]  dump_stack_lvl+0x189/0x250
[  738.670184][T13620]  ? __pfx____ratelimit+0x10/0x10
[  738.670217][T13620]  ? __pfx_dump_stack_lvl+0x10/0x10
[  738.670242][T13620]  ? __pfx__printk+0x10/0x10
[  738.670270][T13620]  ? __might_fault+0xb0/0x130
[  738.670313][T13620]  should_fail_ex+0x414/0x560
[  738.670351][T13620]  _copy_from_user+0x2d/0xb0
[  738.670377][T13620]  ___sys_sendmsg+0x158/0x2a0
[  738.670409][T13620]  ? __pfx____sys_sendmsg+0x10/0x10
[  738.670485][T13620]  ? __fget_files+0x2a/0x420
[  738.670505][T13620]  ? __fget_files+0x3a0/0x420
[  738.670537][T13620]  __x64_sys_sendmsg+0x19b/0x260
[  738.670580][T13620]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  738.670618][T13620]  ? rcu_is_watching+0x15/0xb0
[  738.670648][T13620]  ? do_syscall_64+0xbe/0x3b0
[  738.670672][T13620]  do_syscall_64+0xfa/0x3b0
[  738.670690][T13620]  ? lockdep_hardirqs_on+0x9c/0x150
[  738.670721][T13620]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.670741][T13620]  ? clear_bhb_loop+0x60/0xb0
[  738.670766][T13620]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.670786][T13620] RIP: 0033:0x7f169298e929
[  738.670804][T13620] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  738.670822][T13620] RSP: 002b:00007f169373c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  738.670844][T13620] RAX: ffffffffffffffda RBX: 00007f1692bb5fa0 RCX: 00007f169298e929
[  738.670860][T13620] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000004
[  738.670873][T13620] RBP: 00007f169373c090 R08: 0000000000000000 R09: 0000000000000000
[  738.670886][T13620] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  738.670898][T13620] R13: 0000000000000000 R14: 00007f1692bb5fa0 R15: 00007fffcd782e58
[  738.670931][T13620]  </TASK>
[  738.880235][    C1] vkms_vblank_simulate: vblank timer overrun
[  739.738884][   T44] usb 2-1: USB disconnect, device number 34
[  742.069974][T13635] program syz.1.2008 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  742.427997][T13624] kthread_run failed with err -4
[  742.515476][T13636] vxcan3: entered allmulticast mode
[  742.857079][T13650] FAULT_INJECTION: forcing a failure.
[  742.857079][T13650] name failslab, interval 1, probability 0, space 0, times 0
[  742.874245][T13650] CPU: 0 UID: 0 PID: 13650 Comm: syz.2.2015 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  742.874272][T13650] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  742.874286][T13650] Call Trace:
[  742.874294][T13650]  <TASK>
[  742.874303][T13650]  dump_stack_lvl+0x189/0x250
[  742.874331][T13650]  ? __pfx____ratelimit+0x10/0x10
[  742.874360][T13650]  ? __pfx_dump_stack_lvl+0x10/0x10
[  742.874382][T13650]  ? __pfx__printk+0x10/0x10
[  742.874414][T13650]  ? __pfx___might_resched+0x10/0x10
[  742.874434][T13650]  ? fs_reclaim_acquire+0x7d/0x100
[  742.874459][T13650]  should_fail_ex+0x414/0x560
[  742.874492][T13650]  should_failslab+0xa8/0x100
[  742.874523][T13650]  __kmalloc_noprof+0xcb/0x4f0
[  742.874548][T13650]  ? kfree+0x4d/0x440
[  742.874570][T13650]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  742.874596][T13650]  tomoyo_realpath_from_path+0xe3/0x5d0
[  742.874618][T13650]  ? tomoyo_domain+0xda/0x130
[  742.874644][T13650]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  742.874672][T13650]  tomoyo_path_number_perm+0x1e8/0x5a0
[  742.874702][T13650]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  742.874747][T13650]  ? __lock_acquire+0xab9/0xd20
[  742.874786][T13650]  ? __fget_files+0x2a/0x420
[  742.874807][T13650]  ? __fget_files+0x2a/0x420
[  742.874822][T13650]  ? __fget_files+0x3a0/0x420
[  742.874838][T13650]  ? __fget_files+0x2a/0x420
[  742.874860][T13650]  security_file_ioctl+0xcb/0x2d0
[  742.874891][T13650]  __se_sys_ioctl+0x47/0x170
[  742.874936][T13650]  do_syscall_64+0xfa/0x3b0
[  742.874954][T13650]  ? lockdep_hardirqs_on+0x9c/0x150
[  742.874984][T13650]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  742.875005][T13650]  ? clear_bhb_loop+0x60/0xb0
[  742.875031][T13650]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  742.875049][T13650] RIP: 0033:0x7f92c7b8e929
[  742.875067][T13650] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  742.875093][T13650] RSP: 002b:00007f92c8931038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  742.875115][T13650] RAX: ffffffffffffffda RBX: 00007f92c7db5fa0 RCX: 00007f92c7b8e929
[  742.875130][T13650] RDX: 0000200000000540 RSI: 0000000040605346 RDI: 0000000000000005
[  742.875144][T13650] RBP: 00007f92c8931090 R08: 0000000000000000 R09: 0000000000000000
[  742.875155][T13650] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  742.875168][T13650] R13: 0000000000000000 R14: 00007f92c7db5fa0 R15: 00007fff90ca14c8
[  742.875200][T13650]  </TASK>
[  742.875358][T13650] ERROR: Out of memory at tomoyo_realpath_from_path.
[  743.114468][   T44] usb 1-1: new full-speed USB device number 48 using dummy_hcd
[  743.370817][   T30] audit: type=1800 audit(1752400598.022:95): pid=13657 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.5.2017" name="/" dev="9p" ino=4611686018427387906 res=0 errno=0
[  743.428962][   T44] usb 1-1: config 0 has an invalid interface number: 31 but max is 0
[  743.437417][   T44] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  743.448935][   T44] usb 1-1: config 0 has no interface number 0
[  743.470176][   T44] usb 1-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  743.488012][   T44] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  743.502295][   T44] usb 1-1: Product: syz
[  743.506665][   T44] usb 1-1: Manufacturer: syz
[  743.512490][   T44] usb 1-1: SerialNumber: syz
[  743.530276][   T44] usb 1-1: config 0 descriptor??
[  743.538397][   T44] hub 1-1:0.31: bad descriptor, ignoring hub
[  743.544442][   T44] hub 1-1:0.31: probe with driver hub failed with error -5
[  743.551832][ T5922] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[  743.562050][   T44] usb 1-1: Found UVC 0.04 device syz (046d:08c3)
[  743.569975][   T44] uvcvideo 1-1:0.31: Entity type for entity Output 6 was not initialized!
[  743.579239][   T44] usb 1-1: Failed to create links for entity 6
[  743.585707][   T44] usb 1-1: Failed to register entities (-22).
[  743.592947][T13662] binder: 13660:13662 ioctl c0306201 200000000640 returned -22
[  743.597605][    T9] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  743.687624][ T5922] usb 3-1: device descriptor read/64, error -71
[  743.770687][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  743.790263][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  743.800828][    T9] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  743.810517][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  743.849495][T10460] usb 1-1: USB disconnect, device number 48
[  743.937831][ T5922] usb 3-1: new high-speed USB device number 61 using dummy_hcd
[  743.941028][    T9] usb 4-1: config 0 descriptor??
[  744.157936][ T5922] usb 3-1: device descriptor read/64, error -71
[  744.398047][ T5922] usb usb3-port1: attempt power cycle
[  744.454305][T13661] binder: 13660:13661 ioctl c0306201 200000000040 returned -14
[  744.476249][T13659] sctp: [Deprecated]: syz.3.2018 (pid 13659) Use of int in maxseg socket option.
[  744.476249][T13659] Use struct sctp_assoc_value instead
[  744.958781][ T5922] usb 3-1: new high-speed USB device number 62 using dummy_hcd
[  745.198052][T13679] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma?
[  745.212848][T13679] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2022'.
[  746.582809][    T9] cp2112 0003:10C4:EA90.000A: unknown main item tag 0x0
[  746.586367][ T5922] usb 3-1: device descriptor read/8, error -71
[  746.648477][    T9] cp2112 0003:10C4:EA90.000A: item fetching failed at offset 2/7
[  746.699082][    T9] cp2112 0003:10C4:EA90.000A: parse failed
[  746.747535][    T9] cp2112 0003:10C4:EA90.000A: probe with driver cp2112 failed with error -22
[  746.793777][    T9] usb 4-1: USB disconnect, device number 59
[  747.313500][ T1303] ieee802154 phy1 wpan1: encryption failed: -22
[  748.159342][T13693] kvm: pic: non byte write
[  748.919195][T13696] kvm: pic: non byte write
[  751.832981][T13729] 9pnet: Could not find request transport: fY
[  752.116569][T13739] 8021q: adding VLAN 0 to HW filter on device bond2
[  752.354397][T13739] bond0: (slave bond2): Enslaving as an active interface with a down link
[  752.376211][T12793] ------------[ cut here ]------------
[  752.382177][T12793] RTNL: assertion failed at ./include/net/netdev_lock.h (72)
[  752.405896][T12793] WARNING: CPU: 1 PID: 12793 at ./include/net/netdev_lock.h:72 __linkwatch_sync_dev+0x303/0x350
[  752.416572][T12793] Modules linked in:
[  752.420823][T12793] CPU: 1 UID: 0 PID: 12793 Comm: kworker/u8:14 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  752.434452][T12793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  752.444902][T12793] Workqueue: bond0 bond_mii_monitor
[  752.450220][T12793] RIP: 0010:__linkwatch_sync_dev+0x303/0x350
[  752.456294][T12793] Code: 7c fe ff ff e8 9e d7 67 f8 c6 05 d3 6e 32 06 01 90 48 c7 c7 00 ab 92 8c 48 c7 c6 98 cb 9c 8d ba 48 00 00 00 e8 8e ba 2b f8 90 <0f> 0b 90 90 e9 4d fe ff ff 44 89 f1 80 e1 07 38 c1 0f 8c 22 fd ff
[  752.476551][T12793] RSP: 0018:ffffc90003cff670 EFLAGS: 00010246
[  752.483359][T12793] RAX: 76d9772efc305800 RBX: ffff888032bd4000 RCX: ffff88802547bc00
[  752.491449][T12793] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[  752.499502][T12793] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
[  752.507516][T12793] R10: dffffc0000000000 R11: fffffbfff1bfaa64 R12: 1ffff1100657a85d
[  752.515494][T12793] R13: dffffc0000000000 R14: ffffffff8c191c28 R15: 0000000000000000
[  752.523515][T12793] FS:  0000000000000000(0000) GS:ffff888125d4f000(0000) knlGS:0000000000000000
[  752.532791][T12793] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  752.539563][T12793] CR2: 00002000000bd038 CR3: 0000000031662000 CR4: 00000000003526f0
[  752.547618][T12793] Call Trace:
[  752.550908][T12793]  <TASK>
[  752.553842][T12793]  ? ethtool_op_get_link+0xd/0x70
[  752.558952][T12793]  ethtool_op_get_link+0x15/0x70
[  752.563905][T12793]  bond_check_dev_link+0x444/0x6c0
[  752.569084][T12793]  ? __pfx_bond_check_dev_link+0x10/0x10
[  752.575192][T12793]  ? netdev_lower_get_next_private_rcu+0x9f/0x100
[  752.581945][T12793]  bond_mii_monitor+0x428/0x2e00
[  752.586895][T12793]  ? __lock_acquire+0xab9/0xd20
[  752.591877][T12793]  ? bond_mii_monitor+0x153/0x2e00
[  752.597104][T12793]  ? __pfx_bond_mii_monitor+0x10/0x10
[  752.602516][T12793]  ? register_lock_class+0x51/0x320
[  752.607789][T12793]  ? __lock_acquire+0xab9/0xd20
[  752.612661][T12793]  ? process_scheduled_works+0x9ef/0x17b0
[  752.618451][T12793]  ? _raw_spin_unlock_irq+0x23/0x50
[  752.623721][T12793]  ? process_scheduled_works+0x9ef/0x17b0
[  752.629542][T12793]  ? process_scheduled_works+0x9ef/0x17b0
[  752.635316][T12793]  process_scheduled_works+0xade/0x17b0
[  752.640926][T12793]  ? __pfx_process_scheduled_works+0x10/0x10
[  752.646952][T12793]  worker_thread+0x8a0/0xda0
[  752.651637][T12793]  kthread+0x711/0x8a0
[  752.655727][T12793]  ? __pfx_worker_thread+0x10/0x10
[  752.660866][T12793]  ? __pfx_kthread+0x10/0x10
[  752.665472][T12793]  ? _raw_spin_unlock_irq+0x23/0x50
[  752.670756][T12793]  ? lockdep_hardirqs_on+0x9c/0x150
[  752.675993][T12793]  ? __pfx_kthread+0x10/0x10
[  752.681023][T12793]  ret_from_fork+0x3fc/0x770
[  752.685645][T12793]  ? __pfx_ret_from_fork+0x10/0x10
[  752.691134][T12793]  ? __switch_to_asm+0x39/0x70
[  752.696088][T12793]  ? __switch_to_asm+0x33/0x70
[  752.700898][T12793]  ? __pfx_kthread+0x10/0x10
[  752.705505][T12793]  ret_from_fork_asm+0x1a/0x30
[  752.710429][T12793]  </TASK>
[  752.713505][T12793] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  752.720826][T12793] CPU: 1 UID: 0 PID: 12793 Comm: kworker/u8:14 Not tainted 6.16.0-rc5-syzkaller-00266-g3f31a806a62e #0 PREEMPT(full) 
[  752.733160][T12793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  752.743232][T12793] Workqueue: bond0 bond_mii_monitor
[  752.748544][T12793] Call Trace:
[  752.751854][T12793]  <TASK>
[  752.754797][T12793]  dump_stack_lvl+0x99/0x250
[  752.759404][T12793]  ? __asan_memcpy+0x40/0x70
[  752.764007][T12793]  ? __pfx_dump_stack_lvl+0x10/0x10
[  752.769210][T12793]  ? __pfx__printk+0x10/0x10
[  752.773817][T12793]  panic+0x2db/0x790
[  752.777720][T12793]  ? __pfx_panic+0x10/0x10
[  752.782151][T12793]  ? ret_from_fork_asm+0x1a/0x30
[  752.787101][T12793]  __warn+0x31b/0x4b0
[  752.791101][T12793]  ? __linkwatch_sync_dev+0x303/0x350
[  752.796487][T12793]  ? __linkwatch_sync_dev+0x303/0x350
[  752.801885][T12793]  report_bug+0x2be/0x4f0
[  752.806238][T12793]  ? __linkwatch_sync_dev+0x303/0x350
[  752.811621][T12793]  ? __linkwatch_sync_dev+0x303/0x350
[  752.817003][T12793]  ? __linkwatch_sync_dev+0x305/0x350
[  752.822383][T12793]  handle_bug+0x84/0x160
[  752.826656][T12793]  exc_invalid_op+0x1a/0x50
[  752.831161][T12793]  asm_exc_invalid_op+0x1a/0x20
[  752.836011][T12793] RIP: 0010:__linkwatch_sync_dev+0x303/0x350
[  752.842002][T12793] Code: 7c fe ff ff e8 9e d7 67 f8 c6 05 d3 6e 32 06 01 90 48 c7 c7 00 ab 92 8c 48 c7 c6 98 cb 9c 8d ba 48 00 00 00 e8 8e ba 2b f8 90 <0f> 0b 90 90 e9 4d fe ff ff 44 89 f1 80 e1 07 38 c1 0f 8c 22 fd ff
[  752.861618][T12793] RSP: 0018:ffffc90003cff670 EFLAGS: 00010246
[  752.867703][T12793] RAX: 76d9772efc305800 RBX: ffff888032bd4000 RCX: ffff88802547bc00
[  752.875680][T12793] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[  752.883658][T12793] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
[  752.891630][T12793] R10: dffffc0000000000 R11: fffffbfff1bfaa64 R12: 1ffff1100657a85d
[  752.899604][T12793] R13: dffffc0000000000 R14: ffffffff8c191c28 R15: 0000000000000000
[  752.907603][T12793]  ? ethtool_op_get_link+0xd/0x70
[  752.912642][T12793]  ethtool_op_get_link+0x15/0x70
[  752.917589][T12793]  bond_check_dev_link+0x444/0x6c0
[  752.922715][T12793]  ? __pfx_bond_check_dev_link+0x10/0x10
[  752.928371][T12793]  ? netdev_lower_get_next_private_rcu+0x9f/0x100
[  752.934795][T12793]  bond_mii_monitor+0x428/0x2e00
[  752.939744][T12793]  ? __lock_acquire+0xab9/0xd20
[  752.944602][T12793]  ? bond_mii_monitor+0x153/0x2e00
[  752.949733][T12793]  ? __pfx_bond_mii_monitor+0x10/0x10
[  752.955115][T12793]  ? register_lock_class+0x51/0x320
[  752.960321][T12793]  ? __lock_acquire+0xab9/0xd20
[  752.965185][T12793]  ? process_scheduled_works+0x9ef/0x17b0
[  752.970915][T12793]  ? _raw_spin_unlock_irq+0x23/0x50
[  752.976118][T12793]  ? process_scheduled_works+0x9ef/0x17b0
[  752.981849][T12793]  ? process_scheduled_works+0x9ef/0x17b0
[  752.987576][T12793]  process_scheduled_works+0xade/0x17b0
[  752.993410][T12793]  ? __pfx_process_scheduled_works+0x10/0x10
[  752.999500][T12793]  worker_thread+0x8a0/0xda0
[  753.004117][T12793]  kthread+0x711/0x8a0
[  753.008199][T12793]  ? __pfx_worker_thread+0x10/0x10
[  753.013399][T12793]  ? __pfx_kthread+0x10/0x10
[  753.018000][T12793]  ? _raw_spin_unlock_irq+0x23/0x50
[  753.023207][T12793]  ? lockdep_hardirqs_on+0x9c/0x150
[  753.028415][T12793]  ? __pfx_kthread+0x10/0x10
[  753.033013][T12793]  ret_from_fork+0x3fc/0x770
[  753.037617][T12793]  ? __pfx_ret_from_fork+0x10/0x10
[  753.042755][T12793]  ? __switch_to_asm+0x39/0x70
[  753.047528][T12793]  ? __switch_to_asm+0x33/0x70
[  753.052299][T12793]  ? __pfx_kthread+0x10/0x10
[  753.056904][T12793]  ret_from_fork_asm+0x1a/0x30
[  753.061695][T12793]  </TASK>
[  753.065208][T12793] Kernel Offset: disabled
[  753.069547][T12793] Rebooting in 86400 seconds..