last executing test programs:

5m50.245970506s ago: executing program 4 (id=2984):
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x1, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect$cdc_ecm(0x5, 0x56, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000102505a1a4400000000101090244000101000000090400001202060000052406000005240000000d240f00e50000008700060000090581030002c0b9ff09058202080000fd00090503020002"], 0x0)
capset(0x0, 0x0)
ioctl$EVIOCRMFF(r0, 0x550c, 0x0)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[], 0x0)

5m47.713022514s ago: executing program 4 (id=2993):
r0 = socket$packet(0x11, 0x3, 0x300)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000001040)={0x0, 0x0})
bpf$MAP_CREATE(0x0, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000000)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$setperm(0x5, r1, 0x52b242d)
request_key(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz', 0x3}, 0x0, r1)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
r3 = io_uring_setup(0x3efa, &(0x7f0000000000)={0x0, 0x0, 0x1840, 0x2})
io_uring_register$IORING_REGISTER_RESTRICTIONS(r3, 0xb, &(0x7f0000000080), 0x66)
r4 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r5}, 0x10)
ioctl$sock_bt_hidp_HIDPCONNADD(r4, 0x400448c8, &(0x7f0000000100)={r2, r2, 0x0, 0x0, 0x0, 0xc2, 0xff, 0x15c2, 0x5886, 0x6, 0x0, 0x8, 'syz1\x00'})
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbb91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19}, 0x42)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000008c0)=r6, 0x4)
syz_genetlink_get_family_id$mptcp(&(0x7f00000001c0), 0xffffffffffffffff)

5m46.951072392s ago: executing program 3 (id=2995):
capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200002, 0x40200003, 0x0, 0x6, 0x7})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x88)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@metacopy_on}]})
r0 = open(&(0x7f0000000480)='./file0\x00', 0x0, 0x718bb647156ec3b7)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x200, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
link(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0)='./file0\x00')
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
renameat2(r1, &(0x7f0000000340)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2) (fail_nth: 6)

5m46.751869735s ago: executing program 3 (id=2996):
madvise(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x14)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r4, r4, 0x0, 0x800000009)
close(0xffffffffffffffff)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, &(0x7f0000000040)={0x0, [[0x9ef8, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x7fffffff], [0x10000, 0x0, 0x6, 0x0, 0x8001, 0x2, 0xfffffffc], [0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]], '\x00', [{0x0, 0x1}, {0xfffffffd}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x1, 0x1}, {0x80000001, 0x0, 0x0, 0x1, 0x1}, {0x7fff, 0xfffffffa}, {}, {0x8000000, 0x8f96}], '\x00', 0x1000})
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000340)='scalable\x00', 0x9)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x20000000000014, &(0x7f0000000140)={<r6=>0xffffffffffffffff}, 0x106, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r5, &(0x7f0000000040)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e24, 0x0, @remote, 0x12}, r6}}, 0x30)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4e24, 0x40003, @dev={0xfe, 0x80, '\x00', 0x25}}, {0x2, 0x4e23, 0xe0000000, @remote, 0xffffffff}, r6, 0x9dffffff}}, 0x48)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x19)
madvise(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0xd)

5m43.970457534s ago: executing program 4 (id=2997):
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000700)=[{0x0}], 0x1}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x17, 0x17, 0x8, 0x40, 0x42, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000440)={r0, &(0x7f0000000600)="f38cde", 0x0}, 0x20)
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x24, &(0x7f0000000040)={@rand_addr, @rand_addr, <r1=>0x0}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x7, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', r1, 0xffffffffffffffff, 0x0, 0xffffffff}, 0x50)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000040)={'ip6gre0\x00', &(0x7f00000000c0)={'ip6tnl0\x00', 0x0, 0x2b, 0xfb, 0x8, 0x3, 0x10, @ipv4={'\x00', '\xff\xff', @remote}, @remote, 0x40, 0x700, 0x4, 0xfffffffc}})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, &(0x7f0000000100)})
socket$inet(0x2, 0xa, 0x20)
r2 = socket$inet6(0xa, 0x3, 0x75)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@private1={0xfc, 0x1, '\x00', 0x1}, @in6=@dev={0xfe, 0x80, '\x00', 0x3a}, 0x0, 0x1, 0x4, 0x0, 0x2, 0x0, 0x0, 0x2b}, {0x0, 0x800000, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffff7}, {0x0, 0xfef2, 0xd, 0x40000000000}, 0x101, 0x1, 0x1, 0x0, 0x3, 0x1}, {{@in6=@empty, 0x4d4, 0x32}, 0x0, @in=@multicast1, 0xfffffffe, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x35ced141}}, 0xe8)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000180)={{{@in6=@remote, @in6=@mcast1, 0x4, 0x0, 0x0, 0x0, 0x2, 0x0, 0x20, 0x2f}, {0xfffffefffffffffd, 0xeca, 0x2d, 0x0, 0x0, 0x0, 0x400778e, 0xffff}, {0xfffffffffffffff7, 0x0, 0x9}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x4d6, 0x3c}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x2b}, 0x0, 0x4}}, 0xe8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x48081)
shutdown(0xffffffffffffffff, 0x1)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
r4 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'macvlan1\x00', <r5=>0x0})
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000480)=ANY=[@ANYBLOB="44000000100003052bbd70000000000000000000", @ANYRESDEC=r6, @ANYBLOB="1546040000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r5], 0x44}}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f0000000300)=ANY=[@ANYBLOB="280000001200010100000000e0ffffff07000000", @ANYRES32=0x0, @ANYBLOB="488400000040000008001d00c3000000fa0f57a54a30cdc31ed4efbccebe56193cce61caab83e21f804a175df90d07386fb3fafcea54e6aede045e0a94ace1a862639a5c6a79cdfe25853d999481e49f9373a864c7dca2d9189ee1f9dbaacbb9958ce8a3c1ec3b353d396a38b306e54c2c"], 0x28}, 0x1, 0x0, 0x0, 0x2000c840}, 0x80)
socket$nl_generic(0x10, 0x3, 0x10)

5m43.155211652s ago: executing program 4 (id=3000):
openat$mice(0xffffffffffffff9c, &(0x7f0000000100), 0x41)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='io\x00')
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x2000000, &(0x7f0000000340)='./file0\x00', &(0x7f00000000c0), 0x214004, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

5m42.982304903s ago: executing program 4 (id=3001):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2145c99, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x181242, 0x3f00)

5m42.312467484s ago: executing program 4 (id=3005):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000380)=0x783c5647, 0x4)
sendto$inet6(r0, &(0x7f0000000340)='G', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x9, 0x0, 0x0)
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f00000000c0)={'8255\x00', [0x4f27, 0x5, 0x8, 0x10, 0x1, 0xcc7, 0xfff, 0x5c952399, 0x5, 0x4, 0x802, 0x1600, 0x1, 0x1, 0x9, 0xe1cb, 0x6, 0x4, 0x3, 0x393, 0x80000086, 0x81, 0x0, 0xfffffff5, 0xffffeadb, 0x3, 0x3c, 0x8, 0x4, 0x8000000, 0xdffffefb, 0x3]})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x8000000}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r3, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$inet(r9, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r8, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))

5m41.452184914s ago: executing program 3 (id=3008):
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000440)={0xffffffffffffffff, 0x20, &(0x7f0000000380)={&(0x7f00000001c0)=""/11, 0xb, <r0=>0x0, &(0x7f0000000340)=""/58, 0x3a}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x3, 0xc, &(0x7f00000005c0)=ANY=[@ANYBLOB], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2d, '\x00', 0x0, @sched_cls=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x22f7}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000180100002020692500000000002060207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4)
bpf$BPF_MAP_FREEZE(0x16, &(0x7f00000000c0)=r2, 0x4)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r1}, 0xc)
syz_open_dev$sndctrl(&(0x7f0000000040), 0xf1, 0x40040)

5m41.22301487s ago: executing program 3 (id=3009):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001280)={0x11, 0x3, &(0x7f0000000940)=ANY=[@ANYBLOB="1800000008000000000000000000000095"], &(0x7f0000000440)='GPL\x00'}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='contention_end\x00', r1}, 0x10)
r3 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r3, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_group_source_req(r3, 0x29, 0x2f, &(0x7f0000000240)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x8}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f00000004c0)={0x1, {{0xa, 0x0, 0x0, @mcast1}}, 0x1}, 0x90)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000ac0)=@raw={'raw\x00', 0x3c1, 0x3, 0xb10, 0x0, 0xc8, 0x8, 0x8e0, 0x5803, 0xa40, 0x2e8, 0x2e8, 0xa40, 0x2e8, 0x3, 0x0, {[{{@ipv6={@remote, @mcast1, [], [0x0, 0x0, 0xff000000], 'vlan0\x00', 'geneve1\x00', {}, {0xff}}, 0x0, 0x8b0, 0x8e0, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@u32={{0x7e0}, {[{[{0xd, 0x3}, {0x10}, {0x6f0e7d3d, 0x1}, {0x1, 0x3}, {0x9}, {0xb, 0x1}, {0x7fffffff, 0x1}, {0x7, 0x3}, {0x1, 0x2}, {0x4, 0x51495059c89c080}, {0x8}], [{0x60, 0x5}, {0x9, 0x3}, {0x800, 0x9d78}, {0x6, 0x81}, {0x5, 0x7}, {0x0, 0x10001}, {0x2, 0x5}, {0xd, 0xfffffffd}, {0x6, 0x800}, {0x4, 0xf}, {0x80, 0xffff}], 0x2, 0x7}, {[{0x7ec5}, {0x6, 0x2}, {0xe0000, 0x2}, {0x7fffffff, 0x2}, {0xfffffffd, 0x1}, {0x8000, 0x2}, {0x200, 0x1}, {0x7, 0x2}, {0x7}, {0x4, 0x3}, {0x8, 0x3}], [{0x7, 0x9}, {0x5, 0x4}, {0x2, 0x7}, {0x7fbb, 0x1ff}, {0x2, 0x7}, {0x5, 0x100}, {0x2a, 0x101}, {0x8, 0x6}, {0x4, 0xfffffd46}, {0x91f, 0x3ff}, {0xc, 0x3}], 0xb, 0xa}, {[{0x7, 0x2}, {0x7}, {0x80000001, 0x1}, {0xafa, 0x1}, {0x3}, {0xfffffff8, 0x3}, {0x85, 0x2}, {0xa4b, 0x2}, {0x3, 0x2}, {0xfffff7f0, 0x1}, {0x100}], [{0xb866, 0x42}, {0x200, 0xffffffff}, {0x5, 0x3}, {0x5, 0x400}, {0xf062, 0x2}, {0x80e8, 0x100}, {0xe, 0x9}, {0x7, 0x1}, {0x2, 0x4}, {0x9, 0x80000000}, {0xe1a, 0x3}], 0x2, 0x8}, {[{0x5, 0x3}, {0xcfd, 0x1}, {0x7, 0x1}, {0x3, 0x1}, {0xfffff000}, {0x100, 0x3}, {0x9dc, 0x1}, {0x1, 0x2}, {0x8, 0x2}, {0x2, 0x3}, {0x2}], [{0x9, 0x5}, {0x0, 0x36}, {0x5, 0xf}, {0xfffffff9, 0x7}, {0x7, 0x200}, {0xf91, 0x2}, {0x3ff, 0x8}, {0x9, 0xe}, {0x8, 0x8000006}, {0xf, 0x442b}, {0x9, 0xe1f3}], 0x4, 0xb}, {[{0xe0, 0x2}, {0x1, 0x3}, {0x200, 0x1}, {0xb7b, 0x24ad23d8db3ef6a8}, {0x1, 0x2}, {0x1, 0x1}, {0x2a4a}, {0x101}, {0x3, 0x3}, {0x9, 0x1}, {0x9, 0x1}], [{0x8001, 0x10000}, {0x3, 0xb}, {0x2, 0x1}, {0x5, 0xc}, {0x4, 0xd23c}, {0x7, 0x1}, {0xeb9, 0xa3d0}, {0xa}, {0x0, 0x2}, {0x9, 0xb6}, {0x7, 0x80000001}], 0x5, 0x4b}, {[{0x8, 0x1}, {0x5, 0x3}, {0x100}, {0x5, 0x1}, {0x0, 0x2}, {0x4, 0x3}, {}, {0x1, 0x2}, {0x101, 0x2}, {0x4, 0x3}, {0x81, 0x1}], [{0xfffffffd, 0x6}, {0x9, 0x7}, {0x3e8a2173, 0x6}, {0x5, 0x800006}, {0x1, 0x8}, {0x8, 0x5}, {0x9, 0x2}, {0x50bf}, {0x6, 0x3}, {0x1, 0xfffffff7}, {0x2, 0x80000001}], 0x7, 0x1}, {[{0x4, 0x2}, {0x401, 0x3}, {0x5, 0x3}, {0x8, 0x2}, {0x934, 0x1}, {0xfffff9fe}, {0x531, 0x2}, {0x9, 0x1}, {0x3}, {0x75ae, 0x3}, {0x1}], [{0x10, 0x1a}, {0x5}, {0x20000, 0x8001}, {0xfffffff7, 0x8}, {0x80000001, 0x2}, {0xb30d, 0x2}, {0x0, 0x7fffffff}, {0x80, 0x5}, {0xa, 0x8}, {0xee, 0xa}, {0x24c3, 0x437}], 0xb, 0x1}, {[{0x2, 0x1}, {0x9, 0x1}, {}, {0x5, 0x2}, {0xc00}, {0x10001, 0x3}, {0x7f, 0x1}, {0x9, 0x3}, {0x30, 0x1}, {0x5, 0x3}, {0xd}], [{0x7, 0x80000000}, {0x400, 0x3}, {0x9, 0x4}, {0x1, 0x9}, {0x4}, {0x1ff, 0xff}, {0xfd, 0x6}, {0x5, 0x3}, {0x10001, 0x77}, {0x8, 0xb80}, {0x8, 0x1ff}], 0xa, 0x1}, {[{0x8}, {0xfffffbff}, {0x401}, {0xff, 0x2}, {0x80000e, 0x2}, {0x9, 0x2}, {0x5, 0x1}, {0x0, 0x1}, {0x1}, {0x509}, {0x9, 0x3}], [{0x8, 0x4}, {0x9, 0x7}, {0xfffffff7, 0x9}, {0xfff, 0x4}, {0xa2c, 0x4}, {0x6, 0x6b}, {0x5, 0x5}, {0x7, 0xd76}, {0x2, 0x8}, {0x2ea, 0x9}, {0x5, 0x5}], 0x6, 0x3}, {[{0x8001, 0x1}, {0x3, 0x1}, {0x5, 0x2}, {0x5}, {0x8}, {0xc}, {0x2, 0x2}, {0xffff0001, 0x2}, {0x6, 0x3}, {0xe91}, {0x80000001, 0x3}], [{0x1, 0x81}, {0x9, 0x7}, {0x3, 0x7}, {0x401, 0xec}, {0x10001}, {0x0, 0x2}, {0x70, 0x9}, {0xc6, 0x1000}, {0x7ff, 0x708}, {0x7, 0x5}, {0x2, 0x10000}], 0xb, 0x1}, {[{0x8}, {0x4, 0x1}, {0x7}, {0x6, 0x3}, {0x4}, {0xcc, 0x2}, {0x7ff, 0x2}, {0x4, 0x1}, {0xfffffffb, 0x3}, {0x1, 0x3}, {0x6, 0x3}], [{0x63e2df8a, 0x6}, {0x5, 0x2}, {0x2, 0x401}, {0xff, 0x8}, {0x889c, 0x5f}, {0x7d, 0xa14}, {0x0, 0x5}, {0x3, 0x372}, {0xb, 0x6}, {0x0, 0xcaf}, {0x5, 0x4}], 0x6, 0xa}], 0x8}}, @common=@inet=@dscp={{0x28}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x0, 0x0, 0x0, 0x2}}}, {{@uncond, 0x0, 0xf8, 0x160, 0x0, {}, [@inet=@rpfilter={{0x28}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0xb70)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x48, 0x83, 0x0, 0x80000001}, {0x6, 0x5, 0x0, 0xfffffc}]}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xe, 0x4, &(0x7f0000001200)=ANY=[@ANYBLOB="18000000000000000000000000000000711051000000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x5}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @tproxy={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_TPROXY_REG_ADDR={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xc4}}, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b100a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r5 = socket(0xa, 0x3, 0x3a)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f00000000c0)={'syz_tun\x00', &(0x7f0000000040)=@ethtool_link_settings={0x23, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x20, 0xfd, [0x0, 0x0, 0x8000000, 0xc, 0x0, 0x0, 0x0, 0x2]}})
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x10dc43, 0x0)
syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@random="dba1f19f77c5", @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x1, 0xb, 0x30, 0x66, 0x0, 0x5, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x26}, @remote}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x2, 0x1, 0xb, 0x68, 0x4953, 0x39, 0x29, 0xb, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}}}}}}}, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000400)=@o_path={&(0x7f00000003c0)='./file0/../file0\x00', 0x0, 0x4010, r2}, 0x18)

5m40.967324404s ago: executing program 3 (id=3010):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x48, 0x83, 0x0, 0x80000001}, {0x6, 0x5, 0x0, 0xfffffc}]}, 0x10)
syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@random="dba1f19f77c5", @remote, @void, {@ipv4={0x4000, @icmp={{0x5, 0x4, 0x1, 0xb, 0x30, 0x66, 0x0, 0x5, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0x26}, @remote}, @dest_unreach={0x3, 0x4, 0x0, 0x0, 0x0, 0x0, {0x5, 0x4, 0x2, 0x1, 0xb, 0x68, 0x4953, 0x39, 0x29, 0xb, @multicast1, @initdev={0xac, 0x1e, 0x1, 0x0}}}}}}}, 0x0)

5m40.611631557s ago: executing program 3 (id=3012):
pipe(&(0x7f00000001c0))
socket$can_bcm(0x1d, 0x2, 0x2)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f00000007c0)=ANY=[@ANYBLOB="2c0000000d0603"], 0x2c}, 0x1, 0x0, 0x0, 0x24004001}, 0x4000)
r2 = syz_open_dev$vim2m(&(0x7f0000000100), 0x80000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x3, 0x2, 0x1, 0x0, 0x2})
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000080)=0x2)
r3 = openat$vimc2(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0)
ppoll(&(0x7f0000000740)=[{r3, 0x224}, {r2, 0x6}], 0x2, 0x0, 0x0, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r4, 0x401c2103, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r5, 0x0, 0x12, &(0x7f0000000300)=0x1, 0x4)
sendto$inet(r5, &(0x7f0000000000)="f461c5bbd75c3583", 0x8, 0x4000000, &(0x7f0000000100)={0x2, 0x4e21, @empty}, 0x10)
recvmmsg(r5, &(0x7f000000e280), 0x58a, 0x42, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
close_range(r6, 0xffffffffffffffff, 0x200000000000000)

5m40.185524656s ago: executing program 32 (id=3012):
pipe(&(0x7f00000001c0))
socket$can_bcm(0x1d, 0x2, 0x2)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f00000007c0)=ANY=[@ANYBLOB="2c0000000d0603"], 0x2c}, 0x1, 0x0, 0x0, 0x24004001}, 0x4000)
r2 = syz_open_dev$vim2m(&(0x7f0000000100), 0x80000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x3, 0x2, 0x1, 0x0, 0x2})
ioctl$vim2m_VIDIOC_STREAMOFF(r2, 0x40045612, &(0x7f0000000080)=0x2)
r3 = openat$vimc2(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0)
ppoll(&(0x7f0000000740)=[{r3, 0x224}, {r2, 0x6}], 0x2, 0x0, 0x0, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r4, 0x401c2103, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r5, 0x0, 0x12, &(0x7f0000000300)=0x1, 0x4)
sendto$inet(r5, &(0x7f0000000000)="f461c5bbd75c3583", 0x8, 0x4000000, &(0x7f0000000100)={0x2, 0x4e21, @empty}, 0x10)
recvmmsg(r5, &(0x7f000000e280), 0x58a, 0x42, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
close_range(r6, 0xffffffffffffffff, 0x200000000000000)

5m25.838925812s ago: executing program 33 (id=3005):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x19, &(0x7f0000000380)=0x783c5647, 0x4)
sendto$inet6(r0, &(0x7f0000000340)='G', 0x1, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0x398, @empty}, 0x1c)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0xfffffdca, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x9, 0x0, 0x0)
r2 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f00000000c0)={'8255\x00', [0x4f27, 0x5, 0x8, 0x10, 0x1, 0xcc7, 0xfff, 0x5c952399, 0x5, 0x4, 0x802, 0x1600, 0x1, 0x1, 0x9, 0xe1cb, 0x6, 0x4, 0x3, 0x393, 0x80000086, 0x81, 0x0, 0xfffffff5, 0xffffeadb, 0x3, 0x3c, 0x8, 0x4, 0x8000000, 0xdffffefb, 0x3]})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x8000000}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r3, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000003c0)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sendmsg$inet(r7, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r6, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
sendmsg$inet(r9, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r8, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))

21.347584906s ago: executing program 6 (id=3849):
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_emit_vhci(&(0x7f0000000780)=ANY=[@ANYBLOB="040e0402030c2f53bfad2a9dc85c3e61a00df699dd4701fb226bcbc0d8938841f96efcebf456a586f92b52e1d6f08253322542f5855a14046758192422e545705a2cc05a653eb2ff77b12086d5cca619c03afbddda"], 0x7)
r0 = open(&(0x7f0000000200)='./file0\x00', 0x200080, 0x9)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000380)={r0, 0x0, {0x0, 0x0, 0x0, 0x7fffffff, 0xde5, 0x0, 0x12, 0xf, 0x4, "e149349193f34d17f8b5940a01b03aeb04ecafb6e37a2705c7437f381f15ce35cc19e73e2aca7e1dc2567b9a67eacaf3dd1b02e2611e23d6d49075e1f0514a91", "c701760a4ef609c0c1a00c242d594044d4b3294185c4eb08e05911b8bcf0d3f7ee533db2e49c042bec4980b11b67580a6f0644d0e85a5654dd82698aeb192a68", "622137d162cc2bcf91d95b232e9ba6ab53e06870d8bba45fc360a465975d5303", [0x9, 0x7fffffffffffffff]}})

21.059803783s ago: executing program 6 (id=3850):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='sched\x00')
write$binfmt_script(r0, &(0x7f0000000000)={'#! ', './file0'}, 0xb)
r1 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
getsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, 0x0, 0x0)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='btrfs\x00', 0x200000, 0x0)
syz_usb_connect$uac1(0x2, 0xc2, &(0x7f0000000200)=ANY=[@ANYRESDEC=r0], &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0})
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r2, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r3=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r2, 0xc02064b9, &(0x7f0000000dc0)={&(0x7f0000000240)=[0x0, 0x0, 0x0, <r4=>0x0], &(0x7f0000000200), 0x4, r3})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r2, 0xc03864bc, &(0x7f0000000500)={0x200, 0x1, &(0x7f0000000300)=[r5], &(0x7f0000000200), &(0x7f0000000580)=[r4], &(0x7f0000000300)})
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e23, 0x8, @mcast2, 0x7f}, 0x1c)
socket$inet6_udp(0xa, 0x2, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r9, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
shmat(0x0, &(0x7f0000ffb000/0x4000)=nil, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000480), 0x1, 0x0)

16.434260278s ago: executing program 6 (id=3857):
r0 = memfd_create(&(0x7f0000000040)='\x02A\xbb\xcc\x96\x0e\x00\x00\x00\x00\x00\x00', 0x6)
lseek(r0, 0x2, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
r2 = fanotify_init(0x8, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005700000095"], 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='mm_migrate_pages\x00', r4, 0x0, 0x9}, 0x18)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='mm_migrate_pages\x00', r4, 0x0, 0x5}, 0x18)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(r2, 0x61, 0x48001022, r5, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0)
ioctl$FS_IOC_SETFLAGS(r6, 0xc0189436, &(0x7f0000000140))
setsockopt$inet6_tcp_int(r1, 0x6, 0x2000000000000022, &(0x7f0000000140)=0x1, 0x4)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x1480, 0xfffffffd, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x20}, 0x1c)
io_setup(0x6, &(0x7f0000000680)=<r7=>0x0)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='vcan0\x00', 0x10)
io_submit(r7, 0x1, &(0x7f0000002c40)=[&(0x7f0000000000)={0x180a, 0x0, 0x3, 0x1, 0x0, r1, 0x0}])

15.315677202s ago: executing program 0 (id=3859):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$vim2m(&(0x7f0000000100), 0x7f, 0x2)
ioctl$vim2m_VIDIOC_PREPARE_BUF(r1, 0xc058565d, &(0x7f0000002dc0)=@multiplanar_userptr={0x0, 0x1, 0x4, 0x0, 0x7, {}, {0x5, 0x0, 0x0, 0x4, 0x20, 0x6, "488dc807"}, 0x1000, 0x2, {0x0}, 0x10000003})
r2 = syz_open_dev$media(&(0x7f0000000000), 0x2, 0x1)
r3 = syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r3, 0xc0287c02, &(0x7f0000001180)={0x80000000, 0x0, &(0x7f0000001200)=[{{}, {<r4=>0x80000000}}]})
ioctl$MEDIA_IOC_ENUM_LINKS(r3, 0xc0287c02, &(0x7f0000000300)={r4, &(0x7f00000007c0)=[{<r5=>0x80000000}], 0x0})
ioctl$MEDIA_IOC_ENUM_LINKS(r3, 0xc0287c02, &(0x7f0000000000)={r5, 0x0, &(0x7f00000016c0)=[{{}, {<r6=>0x80000000}}]})
ioctl$MEDIA_IOC_ENUM_LINKS(r3, 0xc0287c02, &(0x7f0000000280)={r6, 0x0, &(0x7f00000001c0)=[{{<r7=>0x80000000, <r8=>0x0}}]})
ioctl$MEDIA_IOC_SETUP_LINK(r3, 0xc0347c03, &(0x7f0000000400)={{0x80000000, r8, 0x0, [0x0, 0x1000000]}, {r7, r8}, 0x5})
r9 = syz_open_dev$media(&(0x7f0000001a80), 0x3, 0x0)
ioctl$MEDIA_IOC_ENUM_LINKS(r9, 0xc0287c02, &(0x7f0000000300)={0x80000000, 0x0, &(0x7f0000000380)=[{}, {{0x80000000, <r10=>0x0}}]})
ioctl$MEDIA_IOC_SETUP_LINK(r2, 0xc0347c03, &(0x7f0000001140)={{0x80000000, r8, 0x0, [0xc, 0x1]}, {0x80000000, r10, 0x4, [0x4, 0x3]}, 0x10000000, [0x1]})

15.166207052s ago: executing program 5 (id=3861):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x275a, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
syz_open_dev$swradio(&(0x7f0000000100), 0x1, 0x2)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xd1)
lsetxattr$system_posix_acl(&(0x7f0000000080)='./file0\x00', &(0x7f0000000400)='system.posix_acl_default\x00', &(0x7f0000000540)=ANY=[@ANYBLOB="020000", @ANYBLOB], 0x2c, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x800000000000001, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019640)=""/102392, 0x18ff8)
r2 = openat$nvme_fabrics(0xffffffffffffff9c, 0x0, 0x80000, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_EXTERNAL_AUTH(r2, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)=ANY=[@ANYBLOB="34010000", @ANYBLOB], 0x34}, 0x1, 0x0, 0x0, 0x800}, 0x41)
r3 = socket(0x10, 0x3, 0x0)
write(r3, &(0x7f00000000c0)="1c0000001e005f0214fffffffffffff80700"/28, 0x1c)
syz_init_net_socket$ax25(0x3, 0x2, 0x1)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x5}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x54, 0x3, 0xa, 0x101, 0x0, 0x0, {0x5}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x34, 0x4, 0x0, 0x1, [@NFTA_HOOK_DEV={0x14, 0x3, 'gretap0\x00'}, @NFTA_HOOK_DEV={0x14, 0x3, 'veth0_to_bond\x00'}, @NFTA_HOOK_HOOKNUM={0x8}]}]}, @NFT_MSG_NEWRULE={0x14, 0x6, 0xa, 0x401, 0x0, 0x0, {0x5}}], {0x14}}, 0xb0}}, 0x0)

15.053337729s ago: executing program 6 (id=3863):
madvise(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x14)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r4, r4, 0x0, 0x800000009)
close(0xffffffffffffffff)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, &(0x7f0000000040)={0x0, [[0x9ef8, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x7fffffff], [0x10000, 0x0, 0x6, 0x0, 0x8001, 0x2, 0xfffffffc], [0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]], '\x00', [{0x0, 0x1}, {0xfffffffd}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x1, 0x1}, {0x80000001, 0x0, 0x0, 0x1, 0x1}, {0x7fff, 0xfffffffa}, {}, {0x8000000, 0x8f96}], '\x00', 0x1000})
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000340)='scalable\x00', 0x9)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x20000000000014, &(0x7f0000000140)={<r6=>0xffffffffffffffff}, 0x106, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r5, &(0x7f0000000040)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e24, 0x0, @remote, 0x12}, r6}}, 0x30)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4e24, 0x40003, @dev={0xfe, 0x80, '\x00', 0x25}}, {0x2, 0x4e23, 0xe0000000, @remote, 0xffffffff}, r6, 0x9dffffff}}, 0x48)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x19)
madvise(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0xd)

12.181433002s ago: executing program 2 (id=3866):
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x9, 0x6, '\x00', 0x14, 0x6, 0xff, @dev={0xfe, 0x80, '\x00', 0x39}, @local, {[], {{0x4e22, 0x4e24, 0x41424344, 0x41424344, 0x1, 0x0, 0x5, 0xc2, 0x7, 0x0, 0x3}}}}}}}, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)}}], 0x1, 0x4000000)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0xffffffff9673e35d]}})

12.155122347s ago: executing program 0 (id=3867):
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socket$can_bcm(0x1d, 0x2, 0x2)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)={&(0x7f00000007c0)=ANY=[@ANYBLOB="2c0000000d0603"], 0x2c}, 0x1, 0x0, 0x0, 0x24004001}, 0x4000)
r3 = syz_open_dev$vim2m(&(0x7f0000000100), 0x80000, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f00000000c0)={0x3, 0x2, 0x1, 0x0, 0x2})
ioctl$vim2m_VIDIOC_STREAMOFF(r3, 0x40045612, &(0x7f0000000080)=0x2)
r4 = openat$vimc2(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0)
ppoll(&(0x7f0000000740)=[{r4, 0x224}, {r3, 0x6}], 0x2, 0x0, 0x0, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000200)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r5, 0x401c2103, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r6, 0x0, 0x12, &(0x7f0000000300)=0x1, 0x4)
sendto$inet(r6, &(0x7f0000000000)="f461c5bbd75c3583", 0x8, 0x4000000, &(0x7f0000000100)={0x2, 0x4e21, @empty}, 0x10)
writev(r0, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x2, 0x7fff7ffc}]})
close_range(r7, 0xffffffffffffffff, 0x200000000000000)

11.724246295s ago: executing program 5 (id=3869):
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[{0x0}], 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x500040, 0x0)
ioctl$F2FS_IOC_SET_COMPRESS_OPTION(r0, 0x4002f516, &(0x7f0000000100)={0x1, 0x1})
socket$nl_route(0x10, 0x3, 0x0)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f0000000540), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c00018014000300ff01000000000000000000000000000114000400050000010000000000000000000000010c00028005000100000000004700028005000100010000000600040000000000060005"], 0xe4}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x5)
socket$nl_rdma(0x10, 0x3, 0x14)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_RELOAD_REGDB(r4, 0x0, 0x20000080)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
syz_fuse_handle_req(r1, 0x0, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_NAT_TYPE={0x8, 0x1, 0x1, 0x0, 0x1000000}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x70}}, 0x0)

10.93387312s ago: executing program 2 (id=3871):
fsopen(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
syz_usb_connect(0x2, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000538acc089c0e00001e5b0102030109021b00010000000009040000014b34ef000905", @ANYRES16], 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000007e00), r1)
r2 = fanotify_init(0x79, 0x0)
socket(0x400000000010, 0x3, 0x0)
write$P9_RSYMLINK(r2, &(0x7f0000000480)={0x14, 0x11, 0x0, {0x0, 0x0, 0x802}}, 0x14)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, &(0x7f0000007e40)={'wpan0\x00'})
r3 = socket$inet(0x2, 0x2, 0x1)
setsockopt$inet_mreqn(r3, 0x0, 0x20, 0x0, 0x300)
socket$nl_netfilter(0x10, 0x3, 0xc)

9.585186834s ago: executing program 5 (id=3872):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
r1 = syz_clone(0x20022180, 0x0, 0xfe02, 0x0, 0x0, 0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000900)={0x7, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
syz_open_dev$vim2m(&(0x7f0000000100), 0xf, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000005c0), r0)
sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000006c0)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="200029bd5c143a8b93b437103a84e6e8127000fddbdf250a000000080005000700000008000400bc0b0000080004000b40b0000000"], 0x2c}, 0x1, 0x0, 0x0, 0x24040000}, 0x4)
ioctl$KVM_CLEAR_DIRTY_LOG(r2, 0xc018aec0, &(0x7f0000000140)={0x0, 0x0, 0x380, &(0x7f0000000180)=[0x6bd1a312, 0xec66, 0xff, 0x8, 0x98bd, 0x800000000000009, 0x0, 0x4, 0x10000, 0x7, 0x9004, 0x9, 0x8, 0x9, 0x5, 0x49, 0x3ff, 0x5, 0x2, 0x1, 0x8, 0x7, 0xc1, 0x1, 0x2, 0x2, 0x6, 0x9, 0x96, 0xffffffff, 0xffffffff00000000, 0x0, 0x5, 0x7, 0x4, 0x3, 0x9, 0x888f, 0x1, 0x8, 0x46, 0x6, 0x3, 0xa3de, 0x20000000006, 0x8, 0x7, 0x400, 0x3, 0xfffffffffffffff7, 0xfffffffffffffffa, 0x2, 0xe, 0x6, 0x4, 0xe6, 0x200000000000101, 0x5, 0x9, 0x66, 0x6, 0x7, 0x40000005, 0xfffffffeffffffff, 0x9, 0xd, 0x10001, 0xbbd9, 0x80000000, 0xfffffffffffffc00, 0x2, 0x7, 0x2, 0xcdc, 0x4000000007, 0x2, 0x3, 0x2, 0x2, 0xfff, 0x6, 0x4, 0x1, 0xab6, 0x0, 0x4, 0x0, 0xffffffffffffff81, 0x9, 0xff, 0x6, 0x28000000, 0x5, 0x8061d, 0x3, 0x7, 0xf6, 0x4, 0x6, 0x200, 0x7, 0xe53e, 0x4, 0x8, 0x2293332f, 0x9, 0x5, 0x1e, 0xd, 0x2, 0x4, 0xfffffffffffffffb, 0x2, 0x7, 0xdfd4, 0xfffd, 0x10, 0x5, 0x8, 0x1, 0x53e0f0fe, 0xeb4, 0x0, 0xfffffffffffffffe, 0xb692, 0xcc, 0x8, 0x1000003]})
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
futex(&(0x7f000000cffc)=0x1, 0xd, 0x1, 0x0, 0x0, 0x2)
syz_open_procfs(r1, &(0x7f0000000040)='stat\x00')
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = dup(0xffffffffffffffff)
setsockopt$inet_sctp_SCTP_MAXSEG(r6, 0x84, 0xd, &(0x7f00000001c0)=@assoc_value={0x0, 0xfff}, 0x8)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f00000007c0)={0x0, @in={{0x2, 0x4e21, @rand_addr=0x64010101}}}, &(0x7f0000000600)=0x84)
sendmsg$nl_generic(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={0x1c, 0x1e, 0x21, 0x8, 0x25dfdbfb, {0x7}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x96335b3603020bac}, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)

9.087419598s ago: executing program 0 (id=3874):
syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb2361000000010902"], 0x0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0xa0b41, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0xf0, 0x0, 0xb47, 0x9, 0x0, 0x0, 0x3}, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)={0x4c, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xef7ab6f359d7b58a}, @IPSET_ATTR_REVISION={0x5, 0x4, 0x4}]}, 0x4c}, 0x1, 0x0, 0x0, 0x44}, 0x0)
sendmsg$IPCTNL_MSG_CT_GET_UNCONFIRMED(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000280)={0x14, 0x7, 0x1, 0x201, 0x0, 0x0, {0x7, 0x0, 0x1}, ["", "", "", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000856)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000029c0))
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr, @multicast1}, @address_request}}}}, 0x0)
sendmsg(r4, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x2c, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x3e}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r5, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000", @ANYRES8=r3], 0x3c}}, 0x10)

8.016769471s ago: executing program 6 (id=3875):
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet6_buf(r0, 0x29, 0x3d, &(0x7f0000000080)=""/146, &(0x7f0000000000)=0x92)
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x0)
pipe2$9p(0x0, 0x0)
syz_pidfd_open(0x0, 0x0)
prlimit64(0x0, 0xc, &(0x7f0000000140)={0x40000000000000, 0x88}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
signalfd(0xffffffffffffffff, 0x0, 0x0)
setpgid(r2, 0x0)
setpgid(0x0, r2)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX, @ANYRESHEX, @ANYBLOB])
mkdir(0x0, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000440)='./file1\x00', 0x0, 0x8}, 0x18)
r3 = socket(0x10, 0x3, 0x0)
recvmmsg$unix(r3, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000003700)=[{&(0x7f0000002480)=""/9, 0x9}, {&(0x7f00000024c0)=""/225, 0xe1}, {&(0x7f00000025c0)=""/4096, 0x1000}, {&(0x7f00000035c0)=""/139, 0x8b}], 0x4}}], 0x1, 0x2, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)=@bridge_getvlan={0x20, 0x72, 0x7e3bfe4fa73db39f, 0x0, 0x0, {}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}]}, 0x20}}, 0x0)
mount$afs(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x88, 0x0)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
ioctl$AUTOFS_IOC_READY(r4, 0x9360, 0x800000000000001)
name_to_handle_at(r1, &(0x7f0000000180)='./file1\x00', &(0x7f0000000240)=@isofs={0x14, 0x1, {0x5, 0x5, 0x7, 0x10000, 0x0, 0x6}}, &(0x7f0000000280), 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300))
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2)

7.951621215s ago: executing program 5 (id=3876):
socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000000c0)={0x0, <r0=>0x0})
fchdir(0xffffffffffffffff)
openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYRESDEC=r0], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000180), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x779a}, 0x94)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
pipe2(0x0, 0x0)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x60000000000, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0xe, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x40102)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x40e)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
write$UHID_INPUT(r4, &(0x7f00000009c0)={0xf, {"a2e3ad214fc752f90b5e09094bf70e0dd038e7ff7fc6e5539b1b48078b089b3b0838721a0890e0878f0e1ac6e7049b3d6c959b4c9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31320d07420736cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e2c5070000179c6f30e065cd5b91cd0ae17d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3bb469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918070000003f0000000c558cdc0a3621c56cea8d20fa911afe40db6ebe8cac64289fd3da232f1b5dbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860421c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000e0a37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2f09000000000000007747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847354b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d483d4675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516ab68032f88c042ffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d95f2e8c77d95a3d3a6df40babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9d1a3d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f39a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdfa1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60559516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442748af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000001c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500", 0x1009}}, 0x1006)

7.198232379s ago: executing program 6 (id=3877):
syz_emit_ethernet(0x0, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, 0x0, &(0x7f0000000300))
socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000600)={0x2, @pix={0x8, 0x6, 0x34325842, 0x4, 0x6bb, 0xffffffff, 0x4, 0x6, 0x0, 0x1, 0x5, 0x5}})
ioctl$vim2m_VIDIOC_REQBUFS(r4, 0xc0145608, &(0x7f0000000100)={0x410001, 0x2, 0x4})
ioctl$vim2m_VIDIOC_STREAMOFF(r4, 0x40045612, &(0x7f0000000140)=0x2)

7.097336566s ago: executing program 2 (id=3879):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBMODE(r0, 0x4b45, &(0x7f0000000480)=0x1)
r1 = syz_open_dev$vim2m(&(0x7f00000000c0), 0x68d2, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x2, 0x0, 0x5})
r2 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x4, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f0000000000)={0x4000006, 0x1, 0x4})

7.07193905s ago: executing program 5 (id=3880):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60140, 0x0)
r1 = socket$inet_sctp(0x2, 0x5, 0x84)
close(0x3)
r2 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r2, &(0x7f0000000740)='|', 0x1, 0x0, &(0x7f00000007c0)={0xa, 0x4e23, 0x5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x4}, 0x1c)
connect$inet6(r2, &(0x7f00000001c0)={0xa, 0x4e23, 0x1, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x3}, 0x1c)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
r3 = socket(0x10, 0x3, 0x0)
write(r3, &(0x7f0000000240)="240000001e005f1814fffffffffffff807000000010000000000000008000500c4cb0b02", 0x24)
renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x2)
shutdown(r2, 0x1)
sendmsg$inet_sctp(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)='\a', 0x1}], 0x1, &(0x7f0000000340)=[@sndrcv={0x30, 0x84, 0x1, {0x2, 0x0, 0x41, 0x808, 0x2, 0xffffffff, 0x3, 0x7fffffff}}], 0x30}, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_io_uring_complete(0x0)
ioctl$AUTOFS_IOC_CATATONIC(r4, 0x9362, 0x0)
r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
write$P9_RSTATu(0xffffffffffffffff, &(0x7f0000000340)={0x230, 0x2, 0x0, {{0x500, 0xef, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x1b, '\x04nodev{evoo~\x059\xc6\x00\x05\x00\x007\xd9:\x8b\x92\x00\x00\x00', 0x38, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x82\x00\xb5\x00\x00+Y_\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x03\xb4\x94\xe1', 0x14, '\xcf\xc2m\xd7\xc5\x00\xf0L\xd8_*p\xf5\xe9\x93\x0e<]\xb4Z', 0x55, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x00'}, 0x12c, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300}}, 0x230)
ioctl$SNDCTL_SEQ_OUTOFBAND(r5, 0xc074510c, &(0x7f0000000440)=@v={0x93, 0x0, 0x0, 0x0, @MIDI_NOTEON=@special})
ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f0000000100)={0x60, 0x4, &(0x7f00003ef000/0x2000)=nil, &(0x7f000033b000/0x1000)=nil, 0x5, &(0x7f0000000080)=[{0x332b, 0x2, 0x8}, {0x4, 0x4, 0x6}, {0x800, 0x9, 0x2}], 0x3, 0x1, 0x41, 0x4, 0x41, 0x21})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8)

6.899513912s ago: executing program 2 (id=3881):
mkdir(&(0x7f0000000100)='./file0\x00', 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000000cc0)={'filter\x00', 0x3b, 0x4, 0x4c8, 0x2f8, 0x2f8, 0x3e0, 0x2f8, 0x3e0, 0x3e0, 0x4, 0x0, {[{{@uncond, 0xc0, 0x1e8}, @unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:update_modules_exec_t:s0\x00'}}}, {{@arp={@broadcast, @dev, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_batadv\x00', 'veth1_to_hsr\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@remote, @empty, @multicast2, @loopback}}}, {{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x520)
chdir(&(0x7f0000000080)='./file0\x00')
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000700000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$OBJ_PIN_PROG(0x6, &(0x7f00000000c0)=@generic={&(0x7f0000000bc0)='./file0\x00', r1}, 0x18)
openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x1c5)

6.898282826s ago: executing program 1 (id=3882):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x1, @multicast, 'ip6gre0\x00'}}, 0x1e)
listen(0xffffffffffffffff, 0x0)
close(0xffffffffffffffff)
socket$packet(0x11, 0x2, 0x300)
r1 = getpid()
r2 = syz_pidfd_open(r1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000004c0)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct={0x0, 0x0, 0x0, 0xe}]}}, 0x0, 0x26, 0x0, 0x1}, 0x28)
r3 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000080), 0x20840, 0x0)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r4, 0x3ba0, &(0x7f00000007c0)={0x52})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f0000000100)={0x28, 0x6, 0x0, 0x0, &(0x7f0000c00000/0x400000)=nil, 0x400000, 0x51e})
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r7 = dup(r6)
write$6lowpan_enable(r7, &(0x7f0000000300)='1', 0xfffffd46)
syz_io_uring_setup(0x10e, &(0x7f00000000c0)={0x0, 0x8d2de, 0x0, 0xffffffff}, &(0x7f00000003c0)=<r8=>0x0, &(0x7f00000005c0))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000640)=@bpf_tracing={0x1a, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000700000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008583000000bf090000000000005509010000000000000018120000000000", @ANYRES32=r7, @ANYBLOB="0000000000000000b703000000000000850000000c000000b700000000000000bf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f00000000c0)='GPL\x00', 0x5, 0x48, &(0x7f0000000500)=""/72, 0x41100, 0x14, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x5, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x1cdca, r3, 0x5, &(0x7f0000000580)=[0xffffffffffffffff, r3], &(0x7f00000005c0)=[{0x4, 0x4, 0xf, 0xb}, {0x5, 0x2, 0x1, 0x6}, {0x4, 0x4, 0xa, 0x8}, {0x4, 0x1, 0xf, 0x8}, {0x3, 0x3, 0xc, 0x2}], 0x10, 0x1}, 0x94)
close_range(r2, 0xffffffffffffffff, 0x0)
ioctl$PPPIOCGMRU(r0, 0x80047453, &(0x7f00000003c0))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NLBL_UNLABEL_C_STATICADDDEF(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x14, 0x0, 0x1, 0x0, 0x0, {0x6, 0x0, 0x900}}, 0x14}, 0x2, 0x34005}, 0x0)
ptrace(0x4207, r1)

4.095048264s ago: executing program 1 (id=3883):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB], 0x48)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_sctp(0x2, 0x1, 0x84)
r3 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x2, 0x0}}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000100)=0x8)

4.077967745s ago: executing program 0 (id=3884):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x32, 0x0, &(0x7f0000000400)=[@increfs], 0xfffffcb0, 0x0, 0x0})
r3 = dup3(r2, r1, 0x0)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x10000000000)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000003c0)={0x8, 0x700, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, 0x18, &(0x7f0000000540)={@fd={0x66642a85, 0x0, r3}, @ptr={0x70742a85, 0x0, &(0x7f0000000440)=""/210, 0xd2, 0x1, 0x29}, @ptr={0x70742a85, 0x5, 0x0, 0x0, 0x1, 0xca}}, &(0x7f0000000600)={0x0, 0x18, 0x40}}, 0x1000}], 0x0, 0x0, 0x0})
landlock_restrict_self(0xffffffffffffffff, 0x0)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
close(r6)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000000200)={'syzkaller0\x00', @random="e5db029ea53c"})

3.816374837s ago: executing program 5 (id=3885):
madvise(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x14)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
sendfile(r4, r4, 0x0, 0x800000009)
close(0xffffffffffffffff)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, &(0x7f0000000040)={0x0, [[0x9ef8, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x7fffffff], [0x10000, 0x0, 0x6, 0x0, 0x8001, 0x2, 0xfffffffc], [0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]], '\x00', [{0x0, 0x1}, {0xfffffffd}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x1, 0x1}, {0x80000001, 0x0, 0x0, 0x1, 0x1}, {0x7fff, 0xfffffffa}, {}, {0x8000000, 0x8f96}], '\x00', 0x1000})
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000340)='scalable\x00', 0x9)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x20000000000014, &(0x7f0000000140)={<r6=>0xffffffffffffffff}, 0x106, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r5, &(0x7f0000000040)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e24, 0x0, @remote, 0x12}, r6}}, 0x30)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4e24, 0x40003, @dev={0xfe, 0x80, '\x00', 0x25}}, {0x2, 0x4e23, 0xe0000000, @remote, 0xffffffff}, r6, 0x9dffffff}}, 0x48)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x19)
madvise(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0xd)

2.669447215s ago: executing program 0 (id=3886):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
r1 = syz_clone(0x20022180, 0x0, 0xfe02, 0x0, 0x0, 0x0)
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000900)={0x7, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
syz_open_dev$vim2m(&(0x7f0000000100), 0xf, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000005c0), r0)
sendmsg$IPVS_CMD_DEL_DAEMON(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000006c0)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="200029bd5c143a8b93b437103a84e6e8127000fddbdf250a000000080005000700000008000400bc0b0000080004000b40b0000000"], 0x2c}, 0x1, 0x0, 0x0, 0x24040000}, 0x4)
ioctl$KVM_CLEAR_DIRTY_LOG(r2, 0xc018aec0, &(0x7f0000000140)={0x0, 0x0, 0x380, &(0x7f0000000180)=[0x6bd1a312, 0xec66, 0xff, 0x8, 0x98bd, 0x800000000000009, 0x0, 0x4, 0x10000, 0x7, 0x9004, 0x9, 0x8, 0x9, 0x5, 0x49, 0x3ff, 0x5, 0x2, 0x1, 0x8, 0x7, 0xc1, 0x1, 0x2, 0x2, 0x6, 0x9, 0x96, 0xffffffff, 0xffffffff00000000, 0x0, 0x5, 0x7, 0x4, 0x3, 0x9, 0x888f, 0x1, 0x8, 0x46, 0x6, 0x3, 0xa3de, 0x20000000006, 0x8, 0x7, 0x400, 0x3, 0xfffffffffffffff7, 0xfffffffffffffffa, 0x2, 0xe, 0x6, 0x4, 0xe6, 0x200000000000101, 0x5, 0x9, 0x66, 0x6, 0x7, 0x40000005, 0xfffffffeffffffff, 0x9, 0xd, 0x10001, 0xbbd9, 0x80000000, 0xfffffffffffffc00, 0x2, 0x7, 0x2, 0xcdc, 0x4000000007, 0x2, 0x3, 0x2, 0x2, 0xfff, 0x6, 0x4, 0x1, 0xab6, 0x0, 0x4, 0x0, 0xffffffffffffff81, 0x9, 0xff, 0x6, 0x28000000, 0x5, 0x8061d, 0x3, 0x7, 0xf6, 0x4, 0x6, 0x200, 0x7, 0xe53e, 0x4, 0x8, 0x2293332f, 0x9, 0x5, 0x1e, 0xd, 0x2, 0x4, 0xfffffffffffffffb, 0x2, 0x7, 0xdfd4, 0xfffd, 0x10, 0x5, 0x8, 0x1, 0x53e0f0fe, 0xeb4, 0x0, 0xfffffffffffffffe, 0xb692, 0xcc, 0x8, 0x1000003]})
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42032, 0xffffffffffffffff, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
futex(&(0x7f000000cffc)=0x1, 0xd, 0x1, 0x0, 0x0, 0x2)
syz_open_procfs(r1, &(0x7f0000000040)='stat\x00')
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = dup(0xffffffffffffffff)
setsockopt$inet_sctp_SCTP_MAXSEG(r6, 0x84, 0xd, &(0x7f00000001c0)=@assoc_value={0x0, 0xfff}, 0x8)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f00000007c0)={0x0, @in={{0x2, 0x4e21, @rand_addr=0x64010101}}}, &(0x7f0000000600)=0x84)
sendmsg$nl_generic(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)={0x1c, 0x1e, 0x21, 0x8, 0x25dfdbfb, {0x7}, [@typed={0x5, 0x0, 0x0, 0x0, @str='\x00'}]}, 0x1c}, 0x1, 0x0, 0x0, 0x96335b3603020bac}, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)

2.554988457s ago: executing program 1 (id=3887):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@ipv4_delroute={0x44, 0x19, 0x901, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, 0x0, 0x2, 0xfd, 0x1}, [@RTA_DST={0x8, 0x1, @dev}, @RTA_GATEWAY={0x8, 0x5, @initdev={0xac, 0x1e, 0x1, 0x0}}, @RTA_ENCAP={0x10, 0x16, 0x0, 0x1, @LWTUNNEL_IP6_ID={0xc, 0x1, 0x4}}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x1}]}, 0x44}}, 0x0)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(0xffffffffffffffff, 0xc4c85512, &(0x7f0000000040)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x800, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x800000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc]})
ioctl$FS_IOC_SETFLAGS(r2, 0x40186f40, &(0x7f0000000440)=0x1f)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
connect$inet(r3, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
writev(r3, &(0x7f0000000200)=[{&(0x7f00000000c0)='X', 0x8030000}], 0x1)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TCSETSF(r4, 0x5404, &(0x7f0000000000)={0xffffffff, 0xc9a, 0xfffff001, 0x6, 0x8, "5cadf0fa59ebc3cef90ac43c5c135252e5d962"})
ioctl$TCSETSF(r4, 0x5404, &(0x7f0000000040)={0x5, 0xf7af, 0x8000, 0x8, 0x0, "4cb8b210acdc716f64cf76062d59a56f2584c4"})
ioctl$UI_DEV_DESTROY(r2, 0x5502)

2.256896379s ago: executing program 2 (id=3888):
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet6_buf(r0, 0x29, 0x3d, &(0x7f0000000080)=""/146, &(0x7f0000000000)=0x92)
splice(r0, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x0)
pipe2$9p(0x0, 0x0)
syz_pidfd_open(0x0, 0x0)
prlimit64(0x0, 0xc, &(0x7f0000000140)={0x40000000000000, 0x88}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000080)='./file1\x00')
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
signalfd(0xffffffffffffffff, 0x0, 0x0)
setpgid(r2, 0x0)
setpgid(0x0, r2)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000, &(0x7f0000000480)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB, @ANYRESHEX, @ANYBLOB])
mkdir(0x0, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000440)='./file1\x00', 0x0, 0x8}, 0x18)
r3 = socket(0x10, 0x3, 0x0)
recvmmsg$unix(r3, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000003700)=[{&(0x7f0000002480)=""/9, 0x9}, {&(0x7f00000024c0)=""/225, 0xe1}, {&(0x7f00000025c0)=""/4096, 0x1000}, {&(0x7f00000035c0)=""/139, 0x8b}], 0x4}}], 0x1, 0x2, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000380)=@bridge_getvlan={0x20, 0x72, 0x7e3bfe4fa73db39f, 0x0, 0x0, {}, [@BRIDGE_VLANDB_DUMP_FLAGS={0x8, 0x1, 0x1}]}, 0x20}}, 0x0)
mount$afs(0x0, &(0x7f0000000200)='./file1\x00', 0x0, 0x88, 0x0)
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
ioctl$AUTOFS_IOC_READY(r4, 0x9360, 0x800000000000001)
name_to_handle_at(r1, &(0x7f0000000180)='./file1\x00', &(0x7f0000000240)=@isofs={0x14, 0x1, {0x5, 0x5, 0x7, 0x10000, 0x0, 0x6}}, &(0x7f0000000280), 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300))
mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x2)

999.744571ms ago: executing program 1 (id=3889):
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000080)={&(0x7f00006c6000/0x400000)=nil, &(0x7f000018b000/0x3000)=nil, 0x400000, 0xfe, 0x6040000})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

801.872247ms ago: executing program 1 (id=3890):
socket$inet6_tcp(0xa, 0x1, 0x0)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f00000000c0)={0x0, <r0=>0x0})
fchdir(0xffffffffffffffff)
openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYRESDEC=r0], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000180), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x779a}, 0x94)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
pipe2(0x0, 0x0)
tee(0xffffffffffffffff, 0xffffffffffffffff, 0x60000000000, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x2, 0x0, 0x0, 0x41100, 0xe, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = syz_open_dev$vcsa(&(0x7f0000000000), 0x1, 0x40102)
ioctl$int_in(r1, 0x5452, &(0x7f0000000040)=0x40e)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r4 = dup(r3)
write$UHID_INPUT(r4, &(0x7f00000009c0)={0xf, {"a2e3ad214fc752f90b5e09094bf70e0dd038e7ff7fc6e5539b1b48078b089b3b0838721a0890e0878f0e1ac6e7049b3d6c959b4c9a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31320d07420736cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e2c5070000179c6f30e065cd5b91cd0ae17d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3bb469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918070000003f0000000c558cdc0a3621c56cea8d20fa911afe40db6ebe8cac64289fd3da232f1b5dbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860421c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000e0a37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2f09000000000000007747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847354b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d483d4675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516ab68032f88c042ffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d95f2e8c77d95a3d3a6df40babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9d1a3d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f39a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdfa1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60559516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442748af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d00000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000001c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000500", 0x1009}}, 0x1006)

799.347638ms ago: executing program 0 (id=3891):
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(0xffffffffffffffff, 0xc0189373, 0x0)
r0 = socket$rxrpc(0x21, 0x2, 0xa)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x11)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$rxrpc(r0, &(0x7f0000000000)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e23, 0x100, @empty, 0xe}}, 0x24)
r3 = syz_io_uring_setup(0x10a, &(0x7f0000000140)={0x0, 0x5883, 0x0, 0x0, 0xfffffdfc}, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0})
socket$rxrpc(0x21, 0x2, 0x2)
io_uring_enter(r3, 0x3516, 0x9e, 0x0, 0x0, 0x0)

106.641972ms ago: executing program 1 (id=3892):
r0 = ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x985d)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000000)={<r2=>0x0, 0x5, 0x3, [0x6, 0x2, 0xe]}, &(0x7f0000000040)=0xe)
syslog(0xa, 0x0, 0x0)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x840, 0x0)
r4 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x22, &(0x7f0000000100)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xd8}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, 0x1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x745880bb}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @btf_id={0x18, 0x0, 0x3, 0x0, 0x3}, @map_val={0x18, 0x1, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffffff81}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x4}, @initr0={0x18, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x3}]}, &(0x7f0000000240)='syzkaller\x00', 0x9, 0x75, &(0x7f0000000280)=""/117, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000300)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000340)={0x2, 0xe, 0x3, 0x5}, 0x10, 0x0, 0x0, 0x6, &(0x7f0000000380)=[0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1], &(0x7f00000003c0)=[{0x0, 0x1, 0x4, 0x7}, {0x2, 0x4, 0x2, 0x4}, {0x3, 0x3, 0xe, 0xb}, {0x1, 0x1, 0x8, 0xb}, {0x0, 0x3, 0xd}, {0x4, 0x2, 0xe, 0x2}], 0x10, 0x661}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f00000000c0)='ext4_sync_file_enter\x00', r5, 0x0, 0x1}, 0x18)
ioctl$TCSETSF2(r0, 0x402c542d, &(0x7f0000000540)={0x9, 0x80, 0x6, 0x40, 0x7, "2dc0b67e910ad8457dd0add90b84bb206532ac", 0x9, 0xc2})
r6 = socket(0x1f, 0x5, 0x2)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r6, 0x84, 0x21, &(0x7f0000000580)=0x3, 0x4)
pipe(&(0x7f00000005c0)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
ioctl$PTP_EXTTS_REQUEST2(r7, 0x40103d0b, &(0x7f0000000600)={0x6})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000ac0)={r5, 0xe0, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, &(0x7f00000007c0)=[0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x2, 0x1, &(0x7f0000000800)=[0x0, 0x0], &(0x7f0000000840)=[0x0], <r9=>0x0, 0x91, &(0x7f0000000880)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000900), &(0x7f0000000940), 0x8, 0xdd, 0x8, 0x8, &(0x7f0000000980)}}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x1f, 0x14, &(0x7f0000000640)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r7}}, {}, [@ldst={0x2, 0x1, 0x6, 0x0, 0x7, 0xfffffffffffffff8, 0xfffffffffffffff3}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r7}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000700)='GPL\x00', 0xd, 0x0, 0x0, 0x41100, 0x5, '\x00', 0x0, @fallback=0x18, r8, 0x8, &(0x7f0000000740)={0x2, 0x1}, 0x8, 0x10, &(0x7f0000000780)={0x3, 0x4, 0x0, 0x9b8}, 0x10, r9, r7, 0x5, 0x0, &(0x7f0000000b00)=[{0x5, 0x2, 0x6, 0xc}, {0x3, 0x5, 0x10, 0xe}, {0x3, 0x1, 0x4, 0x6}, {0x0, 0x5, 0x4, 0x8}, {0x5, 0x1, 0xc, 0x5}], 0x10, 0xff}, 0x94)
fsetxattr$security_smack_transmute(r7, &(0x7f0000000c40), &(0x7f0000000c80), 0x4, 0x1)
syz_open_dev$MSR(&(0x7f0000000cc0), 0x1, 0x0)
r10 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000d00), 0x10902, 0x0)
ioctl$F2FS_IOC_COMPRESS_FILE(r10, 0xf518, 0x0)
ioctl$AUTOFS_DEV_IOCTL_PROTOSUBVER(r8, 0xc0189373, &(0x7f0000000d40)={{0x1, 0x1, 0x18, <r11=>r7, {0x3}}, './file0\x00'})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r11, 0x84, 0x70, &(0x7f0000000d80)={r2, @in={{0x2, 0x4e21, @empty}}, [0x1, 0x8, 0x4, 0x9, 0x8, 0x8, 0x2, 0x6, 0x8, 0x5, 0xffff, 0x9, 0x45, 0x1, 0x8]}, &(0x7f0000000e80)=0x100)
ioctl$TCSETSW2(r7, 0x402c542c, &(0x7f0000000ec0)={0x4, 0x7, 0x7, 0x5, 0x3, "d9916609253df275446fa65b01fbd2da44e13d", 0x3507, 0xb93})
uname(&(0x7f0000000f00)=""/168)
madvise(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0)
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000011c0)={0x4c, 0x0, &(0x7f0000001080)=[@reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000fc0)={@fd={0x66642a85, 0x0, r3}, @fda={0x66646185, 0x2, 0x1, 0xb}, @fda={0x66646185, 0x9, 0x0, 0x3e}}, &(0x7f0000001040)={0x0, 0x18, 0x38}}, 0x400}], 0xa9, 0x0, &(0x7f0000001100)="8f8dc6d9f26dd1506041ce8d1e97daf09c86eb7a5562ac23266b041c82ccc345d85b777fe313e6b4755df74a2908b82a30dfcd3b4b9f98664b24a79975d9c2649da15706c69e3e74c9dc74acb8af13ca7083b158f3fb6543fe8d306a6e74a28bd65d8ab1fcc6e9cd5f47b22ee8d2fff5658dbe617bca3fd94b9c16b3ca61b54cf420e8e47e9b9144a6c22d847878d100a58ee862792bf5bcda6b7e9a109da22f80686c8717a72bb3ee"})
ioctl$BTRFS_IOC_LOGICAL_INO(r1, 0xc0389424, &(0x7f0000001240)={0x3, 0x38, '\x00', 0x1, &(0x7f0000001200)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
bind$alg(r6, &(0x7f0000001280)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes128\x00'}, 0x58)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(0xffffffffffffffff, &(0x7f0000001480)={&(0x7f0000001300)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001440)={&(0x7f0000001380)={0xb0, 0x0, 0x100, 0x70bd2b, 0x25dfdbfc, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x3}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x2}}}, {{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}}]}, 0xb0}, 0x1, 0x0, 0x0, 0x40010}, 0x24040810)

0s ago: executing program 2 (id=3893):
madvise(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x14)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
close(0xffffffffffffffff)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_REFINE(0xffffffffffffffff, 0xc2604110, &(0x7f0000000040)={0x0, [[0x9ef8, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x7fffffff], [0x10000, 0x0, 0x6, 0x0, 0x8001, 0x2, 0xfffffffc], [0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]], '\x00', [{0x0, 0x1}, {0xfffffffd}, {0x0, 0x4}, {0x0, 0x0, 0x0, 0x1, 0x1}, {0x80000001, 0x0, 0x0, 0x1, 0x1}, {0x7fff, 0xfffffffa}, {}, {0x8000000, 0x8f96}], '\x00', 0x1000})
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, 0x0, 0x0)
r5 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x20000000000014, &(0x7f0000000140)={<r6=>0xffffffffffffffff}, 0x106, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r5, &(0x7f0000000180)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4e24, 0x40003, @dev={0xfe, 0x80, '\x00', 0x25}}, {0x2, 0x4e23, 0xe0000000, @remote, 0xffffffff}, r6, 0x9dffffff}}, 0x48)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, &(0x7f00000015c0)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x106, 0x6}}, 0x20)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
write(0xffffffffffffffff, &(0x7f00000000c0), 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x19)
madvise(&(0x7f0000ffa000/0x2000)=nil, 0x2000, 0xd)

kernel console output (not intermixed with test programs):

 0, protocol 800
[ 1363.205365][T18153] delete_channel: no stack
[ 1364.325494][T13671] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1364.336508][T13671] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1364.348015][T13671] bond0 (unregistering): Released all slaves
[ 1364.454836][T18176] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1364.527735][T18178] syz_tun: entered allmulticast mode
[ 1364.546287][T18178] syz_tun: left allmulticast mode
[ 1364.604382][T18186] openvswitch: netlink: Message has 4 unknown bytes.
[ 1364.912391][ T9954] Bluetooth: hci2: Opcode 0x0401 failed: -110
[ 1364.919775][ T5845] Bluetooth: hci2: command 0x0401 tx timeout
[ 1365.051247][ T2153] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[ 1365.352952][ T2153] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1365.386438][ T2153] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1365.413799][ T2153] usb 6-1: Product: syz
[ 1365.419183][ T2153] usb 6-1: Manufacturer: syz
[ 1365.423970][ T2153] usb 6-1: SerialNumber: syz
[ 1365.854778][T13666] 0: reclassify loop, rule prio 0, protocol 800
[ 1366.015158][T13671] hsr_slave_0: left promiscuous mode
[ 1366.034840][T13671] hsr_slave_1: left promiscuous mode
[ 1366.059857][T13671] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1366.082184][T13671] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1366.094953][T13671] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1366.108053][T13671] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1366.855731][T13671] veth1_macvtap: left promiscuous mode
[ 1366.883241][T13671] veth0_macvtap: left promiscuous mode
[ 1366.888991][T13671] veth1_vlan: left promiscuous mode
[ 1366.901501][T13671] veth0_vlan: left promiscuous mode
[ 1367.076732][ T2153] cdc_ncm 6-1:1.0: failed to get mac address
[ 1367.114259][ T2153] cdc_ncm 6-1:1.0: bind() failure
[ 1367.147422][ T2153] cdc_ncm 6-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1367.187294][ T2153] cdc_mbim 6-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1367.210814][ T2153] usbtest 6-1:1.1: probe with driver usbtest failed with error -71
[ 1367.231916][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1367.264602][ T2153] usb 6-1: USB disconnect, device number 11
[ 1367.347689][T13671] pimreg3 (unregistering): left allmulticast mode
[ 1367.637839][T18222] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3411'.
[ 1367.691184][   T30] kauditd_printk_skb: 3115 callbacks suppressed
[ 1367.691202][   T30] audit: type=1400 audit(1755725968.559:522582): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=26 comm="kdevtmpfs" name="/" dev="devtmpfs" ino=1
[ 1368.911315][   T30] audit: type=1400 audit(1755725968.559:522583): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=18216 comm="syz.0.3409" name="newroot" dev="tmpfs" ino=2
[ 1368.968317][   T30] audit: type=1400 audit(1755725968.559:522584): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=18216 comm="syz.0.3409" name="/" dev="proc" ino=1
[ 1369.005585][T16711] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1369.013229][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1369.019886][    C1] audit: audit_lost=351682 audit_rate_limit=0 audit_backlog_limit=64
[ 1369.028122][    C1] audit: backlog limit exceeded
[ 1369.033479][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1369.040061][    C1] audit: audit_lost=351683 audit_rate_limit=0 audit_backlog_limit=64
[ 1369.048161][    C1] audit: backlog limit exceeded
[ 1369.278970][T13666] 0: reclassify loop, rule prio 0, protocol 800
[ 1369.449245][ T9954] Bluetooth: hci2: command 0x0401 tx timeout
[ 1369.676524][    C1] vcan0: j1939_tp_rxtimer: 0xffff888076014400: rx timeout, send abort
[ 1369.687514][    C1] vcan0: j1939_tp_rxtimer: 0xffff888076014c00: rx timeout, send abort
[ 1369.696203][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888076014400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1369.712421][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888076014c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1370.729484][T13671] team0 (unregistering): Port device team_slave_1 removed
[ 1370.893439][T13671] team0 (unregistering): Port device team_slave_0 removed
[ 1372.266302][T18284] 0: reclassify loop, rule prio 0, protocol 800
[ 1373.216752][   T30] kauditd_printk_skb: 4562 callbacks suppressed
[ 1373.216772][   T30] audit: type=1400 audit(1755725973.731:525201): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=26 comm="kdevtmpfs" name="/" dev="devtmpfs" ino=1
[ 1373.252679][   T30] audit: type=1400 audit(1755725973.731:525202): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=26 comm="kdevtmpfs" name="infiniband" dev="devtmpfs" ino=1270
[ 1373.300647][   T30] audit: type=1400 audit(1755725973.731:525203): lsm=SMACK fn=smack_inode_setattr action=granted subject="_" object="_" requested=w pid=26 comm="kdevtmpfs" name="uverbs0" dev="devtmpfs" ino=2884
[ 1373.326144][   T30] audit: type=1400 audit(1755725973.731:525204): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=wx pid=26 comm="kdevtmpfs" name="infiniband" dev="devtmpfs" ino=1270
[ 1373.358762][   T30] audit: type=1400 audit(1755725973.731:525205): lsm=SMACK fn=smack_inode_unlink action=granted subject="_" object="_" requested=w pid=26 comm="kdevtmpfs" name="uverbs0" dev="devtmpfs" ino=2884
[ 1373.474418][   T30] audit: type=1400 audit(1755725973.731:525206): lsm=SMACK fn=smack_inode_unlink action=granted subject="_" object="_" requested=w pid=26 comm="kdevtmpfs" name="infiniband" dev="devtmpfs" ino=1270
[ 1373.482073][T17202] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1373.501856][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1373.508466][    C1] audit: audit_lost=352333 audit_rate_limit=0 audit_backlog_limit=64
[ 1373.516562][    C1] audit: backlog limit exceeded
[ 1373.541205][T18236] macsec1: entered allmulticast mode
[ 1373.546613][T18236] macvlan1: entered allmulticast mode
[ 1373.552079][T18236] veth1_vlan: entered allmulticast mode
[ 1373.565833][T18236] macvlan1: left allmulticast mode
[ 1373.571006][T18236] veth1_vlan: left allmulticast mode
[ 1374.808956][T18308] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3420'.
[ 1375.474980][T18277] 0: reclassify loop, rule prio 0, protocol 800
[ 1375.593506][T18313] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3423'.
[ 1375.618071][T18313] netlink: 43 bytes leftover after parsing attributes in process `syz.0.3423'.
[ 1376.205311][T13671] IPVS: stop unused estimator thread 0...
[ 1376.236972][ T5845] Bluetooth: hci5: unexpected event for opcode 0x0c03
[ 1376.251526][T18313] netlink: 'syz.0.3423': attribute type 5 has an invalid length.
[ 1376.350465][T18313] netlink: 43 bytes leftover after parsing attributes in process `syz.0.3423'.
[ 1376.380414][T18320] vcan0: tx drop: invalid sa for name 0x0000000000000003
[ 1376.471760][T18323] netlink: 132 bytes leftover after parsing attributes in process `syz.5.3425'.
[ 1380.026624][T14840] audit_log_start: 2529 callbacks suppressed
[ 1380.026642][T14840] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1380.039780][   T30] audit: type=1400 audit(1755725978.549:526702): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=18329 comm="iou-sqp-18337" saddr=10.128.0.169 src=30008 daddr=10.128.1.139 dest=48888 netif=eth0
[ 1380.063895][T18327] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1380.070408][T18327] audit: audit_lost=352679 audit_rate_limit=0 audit_backlog_limit=64
[ 1380.079466][T14840] audit: audit_lost=352680 audit_rate_limit=0 audit_backlog_limit=64
[ 1380.079491][T14840] audit: backlog limit exceeded
[ 1380.079509][T14840] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1380.079523][T14840] audit: audit_lost=352681 audit_rate_limit=0 audit_backlog_limit=64
[ 1380.079539][T14840] audit: backlog limit exceeded
[ 1380.079827][T14840] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1381.600571][T18267] 0: reclassify loop, rule prio 0, protocol 800
[ 1381.991796][T18350] overlayfs: failed to resolve './file0': -2
[ 1382.452743][T18273] 0: reclassify loop, rule prio 0, protocol 800
[ 1384.640813][T18369] sp0: Synchronizing with TNC
[ 1384.787323][ T5845] Bluetooth: hci1: unexpected event for opcode 0x0c03
[ 1385.377983][   T30] kauditd_printk_skb: 2175 callbacks suppressed
[ 1385.378044][   T30] audit: type=1400 audit(1755725985.106:528023): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=14840 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1385.407035][T18385] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1385.417473][T18385] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1385.427957][T14840] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1385.445531][T18385] bridge0: entered allmulticast mode
[ 1385.454294][T14840] audit: audit_lost=352967 audit_rate_limit=0 audit_backlog_limit=64
[ 1385.459263][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1385.468993][    C1] audit: audit_lost=352968 audit_rate_limit=0 audit_backlog_limit=64
[ 1385.477297][    C1] audit: backlog limit exceeded
[ 1385.482713][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1385.489265][    C1] audit: audit_lost=352969 audit_rate_limit=0 audit_backlog_limit=64
[ 1385.497462][T14840] audit: backlog limit exceeded
[ 1385.497471][    C1] audit: backlog limit exceeded
[ 1385.841518][T18373] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (200000 ns). Using initial count to start timer.
[ 1386.801677][T18404] overlayfs: failed to resolve './file0': -2
[ 1387.105509][T18374] syz.5.3441: vmalloc error: size 566231040, failed to allocated page array size 1105920, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1387.168547][T18374] CPU: 1 UID: 0 PID: 18374 Comm: syz.5.3441 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1387.168576][T18374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1387.168591][T18374] Call Trace:
[ 1387.168600][T18374]  <TASK>
[ 1387.168610][T18374]  dump_stack_lvl+0x189/0x250
[ 1387.168640][T18374]  ? __pfx_rcu_read_unlock_special+0x10/0x10
[ 1387.168673][T18374]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1387.168696][T18374]  ? __pfx__printk+0x10/0x10
[ 1387.168723][T18374]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1387.168749][T18374]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1387.168782][T18374]  warn_alloc+0x214/0x310
[ 1387.168819][T18374]  ? __pfx_warn_alloc+0x10/0x10
[ 1387.168853][T18374]  ? __get_vm_area_node+0x28f/0x300
[ 1387.168876][T18374]  ? vb2_vmalloc_alloc+0xef/0x340
[ 1387.168910][T18374]  __vmalloc_node_range_noprof+0x67e/0x12f0
[ 1387.168966][T18374]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1387.168996][T18374]  ? __kasan_kmalloc+0x93/0xb0
[ 1387.169020][T18374]  vmalloc_user_noprof+0xad/0xf0
[ 1387.169042][T18374]  ? vb2_vmalloc_alloc+0xef/0x340
[ 1387.169073][T18374]  vb2_vmalloc_alloc+0xef/0x340
[ 1387.169102][T18374]  ? __pfx_vb2_vmalloc_alloc+0x10/0x10
[ 1387.169132][T18374]  __vb2_queue_alloc+0x9c2/0x15a0
[ 1387.169186][T18374]  vb2_core_reqbufs+0xc31/0x1420
[ 1387.169234][T18374]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[ 1387.169271][T18374]  ? __vb2_init_fileio+0x1e8/0xff0
[ 1387.169305][T18374]  __vb2_init_fileio+0x318/0xff0
[ 1387.169332][T18374]  ? __lock_acquire+0xab9/0xd20
[ 1387.169354][T18374]  ? __pfx___mutex_lock+0x10/0x10
[ 1387.169391][T18374]  vb2_core_poll+0x4c1/0x840
[ 1387.169425][T18374]  vb2_fop_poll+0x168/0x380
[ 1387.169455][T18374]  ? __fget_files+0x2a/0x420
[ 1387.169478][T18374]  ? __pfx_vb2_fop_poll+0x10/0x10
[ 1387.169506][T18374]  v4l2_poll+0x147/0x2c0
[ 1387.169539][T18374]  ? __pfx_v4l2_poll+0x10/0x10
[ 1387.169566][T18374]  do_sys_poll+0x8c6/0x1070
[ 1387.169594][T18374]  ? do_sys_poll+0x361/0x1070
[ 1387.169624][T18374]  ? __pfx_do_sys_poll+0x10/0x10
[ 1387.169650][T18374]  ? futex_unqueue+0x22/0x240
[ 1387.169684][T18374]  ? __pfx_pollwake+0x10/0x10
[ 1387.169708][T18374]  ? __pfx_pollwake+0x10/0x10
[ 1387.169733][T18374]  ? __pfx_pollwake+0x10/0x10
[ 1387.169758][T18374]  ? __pfx_pollwake+0x10/0x10
[ 1387.169782][T18374]  ? __pfx_pollwake+0x10/0x10
[ 1387.169814][T18374]  ? __pfx_pollwake+0x10/0x10
[ 1387.169839][T18374]  ? __pfx_pollwake+0x10/0x10
[ 1387.169863][T18374]  ? __pfx_pollwake+0x10/0x10
[ 1387.169888][T18374]  ? __pfx_pollwake+0x10/0x10
[ 1387.169910][T18374]  ? futex_wait+0x285/0x360
[ 1387.169942][T18374]  ? __pfx_futex_wait+0x10/0x10
[ 1387.170002][T18374]  ? __pfx_do_futex+0x10/0x10
[ 1387.170021][T18374]  ? set_user_sigmask+0xc7/0x1b0
[ 1387.170041][T18374]  ? __pfx_set_user_sigmask+0x10/0x10
[ 1387.170070][T18374]  __se_sys_ppoll+0x1ff/0x260
[ 1387.170093][T18374]  ? __pfx___se_sys_ppoll+0x10/0x10
[ 1387.170115][T18374]  ? rcu_is_watching+0x15/0xb0
[ 1387.170142][T18374]  ? do_syscall_64+0xbe/0x3b0
[ 1387.170164][T18374]  ? __x64_sys_ppoll+0x20/0xc0
[ 1387.170188][T18374]  do_syscall_64+0xfa/0x3b0
[ 1387.170209][T18374]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1387.170229][T18374]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1387.170248][T18374]  ? clear_bhb_loop+0x60/0xb0
[ 1387.170270][T18374]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1387.170289][T18374] RIP: 0033:0x7f4dce38ebe9
[ 1387.170307][T18374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1387.170326][T18374] RSP: 002b:00007f4dcf192038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[ 1387.170348][T18374] RAX: ffffffffffffffda RBX: 00007f4dce5b5fa0 RCX: 00007f4dce38ebe9
[ 1387.170364][T18374] RDX: 0000000000000000 RSI: 20000000000000dc RDI: 00002000000000c0
[ 1387.170398][T18374] RBP: 00007f4dce411e19 R08: 0000000000000000 R09: 0000000000000000
[ 1387.170411][T18374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1387.170424][T18374] R13: 00007f4dce5b6038 R14: 00007f4dce5b5fa0 R15: 00007fffac38c8f8
[ 1387.170457][T18374]  </TASK>
[ 1389.141606][T18374] Mem-Info:
[ 1389.148465][T18374] active_anon:3875 inactive_anon:7362 isolated_anon:0
[ 1389.148465][T18374]  active_file:21009 inactive_file:38423 isolated_file:0
[ 1389.148465][T18374]  unevictable:768 dirty:182 writeback:0
[ 1389.148465][T18374]  slab_reclaimable:6380 slab_unreclaimable:112380
[ 1389.148465][T18374]  mapped:35981 shmem:8834 pagetables:1133
[ 1389.148465][T18374]  sec_pagetables:0 bounce:0
[ 1389.148465][T18374]  kernel_misc_reclaimable:0
[ 1389.148465][T18374]  free:1270376 free_pcp:17336 free_cma:0
[ 1389.213334][T18273] 0: reclassify loop, rule prio 0, protocol 800
[ 1389.220848][T18273] 0: reclassify loop, rule prio 0, protocol 800
[ 1389.253427][T18374] Node 0 active_anon:19248kB inactive_anon:28080kB active_file:83784kB inactive_file:153692kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:142324kB dirty:728kB writeback:0kB shmem:36128kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12696kB pagetables:4292kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1389.328478][T18374] Node 1 active_anon:0kB inactive_anon:0kB active_file:252kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:44kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:164kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1389.366852][T18411] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3450'.
[ 1389.380281][T18374] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1389.423060][T18374] lowmem_reserve[]: 0 2500 2502 2502 2502
[ 1389.430071][T18374] Node 0 DMA32 free:1164100kB boost:0kB min:34264kB low:42828kB high:51392kB reserved_highatomic:0KB free_highatomic:0KB active_anon:18144kB inactive_anon:20808kB active_file:82020kB inactive_file:153632kB unevictable:1536kB writepending:740kB present:3129332kB managed:2560996kB mlocked:0kB bounce:0kB free_pcp:56196kB local_pcp:25636kB free_cma:0kB
[ 1389.468611][T18374] lowmem_reserve[]: 0 0 1 1 1
[ 1389.473406][T18374] Node 0 Normal free:20kB boost:0kB min:24kB low:28kB high:32kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4kB inactive_anon:48kB active_file:1764kB inactive_file:60kB unevictable:0kB writepending:0kB present:1048580kB managed:1904kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[ 1389.509361][T18374] lowmem_reserve[]: 0 0 0 0 0
[ 1389.514250][T18374] Node 1 Normal free:3907360kB boost:0kB min:55612kB low:69512kB high:83412kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:252kB inactive_file:0kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:13792kB local_pcp:10240kB free_cma:0kB
[ 1389.564998][T18374] lowmem_reserve[]: 0 0 0 0 0
[ 1389.576528][T18374] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[ 1389.592805][T18374] Node 0 DMA32: 728*4kB (UME) 103*8kB (UME) 115*16kB (ME) 247*32kB (UME) 231*64kB (ME) 64*128kB (UME) 60*256kB (ME) 45*512kB (UME) 39*1024kB (UME) 8*2048kB (UME) 252*4096kB (UM) = 1163368kB
[ 1389.643944][T18374] Node 0 Normal: 1*4kB (M) 0*8kB 1*16kB (M) 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20kB
[ 1389.726286][T18374] Node 1 Normal: 208*4kB (UME) 48*8kB (UME) 50*16kB (UE) 188*32kB (UE) 55*64kB (UME) 12*128kB (UME) 4*256kB (ME) 4*512kB (ME) 4*1024kB (UME) 0*2048kB 949*4096kB (M) = 3907360kB
[ 1389.760388][T18374] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1389.784126][T18374] Node 0 hugepages_total=3 hugepages_free=3 hugepages_surp=0 hugepages_size=2048kB
[ 1389.808296][T18374] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1389.852244][T18374] Node 1 hugepages_total=1 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[ 1389.872480][T18374] 67186 total pagecache pages
[ 1389.881075][T18374] 24 pages in swap cache
[ 1389.885368][T18374] Free swap  = 124996kB
[ 1389.894081][T18374] Total swap = 124996kB
[ 1389.898588][T18374] 2097051 pages RAM
[ 1389.902506][T18374] 0 pages HighMem/MovableOnly
[ 1389.982148][T18374] 424695 pages reserved
[ 1389.986371][T18374] 0 pages cma reserved
[ 1391.008380][T18425] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3454'.
[ 1391.150954][   T30] kauditd_printk_skb: 1712 callbacks suppressed
[ 1391.150991][   T30] audit: type=1400 audit(1755725990.260:529301): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=w pid=18418 comm="syz-executor" name="oom_score_adj" dev="proc" ino=59182
[ 1391.515869][T17202] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1391.531492][T17202] audit: audit_lost=353115 audit_rate_limit=0 audit_backlog_limit=64
[ 1391.539956][T18424] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1391.548794][T18424] audit: audit_lost=353116 audit_rate_limit=0 audit_backlog_limit=64
[ 1391.556646][T17202] audit: backlog limit exceeded
[ 1391.564263][   T30] audit: type=1400 audit(1755725990.260:529302): lsm=SMACK fn=smack_file_open action=granted subject="_" object="_" requested=r pid=18418 comm="syz-executor" path="/proc/667/oom_score_adj" dev="proc" ino=59182
[ 1391.575176][T18424] audit: backlog limit exceeded
[ 1391.588944][T17202] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1391.665882][T16859] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1392.599565][T18437] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3457'.
[ 1392.608787][T18437] netlink: 43 bytes leftover after parsing attributes in process `syz.1.3457'.
[ 1392.618125][T18437] netlink: 'syz.1.3457': attribute type 5 has an invalid length.
[ 1392.626415][T18437] netlink: 43 bytes leftover after parsing attributes in process `syz.1.3457'.
[ 1393.919978][T18446] overlayfs: failed to resolve './file0': -2
[ 1395.487698][T18277] 0: reclassify loop, rule prio 0, protocol 800
[ 1395.494051][T18269] 0: reclassify loop, rule prio 0, protocol 800
[ 1395.498839][T18457] ip6t_srh: unknown srh invflags 4000
[ 1396.701472][T18465] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3466'.
[ 1396.749229][   T30] kauditd_printk_skb: 45410 callbacks suppressed
[ 1396.749250][   T30] audit: type=1400 audit(1755725995.414:530930): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=18462 comm="syz.6.3466" saddr=10.128.0.169 src=30008 daddr=10.128.1.139 dest=48888 netif=eth0
[ 1396.907255][T16859] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1396.914656][T17202] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1396.922299][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1396.924024][T16711] audit: audit_backlog=66 > audit_backlog_limit=64
[ 1396.929063][    C1] audit: audit_lost=367712 audit_rate_limit=0 audit_backlog_limit=64
[ 1396.943868][    C1] audit: backlog limit exceeded
[ 1396.950339][    C1] audit: audit_backlog=66 > audit_backlog_limit=64
[ 1396.951966][T17202] audit: audit_lost=367713 audit_rate_limit=0 audit_backlog_limit=64
[ 1396.956913][    C1] audit: audit_lost=367714 audit_rate_limit=0 audit_backlog_limit=64
[ 1398.393107][T18495] netlink: 'syz.6.3474': attribute type 21 has an invalid length.
[ 1398.401378][T18495] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1398.547086][T18500] netlink: 'syz.0.3475': attribute type 1 has an invalid length.
[ 1398.630451][T15605] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[ 1399.024387][T15605] usb 2-1: Using ep0 maxpacket: 16
[ 1399.049821][T15605] usb 2-1: New USB device found, idVendor=09e8, idProduct=0062, bcdDevice=80.f2
[ 1399.068326][T15605] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1399.096823][T15605] usb 2-1: Product: syz
[ 1399.117060][T15605] usb 2-1: Manufacturer: syz
[ 1399.152183][T15605] usb 2-1: SerialNumber: syz
[ 1399.220994][T15605] usb 2-1: config 0 descriptor??
[ 1399.340576][T15605] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[ 1399.380064][T18282] 0: reclassify loop, rule prio 0, protocol 800
[ 1399.514930][T15605] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -2
[ 1399.732770][T15605] usb 2-1: USB disconnect, device number 47
[ 1400.417688][T18520] FAULT_INJECTION: forcing a failure.
[ 1400.417688][T18520] name failslab, interval 1, probability 0, space 0, times 0
[ 1400.469790][T18520] CPU: 1 UID: 0 PID: 18520 Comm: syz.1.3481 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1400.469819][T18520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1400.469830][T18520] Call Trace:
[ 1400.469838][T18520]  <TASK>
[ 1400.469844][T18520]  dump_stack_lvl+0x189/0x250
[ 1400.469862][T18520]  ? __pfx____ratelimit+0x10/0x10
[ 1400.469874][T18520]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1400.469886][T18520]  ? __pfx__printk+0x10/0x10
[ 1400.469900][T18520]  ? kasan_save_track+0x4f/0x80
[ 1400.469915][T18520]  ? kasan_save_free_info+0x46/0x50
[ 1400.469928][T18520]  ? __kasan_slab_free+0x62/0x70
[ 1400.469936][T18520]  ? kmem_cache_free+0x18f/0x400
[ 1400.469947][T18520]  ? pfkey_sendmsg+0x48a/0x1090
[ 1400.469963][T18520]  ? __sock_sendmsg+0x21c/0x270
[ 1400.469974][T18520]  ? ____sys_sendmsg+0x505/0x830
[ 1400.469988][T18520]  ? ___sys_sendmsg+0x21f/0x2a0
[ 1400.470003][T18520]  ? __x64_sys_sendmsg+0x19b/0x260
[ 1400.470020][T18520]  should_fail_ex+0x414/0x560
[ 1400.470034][T18520]  should_failslab+0xa8/0x100
[ 1400.470047][T18520]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1400.470057][T18520]  ? xfrm_state_alloc+0x24/0x2f0
[ 1400.470071][T18520]  xfrm_state_alloc+0x24/0x2f0
[ 1400.470083][T18520]  pfkey_add+0x6e4/0x2e00
[ 1400.470107][T18520]  ? __pfx_pfkey_add+0x10/0x10
[ 1400.470118][T18520]  ? kmem_cache_free+0x18f/0x400
[ 1400.470136][T18520]  pfkey_sendmsg+0xbfb/0x1090
[ 1400.470158][T18520]  ? __pfx_pfkey_sendmsg+0x10/0x10
[ 1400.470187][T18520]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1400.470198][T18520]  ? __pfx_pfkey_sendmsg+0x10/0x10
[ 1400.470211][T18520]  __sock_sendmsg+0x21c/0x270
[ 1400.470226][T18520]  ____sys_sendmsg+0x505/0x830
[ 1400.470245][T18520]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1400.470266][T18520]  ? import_iovec+0x74/0xa0
[ 1400.470283][T18520]  ___sys_sendmsg+0x21f/0x2a0
[ 1400.470300][T18520]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1400.470337][T18520]  ? __fget_files+0x2a/0x420
[ 1400.470348][T18520]  ? __fget_files+0x3a0/0x420
[ 1400.470365][T18520]  __x64_sys_sendmsg+0x19b/0x260
[ 1400.470382][T18520]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1400.470404][T18520]  ? __pfx_ksys_write+0x10/0x10
[ 1400.470412][T18520]  ? rcu_is_watching+0x15/0xb0
[ 1400.470427][T18520]  ? do_syscall_64+0xbe/0x3b0
[ 1400.470446][T18520]  do_syscall_64+0xfa/0x3b0
[ 1400.470457][T18520]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1400.470469][T18520]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1400.470479][T18520]  ? clear_bhb_loop+0x60/0xb0
[ 1400.470492][T18520]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1400.470502][T18520] RIP: 0033:0x7f089698ebe9
[ 1400.470513][T18520] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1400.470522][T18520] RSP: 002b:00007f08977b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1400.470535][T18520] RAX: ffffffffffffffda RBX: 00007f0896bb5fa0 RCX: 00007f089698ebe9
[ 1400.470543][T18520] RDX: 0000000000000040 RSI: 0000200000000040 RDI: 0000000000000003
[ 1400.470549][T18520] RBP: 00007f08977b7090 R08: 0000000000000000 R09: 0000000000000000
[ 1400.470556][T18520] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1400.470562][T18520] R13: 00007f0896bb6038 R14: 00007f0896bb5fa0 R15: 00007fffec9736f8
[ 1400.470579][T18520]  </TASK>
[ 1401.445529][T18273] 0: reclassify loop, rule prio 0, protocol 800
[ 1401.452958][T13650] 0: reclassify loop, rule prio 0, protocol 800
[ 1401.461358][T13650] 0: reclassify loop, rule prio 0, protocol 800
[ 1401.592013][T18527] netlink: 44 bytes leftover after parsing attributes in process `syz.6.3484'.
[ 1401.601020][T18527] netlink: 43 bytes leftover after parsing attributes in process `syz.6.3484'.
[ 1401.610063][T18527] netlink: 'syz.6.3484': attribute type 5 has an invalid length.
[ 1401.617993][T18527] netlink: 43 bytes leftover after parsing attributes in process `syz.6.3484'.
[ 1402.130049][   T30] kauditd_printk_skb: 2732 callbacks suppressed
[ 1402.130062][   T30] audit: type=1400 audit(1755726000.783:533252): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5583 comm="crond" name="/" dev="sda1" ino=2
[ 1402.242881][   T30] audit: type=1400 audit(1755726000.783:533253): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5583 comm="crond" name="etc" dev="sda1" ino=116
[ 1402.306065][T18538] netlink: 4 bytes leftover after parsing attributes in process `syz.6.3487'.
[ 1402.326974][T18536] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1402.337130][   T30] audit: type=1400 audit(1755726000.783:533254): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=5583 comm="crond" name="cron" dev="sda1" ino=120
[ 1402.355892][T16711] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1402.379107][T18539] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1402.387029][T18536] audit: audit_lost=367852 audit_rate_limit=0 audit_backlog_limit=64
[ 1402.397881][T18539] audit: audit_lost=367853 audit_rate_limit=0 audit_backlog_limit=64
[ 1402.398304][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1402.406046][T16711] audit: audit_lost=367854 audit_rate_limit=0 audit_backlog_limit=64
[ 1402.652351][T18542] loop2: detected capacity change from 0 to 7
[ 1402.704802][T18542] Dev loop2: unable to read RDB block 7
[ 1402.715546][T18542]  loop2: unable to read partition table
[ 1402.736061][T18542] loop2: partition table beyond EOD, truncated
[ 1402.779490][T18542] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1404.240899][T18562]  nullb0: AHDI p1
[ 1404.767977][T18282] 0: reclassify loop, rule prio 0, protocol 800
[ 1406.920605][T18273] 0: reclassify loop, rule prio 0, protocol 800
[ 1406.932025][T18279] 0: reclassify loop, rule prio 0, protocol 800
[ 1407.569081][   T30] kauditd_printk_skb: 1848 callbacks suppressed
[ 1407.569108][   T30] audit: type=1400 audit(1755726005.862:534870): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=17202 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1407.596862][T18269] 0: reclassify loop, rule prio 0, protocol 800
[ 1407.781803][T17202] audit: audit_backlog=66 > audit_backlog_limit=64
[ 1407.788451][T16711] audit: audit_backlog=66 > audit_backlog_limit=64
[ 1407.795113][T16711] audit: audit_lost=367932 audit_rate_limit=0 audit_backlog_limit=64
[ 1407.803361][T16711] audit: backlog limit exceeded
[ 1407.808449][T18588] audit: audit_backlog=66 > audit_backlog_limit=64
[ 1407.815091][T18588] audit: audit_lost=367933 audit_rate_limit=0 audit_backlog_limit=64
[ 1407.823273][T18588] audit: backlog limit exceeded
[ 1407.828202][T18588] audit: audit_backlog=66 > audit_backlog_limit=64
[ 1407.834739][T18588] audit: audit_lost=367934 audit_rate_limit=0 audit_backlog_limit=64
[ 1407.844981][T18588] overlayfs: failed to resolve './file1': -2
[ 1408.842932][ T5896] kernel write not supported for file /binder/transactions (pid: 5896 comm: kworker/0:3)
[ 1410.711555][T18277] 0: reclassify loop, rule prio 0, protocol 800
[ 1411.267041][T17145] usb 2-1: new full-speed USB device number 48 using dummy_hcd
[ 1411.480647][T17145] usb 2-1: config 0 has no interfaces?
[ 1411.486212][T17145] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1411.521272][T17145] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1411.527673][T18622] FAULT_INJECTION: forcing a failure.
[ 1411.527673][T18622] name failslab, interval 1, probability 0, space 0, times 0
[ 1411.542423][T18622] CPU: 0 UID: 0 PID: 18622 Comm: syz.2.3511 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1411.542439][T18622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1411.542445][T18622] Call Trace:
[ 1411.542451][T18622]  <TASK>
[ 1411.542456][T18622]  dump_stack_lvl+0x189/0x250
[ 1411.542473][T18622]  ? __pfx____ratelimit+0x10/0x10
[ 1411.542493][T18622]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1411.542505][T18622]  ? __pfx__printk+0x10/0x10
[ 1411.542520][T18622]  ? __pfx___might_resched+0x10/0x10
[ 1411.542532][T18622]  ? fs_reclaim_acquire+0x7d/0x100
[ 1411.542548][T18622]  should_fail_ex+0x414/0x560
[ 1411.542562][T18622]  should_failslab+0xa8/0x100
[ 1411.542575][T18622]  __kmalloc_noprof+0xcb/0x4f0
[ 1411.542585][T18622]  ? tomoyo_encode+0x28b/0x550
[ 1411.542601][T18622]  tomoyo_encode+0x28b/0x550
[ 1411.542617][T18622]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 1411.542637][T18622]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1411.542648][T18622]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1411.542661][T18622]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1411.542681][T18622]  ? __lock_acquire+0xab9/0xd20
[ 1411.542703][T18622]  ? __fget_files+0x2a/0x420
[ 1411.542717][T18622]  ? __fget_files+0x2a/0x420
[ 1411.542729][T18622]  ? __fget_files+0x3a0/0x420
[ 1411.542743][T18622]  ? __fget_files+0x2a/0x420
[ 1411.542767][T18622]  security_file_ioctl+0xcb/0x2d0
[ 1411.542791][T18622]  __se_sys_ioctl+0x47/0x170
[ 1411.542819][T18622]  do_syscall_64+0xfa/0x3b0
[ 1411.542839][T18622]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1411.542859][T18622]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1411.542878][T18622]  ? clear_bhb_loop+0x60/0xb0
[ 1411.542903][T18622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1411.542924][T18622] RIP: 0033:0x7f6308f8ebe9
[ 1411.542942][T18622] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1411.542957][T18622] RSP: 002b:00007f6309ed8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1411.542977][T18622] RAX: ffffffffffffffda RBX: 00007f63091b5fa0 RCX: 00007f6308f8ebe9
[ 1411.542990][T18622] RDX: 0000200000000080 RSI: 00000000c0045543 RDI: 0000000000000003
[ 1411.543002][T18622] RBP: 00007f6309ed8090 R08: 0000000000000000 R09: 0000000000000000
[ 1411.543014][T18622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1411.543025][T18622] R13: 00007f63091b6038 R14: 00007f63091b5fa0 R15: 00007fffe304e878
[ 1411.543058][T18622]  </TASK>
[ 1411.543116][T18622] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1411.573290][T17145] usb 2-1: config 0 descriptor??
[ 1412.937634][T18637] (unnamed net_device) (uninitialized): Removing last arp target with arp_interval on
[ 1413.438564][   T30] kauditd_printk_skb: 2721 callbacks suppressed
[ 1413.438583][   T30] audit: type=1400 audit(1755726010.792:536458): lsm=SMACK fn=smack_task_setscheduler action=granted subject="_" object="_" requested=w pid=18632 comm="syz.5.3514" opid=18632 ocomm="syz.5.3514"
[ 1413.442961][T18282] 0: reclassify loop, rule prio 0, protocol 800
[ 1413.465050][T18637] bond1: entered promiscuous mode
[ 1413.476389][T18637] bond1: entered allmulticast mode
[ 1413.481970][T18637] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1413.524319][   T30] audit: type=1400 audit(1755726010.848:536459): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=18632 comm="syz.5.3514" name="newroot" dev="tmpfs" ino=2
[ 1413.550301][   T30] audit: type=1400 audit(1755726010.848:536460): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=18632 comm="syz.5.3514" name="/" dev="devtmpfs" ino=1
[ 1413.571020][   T30] audit: type=1400 audit(1755726010.848:536461): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=rw pid=18632 comm="syz.5.3514" name="raw-gadget" dev="devtmpfs" ino=820
[ 1413.603774][   T30] audit: type=1400 audit(1755726010.858:536462): lsm=SMACK fn=smack_file_open action=granted subject="_" object="_" requested=r pid=18632 comm="syz.5.3514" path="/dev/raw-gadget" dev="devtmpfs" ino=820
[ 1413.625150][   T30] audit: type=1400 audit(1755726010.858:536463): lsm=SMACK fn=smack_file_ioctl action=granted subject="_" object="_" requested=w pid=18632 comm="syz.5.3514" path="/dev/raw-gadget" dev="devtmpfs" ino=820
[ 1413.646506][   T30] audit: type=1400 audit(1755726010.858:536464): lsm=SMACK fn=smack_file_ioctl action=granted subject="_" object="_" requested=r pid=18632 comm="syz.5.3514" path="/dev/raw-gadget" dev="devtmpfs" ino=820
[ 1413.672384][ T2153] usb 6-1: new full-speed USB device number 12 using dummy_hcd
[ 1413.677994][   T30] audit: type=1400 audit(1755726010.867:536465): lsm=SMACK fn=smack_file_ioctl action=granted subject="_" object="_" requested=r pid=18632 comm="syz.5.3514" path="/dev/raw-gadget" dev="devtmpfs" ino=820
[ 1414.003923][   T30] audit: type=1400 audit(1755726011.353:536466): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=17046 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1414.084494][T17046] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1414.093343][T18273] 0: reclassify loop, rule prio 0, protocol 800
[ 1414.099735][T18279] 0: reclassify loop, rule prio 0, protocol 800
[ 1414.213510][T15605] usb 2-1: USB disconnect, device number 48
[ 1414.344874][T18641] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3516'.
[ 1414.434430][T18644] comedi comedi3: comedi_config --init_data is deprecated
[ 1415.088043][T18648] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1415.105293][T18648] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1415.563555][T18656] FAULT_INJECTION: forcing a failure.
[ 1415.563555][T18656] name failslab, interval 1, probability 0, space 0, times 0
[ 1415.576470][T18656] CPU: 1 UID: 0 PID: 18656 Comm: syz.0.3518 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1415.576497][T18656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1415.576510][T18656] Call Trace:
[ 1415.576521][T18656]  <TASK>
[ 1415.576534][T18656]  dump_stack_lvl+0x189/0x250
[ 1415.576562][T18656]  ? __pfx____ratelimit+0x10/0x10
[ 1415.576584][T18656]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1415.576607][T18656]  ? __pfx__printk+0x10/0x10
[ 1415.576638][T18656]  ? __pfx___might_resched+0x10/0x10
[ 1415.576666][T18656]  should_fail_ex+0x414/0x560
[ 1415.576694][T18656]  should_failslab+0xa8/0x100
[ 1415.576718][T18656]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1415.576739][T18656]  ? __alloc_skb+0x112/0x2d0
[ 1415.576771][T18656]  __alloc_skb+0x112/0x2d0
[ 1415.576803][T18656]  netlink_sendmsg+0x5c6/0xb30
[ 1415.576842][T18656]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1415.576880][T18656]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1415.576909][T18656]  __sock_sendmsg+0x21c/0x270
[ 1415.576936][T18656]  ____sys_sendmsg+0x505/0x830
[ 1415.576972][T18656]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1415.577011][T18656]  ? import_iovec+0x74/0xa0
[ 1415.577042][T18656]  ___sys_sendmsg+0x21f/0x2a0
[ 1415.577075][T18656]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1415.577111][T18656]  ? rcu_read_unlock_special+0x3fe/0x4c0
[ 1415.577169][T18656]  ? __fget_files+0x2a/0x420
[ 1415.577190][T18656]  ? __fget_files+0x3a0/0x420
[ 1415.577223][T18656]  __x64_sys_sendmsg+0x19b/0x260
[ 1415.577251][T18656]  ? schedule+0x165/0x360
[ 1415.577272][T18656]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1415.577321][T18656]  ? do_syscall_64+0xbe/0x3b0
[ 1415.577348][T18656]  do_syscall_64+0xfa/0x3b0
[ 1415.577402][T18656]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1415.577421][T18656]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1415.577440][T18656]  ? clear_bhb_loop+0x60/0xb0
[ 1415.577465][T18656]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1415.577484][T18656] RIP: 0033:0x7fcb9958ebe9
[ 1415.577502][T18656] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1415.577521][T18656] RSP: 002b:00007fcb9a475038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1415.577542][T18656] RAX: ffffffffffffffda RBX: 00007fcb997b6180 RCX: 00007fcb9958ebe9
[ 1415.577557][T18656] RDX: 0000000000040004 RSI: 0000200000000080 RDI: 0000000000000007
[ 1415.577571][T18656] RBP: 00007fcb9a475090 R08: 0000000000000000 R09: 0000000000000000
[ 1415.577584][T18656] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1415.577596][T18656] R13: 00007fcb997b6218 R14: 00007fcb997b6180 R15: 00007fff698e2b48
[ 1415.577629][T18656]  </TASK>
[ 1415.807310][ T5896] usb 3-1: new high-speed USB device number 90 using dummy_hcd
[ 1415.991834][T18648] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1416.065301][T18648] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1416.680982][T18273] 0: reclassify loop, rule prio 0, protocol 800
[ 1417.328516][ T5845] Bluetooth: hci1: unexpected event for opcode 0x0c03
[ 1418.724363][T18685] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3529'.
[ 1418.803676][   T30] kauditd_printk_skb: 2068 callbacks suppressed
[ 1418.803706][   T30] audit: type=1400 audit(1755726016.339:538416): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=18684 comm="syz.0.3529" name="57" dev="tmpfs" ino=324
[ 1418.880667][T17202] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1418.888140][T18688] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1418.896658][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1418.903249][    C1] audit: audit_lost=368353 audit_rate_limit=0 audit_backlog_limit=64
[ 1418.909015][T17202] audit: audit_lost=368354 audit_rate_limit=0 audit_backlog_limit=64
[ 1418.911540][    C1] audit: backlog limit exceeded
[ 1418.912862][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1418.931259][    C1] audit: audit_lost=368355 audit_rate_limit=0 audit_backlog_limit=64
[ 1418.936002][   T30] audit: type=1400 audit(1755726016.339:538417): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=18684 comm="syz.0.3529" name="57" dev="tmpfs" ino=324
[ 1419.221053][T18279] 0: reclassify loop, rule prio 0, protocol 800
[ 1419.933681][T18273] 0: reclassify loop, rule prio 0, protocol 800
[ 1419.940777][T13650] 0: reclassify loop, rule prio 0, protocol 800
[ 1422.652703][T13650] 0: reclassify loop, rule prio 0, protocol 800
[ 1424.163206][   T30] kauditd_printk_skb: 6294 callbacks suppressed
[ 1424.163225][   T30] audit: type=1400 audit(1755726021.390:539875): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=16711 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1424.167852][T16711] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1424.169569][   T30] audit: type=1400 audit(1755726021.390:539876): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=16711 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1424.215863][ T9954] Bluetooth: hci3: command 0x0406 tx timeout
[ 1424.224141][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1424.228926][T17202] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1424.230766][    C1] audit: audit_lost=369968 audit_rate_limit=0 audit_backlog_limit=64
[ 1424.245517][    C1] audit: backlog limit exceeded
[ 1424.251495][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1424.258117][    C1] audit: audit_lost=369969 audit_rate_limit=0 audit_backlog_limit=64
[ 1424.266347][    C1] audit: backlog limit exceeded
[ 1425.160515][T18740] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3542'.
[ 1425.397830][T13671] 0: reclassify loop, rule prio 0, protocol 800
[ 1425.901462][T18750] comedi comedi3: comedi_config --init_data is deprecated
[ 1426.077634][T18282] 0: reclassify loop, rule prio 0, protocol 800
[ 1426.105816][T18269] 0: reclassify loop, rule prio 0, protocol 800
[ 1427.158749][T18760] loop2: detected capacity change from 0 to 7
[ 1427.179188][T18760] Dev loop2: unable to read RDB block 7
[ 1427.191007][T18760]  loop2: unable to read partition table
[ 1427.201067][T18760] loop2: partition table beyond EOD, truncated
[ 1427.217198][ T5925] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[ 1427.224939][T18760] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1427.711455][ T5925] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1427.721556][ T5925] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1427.732313][ T5925] usb 6-1: Product: syz
[ 1427.739790][ T5925] usb 6-1: Manufacturer: syz
[ 1427.750876][ T5925] usb 6-1: SerialNumber: syz
[ 1428.812838][T18269] 0: reclassify loop, rule prio 0, protocol 800
[ 1429.519065][   T30] kauditd_printk_skb: 37570 callbacks suppressed
[ 1429.519083][   T30] audit: type=1400 audit(1755726026.404:541530): lsm=SMACK fn=smack_task_setpgid action=granted subject="_" object="_" requested=w pid=18780 comm="syz-executor" opid=18780 ocomm="syz-executor"
[ 1429.588021][   T30] audit: type=1400 audit(1755726026.404:541531): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=18780 comm="syz-executor" name="212" dev="tmpfs" ino=1212
[ 1429.775036][T18773] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1429.793807][T17046] audit: audit_backlog=66 > audit_backlog_limit=64
[ 1429.800382][T17046] audit: audit_lost=381943 audit_rate_limit=0 audit_backlog_limit=64
[ 1429.813083][T18773] audit: audit_lost=381944 audit_rate_limit=0 audit_backlog_limit=64
[ 1429.824728][T18773] audit: backlog limit exceeded
[ 1429.835213][   T30] audit: type=1400 audit(1755726026.404:541532): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=18780 comm="syz-executor" name="212" dev="tmpfs" ino=1212
[ 1429.877489][T18784] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1429.877763][ T5925] cdc_ncm 6-1:1.0: failed to get mac address
[ 1429.885379][   T30] audit: type=1400 audit(1755726026.404:541533): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=wx pid=18780 comm="syz-executor" name="212" dev="tmpfs" ino=1212
[ 1429.892308][ T5845] Bluetooth: hci3: unexpected event for opcode 0x2003
[ 1429.929251][ T5925] cdc_ncm 6-1:1.0: bind() failure
[ 1429.954298][ T5925] cdc_ncm 6-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1429.963357][ T5925] cdc_mbim 6-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1429.978507][ T5925] usbtest 6-1:1.1: probe with driver usbtest failed with error -71
[ 1429.991681][ T5925] usb 6-1: USB disconnect, device number 13
[ 1430.261579][T18788] loop2: detected capacity change from 0 to 7
[ 1430.391024][T18788] Dev loop2: unable to read RDB block 7
[ 1430.428411][T18788]  loop2: AHDI p1 p2 p3
[ 1431.020609][T18788] loop2: partition table partially beyond EOD, truncated
[ 1431.036780][T18279] 0: reclassify loop, rule prio 0, protocol 800
[ 1431.049450][T18788] loop2: p1 start 1601398130 is beyond EOD, truncated
[ 1431.065772][T18788] loop2: p2 start 1702059890 is beyond EOD, truncated
[ 1431.430161][T17145] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[ 1431.652480][T17145] usb 6-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1431.672620][T17145] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1431.716782][T17145] usb 6-1: config 0 descriptor??
[ 1432.221437][T18277] 0: reclassify loop, rule prio 0, protocol 800
[ 1432.228514][T13671] 0: reclassify loop, rule prio 0, protocol 800
[ 1432.298115][T18808] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3563'.
[ 1432.911717][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1432.936617][T17145] usb 6-1: Cannot set autoneg
[ 1432.943049][T17145] MOSCHIP usb-ethernet driver 6-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -32
[ 1434.076530][T18829] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3568'.
[ 1434.454686][ T2153] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[ 1434.900569][   T30] kauditd_printk_skb: 2165 callbacks suppressed
[ 1434.900609][   T30] audit: type=1400 audit(1755726031.418:543438): lsm=SMACK fn=smack_task_setscheduler action=granted subject="_" object="_" requested=w pid=18834 comm="syz.2.3570" opid=18834 ocomm="syz.2.3570"
[ 1435.397617][ T5896] usb 6-1: USB disconnect, device number 14
[ 1435.437625][T16711] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1435.438639][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1435.450506][T16711] audit: audit_lost=382032 audit_rate_limit=0 audit_backlog_limit=64
[ 1435.450747][    C1] audit: audit_lost=382033 audit_rate_limit=0 audit_backlog_limit=64
[ 1435.458832][T16711] audit: backlog limit exceeded
[ 1435.466927][    C1] audit: backlog limit exceeded
[ 1435.467156][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1435.467178][    C1] audit: audit_lost=382034 audit_rate_limit=0 audit_backlog_limit=64
[ 1435.467193][    C1] audit: backlog limit exceeded
[ 1435.660088][ T2153] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1435.683476][ T2153] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1435.760524][ T2153] usb 2-1: Product: syz
[ 1435.897752][ T2153] usb 2-1: Manufacturer: syz
[ 1435.903366][ T2153] usb 2-1: SerialNumber: syz
[ 1437.010692][T18269] 0: reclassify loop, rule prio 0, protocol 800
[ 1437.751336][ T2153] cdc_ncm 2-1:1.0: failed to get mac address
[ 1437.757859][ T2153] cdc_ncm 2-1:1.0: bind() failure
[ 1437.766004][ T2153] cdc_ncm 2-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1437.775376][ T2153] cdc_mbim 2-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1437.803542][ T2153] usbtest 2-1:1.1: probe with driver usbtest failed with error -71
[ 1437.834415][ T2153] usb 2-1: USB disconnect, device number 49
[ 1437.966903][T18857] overlayfs: failed to resolve './file0': -2
[ 1438.017311][T18858] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3575'.
[ 1438.389204][T18279] 0: reclassify loop, rule prio 0, protocol 800
[ 1440.254275][   T30] kauditd_printk_skb: 41428 callbacks suppressed
[ 1440.254321][   T30] audit: type=1400 audit(1755726036.441:545723): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=0 comm="swapper/1" saddr=10.128.0.169 src=30008 daddr=10.128.1.139 dest=48888 netif=eth0
[ 1440.282935][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1440.429121][T18876] batadv_slave_1: entered promiscuous mode
[ 1440.438500][T18876] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3582'.
[ 1440.452368][   T30] audit: type=1400 audit(1755726036.469:545724): lsm=SMACK fn=smack_file_open action=granted subject="_" object="_" requested=r pid=18879 comm="syz-executor" path="/proc/258/oom_score_adj" dev="proc" ino=61234
[ 1440.473252][   T30] audit: type=1400 audit(1755726036.478:545725): lsm=SMACK fn=smack_task_getpgid action=granted subject="_" object="_" requested=r pid=18870 comm="syz.1.3579" opid=18877 ocomm="syz.1.3579"
[ 1440.523168][T18874] batadv_slave_1: left promiscuous mode
[ 1440.531855][T14840] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1440.557381][T14840] audit: audit_lost=395083 audit_rate_limit=0 audit_backlog_limit=64
[ 1440.582472][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1440.589066][    C1] audit: audit_lost=395084 audit_rate_limit=0 audit_backlog_limit=64
[ 1440.597274][    C1] audit: backlog limit exceeded
[ 1440.602758][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1440.609289][    C1] audit: audit_lost=395085 audit_rate_limit=0 audit_backlog_limit=64
[ 1441.147492][T17145] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[ 1441.480499][T17145] usb 2-1: Using ep0 maxpacket: 16
[ 1442.102883][T17145] usb 2-1: New USB device found, idVendor=09e8, idProduct=0062, bcdDevice=80.f2
[ 1442.124703][T17145] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1442.216502][T17145] usb 2-1: Product: syz
[ 1442.220961][T17145] usb 2-1: Manufacturer: syz
[ 1442.225646][T17145] usb 2-1: SerialNumber: syz
[ 1442.238423][T17145] usb 2-1: config 0 descriptor??
[ 1442.248482][T17145] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[ 1442.277952][T17145] snd-usb-audio 2-1:0.0: probe with driver snd-usb-audio failed with error -2
[ 1442.613625][T15951] usb 2-1: USB disconnect, device number 50
[ 1443.425838][T18917] 0: reclassify loop, rule prio 0, protocol 800
[ 1443.626904][T18924] tipc: Enabled bearer <eth:batadv0>, priority 10
[ 1443.834147][ T5925] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[ 1444.035863][ T5845] Bluetooth: hci1: unexpected event for opcode 0x0c03
[ 1444.192352][ T5925] usb 2-1: New USB device found, idVendor=0d81, idProduct=1900, bcdDevice=eb.c6
[ 1444.536232][    C0] 0: reclassify loop, rule prio 0, protocol 800
[ 1444.615855][ T5925] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1444.619722][T13650] 0: reclassify loop, rule prio 0, protocol 800
[ 1444.639133][ T5925] usb 2-1: Product: syz
[ 1444.647988][ T5925] usb 2-1: Manufacturer: syz
[ 1444.658282][ T5925] usb 2-1: SerialNumber: syz
[ 1444.813962][T15951] tipc: Node number set to 24339
[ 1444.912498][T18922] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3595'.
[ 1444.936992][T18922] openvswitch: netlink: Flow key attr not present in new flow.
[ 1445.375120][T18950] netlink: 'syz.2.3607': attribute type 3 has an invalid length.
[ 1445.398064][T18950] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.3607'.
[ 1445.647811][    C0] 0: reclassify loop, rule prio 0, protocol 800
[ 1446.185451][   T30] kauditd_printk_skb: 2834 callbacks suppressed
[ 1446.185471][   T30] audit: type=1400 audit(1755726041.352:548393): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=18953 comm="syz-executor" name="104" dev="tmpfs" ino=597
[ 1446.216236][   T30] audit: type=1400 audit(1755726041.352:548394): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=18953 comm="syz-executor" name="104" dev="tmpfs" ino=597
[ 1446.304116][   T30] audit: type=1400 audit(1755726041.361:548395): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=wx pid=18953 comm="syz-executor" name="104" dev="tmpfs" ino=597
[ 1446.320253][T16711] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1446.334717][   T30] audit: type=1400 audit(1755726041.361:548396): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=18953 comm="syz-executor" saddr=10.128.0.169 src=30008 daddr=10.128.1.139 dest=48888 netif=eth0
[ 1446.336894][T18957] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1446.357618][   T30] audit: type=1400 audit(1755726041.361:548397): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=18953 comm="syz-executor" saddr=10.128.0.169 src=30008 daddr=10.128.1.139 dest=48888 netif=eth0
[ 1446.357667][   T30] audit: type=1400 audit(1755726041.361:548398): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=18953 comm="syz-executor" saddr=10.128.0.169 src=30008 daddr=10.128.1.139 dest=48888 netif=eth0
[ 1446.357716][   T30] audit: type=1400 audit(1755726041.361:548399): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=18953 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1446.357759][   T30] audit: type=1400 audit(1755726041.370:548400): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=18953 comm="syz-executor" name="/" dev="proc" ino=1
[ 1446.616460][T18957] comedi comedi3: comedi_config --init_data is deprecated
[ 1446.759720][    C0] 0: reclassify loop, rule prio 0, protocol 800
[ 1447.297488][T18273] 0: reclassify loop, rule prio 0, protocol 800
[ 1447.470339][ T5925] pwc: Visionite VCS-UC300 USB webcam detected.
[ 1447.480127][T18965] QAT: Device 244 not found
[ 1447.490288][ T5925] pwc: Failed to set LED on/off time (-71)
[ 1447.510797][ T5925] pwc: send_video_command error -71
[ 1447.518125][ T5925] pwc: Failed to set video mode VGA@30 fps; return code = -71
[ 1447.548072][ T5925] Philips webcam 2-1:5.0: probe with driver Philips webcam failed with error -71
[ 1447.571148][ T5925] usb 2-1: USB disconnect, device number 51
[ 1447.770854][T18971] Bluetooth: MGMT ver 1.23
[ 1447.946454][T17145] usb 3-1: new high-speed USB device number 91 using dummy_hcd
[ 1448.642068][T17145] usb 3-1: New USB device found, idVendor=2c42, idProduct=1709, bcdDevice=ca.b7
[ 1448.651179][T17145] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1448.660496][ T9954] Bluetooth: hci5: unexpected event for opcode 0x0c03
[ 1448.667598][T17145] usb 3-1: Product: syz
[ 1448.671881][T17145] usb 3-1: Manufacturer: syz
[ 1448.677184][T17145] usb 3-1: SerialNumber: syz
[ 1448.692656][T17145] usb 3-1: config 0 descriptor??
[ 1448.798230][T18975] team_slave_0: entered promiscuous mode
[ 1448.804888][T18975] team_slave_1: entered promiscuous mode
[ 1448.811036][T18975] vlan2: entered promiscuous mode
[ 1448.817247][T18975] team0: entered promiscuous mode
[ 1449.365812][T18282] 0: reclassify loop, rule prio 0, protocol 800
[ 1449.645688][T17145] usb 3-1: f81604_read: reg: 105 failed: -EPROTO
[ 1449.683892][T17145] f81604 3-1:0.0: Setting termination of CH#0 failed: -EPROTO
[ 1449.707758][T17145] f81604 3-1:0.0: probe with driver f81604 failed with error -71
[ 1449.924075][ T5845] Bluetooth: hci3: Opcode 0x0401 failed: -110
[ 1449.929232][ T9954] Bluetooth: hci3: command 0x0406 tx timeout
[ 1449.945828][T17145] usb 3-1: USB disconnect, device number 91
[ 1450.256615][T18995] netlink: 44 bytes leftover after parsing attributes in process `syz.6.3620'.
[ 1450.265629][T18995] netlink: 43 bytes leftover after parsing attributes in process `syz.6.3620'.
[ 1450.274833][T18995] netlink: 'syz.6.3620': attribute type 5 has an invalid length.
[ 1450.282629][T18995] netlink: 43 bytes leftover after parsing attributes in process `syz.6.3620'.
[ 1450.645785][T18999] comedi comedi3: comedi_config --init_data is deprecated
[ 1450.835290][T18279] 0: reclassify loop, rule prio 0, protocol 800
[ 1451.662192][   T30] kauditd_printk_skb: 2689 callbacks suppressed
[ 1451.662211][   T30] audit: type=1400 audit(1755726047.114:550874): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=19006 comm="syz.6.3624" name="newroot" dev="tmpfs" ino=2
[ 1451.696510][T19009]  nullb0: AHDI p1
[ 1452.032266][   T30] audit: type=1400 audit(1755726047.114:550875): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=19006 comm="syz.6.3624" name="dev" dev="tmpfs" ino=3
[ 1452.254723][   T30] audit: type=1400 audit(1755726047.123:550876): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=0 comm="swapper/1" saddr=10.128.0.169 src=30008 daddr=10.128.1.139 dest=48888 netif=eth0
[ 1452.390994][T16859] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1452.415146][   T30] audit: type=1400 audit(1755726047.142:550877): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=19006 comm="syz.6.3624" name="newroot" dev="tmpfs" ino=2
[ 1452.421993][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1452.441002][    C1] audit: audit_lost=395214 audit_rate_limit=0 audit_backlog_limit=64
[ 1452.449148][    C1] audit: backlog limit exceeded
[ 1452.455523][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1452.462062][    C1] audit: audit_lost=395215 audit_rate_limit=0 audit_backlog_limit=64
[ 1452.581421][ T9954] Bluetooth: hci1: unexpected event for opcode 0x0c03
[ 1452.748915][T18279] 0: reclassify loop, rule prio 0, protocol 800
[ 1453.799285][T18279] 0: reclassify loop, rule prio 0, protocol 800
[ 1454.380041][T19040] netlink: 12 bytes leftover after parsing attributes in process `syz.6.3631'.
[ 1455.643061][T18269] 0: reclassify loop, rule prio 0, protocol 800
[ 1455.959260][T19053] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.3637'.
[ 1456.852424][T13671] 0: reclassify loop, rule prio 0, protocol 800
[ 1457.011979][   T30] kauditd_printk_skb: 3004 callbacks suppressed
[ 1457.011996][   T30] audit: type=1400 audit(1755726052.118:552862): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=16711 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1457.070939][   T30] audit: type=1400 audit(1755726052.118:552863): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=16711 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1457.133005][T16711] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1457.143177][T16711] audit: audit_lost=395556 audit_rate_limit=0 audit_backlog_limit=64
[ 1457.172499][T16711] audit: backlog limit exceeded
[ 1457.177810][   T30] audit: type=1400 audit(1755726052.118:552864): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=16711 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1457.202842][T16711] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1457.210230][T16711] audit: audit_lost=395557 audit_rate_limit=0 audit_backlog_limit=64
[ 1457.224517][   T30] audit: type=1400 audit(1755726052.118:552865): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=r pid=16711 comm="syz-executor" name="116" dev="tmpfs" ino=656
[ 1457.257576][T16711] audit: backlog limit exceeded
[ 1458.915569][T18279] 0: reclassify loop, rule prio 0, protocol 800
[ 1459.254454][T19084] sctp: [Deprecated]: syz.5.3646 (pid 19084) Use of int in maxseg socket option.
[ 1459.254454][T19084] Use struct sctp_assoc_value instead
[ 1459.628421][T13671] 0: reclassify loop, rule prio 0, protocol 800
[ 1461.338522][T18287] 0: reclassify loop, rule prio 0, protocol 800
[ 1461.368670][T19095] bond0: entered promiscuous mode
[ 1461.373851][T19095] bond_slave_0: entered promiscuous mode
[ 1461.379642][T19095] bond_slave_1: entered promiscuous mode
[ 1461.410028][T19095] bond0: left promiscuous mode
[ 1461.415944][T19095] bond_slave_0: left promiscuous mode
[ 1461.421714][T19095] bond_slave_1: left promiscuous mode
[ 1462.368231][   T30] kauditd_printk_skb: 2776 callbacks suppressed
[ 1462.368250][   T30] audit: type=1400 audit(1755726057.122:555183): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=19113 comm="syz-executor" name="113" dev="tmpfs" ino=643
[ 1462.450602][T19116] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1462.454074][   T30] audit: type=1400 audit(1755726057.122:555184): lsm=SMACK fn=smack_task_setpgid action=granted subject="_" object="_" requested=w pid=19113 comm="syz-executor" opid=19113 ocomm="syz-executor"
[ 1462.457981][T19117] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1462.490289][T19118] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1462.500402][T19116] audit: audit_lost=395711 audit_rate_limit=0 audit_backlog_limit=64
[ 1462.513042][T19118] audit: audit_lost=395712 audit_rate_limit=0 audit_backlog_limit=64
[ 1462.523973][T19116] audit: backlog limit exceeded
[ 1462.532450][T19119] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1462.541363][T19118] audit: backlog limit exceeded
[ 1462.566328][T19121] FAULT_INJECTION: forcing a failure.
[ 1462.566328][T19121] name failslab, interval 1, probability 0, space 0, times 0
[ 1462.592941][T19121] CPU: 0 UID: 0 PID: 19121 Comm: syz.1.3659 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1462.592968][T19121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1462.592981][T19121] Call Trace:
[ 1462.592989][T19121]  <TASK>
[ 1462.592998][T19121]  dump_stack_lvl+0x189/0x250
[ 1462.593026][T19121]  ? __pfx____ratelimit+0x10/0x10
[ 1462.593047][T19121]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1462.593069][T19121]  ? __pfx__printk+0x10/0x10
[ 1462.593096][T19121]  ? __pfx___might_resched+0x10/0x10
[ 1462.593118][T19121]  ? fs_reclaim_acquire+0x7d/0x100
[ 1462.593147][T19121]  should_fail_ex+0x414/0x560
[ 1462.593173][T19121]  should_failslab+0xa8/0x100
[ 1462.593197][T19121]  __kmalloc_noprof+0xcb/0x4f0
[ 1462.593216][T19121]  ? fib6_info_alloc+0x30/0xf0
[ 1462.593253][T19121]  fib6_info_alloc+0x30/0xf0
[ 1462.593278][T19121]  ip6_route_info_create+0x142/0x860
[ 1462.593311][T19121]  ip6_route_add+0x49/0x1b0
[ 1462.593342][T19121]  inet6_rtm_newroute+0x1cf/0x18c0
[ 1462.593371][T19121]  ? nlmon_xmit+0xb0/0x100
[ 1462.593394][T19121]  ? kmem_cache_free+0x18f/0x400
[ 1462.593418][T19121]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[ 1462.593443][T19121]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1462.593464][T19121]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1462.593486][T19121]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1462.593510][T19121]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1462.593535][T19121]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1462.593555][T19121]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1462.593572][T19121]  ? __dev_queue_xmit+0x27e/0x3a70
[ 1462.593591][T19121]  ? __dev_queue_xmit+0x1cd7/0x3a70
[ 1462.593647][T19121]  ? __pfx_inet6_rtm_newroute+0x10/0x10
[ 1462.593668][T19121]  rtnetlink_rcv_msg+0x7cc/0xb70
[ 1462.593697][T19121]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1462.593720][T19121]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1462.593741][T19121]  ? ref_tracker_free+0x63a/0x7d0
[ 1462.593759][T19121]  ? __copy_skb_header+0xa7/0x550
[ 1462.593779][T19121]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1462.593798][T19121]  ? __skb_clone+0x63/0x7a0
[ 1462.593823][T19121]  netlink_rcv_skb+0x205/0x470
[ 1462.593851][T19121]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1462.593878][T19121]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1462.593917][T19121]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1462.593943][T19121]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1462.593976][T19121]  netlink_unicast+0x75c/0x8e0
[ 1462.594011][T19121]  netlink_sendmsg+0x805/0xb30
[ 1462.594049][T19121]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1462.594085][T19121]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1462.594104][T19121]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1462.594130][T19121]  __sock_sendmsg+0x21c/0x270
[ 1462.594156][T19121]  ____sys_sendmsg+0x505/0x830
[ 1462.594190][T19121]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1462.594237][T19121]  ? import_iovec+0x74/0xa0
[ 1462.594268][T19121]  ___sys_sendmsg+0x21f/0x2a0
[ 1462.594298][T19121]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1462.594365][T19121]  ? __fget_files+0x2a/0x420
[ 1462.594386][T19121]  ? __fget_files+0x3a0/0x420
[ 1462.594419][T19121]  __x64_sys_sendmsg+0x19b/0x260
[ 1462.594451][T19121]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1462.594490][T19121]  ? __pfx_ksys_write+0x10/0x10
[ 1462.594506][T19121]  ? rcu_is_watching+0x15/0xb0
[ 1462.594530][T19121]  ? do_syscall_64+0xbe/0x3b0
[ 1462.594555][T19121]  do_syscall_64+0xfa/0x3b0
[ 1462.594576][T19121]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1462.594596][T19121]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1462.594616][T19121]  ? clear_bhb_loop+0x60/0xb0
[ 1462.594640][T19121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1462.594658][T19121] RIP: 0033:0x7f089698ebe9
[ 1462.594678][T19121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1462.594693][T19121] RSP: 002b:00007f08977b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1462.594714][T19121] RAX: ffffffffffffffda RBX: 00007f0896bb5fa0 RCX: 00007f089698ebe9
[ 1462.594727][T19121] RDX: 0000000000000000 RSI: 0000200000004380 RDI: 0000000000000003
[ 1462.594740][T19121] RBP: 00007f08977b7090 R08: 0000000000000000 R09: 0000000000000000
[ 1462.594753][T19121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1462.594766][T19121] R13: 00007f0896bb6038 R14: 00007f0896bb5fa0 R15: 00007fffec9736f8
[ 1462.594794][T19121]  </TASK>
[ 1463.096256][T19116] netlink: del zone limit has 4 unknown bytes
[ 1463.106384][T18282] 0: reclassify loop, rule prio 0, protocol 800
[ 1464.228228][ T2153] usb 3-1: new high-speed USB device number 92 using dummy_hcd
[ 1464.313631][T17145] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[ 1464.379035][T18282] 0: reclassify loop, rule prio 0, protocol 800
[ 1464.391780][ T2153] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1464.410733][ T2153] usb 3-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[ 1464.424444][ T2153] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1464.473982][T17145] usb 2-1: Using ep0 maxpacket: 32
[ 1464.494309][ T2153] gspca_main: stv0680-2.14.0 probing 041e:4007
[ 1464.503551][T17145] usb 2-1: config 127 has an invalid interface number: 117 but max is 0
[ 1464.516729][T17145] usb 2-1: config 127 contains an unexpected descriptor of type 0x2, skipping
[ 1464.525671][T17145] usb 2-1: config 127 has no interface number 0
[ 1464.537584][T17145] usb 2-1: config 127 interface 117 has no altsetting 0
[ 1464.555834][T17145] usb 2-1: New USB device found, idVendor=1e2d, idProduct=0055, bcdDevice=89.c2
[ 1464.567303][T17145] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1464.577832][T17145] usb 2-1: Product: syz
[ 1464.582735][T17145] usb 2-1: Manufacturer: syz
[ 1464.587373][T17145] usb 2-1: SerialNumber: syz
[ 1464.835934][T17145] option 2-1:127.117: GSM modem (1-port) converter detected
[ 1464.849772][T17145] usb 2-1: GSM modem (1-port) converter now attached to ttyUSB0
[ 1464.862879][T17145] usb 2-1: USB disconnect, device number 52
[ 1464.876755][T17145] option1 ttyUSB0: GSM modem (1-port) converter now disconnected from ttyUSB0
[ 1464.887133][T17145] option 2-1:127.117: device disconnected
[ 1465.062485][T13650] 0: reclassify loop, rule prio 0, protocol 800
[ 1465.200991][T15605] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[ 1465.380154][T15605] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1465.410916][T15605] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1465.425474][T15605] usb 6-1: Product: syz
[ 1465.430899][T15605] usb 6-1: Manufacturer: syz
[ 1465.441843][T15605] usb 6-1: SerialNumber: syz
[ 1466.733501][ T2153] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -110
[ 1466.751054][ T2153] stv0680 3-1:4.0: STV(e): camera ping failed!!
[ 1466.757890][ T2153] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -32
[ 1466.766706][ T2153] stv0680 3-1:4.0: last error: 0,  command = 0x0
[ 1467.025078][ T2153] usb 3-1: USB disconnect, device number 92
[ 1467.115535][T18267] 0: reclassify loop, rule prio 0, protocol 800
[ 1467.728352][   T30] kauditd_printk_skb: 2889 callbacks suppressed
[ 1467.728402][   T30] audit: type=1400 audit(1755726062.127:558037): lsm=SMACK fn=smack_file_open action=granted subject="_" object="_" requested=r pid=17046 comm="syz-executor" path="/115" dev="tmpfs" ino=653
[ 1467.815420][T15605] cdc_ncm 6-1:1.0: failed to get mac address
[ 1467.850785][T15605] cdc_ncm 6-1:1.0: bind() failure
[ 1467.922358][   T30] audit: type=1400 audit(1755726062.183:558038): lsm=SMACK fn=smack_ptrace_access_check action=granted subject="_" object="_" requested=r pid=19176 comm="syz.0.3678" opid=19176 ocomm="syz.0.3678"
[ 1467.928822][T19183] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1467.942070][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1467.948710][T19184] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1467.948733][T19184] audit: audit_lost=395726 audit_rate_limit=0 audit_backlog_limit=64
[ 1467.948776][T19184] audit: backlog limit exceeded
[ 1467.948826][T19184] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1467.948840][T19184] audit: audit_lost=395727 audit_rate_limit=0 audit_backlog_limit=64
[ 1467.948855][T19184] audit: backlog limit exceeded
[ 1467.948876][T19184] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1467.978861][T15605] cdc_ncm 6-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1468.102098][T15605] cdc_mbim 6-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1468.205522][T19190] netlink: 44 bytes leftover after parsing attributes in process `syz.6.3680'.
[ 1468.214637][T19190] netlink: 43 bytes leftover after parsing attributes in process `syz.6.3680'.
[ 1468.223960][T19190] netlink: 'syz.6.3680': attribute type 5 has an invalid length.
[ 1468.231913][T19190] netlink: 43 bytes leftover after parsing attributes in process `syz.6.3680'.
[ 1468.290826][T15605] usbtest 6-1:1.1: probe with driver usbtest failed with error -71
[ 1468.349422][T15605] usb 6-1: USB disconnect, device number 15
[ 1468.750104][ T2153] usb 3-1: new full-speed USB device number 93 using dummy_hcd
[ 1468.900550][T19203] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3685'.
[ 1469.240692][T13650] 0: reclassify loop, rule prio 0, protocol 800
[ 1469.779466][ T2153] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1469.808330][ T2153] usb 3-1: New USB device found, idVendor=04b3, idProduct=3100, bcdDevice= 0.00
[ 1469.825810][T19209] netlink: 32 bytes leftover after parsing attributes in process `syz.0.3687'.
[ 1469.845959][ T2153] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1469.873650][ T2153] usb 3-1: config 0 descriptor??
[ 1469.951714][T15605] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[ 1470.249443][T15605] usb 6-1: Using ep0 maxpacket: 16
[ 1470.285318][T15605] usb 6-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1470.310993][T15605] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1470.380940][T15605] usb 6-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[ 1470.458803][T15605] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1470.693107][T18267] 0: reclassify loop, rule prio 0, protocol 800
[ 1470.787334][ T2153] lenovo 0003:04B3:3100.001D: hidraw0: USB HID v0.00 Device [HID 04b3:3100] on usb-dummy_hcd.2-1/input0
[ 1470.814118][T15605] usb 6-1: config 0 descriptor??
[ 1470.908815][ T2153] usb 3-1: USB disconnect, device number 93
[ 1471.220628][T13650] 0: reclassify loop, rule prio 0, protocol 800
[ 1471.337982][T15605] nzxt-smart2 0003:1E71:2009.001E: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.5-1/input0
[ 1472.051451][ T2153] usb 6-1: USB disconnect, device number 16
[ 1473.079757][   T30] kauditd_printk_skb: 1934 callbacks suppressed
[ 1473.079774][   T30] audit: type=1400 audit(1755726067.141:559807): lsm=SMACK fn=smack_inode_unlink action=granted subject="_" object="_" requested=w pid=16859 comm="syz-executor" name="file1" dev="tmpfs" ino=887
[ 1473.117704][T16859] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1473.127376][T17046] audit: audit_backlog=66 > audit_backlog_limit=64
[ 1473.127502][    C1] audit: audit_backlog=66 > audit_backlog_limit=64
[ 1473.140579][    C1] audit: audit_lost=395784 audit_rate_limit=0 audit_backlog_limit=64
[ 1473.148710][    C1] audit: backlog limit exceeded
[ 1473.154352][    C1] audit: audit_backlog=66 > audit_backlog_limit=64
[ 1473.160922][    C1] audit: audit_lost=395785 audit_rate_limit=0 audit_backlog_limit=64
[ 1473.165311][T17046] audit: audit_lost=395786 audit_rate_limit=0 audit_backlog_limit=64
[ 1473.169121][    C1] audit: backlog limit exceeded
[ 1473.272910][T18273] 0: reclassify loop, rule prio 0, protocol 800
[ 1474.589471][T19256] FAULT_INJECTION: forcing a failure.
[ 1474.589471][T19256] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1474.602770][T19256] CPU: 1 UID: 0 PID: 19256 Comm: syz.1.3698 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1474.602816][T19256] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1474.602830][T19256] Call Trace:
[ 1474.602838][T19256]  <TASK>
[ 1474.602848][T19256]  dump_stack_lvl+0x189/0x250
[ 1474.602875][T19256]  ? __pfx____ratelimit+0x10/0x10
[ 1474.602897][T19256]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1474.602919][T19256]  ? __pfx__printk+0x10/0x10
[ 1474.602944][T19256]  ? __might_fault+0xb0/0x130
[ 1474.602982][T19256]  should_fail_ex+0x414/0x560
[ 1474.603008][T19256]  _copy_from_iter+0x1db/0x16f0
[ 1474.603037][T19256]  ? rcu_is_watching+0x15/0xb0
[ 1474.603061][T19256]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[ 1474.603082][T19256]  ? __pfx__copy_from_iter+0x10/0x10
[ 1474.603109][T19256]  ? __build_skb_around+0x257/0x3e0
[ 1474.603140][T19256]  ? netlink_sendmsg+0x642/0xb30
[ 1474.603165][T19256]  ? skb_put+0x11b/0x210
[ 1474.603197][T19256]  netlink_sendmsg+0x6b2/0xb30
[ 1474.603232][T19256]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1474.603268][T19256]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1474.603288][T19256]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1474.603316][T19256]  __sock_sendmsg+0x21c/0x270
[ 1474.603343][T19256]  ____sys_sendmsg+0x505/0x830
[ 1474.603379][T19256]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1474.603418][T19256]  ? import_iovec+0x74/0xa0
[ 1474.603448][T19256]  ___sys_sendmsg+0x21f/0x2a0
[ 1474.603480][T19256]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1474.603517][T19256]  ? rcu_read_unlock_special+0x3fe/0x4c0
[ 1474.603572][T19256]  ? __fget_files+0x2a/0x420
[ 1474.603593][T19256]  ? __fget_files+0x3a0/0x420
[ 1474.603626][T19256]  __x64_sys_sendmsg+0x19b/0x260
[ 1474.603654][T19256]  ? schedule+0x165/0x360
[ 1474.603675][T19256]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1474.603724][T19256]  ? do_syscall_64+0xbe/0x3b0
[ 1474.603749][T19256]  do_syscall_64+0xfa/0x3b0
[ 1474.603772][T19256]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1474.603791][T19256]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1474.603810][T19256]  ? clear_bhb_loop+0x60/0xb0
[ 1474.603834][T19256]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1474.603853][T19256] RIP: 0033:0x7f089698ebe9
[ 1474.603870][T19256] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1474.603889][T19256] RSP: 002b:00007f0897775038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1474.603910][T19256] RAX: ffffffffffffffda RBX: 00007f0896bb6180 RCX: 00007f089698ebe9
[ 1474.603926][T19256] RDX: 0000000000008800 RSI: 0000200000000480 RDI: 0000000000000008
[ 1474.603939][T19256] RBP: 00007f0897775090 R08: 0000000000000000 R09: 0000000000000000
[ 1474.603951][T19256] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1474.603964][T19256] R13: 00007f0896bb6218 R14: 00007f0896bb6180 R15: 00007fffec9736f8
[ 1474.604001][T19256]  </TASK>
[ 1475.937840][T18279] 0: reclassify loop, rule prio 0, protocol 800
[ 1476.512097][ T2153] usb 3-1: new high-speed USB device number 94 using dummy_hcd
[ 1476.696166][T18279] 0: reclassify loop, rule prio 0, protocol 800
[ 1476.700898][T13650] 0: reclassify loop, rule prio 0, protocol 800
[ 1476.847795][ T2153] usb 3-1: Using ep0 maxpacket: 32
[ 1476.878425][ T2153] usb 3-1: config 9 has an invalid interface number: 243 but max is 3
[ 1476.895211][ T2153] usb 3-1: config 9 has an invalid interface number: 173 but max is 3
[ 1476.934450][ T2153] usb 3-1: config 9 has an invalid interface number: 141 but max is 3
[ 1476.962694][ T2153] usb 3-1: config 9 contains an unexpected descriptor of type 0x1, skipping
[ 1476.980254][ T2153] usb 3-1: config 9 has an invalid interface number: 10 but max is 3
[ 1477.063454][ T2153] usb 3-1: config 9 has an invalid interface number: 186 but max is 3
[ 1477.074377][ T2153] usb 3-1: config 9 has an invalid interface number: 255 but max is 3
[ 1477.084528][ T2153] usb 3-1: config 9 has 6 interfaces, different from the descriptor's value: 4
[ 1477.095164][ T2153] usb 3-1: config 9 has no interface number 0
[ 1477.103121][ T2153] usb 3-1: config 9 has no interface number 1
[ 1477.112323][ T2153] usb 3-1: config 9 has no interface number 2
[ 1477.119893][ T2153] usb 3-1: config 9 has no interface number 3
[ 1477.152384][ T2153] usb 3-1: config 9 has no interface number 4
[ 1477.223869][ T2153] usb 3-1: config 9 has no interface number 5
[ 1477.504159][ T2153] usb 3-1: config 9 interface 243 altsetting 7 endpoint 0xC has invalid maxpacket 1023, setting to 64
[ 1477.536251][ T2153] usb 3-1: config 9 interface 243 altsetting 7 has a duplicate endpoint with address 0xA, skipping
[ 1478.037290][ T2153] usb 3-1: config 9 interface 243 altsetting 7 endpoint 0x8 has invalid maxpacket 512, setting to 64
[ 1478.689385][ T2153] usb 3-1: config 9 interface 243 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[ 1478.701288][ T2153] usb 3-1: config 9 interface 243 altsetting 7 has an invalid descriptor for endpoint zero, skipping
[ 1478.713793][   T30] kauditd_printk_skb: 1718 callbacks suppressed
[ 1478.713810][   T30] audit: type=1400 audit(1755726072.407:561367): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=23 comm="ksoftirqd/1" saddr=10.128.0.169 src=30008 daddr=10.128.1.139 dest=48888 netif=eth0
[ 1478.714486][ T2153] usb 3-1: config 9 interface 243 altsetting 7 has a duplicate endpoint with address 0xB, skipping
[ 1478.765879][   T30] audit: type=1400 audit(1755726072.416:561368): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=16859 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1478.807893][T16859] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1478.845048][T14840] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1478.851575][T14840] audit: audit_lost=395840 audit_rate_limit=0 audit_backlog_limit=64
[ 1478.860046][   T30] audit: type=1400 audit(1755726072.416:561369): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=16859 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1478.863627][T14840] audit: backlog limit exceeded
[ 1478.879993][T16859] audit: audit_lost=395841 audit_rate_limit=0 audit_backlog_limit=64
[ 1478.893156][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1478.899809][    C1] audit: audit_lost=395842 audit_rate_limit=0 audit_backlog_limit=64
[ 1478.908469][ T2153] usb 3-1: config 9 interface 243 altsetting 7 endpoint 0x89 has invalid maxpacket 512, setting to 64
[ 1478.940577][ T2153] usb 3-1: config 9 interface 243 altsetting 7 endpoint 0x1 has an invalid bInterval 95, changing to 7
[ 1478.953564][ T2153] usb 3-1: config 9 interface 243 altsetting 7 has a duplicate endpoint with address 0x9, skipping
[ 1478.964680][ T2153] usb 3-1: config 9 interface 173 altsetting 112 has a duplicate endpoint with address 0xE, skipping
[ 1478.975967][ T2153] usb 3-1: config 9 interface 173 altsetting 112 has a duplicate endpoint with address 0xC, skipping
[ 1479.034541][ T2153] usb 3-1: config 9 interface 173 altsetting 112 has a duplicate endpoint with address 0xA, skipping
[ 1479.075777][ T2153] usb 3-1: config 9 interface 173 altsetting 112 has a duplicate endpoint with address 0xA, skipping
[ 1479.104380][ T2153] usb 3-1: config 9 interface 173 altsetting 112 has a duplicate endpoint with address 0x8, skipping
[ 1479.167893][ T2153] usb 3-1: config 9 interface 173 altsetting 112 has 6 endpoint descriptors, different from the interface descriptor's value: 11
[ 1479.277166][T19288] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3707'.
[ 1479.277266][ T2153] usb 3-1: too many endpoints for config 9 interface 141 altsetting 85: 75, using maximum allowed: 30
[ 1479.291212][T19288] netlink: 43 bytes leftover after parsing attributes in process `syz.1.3707'.
[ 1479.306725][T19288] netlink: 'syz.1.3707': attribute type 5 has an invalid length.
[ 1479.314960][T19288] netlink: 43 bytes leftover after parsing attributes in process `syz.1.3707'.
[ 1479.538615][ T2153] usb 3-1: config 9 interface 141 altsetting 85 endpoint 0x8A has an invalid bInterval 128, changing to 11
[ 1479.541507][T18273] 0: reclassify loop, rule prio 0, protocol 800
[ 1479.550184][ T2153] usb 3-1: config 9 interface 141 altsetting 85 endpoint 0x8A has invalid maxpacket 1136, setting to 1024
[ 1479.569145][ T2153] usb 3-1: config 9 interface 141 altsetting 85 has a duplicate endpoint with address 0xB, skipping
[ 1479.580817][ T2153] usb 3-1: config 9 interface 141 altsetting 85 has a duplicate endpoint with address 0x8, skipping
[ 1479.594338][ T2153] usb 3-1: config 9 interface 141 altsetting 85 has a duplicate endpoint with address 0xF, skipping
[ 1479.605333][ T2153] usb 3-1: config 9 interface 141 altsetting 85 has a duplicate endpoint with address 0xB, skipping
[ 1479.616780][ T2153] usb 3-1: config 9 interface 141 altsetting 85 has 5 endpoint descriptors, different from the interface descriptor's value: 75
[ 1479.751454][ T2153] usb 3-1: config 9 interface 10 altsetting 2 has a duplicate endpoint with address 0xB, skipping
[ 1479.837385][ T2153] usb 3-1: config 9 interface 10 altsetting 2 has a duplicate endpoint with address 0xA, skipping
[ 1480.022417][ T2153] usb 3-1: config 9 interface 10 altsetting 2 has a duplicate endpoint with address 0xA, skipping
[ 1480.034425][ T2153] usb 3-1: config 9 interface 10 altsetting 2 endpoint 0x2 has invalid maxpacket 512, setting to 64
[ 1480.045468][ T2153] usb 3-1: config 9 interface 186 altsetting 3 has a duplicate endpoint with address 0x8, skipping
[ 1480.056617][ T2153] usb 3-1: config 9 interface 186 altsetting 3 has a duplicate endpoint with address 0xF, skipping
[ 1480.069183][ T2153] usb 3-1: config 9 interface 186 altsetting 3 has a duplicate endpoint with address 0xE, skipping
[ 1480.642897][ T2153] usb 3-1: config 9 interface 186 altsetting 3 has a duplicate endpoint with address 0x8, skipping
[ 1480.654205][ T2153] usb 3-1: config 9 interface 186 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[ 1480.729910][ T2153] usb 3-1: config 9 interface 186 altsetting 3 has a duplicate endpoint with address 0xE, skipping
[ 1480.794513][ T2153] usb 3-1: config 9 interface 186 altsetting 3 has a duplicate endpoint with address 0xC, skipping
[ 1480.825265][ T2153] usb 3-1: config 9 interface 186 altsetting 3 has a duplicate endpoint with address 0x87, skipping
[ 1480.856857][ T2153] usb 3-1: config 9 interface 186 altsetting 3 has a duplicate endpoint with address 0xC, skipping
[ 1480.892725][ T2153] usb 3-1: config 9 interface 186 altsetting 3 has a duplicate endpoint with address 0x1, skipping
[ 1480.941509][ T2153] usb 3-1: config 9 interface 186 altsetting 3 has an invalid descriptor for endpoint zero, skipping
[ 1481.035172][ T2153] usb 3-1: config 9 interface 186 altsetting 3 has 12 endpoint descriptors, different from the interface descriptor's value: 13
[ 1481.097343][ T2153] usb 3-1: too many endpoints for config 9 interface 255 altsetting 99: 250, using maximum allowed: 30
[ 1481.164760][ T2153] usb 3-1: config 9 interface 255 altsetting 99 has 1 endpoint descriptor, different from the interface descriptor's value: 250
[ 1481.190401][ T2153] usb 3-1: config 9 interface 243 has no altsetting 0
[ 1481.202110][ T2153] usb 3-1: config 9 interface 173 has no altsetting 0
[ 1481.210117][ T2153] usb 3-1: config 9 interface 141 has no altsetting 0
[ 1481.222795][ T2153] usb 3-1: config 9 interface 10 has no altsetting 0
[ 1481.234053][ T2153] usb 3-1: config 9 interface 186 has no altsetting 0
[ 1481.253584][ T2153] usb 3-1: config 9 interface 255 has no altsetting 0
[ 1481.266860][ T2153] usb 3-1: string descriptor 0 read error: -71
[ 1481.281910][ T2153] usb 3-1: New USB device found, idVendor=19d2, idProduct=1284, bcdDevice=34.94
[ 1481.299533][ T2153] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1481.353330][ T2153] usb 3-1: can't set config #9, error -71
[ 1481.601472][T18279] 0: reclassify loop, rule prio 0, protocol 800
[ 1482.403310][ T2153] usb 3-1: USB disconnect, device number 94
[ 1483.213203][T18279] 0: reclassify loop, rule prio 0, protocol 800
[ 1483.531769][T19329] 0: reclassify loop, rule prio 0, protocol 800
[ 1484.218756][   T30] kauditd_printk_skb: 2194 callbacks suppressed
[ 1484.218773][   T30] audit: type=1400 audit(1755726077.561:563016): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=19330 comm="syz.2.3721" saddr=10.128.0.169 src=30008 daddr=10.128.1.139 dest=48888 netif=eth0
[ 1484.406254][T14840] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1484.415269][T17202] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1484.422991][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1484.429588][    C1] audit: audit_lost=396025 audit_rate_limit=0 audit_backlog_limit=64
[ 1484.437739][    C1] audit: backlog limit exceeded
[ 1484.442842][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1484.449459][    C1] audit: audit_lost=396026 audit_rate_limit=0 audit_backlog_limit=64
[ 1484.457586][    C1] audit: backlog limit exceeded
[ 1484.462948][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1484.859296][ T9954] Bluetooth: hci3: unexpected event for opcode 0x0c03
[ 1484.975082][T19343] FAULT_INJECTION: forcing a failure.
[ 1484.975082][T19343] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1484.988538][T19343] CPU: 1 UID: 0 PID: 19343 Comm: syz.1.3722 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1484.988565][T19343] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1484.988577][T19343] Call Trace:
[ 1484.988586][T19343]  <TASK>
[ 1484.988595][T19343]  dump_stack_lvl+0x189/0x250
[ 1484.988623][T19343]  ? __pfx____ratelimit+0x10/0x10
[ 1484.988645][T19343]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1484.988668][T19343]  ? __pfx__printk+0x10/0x10
[ 1484.988694][T19343]  ? __might_fault+0xb0/0x130
[ 1484.988726][T19343]  should_fail_ex+0x414/0x560
[ 1484.988752][T19343]  _copy_from_user+0x2d/0xb0
[ 1484.988781][T19343]  ___sys_sendmsg+0x158/0x2a0
[ 1484.988814][T19343]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1484.988883][T19343]  ? __fget_files+0x2a/0x420
[ 1484.988905][T19343]  ? __fget_files+0x3a0/0x420
[ 1484.988938][T19343]  __x64_sys_sendmsg+0x19b/0x260
[ 1484.988970][T19343]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1484.989014][T19343]  ? __pfx_ksys_write+0x10/0x10
[ 1484.989038][T19343]  ? do_syscall_64+0xbe/0x3b0
[ 1484.989062][T19343]  do_syscall_64+0xfa/0x3b0
[ 1484.989082][T19343]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1484.989098][T19343]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1484.989117][T19343]  ? clear_bhb_loop+0x60/0xb0
[ 1484.989141][T19343]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1484.989160][T19343] RIP: 0033:0x7f089698ebe9
[ 1484.989179][T19343] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1484.989198][T19343] RSP: 002b:00007f0897775038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1484.989219][T19343] RAX: ffffffffffffffda RBX: 00007f0896bb6180 RCX: 00007f089698ebe9
[ 1484.989234][T19343] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000009
[ 1484.989248][T19343] RBP: 00007f0897775090 R08: 0000000000000000 R09: 0000000000000000
[ 1484.989260][T19343] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1484.989273][T19343] R13: 00007f0896bb6218 R14: 00007f0896bb6180 R15: 00007fffec9736f8
[ 1484.989313][T19343]  </TASK>
[ 1485.351552][T19344] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3724'.
[ 1485.574267][T19353] comedi comedi3: comedi_config --init_data is deprecated
[ 1485.589318][ T5925] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[ 1485.752600][T18267] 0: reclassify loop, rule prio 0, protocol 800
[ 1486.059040][T19355] loop2: detected capacity change from 0 to 7
[ 1486.088028][T19355] Dev loop2: unable to read RDB block 7
[ 1486.094125][T19355]  loop2: AHDI p1 p2 p3
[ 1486.098365][T19355] loop2: partition table partially beyond EOD, truncated
[ 1486.116452][T19355] loop2: p1 start 1601398130 is beyond EOD, truncated
[ 1486.128628][ T5925] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1486.143583][ T5925] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1486.143954][T19355] loop2: p2 start 1702059890 is beyond EOD, truncated
[ 1486.181132][ T5925] usb 6-1: Product: syz
[ 1486.185472][ T5925] usb 6-1: Manufacturer: syz
[ 1486.190308][ T5925] usb 6-1: SerialNumber: syz
[ 1487.548971][T19367] overlayfs: missing 'lowerdir'
[ 1487.897880][T18267] 0: reclassify loop, rule prio 0, protocol 800
[ 1488.179356][T19363] binder: 19362:19363 ioctl c0306201 200000004a40 returned -14
[ 1488.554288][ T5925] cdc_ncm 6-1:1.0: failed to get mac address
[ 1488.561951][ T5925] cdc_ncm 6-1:1.0: bind() failure
[ 1489.247011][T18287] 0: reclassify loop, rule prio 0, protocol 800
[ 1489.259209][ T5925] cdc_ncm 6-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1489.532705][ T5925] cdc_mbim 6-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1489.563350][ T5925] usbtest 6-1:1.1: probe with driver usbtest failed with error -71
[ 1489.573264][   T30] kauditd_printk_skb: 3382 callbacks suppressed
[ 1489.573281][   T30] audit: type=1400 audit(1755726082.556:565007): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=19383 comm="syz.0.3737" name="newroot" dev="tmpfs" ino=2
[ 1489.603729][T19386] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1489.623366][T16711] audit: audit_backlog=66 > audit_backlog_limit=64
[ 1489.833192][T19386] audit: audit_lost=396492 audit_rate_limit=0 audit_backlog_limit=64
[ 1489.841317][T19386] audit: backlog limit exceeded
[ 1489.847845][T16711] audit: audit_lost=396493 audit_rate_limit=0 audit_backlog_limit=64
[ 1489.847972][ T5925] usb 6-1: USB disconnect, device number 17
[ 1489.864094][T16711] audit: backlog limit exceeded
[ 1489.864701][T19387] audit: audit_backlog=66 > audit_backlog_limit=64
[ 1489.869054][T16711] audit: audit_backlog=66 > audit_backlog_limit=64
[ 1489.878569][   T30] audit: type=1400 audit(1755726082.556:565008): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=19383 comm="syz.0.3737" name="/" dev="devtmpfs" ino=1
[ 1489.940021][T19379] 0: reclassify loop, rule prio 0, protocol 800
[ 1490.177870][T19397] FAULT_INJECTION: forcing a failure.
[ 1490.177870][T19397] name failslab, interval 1, probability 0, space 0, times 0
[ 1490.227869][T19397] CPU: 0 UID: 0 PID: 19397 Comm: syz.5.3740 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1490.227897][T19397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1490.227908][T19397] Call Trace:
[ 1490.227916][T19397]  <TASK>
[ 1490.227924][T19397]  dump_stack_lvl+0x189/0x250
[ 1490.227956][T19397]  ? __pfx____ratelimit+0x10/0x10
[ 1490.227978][T19397]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1490.227997][T19397]  ? __pfx__printk+0x10/0x10
[ 1490.228028][T19397]  ? __pfx___might_resched+0x10/0x10
[ 1490.228055][T19397]  should_fail_ex+0x414/0x560
[ 1490.228081][T19397]  should_failslab+0xa8/0x100
[ 1490.228104][T19397]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1490.228126][T19397]  ? __alloc_skb+0x112/0x2d0
[ 1490.228157][T19397]  __alloc_skb+0x112/0x2d0
[ 1490.228188][T19397]  tipc_nl_compat_dumpit+0x116/0x7b0
[ 1490.228225][T19397]  tipc_nl_compat_recv+0x802/0xbe0
[ 1490.228257][T19397]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[ 1490.228285][T19397]  ? __pfx_tipc_nl_sk_dump+0x10/0x10
[ 1490.228310][T19397]  ? __pfx_tipc_nl_compat_sk_dump+0x10/0x10
[ 1490.228338][T19397]  ? __mutex_trylock_common+0x153/0x260
[ 1490.228366][T19397]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1490.228387][T19397]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 1490.228413][T19397]  ? rcu_is_watching+0x15/0xb0
[ 1490.228444][T19397]  genl_family_rcv_msg_doit+0x215/0x300
[ 1490.228475][T19397]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[ 1490.228524][T19397]  genl_rcv_msg+0x60e/0x790
[ 1490.228552][T19397]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1490.228570][T19397]  ? ref_tracker_free+0x63a/0x7d0
[ 1490.228592][T19397]  ? __pfx_tipc_nl_compat_recv+0x10/0x10
[ 1490.228622][T19397]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1490.228656][T19397]  netlink_rcv_skb+0x205/0x470
[ 1490.228683][T19397]  ? __pfx_genl_rcv_msg+0x10/0x10
[ 1490.228706][T19397]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1490.228752][T19397]  ? down_read+0x1ad/0x2e0
[ 1490.228779][T19397]  genl_rcv+0x28/0x40
[ 1490.228798][T19397]  netlink_unicast+0x75c/0x8e0
[ 1490.228835][T19397]  netlink_sendmsg+0x805/0xb30
[ 1490.228873][T19397]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1490.228910][T19397]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1490.228929][T19397]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1490.228963][T19397]  __sock_sendmsg+0x21c/0x270
[ 1490.228990][T19397]  ____sys_sendmsg+0x505/0x830
[ 1490.229026][T19397]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1490.229066][T19397]  ? import_iovec+0x74/0xa0
[ 1490.229097][T19397]  ___sys_sendmsg+0x21f/0x2a0
[ 1490.229130][T19397]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1490.229201][T19397]  ? __fget_files+0x2a/0x420
[ 1490.229223][T19397]  ? __fget_files+0x3a0/0x420
[ 1490.229257][T19397]  __x64_sys_sendmsg+0x19b/0x260
[ 1490.229289][T19397]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1490.229330][T19397]  ? __pfx_ksys_write+0x10/0x10
[ 1490.229347][T19397]  ? rcu_is_watching+0x15/0xb0
[ 1490.229374][T19397]  ? do_syscall_64+0xbe/0x3b0
[ 1490.229401][T19397]  do_syscall_64+0xfa/0x3b0
[ 1490.229421][T19397]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1490.229442][T19397]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1490.229461][T19397]  ? clear_bhb_loop+0x60/0xb0
[ 1490.229485][T19397]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1490.229504][T19397] RIP: 0033:0x7f4dce38ebe9
[ 1490.229522][T19397] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1490.229541][T19397] RSP: 002b:00007f4dcf171038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1490.229562][T19397] RAX: ffffffffffffffda RBX: 00007f4dce5b6090 RCX: 00007f4dce38ebe9
[ 1490.229577][T19397] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000003
[ 1490.229591][T19397] RBP: 00007f4dcf171090 R08: 0000000000000000 R09: 0000000000000000
[ 1490.229603][T19397] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1490.229616][T19397] R13: 00007f4dce5b6128 R14: 00007f4dce5b6090 R15: 00007fffac38c8f8
[ 1490.229650][T19397]  </TASK>
[ 1490.302546][ T5967] usb 2-1: new full-speed USB device number 53 using dummy_hcd
[ 1490.828027][ T5967] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1490.839941][ T5967] usb 2-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[ 1490.855067][ T5967] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1490.889821][T19401] comedi comedi3: comedi_config --init_data is deprecated
[ 1491.022742][ T5967] usb 2-1: config 0 descriptor??
[ 1491.053066][ T5967] pegasus_notetaker 2-1:0.0: Invalid number of endpoints
[ 1491.061546][    C1] 0: reclassify loop, rule prio 0, protocol 800
[ 1491.074669][ T5967] pegasus_notetaker 2-1:0.0: probe with driver pegasus_notetaker failed with error -22
[ 1491.874974][T18287] 0: reclassify loop, rule prio 0, protocol 800
[ 1491.919994][ T5925] usb 2-1: USB disconnect, device number 53
[ 1492.288527][T19408] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3743'.
[ 1492.297563][T19408] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3743'.
[ 1492.306615][T19408] netlink: 32 bytes leftover after parsing attributes in process `syz.6.3743'.
[ 1492.407117][T19412] loop2: detected capacity change from 0 to 7
[ 1492.439246][T19412] Dev loop2: unable to read RDB block 7
[ 1492.448563][T19412]  loop2: AHDI p1 p2 p3
[ 1492.464000][T19412] loop2: partition table partially beyond EOD, truncated
[ 1492.526277][T19412] loop2: p1 start 1601398130 is beyond EOD, truncated
[ 1492.642325][T19419] ptrace attach of "./syz-executor exec"[14840] was attempted by ""[19419]
[ 1492.739951][T19412] loop2: p2 start 1702059890 is beyond EOD, truncated
[ 1494.258436][T18267] 0: reclassify loop, rule prio 0, protocol 800
[ 1495.043329][T18269] 0: reclassify loop, rule prio 0, protocol 800
[ 1495.045745][T14840] audit_log_start: 2580 callbacks suppressed
[ 1495.045760][T14840] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1495.102562][   T30] audit: type=1326 audit(1755726087.186:567069): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19429 comm="syz.1.3751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089698ebe9 code=0x7ffc0000
[ 1495.146645][T19445] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1495.150920][T19444] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1495.153334][T19445] audit: audit_lost=396668 audit_rate_limit=0 audit_backlog_limit=64
[ 1495.167100][T14840] audit: audit_lost=396669 audit_rate_limit=0 audit_backlog_limit=64
[ 1495.169131][T19445] audit: backlog limit exceeded
[ 1495.187513][   T30] audit: type=1326 audit(1755726087.186:567070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=19429 comm="syz.1.3751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f089698ebe9 code=0x7ffc0000
[ 1495.187535][T19444] audit: audit_lost=396670 audit_rate_limit=0 audit_backlog_limit=64
[ 1495.246920][T14840] audit: backlog limit exceeded
[ 1497.285057][T19469] FAULT_INJECTION: forcing a failure.
[ 1497.285057][T19469] name failslab, interval 1, probability 0, space 0, times 0
[ 1497.311136][T18269] 0: reclassify loop, rule prio 0, protocol 800
[ 1497.349810][T19469] CPU: 0 UID: 0 PID: 19469 Comm: syz.5.3758 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1497.349839][T19469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1497.349852][T19469] Call Trace:
[ 1497.349861][T19469]  <TASK>
[ 1497.349870][T19469]  dump_stack_lvl+0x189/0x250
[ 1497.349897][T19469]  ? __pfx____ratelimit+0x10/0x10
[ 1497.349919][T19469]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1497.349942][T19469]  ? __pfx__printk+0x10/0x10
[ 1497.349979][T19469]  ? __pfx___might_resched+0x10/0x10
[ 1497.350007][T19469]  should_fail_ex+0x414/0x560
[ 1497.350033][T19469]  ? io_alloc_cache_init+0x3d/0x140
[ 1497.350057][T19469]  should_failslab+0xa8/0x100
[ 1497.350081][T19469]  __kvmalloc_node_noprof+0x161/0x5f0
[ 1497.350104][T19469]  ? io_alloc_cache_init+0x3d/0x140
[ 1497.350134][T19469]  io_alloc_cache_init+0x3d/0x140
[ 1497.350161][T19469]  io_ring_ctx_alloc+0x412/0xae0
[ 1497.350193][T19469]  io_uring_create+0x130/0xb60
[ 1497.350223][T19469]  __se_sys_io_uring_setup+0x264/0x270
[ 1497.350243][T19469]  ? __pfx___se_sys_io_uring_setup+0x10/0x10
[ 1497.350275][T19469]  ? rcu_is_watching+0x15/0xb0
[ 1497.350302][T19469]  ? do_syscall_64+0xbe/0x3b0
[ 1497.350329][T19469]  do_syscall_64+0xfa/0x3b0
[ 1497.350349][T19469]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1497.350370][T19469]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1497.350390][T19469]  ? clear_bhb_loop+0x60/0xb0
[ 1497.350415][T19469]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1497.350434][T19469] RIP: 0033:0x7f4dce38ebe9
[ 1497.350451][T19469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1497.350469][T19469] RSP: 002b:00007f4dcf191fc8 EFLAGS: 00000206 ORIG_RAX: 00000000000001a9
[ 1497.350490][T19469] RAX: ffffffffffffffda RBX: 00007f4dce5b5fa0 RCX: 00007f4dce38ebe9
[ 1497.350505][T19469] RDX: 0000200000ff4000 RSI: 0000200000000000 RDI: 00000000000048ba
[ 1497.350520][T19469] RBP: 0000200000000000 R08: 0000000000000000 R09: 0000200000ff4000
[ 1497.350534][T19469] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[ 1497.350546][T19469] R13: 0000200000000080 R14: 00000000000048ba R15: 0000200000ff4000
[ 1497.350578][T19469]  </TASK>
[ 1498.690769][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1499.436496][T19513] netlink: 'syz.1.3768': attribute type 28 has an invalid length.
[ 1499.764084][T13671] 0: reclassify loop, rule prio 0, protocol 800
[ 1500.396733][   T30] kauditd_printk_skb: 3771 callbacks suppressed
[ 1500.396751][   T30] audit: type=1400 audit(1755726092.696:569554): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=19521 comm="syz-executor" name="252" dev="tmpfs" ino=1428
[ 1500.436933][T17046] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1500.445555][T17046] audit: audit_lost=397100 audit_rate_limit=0 audit_backlog_limit=64
[ 1500.448211][T19522] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1500.456832][T17046] audit: backlog limit exceeded
[ 1500.468492][T17046] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1500.475746][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1500.482372][    C1] audit: audit_lost=397101 audit_rate_limit=0 audit_backlog_limit=64
[ 1500.490499][    C1] audit: backlog limit exceeded
[ 1500.495978][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1500.504379][T13671] 0: reclassify loop, rule prio 0, protocol 800
[ 1501.976739][ T5896] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[ 1502.097339][T19542] loop2: detected capacity change from 0 to 7
[ 1502.113330][T19542] Dev loop2: unable to read RDB block 7
[ 1502.124104][T19542]  loop2: AHDI p1 p2 p3
[ 1502.131466][T19542] loop2: partition table partially beyond EOD, truncated
[ 1502.142649][ T5896] usb 2-1: Using ep0 maxpacket: 8
[ 1502.153656][T19542] loop2: p1 start 1601398130 is beyond EOD, truncated
[ 1502.161703][T19542] loop2: p2 start 1702059890 is beyond EOD, truncated
[ 1502.172408][ T5896] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[ 1502.184089][ T5896] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1502.199499][ T5896] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1502.211448][ T5896] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[ 1502.523736][ T5896] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1502.710913][ T5896] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[ 1502.780208][T18287] 0: reclassify loop, rule prio 0, protocol 800
[ 1502.826362][ T5896] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1502.986653][ T5896] usb 2-1: config 0 descriptor??
[ 1502.996685][T19533] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1503.023860][T19547] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3781'.
[ 1503.050231][T19547] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3781'.
[ 1503.081455][T19547] netlink: 22 bytes leftover after parsing attributes in process `syz.0.3781'.
[ 1503.102976][T19547] nbd: socks must be embedded in a SOCK_ITEM attr
[ 1503.132109][T19545] fanotify: failed to encode fid (type=0, len=0, err=-2)
[ 1503.245577][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.254009][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.264041][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.271149][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.279391][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.286468][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.295942][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.303009][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.309942][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.317135][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.324123][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.331072][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.338224][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.346435][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.353390][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.360499][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.367414][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.376554][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.383659][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.390693][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.398742][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.405768][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.412911][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.419998][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.426873][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.433893][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.440818][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.447883][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.456074][ T5845] Bluetooth: hci4: Received unexpected HCI Event 0x00
[ 1503.462733][ T2153] usb 3-1: new full-speed USB device number 95 using dummy_hcd
[ 1503.471228][ T5896] usb 2-1: USB disconnect, device number 54
[ 1503.479506][ T9954] Bluetooth: hci4: Opcode 0x0c03 failed: -71
[ 1503.655127][ T2153] usb 3-1: device descriptor read/64, error -71
[ 1503.922316][ T2153] usb 3-1: new full-speed USB device number 96 using dummy_hcd
[ 1503.992715][T19559] netlink: 'syz.5.3785': attribute type 10 has an invalid length.
[ 1504.040307][T19559] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1504.073340][ T2153] usb 3-1: device descriptor read/64, error -71
[ 1504.201135][ T2153] usb usb3-port1: attempt power cycle
[ 1504.605243][ T2153] usb 3-1: new full-speed USB device number 97 using dummy_hcd
[ 1504.661081][ T2153] usb 3-1: device descriptor read/8, error -71
[ 1504.752232][T19569] FAULT_INJECTION: forcing a failure.
[ 1504.752232][T19569] name failslab, interval 1, probability 0, space 0, times 0
[ 1504.789258][T19569] CPU: 0 UID: 0 PID: 19569 Comm: syz.0.3788 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1504.789287][T19569] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1504.789300][T19569] Call Trace:
[ 1504.789308][T19569]  <TASK>
[ 1504.789317][T19569]  dump_stack_lvl+0x189/0x250
[ 1504.789343][T19569]  ? __pfx____ratelimit+0x10/0x10
[ 1504.789363][T19569]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1504.789384][T19569]  ? __pfx__printk+0x10/0x10
[ 1504.789414][T19569]  ? __pfx___might_resched+0x10/0x10
[ 1504.789441][T19569]  should_fail_ex+0x414/0x560
[ 1504.789467][T19569]  should_failslab+0xa8/0x100
[ 1504.789491][T19569]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1504.789513][T19569]  ? __alloc_skb+0x112/0x2d0
[ 1504.789545][T19569]  __alloc_skb+0x112/0x2d0
[ 1504.789576][T19569]  netlink_sendmsg+0x5c6/0xb30
[ 1504.789621][T19569]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1504.789657][T19569]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1504.789675][T19569]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1504.789703][T19569]  __sock_sendmsg+0x21c/0x270
[ 1504.789728][T19569]  ____sys_sendmsg+0x505/0x830
[ 1504.789764][T19569]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1504.789802][T19569]  ? import_iovec+0x74/0xa0
[ 1504.789833][T19569]  ___sys_sendmsg+0x21f/0x2a0
[ 1504.789869][T19569]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1504.789937][T19569]  ? __fget_files+0x2a/0x420
[ 1504.789958][T19569]  ? __fget_files+0x3a0/0x420
[ 1504.789991][T19569]  __x64_sys_sendmsg+0x19b/0x260
[ 1504.790023][T19569]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1504.790061][T19569]  ? __pfx_ksys_write+0x10/0x10
[ 1504.790077][T19569]  ? rcu_is_watching+0x15/0xb0
[ 1504.790104][T19569]  ? do_syscall_64+0xbe/0x3b0
[ 1504.790130][T19569]  do_syscall_64+0xfa/0x3b0
[ 1504.790150][T19569]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1504.790172][T19569]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1504.790191][T19569]  ? clear_bhb_loop+0x60/0xb0
[ 1504.790216][T19569]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1504.790236][T19569] RIP: 0033:0x7fcb9958ebe9
[ 1504.790253][T19569] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1504.790271][T19569] RSP: 002b:00007fcb9a4b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1504.790293][T19569] RAX: ffffffffffffffda RBX: 00007fcb997b5fa0 RCX: 00007fcb9958ebe9
[ 1504.790309][T19569] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000004
[ 1504.790322][T19569] RBP: 00007fcb9a4b7090 R08: 0000000000000000 R09: 0000000000000000
[ 1504.790335][T19569] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1504.790347][T19569] R13: 00007fcb997b6038 R14: 00007fcb997b5fa0 R15: 00007fff698e2b48
[ 1504.790378][T19569]  </TASK>
[ 1505.205146][ T2153] usb 3-1: new full-speed USB device number 98 using dummy_hcd
[ 1505.350864][ T2153] usb 3-1: device descriptor read/8, error -71
[ 1505.494232][ T2153] usb usb3-port1: unable to enumerate USB device
[ 1505.876612][T16859] audit_log_start: 2456 callbacks suppressed
[ 1505.876624][T16859] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1505.883267][   T30] audit: type=1400 audit(1755726097.691:571864): lsm=SMACK fn=smack_task_setscheduler action=granted subject="_" object="_" requested=w pid=19574 comm="syz.0.3791" opid=19574 ocomm="syz.0.3791"
[ 1505.911052][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1505.917631][    C1] audit: audit_lost=397152 audit_rate_limit=0 audit_backlog_limit=64
[ 1505.925918][    C1] audit: backlog limit exceeded
[ 1505.931180][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1505.937745][    C1] audit: audit_lost=397153 audit_rate_limit=0 audit_backlog_limit=64
[ 1505.945909][    C1] audit: backlog limit exceeded
[ 1505.952845][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1505.959382][    C1] audit: audit_lost=397154 audit_rate_limit=0 audit_backlog_limit=64
[ 1506.629028][T18269] 0: reclassify loop, rule prio 0, protocol 800
[ 1508.411040][T19589] nbd: must specify a device to reconfigure
[ 1508.606960][T19582] 0: reclassify loop, rule prio 0, protocol 800
[ 1508.852473][T18267] 0: reclassify loop, rule prio 0, protocol 800
[ 1508.966202][T19604] overlayfs: missing 'workdir'
[ 1509.540417][T18287] 0: reclassify loop, rule prio 0, protocol 800
[ 1510.671089][T19618]  nullb0: AHDI p1
[ 1511.235031][   T30] kauditd_printk_skb: 2583 callbacks suppressed
[ 1511.235048][   T30] audit: type=1400 audit(1755726102.807:573882): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=14840 comm="syz-executor" name="257" dev="tmpfs" ino=1455
[ 1511.282371][T14840] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1511.304505][T19631] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1511.323466][T14840] audit: audit_lost=397333 audit_rate_limit=0 audit_backlog_limit=64
[ 1511.630405][T19631] audit: audit_lost=397334 audit_rate_limit=0 audit_backlog_limit=64
[ 1511.654781][T14840] audit: backlog limit exceeded
[ 1511.659718][T14840] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1511.676412][T19631] audit: backlog limit exceeded
[ 1511.681314][T19631] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1511.689873][T14840] audit: audit_lost=397335 audit_rate_limit=0 audit_backlog_limit=64
[ 1512.044092][T19634] 0: reclassify loop, rule prio 0, protocol 800
[ 1512.152006][T19635] netlink: 'syz.6.3806': attribute type 1 has an invalid length.
[ 1512.175717][T19635] netlink: 'syz.6.3806': attribute type 1 has an invalid length.
[ 1512.272942][T13650] 0: reclassify loop, rule prio 0, protocol 800
[ 1512.502962][T19638] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3808'.
[ 1512.518213][T19638] overlayfs: missing 'lowerdir'
[ 1513.351507][T19653] overlayfs: missing 'workdir'
[ 1514.716208][T18269] 0: reclassify loop, rule prio 0, protocol 800
[ 1514.905212][T19656] loop2: detected capacity change from 0 to 7
[ 1514.914320][T19656] Dev loop2: unable to read RDB block 7
[ 1514.929872][T19656]  loop2: AHDI p1 p2 p3
[ 1514.940390][T19656] loop2: partition table partially beyond EOD, truncated
[ 1514.959470][ T9954] Bluetooth: hci5: unexpected event for opcode 0x0c03
[ 1514.973547][T19656] loop2: p1 start 1601398130 is beyond EOD, truncated
[ 1514.992798][T19656] loop2: p2 start 1702059890 is beyond EOD, truncated
[ 1515.096413][T18267] 0: reclassify loop, rule prio 0, protocol 800
[ 1515.390319][T19671] binder: BINDER_SET_CONTEXT_MGR already set
[ 1515.397130][T19671] binder: 19670:19671 ioctl 4018620d 200000000040 returned -16
[ 1516.385196][T19684] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3824'.
[ 1516.394159][T19684] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3824'.
[ 1516.593576][   T30] kauditd_printk_skb: 3162 callbacks suppressed
[ 1516.593595][   T30] audit: type=1400 audit(1755726107.849:576123): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=19686 comm="syz-executor" name="146" dev="tmpfs" ino=832
[ 1516.671521][T16859] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1516.683732][   T30] audit: type=1400 audit(1755726107.849:576124): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=19686 comm="syz-executor" name="146" dev="tmpfs" ino=832
[ 1516.709212][   T30] audit: type=1400 audit(1755726107.849:576125): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=19685 comm="syz-executor" name="191" dev="tmpfs" ino=1057
[ 1516.709717][T19688] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1516.728654][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1516.728677][    C1] audit: audit_lost=397654 audit_rate_limit=0 audit_backlog_limit=64
[ 1516.728693][    C1] audit: backlog limit exceeded
[ 1516.735674][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1516.735689][    C1] audit: audit_lost=397655 audit_rate_limit=0 audit_backlog_limit=64
[ 1519.058372][T18287] 0: reclassify loop, rule prio 0, protocol 800
[ 1519.146937][T19711] netlink: 28 bytes leftover after parsing attributes in process `syz.5.3831'.
[ 1520.490315][T18287] 0: reclassify loop, rule prio 0, protocol 800
[ 1521.214625][T18287] 0: reclassify loop, rule prio 0, protocol 800
[ 1521.258464][T19740] 0: reclassify loop, rule prio 0, protocol 800
[ 1521.723881][T19749] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3844'.
[ 1521.736001][T19749] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3844'.
[ 1522.363675][    C1] 0: reclassify loop, rule prio 0, protocol 800
[ 1522.808918][   T30] kauditd_printk_skb: 2597 callbacks suppressed
[ 1522.808936][   T30] audit: type=1400 audit(1755726112.956:578193): lsm=SMACK fn=smack_task_kill action=granted subject="_" object="_" requested=w pid=19734 comm="syz.5.3841" opid=19734 ocomm="syz.5.3841"
[ 1523.003790][   T30] audit: type=1400 audit(1755726112.956:578194): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=19734 comm="syz.5.3841" name="155" dev="tmpfs" ino=876
[ 1523.026348][   T30] audit: type=1400 audit(1755726112.956:578195): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=19734 comm="syz.5.3841" name="155" dev="tmpfs" ino=876
[ 1523.033267][T16711] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1523.046248][   T30] audit: type=1400 audit(1755726113.153:578196): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=19734 comm="syz.5.3841" saddr=10.128.0.169 src=30008 daddr=10.128.1.139 dest=48888 netif=eth0
[ 1523.053632][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1523.076216][   T30] audit: type=1400 audit(1755726113.621:578197): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=19734 comm="syz.5.3841" saddr=10.128.0.169 src=30008 daddr=10.128.1.139 dest=48888 netif=eth0
[ 1523.081881][    C1] audit: audit_lost=397833 audit_rate_limit=0 audit_backlog_limit=64
[ 1523.081902][    C1] audit: backlog limit exceeded
[ 1523.122594][   T30] audit: type=1400 audit(1755726113.873:578198): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=16711 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1523.624135][ T9954] Bluetooth: hci1: unexpected event for opcode 0x0c03
[ 1523.828126][T15605] usb 2-1: new full-speed USB device number 55 using dummy_hcd
[ 1524.855078][T15605] usb 2-1: too many endpoints for config 0 interface 0 altsetting 255: 33, using maximum allowed: 30
[ 1524.939986][T15605] usb 2-1: config 0 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 33
[ 1525.004067][T15605] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1525.021724][T15605] usb 2-1: New USB device found, idVendor=0458, idProduct=501b, bcdDevice= 0.00
[ 1525.054893][T15605] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1525.230426][T15605] usb 2-1: config 0 descriptor??
[ 1525.842090][T18269] 0: reclassify loop, rule prio 0, protocol 800
[ 1525.882142][T18269] 0: reclassify loop, rule prio 0, protocol 800
[ 1526.059924][T15605] kye 0003:0458:501B.001F: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[ 1526.160676][T15605] kye 0003:0458:501B.001F: hidraw0: USB HID v8.00 Device [HID 0458:501b] on usb-dummy_hcd.1-1/input0
[ 1526.227214][T15605] kye 0003:0458:501B.001F: tablet-enabling feature report not found
[ 1526.512207][T15605] kye 0003:0458:501B.001F: tablet enabling failed
[ 1526.867683][T15605] usb 2-1: USB disconnect, device number 55
[ 1526.956968][T19783] mac80211_hwsim hwsim26 wlan0: entered promiscuous mode
[ 1527.083597][T19783] macsec1: entered promiscuous mode
[ 1527.143306][T19783] macsec1: entered allmulticast mode
[ 1527.298842][T19783] mac80211_hwsim hwsim26 wlan0: entered allmulticast mode
[ 1527.869668][T18277] 0: reclassify loop, rule prio 0, protocol 800
[ 1528.180989][   T30] kauditd_printk_skb: 13756 callbacks suppressed
[ 1528.344520][   T30] audit: type=1400 audit(1755726118.662:579758): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=rw pid=19787 comm="syz.5.3854" name="video5" dev="devtmpfs" ino=939
[ 1528.376083][T16859] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1528.407957][T19792] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1528.414778][T14840] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1528.414801][T14840] audit: audit_lost=401900 audit_rate_limit=0 audit_backlog_limit=64
[ 1528.414817][T14840] audit: backlog limit exceeded
[ 1528.414833][T14840] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1528.414845][T14840] audit: audit_lost=401901 audit_rate_limit=0 audit_backlog_limit=64
[ 1528.414858][T14840] audit: backlog limit exceeded
[ 1528.414945][T14840] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1529.302136][T19806] overlayfs: failed to clone upperpath
[ 1529.912505][T19810] comedi comedi3: comedi_config --init_data is deprecated
[ 1531.282980][T19824] mac80211_hwsim hwsim15 wlan0: entered promiscuous mode
[ 1531.431841][T18269] 0: reclassify loop, rule prio 0, protocol 800
[ 1531.478009][T19824] macsec1: entered promiscuous mode
[ 1532.054698][T19824] macsec1: entered allmulticast mode
[ 1532.095052][T19824] mac80211_hwsim hwsim15 wlan0: entered allmulticast mode
[ 1532.115086][T18287] 0: reclassify loop, rule prio 0, protocol 800
[ 1533.244375][T19834] 0: reclassify loop, rule prio 0, protocol 800
[ 1533.377741][T19831] loop2: detected capacity change from 0 to 7
[ 1533.401923][T19831] Dev loop2: unable to read RDB block 7
[ 1533.484077][T18279] 0: reclassify loop, rule prio 0, protocol 800
[ 1533.494886][T19831]  loop2: AHDI p1 p2 p3
[ 1533.499105][T19831] loop2: partition table partially beyond EOD, truncated
[ 1533.572035][T19831] loop2: p1 start 1601398130 is beyond EOD, truncated
[ 1533.653093][   T30] kauditd_printk_skb: 2311 callbacks suppressed
[ 1533.653113][   T30] audit: type=1400 audit(1755726123.779:581332): lsm=SMACK fn=smack_task_setscheduler action=granted subject="_" object="_" requested=w pid=19835 comm="syz.0.3867" opid=19835 ocomm="syz.0.3867"
[ 1533.693711][T19831] loop2: p2 start 1702059890 is beyond EOD, truncated
[ 1533.749763][   T30] audit: type=1400 audit(1755726123.779:581333): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=19835 comm="syz.0.3867" name="newroot" dev="tmpfs" ino=2
[ 1533.917949][T17046] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1533.925138][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1533.929728][   T30] audit: type=1400 audit(1755726123.779:581334): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=19835 comm="syz.0.3867" name="/" dev="devtmpfs" ino=1
[ 1533.931729][    C1] audit: audit_lost=402149 audit_rate_limit=0 audit_backlog_limit=64
[ 1533.931748][    C1] audit: backlog limit exceeded
[ 1533.933336][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1533.970581][    C1] audit: audit_lost=402150 audit_rate_limit=0 audit_backlog_limit=64
[ 1533.978706][    C1] audit: backlog limit exceeded
[ 1534.060575][T19846] netlink: 44 bytes leftover after parsing attributes in process `syz.5.3869'.
[ 1534.070808][T19846] netlink: 43 bytes leftover after parsing attributes in process `syz.5.3869'.
[ 1534.081005][T19846] netlink: 'syz.5.3869': attribute type 5 has an invalid length.
[ 1534.088938][T19846] netlink: 43 bytes leftover after parsing attributes in process `syz.5.3869'.
[ 1535.181686][ T5967] usb 3-1: new full-speed USB device number 99 using dummy_hcd
[ 1535.344820][ T5967] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1535.378034][ T5967] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1535.409527][ T5967] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1535.532276][ T5967] usb 3-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[ 1535.545026][ T5967] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1535.553697][ T5967] usb 3-1: Product: syz
[ 1535.575466][ T5967] usb 3-1: Manufacturer: syz
[ 1535.587079][ T5967] usb 3-1: SerialNumber: syz
[ 1535.604480][ T5967] usb 3-1: config 0 descriptor??
[ 1535.643989][ T5967] streamzap 3-1:0.0: streamzap_probe: endpoint Max Packet Size is 0!?!
[ 1536.806977][ T5925] usb 3-1: USB disconnect, device number 99
[ 1536.907404][T18287] 0: reclassify loop, rule prio 0, protocol 800
[ 1538.207467][T19887] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1539.351016][   T30] kauditd_printk_skb: 2011 callbacks suppressed
[ 1539.351045][   T30] audit: type=1400 audit(1755726128.624:582837): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=19882 comm="syz.1.3882" saddr=10.128.0.169 src=30008 daddr=10.128.1.139 dest=48888 netif=eth0
[ 1540.458641][T18279] 0: reclassify loop, rule prio 0, protocol 800
[ 1540.546669][T19891] x_tables: duplicate entry at hook 1
[ 1540.594236][T18282] 0: reclassify loop, rule prio 0, protocol 800
[ 1540.639008][T19885] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1540.655171][T19885] audit: audit_lost=402321 audit_rate_limit=0 audit_backlog_limit=64
[ 1540.655293][   T30] audit: type=1400 audit(1755726129.092:582839): lsm=SMACK fn=smack_socket_sock_rcv_skb action=granted subject="_" object="_" requested=w pid=19882 comm="syz.1.3882" saddr=10.128.0.169 src=30008 daddr=10.128.1.139 dest=48888 netif=eth0
[ 1540.663272][T19885] audit: backlog limit exceeded
[ 1540.686590][   T30] audit: type=1400 audit(1755726128.999:582838): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=19885 comm="modprobe" name="/" dev="sda1" ino=2
[ 1540.686638][   T30] audit: type=1400 audit(1755726129.289:582840): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=19885 comm="modprobe" name="/" dev="sda1" ino=2
[ 1540.686675][   T30] audit: type=1400 audit(1755726129.289:582841): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=19885 comm="modprobe" name="lib" dev="sda1" ino=264
[ 1540.695864][T14840] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1540.710361][   T30] audit: type=1400 audit(1755726129.289:582842): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=19885 comm="modprobe" name="lib" dev="sda1" ino=264
[ 1540.810284][T19881] netlink: 'syz.5.3880': attribute type 5 has an invalid length.
[ 1541.140209][T19897] binder: 19893:19897 unknown command 0
[ 1541.146243][T19897] binder: 19893:19897 ioctl c0306201 200000000080 returned -22
[ 1542.131864][T19895] mac80211_hwsim hwsim26 syzkaller0: entered promiscuous mode
[ 1542.139894][T19895] mac80211_hwsim hwsim26 syzkaller0: entered allmulticast mode
[ 1542.379925][T13656] 0: reclassify loop, rule prio 0, protocol 800
[ 1542.659923][T19908] 0: reclassify loop, rule prio 0, protocol 800
[ 1544.728238][   T30] kauditd_printk_skb: 1230 callbacks suppressed
[ 1544.728255][   T30] audit: type=1400 audit(1755726134.162:584071): lsm=SMACK fn=smack_inode_permission action=granted subject="_" object="_" requested=x pid=14840 comm="syz-executor" name="newroot" dev="tmpfs" ino=2
[ 1544.762260][T14840] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1544.768923][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1544.768936][    C1] audit: audit_lost=402323 audit_rate_limit=0 audit_backlog_limit=64
[ 1544.768945][    C1] audit: backlog limit exceeded
[ 1544.769040][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1544.769049][    C1] audit: audit_lost=402324 audit_rate_limit=0 audit_backlog_limit=64
[ 1544.769058][    C1] audit: backlog limit exceeded
[ 1544.808551][    C1] audit: audit_backlog=65 > audit_backlog_limit=64
[ 1544.808574][    C1] audit: audit_lost=402325 audit_rate_limit=0 audit_backlog_limit=64
[ 1544.997345][T19933] 
[ 1544.999715][T19933] ======================================================
[ 1545.006738][T19933] WARNING: possible circular locking dependency detected
[ 1545.013825][T19933] 6.16.0-syzkaller #0 Not tainted
[ 1545.018842][T19933] ------------------------------------------------------
[ 1545.025944][T19933] syz.1.3892/19933 is trying to acquire lock:
[ 1545.032002][T19933] ffff888141f1b358 (&disk->open_mutex){+.+.}-{4:4}, at: __del_gendisk+0x129/0x9e0
[ 1545.041519][T19933] 
[ 1545.041519][T19933] but task is already holding lock:
[ 1545.048874][T19933] ffff888141f1a368 (&set->update_nr_hwq_lock){++++}-{4:4}, at: del_gendisk+0xe0/0x160
[ 1545.058462][T19933] 
[ 1545.058462][T19933] which lock already depends on the new lock.
[ 1545.058462][T19933] 
[ 1545.068871][T19933] 
[ 1545.068871][T19933] the existing dependency chain (in reverse order) is:
[ 1545.077884][T19933] 
[ 1545.077884][T19933] -> #2 (&set->update_nr_hwq_lock){++++}-{4:4}:
[ 1545.086404][T19933]        lock_acquire+0x120/0x360
[ 1545.091427][T19933]        down_write+0x96/0x1f0
[ 1545.096190][T19933]        blk_mq_update_nr_hw_queues+0x3b/0x14c0
[ 1545.102436][T19933]        nbd_start_device+0x16c/0xac0
[ 1545.107806][T19933]        nbd_genl_connect+0x135b/0x18f0
[ 1545.113356][T19933]        genl_family_rcv_msg_doit+0x215/0x300
[ 1545.119424][T19933]        genl_rcv_msg+0x60e/0x790
[ 1545.124445][T19933]        netlink_rcv_skb+0x205/0x470
[ 1545.129908][T19933]        genl_rcv+0x28/0x40
[ 1545.134405][T19933]        netlink_unicast+0x75c/0x8e0
[ 1545.139691][T19933]        netlink_sendmsg+0x805/0xb30
[ 1545.144975][T19933]        __sock_sendmsg+0x21c/0x270
[ 1545.150170][T19933]        ____sys_sendmsg+0x505/0x830
[ 1545.155453][T19933]        ___sys_sendmsg+0x21f/0x2a0
[ 1545.160653][T19933]        __x64_sys_sendmsg+0x19b/0x260
[ 1545.166129][T19933]        do_syscall_64+0xfa/0x3b0
[ 1545.171157][T19933]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1545.177567][T19933] 
[ 1545.177567][T19933] -> #1 (&nbd->config_lock){+.+.}-{4:4}:
[ 1545.185390][T19933]        lock_acquire+0x120/0x360
[ 1545.190415][T19933]        __mutex_lock+0x182/0xe80
[ 1545.195440][T19933]        refcount_dec_and_mutex_lock+0x30/0xa0
[ 1545.201595][T19933]        nbd_config_put+0x2c/0x790
[ 1545.206703][T19933]        nbd_release+0xfe/0x140
[ 1545.211639][T19933]        bdev_release+0x533/0x650
[ 1545.216671][T19933]        blkdev_release+0x15/0x20
[ 1545.221711][T19933]        __fput+0x449/0xa70
[ 1545.226390][T19933]        fput_close_sync+0x119/0x200
[ 1545.231677][T19933]        __x64_sys_close+0x7f/0x110
[ 1545.236878][T19933]        do_syscall_64+0xfa/0x3b0
[ 1545.241901][T19933]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1545.248315][T19933] 
[ 1545.248315][T19933] -> #0 (&disk->open_mutex){+.+.}-{4:4}:
[ 1545.256149][T19933]        validate_chain+0xb9b/0x2140
[ 1545.261437][T19933]        __lock_acquire+0xab9/0xd20
[ 1545.266630][T19933]        lock_acquire+0x120/0x360
[ 1545.271649][T19933]        __mutex_lock+0x182/0xe80
[ 1545.276769][T19933]        __del_gendisk+0x129/0x9e0
[ 1545.281972][T19933]        del_gendisk+0xe8/0x160
[ 1545.286818][T19933]        loop_remove+0x42/0xc0
[ 1545.291584][T19933]        loop_control_ioctl+0x4ac/0x5a0
[ 1545.297119][T19933]        __se_sys_ioctl+0xfc/0x170
[ 1545.302260][T19933]        do_syscall_64+0xfa/0x3b0
[ 1545.307285][T19933]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1545.313705][T19933] 
[ 1545.313705][T19933] other info that might help us debug this:
[ 1545.313705][T19933] 
[ 1545.323929][T19933] Chain exists of:
[ 1545.323929][T19933]   &disk->open_mutex --> &nbd->config_lock --> &set->update_nr_hwq_lock
[ 1545.323929][T19933] 
[ 1545.338148][T19933]  Possible unsafe locking scenario:
[ 1545.338148][T19933] 
[ 1545.345676][T19933]        CPU0                    CPU1
[ 1545.351030][T19933]        ----                    ----
[ 1545.356476][T19933]   rlock(&set->update_nr_hwq_lock);
[ 1545.361759][T19933]                                lock(&nbd->config_lock);
[ 1545.368870][T19933]                                lock(&set->update_nr_hwq_lock);
[ 1545.376606][T19933]   lock(&disk->open_mutex);
[ 1545.381300][T19933] 
[ 1545.381300][T19933]  *** DEADLOCK ***
[ 1545.381300][T19933] 
[ 1545.389451][T19933] 1 lock held by syz.1.3892/19933:
[ 1545.394561][T19933]  #0: ffff888141f1a368 (&set->update_nr_hwq_lock){++++}-{4:4}, at: del_gendisk+0xe0/0x160
[ 1545.404584][T19933] 
[ 1545.404584][T19933] stack backtrace:
[ 1545.410464][T19933] CPU: 0 UID: 0 PID: 19933 Comm: syz.1.3892 Not tainted 6.16.0-syzkaller #0 PREEMPT(full) 
[ 1545.410485][T19933] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1545.410496][T19933] Call Trace:
[ 1545.410505][T19933]  <TASK>
[ 1545.410514][T19933]  dump_stack_lvl+0x189/0x250
[ 1545.410537][T19933]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1545.410555][T19933]  ? __pfx__printk+0x10/0x10
[ 1545.410577][T19933]  ? print_lock_name+0xde/0x100
[ 1545.410599][T19933]  print_circular_bug+0x2ee/0x310
[ 1545.410621][T19933]  check_noncircular+0x134/0x160
[ 1545.410643][T19933]  validate_chain+0xb9b/0x2140
[ 1545.410663][T19933]  ? stack_depot_save_flags+0x40/0x900
[ 1545.410688][T19933]  __lock_acquire+0xab9/0xd20
[ 1545.410706][T19933]  ? __del_gendisk+0x129/0x9e0
[ 1545.410726][T19933]  lock_acquire+0x120/0x360
[ 1545.410740][T19933]  ? __del_gendisk+0x129/0x9e0
[ 1545.410763][T19933]  ? lockdep_unlock+0x89/0x120
[ 1545.410789][T19933]  __mutex_lock+0x182/0xe80
[ 1545.410808][T19933]  ? __del_gendisk+0x129/0x9e0
[ 1545.410837][T19933]  ? __del_gendisk+0x129/0x9e0
[ 1545.410858][T19933]  ? __pfx___mutex_lock+0x10/0x10
[ 1545.410877][T19933]  ? __pfx___might_resched+0x10/0x10
[ 1545.410898][T19933]  ? __lock_acquire+0xab9/0xd20
[ 1545.410913][T19933]  ? disk_del_events+0xb5/0x210
[ 1545.410935][T19933]  ? __del_gendisk+0xc1/0x9e0
[ 1545.410956][T19933]  __del_gendisk+0x129/0x9e0
[ 1545.410977][T19933]  ? del_gendisk+0xe0/0x160
[ 1545.410999][T19933]  ? __pfx___del_gendisk+0x10/0x10
[ 1545.411022][T19933]  ? down_read+0x1ad/0x2e0
[ 1545.411041][T19933]  del_gendisk+0xe8/0x160
[ 1545.411062][T19933]  loop_remove+0x42/0xc0
[ 1545.411088][T19933]  loop_control_ioctl+0x4ac/0x5a0
[ 1545.411106][T19933]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1545.411121][T19933]  ? __fget_files+0x2a/0x420
[ 1545.411141][T19933]  ? bpf_lsm_file_ioctl+0x9/0x20
[ 1545.411161][T19933]  ? __pfx_loop_control_ioctl+0x10/0x10
[ 1545.411176][T19933]  __se_sys_ioctl+0xfc/0x170
[ 1545.411201][T19933]  do_syscall_64+0xfa/0x3b0
[ 1545.411219][T19933]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1545.411236][T19933]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1545.411253][T19933]  ? clear_bhb_loop+0x60/0xb0
[ 1545.411271][T19933]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1545.411289][T19933] RIP: 0033:0x7f089698ebe9
[ 1545.411304][T19933] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1545.411320][T19933] RSP: 002b:00007f08977b7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1545.411337][T19933] RAX: ffffffffffffffda RBX: 00007f0896bb5fa0 RCX: 00007f089698ebe9
[ 1545.411351][T19933] RDX: 0000000000000000 RSI: 0000000000004c81 RDI: 0000000000000004
[ 1545.411362][T19933] RBP: 00007f0896a11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1545.411373][T19933] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1545.411384][T19933] R13: 00007f0896bb6038 R14: 00007f0896bb5fa0 R15: 00007fffec9736f8
[ 1545.411403][T19933]  </TASK>
[ 1546.633612][T18269] 0: reclassify loop, rule prio 0, protocol 800
[ 1546.640860][T18277] 0: reclassify loop, rule prio 0, protocol 800
[ 1548.534591][T13656] 0: reclassify loop, rule prio 0, protocol 800
[ 1552.640147][T13656] 0: reclassify loop, rule prio 0, protocol 800
[ 1552.640294][T18277] 0: reclassify loop, rule prio 0, protocol 800
[ 1553.324073][    C0] 0: reclassify loop, rule prio 0, protocol 800
[ 1554.692388][T18269] 0: reclassify loop, rule prio 0, protocol 800