last executing test programs:

10m56.58939394s ago: executing program 4 (id=201):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000240)='dctcp', 0x5)
syz_emit_ethernet(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket(0x29, 0x2, 0x0)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[], 0x10}}, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000180)='net/kcm\x00')
preadv(r3, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/168, 0xa8}], 0x1, 0x2004, 0x80)
openat$sysfs(0xffffffffffffff9c, 0x0, 0x0, 0x40)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000240), 0x3af4701e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r4, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r5 = syz_clone(0x0, 0x0, 0x43, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ipvs(0x0, r4)
process_vm_writev(r5, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)

10m55.189489061s ago: executing program 4 (id=203):
syz_open_dev$tty20(0xc, 0x4, 0x0)
r0 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={0xffffffffffffffff, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000240)=[0x4], 0x0, 0x0, 0x1, 0x1}}, 0x40)
syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x2, 0x2, 0x1)
socket$inet6(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0))
pipe2(&(0x7f0000000000), 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000080)={r1, 0xffffffffffffffff, 0x5, 0x2})
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000080), 0xfffffebe}], 0x1)

10m54.421485407s ago: executing program 4 (id=205):
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
connect$llc(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0xc0a40, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, 0x0, 0x0)
r1 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100000cb768405e0483020b9901e4020109021b000100000000090400fb015c291d00090509"], 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x3, 0x183a00)
syz_usb_disconnect(r1)
fsopen(&(0x7f00000003c0)='ocfs2\x00', 0x1)

10m48.25296439s ago: executing program 4 (id=212):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000002980)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000005c0)=ANY=[], 0x48}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

10m47.435924287s ago: executing program 4 (id=213):
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
connect$llc(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, 0x0, 0xc0a40, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r0, 0x0, 0x0)
r1 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="120100000cb768405e0483020b9901e4020109021b000100000000090400fb015c291d00090509"], 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x3, 0x183a00)
syz_usb_disconnect(r1)
fsopen(&(0x7f00000003c0)='ocfs2\x00', 0x1)

10m42.012916233s ago: executing program 4 (id=220):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x9f, 0x18, 0x76, 0x20, 0x17ef, 0x7203, 0x2e36, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xbc, 0x0, 0x1, 0x9e, 0x88, 0x33, 0x0, [], [{{0x9, 0x5, 0x82, 0x2, 0x20, 0x0, 0x0, 0x3}}]}}]}}]}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r2 = syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r5, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

10m26.637009981s ago: executing program 32 (id=220):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x9f, 0x18, 0x76, 0x20, 0x17ef, 0x7203, 0x2e36, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xbc, 0x0, 0x1, 0x9e, 0x88, 0x33, 0x0, [], [{{0x9, 0x5, 0x82, 0x2, 0x20, 0x0, 0x0, 0x3}}]}}]}}]}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r2 = syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_PRE_FAULT_MEMORY(r5, 0xc040aed5, &(0x7f00000000c0)={0xf000, 0x118000})

1m41.513900031s ago: executing program 2 (id=2647):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="0000000000004a641c0012000c000100626f6e640000"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="4c00000010000104000000000009000000000000", @ANYRES32=0x0, @ANYBLOB="00030000000000001c0012800c0001006d6163766c616e000c000280080001000800000008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r5], 0x4c}}, 0x884)

1m38.638166197s ago: executing program 2 (id=2657):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000080)='configfs\x00', 0x200, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x28400, 0x3c)
getdents64(r0, 0x0, 0x0) (fail_nth: 1)

1m37.866144015s ago: executing program 2 (id=2660):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x20004450)
sendmsg$NFT_BATCH(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000000c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x44, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @immediate={{0xe}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0xc, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x5, 0x1, "fd"}]}, @NFTA_IMMEDIATE_DREG={0x8, 0x1, 0x1, 0x0, 0x14}]}}}, {0x14, 0x1, 0x0, 0x1, @redir={{0xa}, @val={0x4}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x98}, 0x1, 0x0, 0x0, 0x40}, 0x24000840)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB], 0xcfa4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1m36.903918433s ago: executing program 2 (id=2668):
socket$inet6(0xa, 0x3, 0x3c)
mount$9p_fd(0x0, &(0x7f0000000980)='.\x00', 0x0, 0x104000, 0x0)
syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f00000002c0)='./file0\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x805099, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, 0x0, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000850}, 0x4000810)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
ioctl$int_out(0xffffffffffffffff, 0x0, &(0x7f0000000040))
openat$6lowpan_control(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
openat$nci(0xffffff9c, 0x0, 0x2, 0x0)
sendfile(r3, r3, 0x0, 0x200900)

1m34.323796353s ago: executing program 2 (id=2683):
r0 = memfd_create(&(0x7f0000000080)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea\x7f\x8cZ7`_4t\xcda\x9b\x11\x11\x0e\xa1\xcf\x00'/51, 0x2)
r1 = openat$smackfs_access(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/fs/smackfs/access2\x00', 0x2, 0x0)
write$smackfs_access(r1, &(0x7f00000001c0)=ANY=[@ANYBLOB="6572726f72733d7265696f756e742d726f209d0e206c"], 0x17)
read$smackfs_access(r1, &(0x7f0000000240), 0x14)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$kcm(0x2, 0x200000000000001, 0x106)
sendmsg$inet(r3, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
setsockopt$sock_attach_bpf(r3, 0x6, 0xd, &(0x7f0000000000), 0x4)
setsockopt$sock_attach_bpf(r3, 0x1, 0x24, &(0x7f0000000540), 0x4)
sendmsg$nl_route(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="300000001800010025bd7000fbcbdf250a101400ff02fe01aa3ca15408001f"], 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x20008010)
r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x101301)
ioctl$USBDEVFS_FREE_STREAMS(r4, 0x802c550a, &(0x7f0000000000)=ANY=[])
ftruncate(r0, 0x1000006)
r5 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x6, 0x14, &(0x7f00000000c0)=@raw=[@jmp={0x5, 0x1, 0xf, 0x9, 0x1, 0x40, 0x1}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x7ff}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x3}, @printk={@lx, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x596}}, @map_fd={0x18, 0xa, 0x1, 0x0, 0x1}, @map_fd={0x18, 0x2, 0x1, 0x0, 0x1}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffa}, @alu={0xadfb5d981446dc28, 0x0, 0x4, 0x4, 0xb, 0x80, 0xffffffffffffffff}, @exit, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x10, 0x0, 0x0, 0x0, 0x6}], &(0x7f0000000000)='GPL\x00', 0x9, 0xe2, &(0x7f00000003c0)=""/226, 0x40f00, 0x32, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000040)={0x7, 0x5}, 0x8, 0x10, &(0x7f0000000180)={0x4, 0x9, 0x5, 0x4af}, 0x10}, 0x94)
fcntl$addseals(r5, 0x409, 0x2)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f0000000200)={0x0, 0x1, 0x9, 0x7})

1m29.0332701s ago: executing program 2 (id=2701):
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r0=>0x0, <r1=>0x0})
close(r0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
r2 = epoll_create1(0x0)
r3 = timerfd_create(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x7ffffffe, r3, &(0x7f0000000100)={0x30000008})
socketpair(0x5, 0x4, 0x0, 0x0)
r4 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r4, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
write$cgroup_subtree(r4, &(0x7f0000000040)=ANY=[], 0xfdef)

1m28.286467917s ago: executing program 33 (id=2701):
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r0=>0x0, <r1=>0x0})
close(r0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
r2 = epoll_create1(0x0)
r3 = timerfd_create(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x7ffffffe, r3, &(0x7f0000000100)={0x30000008})
socketpair(0x5, 0x4, 0x0, 0x0)
r4 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r4, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
write$cgroup_subtree(r4, &(0x7f0000000040)=ANY=[], 0xfdef)

32.97232883s ago: executing program 0 (id=2922):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000580)={&(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x1, {0x2, 0x0, 0x2}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x8811}, 0x40)

32.690192285s ago: executing program 0 (id=2924):
process_vm_readv(0x0, &(0x7f0000000200)=[{0x0}], 0x1, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000f40)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe0000000085000000c0000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c03406910927c6b0b55b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfe79578e51bc53099e90f4580d760551b5b342f7cbdb9cd38bdb2209c676b2ac2deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f132020000002cbe7bc04b82d2789cb1b2b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c41146dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a42b359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780c70014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e506d1387b63112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece08ac772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2ef0ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a3f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099bdae7ed04935c2c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adeb988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ffa3c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe4a3ced846891180604b6dd2499d16d7d9158ffffff069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb0814040000007874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dbae3428d2129ecfce1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296c6a298c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f050000000000000026049fe86e09623524f390bf79b441b75fc790c58e273cd905deb28c13c1ed1c0d9cae846b03008cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc48f97496079654f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b4749c28eb5167e9936ed327fb237a56224e49d9ea956d1798571b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecf743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be182724d95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd0403a099f32468f1561f058960d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b656dc0e32384f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bbe3e8ef76f57a2d0e69115d33394e86e4b83c0f3c2a34635f3eee4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cd082027c641ec4355eb4acff90756d1a1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8cc3fe28bc3586844f5fecb92aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a5906002fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128ab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0afd9ae134400f70b5e6aefb7eee403502732df858a2ea033b6c91c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80ffb8f386bb79f5589829b6b0679b5d65a00000000000000e6ff00000000000000000000faff0000bab50bc8508a9644d3e7c328b0ff22035c8073f8c1f0e3da7339fc81d4ab3ef2857ef70a81d8a1628da28c942571880e22df7cabae56d5ff5e483c9c1f5a258b8f1f34cc300312f76a374a6e9b3f9dbd7f538a80b00f97e47895b3201c5126feca0888956a7d768198d9c2109ac508a47ebb99c539ef45af7d87b308117a9e321a3861bc42cf41942c31268a4020221d7b1622585094eddd83c7f4acdd7f5c23d8b730bf03118261edada8b8487a3b1b7548a4687a91f12bf70bb1df3bfe7d4b92ad6fcbf401efd6eb004cf20016ad8d1dad136dd856ffca238b39482811f9c8524bf182f1956a3d044423927df28880bbd11c06407220df8e1d1d483d947d990dc175803d765ca14a915a0040b641959ad3e776b4bb4852fea12983dc18b7404914a6137dc4a78f1e0d331c60a9019c21698cd18753491df962f496f2395563e9c3d7b1228d0e488cf7e50a29541aa757f2e2ee9ff4433d65db0de5a123d569e39dce481156cbec584c9a32a8e3b032fa003192c891d83119bc950abac9147b9fcb0acd9a207b5ceb7e8ed1d91c000000000000000000000000000000141258373281153fa27e586ea82650f070d8851ac9e7ac07b37a6479d4017b5b5af3ff4c91235df4f657d77e386a329aec4d766369c86b62b01ceb028c6fcf206883633cb143016b9f5351a45a8cb4ea110ba700000000000000883416b6eff6a793c71deb7d780c4f51d86ece127c0714144916f397d398ad2fe72b710b932c15c2369cb5d2d2f6ae420672c4a626195a891ac51825077fbc286aa3866bbf18a4a8b836ea8c90af0d5f0aff55b50bc18c27875ed2628b91224b7fa9fd10ccd7c1b1a92bac529df981a6d30100e68555553625c0e91a51000000000000000000fe030f85b294f3ea1fce314a9dcefbe3b64e83c35c5e95734786ca78315793cc0e6e776d2ec07c55cd89541ec25e074e840287011cab538d79e1569df321282071d49a4dc5fb2d7da1d05249d0e153fd04aca2", @ANYRES8], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x16, 0x0, 0xffffffffffffffff, 0xffffffffffffffc9}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000003c0)="0000003282031328ebc38f000000", 0x0, 0xfffffff9, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a00000006000000080000000800000040000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
close(0x3)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r2=>r1}, './file0\x00'})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000180)=r0}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e00002103000000fcffffff020000008400b6d6fdf91e2727a7a3460000b615bd4361c41fd55941e183df37b778b16d3955a4d99b90213de015b93e681b71b4bccef613076bbab2645f332fb56bacb3f7501d3bdb7363eab7cbb0799f13704df6a5f4099286e8546037e98e4ed32e96f30a8205e8a54cde1b51b60f596f01454d5f2d65966cfd13bc29c06c793460800292be2d88f08feed00ea2751fc9292a331eb6cf0a62373354ca10050a0bd20b295bcd7e9d828f87c9e96678f674de2c974529b57f10a1c9615152f86c3b6a733636a0cbff1c59784feca9ef16565bdc50fdb52588c14b5437b0c0a2cafcaf15881cda609e40d1df9444da22a8005d32795d63a43ff434c1bc8cccac1eab091661", @ANYRES32=r3, @ANYBLOB='\b\x00'/20, @ANYRES32=0x0, @ANYRES32=r2, @ANYBLOB="05000000000000000500"/28], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r4}, 0xc)
r5 = syz_usb_connect(0x0, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="120100002eab5a40401c3405cc6d010203010902120001000000000904"], 0x0)
syz_usb_control_io$printer(r5, 0x0, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r6, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r7 = socket$kcm(0x10, 0x2, 0x0)
symlink(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file2\x00', 0x8000, 0x0)
r8 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
r9 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x200000, 0x13b)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r8, 0x1, &(0x7f0000000340)={0x2000, r9}, 0x0)
landlock_restrict_self(r8, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
sendmsg$kcm(r7, &(0x7f0000000600)={0x0, 0xfd, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40)
syz_usb_control_io$printer(r5, 0x0, &(0x7f0000000480)={0x34, &(0x7f00000001c0)={0x40, 0x16, 0x4, "90b7a71b"}, 0x0, 0x0, 0x0, 0x0, 0x0})
r10 = getpid()
sched_setscheduler(r10, 0x2, &(0x7f0000000200)=0x6)
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f00000007c0)={{{@in=@private, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@empty}, 0x0, @in=@loopback}}, &(0x7f0000000100)=0xe8)
setsockopt$sock_cred(r7, 0x1, 0x11, &(0x7f0000000140)={r10, r11, 0xee01}, 0xc)

29.13005396s ago: executing program 0 (id=2942):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000480)=@nat={'nat\x00', 0x1b, 0x5, 0x388, 0xa8, 0xa8, 0xffffffff, 0x0, 0xa8, 0x318, 0x318, 0xffffffff, 0x318, 0x318, 0x5, 0x0, {[{{@ip={@multicast2, @multicast1, 0xff, 0xffffff00, 'ip6tnl0\x00', 'bond0\x00', {0xff}, {0xff}, 0x33, 0x3, 0x65}, 0x0, 0x70, 0xa8}, @DNAT0={0x38, 'DNAT\x00', 0x0, {0x1, {0x0, @rand_addr=0x64010101, @initdev={0xac, 0x1e, 0x0, 0x0}, @icmp_id=0x65, @gre_key=0x4}}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0xffffff00, 0x0, 'syzkaller1\x00', 'batadv_slave_1\x00', {0xff}, {0xff}, 0x8, 0x0, 0x20}, 0x0, 0x70, 0xa8}, @SNAT0={0x38, 'SNAT\x00', 0x0, {0x1, {0x12, @empty, @multicast1, @gre_key=0xd23b, @gre_key}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x1, [0x2, 0x3f4057640e92cba5, 0x5, 0x6, 0x1, 0x4], 0x3, 0x6}, {0x1, [0x0, 0x0, 0x4, 0x0, 0x3, 0x5], 0x6, 0x7}}}}, {{@ip={@initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010101, 0xffffffff, 0xffffffff, 'rose0\x00', 'lo\x00', {0xff}, {0xff}, 0x5e, 0x2, 0x38}, 0x0, 0x70, 0xd0}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @local, 0x6, 0xe, [0x25, 0x36, 0x6, 0x1e, 0x13, 0x6, 0x2a, 0x1f, 0x12, 0x9, 0x2, 0xe, 0x10, 0x29, 0x34, 0x20], 0x0, 0x7, 0x8}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3e8)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_SETCRTC(r2, 0xc06864a2, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x5, 0x8, 0x3, 0xfffffffc, {0x2, 0x6ffb, 0x400, 0x0, 0xd3, 0x7, 0x0, 0x8, 0xfff, 0x5, 0x4, 0x400, 0x3, 0x9, "f2c247833358e0381ccb78073c0957b5e1d9a760ae9299f96d55ee2bd57a26bd"}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x80}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0300000004000000040000000a00000000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000200"/28], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r6}, &(0x7f0000000280), &(0x7f0000000240)=r3}, 0x20)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000000000850000000c000000b7000000000000001801000000082c2500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r4, 0x1, 0x32, &(0x7f00000000c0)=r7, 0x4)
sendmsg$inet(r5, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d40)={{0x14}, [@NFT_MSG_NEWOBJ={0x20, 0x12, 0xa, 0x902, 0x0, 0x0, {0x0, 0x0, 0x1}, @NFT_OBJECT_CONNLIMIT=@NFTA_OBJ_NAME={0x9, 0x2, 'syz0\x00'}}, @NFT_MSG_DELOBJ={0x30, 0x14, 0xa, 0x201, 0x0, 0x0, {0x7, 0x0, 0x6}, [@NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0xa}, @NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_OBJ_HANDLE={0xc, 0x6, 0x1, 0x0, 0x4}]}, @NFT_MSG_DELSET={0x80, 0xb, 0xa, 0x3, 0x0, 0x0, {0x2, 0x0, 0x6}, [@NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0xb}, @NFTA_SET_DATA_TYPE={0x8}, @NFTA_SET_EXPR={0x5c, 0x11, 0x0, 0x1, @counter={{0xc}, @val={0x4c, 0x2, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x100000000}, @NFTA_COUNTER_PACKETS={0xc}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x2}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x4}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x17f9}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x2}]}}}]}], {0x14}}, 0xf8}}, 0x0)
r8 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
bind$nfc_llcp(r8, &(0x7f0000000380)={0x27, 0x0, 0x0, 0x0, 0x0, 0x0, "d9298498abdba7f061bd1ca44c226af5160e961711a03760760beeab91e8ff0055e5c0d48bd63ffdb93bd43a847a1597c8ef03da5be42200", 0x37}, 0x60)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_FLUSH(r0, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000e40)={0x110, r9, 0x10, 0x70bd27, 0x25dfdbfe, {}, [@TIPC_NLA_PUBL={0x24, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x7f94}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x8a60}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xffff8000}]}, @TIPC_NLA_NET={0x24, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0xffffff81}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x2}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x400}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xd}]}, @TIPC_NLA_NODE={0x70, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x800}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_NODE_KEY={0x41, 0x4, {'gcm(aes)\x00', 0x19, "8731416e3c0ecfc7efaf27fb7902487261a62fc3739406dc3f"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x5}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x8f40}]}, @TIPC_NLA_MON={0x44, 0x9, 0x0, 0x1, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x527}, @TIPC_NLA_MON_REF={0x8, 0x2, 0xc50b}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x400}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x8000}, 0x44)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./bus\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./bus\x00', &(0x7f0000000040)='smb3\x00', 0x0, &(0x7f00000000c0)='rdma')
ppoll(&(0x7f00000000c0)=[{r8}], 0x1, &(0x7f0000000240)={0x0, 0x3938700}, 0x0, 0x0)
r10 = socket(0x40000000015, 0x5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000b40)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r11, 0x8b04, &(0x7f0000000040)={'wlan1\x00', @random="01000000018d"})
setsockopt$RDS_FREE_MR(r10, 0x114, 0x3, &(0x7f0000000180)={{0x3, 0x9}}, 0x10)
r12 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r12, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000540)=ANY=[@ANYBLOB=' \x00\x00\x00_\x00]'], 0x20}], 0x1}, 0x40)

27.162524009s ago: executing program 6 (id=2944):
ioctl$BTRFS_IOC_INO_LOOKUP_USER(0xffffffffffffffff, 0xd000943e, &(0x7f0000000040)={0x0, 0x0, "e907f8f9951e76c13f64323723e7eecdf40c363423eb3d259266ec9c37865c6c1a4640ce1b22bb3327ef4f8a1d34c07c3260049e4f8d3ee0878ae95bc7f523634457ffb3baf7aea4fb76dcfde6f11ed2c41d078b9cf1fc8f725661f37017ea6b16b694bb4a6e4606c3fb19d1d2bd3c8c4d97da2213f9d5c3c27df0355808390666e827d61dcc3a633bb0adc1a1b64b99fd720a170e7f5670e419dc64febf7ddc73fd4a5a0b6c281e05c5d1471d8d2a58f5edaccfa15096c708329d97afc3612e325c1eb4a3ab2e156a974448000000000000c99200", "0615e456c196e819a321fdb3690bfab19538829a732a01781564ef7738cb5b82a704b3952f81c68bb4deeaad63206f88201638e87c4981cbf9332cbc9c4d69e392bd33237ece7ad91e44edac0da8dacad81adf2e08c21ad6b44ce1f90bd618c255ca40cdb411485fb48a51d329c816b3488c7d032ef69c502c6e1236bd381efd410165988847c1dcb98a18ca2b853910e52044fa3b3026cb88de269537c8f26ffc3b15cbf279832bfc90bd95939043182e88050dfd2a4784a5d1453610fb1f1c2bac36c3ecd3e6fb756ef8880debeef3636afd981d8af4ab119928448f90351aec113335eacf52a18c87738d9679d31ce0108dc556e597655ba11bacc032a16fbefc64776f363610a15b37bcd36e6a7cba931151b9c9ba5779d550e9ab21603a43a25f3b4895d8dc4f3ce0e7d5e964e888169ea79a0848e9338b3d34d62e963fbf98834f44f1419907f0ffdb76373af77a34edee7789f56e7f01bdab9614a0d460f791a06e6cf5243bf2b3a1624a5fec7e1116f1c81f5ef4b895be74bf67eea9193428b58a8b62b7976d3d2e59796c46ec918c83cd49c3f43dbd2967586966c19ace7b0bef5f94eb333b362649f1bfa114f8b1f126e97ec672cff77e2130823fa7a1df6760c6a8917815e9f0a409ed32b133df7dc9afceffcd472b35145c83c9167764d25ce214133c6170adeb6653b30b196a3b6ff1363ac862a540c7fab584cd051ce7ee951e0f121d43cff75afbdec6bc6f6e8f7db58c8086751320d22ee8582e915cabc536e3767e9a9230c9ae8b92398f0ca2a7141fa4588af7afde10e5ec2a6fe85ba5712e126629d4e3998fc4721cb638f2ef8356049e3448466e2c400d5e8baf843fa399907cb526b791c5350ce29204cb6fe50b892a69ec6dbecc28f032a745738faa12c2a34222942fef0ec0511da5fe0b565ceac429da7cc25cfe0320b40a514723e2392a6a361032343edb79fd83cd0a354837153542fd61b3156b54c566036e493250c3a3214738e3cacc24a50d5dfd17d5008b4ca629c3062f3417cb67c48b8b888ae51256bb4e6c68e95a71a00383ad9df263f6a775ded64fef20ed5cb5f31c33cb86f839d00a12e40cd31219113619c4e0585454cb1776278bfd7f5c4275792afb790e83ff0fc69253553d9bf3e9ccaec6dec2292366e39b9dc66f7adcf449a1a718e5217183faf0f679efc5cef20bcdcf2d12ea0684087fc0d693256e280025b23b5a08b7b1ebe7d41fb045793f971d6ee066604818cb09d86c1eda99a44c35476a113fd5d1a7543f8f99424ebb78dd9e00d719502a6eafa743a061fa3fa55e4deaa0a011b6b9d633f10e0c9446b5a2e3f6d6014ab00695366c1a6bf0c32f703aebb7988c7d4d322681458e85626312c70f376288f989f334f4da3099c0b4af433eb9a51f9609f2c0c09a98b18880c868b34d6ac0210f073765666100976ee1d928893f983580ea47a012144633b98e02c3e81869534ab985eb3a73e0bac892dac949f85db949285a6a7a490b1075467226af23df82d8dd09b7282490fbb3ada9ed4cae8f761aefbe0701de6b132f12044c58ac1c2607c8f51361de5bed021dea13fd0a440263cf0b304522a324b581ab274e7bdae5994316657b5c0ab0220d9b08739729f7a35d436878c182aec4f08dd161c11ee5b7937fae7835e8bfe98a44c8d4bbb2e0eee0cb5d7c93517e96a9fc8132e60f3ef7c735bea1934b37df451f981c8d9210e61278c871e6dad6ceb89aa4d7245658a63e65cec7b81d307426a60a31cc917844a14e1d9ad83bef1c9f736d18367c950d1275caece0d46ab9f3b0e95d9cf560eb8134e8346b35e0a6f60e6a87a14c4aeb3e0d06158390660a52a6e44b524c1e16de2bf99870f78fc81d267072bc63e97d3f26d23fd59799ff2c847d6a724cebc2377a582ba73d99a610a095c28d66c60910ac64b7d18847fa98fd8528b72e0a149b082c731575b2e2763e67c821ba29eecd8b8c87981c4fb1fbbaaa4e8aa077ec98de1362fc7af7a0ac5e3297fd0d924124b2e255b5cc4f6b0873f3d34418d5ae0d6f734628f38cb9b856b2db3fbb2fafb76983eabc51a348e55789e997fa25cbe6e5031bd2e33d4e2686f964a65d1abf7f96a20a8b270b1522ace4adf6fdade5cd3f101574960d13267e2382f70027ebe5ef7f9418e14e6a8a130d2aec2253c8fe21825e3295774db0c9b1340ea28a96589ba0d9f79aa61b92aea6f704ef7f716d849b8c77e6922e198a086d8133491d0bb85b925825a6d307d7cc8f09c655aa3edabf84c75560dfb279ee3e8b825323279edc58c3161e72cf9ae02ef80d500da922c0abeb8b164abd9c17ef7c02e89000d67b0c2ddd078cacbf37c4826be3845948d598980d63c1d7aade89d0637d80a4c102a35eb027a08ef90cc20d17fc514926914e68e5de54b861200ffa4ce1cbc16e4ecf342a1176cdb561f7dea38b3ae0fd81260f72d34e6f33d364cf313d3b3161410dcbf5f0f0579a1d235b49bb5d27f85825b94f1899e7846d0292ad912d934574f9d55d2152dbfb39d662e6e0f2496182d012af8b4bebbdfa1d68e3e988869fb5cd9612db97e6cc574444f4b5025ec9827bafc55341bf6ad3fd4fab2ee43f343cb9bcec0c38384b5699e5c6d5973ba591978275c51a40200d340b9ed3681f08c69f58320f538f9cd78a34eb6ed57b42f88f1bb038033b519668f0a2e8693b9a19c7bcf96eec04bda625b31c32f4286be922ab2c87aa30310c8f46551450d5bc26b5fbfdedaae0f756384023bb9a28d3200cfeaedd63d6afe076513e8ad73d16607cd4ede16344e60d8707357e82b1089258c56d851a435e23ce0919825e04471dd61a44c43e87c2959d4e89311a30ee8be010094d0ef109bb210dda58b21b685b9e9c078c9ded6117d9a88dd7799291969851cd4c3f22b5f870a275a692188dafcf6e89ba87b0eb61011de031fda25fb3349901d40da2bbdb76eda417c9fafd90fb23504ab150ca0033b65ccd4e990cb2ba86ba3aaa79d0df4f2e4e4afa565e66d28aa167f835d080bf1d41d0e52dbf81c671f8eacae234bf4fc328302671fab46613b73daf2ace80aff2f80f6a9d84b82480178cc612aa90adfc80ab3bba7d1527fc6ab04f009011bf093494a0d329df4e53d855b1c0ff6a25d22052b3a778e1ca2fbe59c9eeedf99e13682d06da269560524ffa0f404b73b946edf900ee958ceba09a051e27a620fb78e7a352c182c8c2981ce822eeaf6323965b4b3f322d40d406a158b6f3cf5d74822de952fefc341d0dead6c1c8fed8e48e0a85b51c1dcc7796d3f45bb1f50467a475da76c356c9e031b096867da1dbb89c3a0200475dbcdb2df1278d5dba55c2fb5ba6a9778c2a24419849fffb1b098b4c59041ccb0c286bb2dd40e7ec713f6ffe0b1067678c748615dae3c1e090f3739a9035767fb9972580d19fdef49a5071f99c3706b8fa4991f430721cf3ca11af0e3bd7c4d0cd0ab5b7d98ee66730c20a098110e4a15ce0bfc88c41fe375f261fe3557e14eb5ff4a2cdf6a008fd7b6702951b8456e940fbd269a0f3ed515ac03cfed7b7381827453550343566508d38790ee838c3bf85c6c91a45e7a44752f57313533a3e82e4042e65d346afb20c0527575f79080aef4e1aa8d5868d190c8d37bdae7592e41bed37b9d4c30d8126d3debde02dff25f5ef1e48133e2a41cd55347bd23dcce57a00189619db629c530dc112d22ac72bce353681264b5175be40b3ba84408d0f56762cc720e96c128447be7128748e185be2640115556bac64d060207e629b0144e501c1c49c6abd15c7982b01e22da2ad04bb28df1a27f31e18040c16406071d798bb40d901d001e22cc5ed870d08702f49f0021814cdd814901a13c7ab061bb4b8172c639b3449e24f656fee58186e69e6874ea95d946da781b49ca080ffb4a3c87746c661f43e9be52d0ba2ee368b9c143687c8846abac599069decf41e69fddcadf31c5f715917df12df4eedbfcc5805fe8e661b8fcd7b130d7bcc4a9a152de93a15dddacf3cf52479956185a3c5000d18ddce0236d5858c0d8761bca7446e3d30f3e8f48d5e8f86a60cbe46f038b1028ffd35590bdacfeebb86e28d42a923bdc3f9a307b919341a2a7dda096d41070db245c2c424aebe4a4bb9863169454d09f25fd0aa2da7bfc97ad7aca886dd998e041133e07899ad48f7cda600de48ac3951152dfbe6331b8acae24cfd2dd2b14696c75140685c756942a0d049ee9863a2e480388f93876f3910ecb3a59fa16c25b2b3636a022f92744495e10a4ce37ffaf4c2256e2d61775d388e2a86b52f76add2f956aa02501f5badb94da12595b2bbf88b05dc70caae6766fd3df4f299d0ff71c8787249b255ea49b3d33b3f1a8c9403cb75d64264465c3578538382b23d721f8a49134020ca2d9e887d9949624ac6d63322b6507e277a0020db9bfa2928736b96c72fa3406a95adfe6b374ffa27001d37d3bbe725e75c257834572026c511f57dce67153a4008f9e75e07ed9237f600005800ee667c137fc78bc4fd4ebf4d228979ab0ccafbcd8b8daad76fb2abcfc585377ea6e19f170db898b950a7b0f4e75466a2ba26e7d60e0a6f5c54a3fe78677f3362c5b01ae791b62ee8a5d0fd65b739ece4f3b758d05a8e4e4ea7e4866ee67750ce2769f72a9f45780eadfae73b42d4dd4c614c797c694ece8af88cc732edabfa26ace57de54835c7551154dfa3be11a0d3b5845ac97b2da84410a652e72cd563acbb2b02bb59370cebaaa80014e3ad280944eae6fbf8d5f85237257bb5b8e5ec3e52dc06f8394176b325a577804e9eb78d7015172d17ed15f905f705d56687f53988bb207c74fbeb2b03a700258e835362886239f4d8f1c2cf6d4d10ff26d2579ea40a5fb99e5b6d01cdeda050d3faa78ed674f2899be08332086c8bf0410a7d06099c50a2d949d49a0f21b43bcdfbdf435875cf5a9def46db63746574ee8a5b1fbcef411154e914dd9e5bb1b1bd2944581083fb66a017e7972df3daefc487e4198cb281d3a80637d52b41738b7f1a57c867d5b2ee5d72467657593339506fd0c3807cd6445eb54cfb5ca9d35ef93e9ac083224ebf85197eb6ed75f6c324f6a0345a25be6bb52ed347e57ccb059b903fb7db4e9f46513a4158ce29c1f5d6081b556b3c060000225cad81aed34dae0f90ee8e7237b3b286e29b49d7a1700c537b28571f7d7e2a55e10792d6f7779ddefa3febdea5693048372a45903c04f1035a96c6cfbe6f6c2b754581aac02f8a70e698be6e37fd411cf4b76317b47683f6b0f80dfdeef3a9767c7e5c30dff786093a21477431fea0458023953700"})
syz_usb_connect$uac1(0x69a90eab3db9c902, 0xa6, &(0x7f0000000040)=ANY=[@ANYBLOB="12010002000000406b1d010140000102030109029400030105a0090904000000010100000a2401f7ff0702010209240303000303030b05240506070904010000010200000904010101010200000924020182040910ca0c24020109040706f7e04239090501090004ffc80307250100040500090402000001020000090402010101ff00000b240201060408013a388207240101c00210090582"], &(0x7f0000001040)={0x0, 0x0, 0x0, 0x0, 0x155555555555579b})
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYBLOB="bd7c"], 0x9)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000240)=@req3={0x1000, 0x1, 0x1000, 0x1, 0x7ff, 0xf84, 0x3}, 0x1c)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1ff, 0x5, 0x6, 0x4, 0x6, 0x7, 0x400}, 0x1c)
clock_gettime(0x0, &(0x7f00000005c0)={<r2=>0x0, <r3=>0x0})
r4 = syz_open_dev$sndpcmc(&(0x7f0000001080), 0x1ff, 0x200)
ioctl$SNDRV_PCM_IOCTL_HW_FREE(r4, 0x4112, 0x0)
r5 = syz_open_dev$vivid(&(0x7f00000001c0), 0x2, 0x2)
ioctl$VIDIOC_S_FMT(r5, 0xc0d05605, &(0x7f0000000200)={0x6, @sliced={0xf801, [0x2, 0x7, 0x2, 0xa, 0x2, 0x0, 0x0, 0x5, 0xf, 0xc, 0x3, 0x80, 0x5, 0xfe01, 0x8, 0x8, 0x5, 0x400, 0x2, 0x8, 0x613, 0x1, 0x5, 0xff, 0xe6b3, 0x7, 0x1ff, 0xc, 0x3, 0x5, 0x2, 0x8000, 0x4, 0x9, 0x4, 0xb, 0x4, 0x4, 0x8, 0x2, 0x200, 0x10, 0xfff9, 0xa3a4, 0x9648, 0xf800, 0x800, 0x7], 0x1}})
recvmmsg(r0, &(0x7f0000000580)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000000)=""/98, 0x62}, {&(0x7f00000000c0)=""/168, 0xa8}, {&(0x7f0000000180)=""/83, 0x53}, {&(0x7f0000000200)=""/109, 0x6d}, {&(0x7f0000000280)=""/170, 0xaa}, {&(0x7f0000000340)=""/69, 0x45}, {&(0x7f00000003c0)=""/43, 0x2b}, {&(0x7f0000000400)=""/245, 0xf5}], 0x8}, 0x3bc}], 0x1, 0x100, &(0x7f0000000600)={r2, r3+60000000})

26.201051133s ago: executing program 0 (id=2947):
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x2, 0x40)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r2=>r1}, './file0\x00'})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_emit_ethernet(0x5e, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x46, 0x50, 0xd3, 0x10, 0xc45, 0x800a, 0xdb47, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xcd, 0xa6, 0x37}}]}}]}}, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$sierra_net(r3, 0x0, &(0x7f0000000340)={0x1c, &(0x7f0000000440)={0x20, 0x31}, 0x0, 0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/pid_for_children\x00')
ioctl$BTRFS_IOC_DEFRAG(r4, 0x8004b706, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@ipv4_newroute={0x38, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x2}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, @LWTUNNEL_IP_OPT_GENEVE_CLASS={0x6, 0x1, 0x6}}}}]}, 0x38}}, 0x0)
syz_clone(0xa0001000, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0)
ioctl$VIDIOC_QUERYMENU(r0, 0xc02c5625, &(0x7f00000000c0)={0x4, 0x2, @value=0x1})

21.31224264s ago: executing program 0 (id=2958):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0xd, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
write$FUSE_NOTIFY_DELETE(0xffffffffffffffff, 0x0, 0x2c)
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
io_setup(0x2, &(0x7f0000002400)=<r5=>0x0)
io_submit(r5, 0x1, &(0x7f0000000040)=[&(0x7f00000010c0)={0x0, 0x0, 0x0, 0x5, 0x0, r4, 0x0, 0x0, 0x0, 0x0, 0x2}])

20.527140804s ago: executing program 1 (id=2962):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xa}}, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0xd}, 0x1c)
recvmsg(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x40000002) (fail_nth: 1)
sendmmsg$inet6(r0, &(0x7f0000000240)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)="cd", 0x1}], 0x1}}], 0x1, 0x8001)

18.795185608s ago: executing program 1 (id=2965):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0)
rmdir(&(0x7f0000000140)='./file1\x00')
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0xf3)
chdir(&(0x7f0000000200)='./file0\x00')
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f00000008c0)={0xc0})

18.56937647s ago: executing program 0 (id=2966):
r0 = syz_open_dev$dri(&(0x7f00000001c0), 0x0, 0x400)
ioctl$DRM_IOCTL_MODE_GETENCODER(r0, 0xc01464a6, &(0x7f0000000200))
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ZERO(r2, 0x0, 0x48f, &(0x7f0000007800)={0x84, @private=0xa010103, 0x4e24, 0x0, 'nq\x00', 0x30, 0x8, 0x36}, 0x2c)
r3 = socket$kcm(0x10, 0x2, 0x0)
fcntl$setsig(r1, 0xa, 0x32)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000340)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x8044)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='net/anycast6\x00')
read$FUSE(r5, &(0x7f0000000100)={0x2020}, 0x3c)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0xa00, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x8000)

16.652849057s ago: executing program 1 (id=2967):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000e86000)="0022040000ffffebfffffffeffffff0700000000ff000207835eeb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449b842f3e253be8a62b37f820fe75a9ea937ea4efbfb9b4a128f2dbe2837496d00ad7765abaac2ec0f91c88a1ea1ff6ee308c72febedcf00798d41991ac25bb6fce2220c25ea380c7e112ab358c3a6bd8a59c100000001b4e82cb03419544a3988bc226a85abe6eb60cd7cf8d103d38c31c7c86d16c4d86cbe4ab190c092d077ce70590fbbd4f8bf4d6ab1cea6dbe9d4a54c17aac0db6e3845", 0x118)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c) (fail_nth: 1)

16.537003884s ago: executing program 6 (id=2968):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000340)=0x2, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000080), 0x4)
sendmmsg$inet(r0, &(0x7f0000000940)=[{{&(0x7f0000000000)={0x2, 0xe24, @private=0xa010100}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000040)='\x00', 0x1}], 0x1}}, {{&(0x7f00000000c0)={0x2, 0x4e24, @private=0xa010100}, 0x10, &(0x7f0000000480)=[{&(0x7f0000000400)="d2a534b308834d054586feb5c9428624db4b878120e41be144acec28b091f1237c91d74cf1ce0c17632e8dce6ac8c6822c2382fc3ac7c89f2d955bc265df5364df0d56866c920de52e29535b686bb2b4e7e485d65da8513267bc112d12e86bf2a6c815e7e152ecfcde4de24108b1", 0x6e}, {&(0x7f0000000a00)="d26f4a894505e4cb435268490fef3ab82e09dc74120d1fe735ac577f50976089bf7b715147d38cf5484e357c07c0184822dfa6ee88a786404855d6086b61189c0602d0056d86a8490a443bfaa3ed6da25bf296a08acb3a3f59b7c9eabd7b51297ab7cffdb4eb9c9f6f44c0ce8390cc64160cf457e992e94b36ea829b521e86b15fbe03b246962339a650eab941391339220bde5e16e11123b7ca6b0a3675dd7fe035187b73d43de9423d1357f4b15883d530e7db10b2f0bac6ee95ca0b7e96589c8ef1fc6c183df637a200ac059e59baa215a117a57000ee2b6f40c4ae379d95eab435556aa89edcd0a7453bdf38c1f8fd4b9a466d2d9517f812a4fbeba1cdcb2429101240e5adcabbfe440e4f326a6f50f59ca934b0c214936df5a338cf4c24e05d0efd8d932a3fd01f6fe596d186e08d2fc77b297f972530a81226294e2fda3d9dec706dbcaa9a1ad5b497d7f8989f6d9e689db0aab831d0b82184e88d6f45924b90744b898912bf3df4e6257723b490e56d93f5f38f4bceb5b43f30da82120d92655f4fc2ec1635a072892a12c462479a4480c46012b9df1f0b9971d0da6c5bfebd60af31c9492d9b3f4da64f7e8a6a760ea96242f9beac499b4e492777c1849ecb0207e1a0b095ac55cf137bd941c13099245069ef52e8a9b0e6c5cab4933962766e47b2ff97c1d0a4f4cc3284a3db70b2eb1fad2ec3b81b2fc65bc354a33caa38c2f6ff1fb9938ae9f0edb9ade42f53b7de7d09ac2ff6de81414917fa0a9ce6515f0f130327f3a0c47c0fcadc315309b06966f945de26b5a445423f22b8474a41f58d12eb8acbf8bdf9087b3b2bb98a802e791f57a86bc325ff6f3fd56b0eb828aea29575fc843902317423459d4e6fbfa3816b70bfbe17bc447d8501e22f0137b56781e8d89a0432bcff4923a5f2b480ee06d502346b0ca8ddeb42afca64179fb1076da91dfe1b19af87df73365ef29f482bea712301f685fcc9f779f9413973c395fee168036c181ede168c8dcd79f5b595f12cd79a1848a7ed9a2c39ffc4e2e0bb73a295a2d263f220d903d79e18c18d4f59d5b6622cdbda6aa9b165d9f3eb26bf5d977100cc722378b4462ad324854974e7bae6a82954f46f83124a73214f23f7baffe3d2f78b87dfa3d29d1f3efdf7cf0f022f96346473b3ad60c6e6885f1b1205d615866cf0837e04371f04e190af232329e39c70f4a89ad5476054c99cc01427ea12a7afd17531daae2661ab625c5e65aa09697adc3a00c04825fa5d6c4d36acaa41de2dfc531504658e12f77d6134ffa61880ad2b5c0b2e236042de25eeabb06f1d0a20a480d684e21c69cdb44f5cbf9e7ad51fa0023cf6240682ee66ead1b5fc3060f5dcaa74ecac0adfafcd68b6254ab01eb8ab49f96128991f33d84477810862780da272bab1fd74d34445a640cd2c82b4ad6cd5c3fb455fd55c7871bf19a20351a17a822ae8341bdbe89d4d69b81c43ba9c1abc4bef75cbc89e278d2a15974f92fdf8687049c5d37a0d469f8de70ce88d82dd505194360b0096ac45a9cea6c3003b2831a538513b3798737fc941c88e31b5334c47d2a774ca3da487ae43ddbd6d8661e26248ba77b30ba719c9c057e0f128f11b8d2ce44b0cb20a7170618c9ea92ef6ec05ddf29b2fabc6d3467b8ad1f683733e9238bdacd953ed0a731f8972113da633d8465adceac30c9e0d0259dbe0301f13bfaceff1d5927b56e5d2bb23b3d8511426829373754292e8564174ba481d395a2f75cfdb0b166434ea9ffde5b55174ab921c061b4da022de1a7ab6736e21ea8db56a7c618b72f64c14eaea2a9ece5cf3b53732a45174a4a45b303ca4f9d79e447aa3e276554fac324c4a211fafd3baf9d2d77c4344bd54bc7f57ed3268daa5e5039d82", 0x53f}], 0x2}}], 0x2, 0x40)

16.242039651s ago: executing program 6 (id=2970):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xd)
readv(r0, 0x0, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

15.954657669s ago: executing program 6 (id=2974):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x50)
listen(r0, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r1, &(0x7f0000000340), &(0x7f0000000040)=@tcp=r0}, 0x20)
recvmmsg(r0, &(0x7f0000002740)=[{{0x0, 0x0, 0x0}, 0x3}], 0x1, 0x40000040, 0x0) (fail_nth: 1)

15.493493302s ago: executing program 6 (id=2977):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, 0x0)
rmdir(&(0x7f0000000140)='./file1\x00')
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0xf3)
chdir(&(0x7f0000000200)='./file0\x00')
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f00000008c0)={0xc0})

13.71436111s ago: executing program 6 (id=2980):
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r0=>0x0, <r1=>0x0})
close(r0)
r2 = syz_open_procfs(0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @bond_slave={{0xf}, {0xc, 0x5, 0x0, 0x1, @IFLA_BOND_SLAVE_QUEUE_ID={0x6, 0x5, 0xeb85}}}}]}, 0x40}, 0x1, 0xd, 0x0, 0x4000000}, 0x44050)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000900)={0x18, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x41100, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f00000008c0)=[{0x2, 0x1, 0x3}], 0x10, 0x5}, 0x94)
syz_emit_ethernet(0x3a, &(0x7f0000000380)=ANY=[@ANYBLOB="aaaaaaaade5f57681a1591c75dcc699ee9aea18baaaa309159af17f30800300e002c0064000007069078ac1414bbac0200004e224e22c77c5234d70e4753d0401a262e6bf2f4d5ed814200104cabed7ea48576e7ce7085291bef482d02ee", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="50c26071907800e6"], 0x0)
r4 = socket$kcm(0x1e, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
r5 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r5, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
sendmsg$kcm(r5, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), r0)
mount(&(0x7f00000000c0)=@nullb, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000100)='hfs\x00', 0x2000010, 0x0)
r7 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r7, 0xc0d05605, &(0x7f0000000140)={0x1, @pix_mp={0x0, 0x300, 0x59555956, 0x7, 0x0, [{0x0, 0x1000}, {}, {0x1, 0x6}, {0x8}, {}, {0x0, 0x4}], 0x6, 0x6}})
sendmsg$kcm(r2, &(0x7f0000000c00)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000400)="2d8799607db32f3ff001f3c5bbecadaf8278766730de30b51438574f83ba6616ed56410f35e7507daef056c35e91469388b685c8a9f462540136521ceb7341822bbbbf78e097ed2ad4069f6c41a9c10b06316eba1705bbaba6d4d1fcf109c776cbd405eb51e3b3945398fa896868b38bb464b9ee3f0aff8d43d97e0d7cb822d3ba06eb37f6265284bf5ab8f065e96897294f496565c8fb7896ee", 0x9a}, {&(0x7f00000004c0)="c84ab040e57a0c426fb7ede044c10571070daf35ef2940e2a76a9f8d8f60a5667229f60fefd209ca008420e28b79591636949d02892267e2c0e344c74051c69da69c25ff48d6801ca6c8ab9517f5ed0e9fc10a29de7797d603f21ca565284839ca947017672083d716521ddac245e2465600861a992048c58ee35b9e0c41b44347a3f2448252a3a314abf1665e6039fd1e679e52b6dfe33d24722c7dbce697d61c1f67bdacc958809ad26159438af69192c9f9cb46cbdd05f47b0df6b8361cb2f2d2b22aeb45749abd187257603223a1cfcbcf4c3fbd17b6452f1e3fb987d0ebce9dfe9d3db038c5074d54bdb4ec54", 0xef}, {&(0x7f0000000700)="f4ce218ec96358e78556e2ba0d28510eb6c7d0a18a95389b107a1b23cd49380c1bc84dc279b2a6faa90f108c2e90a6d7d13e62a5232e8414028baa38bc9f56c0d444d51934714e025277703cdba5d28713eb26d732e58571fd7596dfeea4b3f9d9084a8dddde5691bbc0fa50af7deb7e216292f98d289d61be85444ed7e9c53f1feae42f9cd50ced61652d9285fc6d846c780f6f0dca078ef3a749fabf59c9be8bc0b5077bbe935dd9f354cb9dcf0770b07e394d505e6521dbc95c94f036fbabf7d13f7e51ddb204bde2b9724888f32df68064a7499135", 0xd7}, {&(0x7f0000000300)="e97ef20860a2552ba0537653cb73", 0xe}, {&(0x7f0000000800)="afb6de07e6b8258d4ff3fe07c2de0f957de561326126b523065a2d285b4e8a10d0d7c72c5802af8d9a6e605183bc8bf64ffcb7ea5d15e8358bb98f51e441e44c1715d610afd8f0ce38135d653b4e420a9af49643328b36f750e42e2d1157dc0ab8b575c22a7bda2f0c0f5bc4d3c1ad3060a1c40d69b163358b3dfbe1fd07ecec54cfb6ee633abf8256d04d964472008200c1b78a9bb4108bd2dc34933cee4ee6e9b54a12bb4e0fbceef99c5a2dd0", 0xae}, {&(0x7f00000009c0)="a8bc900a87f59a7652cead4c5533f80f9865f6eebdd497362422873ef3f0e842d93c9012998ff6d024545181c740f2a4cebacb6cc25ef2c256682fcfde80279cb89f88794890a1ad6cd77490d278509ec13aac52e7d77e43f68bfebdd98a0ce8add445a6386f05718c1771343f9bf52c530281991ed37f7b86f40089b5911506616a912523497b", 0x87}], 0x6, &(0x7f0000000a80)=[{0x98, 0x115, 0x0, "002eaa2577a8c43ca2166fb9e4a1dffb18ade6ef588d847a07c9da85c33442d0c9e63015ec7b81cf0bc85ea38a4cb6f99d68f87068424929a4683e89f3d3c4318105bf217596f178220fba9d07c3092c8781fb0977473f54838cb091688e5bda16b5af00614895c89986a2890b0be6ff2328f160489eada54029ba2c7b43a4f6adcdcd5cd73fab"}, {0x18, 0x108, 0x7, "6275147bb343ffee"}, {0x98, 0x6, 0x1, "f9c1b50f070b8fc98e93faea56a78d8e98625591350b12ad982523f5f25700ae77736668381c730ff78bf838139ddffa0289e9d7b02e56a9b7b544f62572bd55d0f2394cfd9c2fe5634ead786b5e51d15838f8be6b6f035e8f549788a588f0c5fcd497476d63f3b41b6291dfc92853a4fdf1ebd46feb51cd4dc1ca5a058967a0e4f71a"}], 0x148}, 0x0)
r8 = socket(0x10, 0x3, 0x0)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000c40), 0x82, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'lo\x00', <r10=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000680)=@newqdisc={0x3f, 0x24, 0xf0b, 0x200, 0x1, {0x60, 0x0, 0x0, r10, {0x0, 0x6}, {0xffff, 0xffff}, {0x0, 0x6}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_ECN={0x8}, @TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x15f}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x0)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)={0x104, r6, 0x4, 0x4, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0xf0, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x9, @empty, 0x2}}, {0x14, 0x2, @in={0x2, 0x4e23, @private=0xa010100}}}}, @TIPC_NLA_BEARER_PROP={0x3c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x401}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @loopback}}, {0x14, 0x2, @in={0x2, 0x4e22, @rand_addr=0x64010101}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x101, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xfffffffe}}, {0x14, 0x2, @in={0x2, 0x4e21, @private=0xa010102}}}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8}]}]}]}, 0x104}, 0x1, 0x0, 0x0, 0x2000c005}, 0x400c0)

12.28537655s ago: executing program 1 (id=2986):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYRES64=r0], 0x144}, 0x1, 0x0, 0x0, 0x60000005}, 0xc084)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x2, 0x2, 0x0, 0x4002004c4, 0x1004, 0x8000000000000000, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0xb3, 0x8d], 0xeeee8000, 0x2010d3})
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f00000001c0)=0x4500, 0x4)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

11.665686841s ago: executing program 1 (id=2994):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1e7d, 0x30d4, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x9, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x5, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x8}}}}}]}}]}}, 0x0)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000180), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_PORT_GET(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)={0x3c, r1, 0x1, 0x0, 0x0, {0x39}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0xc000894}, 0x24008800)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000640)={0x24, &(0x7f00000001c0)={0x0, 0x6, 0x7b, {0x7b, 0xa, "2d3af0d2f13763914d23f97d13a867cf0fefb0bc077360c740027d30ac5a94a24e6f4d7fb36e0b3ba1f10c98e7a28aec52082b7c03446f2106c81b49eeb7c41362156ebfd90a8087dbbfc58927a75acd23563bc603cd918068ff79758846c274f23643149ae6e83ae7f14e5a6e99f9f01311bd99ed69397abc"}}, &(0x7f00000002c0)={0x0, 0x3, 0x30, @string={0x30, 0x3, "6dfb85ffccaa2c4a99838934d7129da10f7e304606ea764e2d8e1104708d6ba47ec0d9ef105c85570d9aeea45487"}}, &(0x7f00000005c0)={0x0, 0x22, 0xd, {[@local=@item_012={0x2, 0x2, 0x9, "701e"}, @global=@item_012={0x2, 0x1, 0x4, "8ef0"}, @global=@item_012={0x1, 0x1, 0xa, '}'}, @main=@item_4={0x3, 0x0, 0xb, "bbf7add9"}]}}, &(0x7f0000000600)={0x0, 0x21, 0x9, {0x9, 0x21, 0x8, 0x9, 0x1, {0x22, 0xeba}}}}, &(0x7f0000000840)={0x2c, &(0x7f0000000680)={0x40, 0x10, 0xb7, "d1724cbf6b848feb57ca1230a6924749cb0496fed45ff3e0d73e5cd43ff7373eca9e860502c833f7ea0f763777d98d9e3e9db20cdcc9bee9e50e5bc6681a4a2d74d3a6547bbb3cd80b285aedadb95401e6322ef93481f2cbfbec2a07656336fb6bca4d4791f39459506bcd3d60933aead2f9f6d457f0285bba21bfa2b07249a9d36a45b8b46fe51e38db003e89ea5d2ca2420c10c771fde05605cc7b3e401772616e03524eb7b718e9fc0fe7668f5ff91b7bdbf18183d2"}, &(0x7f0000000740)={0x0, 0xa, 0x1, 0x4}, &(0x7f0000000780)={0x0, 0x8, 0x1, 0x21}, &(0x7f00000007c0)={0x20, 0x1, 0x13, "44362d011db3f96d732013bbf4c3a6ec66606b"}, &(0x7f0000000800)={0x20, 0x3, 0x1, 0xb}})
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)

10.613435129s ago: executing program 5 (id=3001):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000400))
rmdir(&(0x7f0000000140)='./file1\x00')
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0xf3)
chdir(&(0x7f0000000200)='./file0\x00')
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f00000008c0)={0xc0})

10.613014361s ago: executing program 3 (id=3002):
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_UNLINK(r0, 0x40044160, 0x3)

8.77017278s ago: executing program 5 (id=3003):
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f000012d000/0x2000)=nil, 0x2000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = timerfd_create(0x7, 0x800)
timerfd_settime(r0, 0x3, &(0x7f00000000c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
readv(r0, &(0x7f00000005c0)=[{&(0x7f0000000000)=""/8, 0x8}], 0x1)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x541b, 0x0)
r3 = socket$inet(0x2, 0x3, 0x4)
setsockopt$inet_opts(r3, 0x0, 0x4, 0x0, 0x0)
setsockopt$inet_int(r3, 0x0, 0x3, &(0x7f0000000bc0)=0x3, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmmsg$inet(r3, &(0x7f0000000f40)=[{{&(0x7f0000000040)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x68000, 0x14)
r4 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(r4, 0x0, &(0x7f00000010c0)={0x84, &(0x7f0000000080)=ANY=[@ANYBLOB="00000100"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="0e00000004000000040000000300000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000e2939c4b980bcb44b701d557a3621f1c6c9439e1ea848cca84d9173d7d791070517615acf197ba7139f9566cb7d146a8cf0eecaa4726f0dc74acd7a0092e47ad3c76185784ef2bd2fe97aebfb83f26573ae645b2ad97759dc7825061f508788faa457e3320e56c08eb0f26ce245ddf4d167df9215f5422359c7e4e56dab547e7a04f88a12e626d720f6e7a6f2a58bbdd7ee20901bbbac656fce61541e268e94e9dc08a5427c0e7115c870a22e19d88299e52cd681032f11f4ae6acb0d7f0585594a9696966f999eea3"], 0x50)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
ioctl$USBDEVFS_SUBMITURB(0xffffffffffffffff, 0x8038550a, &(0x7f0000000600)=@urb_type_iso={0x0, {0xa}, 0x8, 0x44, &(0x7f0000000100)="cb7094a2221e10d481f38967e894a34bd465", 0x12, 0x5, 0x5, 0x60, 0x6, 0x172d, &(0x7f0000000180)="e95070bf595b90b0a3f6acb7190758ece168a087df4af2081c95871a1a57b8d72c82c0", [{0x2, 0x40}, {0x3, 0x8, 0x5}, {0x0, 0x8, 0x8001}, {0x1, 0x4, 0x4}, {0x8001, 0x8}, {0x2, 0x3}, {0x9, 0x0, 0x40}, {0x0, 0x401, 0x3}, {0x800, 0x8, 0xf8}, {0x8, 0x9, 0x5}, {0x5, 0x8000, 0x85}, {0x5, 0x0, 0xe3d}, {0xfffffffb, 0x2c9e, 0x5}, {0x9dc0, 0x8, 0x5}, {0xfffffff9, 0x2, 0x8}, {0x5, 0x8, 0xfffffffc}, {0x5, 0xd1, 0x2}, {0x2, 0xbc4}, {0x10000, 0x5}, {0x4b, 0xe8e, 0x2}, {0x8, 0xc014, 0xf3}, {0x7fff, 0x9, 0x1}, {0x1, 0x443b, 0x2}, {0x18000000, 0x3159000, 0x3}, {0xae28, 0x9, 0x6}, {0x9b6, 0x7, 0x7}, {0x6, 0x80000000, 0x3}, {0xfff, 0xafeb, 0x2}, {0x1, 0x28, 0x3}, {0x6, 0x3, 0xc09}, {0x7, 0xf460, 0xffff}, {0x5, 0x3, 0x80}, {0x7, 0x7, 0x7}, {0xfff, 0x5, 0x7}, {0x3af, 0x1, 0x200}, {0x8, 0x4, 0xffffffff}, {0x2c, 0xe28, 0xfe}, {0x8, 0x1, 0x3ff}, {0x8000, 0x31, 0x4}, {0x4, 0x1, 0x401}, {0x5, 0xffffffff, 0xfffff1da}, {0x400, 0x24, 0x4e1}, {0x9, 0x3, 0x4}, {0x1, 0x6, 0xfffff000}, {0x4, 0x2, 0x400}, {0x2, 0xc00000, 0x1}, {0xe, 0x0, 0x5}, {0x0, 0x55, 0x800}, {0xb2, 0x86, 0x8}, {0x8, 0x8, 0x8001}, {0x1, 0x3ff, 0x6}, {0xbb58, 0x8, 0x830}, {0x4, 0x8, 0x4}, {0x8, 0x9, 0x1000}, {0x9, 0x1, 0x7}, {0x7, 0x1d, 0x2}, {0xc5, 0x61, 0xa}, {0x7, 0x5, 0x1}, {0x6, 0x2, 0x5}, {0x4, 0x3ff, 0x22}, {0x7, 0x7, 0xff}, {0x4, 0x6, 0xf50}, {0x5, 0x7, 0x1}, {0x8, 0x4, 0x5}, {0x2, 0x6, 0xfffffff9}, {0xb, 0x100, 0x5da800}, {0x8, 0x8000, 0xff}, {0xd280, 0x2, 0x1}, {0x3, 0x0, 0xd}, {0x10000, 0x1, 0x4}, {0x0, 0x5, 0x3}, {0x5, 0x5, 0x8}, {0x68f, 0xf4, 0x4}, {0x7, 0x1, 0x6}, {0x9, 0x9, 0x4}, {0x7, 0x5, 0x2}, {0x9, 0x7, 0xb}, {0x2, 0x6, 0x1000}, {0x2, 0x7, 0x4}, {0x9, 0x1, 0x8}, {0x80, 0x409b9e93, 0x401}, {0x6, 0xfffff001, 0x1}, {0x200, 0xffffffe3, 0x535}, {0x7, 0x1, 0x6}, {0x1, 0x8, 0x5}, {0x5, 0x8, 0xffff}, {0xffff, 0x4, 0x7}, {0x81, 0x308, 0x2}, {0x6, 0x0, 0xfffffffc}, {0x8001, 0x7e, 0xa3f8}, {0x8, 0x1, 0x3}, {0x4, 0x7, 0x12000000}, {0xa, 0x9, 0x6cb}, {0x9, 0x8, 0xfffffffe}, {0xfffffff8, 0x7, 0x8}, {0x2, 0x0, 0x1ff}]})
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000300)={0x1, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r5, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
r6 = socket$inet(0x2, 0x1, 0x0)
socket$inet(0x2, 0x5, 0x7)
setsockopt$inet_opts(r6, 0x0, 0x4, 0x0, 0x0)
setsockopt$inet_opts(r6, 0x0, 0x4, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x341040, 0x41)
syz_usb_control_io$uac1(r4, 0x0, &(0x7f0000000580)={0x44, &(0x7f0000000300)={0x40, 0x7}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
sendto$inet6(r1, &(0x7f0000000300)="8b", 0x34000, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @private1}, 0x1c)

8.666050223s ago: executing program 3 (id=3004):
r0 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x5c, 0x12, 0x301, 0x0, 0x0, {0x0, 0x40, 0x0, 0x0, {0x0, 0x400, [], [], 0x0, [0xffffffff]}, 0xec0}, [@INET_DIAG_REQ_BYTECODE={0x7, 0x3, "110000"}, @INET_DIAG_REQ_BYTECODE={0x29, 0x1, "5ddb9c"}]}, 0x5c}}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x40, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae03, 0x29)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000040)=0x7)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x400000000c0b01, 0x0)
syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee00)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r4)
mount(0x0, &(0x7f0000000280)='.\x00', &(0x7f0000000000)='proc\x00', 0x800000, 0x0)
r5 = syz_clone(0x2000, 0x0, 0x0, 0x0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f00000005c0)=[{0x6}]})
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000400)={0x0, &(0x7f0000000140)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r6, 0xc01864c6, 0x0)
ioctl$DRM_IOCTL_MODE_SETGAMMA(0xffffffffffffffff, 0xc02064a5, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
r8 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r8, 0xc04064a0, &(0x7f0000000180)={0x0, &(0x7f00000000c0)=[<r9=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r8, 0xc06864a1, &(0x7f0000000580)={0x0, 0x0, r9, <r10=>0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r6, 0xc06864a2, &(0x7f00000009c0)={0x0, 0x0, r7, r10, 0x5, 0x3, 0x1, 0x43, {0x1, 0x6, 0x6, 0x196, 0x1, 0x2, 0x7, 0x3, 0x6, 0x8, 0x100, 0x6, 0x3, 0x0, "7c10b474d162fce7bac3c81680165d5cd1c2a4030960afddeab3d21843a22c1c"}})
r11 = socket(0xa, 0x3, 0xff)
sendmsg$inet6(r11, &(0x7f0000000080)={&(0x7f0000000140)={0xa, 0xa, 0x80, @mcast2, 0x4000000}, 0x1c, 0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1400000000009ecbc4fb465cd9c562fa4b5658d23e0000290000003400000014fb000000000000"], 0x18}, 0x4004)
syz_usb_connect(0x1, 0x534, &(0x7f0000000600)={{0x12, 0x1, 0x310, 0x84, 0xbc, 0x31, 0x8, 0x763, 0x200d, 0x34cc, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x522, 0x3, 0x0, 0x9, 0xf0, 0x7, [{{0x9, 0x4, 0x7b, 0x1, 0x6, 0xff, 0x60, 0x80, 0x81, [@cdc_ncm={{0x5}, {0x5, 0x24, 0x0, 0xff80}, {0xd, 0x24, 0xf, 0x1, 0x6a, 0x7, 0x6, 0x7}, {0x6, 0x24, 0x1a, 0x5, 0x2}, [@obex={0x5, 0x24, 0x15, 0x1}]}], [{{0x9, 0x5, 0x9, 0x10, 0x40, 0x6, 0xf, 0xfb}}, {{0x9, 0x5, 0x2, 0x0, 0x400, 0x6f, 0x69, 0x9, [@generic={0xfd, 0x4, "38ab5bdd38913345b04dd86a32129cf3084198c9c808cacf5f4b4d102108fc20c2d97c963a52bba239676244d94acb7672680cb884f614a79f24ce61583c5993124f92a09ed870d82e80c4cb048f38c1632989427af9679652e2e44195ed600686479c5d2b89e318ec00a363e1c0e1aa214ccadb4d71351471b5b9c45cf86ab20990a6d6d3bd606e690f04beee69420bc73eb021ce31c328c4a408aaa3c26db42e5d37a2722400276d436dc89dbc1f734633d52bcbe3f013234f310ab2998ccda076ac08a4c6125addb4b2a52cec10d412c348b44e183d246bde429fffda4c38cb26b7c1927d656d78e02f05a462d65f28679ae4b8b8d60678384e"}]}}, {{0x9, 0x5, 0x1, 0x10, 0x3ff, 0x7, 0x1, 0x4, [@generic={0xc9, 0x10, "725b5e7c9b59ea6c6f6e09cf6c616d12085aeb5fd46ba45d9b622ef1f4e2a76e8bda70da9b623a4153758bc2eeec10b8f83db89e3cbb3bcb3637782f1486d957d54536a20cd0be864fdc2bb4d555c077ac23b4c1299114f53fce6282ed18efd428e2f48c69ecb12260881ac8bf329515a6cc693d4a6f432c224f78578c23065fb28ebfb731b6fe1e664f87ea8828d14717143e706e6aa98026e570be28bdaee374820a3b0e0690cfe1c451da9737e477ed7188fa7e47d93bcf7796f4b21b764bc4aa12045035fe"}, @generic={0x59, 0x59, "7d9e7a2952e0fbc7b028d92ef7f304f7eaae73701734f09b697b8f0902a69fad84e52d3d34ce11469b278a9027900184f77035ccf9273075d44660a7db35eed1c67382a83cf21f036f808f18099fc986903ffe2b55bd92"}]}}, {{0x9, 0x5, 0x1, 0x10, 0x200, 0x3, 0x6, 0x6, [@generic={0xfd, 0x23, "5f16de006a159a8de59a293cd5dd51e03a85a04afc7c4cb72fa731a75b37e3654691eeac10600159c284567c21fc8b2827f65f09db23df1c5ba213435b1b5bc8c3dc1702322b1d94714834c87f7689d7ce5eb19b9bf74dc16c2689d39fe99f5804c14ce688803ca441977e15378fa197817e175fce3ca847a5de7c54e21c5e8213035b33d381f9261f3aea3238cb903c8cc544a07e0be4a40bbe961a7eb7e7246f0d0423bee8e7fed1c3a221e78a27361b06b60b4a65bfdfc2e1f0dafafe5670394ed8dcde19c11cdc130e99260ac20c12875f9dc76c3634ec62d8429782d9cfa9f6b2ed58825c97b737798c1a3ecda49ecb98dbaa9d838761d028"}, @generic={0x65, 0xf, "4718335cf967a83fc5dad2949429bd93795955810afbef6a969e42f05a3b25e574b6a0dae7195e98268903a66e3fb66c8a0e4ba154ce4e47456831b48365e0949bc517ef1653d3d228ca3573300dfa7e24d2f0b16c719dfc091d3fee35fa8320da2cb0"}]}}, {{0x9, 0x5, 0x4, 0x0, 0x3ff, 0x4, 0x9, 0x51}}, {{0x9, 0x5, 0x6, 0x10, 0x10, 0x1, 0x2}}]}}, {{0x9, 0x4, 0xc5, 0x3, 0x0, 0x3e, 0x35, 0xbb, 0x4, [@cdc_ncm={{0x6, 0x24, 0x6, 0x0, 0x1, '\\'}, {0x5, 0x24, 0x0, 0x6}, {0xd, 0x24, 0xf, 0x1, 0x8001, 0x0, 0x0, 0xa}, {0x6, 0x24, 0x1a, 0x9}, [@dmm={0x7, 0x24, 0x14, 0x5}, @country_functional={0x10, 0x24, 0x7, 0x0, 0x4, [0x75e, 0x2, 0x2, 0x6, 0x1000]}, @obex={0x5, 0x24, 0x15, 0x4}, @call_mgmt={0x5, 0x24, 0x1, 0x1, 0x5}, @mdlm_detail={0xa5, 0x24, 0x13, 0x1, "f53c04f3824a20c903b338e28a990dc37f7244c5affb46dfd8126e1b2bdde22fc479650736791994d47f7f0282d9ad86a527fe766b69b3986b9b63b5344fec02d247ebfae93a6d7d97079ad9d1e76f2028bb9bcd1c5779671d33c17605aecff5045929a55e16d493652184d8813ad3f5cc3ec3f49785ae2ec36dab619224d3b13fed29d5edb7076611a7ab6ea4e8e4e1e1060266d1aa57e9f731144f1ca877859f"}, @network_terminal={0x7, 0x24, 0xa, 0xc, 0xa, 0xa, 0x27}]}]}}, {{0x9, 0x4, 0x69, 0x3, 0x0, 0x28, 0x62, 0xb3, 0x6, [@uac_as={[@format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0x4, 0x3, 0xc, 0x7, "cc4202", 'R'}, @as_header={0x7, 0x24, 0x1, 0x9, 0x4, 0x3}, @format_type_i_continuous={0xc, 0x24, 0x2, 0x1, 0xd, 0x4, 0x7, 0x7, "a2bbee", 'f'}]}, @uac_as={[@format_type_i_continuous={0xb, 0x24, 0x2, 0x1, 0xa8, 0x3, 0x2, 0x7, "c1d657"}, @as_header={0x7, 0x24, 0x1, 0x3, 0x4, 0x1}, @format_type_ii_discrete={0x9, 0x24, 0x2, 0x2, 0xc, 0x7, 0x1}]}]}}]}}]}}, &(0x7f0000000300)={0xa, &(0x7f0000000140)={0xa, 0x6, 0x201, 0x3, 0x9, 0x8, 0xff, 0x1}, 0x60, &(0x7f0000000200)={0x5, 0xf, 0x60, 0x5, [@ss_container_id={0x14, 0x10, 0x4, 0xc, "8297e379c6da8b3bab663fc0986aa834"}, @ssp_cap={0x14, 0x10, 0xa, 0x3, 0x2, 0x0, 0x0, 0x3, [0xff0000, 0xffc0ff]}, @ss_container_id={0x14, 0x10, 0x4, 0x8, "59660982fafa817af25caf73e52be54c"}, @ss_container_id={0x14, 0x10, 0x4, 0x1, "e123fff933b1f3a95e84c1b826db0d60"}, @wireless={0xb, 0x10, 0x1, 0x4, 0x48, 0x4, 0xf, 0xf2c, 0xe}]}, 0x3, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x3001}}, {0xc5, &(0x7f0000000340)=@string={0x8a18c2bb7018a0ec, 0x3, "c2fb2dce3e8ca8e1b5eca3ee39947f59233ec86d48e060e54c742217c96a4cab345688145b017b7288769cfc04ffd6773242350ce9b4173b3cdf3a0ba16a98ea3dc8be089f9b24a52d42b954973b818a63e7a8800f9d34aec436fef9537c532d05c6ba705e5d1225a85c44d8cdd7fa4026f8bc1222d5a188e3085ca874c46a04f5dba853ec51f7465d06ac44817afa227e3409fb4d844537492119bbfcdf187001a09d67b20679147d2ecd0392d81a35ec233388e910a3a54d6be8762dd2e7ded2097b"}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x340a}}]})
r12 = syz_open_procfs(r5, &(0x7f0000000100)='stat\x00')
pread64(r12, &(0x7f0000000080)=""/15, 0xf, 0x40000000007)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000500)={0xe0ff, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)

8.553886497s ago: executing program 1 (id=3005):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[], 0x48)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000002c0)={'team_slave_0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0xffff0001}]}}]}, 0x40}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000001c0)={'syztnl1\x00', &(0x7f00000003c0)={'ip_vti0\x00', r2, 0x7800, 0x40, 0x10001, 0x6f, {{0x15, 0x4, 0x0, 0x1, 0x54, 0x67, 0x0, 0x2, 0x2f, 0x0, @multicast1, @loopback, {[@end, @timestamp_prespec={0x44, 0x1c, 0xcd, 0x3, 0x2, [{@rand_addr=0x64010102}, {@empty}, {@loopback, 0x81}]}, @cipso={0x86, 0x15, 0x0, [{0x7, 0xf, "994f7111188a7d99baeffc2d5a"}]}, @lsrr={0x83, 0xb, 0x4d, [@broadcast, @initdev={0xac, 0x1e, 0x0, 0x0}]}]}}}}})
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x8, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000013000000000000000000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000005c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}, 0x94)
socket$vsock_stream(0x28, 0x1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, 0x0, &(0x7f00000000c0))
r4 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r4, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r4, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}, 0x669db774}, {{0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0xc316}], 0x2, 0x1832b, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x2409c8c1, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
openat$kvm(0xffffffffffffff9c, 0x0, 0x101302, 0x0)
sendto$inet6(r5, 0x0, 0x0, 0x40000, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0e1000000400004e040000000200000000000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="010000000000000000000c0000694d92a33df1fe700189180005800800"], 0x2c}}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="120100002ba1ef40ac0545023a0a0102230109021200010400000009041c0000034a02"], 0x0)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x100}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {}, {}, {0x4}, {0x6, 0x0, 0xa}, {}, {}, {0x85, 0x0, 0x0, 0x33}}, @call={0x85, 0x0, 0x0, 0x7}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc641}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={r9, 0x2000012, 0xe, 0x0, &(0x7f0000000080)="63eced8e46dc3f2ddf33c9e9b986", 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)

8.488806243s ago: executing program 3 (id=3006):
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000740)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)=ANY=[], 0x30}], 0x1}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$IOMMU_IOAS_ALLOC(0xffffffffffffffff, 0x3b81, &(0x7f00000003c0)={0xfffffffffffffef1})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x400000000000000, 0x2004c8, 0x7fffffff, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x1ff, 0xffffffffffffffff], 0x10000, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000500)={[0x7, 0x5, 0x6, 0x4004, 0x2, 0x4, 0x7fff, 0x0, 0x0, 0x1fffffe, 0x0, 0x1c, 0x2, 0xffbfffffffffffff, 0x6, 0xfffffffffffffffc], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 1)

7.097709762s ago: executing program 3 (id=3007):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x16ab, &(0x7f0000000040)={0x0, 0x36b, 0xc000, 0x3, 0x77})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0xfffffffffffffda2, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x24, &(0x7f0000000000)=0xa, 0x4)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r2, &(0x7f0000000300)="80", 0x1, 0x4048016, &(0x7f00000003c0)={0xa, 0x4e21, 0xc, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x2}, 0x1c) (fail_nth: 1)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000540)=0x140, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x3, &(0x7f0000000000)=0x6, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x8, &(0x7f0000000040)=0x3de8e7ea, 0x4)
sendto$inet6(r0, 0x0, 0x0, 0x20000080, &(0x7f0000006080)={0xa, 0x4e23, 0x4, @loopback, 0x4}, 0x1c)

6.345201238s ago: executing program 3 (id=3008):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x3, 0xe, &(0x7f0000000f40)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe0000000085000000c0000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c03406910927c6b0b55b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfe79578e51bc53099e90f4580d760551b5b342f7cbdb9cd38bdb2209c676b2ac2deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f132020000002cbe7bc04b82d2789cb1b2b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c41146dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a42b359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780c70014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e506d1387b63112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece08ac772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447e2ef0ae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a3f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099bdae7ed04935c2c90d3add8eebc8619d73415cda2130f5011e48455b5a8b90dfae158b94f50adeb988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ffa3c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe4a3ced846891180604b6dd2499d16d7d9158ffffff069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb0814040000007874b2f663ddeef0005b3d96c7aabf4df517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dbae3428d2129ecfce1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296c6a298c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f050000000000000026049fe86e09623524f390bf79b441b75fc790c58e273cd905deb28c13c1ed1c0d9cae846b03008cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc48f97496079654f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b4749c28eb5167e9936ed327fb237a56224e49d9ea956d1798571b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecf743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be182724d95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd0403a099f32468f1561f058960d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b656dc0e32384f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bbe3e8ef76f57a2d0e69115d33394e86e4b83c0f3c2a34635f3eee4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cd082027c641ec4355eb4acff90756d1a1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8cc3fe28bc3586844f5fecb92aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a5906002fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128ab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0afd9ae134400f70b5e6aefb7eee403502732df858a2ea033b6c91c673b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80ffb8f386bb79f5589829b6b0679b5d65a00000000000000e6ff00000000000000000000faff0000bab50bc8508a9644d3e7c328b0ff22035c8073f8c1f0e3da7339fc81d4ab3ef2857ef70a81d8a1628da28c942571880e22df7cabae56d5ff5e483c9c1f5a258b8f1f34cc300312f76a374a6e9b3f9dbd7f538a80b00f97e47895b3201c5126feca0888956a7d768198d9c2109ac508a47ebb99c539ef45af7d87b308117a9e321a3861bc42cf41942c31268a4020221d7b1622585094eddd83c7f4acdd7f5c23d8b730bf03118261edada8b8487a3b1b7548a4687a91f12bf70bb1df3bfe7d4b92ad6fcbf401efd6eb004cf20016ad8d1dad136dd856ffca238b39482811f9c8524bf182f1956a3d044423927df28880bbd11c06407220df8e1d1d483d947d990dc175803d765ca14a915a0040b641959ad3e776b4bb4852fea12983dc18b7404914a6137dc4a78f1e0d331c60a9019c21698cd18753491df962f496f2395563e9c3d7b1228d0e488cf7e50a29541aa757f2e2ee9ff4433d65db0de5a123d569e39dce481156cbec584c9a32a8e3b032fa003192c891d83119bc950abac9147b9fcb0acd9a207b5ceb7e8ed1d91c000000000000000000000000000000141258373281153fa27e586ea82650f070d8851ac9e7ac07b37a6479d4017b5b5af3ff4c91235df4f657d77e386a329aec4d766369c86b62b01ceb028c6fcf206883633cb143016b9f5351a45a8cb4ea110ba700000000000000883416b6eff6a793c71deb7d780c4f51d86ece127c0714144916f397d398ad2fe72b710b932c15c2369cb5d2d2f6ae420672c4a626195a891ac51825077fbc286aa3866bbf18a4a8b836ea8c90af0d5f0aff55b50bc18c27875ed2628b91224b7fa9fd10ccd7c1b1a92bac529df981a6d30100e68555553625c0e91a51000000000000000000fe030f85b294f3ea1fce314a9dcefbe3b64e83c35c5e95734786ca78315793cc0e6e776d2ec07c55cd89541ec25e074e840287011cab538d79e1569df321282071d49a4dc5fb2d7da1d05249d0e153fd04aca2", @ANYRES8], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x16, 0x0, 0xffffffffffffffff, 0xffffffffffffffc9}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000003c0)="0000003282031328ebc38f000000", 0x0, 0xfffffff9, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0a00000006000000080000000800000040000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r2=>r1}, './file0\x00'})
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000500)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000180)=r0}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e00002103000000fcffffff020000008400b6d6fdf91e2727a7a3460000b615bd4361c41fd55941e183df37b778b16d3955a4d99b90213de015b93e681b71b4bccef613076bbab2645f332fb56bacb3f7501d3bdb7363eab7cbb0799f13704df6a5f4099286e8546037e98e4ed32e96f30a8205e8a54cde1b51b60f596f01454d5f2d65966cfd13bc29c06c793460800292be2d88f08feed00ea2751fc9292a331eb6cf0a62373354ca10050a0bd20b295bcd7e9d828f87c9e96678f674de2c974529b57f10a1c9615152f86c3b6a733636a0cbff1c59784feca9ef16565bdc50fdb52588c14b5437b0c0a2cafcaf15881cda609e40d1df9444da22a8005d32795d63a43ff434c1bc8cccac1eab091661", @ANYRES32=r3, @ANYBLOB='\b\x00'/20, @ANYRES32=0x0, @ANYRES32=r2, @ANYBLOB="05000000000000000500"/28], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r4}, 0xc)
r5 = socket$kcm(0x10, 0x2, 0x0)
symlink(&(0x7f0000000000)='.\x00', &(0x7f0000000040)='./file0\x00')
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file2\x00', 0x8000, 0x0)
r6 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
r7 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x200000, 0x13b)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r6, 0x1, &(0x7f0000000340)={0x2000, r7}, 0x0)
landlock_restrict_self(r6, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000480)='./file1/file2\x00', 0xffffffffffffff9c, &(0x7f00000004c0)='./file0\x00', 0x2)
sendmsg$kcm(r5, &(0x7f0000000600)={0x0, 0xfd, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40)
r8 = getpid()
sched_setscheduler(r8, 0x2, &(0x7f0000000200)=0x6)
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f00000007c0)={{{@in=@private, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in6=@empty}, 0x0, @in=@loopback}}, &(0x7f0000000100)=0xe8)
setsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000140)={r8, r9, 0xee01}, 0xc)

5.864827842s ago: executing program 3 (id=3009):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000062d14406d0470084761000000010902120001000000000904"], 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8923, &(0x7f0000000040)={'wlan1\x00', @random="2e2ee363a4b1"})
sched_setaffinity(0x0, 0x0, 0x0) (async)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000140)={{0x1, 0x1, 0x18, r1}, './file0\x00'}) (async)
sched_setscheduler(0x0, 0x2, 0x0) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
mq_open(&(0x7f0000000a80)='4,\x00', 0x40, 0x0, &(0x7f0000000ac0)={0x2, 0x80000000, 0x1c5, 0x8000000000000000}) (async)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000180)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000010000001c000180060001000200000008000300ac1414aa0800060006"], 0x30}, 0x1, 0x0, 0x0, 0xaa34a4cfdf933201}, 0x10)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) (async)
syz_emit_ethernet(0x24, &(0x7f0000000080)={@remote, @local, @val={@val={0x88a8, 0x5, 0x1}, {0x8100, 0x0, 0x1, 0x4}}, {@llc={0x4, {@snap={0x1, 0x0, "b2", "82e4e2", 0x403, "355297ae8fc5"}}}}}, 0x0) (async)
listen(r6, 0x6f6) (async)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) (async)
r8 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000200)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r9, @ANYBLOB="010000000000000000000700000014000180050002000100"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x8)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) (async)
sendmsg$NFT_BATCH(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b160000000000000000020000084c00048018000180080001006f7366000c000280080001400000000430000180080001006e6174002400028008000140000000000800034000000014080002400000000208000740000000410900010073797a30000000000900020073797a3200000000140000001100010000000000000000000000000a602b36247b0ac2edef79d1d91b529bf2625e30e0cf7074350caf110bf8df2820d0e7c104ac641bce4e029188abfb72e34c7dd3cd487bb8dd3bdef9274b81f26fbeb5b0aa4d70288a478459d8cb9e90d231c6044b609ec8f8733927b5785f5385014abac2cd10d5186a54963a1c8f00f2ad8e28b0ec7d726e28750f9e8461d0d43d9ca17893a2b2a56aebc9aaa9c11a0b97618c"], 0xa0}, 0x1, 0x0, 0x0, 0x850}, 0x4040080)
r11 = socket(0x10, 0x2, 0x0)
sendto$inet6(r11, &(0x7f0000000240)="7800000018002507b9199b02ffff48000203be04020406050a02040c5c000900580006050a0000000d0085a168d0bf46d32345653600648d27000b000a00070849935ade4a460c89b6ec0cff3959547f509058ad86c902007a02004a32000407160012000a0a790000000000e21800003b6ed538f6523250", 0x78, 0x2251197285d36a80, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0) (async)
syz_usb_control_io$sierra_net(r0, 0x0, 0x0) (async)
syz_usb_control_io(r0, 0x0, 0x0) (async)
syz_usb_control_io(r0, 0x0, 0x0)

4.087836563s ago: executing program 34 (id=2966):
r0 = syz_open_dev$dri(&(0x7f00000001c0), 0x0, 0x400)
ioctl$DRM_IOCTL_MODE_GETENCODER(r0, 0xc01464a6, &(0x7f0000000200))
r1 = socket$netlink(0x10, 0x3, 0x10)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ZERO(r2, 0x0, 0x48f, &(0x7f0000007800)={0x84, @private=0xa010103, 0x4e24, 0x0, 'nq\x00', 0x30, 0x8, 0x36}, 0x2c)
r3 = socket$kcm(0x10, 0x2, 0x0)
fcntl$setsig(r1, 0xa, 0x32)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000340)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x8044)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='net/anycast6\x00')
read$FUSE(r5, &(0x7f0000000100)={0x2020}, 0x3c)
sendmsg$kcm(r3, &(0x7f0000000600)={0x0, 0xa00, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x8000)

4.071504841s ago: executing program 5 (id=3011):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) (async)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000000)={@my=0x0}) (async)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(0xffffffffffffffff, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x0, 0x1})
mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x0)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r1, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1, 0x0, 0x7ff})
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001) (async)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @local}, 0xfc, 0x0}, 0x30004001)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, 0x0, 0x0)
sync_file_range(r1, 0xe5, 0x0, 0x2)

3.297561996s ago: executing program 5 (id=3012):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
r3 = openat$cgroup(r2, &(0x7f0000000080)='syz1\x00', 0x200002, 0x0)
r4 = openat$cgroup_type(r3, &(0x7f0000000100), 0x2, 0x0)
sendfile(r0, r4, 0x0, 0x4000000000000007) (fail_nth: 1)

2.901337167s ago: executing program 5 (id=3013):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', 0x0, 0x0, &(0x7f0000000400))
rmdir(&(0x7f0000000140)='./file1\x00')
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffffff, &(0x7f0000000340)='./file0\x00', 0xf3)
chdir(&(0x7f0000000200)='./file0\x00')
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0x401c5820, &(0x7f00000008c0)={0xc0})

0s ago: executing program 5 (id=3014):
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x2, 0x51, &(0x7f0000001c40)=ANY=[@ANYBLOB="12010000875ac908651918004dd90102030109023f00010700a00c0904"], 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x2241, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_UNLINK(0xffffffffffffffff, 0x40044160, 0x3)

kernel console output (not intermixed with test programs):

 Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected.
[  770.939549][T11837] dvb-usb: bulk message failed: -22 (7/0)
[  770.939568][T11837] dvb-usb: bulk message failed: -22 (7/0)
[  770.987165][T11837] usb 6-1: USB disconnect, device number 49
[  771.241459][T13876] FAULT_INJECTION: forcing a failure.
[  771.241459][T13876] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  771.241502][T13876] CPU: 1 UID: 0 PID: 13876 Comm: syz.5.2640 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  771.241537][T13876] Tainted: [L]=SOFTLOCKUP
[  771.241546][T13876] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  771.241561][T13876] Call Trace:
[  771.241571][T13876]  <TASK>
[  771.241581][T13876]  dump_stack_lvl+0xe8/0x150
[  771.241619][T13876]  should_fail_ex+0x46b/0x600
[  771.241649][T13876]  _copy_from_user+0x2d/0xb0
[  771.241680][T13876]  ___sys_sendmsg+0x1c6/0x360
[  771.241704][T13876]  ? __lock_acquire+0x6b5/0x2cf0
[  771.241734][T13876]  ? __pfx____sys_sendmsg+0x10/0x10
[  771.241798][T13876]  ? __fget_files+0x2a/0x420
[  771.241818][T13876]  ? __fget_files+0x3a6/0x420
[  771.241850][T13876]  __x64_sys_sendmsg+0x1c3/0x2a0
[  771.241877][T13876]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  771.241913][T13876]  ? __pfx_ksys_write+0x10/0x10
[  771.241955][T13876]  do_syscall_64+0xe2/0xf80
[  771.241985][T13876]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  771.242006][T13876]  ? trace_irq_disable+0x37/0x100
[  771.242035][T13876]  ? clear_bhb_loop+0x60/0xb0
[  771.242069][T13876]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  771.242091][T13876] RIP: 0033:0x7fe47b28aeb9
[  771.242113][T13876] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  771.242133][T13876] RSP: 002b:00007fe4794e6028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  771.242158][T13876] RAX: ffffffffffffffda RBX: 00007fe47b505fa0 RCX: 00007fe47b28aeb9
[  771.242175][T13876] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  771.242190][T13876] RBP: 00007fe4794e6090 R08: 0000000000000000 R09: 0000000000000000
[  771.242205][T13876] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  771.242219][T13876] R13: 00007fe47b506038 R14: 00007fe47b505fa0 R15: 00007ffde62da018
[  771.242256][T13876]  </TASK>
[  771.620527][ T5944] usb 3-1: USB disconnect, device number 39
[  771.645041][T11837] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected.
[  771.960436][ T5888] usb 2-1: USB disconnect, device number 60
[  772.311898][T13891] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2647'.
[  774.096615][T13897] macvlan3: entered promiscuous mode
[  774.096647][T13897] macvlan3: entered allmulticast mode
[  774.118142][T13897] bond5: entered promiscuous mode
[  774.119037][T13897] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  774.292962][T13897] bond5: left promiscuous mode
[  775.026614][T13916] FAULT_INJECTION: forcing a failure.
[  775.026614][T13916] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  775.026661][T13916] CPU: 0 UID: 0 PID: 13916 Comm: syz.3.2656 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  775.026692][T13916] Tainted: [L]=SOFTLOCKUP
[  775.026701][T13916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  775.026715][T13916] Call Trace:
[  775.026725][T13916]  <TASK>
[  775.026736][T13916]  dump_stack_lvl+0xe8/0x150
[  775.026774][T13916]  should_fail_ex+0x46b/0x600
[  775.026805][T13916]  _copy_from_user+0x2d/0xb0
[  775.026837][T13916]  __sys_bpf+0x229/0x920
[  775.026874][T13916]  ? __pfx___sys_bpf+0x10/0x10
[  775.026902][T13916]  ? rt_mutex_slowunlock+0x1cb/0x300
[  775.026946][T13916]  ? ksys_write+0x248/0x270
[  775.026979][T13916]  ? __pfx_ksys_write+0x10/0x10
[  775.027018][T13916]  __x64_sys_bpf+0x7c/0x90
[  775.027047][T13916]  do_syscall_64+0xe2/0xf80
[  775.027077][T13916]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  775.027100][T13916]  ? trace_irq_disable+0x37/0x100
[  775.027130][T13916]  ? clear_bhb_loop+0x60/0xb0
[  775.027159][T13916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  775.027182][T13916] RIP: 0033:0x7fe9e5b0aeb9
[  775.027203][T13916] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  775.027222][T13916] RSP: 002b:00007fe9e3d66028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  775.027247][T13916] RAX: ffffffffffffffda RBX: 00007fe9e5d85fa0 RCX: 00007fe9e5b0aeb9
[  775.027265][T13916] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[  775.027280][T13916] RBP: 00007fe9e3d66090 R08: 0000000000000000 R09: 0000000000000000
[  775.027295][T13916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  775.027309][T13916] R13: 00007fe9e5d86038 R14: 00007fe9e5d85fa0 R15: 00007ffc524e4038
[  775.027345][T13916]  </TASK>
[  775.599518][T13921] overlayfs: conflicting lowerdir path
[  776.906154][ T5888] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  777.052688][ T5888] usb 2-1: Using ep0 maxpacket: 16
[  777.060268][ T5888] usb 2-1: config 0 has an invalid interface number: 126 but max is 0
[  777.060367][ T5888] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  777.060390][ T5888] usb 2-1: config 0 has no interface number 0
[  777.060441][ T5888] usb 2-1: config 0 interface 126 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[  777.060470][ T5888] usb 2-1: config 0 interface 126 altsetting 0 endpoint 0x87 has invalid maxpacket 34328, setting to 1024
[  777.060507][ T5888] usb 2-1: config 0 interface 126 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  777.060554][ T5888] usb 2-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88
[  777.060580][ T5888] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  777.155195][ T5888] usb 2-1: config 0 descriptor??
[  777.175089][T13938] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  777.216480][   T37] kauditd_printk_skb: 37 callbacks suppressed
[  777.216501][   T37] audit: type=1326 audit(1769964056.352:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13943 comm="syz.0.2653" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb1c7a5aeb9 code=0x0
[  777.217756][ T5888] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  777.267684][  T809] usb 6-1: new high-speed USB device number 50 using dummy_hcd
[  777.411192][  T809] usb 6-1: Using ep0 maxpacket: 16
[  777.442275][ T5888] snd-usb-audio 2-1:0.126: probe with driver snd-usb-audio failed with error -2
[  777.445087][  T809] usb 6-1: New USB device found, idVendor=0c45, idProduct=800a, bcdDevice=db.47
[  777.445122][  T809] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  777.445145][  T809] usb 6-1: Product: syz
[  777.445161][  T809] usb 6-1: Manufacturer: syz
[  777.445176][  T809] usb 6-1: SerialNumber: syz
[  777.489972][  T809] usb 6-1: config 0 descriptor??
[  777.526663][  T809] gspca_main: sn9c2028-2.14.0 probing 0c45:800a
[  777.532562][ T5888] usb 2-1: USB disconnect, device number 61
[  777.655487][T13959] udevd[13959]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.126/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  777.716252][  T809] gspca_sn9c2028: read1 error -32
[  777.912052][  T809] gspca_sn9c2028: read1 error -71
[  777.912151][  T809] sn9c2028 6-1:0.0: probe with driver sn9c2028 failed with error -71
[  777.942980][  T809] usb 6-1: USB disconnect, device number 50
[  778.043113][T13968] tmpfs: Bad value for 'mpol'
[  778.048138][T13968] netlink: 228 bytes leftover after parsing attributes in process `syz.1.2674'.
[  778.534993][  T809] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  778.692875][  T809] usb 2-1: device descriptor read/64, error -71
[  778.925138][  T809] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  779.048904][  T809] usb 2-1: device descriptor read/64, error -71
[  779.154367][  T809] usb usb2-port1: attempt power cycle
[  779.380442][T14003] misc userio: No port type given on /dev/userio
[  779.380480][T14003] misc userio: No port type given on /dev/userio
[  779.380502][T14003] misc userio: No port type given on /dev/userio
[  779.380524][T14003] misc userio: No port type given on /dev/userio
[  779.380545][T14003] misc userio: No port type given on /dev/userio
[  779.380567][T14003] misc userio: No port type given on /dev/userio
[  779.380588][T14003] misc userio: No port type given on /dev/userio
[  779.380608][T14003] misc userio: No port type given on /dev/userio
[  779.380629][T14003] misc userio: No port type given on /dev/userio
[  779.380650][T14003] misc userio: No port type given on /dev/userio
[  779.380671][T14003] misc userio: No port type given on /dev/userio
[  779.380692][T14003] misc userio: No port type given on /dev/userio
[  779.380875][T14003] misc userio: No port type given on /dev/userio
[  779.380897][T14003] misc userio: No port type given on /dev/userio
[  779.380919][T14003] misc userio: No port type given on /dev/userio
[  779.380940][T14003] misc userio: No port type given on /dev/userio
[  779.380961][T14003] misc userio: No port type given on /dev/userio
[  779.380981][T14003] misc userio: No port type given on /dev/userio
[  779.381002][T14003] misc userio: No port type given on /dev/userio
[  779.381022][T14003] misc userio: No port type given on /dev/userio
[  779.381042][T14003] misc userio: No port type given on /dev/userio
[  779.381063][T14003] misc userio: No port type given on /dev/userio
[  779.381084][T14003] misc userio: No port type given on /dev/userio
[  779.381104][T14003] misc userio: No port type given on /dev/userio
[  779.381125][T14003] misc userio: No port type given on /dev/userio
[  779.381146][T14003] misc userio: No port type given on /dev/userio
[  779.381167][T14003] misc userio: No port type given on /dev/userio
[  779.381188][T14003] misc userio: No port type given on /dev/userio
[  779.381208][T14003] misc userio: No port type given on /dev/userio
[  779.381230][T14003] misc userio: No port type given on /dev/userio
[  779.381250][T14003] misc userio: No port type given on /dev/userio
[  779.381270][T14003] misc userio: No port type given on /dev/userio
[  779.381310][T14003] misc userio: No port type given on /dev/userio
[  779.381330][T14003] misc userio: No port type given on /dev/userio
[  779.381351][T14003] misc userio: No port type given on /dev/userio
[  779.381378][T14003] misc userio: No port type given on /dev/userio
[  779.381398][T14003] misc userio: No port type given on /dev/userio
[  779.381419][T14003] misc userio: No port type given on /dev/userio
[  779.381438][T14003] misc userio: No port type given on /dev/userio
[  779.381458][T14003] misc userio: No port type given on /dev/userio
[  779.381477][T14003] misc userio: No port type given on /dev/userio
[  779.381498][T14003] misc userio: No port type given on /dev/userio
[  779.381518][T14003] misc userio: No port type given on /dev/userio
[  779.381539][T14003] misc userio: No port type given on /dev/userio
[  779.381560][T14003] misc userio: No port type given on /dev/userio
[  779.381579][T14003] misc userio: No port type given on /dev/userio
[  779.381601][T14003] misc userio: No port type given on /dev/userio
[  779.381621][T14003] misc userio: No port type given on /dev/userio
[  779.381642][T14003] misc userio: No port type given on /dev/userio
[  779.381662][T14003] misc userio: No port type given on /dev/userio
[  779.381681][T14003] misc userio: No port type given on /dev/userio
[  779.381701][T14003] misc userio: No port type given on /dev/userio
[  779.381722][T14003] misc userio: No port type given on /dev/userio
[  779.381742][T14003] misc userio: No port type given on /dev/userio
[  779.381762][T14003] misc userio: No port type given on /dev/userio
[  779.381782][T14003] misc userio: No port type given on /dev/userio
[  779.381801][T14003] misc userio: No port type given on /dev/userio
[  779.381822][T14003] misc userio: No port type given on /dev/userio
[  779.381842][T14003] misc userio: No port type given on /dev/userio
[  779.658740][  T809] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  779.678906][  T809] usb 2-1: device descriptor read/8, error -71
[  779.906276][  T809] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[  779.928002][  T809] usb 2-1: device descriptor read/8, error -71
[  780.030454][  T809] usb usb2-port1: unable to enumerate USB device
[  782.059033][T11837] usb 1-1: new high-speed USB device number 71 using dummy_hcd
[  782.249383][T11837] usb 1-1: Using ep0 maxpacket: 16
[  782.251864][T11837] usb 1-1: config 0 has an invalid interface number: 126 but max is 0
[  782.251895][T11837] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  782.251915][T11837] usb 1-1: config 0 has no interface number 0
[  782.251967][T11837] usb 1-1: config 0 interface 126 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[  782.251996][T11837] usb 1-1: config 0 interface 126 altsetting 0 endpoint 0x87 has invalid maxpacket 34328, setting to 1024
[  782.252024][T11837] usb 1-1: config 0 interface 126 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  782.252069][T11837] usb 1-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88
[  782.252094][T11837] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  782.257672][T11837] usb 1-1: config 0 descriptor??
[  782.259127][T14012] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  782.276689][T11837] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  782.753485][T14031] udevd[14031]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.126/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  783.333463][T11837] snd-usb-audio 1-1:0.126: probe with driver snd-usb-audio failed with error -2
[  783.412625][T11837] usb 1-1: USB disconnect, device number 71
[  783.917390][T11513] syz_tun (unregistering): left promiscuous mode
[  784.103462][T14049] FAULT_INJECTION: forcing a failure.
[  784.103462][T14049] name failslab, interval 1, probability 0, space 0, times 0
[  784.103504][T14049] CPU: 0 UID: 0 PID: 14049 Comm: syz.3.2699 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  784.103535][T14049] Tainted: [L]=SOFTLOCKUP
[  784.103544][T14049] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  784.103558][T14049] Call Trace:
[  784.103567][T14049]  <TASK>
[  784.103578][T14049]  dump_stack_lvl+0xe8/0x150
[  784.103615][T14049]  should_fail_ex+0x46b/0x600
[  784.103644][T14049]  ? __alloc_skb+0x1d7/0x390
[  784.103677][T14049]  should_failslab+0xa8/0x100
[  784.103712][T14049]  ? __alloc_skb+0x1d7/0x390
[  784.103742][T14049]  kmem_cache_alloc_node_noprof+0x8a/0x6d0
[  784.103783][T14049]  __alloc_skb+0x1d7/0x390
[  784.103820][T14049]  tipc_buf_acquire+0x2b/0xe0
[  784.103850][T14049]  tipc_msg_build+0x5bf/0xd60
[  784.103889][T14049]  ? net_generic+0x1e/0x240
[  784.103917][T14049]  ? __pfx_tipc_msg_build+0x10/0x10
[  784.103953][T14049]  ? net_generic+0x1e/0x240
[  784.103975][T14049]  ? net_generic+0x1e/0x240
[  784.104003][T14049]  ? tipc_group_bc_cong+0x16c/0x220
[  784.104052][T14049]  tipc_send_group_bcast+0x80c/0xb00
[  784.104104][T14049]  ? __pfx_tipc_send_group_bcast+0x10/0x10
[  784.104157][T14049]  ? __lock_acquire+0x6b5/0x2cf0
[  784.104181][T14049]  ? __pfx_woken_wake_function+0x10/0x10
[  784.104211][T14049]  ? __lock_acquire+0x6b5/0x2cf0
[  784.104245][T14049]  __tipc_sendmsg+0x34f/0x2be0
[  784.104295][T14049]  ? __pfx___tipc_sendmsg+0x10/0x10
[  784.104328][T14049]  ? try_to_take_rt_mutex+0x840/0xb00
[  784.104369][T14049]  ? __lock_acquire+0x6b5/0x2cf0
[  784.104400][T14049]  ? __lock_acquire+0x6b5/0x2cf0
[  784.104442][T14049]  ? __lock_acquire+0x6b5/0x2cf0
[  784.104504][T14049]  ? __local_bh_enable+0x1e1/0x2f0
[  784.104534][T14049]  ? __local_bh_enable_ip+0x1ae/0x2b0
[  784.104566][T14049]  tipc_sendmsg+0x55/0x70
[  784.104597][T14049]  sock_write_iter+0x509/0x550
[  784.104629][T14049]  ? __pfx_sock_write_iter+0x10/0x10
[  784.104685][T14049]  vfs_write+0x629/0xba0
[  784.104725][T14049]  ? __pfx_vfs_write+0x10/0x10
[  784.104767][T14049]  ? __fget_files+0x2a/0x420
[  784.104798][T14049]  ksys_write+0x156/0x270
[  784.104830][T14049]  ? __pfx_ksys_write+0x10/0x10
[  784.104872][T14049]  do_syscall_64+0xe2/0xf80
[  784.104904][T14049]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  784.104927][T14049]  ? trace_irq_disable+0x37/0x100
[  784.104957][T14049]  ? clear_bhb_loop+0x60/0xb0
[  784.104987][T14049]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  784.105024][T14049] RIP: 0033:0x7fe9e5b0aeb9
[  784.105051][T14049] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  784.105071][T14049] RSP: 002b:00007fe9e3d66028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  784.105095][T14049] RAX: ffffffffffffffda RBX: 00007fe9e5d85fa0 RCX: 00007fe9e5b0aeb9
[  784.105112][T14049] RDX: 000000000000fdef RSI: 0000200000000040 RDI: 0000000000000003
[  784.105128][T14049] RBP: 00007fe9e3d66090 R08: 0000000000000000 R09: 0000000000000000
[  784.105143][T14049] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  784.105157][T14049] R13: 00007fe9e5d86038 R14: 00007fe9e5d85fa0 R15: 00007ffc524e4038
[  784.105196][T14049]  </TASK>
[  785.442124][T11578] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  785.800713][ T5813] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  786.314453][ T5813] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  786.329713][ T5813] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  786.333679][ T5813] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  786.335130][ T5813] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  788.413151][ T5813] Bluetooth: hci4: command tx timeout
[  789.025296][T14088] FAULT_INJECTION: forcing a failure.
[  789.025296][T14088] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  789.025340][T14088] CPU: 1 UID: 0 PID: 14088 Comm: syz.0.2713 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  789.025370][T14088] Tainted: [L]=SOFTLOCKUP
[  789.025378][T14088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  789.025393][T14088] Call Trace:
[  789.025402][T14088]  <TASK>
[  789.025412][T14088]  dump_stack_lvl+0xe8/0x150
[  789.025449][T14088]  should_fail_ex+0x46b/0x600
[  789.025479][T14088]  _copy_from_user+0x2d/0xb0
[  789.025509][T14088]  __sys_bpf+0x229/0x920
[  789.025543][T14088]  ? __pfx___sys_bpf+0x10/0x10
[  789.025579][T14088]  ? rt_mutex_slowunlock+0x1cb/0x300
[  789.025623][T14088]  ? ksys_write+0x248/0x270
[  789.025653][T14088]  ? __pfx_ksys_write+0x10/0x10
[  789.025689][T14088]  __x64_sys_bpf+0x7c/0x90
[  789.025716][T14088]  do_syscall_64+0xe2/0xf80
[  789.025745][T14088]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  789.025767][T14088]  ? trace_irq_disable+0x37/0x100
[  789.025797][T14088]  ? clear_bhb_loop+0x60/0xb0
[  789.025825][T14088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  789.025847][T14088] RIP: 0033:0x7fb1c7a5aeb9
[  789.025868][T14088] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  789.025888][T14088] RSP: 002b:00007fb1c5cb6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  789.025911][T14088] RAX: ffffffffffffffda RBX: 00007fb1c7cd5fa0 RCX: 00007fb1c7a5aeb9
[  789.025928][T14088] RDX: 0000000000000050 RSI: 0000200000000300 RDI: 0000000000000000
[  789.025942][T14088] RBP: 00007fb1c5cb6090 R08: 0000000000000000 R09: 0000000000000000
[  789.025957][T14088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  789.025971][T14088] R13: 00007fb1c7cd6038 R14: 00007fb1c7cd5fa0 R15: 00007ffcd42c6ba8
[  789.026008][T14088]  </TASK>
[  789.568573][T11578] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  789.640310][ T5888] usb 1-1: new high-speed USB device number 72 using dummy_hcd
[  789.640328][ T1127] usb 6-1: new high-speed USB device number 51 using dummy_hcd
[  789.689658][T14067] chnl_net:caif_netlink_parms(): no params data found
[  789.792607][ T5888] usb 1-1: Using ep0 maxpacket: 16
[  789.814601][ T5888] usb 1-1: config 0 has an invalid interface number: 126 but max is 0
[  789.814634][ T5888] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  789.814655][ T5888] usb 1-1: config 0 has no interface number 0
[  789.814706][ T5888] usb 1-1: config 0 interface 126 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[  789.814733][ T5888] usb 1-1: config 0 interface 126 altsetting 0 endpoint 0x87 has invalid maxpacket 34328, setting to 1024
[  789.814762][ T5888] usb 1-1: config 0 interface 126 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  789.814784][ T5888] usb 1-1: config 0 interface 126 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 4
[  789.814831][ T5888] usb 1-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88
[  789.814856][ T5888] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  789.895961][ T5888] usb 1-1: config 0 descriptor??
[  789.899987][T14097] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  789.923652][ T1127] usb 6-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64
[  789.923683][ T1127] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  789.923704][ T1127] usb 6-1: Product: syz
[  789.923720][ T1127] usb 6-1: Manufacturer: syz
[  789.923735][ T1127] usb 6-1: SerialNumber: syz
[  789.985328][ T5888] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  790.059646][ T1127] usb 6-1: config 0 descriptor??
[  790.066770][ T1127] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state.
[  790.148828][ T1127] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  790.164844][ T1127] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0))
[  790.164909][ T1127] usb 6-1: media controller created
[  790.206876][T11578] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  790.253480][ T1127] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  790.364358][ T5813] Bluetooth: hci4: command tx timeout
[  790.442366][   T37] audit: type=1326 audit(1769964070.243:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14091 comm="syz.5.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe47b28aeb9 code=0x7ffc0000
[  790.442416][   T37] audit: type=1326 audit(1769964070.243:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14091 comm="syz.5.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe47b28aeb9 code=0x7ffc0000
[  790.447150][   T37] audit: type=1326 audit(1769964070.243:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14091 comm="syz.5.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe47b28aeb9 code=0x7ffc0000
[  790.447209][   T37] audit: type=1326 audit(1769964070.243:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14091 comm="syz.5.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=443 compat=0 ip=0x7fe47b28aeb9 code=0x7ffc0000
[  790.447258][   T37] audit: type=1326 audit(1769964070.243:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14091 comm="syz.5.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe47b28aeb9 code=0x7ffc0000
[  790.447306][   T37] audit: type=1326 audit(1769964070.243:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14091 comm="syz.5.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe47b28aeb9 code=0x7ffc0000
[  790.447353][   T37] audit: type=1326 audit(1769964070.243:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14091 comm="syz.5.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe47b24b78e code=0x7ffc0000
[  790.447406][   T37] audit: type=1326 audit(1769964070.243:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14091 comm="syz.5.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe47b28aeb9 code=0x7ffc0000
[  790.460583][   T37] audit: type=1326 audit(1769964070.264:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14091 comm="syz.5.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe47b24b78e code=0x7ffc0000
[  790.470729][   T37] audit: type=1326 audit(1769964070.274:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14091 comm="syz.5.2709" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fe47b24b78e code=0x7ffc0000
[  790.784928][ T1127] DVB: Unable to find symbol mt352_attach()
[  791.275799][ T5888] snd-usb-audio 1-1:0.126: probe with driver snd-usb-audio failed with error -2
[  791.304671][ T1127] DVB: Unable to find symbol nxt6000_attach()
[  791.304690][ T1127] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)'
[  791.337274][ T1127] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input66
[  791.348421][ T5888] usb 1-1: USB disconnect, device number 72
[  791.362942][ T1127] dvb-usb: schedule remote query interval to 1000 msecs.
[  791.362969][ T1127] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected.
[  791.362989][ T1127] dvb-usb: bulk message failed: -22 (7/0)
[  791.363008][ T1127] dvb-usb: bulk message failed: -22 (7/0)
[  791.429941][ T1127] usb 6-1: USB disconnect, device number 51
[  791.820088][ T1127] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected.
[  791.934469][T11578] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  792.339386][T14067] bridge0: port 1(bridge_slave_0) entered blocking state
[  792.339605][T14067] bridge0: port 1(bridge_slave_0) entered disabled state
[  792.339829][T14067] bridge_slave_0: entered allmulticast mode
[  792.345694][ T5813] Bluetooth: hci4: command tx timeout
[  792.372044][T14067] bridge_slave_0: entered promiscuous mode
[  793.198730][T14067] bridge0: port 2(bridge_slave_1) entered blocking state
[  793.199164][T14067] bridge0: port 2(bridge_slave_1) entered disabled state
[  793.199559][T14067] bridge_slave_1: entered allmulticast mode
[  793.328963][ T1127] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[  793.372158][T14067] bridge_slave_1: entered promiscuous mode
[  793.481905][ T1127] usb 2-1: Using ep0 maxpacket: 32
[  793.485884][ T1127] usb 2-1: config 1 interface 0 altsetting 11 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  793.485925][ T1127] usb 2-1: config 1 interface 0 has no altsetting 0
[  793.514207][ T1127] usb 2-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.40
[  793.514240][ T1127] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  793.514263][ T1127] usb 2-1: Product: 㠁
[  793.514279][ T1127] usb 2-1: Manufacturer: ␁
[  793.514294][ T1127] usb 2-1: SerialNumber: syz
[  793.577688][T14067] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  793.594119][T14067] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  793.740751][T14067] team0: Port device team_slave_0 added
[  793.763535][T14067] team0: Port device team_slave_1 added
[  793.812288][ T1127] usbhid 2-1:1.0: can't add hid device: -71
[  793.812429][ T1127] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  793.860995][ T1127] usb 2-1: USB disconnect, device number 66
[  793.955218][T14067] batman_adv: batadv0: Adding interface: batadv_slave_0
[  793.955239][T14067] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  793.955269][T14067] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  793.958107][T14067] batman_adv: batadv0: Adding interface: batadv_slave_1
[  793.958126][T14067] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  793.958156][T14067] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  794.208095][T14067] hsr_slave_0: entered promiscuous mode
[  794.209643][T14067] hsr_slave_1: entered promiscuous mode
[  794.210770][T14067] debugfs: 'hsr0' already exists in 'hsr'
[  794.231589][T14067] Cannot create hsr debugfs directory
[  794.330277][ T5813] Bluetooth: hci4: command tx timeout
[  795.666101][T14186] FAULT_INJECTION: forcing a failure.
[  795.666101][T14186] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  795.666144][T14186] CPU: 1 UID: 0 PID: 14186 Comm: syz.1.2745 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  795.666175][T14186] Tainted: [L]=SOFTLOCKUP
[  795.666183][T14186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  795.666197][T14186] Call Trace:
[  795.666206][T14186]  <TASK>
[  795.666216][T14186]  dump_stack_lvl+0xe8/0x150
[  795.666254][T14186]  should_fail_ex+0x46b/0x600
[  795.666284][T14186]  _copy_from_user+0x2d/0xb0
[  795.666314][T14186]  sk_setsockopt+0x2b3/0x2bb0
[  795.666357][T14186]  ? get_pid_task+0x20/0x1f0
[  795.666386][T14186]  ? __pfx_sk_setsockopt+0x10/0x10
[  795.666428][T14186]  ? __lock_acquire+0x6b5/0x2cf0
[  795.666456][T14186]  ? do_raw_spin_lock+0x12b/0x2f0
[  795.666503][T14186]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  795.666539][T14186]  udp_lib_setsockopt+0xf6/0x980
[  795.666569][T14186]  ? __pfx_udp_lib_setsockopt+0x10/0x10
[  795.666599][T14186]  ? __fget_files+0x2a/0x420
[  795.666623][T14186]  udp_setsockopt+0x77/0xc0
[  795.666647][T14186]  ? __pfx_udp_push_pending_frames+0x10/0x10
[  795.666681][T14186]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  795.666714][T14186]  do_sock_setsockopt+0x17c/0x1b0
[  795.666742][T14186]  __x64_sys_setsockopt+0x143/0x1b0
[  795.666771][T14186]  do_syscall_64+0xe2/0xf80
[  795.666801][T14186]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  795.666822][T14186]  ? trace_irq_disable+0x37/0x100
[  795.666851][T14186]  ? clear_bhb_loop+0x60/0xb0
[  795.666879][T14186]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  795.666901][T14186] RIP: 0033:0x7f00d6afaeb9
[  795.666921][T14186] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  795.666943][T14186] RSP: 002b:00007f00d4d56028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  795.666967][T14186] RAX: ffffffffffffffda RBX: 00007f00d6d75fa0 RCX: 00007f00d6afaeb9
[  795.666985][T14186] RDX: 000000000000003c RSI: 0000000000000001 RDI: 0000000000000003
[  795.666999][T14186] RBP: 00007f00d4d56090 R08: 0000000000000004 R09: 0000000000000000
[  795.667020][T14186] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  795.667034][T14186] R13: 00007f00d6d76038 R14: 00007f00d6d75fa0 R15: 00007ffe4955c2b8
[  795.667071][T14186]  </TASK>
[  796.260213][  T809] usb 1-1: new high-speed USB device number 73 using dummy_hcd
[  796.421548][  T809] usb 1-1: Using ep0 maxpacket: 32
[  796.468650][  T809] usb 1-1: config 1 interface 0 altsetting 11 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  796.468687][  T809] usb 1-1: config 1 interface 0 has no altsetting 0
[  796.476751][  T809] usb 1-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.40
[  796.476787][  T809] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  796.476810][  T809] usb 1-1: Product: 㠁
[  796.476825][  T809] usb 1-1: Manufacturer: ␁
[  796.476840][  T809] usb 1-1: SerialNumber: syz
[  796.725573][T14213] FAULT_INJECTION: forcing a failure.
[  796.725573][T14213] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  796.725616][T14213] CPU: 1 UID: 0 PID: 14213 Comm: syz.3.2756 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  796.725648][T14213] Tainted: [L]=SOFTLOCKUP
[  796.725657][T14213] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  796.725672][T14213] Call Trace:
[  796.725681][T14213]  <TASK>
[  796.725691][T14213]  dump_stack_lvl+0xe8/0x150
[  796.725728][T14213]  should_fail_ex+0x46b/0x600
[  796.725767][T14213]  _copy_from_user+0x2d/0xb0
[  796.725799][T14213]  ___sys_sendmsg+0x1c6/0x360
[  796.725823][T14213]  ? __lock_acquire+0x6b5/0x2cf0
[  796.725853][T14213]  ? __pfx____sys_sendmsg+0x10/0x10
[  796.725882][T14213]  ? kstrtouint+0x6e/0xe0
[  796.725933][T14213]  ? __fget_files+0x2a/0x420
[  796.725953][T14213]  ? __fget_files+0x3a6/0x420
[  796.725986][T14213]  __sys_sendmmsg+0x282/0x4e0
[  796.726017][T14213]  ? __pfx___sys_sendmmsg+0x10/0x10
[  796.726051][T14213]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  796.726089][T14213]  ? ksys_write+0x248/0x270
[  796.726126][T14213]  ? __pfx_ksys_write+0x10/0x10
[  796.726161][T14213]  __x64_sys_sendmmsg+0xa0/0xc0
[  796.726187][T14213]  do_syscall_64+0xe2/0xf80
[  796.726215][T14213]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  796.726237][T14213]  ? trace_irq_disable+0x37/0x100
[  796.726265][T14213]  ? clear_bhb_loop+0x60/0xb0
[  796.726294][T14213]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  796.726323][T14213] RIP: 0033:0x7fe9e5b0aeb9
[  796.726344][T14213] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  796.726364][T14213] RSP: 002b:00007fe9e3d66028 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  796.726388][T14213] RAX: ffffffffffffffda RBX: 00007fe9e5d85fa0 RCX: 00007fe9e5b0aeb9
[  796.726405][T14213] RDX: 0000000000000001 RSI: 0000200000001fc0 RDI: 0000000000000003
[  796.726420][T14213] RBP: 00007fe9e3d66090 R08: 0000000000000000 R09: 0000000000000000
[  796.726435][T14213] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  796.726449][T14213] R13: 00007fe9e5d86038 R14: 00007fe9e5d85fa0 R15: 00007ffc524e4038
[  796.726486][T14213]  </TASK>
[  797.072201][  T809] usbhid 1-1:1.0: can't add hid device: -71
[  797.072346][  T809] usbhid 1-1:1.0: probe with driver usbhid failed with error -71
[  797.136158][  T809] usb 1-1: USB disconnect, device number 73
[  797.642626][T14225] FAULT_INJECTION: forcing a failure.
[  797.642626][T14225] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  797.642672][T14225] CPU: 0 UID: 0 PID: 14225 Comm: syz.3.2759 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  797.642703][T14225] Tainted: [L]=SOFTLOCKUP
[  797.642720][T14225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  797.642734][T14225] Call Trace:
[  797.642743][T14225]  <TASK>
[  797.642753][T14225]  dump_stack_lvl+0xe8/0x150
[  797.642790][T14225]  should_fail_ex+0x46b/0x600
[  797.642821][T14225]  _copy_to_user+0x31/0xb0
[  797.642853][T14225]  simple_read_from_buffer+0xe1/0x170
[  797.642904][T14225]  proc_fail_nth_read+0x1be/0x230
[  797.642935][T14225]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  797.642970][T14225]  ? rw_verify_area+0x2ac/0x4e0
[  797.642997][T14225]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  797.643027][T14225]  vfs_read+0x212/0xa70
[  797.643064][T14225]  ? __pfx_vfs_read+0x10/0x10
[  797.643095][T14225]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  797.643125][T14225]  ? lockdep_hardirqs_on+0x7a/0x110
[  797.643153][T14225]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  797.643183][T14225]  ? mutex_lock_nested+0x152/0x1d0
[  797.643204][T14225]  ? fdget_pos+0x252/0x320
[  797.643234][T14225]  ksys_read+0x156/0x270
[  797.643263][T14225]  ? __pfx_ksys_read+0x10/0x10
[  797.643304][T14225]  do_syscall_64+0xe2/0xf80
[  797.643332][T14225]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  797.643355][T14225]  ? trace_irq_disable+0x37/0x100
[  797.643383][T14225]  ? clear_bhb_loop+0x60/0xb0
[  797.643410][T14225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  797.643433][T14225] RIP: 0033:0x7fe9e5acb78e
[  797.643454][T14225] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  797.643474][T14225] RSP: 002b:00007fe9e3d65fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  797.643498][T14225] RAX: ffffffffffffffda RBX: 00007fe9e3d666c0 RCX: 00007fe9e5acb78e
[  797.643515][T14225] RDX: 000000000000000f RSI: 00007fe9e3d660a0 RDI: 0000000000000004
[  797.643530][T14225] RBP: 00007fe9e3d66090 R08: 0000000000000000 R09: 0000000000000000
[  797.643545][T14225] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  797.643559][T14225] R13: 00007fe9e5d86038 R14: 00007fe9e5d85fa0 R15: 00007ffc524e4038
[  797.643596][T14225]  </TASK>
[  797.659878][  T809] usb 6-1: new high-speed USB device number 52 using dummy_hcd
[  797.841293][  T809] usb 6-1: Using ep0 maxpacket: 16
[  797.925916][  T809] usb 6-1: New USB device found, idVendor=0c45, idProduct=800a, bcdDevice=db.47
[  797.925959][  T809] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  797.925981][  T809] usb 6-1: Product: syz
[  797.925998][  T809] usb 6-1: Manufacturer: syz
[  797.926014][  T809] usb 6-1: SerialNumber: syz
[  797.981832][  T809] usb 6-1: config 0 descriptor??
[  798.025634][  T809] gspca_main: sn9c2028-2.14.0 probing 0c45:800a
[  798.199118][  T809] gspca_sn9c2028: read1 error -32
[  798.201863][  T809] gspca_sn9c2028: read1 error -32
[  798.202288][  T809] gspca_sn9c2028: read1 error -71
[  798.202591][  T809] sn9c2028 6-1:0.0: probe with driver sn9c2028 failed with error -71
[  798.233006][  T809] usb 6-1: USB disconnect, device number 52
[  798.512519][T14241] FAULT_INJECTION: forcing a failure.
[  798.512519][T14241] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  798.512549][T14241] CPU: 0 UID: 0 PID: 14241 Comm: syz.3.2768 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  798.512572][T14241] Tainted: [L]=SOFTLOCKUP
[  798.512578][T14241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  798.512589][T14241] Call Trace:
[  798.512595][T14241]  <TASK>
[  798.512603][T14241]  dump_stack_lvl+0xe8/0x150
[  798.512630][T14241]  should_fail_ex+0x46b/0x600
[  798.512651][T14241]  _copy_from_user+0x2d/0xb0
[  798.512673][T14241]  ___sys_sendmsg+0x1c6/0x360
[  798.512689][T14241]  ? __lock_acquire+0x6b5/0x2cf0
[  798.512711][T14241]  ? __pfx____sys_sendmsg+0x10/0x10
[  798.512753][T14241]  ? __fget_files+0x2a/0x420
[  798.512767][T14241]  ? __fget_files+0x3a6/0x420
[  798.512788][T14241]  __x64_sys_sendmsg+0x1c3/0x2a0
[  798.512807][T14241]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  798.512840][T14241]  ? __pfx_ksys_write+0x10/0x10
[  798.512869][T14241]  do_syscall_64+0xe2/0xf80
[  798.512891][T14241]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  798.512908][T14241]  ? trace_irq_disable+0x37/0x100
[  798.512929][T14241]  ? clear_bhb_loop+0x60/0xb0
[  798.512949][T14241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  798.512965][T14241] RIP: 0033:0x7fe9e5b0aeb9
[  798.512979][T14241] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  798.512993][T14241] RSP: 002b:00007fe9e3d66028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  798.513010][T14241] RAX: ffffffffffffffda RBX: 00007fe9e5d85fa0 RCX: 00007fe9e5b0aeb9
[  798.513022][T14241] RDX: 0000000020000000 RSI: 0000200000000200 RDI: 0000000000000004
[  798.513033][T14241] RBP: 00007fe9e3d66090 R08: 0000000000000000 R09: 0000000000000000
[  798.513044][T14241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  798.513053][T14241] R13: 00007fe9e5d86038 R14: 00007fe9e5d85fa0 R15: 00007ffc524e4038
[  798.513079][T14241]  </TASK>
[  798.587189][  T809] usb 1-1: new high-speed USB device number 74 using dummy_hcd
[  798.592134][T11578] ip6gretap0 (unregistering): left promiscuous mode
[  798.793230][  T809] usb 1-1: Using ep0 maxpacket: 16
[  798.795300][  T809] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  798.795327][  T809] usb 1-1: config 0 interface 0 has no altsetting 0
[  798.795352][  T809] usb 1-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  798.795370][  T809] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  798.799382][  T809] usb 1-1: config 0 descriptor??
[  799.185908][T14250] process 'syz.5.2771' launched './file0' with NULL argv: empty string added
[  799.438062][  T809] usbhid 1-1:0.0: can't add hid device: -71
[  799.438199][  T809] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  799.480756][  T809] usb 1-1: USB disconnect, device number 74
[  799.545922][ T5888] usb 6-1: new low-speed USB device number 53 using dummy_hcd
[  799.695905][ T5888] usb 6-1: config index 0 descriptor too short (expected 6427, got 27)
[  799.695945][ T5888] usb 6-1: config 0 has an invalid interface number: 21 but max is 0
[  799.695960][ T5888] usb 6-1: config 0 has no interface number 0
[  799.695996][ T5888] usb 6-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt
[  799.696013][ T5888] usb 6-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  799.696042][ T5888] usb 6-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  799.696060][ T5888] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  799.717455][ T5888] usb 6-1: config 0 descriptor??
[  799.799127][T11578] gretap0 (unregistering): left promiscuous mode
[  800.566447][T14263] FAULT_INJECTION: forcing a failure.
[  800.566447][T14263] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  800.566536][T14263] CPU: 0 UID: 0 PID: 14263 Comm: syz.3.2778 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  800.566568][T14263] Tainted: [L]=SOFTLOCKUP
[  800.566577][T14263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  800.566595][T14263] Call Trace:
[  800.566603][T14263]  <TASK>
[  800.566612][T14263]  dump_stack_lvl+0xe8/0x150
[  800.566640][T14263]  should_fail_ex+0x46b/0x600
[  800.566662][T14263]  prepare_alloc_pages+0x22a/0x6b0
[  800.566695][T14263]  __alloc_frozen_pages_noprof+0x12f/0x380
[  800.566719][T14263]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  800.566739][T14263]  ? __pfx_policy_nodemask+0x10/0x10
[  800.566773][T14263]  alloc_pages_mpol+0xd1/0x380
[  800.566801][T14263]  folio_alloc_mpol_noprof+0x39/0xe0
[  800.566829][T14263]  shmem_get_folio_gfp+0x644/0x1a80
[  800.566873][T14263]  ? __pfx_shmem_get_folio_gfp+0x10/0x10
[  800.566897][T14263]  ? __pfx_shmem_write_begin+0x10/0x10
[  800.566928][T14263]  shmem_write_begin+0x166/0x320
[  800.566958][T14263]  generic_perform_write+0x2af/0x8b0
[  800.566973][T14263]  ? irqentry_exit+0x59c/0x620
[  800.567004][T14263]  ? __pfx_generic_perform_write+0x10/0x10
[  800.567034][T14263]  ? shmem_file_write_iter+0xdd/0x120
[  800.567057][T14263]  shmem_file_write_iter+0xfb/0x120
[  800.567077][T14263]  vfs_write+0x629/0xba0
[  800.567105][T14263]  ? __pfx_vfs_write+0x10/0x10
[  800.567137][T14263]  ? ksys_write+0x51/0x270
[  800.567160][T14263]  ksys_write+0x156/0x270
[  800.567183][T14263]  ? __pfx_ksys_write+0x10/0x10
[  800.567207][T14263]  ? __x64_sys_write+0x2d/0x90
[  800.567231][T14263]  do_syscall_64+0xe2/0xf80
[  800.567254][T14263]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  800.567270][T14263]  ? clear_bhb_loop+0x60/0xb0
[  800.567290][T14263]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  800.567307][T14263] RIP: 0033:0x7fe9e5b0aeb9
[  800.567322][T14263] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  800.567337][T14263] RSP: 002b:00007fe9e3d45028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  800.567354][T14263] RAX: ffffffffffffffda RBX: 00007fe9e5d86090 RCX: 00007fe9e5b0aeb9
[  800.567366][T14263] RDX: 000000000001000a RSI: 0000200000000440 RDI: 0000000000000005
[  800.567377][T14263] RBP: 00007fe9e3d45090 R08: 0000000000000000 R09: 0000000000000000
[  800.567388][T14263] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  800.567398][T14263] R13: 00007fe9e5d86128 R14: 00007fe9e5d86090 R15: 00007ffc524e4038
[  800.567424][T14263]  </TASK>
[  802.393305][  T809] usb 1-1: new high-speed USB device number 75 using dummy_hcd
[  802.583847][  T809] usb 1-1: Using ep0 maxpacket: 16
[  802.610458][  T809] usb 1-1: New USB device found, idVendor=0c45, idProduct=800a, bcdDevice=db.47
[  802.610554][  T809] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  802.610578][  T809] usb 1-1: Product: syz
[  802.610595][  T809] usb 1-1: Manufacturer: syz
[  802.610611][  T809] usb 1-1: SerialNumber: syz
[  802.700824][  T809] usb 1-1: config 0 descriptor??
[  802.753451][  T809] gspca_main: sn9c2028-2.14.0 probing 0c45:800a
[  802.906492][  T809] gspca_sn9c2028: read1 error -32
[  802.909683][  T809] gspca_sn9c2028: read1 error -32
[  802.920685][  T809] gspca_sn9c2028: read1 error -71
[  802.920795][  T809] sn9c2028 1-1:0.0: probe with driver sn9c2028 failed with error -71
[  802.924428][  T809] usb 1-1: USB disconnect, device number 75
[  802.979896][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[  802.980165][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[  803.008536][T11578] bond1 (unregistering): (slave bridge1): Releasing backup interface
[  803.290027][T11578] bond2 (unregistering): (slave bridge2): Releasing backup interface
[  803.813847][T11578] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  803.938875][T11578] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  803.995678][  T809] usb 1-1: new high-speed USB device number 76 using dummy_hcd
[  804.052677][T11578] bond0 (unregistering): Released all slaves
[  804.069834][T11578] bond1 (unregistering): Released all slaves
[  804.093782][T11578] bond2 (unregistering): Released all slaves
[  804.118555][T11578] bond3 (unregistering): Released all slaves
[  804.136365][  T809] usb 1-1: Using ep0 maxpacket: 16
[  804.139945][  T809] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  804.139985][  T809] usb 1-1: config 0 interface 0 has no altsetting 0
[  804.140080][  T809] usb 1-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  804.140107][  T809] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  804.219671][  T809] usb 1-1: config 0 descriptor??
[  804.342228][T11578] bond4 (unregistering): Released all slaves
[  804.369828][T11578] bond5 (unregistering): Released all slaves
[  804.408035][T14298] FAULT_INJECTION: forcing a failure.
[  804.408035][T14298] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  804.408077][T14298] CPU: 1 UID: 0 PID: 14298 Comm: syz.3.2795 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  804.408109][T14298] Tainted: [L]=SOFTLOCKUP
[  804.408116][T14298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  804.408143][T14298] Call Trace:
[  804.408153][T14298]  <TASK>
[  804.408164][T14298]  dump_stack_lvl+0xe8/0x150
[  804.408200][T14298]  should_fail_ex+0x46b/0x600
[  804.408231][T14298]  _copy_from_user+0x2d/0xb0
[  804.408260][T14298]  __vb2_perform_fileio+0x97e/0x1610
[  804.408301][T14298]  vb2_fop_write+0x235/0x350
[  804.408352][T14298]  v4l2_write+0x19f/0x2c0
[  804.408376][T14298]  ? __pfx_v4l2_write+0x10/0x10
[  804.408400][T14298]  vfs_write+0x2a3/0xba0
[  804.408438][T14298]  ? __pfx_vfs_write+0x10/0x10
[  804.408468][T14298]  ? __fget_files+0x2a/0x420
[  804.408502][T14298]  ? __fget_files+0x2a/0x420
[  804.408521][T14298]  ? __fget_files+0x3a6/0x420
[  804.408541][T14298]  ? __fget_files+0x2a/0x420
[  804.408571][T14298]  ksys_write+0x156/0x270
[  804.408603][T14298]  ? __pfx_ksys_write+0x10/0x10
[  804.408676][T14298]  do_syscall_64+0xe2/0xf80
[  804.408709][T14298]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  804.408732][T14298]  ? trace_irq_disable+0x37/0x100
[  804.408761][T14298]  ? clear_bhb_loop+0x60/0xb0
[  804.408787][T14298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  804.408812][T14298] RIP: 0033:0x7fe9e5b0aeb9
[  804.408827][T14298] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  804.408862][T14298] RSP: 002b:00007fe9e3d66028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  804.408886][T14298] RAX: ffffffffffffffda RBX: 00007fe9e5d85fa0 RCX: 00007fe9e5b0aeb9
[  804.408905][T14298] RDX: 0000000000000069 RSI: 0000200000000680 RDI: 0000000000000004
[  804.408919][T14298] RBP: 00007fe9e3d66090 R08: 0000000000000000 R09: 0000000000000000
[  804.408933][T14298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  804.408947][T14298] R13: 00007fe9e5d86038 R14: 00007fe9e5d85fa0 R15: 00007ffc524e4038
[  804.408984][T14298]  </TASK>
[  804.894703][  T809] usbhid 1-1:0.0: can't add hid device: -71
[  804.894839][  T809] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  804.900027][  T809] usb 1-1: USB disconnect, device number 76
[  804.904011][ T5888] usb 6-1: USB disconnect, device number 53
[  805.091200][T14067] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  805.123239][T14067] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  805.695175][T11837] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[  805.833660][T14067] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  805.861983][T11837] usb 2-1: Using ep0 maxpacket: 32
[  805.881634][T11837] usb 2-1: config 1 interface 0 altsetting 11 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  805.881674][T11837] usb 2-1: config 1 interface 0 has no altsetting 0
[  805.885178][T11837] usb 2-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.40
[  805.885202][T11837] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  805.885217][T11837] usb 2-1: Product: 㠁
[  805.885229][T11837] usb 2-1: Manufacturer: ␁
[  805.885240][T11837] usb 2-1: SerialNumber: syz
[  806.070217][ T5888] usb 1-1: new high-speed USB device number 77 using dummy_hcd
[  806.224721][ T5888] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  806.224751][ T5888] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  806.224792][ T5888] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  806.224818][ T5888] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  806.229597][ T5888] usb 1-1: config 0 descriptor??
[  806.311921][T11837] usbhid 2-1:1.0: can't add hid device: -71
[  806.312062][T11837] usbhid 2-1:1.0: probe with driver usbhid failed with error -71
[  806.395079][T11837] usb 2-1: USB disconnect, device number 67
[  806.395137][T14067] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  806.675946][T14350] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  806.766474][T14355] capability: warning: `syz.3.2813' uses 32-bit capabilities (legacy support in use)
[  806.769827][T14355] loop2: detected capacity change from 0 to 7
[  806.835613][T14355]  loop2:
[  806.835655][T14355] loop2: partition table partially beyond EOD, truncated
[  807.212992][T11837] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[  807.370318][T11837] usb 2-1: Using ep0 maxpacket: 16
[  807.373508][T11837] usb 2-1: config 0 has an invalid interface number: 126 but max is 0
[  807.373539][T11837] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  807.373560][T11837] usb 2-1: config 0 has no interface number 0
[  807.373613][T11837] usb 2-1: config 0 interface 126 altsetting 0 has an endpoint descriptor with address 0xB7, changing to 0x87
[  807.373644][T11837] usb 2-1: config 0 interface 126 altsetting 0 endpoint 0x87 has invalid maxpacket 34328, setting to 1024
[  807.373674][T11837] usb 2-1: config 0 interface 126 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  807.373702][T11837] usb 2-1: config 0 interface 126 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  807.373724][T11837] usb 2-1: config 0 interface 126 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 4
[  807.373767][T11837] usb 2-1: New USB device found, idVendor=0763, idProduct=1015, bcdDevice=56.88
[  807.373792][T11837] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  807.399368][T11837] usb 2-1: config 0 descriptor??
[  807.400901][T14361] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  807.481073][T11837] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  807.709684][T11578] hsr_slave_0: left promiscuous mode
[  807.761287][T11578] hsr_slave_1: left promiscuous mode
[  807.762505][T11578] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  807.762535][T11578] batman_adv: batadv0: Removing interface: batadv_slave_0
[  807.824903][T11578] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  807.824935][T11578] batman_adv: batadv0: Removing interface: batadv_slave_1
[  807.843699][T11837] snd-usb-audio 2-1:0.126: probe with driver snd-usb-audio failed with error -2
[  807.908593][T11837] usb 2-1: USB disconnect, device number 68
[  808.068308][T11578] veth1_macvtap: left promiscuous mode
[  808.068430][T11578] veth0_macvtap: left promiscuous mode
[  808.068691][T11578] veth1_vlan: left promiscuous mode
[  808.099178][T11578] veth0_vlan: left promiscuous mode
[  808.692813][T11837] usb 1-1: USB disconnect, device number 77
[  808.908752][   T31] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[  809.070164][   T31] usb 2-1: Using ep0 maxpacket: 16
[  809.072855][   T31] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9
[  809.072894][   T31] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8240, setting to 1024
[  809.072925][   T31] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  809.072970][   T31] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  809.073003][   T31] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  809.078462][   T31] usb 2-1: config 0 descriptor??
[  809.122022][T11837] usb 1-1: new high-speed USB device number 78 using dummy_hcd
[  809.327186][T11837] usb 1-1: Using ep0 maxpacket: 32
[  809.343389][T11837] usb 1-1: config 1 interface 0 altsetting 11 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  809.343430][T11837] usb 1-1: config 1 interface 0 has no altsetting 0
[  809.455971][T11837] usb 1-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.40
[  809.456062][T11837] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  809.456087][T11837] usb 1-1: Product: 㠁
[  809.456104][T11837] usb 1-1: Manufacturer: ␁
[  809.456120][T11837] usb 1-1: SerialNumber: syz
[  809.523932][   T31] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  809.523977][   T31] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  809.524049][   T31] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  809.524075][   T31] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  809.524099][   T31] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  809.524123][   T31] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  809.524740][   T31] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  809.524769][   T31] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  809.524839][   T31] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  809.524865][   T31] microsoft 0003:045E:07DA.0014: unknown main item tag 0x0
[  809.869826][T11837] usbhid 1-1:1.0: can't add hid device: -71
[  809.869971][T11837] usbhid 1-1:1.0: probe with driver usbhid failed with error -71
[  809.891404][T14396] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  809.897444][   T31] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.0014/input/input68
[  809.914165][T11837] usb 1-1: USB disconnect, device number 78
[  810.186253][   T31] microsoft 0003:045E:07DA.0014: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[  810.243998][   T31] usb 2-1: USB disconnect, device number 69
[  810.497166][T14401] fido_id[14401]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory
[  811.325685][T14411] FAULT_INJECTION: forcing a failure.
[  811.325685][T14411] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  811.325717][T14411] CPU: 0 UID: 0 PID: 14411 Comm: syz.1.2828 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  811.325749][T14411] Tainted: [L]=SOFTLOCKUP
[  811.325758][T14411] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  811.325773][T14411] Call Trace:
[  811.325782][T14411]  <TASK>
[  811.325790][T14411]  dump_stack_lvl+0xe8/0x150
[  811.325818][T14411]  should_fail_ex+0x46b/0x600
[  811.325842][T14411]  _copy_from_user+0x2d/0xb0
[  811.325865][T14411]  __sys_bpf+0x229/0x920
[  811.325890][T14411]  ? __pfx___sys_bpf+0x10/0x10
[  811.325911][T14411]  ? rt_mutex_slowunlock+0x1cb/0x300
[  811.325941][T14411]  ? ksys_write+0x248/0x270
[  811.325965][T14411]  ? __pfx_ksys_write+0x10/0x10
[  811.325991][T14411]  __x64_sys_bpf+0x7c/0x90
[  811.326012][T14411]  do_syscall_64+0xe2/0xf80
[  811.326034][T14411]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  811.326050][T14411]  ? trace_irq_disable+0x37/0x100
[  811.326072][T14411]  ? clear_bhb_loop+0x60/0xb0
[  811.326091][T14411]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  811.326107][T14411] RIP: 0033:0x7f00d6afaeb9
[  811.326121][T14411] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  811.326136][T14411] RSP: 002b:00007f00d4d56028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  811.326154][T14411] RAX: ffffffffffffffda RBX: 00007f00d6d75fa0 RCX: 00007f00d6afaeb9
[  811.326166][T14411] RDX: 0000000000000048 RSI: 00002000000054c0 RDI: 0000000000000005
[  811.326177][T14411] RBP: 00007f00d4d56090 R08: 0000000000000000 R09: 0000000000000000
[  811.326187][T14411] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  811.326196][T14411] R13: 00007f00d6d76038 R14: 00007f00d6d75fa0 R15: 00007ffe4955c2b8
[  811.326221][T14411]  </TASK>
[  812.041341][   T37] kauditd_printk_skb: 139 callbacks suppressed
[  812.041360][   T37] audit: type=1326 audit(1769964092.910:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14420 comm="syz.1.2833" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f00d6afaeb9 code=0x0
[  812.116130][T14422] FAULT_INJECTION: forcing a failure.
[  812.116130][T14422] name failslab, interval 1, probability 0, space 0, times 0
[  812.116161][T14422] CPU: 0 UID: 0 PID: 14422 Comm: syz.1.2833 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  812.116183][T14422] Tainted: [L]=SOFTLOCKUP
[  812.116189][T14422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  812.116200][T14422] Call Trace:
[  812.116206][T14422]  <TASK>
[  812.116213][T14422]  dump_stack_lvl+0xe8/0x150
[  812.116240][T14422]  should_fail_ex+0x46b/0x600
[  812.116260][T14422]  ? getname_flags+0xb7/0x540
[  812.116285][T14422]  should_failslab+0xa8/0x100
[  812.116309][T14422]  ? getname_flags+0xb7/0x540
[  812.116330][T14422]  kmem_cache_alloc_noprof+0x83/0x6a0
[  812.116351][T14422]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  812.116373][T14422]  ? lockdep_hardirqs_on+0x7a/0x110
[  812.116398][T14422]  getname_flags+0xb7/0x540
[  812.116424][T14422]  do_sys_openat2+0xca/0x220
[  812.116442][T14422]  ? __pfx_do_sys_openat2+0x10/0x10
[  812.116459][T14422]  ? ksys_write+0x248/0x270
[  812.116480][T14422]  ? __pfx_ksys_write+0x10/0x10
[  812.116502][T14422]  __x64_sys_openat+0x138/0x170
[  812.116522][T14422]  do_syscall_64+0xe2/0xf80
[  812.116542][T14422]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  812.116558][T14422]  ? trace_irq_disable+0x37/0x100
[  812.116579][T14422]  ? clear_bhb_loop+0x60/0xb0
[  812.116598][T14422]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  812.116613][T14422] RIP: 0033:0x7f00d6abb78e
[  812.116628][T14422] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  812.116642][T14422] RSP: 002b:00007f00d4d34ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  812.116659][T14422] RAX: ffffffffffffffda RBX: 00007f00d4d356c0 RCX: 00007f00d6abb78e
[  812.116671][T14422] RDX: 0000000000000002 RSI: 00007f00d4d34f90 RDI: ffffffffffffff9c
[  812.116682][T14422] RBP: 00007f00d4d35090 R08: 0000000000000000 R09: 0000000000000000
[  812.116692][T14422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  812.116702][T14422] R13: 00007f00d6d76128 R14: 00007f00d6d76090 R15: 00007ffe4955c2b8
[  812.116727][T14422]  </TASK>
[  813.233123][T11578] team0 (unregistering): Port device team_slave_1 removed
[  813.538088][T11578] team0 (unregistering): Port device team_slave_0 removed
[  816.492575][T14434] FAULT_INJECTION: forcing a failure.
[  816.492575][T14434] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  816.492617][T14434] CPU: 1 UID: 0 PID: 14434 Comm: syz.5.2838 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  816.492647][T14434] Tainted: [L]=SOFTLOCKUP
[  816.492655][T14434] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  816.492669][T14434] Call Trace:
[  816.492678][T14434]  <TASK>
[  816.492694][T14434]  dump_stack_lvl+0xe8/0x150
[  816.492730][T14434]  should_fail_ex+0x46b/0x600
[  816.492760][T14434]  _copy_from_user+0x2d/0xb0
[  816.492791][T14434]  __sys_bind+0x1cc/0x410
[  816.492825][T14434]  ? __pfx___sys_bind+0x10/0x10
[  816.492869][T14434]  ? __pfx_ksys_write+0x10/0x10
[  816.492906][T14434]  __x64_sys_bind+0x7a/0x90
[  816.492938][T14434]  do_syscall_64+0xe2/0xf80
[  816.492969][T14434]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  816.492992][T14434]  ? trace_irq_disable+0x37/0x100
[  816.493021][T14434]  ? clear_bhb_loop+0x60/0xb0
[  816.493048][T14434]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  816.493070][T14434] RIP: 0033:0x7fe47b28aeb9
[  816.493091][T14434] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  816.493112][T14434] RSP: 002b:00007fe4794e6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  816.493136][T14434] RAX: ffffffffffffffda RBX: 00007fe47b505fa0 RCX: 00007fe47b28aeb9
[  816.493154][T14434] RDX: 0000000000000018 RSI: 0000200000000040 RDI: 0000000000000003
[  816.493169][T14434] RBP: 00007fe4794e6090 R08: 0000000000000000 R09: 0000000000000000
[  816.493185][T14434] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  816.493206][T14434] R13: 00007fe47b506038 R14: 00007fe47b505fa0 R15: 00007ffde62da018
[  816.493243][T14434]  </TASK>
[  816.497073][T14434] netlink: 312 bytes leftover after parsing attributes in process `syz.5.2838'.
[  816.825272][T14439] FAULT_INJECTION: forcing a failure.
[  816.825272][T14439] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  816.825314][T14439] CPU: 1 UID: 0 PID: 14439 Comm: syz.3.2840 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  816.825346][T14439] Tainted: [L]=SOFTLOCKUP
[  816.825353][T14439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  816.825366][T14439] Call Trace:
[  816.825374][T14439]  <TASK>
[  816.825382][T14439]  dump_stack_lvl+0xe8/0x150
[  816.825413][T14439]  should_fail_ex+0x46b/0x600
[  816.825437][T14439]  _copy_from_user+0x2d/0xb0
[  816.825463][T14439]  ___sys_sendmsg+0x1c6/0x360
[  816.825483][T14439]  ? __lock_acquire+0x6b5/0x2cf0
[  816.825508][T14439]  ? __pfx____sys_sendmsg+0x10/0x10
[  816.825556][T14439]  ? __fget_files+0x2a/0x420
[  816.825572][T14439]  ? __fget_files+0x3a6/0x420
[  816.825596][T14439]  __x64_sys_sendmsg+0x1c3/0x2a0
[  816.825624][T14439]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  816.825642][T14439]  ? sched_clock_cpu+0x74/0x440
[  816.825674][T14439]  ? rcu_is_watching+0x15/0xb0
[  816.825709][T14439]  do_syscall_64+0xe2/0xf80
[  816.825734][T14439]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  816.825753][T14439]  ? clear_bhb_loop+0x60/0xb0
[  816.825775][T14439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  816.825793][T14439] RIP: 0033:0x7fe9e5b0aeb9
[  816.825810][T14439] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  816.825827][T14439] RSP: 002b:00007fe9e3d66028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  816.825847][T14439] RAX: ffffffffffffffda RBX: 00007fe9e5d85fa0 RCX: 00007fe9e5b0aeb9
[  816.825861][T14439] RDX: 00000000040040d4 RSI: 0000200000000ec0 RDI: 0000000000000003
[  816.825874][T14439] RBP: 00007fe9e3d66090 R08: 0000000000000000 R09: 0000000000000000
[  816.825886][T14439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  816.825897][T14439] R13: 00007fe9e5d86038 R14: 00007fe9e5d85fa0 R15: 00007ffc524e4038
[  816.825926][T14439]  </TASK>
[  817.389646][T14067] 8021q: adding VLAN 0 to HW filter on device bond0
[  817.498457][T14067] 8021q: adding VLAN 0 to HW filter on device team0
[  817.518141][T11583] bridge0: port 1(bridge_slave_0) entered blocking state
[  817.518315][T11583] bridge0: port 1(bridge_slave_0) entered forwarding state
[  817.553089][T11583] bridge0: port 2(bridge_slave_1) entered blocking state
[  817.553292][T11583] bridge0: port 2(bridge_slave_1) entered forwarding state
[  817.735731][T14459] FAULT_INJECTION: forcing a failure.
[  817.735731][T14459] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  817.735773][T14459] CPU: 1 UID: 0 PID: 14459 Comm: syz.3.2845 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  817.735804][T14459] Tainted: [L]=SOFTLOCKUP
[  817.735812][T14459] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  817.735827][T14459] Call Trace:
[  817.735837][T14459]  <TASK>
[  817.735847][T14459]  dump_stack_lvl+0xe8/0x150
[  817.735884][T14459]  should_fail_ex+0x46b/0x600
[  817.735914][T14459]  _copy_to_user+0x31/0xb0
[  817.735947][T14459]  simple_read_from_buffer+0xe1/0x170
[  817.735985][T14459]  proc_fail_nth_read+0x1be/0x230
[  817.736017][T14459]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  817.736048][T14459]  ? rw_verify_area+0x2ac/0x4e0
[  817.736076][T14459]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  817.736106][T14459]  vfs_read+0x212/0xa70
[  817.736143][T14459]  ? __pfx_vfs_read+0x10/0x10
[  817.736175][T14459]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  817.736205][T14459]  ? lockdep_hardirqs_on+0x7a/0x110
[  817.736234][T14459]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  817.736271][T14459]  ? mutex_lock_nested+0x152/0x1d0
[  817.736293][T14459]  ? fdget_pos+0x252/0x320
[  817.736324][T14459]  ksys_read+0x156/0x270
[  817.736362][T14459]  ? __pfx_ksys_read+0x10/0x10
[  817.736403][T14459]  do_syscall_64+0xe2/0xf80
[  817.736432][T14459]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  817.736453][T14459]  ? trace_irq_disable+0x37/0x100
[  817.736483][T14459]  ? clear_bhb_loop+0x60/0xb0
[  817.736510][T14459]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  817.736532][T14459] RIP: 0033:0x7fe9e5acb78e
[  817.736554][T14459] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  817.736574][T14459] RSP: 002b:00007fe9e3d65fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  817.736598][T14459] RAX: ffffffffffffffda RBX: 00007fe9e3d666c0 RCX: 00007fe9e5acb78e
[  817.736615][T14459] RDX: 000000000000000f RSI: 00007fe9e3d660a0 RDI: 0000000000000006
[  817.736629][T14459] RBP: 00007fe9e3d66090 R08: 0000000000000000 R09: 0000000000000000
[  817.736643][T14459] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  817.736657][T14459] R13: 00007fe9e5d86038 R14: 00007fe9e5d85fa0 R15: 00007ffc524e4038
[  817.736695][T14459]  </TASK>
[  818.129863][T14466] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x6
[  818.973822][T14489] FAULT_INJECTION: forcing a failure.
[  818.973822][T14489] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  818.973859][T14489] CPU: 0 UID: 0 PID: 14489 Comm: syz.5.2852 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  818.973884][T14489] Tainted: [L]=SOFTLOCKUP
[  818.973891][T14489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  818.973903][T14489] Call Trace:
[  818.973910][T14489]  <TASK>
[  818.973919][T14489]  dump_stack_lvl+0xe8/0x150
[  818.973949][T14489]  should_fail_ex+0x46b/0x600
[  818.973974][T14489]  _copy_from_user+0x2d/0xb0
[  818.974000][T14489]  do_sock_getsockopt+0x165/0x3f0
[  818.974024][T14489]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  818.974043][T14489]  ? __fget_files+0x3a6/0x420
[  818.974059][T14489]  ? __fget_files+0x2a/0x420
[  818.974081][T14489]  __x64_sys_getsockopt+0x1aa/0x250
[  818.974107][T14489]  do_syscall_64+0xe2/0xf80
[  818.974132][T14489]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  818.974150][T14489]  ? trace_irq_disable+0x37/0x100
[  818.974174][T14489]  ? clear_bhb_loop+0x60/0xb0
[  818.974197][T14489]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  818.974214][T14489] RIP: 0033:0x7fe47b28aeb9
[  818.974231][T14489] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  818.974255][T14489] RSP: 002b:00007fe4794e6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  818.974276][T14489] RAX: ffffffffffffffda RBX: 00007fe47b505fa0 RCX: 00007fe47b28aeb9
[  818.974289][T14489] RDX: 0000000000000006 RSI: 0000000000000029 RDI: 0000000000000004
[  818.974325][T14489] RBP: 00007fe4794e6090 R08: 00002000000001c0 R09: 0000000000000000
[  818.974337][T14489] R10: 0000200000000100 R11: 0000000000000246 R12: 0000000000000001
[  818.974349][T14489] R13: 00007fe47b506038 R14: 00007fe47b505fa0 R15: 00007ffde62da018
[  818.974376][T14489]  </TASK>
[  821.731577][T14067] 8021q: adding VLAN 0 to HW filter on device batadv0
[  821.859390][T14517] FAULT_INJECTION: forcing a failure.
[  821.859390][T14517] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  821.859429][T14517] CPU: 0 UID: 0 PID: 14517 Comm: syz.0.2860 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  821.859459][T14517] Tainted: [L]=SOFTLOCKUP
[  821.859467][T14517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  821.859481][T14517] Call Trace:
[  821.859490][T14517]  <TASK>
[  821.859500][T14517]  dump_stack_lvl+0xe8/0x150
[  821.859537][T14517]  should_fail_ex+0x46b/0x600
[  821.859569][T14517]  _copy_to_user+0x31/0xb0
[  821.859602][T14517]  simple_read_from_buffer+0xe1/0x170
[  821.859639][T14517]  proc_fail_nth_read+0x1be/0x230
[  821.859672][T14517]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  821.859703][T14517]  ? rw_verify_area+0x2ac/0x4e0
[  821.859730][T14517]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  821.859760][T14517]  vfs_read+0x212/0xa70
[  821.859797][T14517]  ? __pfx_vfs_read+0x10/0x10
[  821.859827][T14517]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  821.859858][T14517]  ? lockdep_hardirqs_on+0x7a/0x110
[  821.859887][T14517]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  821.859917][T14517]  ? mutex_lock_nested+0x152/0x1d0
[  821.859938][T14517]  ? fdget_pos+0x252/0x320
[  821.859978][T14517]  ksys_read+0x156/0x270
[  821.860008][T14517]  ? __pfx_ksys_read+0x10/0x10
[  821.860049][T14517]  do_syscall_64+0xe2/0xf80
[  821.860079][T14517]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  821.860101][T14517]  ? trace_irq_disable+0x37/0x100
[  821.860131][T14517]  ? clear_bhb_loop+0x60/0xb0
[  821.860158][T14517]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  821.860180][T14517] RIP: 0033:0x7fb1c7a1b78e
[  821.860201][T14517] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  821.860222][T14517] RSP: 002b:00007fb1c5cb5fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  821.860245][T14517] RAX: ffffffffffffffda RBX: 00007fb1c5cb66c0 RCX: 00007fb1c7a1b78e
[  821.860262][T14517] RDX: 000000000000000f RSI: 00007fb1c5cb60a0 RDI: 0000000000000003
[  821.860277][T14517] RBP: 00007fb1c5cb6090 R08: 0000000000000000 R09: 0000000000000000
[  821.860292][T14517] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  821.860306][T14517] R13: 00007fb1c7cd6038 R14: 00007fb1c7cd5fa0 R15: 00007ffcd42c6ba8
[  821.860343][T14517]  </TASK>
[  823.223424][T14538] FAULT_INJECTION: forcing a failure.
[  823.223424][T14538] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  823.223467][T14538] CPU: 1 UID: 0 PID: 14538 Comm: syz.3.2866 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  823.223498][T14538] Tainted: [L]=SOFTLOCKUP
[  823.223507][T14538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  823.223521][T14538] Call Trace:
[  823.223531][T14538]  <TASK>
[  823.223542][T14538]  dump_stack_lvl+0xe8/0x150
[  823.223580][T14538]  should_fail_ex+0x46b/0x600
[  823.223610][T14538]  _copy_from_user+0x2d/0xb0
[  823.223641][T14538]  sk_setsockopt+0x2b3/0x2bb0
[  823.223686][T14538]  ? sb_end_write+0xe9/0x1c0
[  823.223729][T14538]  ? __pfx_sk_setsockopt+0x10/0x10
[  823.223769][T14538]  ? __pfx_vfs_write+0x10/0x10
[  823.223794][T14538]  ? lockdep_hardirqs_on+0x7a/0x110
[  823.223825][T14538]  ? do_sys_openat2+0x168/0x220
[  823.223846][T14538]  ? kmem_cache_free+0x18d/0x8c0
[  823.223877][T14538]  ? do_sys_openat2+0x168/0x220
[  823.223914][T14538]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  823.223949][T14538]  do_sock_setsockopt+0x11b/0x1b0
[  823.223977][T14538]  __x64_sys_setsockopt+0x143/0x1b0
[  823.224006][T14538]  do_syscall_64+0xe2/0xf80
[  823.224036][T14538]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  823.224057][T14538]  ? trace_irq_disable+0x37/0x100
[  823.224087][T14538]  ? clear_bhb_loop+0x60/0xb0
[  823.224114][T14538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  823.224136][T14538] RIP: 0033:0x7fe9e5b0aeb9
[  823.224156][T14538] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  823.224175][T14538] RSP: 002b:00007fe9e3d66028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  823.224198][T14538] RAX: ffffffffffffffda RBX: 00007fe9e5d85fa0 RCX: 00007fe9e5b0aeb9
[  823.224214][T14538] RDX: 000000000000004a RSI: 0000000000000001 RDI: 0000000000000003
[  823.224227][T14538] RBP: 00007fe9e3d66090 R08: 0000000000000004 R09: 0000000000000000
[  823.224242][T14538] R10: 0000200000000500 R11: 0000000000000246 R12: 0000000000000001
[  823.224257][T14538] R13: 00007fe9e5d86038 R14: 00007fe9e5d85fa0 R15: 00007ffc524e4038
[  823.224293][T14538]  </TASK>
[  823.271947][   T31] usb 1-1: new high-speed USB device number 79 using dummy_hcd
[  823.427648][ T5874] usb 6-1: new high-speed USB device number 54 using dummy_hcd
[  823.466122][   T31] usb 1-1: Using ep0 maxpacket: 32
[  823.501184][   T31] usb 1-1: config 1 interface 0 altsetting 11 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  823.501223][   T31] usb 1-1: config 1 interface 0 has no altsetting 0
[  823.504418][   T31] usb 1-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.40
[  823.504452][   T31] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  823.504473][   T31] usb 1-1: Product: 㠁
[  823.504490][   T31] usb 1-1: Manufacturer: ␁
[  823.504506][   T31] usb 1-1: SerialNumber: syz
[  823.680610][ T5874] usb 6-1: Using ep0 maxpacket: 32
[  823.702211][ T5874] usb 6-1: config 1 interface 0 altsetting 11 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  823.702252][ T5874] usb 6-1: config 1 interface 0 has no altsetting 0
[  823.743165][ T5874] usb 6-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.40
[  823.743200][ T5874] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  823.743223][ T5874] usb 6-1: Product: 㠁
[  823.743239][ T5874] usb 6-1: Manufacturer: ␁
[  823.743255][ T5874] usb 6-1: SerialNumber: syz
[  823.942290][   T31] usbhid 1-1:1.0: can't add hid device: -71
[  823.942433][   T31] usbhid 1-1:1.0: probe with driver usbhid failed with error -71
[  823.970805][   T31] usb 1-1: USB disconnect, device number 79
[  824.132395][ T5874] usbhid 6-1:1.0: can't add hid device: -71
[  824.132541][ T5874] usbhid 6-1:1.0: probe with driver usbhid failed with error -71
[  824.157899][ T5874] usb 6-1: USB disconnect, device number 54
[  824.250958][T14067] veth0_vlan: entered promiscuous mode
[  824.297922][T14067] veth1_vlan: entered promiscuous mode
[  824.386698][T14067] veth0_macvtap: entered promiscuous mode
[  824.421760][T14067] veth1_macvtap: entered promiscuous mode
[  824.524825][T14552] FAULT_INJECTION: forcing a failure.
[  824.524825][T14552] name failslab, interval 1, probability 0, space 0, times 0
[  824.524863][T14552] CPU: 0 UID: 0 PID: 14552 Comm: syz.3.2870 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  824.524891][T14552] Tainted: [L]=SOFTLOCKUP
[  824.524899][T14552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  824.524912][T14552] Call Trace:
[  824.524921][T14552]  <TASK>
[  824.524931][T14552]  dump_stack_lvl+0xe8/0x150
[  824.524968][T14552]  should_fail_ex+0x46b/0x600
[  824.524997][T14552]  should_failslab+0xa8/0x100
[  824.525032][T14552]  __kmalloc_noprof+0xdf/0x7c0
[  824.525068][T14552]  ? kfree+0x4d/0x8f0
[  824.525093][T14552]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  824.525127][T14552]  tomoyo_realpath_from_path+0xe3/0x5d0
[  824.525153][T14552]  ? tomoyo_domain+0xd8/0x130
[  824.525181][T14552]  ? tomoyo_path_number_perm+0x219/0x630
[  824.525212][T14552]  tomoyo_path_number_perm+0x246/0x630
[  824.525245][T14552]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  824.525275][T14552]  ? __lock_acquire+0x6b5/0x2cf0
[  824.525302][T14552]  ? do_raw_spin_lock+0x12b/0x2f0
[  824.525372][T14552]  ? __fget_files+0x2a/0x420
[  824.525395][T14552]  ? __fget_files+0x2a/0x420
[  824.525413][T14552]  ? __fget_files+0x3a6/0x420
[  824.525432][T14552]  ? __fget_files+0x2a/0x420
[  824.525457][T14552]  security_file_ioctl+0xc3/0x2a0
[  824.525491][T14552]  __se_sys_ioctl+0x47/0x170
[  824.525521][T14552]  do_syscall_64+0xe2/0xf80
[  824.525550][T14552]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  824.525570][T14552]  ? trace_irq_disable+0x37/0x100
[  824.525597][T14552]  ? clear_bhb_loop+0x60/0xb0
[  824.525624][T14552]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  824.525645][T14552] RIP: 0033:0x7fe9e5b0aeb9
[  824.525667][T14552] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  824.525686][T14552] RSP: 002b:00007fe9e3d66028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  824.525708][T14552] RAX: ffffffffffffffda RBX: 00007fe9e5d85fa0 RCX: 00007fe9e5b0aeb9
[  824.525724][T14552] RDX: 0000000000000000 RSI: 00000000c028aa03 RDI: 0000000000000003
[  824.525738][T14552] RBP: 00007fe9e3d66090 R08: 0000000000000000 R09: 0000000000000000
[  824.525752][T14552] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  824.525765][T14552] R13: 00007fe9e5d86038 R14: 00007fe9e5d85fa0 R15: 00007ffc524e4038
[  824.526005][T14552]  </TASK>
[  824.597823][T14552] ERROR: Out of memory at tomoyo_realpath_from_path.
[  824.626997][T14067] batman_adv: batadv0: Interface activated: batadv_slave_0
[  824.798665][T14067] batman_adv: batadv0: Interface activated: batadv_slave_1
[  824.910325][ T2331] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  824.910876][ T2331] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  824.911161][ T2331] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  824.916202][ T2331] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  825.538158][ T9092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  825.538180][ T9092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  825.743193][ T8782] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  825.743220][ T8782] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  828.014731][ T1127] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[  829.128670][ T1127] usb 2-1: Using ep0 maxpacket: 16
[  830.932285][ T1127] usb 2-1: device descriptor read/all, error -71
[  832.290873][T13032] usb 1-1: new high-speed USB device number 80 using dummy_hcd
[  832.463533][T13032] usb 1-1: Using ep0 maxpacket: 8
[  832.481891][T13032] usb 1-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  832.481926][T13032] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  832.481948][T13032] usb 1-1: Product: syz
[  832.481964][T13032] usb 1-1: Manufacturer: syz
[  832.481981][T13032] usb 1-1: SerialNumber: syz
[  832.538925][T13032] usb 1-1: config 0 descriptor??
[  832.544483][T13032] gspca_main: se401-2.14.0 probing 047d:5003
[  833.451201][T14636] netlink: 52 bytes leftover after parsing attributes in process `syz.0.2892'.
[  833.754775][T13032] gspca_se401: write req failed req 0x57 val 0x00 error -71
[  833.754881][T13032] se401 1-1:0.0: probe with driver se401 failed with error -71
[  833.799243][T13032] usb 1-1: USB disconnect, device number 80
[  833.920913][T14661] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2897'.
[  833.921102][T14661] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2897'.
[  833.921256][T14661] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2897'.
[  833.936074][T14661] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2897'.
[  833.936565][T14661] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2897'.
[  833.936997][T14661] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2897'.
[  833.937421][T14661] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2897'.
[  833.937811][T14661] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2897'.
[  833.938235][T14661] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2897'.
[  834.671972][ T5874] usb 1-1: new high-speed USB device number 81 using dummy_hcd
[  834.829787][ T5874] usb 1-1: config index 0 descriptor too short (expected 65208, got 68)
[  834.829823][ T5874] usb 1-1: config 1 has an invalid descriptor of length 9, skipping remainder of the config
[  834.829890][ T5874] usb 1-1: config 1 interface 0 altsetting 0 has 5 endpoint descriptors, different from the interface descriptor's value: 6
[  834.833157][ T5874] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  834.833192][ T5874] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  834.833215][ T5874] usb 1-1: Product: syz
[  834.833230][ T5874] usb 1-1: Manufacturer: syz
[  834.833246][ T5874] usb 1-1: SerialNumber: syz
[  834.930865][ T5874] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  834.958141][ T6740] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  835.188231][T14679] FAULT_INJECTION: forcing a failure.
[  835.188231][T14679] name failslab, interval 1, probability 0, space 0, times 0
[  835.188267][T14679] CPU: 1 UID: 0 PID: 14679 Comm: syz.0.2902 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  835.188293][T14679] Tainted: [L]=SOFTLOCKUP
[  835.188300][T14679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  835.188312][T14679] Call Trace:
[  835.188320][T14679]  <TASK>
[  835.188328][T14679]  dump_stack_lvl+0xe8/0x150
[  835.188360][T14679]  should_fail_ex+0x46b/0x600
[  835.188383][T14679]  ? getname_flags+0xb7/0x540
[  835.188411][T14679]  should_failslab+0xa8/0x100
[  835.188438][T14679]  ? getname_flags+0xb7/0x540
[  835.188463][T14679]  kmem_cache_alloc_noprof+0x83/0x6a0
[  835.188486][T14679]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  835.188512][T14679]  ? lockdep_hardirqs_on+0x7a/0x110
[  835.188541][T14679]  getname_flags+0xb7/0x540
[  835.188571][T14679]  do_sys_openat2+0xca/0x220
[  835.188592][T14679]  ? __pfx_do_sys_openat2+0x10/0x10
[  835.188610][T14679]  ? ksys_write+0x248/0x270
[  835.188635][T14679]  ? __pfx_ksys_write+0x10/0x10
[  835.188660][T14679]  __x64_sys_openat+0x138/0x170
[  835.188682][T14679]  do_syscall_64+0xe2/0xf80
[  835.188709][T14679]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  835.188727][T14679]  ? trace_irq_disable+0x37/0x100
[  835.188751][T14679]  ? clear_bhb_loop+0x60/0xb0
[  835.188773][T14679]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  835.188790][T14679] RIP: 0033:0x7fb1c7a5aeb9
[  835.188807][T14679] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  835.188823][T14679] RSP: 002b:00007fb1c5cb6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  835.188843][T14679] RAX: ffffffffffffffda RBX: 00007fb1c7cd5fa0 RCX: 00007fb1c7a5aeb9
[  835.188856][T14679] RDX: 0000000000028c81 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  835.188869][T14679] RBP: 00007fb1c5cb6090 R08: 0000000000000000 R09: 0000000000000000
[  835.188880][T14679] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  835.188892][T14679] R13: 00007fb1c7cd6038 R14: 00007fb1c7cd5fa0 R15: 00007ffcd42c6ba8
[  835.188919][T14679]  </TASK>
[  835.193528][ T1127] usb 1-1: USB disconnect, device number 81
[  835.405273][ T6740] usb 1-1: ath9k_htc: Unable to allocate URBs
[  835.443840][ T1127] usb 1-1: ath9k_htc: USB layer deinitialized
[  836.510760][   T31] usb 1-1: new high-speed USB device number 82 using dummy_hcd
[  836.653831][   T31] usb 1-1: Using ep0 maxpacket: 16
[  836.680020][   T31] usb 1-1: New USB device found, idVendor=0c45, idProduct=800a, bcdDevice=db.47
[  836.680045][   T31] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  836.680060][   T31] usb 1-1: Product: syz
[  836.680071][   T31] usb 1-1: Manufacturer: syz
[  836.680083][   T31] usb 1-1: SerialNumber: syz
[  836.731894][   T31] usb 1-1: config 0 descriptor??
[  836.753415][   T31] gspca_main: sn9c2028-2.14.0 probing 0c45:800a
[  836.950955][   T31] gspca_sn9c2028: read1 error -32
[  836.952107][   T31] gspca_sn9c2028: read1 error -32
[  837.024673][ T1127] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  837.074350][T14714] FAULT_INJECTION: forcing a failure.
[  837.074350][T14714] name failslab, interval 1, probability 0, space 0, times 0
[  837.074392][T14714] CPU: 0 UID: 0 PID: 14714 Comm: syz.6.2911 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  837.074421][T14714] Tainted: [L]=SOFTLOCKUP
[  837.074430][T14714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  837.074443][T14714] Call Trace:
[  837.074452][T14714]  <TASK>
[  837.074463][T14714]  dump_stack_lvl+0xe8/0x150
[  837.074497][T14714]  should_fail_ex+0x46b/0x600
[  837.074538][T14714]  should_failslab+0xa8/0x100
[  837.074575][T14714]  __kmalloc_cache_noprof+0x83/0x6b0
[  837.074606][T14714]  ? look_up_lock_class+0x57/0x110
[  837.074636][T14714]  ? snd_pcm_oss_change_params_locked+0x175/0x3e00
[  837.074676][T14714]  snd_pcm_oss_change_params_locked+0x175/0x3e00
[  837.074722][T14714]  ? __lock_acquire+0x6b5/0x2cf0
[  837.074751][T14714]  ? _parse_integer_limit+0x1ae/0x1f0
[  837.074784][T14714]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  837.074831][T14714]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  837.074861][T14714]  ? lockdep_hardirqs_on+0x7a/0x110
[  837.074891][T14714]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  837.074920][T14714]  ? mutex_lock_interruptible_nested+0x152/0x1d0
[  837.074942][T14714]  ? snd_pcm_oss_read+0x204/0x8e0
[  837.074973][T14714]  snd_pcm_oss_read+0x276/0x8e0
[  837.075015][T14714]  ? __pfx_snd_pcm_oss_read+0x10/0x10
[  837.075047][T14714]  vfs_read+0x212/0xa70
[  837.075089][T14714]  ? __pfx_vfs_read+0x10/0x10
[  837.075118][T14714]  ? __fget_files+0x2a/0x420
[  837.075140][T14714]  ? __fget_files+0x2a/0x420
[  837.075157][T14714]  ? __fget_files+0x3a6/0x420
[  837.075175][T14714]  ? __fget_files+0x2a/0x420
[  837.075204][T14714]  ksys_read+0x156/0x270
[  837.075234][T14714]  ? __pfx_ksys_read+0x10/0x10
[  837.075277][T14714]  do_syscall_64+0xe2/0xf80
[  837.075306][T14714]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  837.075328][T14714]  ? trace_irq_disable+0x37/0x100
[  837.075355][T14714]  ? clear_bhb_loop+0x60/0xb0
[  837.075382][T14714]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  837.075405][T14714] RIP: 0033:0x7f65fb19aeb9
[  837.075425][T14714] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  837.075445][T14714] RSP: 002b:00007f65f93f6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  837.075470][T14714] RAX: ffffffffffffffda RBX: 00007f65fb415fa0 RCX: 00007f65fb19aeb9
[  837.075487][T14714] RDX: 0000000000001000 RSI: 00002000000002c0 RDI: 0000000000000009
[  837.075502][T14714] RBP: 00007f65f93f6090 R08: 0000000000000000 R09: 0000000000000000
[  837.075517][T14714] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  837.075539][T14714] R13: 00007f65fb416038 R14: 00007f65fb415fa0 R15: 00007ffcbd90a468
[  837.075577][T14714]  </TASK>
[  837.148522][ T1127] usb 4-1: device descriptor read/64, error -71
[  837.434526][ T1127] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  837.567887][ T1127] usb 4-1: device descriptor read/64, error -71
[  837.672630][ T1127] usb usb4-port1: attempt power cycle
[  837.996050][ T1127] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  838.016180][ T1127] usb 4-1: device descriptor read/8, error -71
[  838.243794][ T1127] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[  838.263528][ T1127] usb 4-1: device descriptor read/8, error -71
[  838.368149][ T1127] usb usb4-port1: unable to enumerate USB device
[  838.510425][ T6740] usb 6-1: new high-speed USB device number 55 using dummy_hcd
[  838.655689][ T6740] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  838.655734][ T6740] usb 6-1: New USB device found, idVendor=050d, idProduct=011b, bcdDevice=6f.a4
[  838.655797][ T6740] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  838.697046][ T6740] usb 6-1: config 0 descriptor??
[  838.898949][T14732] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  838.899399][T14732] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  838.900500][T14727] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  838.912219][T14727] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  838.949287][T14732] __nla_validate_parse: 11 callbacks suppressed
[  838.949316][T14732] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2913'.
[  838.952620][T14733] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2913'.
[  839.061714][T14732] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  839.884214][ T1127] usb 1-1: USB disconnect, device number 82
[  840.068724][   T31] usb 6-1: USB disconnect, device number 55
[  841.473056][ T1127] usb 1-1: new high-speed USB device number 83 using dummy_hcd
[  841.699860][ T1127] usb 1-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  841.699897][ T1127] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  841.699919][ T1127] usb 1-1: Product: syz
[  841.699936][ T1127] usb 1-1: Manufacturer: syz
[  841.699952][ T1127] usb 1-1: SerialNumber: syz
[  841.777415][ T1127] usb 1-1: config 0 descriptor??
[  841.785884][ T1127] i2c-tiny-usb 1-1:0.0: version 6d.cc found at bus 001 address 083
[  841.981364][T14783] FAULT_INJECTION: forcing a failure.
[  841.981364][T14783] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  841.981407][T14783] CPU: 1 UID: 0 PID: 14783 Comm: syz.3.2932 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  841.981441][T14783] Tainted: [L]=SOFTLOCKUP
[  841.981449][T14783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  841.981463][T14783] Call Trace:
[  841.981472][T14783]  <TASK>
[  841.981483][T14783]  dump_stack_lvl+0xe8/0x150
[  841.981520][T14783]  should_fail_ex+0x46b/0x600
[  841.981550][T14783]  _copy_from_user+0x2d/0xb0
[  841.981581][T14783]  ___sys_sendmsg+0x1c6/0x360
[  841.981604][T14783]  ? __lock_acquire+0x6b5/0x2cf0
[  841.981634][T14783]  ? __pfx____sys_sendmsg+0x10/0x10
[  841.981697][T14783]  ? __fget_files+0x2a/0x420
[  841.981716][T14783]  ? __fget_files+0x3a6/0x420
[  841.981748][T14783]  __x64_sys_sendmsg+0x1c3/0x2a0
[  841.981774][T14783]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  841.981809][T14783]  ? __pfx_ksys_write+0x10/0x10
[  841.981850][T14783]  do_syscall_64+0xe2/0xf80
[  841.981879][T14783]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  841.981900][T14783]  ? trace_irq_disable+0x37/0x100
[  841.981928][T14783]  ? clear_bhb_loop+0x60/0xb0
[  841.981955][T14783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  841.981977][T14783] RIP: 0033:0x7fe9e5b0aeb9
[  841.981998][T14783] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  841.982017][T14783] RSP: 002b:00007fe9e3d66028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  841.982041][T14783] RAX: ffffffffffffffda RBX: 00007fe9e5d85fa0 RCX: 00007fe9e5b0aeb9
[  841.982058][T14783] RDX: 0000000020000081 RSI: 0000200000000780 RDI: 0000000000000003
[  841.982074][T14783] RBP: 00007fe9e3d66090 R08: 0000000000000000 R09: 0000000000000000
[  841.982088][T14783] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  841.982102][T14783] R13: 00007fe9e5d86038 R14: 00007fe9e5d85fa0 R15: 00007ffc524e4038
[  841.982146][T14783]  </TASK>
[  842.092120][ T6740] usb 2-1: new full-speed USB device number 72 using dummy_hcd
[  842.266526][T14770] netlink: 'syz.0.2924': attribute type 10 has an invalid length.
[  842.329250][ T6740] usb 2-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  842.402727][ T6740] usb 2-1: New USB device found, idVendor=1965, idProduct=0018, bcdDevice=d9.4d
[  842.402763][ T6740] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  842.402785][ T6740] usb 2-1: Product: syz
[  842.402800][ T6740] usb 2-1: Manufacturer: syz
[  842.402815][ T6740] usb 2-1: SerialNumber: syz
[  842.726919][T14781] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  842.727548][T14781] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  842.779078][ T5874] usb 2-1: USB disconnect, device number 72
[  844.421694][ T1127] i2c i2c-1: failure reading functionality
[  844.541348][ T1127] i2c i2c-1: connected i2c-tiny-usb device
[  844.544398][ T1127] usb 1-1: USB disconnect, device number 83
[  845.973404][T14812] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  845.973437][T14812] CIFS mount error: No usable UNC path provided in device string!
[  845.973437][T14812] 
[  845.973729][T14812] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  846.493107][T14812] warning: `syz.0.2942' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  846.524971][T14808] FAULT_INJECTION: forcing a failure.
[  846.524971][T14808] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  846.525022][T14808] CPU: 0 UID: 0 PID: 14808 Comm: syz.3.2941 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  846.525053][T14808] Tainted: [L]=SOFTLOCKUP
[  846.525062][T14808] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  846.525077][T14808] Call Trace:
[  846.525086][T14808]  <TASK>
[  846.525097][T14808]  dump_stack_lvl+0xe8/0x150
[  846.525134][T14808]  should_fail_ex+0x46b/0x600
[  846.525164][T14808]  _copy_from_user+0x2d/0xb0
[  846.525196][T14808]  ucma_write+0x166/0x2f0
[  846.525233][T14808]  ? __pfx_ucma_write+0x10/0x10
[  846.525269][T14808]  ? rw_verify_area+0x25b/0x4e0
[  846.525297][T14808]  ? __pfx_ucma_write+0x10/0x10
[  846.525331][T14808]  vfs_write+0x2a3/0xba0
[  846.525368][T14808]  ? __pfx_vfs_write+0x10/0x10
[  846.525398][T14808]  ? __fget_files+0x2a/0x420
[  846.525422][T14808]  ? __fget_files+0x2a/0x420
[  846.525441][T14808]  ? __fget_files+0x3a6/0x420
[  846.525460][T14808]  ? __fget_files+0x2a/0x420
[  846.525489][T14808]  ksys_write+0x156/0x270
[  846.525520][T14808]  ? __pfx_ksys_write+0x10/0x10
[  846.525561][T14808]  do_syscall_64+0xe2/0xf80
[  846.525591][T14808]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  846.525613][T14808]  ? trace_irq_disable+0x37/0x100
[  846.525642][T14808]  ? clear_bhb_loop+0x60/0xb0
[  846.525670][T14808]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  846.525692][T14808] RIP: 0033:0x7fe9e5b0aeb9
[  846.525713][T14808] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  846.525733][T14808] RSP: 002b:00007fe9e3d66028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  846.525757][T14808] RAX: ffffffffffffffda RBX: 00007fe9e5d85fa0 RCX: 00007fe9e5b0aeb9
[  846.525775][T14808] RDX: 0000000000000090 RSI: 00002000000000c0 RDI: 0000000000000004
[  846.525790][T14808] RBP: 00007fe9e3d66090 R08: 0000000000000000 R09: 0000000000000000
[  846.525805][T14808] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  846.525820][T14808] R13: 00007fe9e5d86038 R14: 00007fe9e5d85fa0 R15: 00007ffc524e4038
[  846.525857][T14808]  </TASK>
[  847.153770][T14817] FAULT_INJECTION: forcing a failure.
[  847.153770][T14817] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  847.153813][T14817] CPU: 1 UID: 0 PID: 14817 Comm: syz.3.2945 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  847.153844][T14817] Tainted: [L]=SOFTLOCKUP
[  847.153852][T14817] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  847.153865][T14817] Call Trace:
[  847.153875][T14817]  <TASK>
[  847.153886][T14817]  dump_stack_lvl+0xe8/0x150
[  847.153923][T14817]  should_fail_ex+0x46b/0x600
[  847.153953][T14817]  _copy_from_user+0x2d/0xb0
[  847.153983][T14817]  ___sys_sendmsg+0x1c6/0x360
[  847.154006][T14817]  ? __lock_acquire+0x6b5/0x2cf0
[  847.154045][T14817]  ? __pfx____sys_sendmsg+0x10/0x10
[  847.154107][T14817]  ? __fget_files+0x2a/0x420
[  847.154126][T14817]  ? __fget_files+0x3a6/0x420
[  847.154161][T14817]  __x64_sys_sendmsg+0x1c3/0x2a0
[  847.154182][T14817]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  847.154207][T14817]  ? __pfx_ksys_write+0x10/0x10
[  847.154236][T14817]  do_syscall_64+0xe2/0xf80
[  847.154259][T14817]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  847.154275][T14817]  ? trace_irq_disable+0x37/0x100
[  847.154297][T14817]  ? clear_bhb_loop+0x60/0xb0
[  847.154317][T14817]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  847.154333][T14817] RIP: 0033:0x7fe9e5b0aeb9
[  847.154348][T14817] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  847.154363][T14817] RSP: 002b:00007fe9e3d66028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  847.154380][T14817] RAX: ffffffffffffffda RBX: 00007fe9e5d85fa0 RCX: 00007fe9e5b0aeb9
[  847.154392][T14817] RDX: 0000000000000000 RSI: 00002000000006c0 RDI: 0000000000000003
[  847.154403][T14817] RBP: 00007fe9e3d66090 R08: 0000000000000000 R09: 0000000000000000
[  847.154414][T14817] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  847.154423][T14817] R13: 00007fe9e5d86038 R14: 00007fe9e5d85fa0 R15: 00007ffc524e4038
[  847.154448][T14817]  </TASK>
[  847.425823][T14819] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2940'.
[  848.092523][   T31] usb 1-1: new high-speed USB device number 84 using dummy_hcd
[  848.425695][T14841] random: crng reseeded on system resumption
[  848.919401][   T31] usb 1-1: Using ep0 maxpacket: 16
[  848.978806][   T31] usb 1-1: New USB device found, idVendor=0c45, idProduct=800a, bcdDevice=db.47
[  848.978831][   T31] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  848.978846][   T31] usb 1-1: Product: syz
[  848.978857][   T31] usb 1-1: Manufacturer: syz
[  848.978868][   T31] usb 1-1: SerialNumber: syz
[  848.982560][   T31] usb 1-1: config 0 descriptor??
[  849.078102][   T31] gspca_main: sn9c2028-2.14.0 probing 0c45:800a
[  849.292091][   T31] gspca_sn9c2028: read1 error -32
[  849.319438][   T31] gspca_sn9c2028: read1 error -32
[  849.334713][   T31] gspca_sn9c2028: read1 error 0
[  849.334782][   T31] sn9c2028 1-1:0.0: probe with driver sn9c2028 failed with error -5
[  852.030204][   T31] usb 1-1: USB disconnect, device number 84
[  853.237535][T14881] FAULT_INJECTION: forcing a failure.
[  853.237535][T14881] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  853.237575][T14881] CPU: 0 UID: 0 PID: 14881 Comm: syz.1.2962 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  853.237604][T14881] Tainted: [L]=SOFTLOCKUP
[  853.237613][T14881] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  853.237626][T14881] Call Trace:
[  853.237635][T14881]  <TASK>
[  853.237644][T14881]  dump_stack_lvl+0xe8/0x150
[  853.237682][T14881]  should_fail_ex+0x46b/0x600
[  853.237711][T14881]  _copy_from_user+0x2d/0xb0
[  853.237742][T14881]  ___sys_recvmsg+0x175/0x590
[  853.237766][T14881]  ? get_pid_task+0x20/0x1f0
[  853.237792][T14881]  ? get_pid_task+0x20/0x1f0
[  853.237823][T14881]  ? __pfx____sys_recvmsg+0x10/0x10
[  853.237851][T14881]  ? __fget_files+0x2a/0x420
[  853.237888][T14881]  ? __fget_files+0x3a6/0x420
[  853.237918][T14881]  __x64_sys_recvmsg+0x1c0/0x2a0
[  853.237944][T14881]  ? __pfx___x64_sys_recvmsg+0x10/0x10
[  853.237979][T14881]  ? __pfx_ksys_write+0x10/0x10
[  853.238019][T14881]  do_syscall_64+0xe2/0xf80
[  853.238048][T14881]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  853.238069][T14881]  ? trace_irq_disable+0x37/0x100
[  853.238098][T14881]  ? clear_bhb_loop+0x60/0xb0
[  853.238126][T14881]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  853.238147][T14881] RIP: 0033:0x7f00d6afaeb9
[  853.238168][T14881] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  853.238188][T14881] RSP: 002b:00007f00d4d35028 EFLAGS: 00000246 ORIG_RAX: 000000000000002f
[  853.238212][T14881] RAX: ffffffffffffffda RBX: 00007f00d6d76090 RCX: 00007f00d6afaeb9
[  853.238229][T14881] RDX: 0000000040000002 RSI: 0000200000000140 RDI: 0000000000000003
[  853.238244][T14881] RBP: 00007f00d4d35090 R08: 0000000000000000 R09: 0000000000000000
[  853.238260][T14881] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  853.238274][T14881] R13: 00007f00d6d76128 R14: 00007f00d6d76090 R15: 00007ffe4955c2b8
[  853.238311][T14881]  </TASK>
[  854.941464][T14890] FAULT_INJECTION: forcing a failure.
[  854.941464][T14890] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  854.941505][T14890] CPU: 1 UID: 0 PID: 14890 Comm: syz.3.2964 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  854.941536][T14890] Tainted: [L]=SOFTLOCKUP
[  854.941545][T14890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  854.941559][T14890] Call Trace:
[  854.941568][T14890]  <TASK>
[  854.941578][T14890]  dump_stack_lvl+0xe8/0x150
[  854.941616][T14890]  should_fail_ex+0x46b/0x600
[  854.941647][T14890]  _copy_from_user+0x2d/0xb0
[  854.941678][T14890]  __sys_sendto+0x2ab/0x7d0
[  854.941723][T14890]  ? __pfx___sys_sendto+0x10/0x10
[  854.941786][T14890]  ? ksys_write+0x248/0x270
[  854.941818][T14890]  ? __pfx_ksys_write+0x10/0x10
[  854.941852][T14890]  __x64_sys_sendto+0xde/0x100
[  854.941888][T14890]  do_syscall_64+0xe2/0xf80
[  854.941919][T14890]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.941941][T14890]  ? trace_irq_disable+0x37/0x100
[  854.941972][T14890]  ? clear_bhb_loop+0x60/0xb0
[  854.942000][T14890]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.942022][T14890] RIP: 0033:0x7fe9e5b0aeb9
[  854.942043][T14890] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  854.942072][T14890] RSP: 002b:00007fe9e3d66028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  854.942096][T14890] RAX: ffffffffffffffda RBX: 00007fe9e5d85fa0 RCX: 00007fe9e5b0aeb9
[  854.942114][T14890] RDX: 000000000000002a RSI: 0000200000000100 RDI: 0000000000000003
[  854.942129][T14890] RBP: 00007fe9e3d66090 R08: 0000200000000200 R09: 0000000000000014
[  854.942144][T14890] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  854.942158][T14890] R13: 00007fe9e5d86038 R14: 00007fe9e5d85fa0 R15: 00007ffc524e4038
[  854.942195][T14890]  </TASK>
[  857.848420][T14919] FAULT_INJECTION: forcing a failure.
[  857.848420][T14919] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  857.848461][T14919] CPU: 0 UID: 0 PID: 14919 Comm: syz.6.2974 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  857.848492][T14919] Tainted: [L]=SOFTLOCKUP
[  857.848501][T14919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  857.848516][T14919] Call Trace:
[  857.848525][T14919]  <TASK>
[  857.848536][T14919]  dump_stack_lvl+0xe8/0x150
[  857.848573][T14919]  should_fail_ex+0x46b/0x600
[  857.848603][T14919]  _copy_from_user+0x2d/0xb0
[  857.848635][T14919]  ___sys_recvmsg+0x175/0x590
[  857.848667][T14919]  ? __pfx____sys_recvmsg+0x10/0x10
[  857.848698][T14919]  ? __fget_files+0x2a/0x420
[  857.848738][T14919]  ? __fget_files+0x3a6/0x420
[  857.848771][T14919]  do_recvmmsg+0x33a/0x800
[  857.848805][T14919]  ? __pfx_do_recvmmsg+0x10/0x10
[  857.848844][T14919]  ? rt_mutex_slowunlock+0x1cb/0x300
[  857.848887][T14919]  __x64_sys_recvmmsg+0x198/0x250
[  857.848917][T14919]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  857.848957][T14919]  do_syscall_64+0xe2/0xf80
[  857.848986][T14919]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  857.849008][T14919]  ? trace_irq_disable+0x37/0x100
[  857.849038][T14919]  ? clear_bhb_loop+0x60/0xb0
[  857.849066][T14919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  857.849088][T14919] RIP: 0033:0x7f65fb19aeb9
[  857.849109][T14919] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  857.849128][T14919] RSP: 002b:00007f65f93f6028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  857.849151][T14919] RAX: ffffffffffffffda RBX: 00007f65fb415fa0 RCX: 00007f65fb19aeb9
[  857.849175][T14919] RDX: 0000000000000001 RSI: 0000200000002740 RDI: 0000000000000003
[  857.849190][T14919] RBP: 00007f65f93f6090 R08: 0000000000000000 R09: 0000000000000000
[  857.849205][T14919] R10: 0000000040000040 R11: 0000000000000246 R12: 0000000000000001
[  857.849220][T14919] R13: 00007f65fb416038 R14: 00007f65fb415fa0 R15: 00007ffcbd90a468
[  857.849257][T14919]  </TASK>
[  858.331613][ T9200] bridge_slave_1: left allmulticast mode
[  858.331646][ T9200] bridge_slave_1: left promiscuous mode
[  858.331945][ T9200] bridge0: port 2(bridge_slave_1) entered disabled state
[  859.855227][ T1127] usb 6-1: new high-speed USB device number 56 using dummy_hcd
[  860.038811][ T9200] bridge_slave_0: left allmulticast mode
[  860.038842][ T9200] bridge_slave_0: left promiscuous mode
[  860.039126][ T9200] bridge0: port 1(bridge_slave_0) entered disabled state
[  860.039806][ T1127] usb 6-1: Using ep0 maxpacket: 8
[  860.042303][ T1127] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  860.042335][ T1127] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  860.042362][ T1127] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  860.042389][ T1127] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  860.042435][ T1127] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  860.042461][ T1127] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  860.357123][ T1127] usb 6-1: GET_CAPABILITIES returned 0
[  860.357178][ T1127] usbtmc 6-1:16.0: can't read capabilities
[  860.583318][   T44] usb 6-1: USB disconnect, device number 56
[  861.062671][T14955] netlink: 'syz.0.2966': attribute type 10 has an invalid length.
[  861.063697][T14959] FAULT_INJECTION: forcing a failure.
[  861.063697][T14959] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  861.063735][T14959] CPU: 1 UID: 0 PID: 14959 Comm: syz.1.2967 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  861.063764][T14959] Tainted: [L]=SOFTLOCKUP
[  861.063772][T14959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  861.063786][T14959] Call Trace:
[  861.063795][T14959]  <TASK>
[  861.063805][T14959]  dump_stack_lvl+0xe8/0x150
[  861.063841][T14959]  should_fail_ex+0x46b/0x600
[  861.063870][T14959]  _copy_from_user+0x2d/0xb0
[  861.063900][T14959]  __sys_connect+0x156/0x450
[  861.063938][T14959]  ? __pfx___sys_connect+0x10/0x10
[  861.063984][T14959]  ? __pfx_ksys_write+0x10/0x10
[  861.064020][T14959]  __x64_sys_connect+0x7a/0x90
[  861.064052][T14959]  do_syscall_64+0xe2/0xf80
[  861.064083][T14959]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.064104][T14959]  ? trace_irq_disable+0x37/0x100
[  861.064133][T14959]  ? clear_bhb_loop+0x60/0xb0
[  861.064160][T14959]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  861.064182][T14959] RIP: 0033:0x7f00d6afaeb9
[  861.064202][T14959] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  861.064221][T14959] RSP: 002b:00007f00d4d56028 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  861.064245][T14959] RAX: ffffffffffffffda RBX: 00007f00d6d75fa0 RCX: 00007f00d6afaeb9
[  861.064261][T14959] RDX: 000000000000001c RSI: 00002000000000c0 RDI: 0000000000000003
[  861.064275][T14959] RBP: 00007f00d4d56090 R08: 0000000000000000 R09: 0000000000000000
[  861.064288][T14959] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  861.064302][T14959] R13: 00007f00d6d76038 R14: 00007f00d6d75fa0 R15: 00007ffe4955c2b8
[  861.064337][T14959]  </TASK>
[  861.301935][T14961] netlink: 'syz.0.2966': attribute type 10 has an invalid length.
[  861.463472][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[  861.463555][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[  861.897395][ T5944] usb 6-1: new high-speed USB device number 57 using dummy_hcd
[  862.098319][ T5944] usb 6-1: config 0 has no interfaces?
[  862.103099][ T5944] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  862.103132][ T5944] usb 6-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  862.103154][ T5944] usb 6-1: Manufacturer: syz
[  862.143022][ T5944] usb 6-1: config 0 descriptor??
[  862.215955][ T9200] bond2 (unregistering): (slave ip6gretap1): Releasing backup interface
[  862.335485][T13032] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[  862.385761][  T809] usb 6-1: USB disconnect, device number 57
[  862.521808][T14990] hfs: can't find a HFS filesystem on dev nullb0
[  862.532062][T13032] usb 2-1: Using ep0 maxpacket: 16
[  862.539296][T13032] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  862.539388][T13032] usb 2-1: config 0 interface 0 has no altsetting 0
[  862.539487][T13032] usb 2-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  862.539993][T13032] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  862.599395][T13032] usb 2-1: config 0 descriptor??
[  862.738068][T15002] FAULT_INJECTION: forcing a failure.
[  862.738068][T15002] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  862.738106][T15002] CPU: 1 UID: 0 PID: 15002 Comm: syz.3.3000 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  862.738133][T15002] Tainted: [L]=SOFTLOCKUP
[  862.738140][T15002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  862.738153][T15002] Call Trace:
[  862.738160][T15002]  <TASK>
[  862.738169][T15002]  dump_stack_lvl+0xe8/0x150
[  862.738202][T15002]  should_fail_ex+0x46b/0x600
[  862.738227][T15002]  _copy_from_user+0x2d/0xb0
[  862.738253][T15002]  __sys_sendto+0x2ab/0x7d0
[  862.738290][T15002]  ? __pfx___sys_sendto+0x10/0x10
[  862.738342][T15002]  ? ksys_write+0x248/0x270
[  862.738368][T15002]  ? __pfx_ksys_write+0x10/0x10
[  862.738397][T15002]  __x64_sys_sendto+0xde/0x100
[  862.738429][T15002]  do_syscall_64+0xe2/0xf80
[  862.738455][T15002]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  862.738473][T15002]  ? trace_irq_disable+0x37/0x100
[  862.738510][T15002]  ? clear_bhb_loop+0x60/0xb0
[  862.738533][T15002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  862.738551][T15002] RIP: 0033:0x7fe9e5b0aeb9
[  862.738569][T15002] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  862.738586][T15002] RSP: 002b:00007fe9e3d66028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  862.738607][T15002] RAX: ffffffffffffffda RBX: 00007fe9e5d85fa0 RCX: 00007fe9e5b0aeb9
[  862.738621][T15002] RDX: 000000000000002a RSI: 0000200000000100 RDI: 0000000000000003
[  862.738633][T15002] RBP: 00007fe9e3d66090 R08: 0000200000000200 R09: 0000000000000014
[  862.738646][T15002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  862.738657][T15002] R13: 00007fe9e5d86038 R14: 00007fe9e5d85fa0 R15: 00007ffc524e4038
[  862.738688][T15002]  </TASK>
[  864.880162][T13032] arvo 0003:1E7D:30D4.0015: item fetching failed at offset 3/5
[  864.880953][T13032] arvo 0003:1E7D:30D4.0015: parse failed
[  864.881031][T13032] arvo 0003:1E7D:30D4.0015: probe with driver arvo failed with error -22
[  865.033000][ T5944] usb 2-1: USB disconnect, device number 73
[  865.407851][T15017] FAULT_INJECTION: forcing a failure.
[  865.407851][T15017] name failslab, interval 1, probability 0, space 0, times 0
[  865.408197][T15017] CPU: 0 UID: 0 PID: 15017 Comm: syz.3.3006 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  865.408329][T15017] Tainted: [L]=SOFTLOCKUP
[  865.408360][T15017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  865.408402][T15017] Call Trace:
[  865.408425][T15017]  <TASK>
[  865.408455][T15017]  dump_stack_lvl+0xe8/0x150
[  865.408546][T15017]  should_fail_ex+0x46b/0x600
[  865.408617][T15017]  should_failslab+0xa8/0x100
[  865.408714][T15017]  __kmalloc_noprof+0xdf/0x7c0
[  865.408803][T15017]  ? kfree+0x4d/0x8f0
[  865.408862][T15017]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  865.408891][T15017]  tomoyo_realpath_from_path+0xe3/0x5d0
[  865.408916][T15017]  ? tomoyo_domain+0xd8/0x130
[  865.408944][T15017]  ? tomoyo_path_number_perm+0x219/0x630
[  865.408998][T15017]  tomoyo_path_number_perm+0x246/0x630
[  865.409085][T15017]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  865.409161][T15017]  ? __lock_acquire+0x6b5/0x2cf0
[  865.409272][T15017]  ? do_raw_spin_lock+0x12b/0x2f0
[  865.409459][T15017]  ? __fget_files+0x2a/0x420
[  865.409524][T15017]  ? __fget_files+0x2a/0x420
[  865.409571][T15017]  ? __fget_files+0x3a6/0x420
[  865.409619][T15017]  ? __fget_files+0x2a/0x420
[  865.409700][T15017]  security_file_ioctl+0xc3/0x2a0
[  865.409811][T15017]  __se_sys_ioctl+0x47/0x170
[  865.409843][T15017]  do_syscall_64+0xe2/0xf80
[  865.409873][T15017]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  865.409904][T15017]  ? trace_irq_disable+0x37/0x100
[  865.409980][T15017]  ? clear_bhb_loop+0x60/0xb0
[  865.410047][T15017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  865.410108][T15017] RIP: 0033:0x7fe9e5b0aeb9
[  865.410162][T15017] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  865.410215][T15017] RSP: 002b:00007fe9e3d66028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  865.410331][T15017] RAX: ffffffffffffffda RBX: 00007fe9e5d85fa0 RCX: 00007fe9e5b0aeb9
[  865.410374][T15017] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  865.410416][T15017] RBP: 00007fe9e3d66090 R08: 0000000000000000 R09: 0000000000000000
[  865.410450][T15017] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  865.410491][T15017] R13: 00007fe9e5d86038 R14: 00007fe9e5d85fa0 R15: 00007ffc524e4038
[  865.410574][T15017]  </TASK>
[  865.410606][T15017] ERROR: Out of memory at tomoyo_realpath_from_path.
[  865.515693][T15022] netlink: 24 bytes leftover after parsing attributes in process `syz.1.3005'.
[  865.807704][  T809] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[  865.954605][  T809] usb 2-1: config 4 has an invalid interface number: 28 but max is 0
[  865.954636][  T809] usb 2-1: config 4 has no interface number 0
[  865.958461][  T809] usb 2-1: New USB device found, idVendor=05ac, idProduct=0245, bcdDevice= a.3a
[  865.958494][  T809] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  865.958517][  T809] usb 2-1: Product: syz
[  865.958532][  T809] usb 2-1: Manufacturer: syz
[  865.958548][  T809] usb 2-1: SerialNumber: syz
[  866.008519][  T809] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:4.28/input/input69
[  866.882493][T15027] FAULT_INJECTION: forcing a failure.
[  866.882493][T15027] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  866.882815][T15027] CPU: 0 UID: 0 PID: 15027 Comm: syz.3.3007 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  866.882849][T15027] Tainted: [L]=SOFTLOCKUP
[  866.882857][T15027] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  866.882877][T15027] Call Trace:
[  866.882887][T15027]  <TASK>
[  866.882899][T15027]  dump_stack_lvl+0xe8/0x150
[  866.882937][T15027]  should_fail_ex+0x46b/0x600
[  866.882968][T15027]  _copy_from_user+0x2d/0xb0
[  866.883000][T15027]  __sys_sendto+0x2ab/0x7d0
[  866.883042][T15027]  ? __pfx___sys_sendto+0x10/0x10
[  866.883104][T15027]  ? ksys_write+0x248/0x270
[  866.883146][T15027]  ? __pfx_ksys_write+0x10/0x10
[  866.883181][T15027]  __x64_sys_sendto+0xde/0x100
[  866.883220][T15027]  do_syscall_64+0xe2/0xf80
[  866.883251][T15027]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  866.883274][T15027]  ? trace_irq_disable+0x37/0x100
[  866.883303][T15027]  ? clear_bhb_loop+0x60/0xb0
[  866.883330][T15027]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  866.883353][T15027] RIP: 0033:0x7fe9e5b0aeb9
[  866.883374][T15027] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  866.883393][T15027] RSP: 002b:00007fe9e3d66028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  866.883418][T15027] RAX: ffffffffffffffda RBX: 00007fe9e5d85fa0 RCX: 00007fe9e5b0aeb9
[  866.883436][T15027] RDX: 0000000000000001 RSI: 0000200000000300 RDI: 0000000000000004
[  866.883451][T15027] RBP: 00007fe9e3d66090 R08: 00002000000003c0 R09: 000000000000001c
[  866.883467][T15027] R10: 0000000004048016 R11: 0000000000000246 R12: 0000000000000001
[  866.883482][T15027] R13: 00007fe9e5d86038 R14: 00007fe9e5d85fa0 R15: 00007ffc524e4038
[  866.883519][T15027]  </TASK>
[  867.070668][T13032] usb 6-1: new high-speed USB device number 58 using dummy_hcd
[  867.306567][T13032] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  867.306603][T13032] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  867.321806][T13032] usb 6-1: config 0 descriptor??
[  867.396322][T13032] cp210x 6-1:0.0: cp210x converter detected
[  867.621682][T13032] usb 6-1: cp210x converter now attached to ttyUSB0
[  868.365111][ T5874] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  868.517834][ T5874] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  868.517868][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  868.525320][ T5874] usb 4-1: config 0 descriptor??
[  868.602590][ T5874] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  869.110003][ T9200] bond1 (unregistering): (slave bridge1): Releasing active interface
[  869.345496][ T5944] usb 6-1: USB disconnect, device number 58
[  869.369871][ T5944] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  869.378847][ T5944] cp210x 6-1:0.0: device disconnected
[  869.648466][ T9200] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  869.742304][ T9200] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  869.777455][ T9200] bond0 (unregistering): Released all slaves
[  869.795683][ T9200] bond1 (unregistering): Released all slaves
[  869.861802][ T9200] bond2 (unregistering): Released all slaves
[  870.078368][   T61] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  870.081627][ T9200] bond3 (unregistering): Released all slaves
[  870.117320][   T61] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  870.119504][   T61] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  870.160466][   T61] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  870.162284][   T61] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  870.240901][ T9200] bond4 (unregistering): Released all slaves
[  870.407306][T15050] FAULT_INJECTION: forcing a failure.
[  870.407306][T15050] name failslab, interval 1, probability 0, space 0, times 0
[  870.407368][T15050] CPU: 1 UID: 0 PID: 15050 Comm: syz.5.3012 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  870.407401][T15050] Tainted: [L]=SOFTLOCKUP
[  870.407407][T15050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  870.407418][T15050] Call Trace:
[  870.407443][T15050]  <TASK>
[  870.407454][T15050]  dump_stack_lvl+0xe8/0x150
[  870.407492][T15050]  should_fail_ex+0x46b/0x600
[  870.407522][T15050]  should_failslab+0xa8/0x100
[  870.407556][T15050]  __kmalloc_cache_noprof+0x83/0x6b0
[  870.407588][T15050]  ? __lock_acquire+0x6b5/0x2cf0
[  870.407626][T15050]  ? alloc_pipe_info+0xe8/0x4d0
[  870.407662][T15050]  alloc_pipe_info+0xe8/0x4d0
[  870.407696][T15050]  splice_direct_to_actor+0xa19/0xc80
[  870.407730][T15050]  ? __lock_acquire+0x6b5/0x2cf0
[  870.407758][T15050]  ? kstrtouint+0x6e/0xe0
[  870.407791][T15050]  ? __pfx_direct_splice_actor+0x10/0x10
[  870.407834][T15050]  ? __lock_acquire+0x6b5/0x2cf0
[  870.407858][T15050]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  870.407915][T15050]  do_splice_direct+0x19b/0x2a0
[  870.407952][T15050]  ? __pfx_do_splice_direct+0x10/0x10
[  870.407987][T15050]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  870.408017][T15050]  ? rw_verify_area+0x25b/0x4e0
[  870.408049][T15050]  do_sendfile+0x547/0x7e0
[  870.408069][T15050]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  870.408108][T15050]  ? __pfx_do_sendfile+0x10/0x10
[  870.408144][T15050]  __se_sys_sendfile64+0x144/0x1a0
[  870.408177][T15050]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  870.408224][T15050]  do_syscall_64+0xe2/0xf80
[  870.408254][T15050]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  870.408275][T15050]  ? trace_irq_disable+0x37/0x100
[  870.408304][T15050]  ? clear_bhb_loop+0x60/0xb0
[  870.408332][T15050]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  870.408355][T15050] RIP: 0033:0x7fe47b28aeb9
[  870.408376][T15050] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  870.408396][T15050] RSP: 002b:00007fe4794e6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  870.408420][T15050] RAX: ffffffffffffffda RBX: 00007fe47b505fa0 RCX: 00007fe47b28aeb9
[  870.408437][T15050] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000003
[  870.408450][T15050] RBP: 00007fe4794e6090 R08: 0000000000000000 R09: 0000000000000000
[  870.408465][T15050] R10: 4000000000000007 R11: 0000000000000246 R12: 0000000000000001
[  870.408480][T15050] R13: 00007fe47b506038 R14: 00007fe47b505fa0 R15: 00007ffde62da018
[  870.408516][T15050]  </TASK>
[  870.831268][ T5154] bcm5974 2-1:4.28: could not read from device
[  870.933264][ T5154] bcm5974 2-1:4.28: could not read from device
[  871.088206][ T5154] bcm5974 2-1:4.28: could not read from device
[  871.153004][ T5154] bcm5974 2-1:4.28: could not read from device
[  871.233164][T14991] bcm5974 2-1:4.28: could not read from device
[  871.469103][ T5154] bcm5974 2-1:4.28: could not read from device
[  871.584078][T14991] bcm5974 2-1:4.28: could not read from device
[  871.622876][ T5154] bcm5974 2-1:4.28: could not read from device
[  871.648156][T14991] udevd[14991]: Error opening device "/dev/input/event4": Input/output error
[  871.648314][T14991] udevd[14991]: Unable to EVIOCGABS device "/dev/input/event4"
[  871.648508][T14991] udevd[14991]: Unable to EVIOCGABS device "/dev/input/event4"
[  871.648645][T14991] udevd[14991]: Unable to EVIOCGABS device "/dev/input/event4"
[  871.648787][T14991] udevd[14991]: Unable to EVIOCGABS device "/dev/input/event4"
[  871.764634][ T5154] bcm5974 2-1:4.28: could not read from device
[  872.155649][   T61] Bluetooth: hci5: command tx timeout
[  873.665911][ T5874] ==================================================================
[  873.665930][ T5874] BUG: KASAN: vmalloc-out-of-bounds in __list_add_valid_or_report+0x4e/0x130
[  873.665975][ T5874] Read of size 8 at addr ffffc9000ef32008 by task kworker/0:5/5874
[  873.665995][ T5874] 
[  873.666010][ T5874] CPU: 0 UID: 0 PID: 5874 Comm: kworker/0:5 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  873.666041][ T5874] Tainted: [L]=SOFTLOCKUP
[  873.666050][ T5874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  873.666065][ T5874] Workqueue: usb_hub_wq hub_event
[  873.666089][ T5874] Call Trace:
[  873.666099][ T5874]  <TASK>
[  873.666109][ T5874]  dump_stack_lvl+0xe8/0x150
[  873.666141][ T5874]  print_report+0xba/0x230
[  873.666167][ T5874]  ? __list_add_valid_or_report+0x4e/0x130
[  873.666202][ T5874]  kasan_report+0x117/0x150
[  873.666236][ T5874]  ? __list_add_valid_or_report+0x4e/0x130
[  873.666276][ T5874]  __list_add_valid_or_report+0x4e/0x130
[  873.666312][ T5874]  kcov_remote_stop+0x457/0x680
[  873.666347][ T5874]  hub_event+0x49d8/0x4f60
[  873.666373][ T5874]  ? __lock_acquire+0x6b5/0x2cf0
[  873.666416][ T5874]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  873.666453][ T5874]  ? __pfx_hub_event+0x10/0x10
[  873.666474][ T5874]  ? process_scheduled_works+0xa0f/0x17a0
[  873.666515][ T5874]  ? process_scheduled_works+0xa0f/0x17a0
[  873.666549][ T5874]  ? process_scheduled_works+0xa0f/0x17a0
[  873.666586][ T5874]  process_scheduled_works+0xaec/0x17a0
[  873.666638][ T5874]  ? __pfx_process_scheduled_works+0x10/0x10
[  873.666672][ T5874]  ? do_raw_spin_lock+0x12b/0x2f0
[  873.666708][ T5874]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  873.666741][ T5874]  ? schedule+0x90/0x360
[  873.666775][ T5874]  worker_thread+0xda6/0x1360
[  873.666812][ T5874]  kthread+0x726/0x8b0
[  873.666848][ T5874]  ? __pfx_worker_thread+0x10/0x10
[  873.666870][ T5874]  ? __pfx_kthread+0x10/0x10
[  873.666897][ T5874]  ? rt_spin_unlock+0x14f/0x200
[  873.666923][ T5874]  ? rt_spin_unlock+0x160/0x200
[  873.666945][ T5874]  ? __pfx_kthread+0x10/0x10
[  873.666972][ T5874]  ret_from_fork+0x51b/0xa40
[  873.666997][ T5874]  ? __pfx_ret_from_fork+0x10/0x10
[  873.667019][ T5874]  ? __switch_to+0xc82/0x1410
[  873.667055][ T5874]  ? __pfx_kthread+0x10/0x10
[  873.667082][ T5874]  ret_from_fork_asm+0x1a/0x30
[  873.667125][ T5874]  </TASK>
[  873.667133][ T5874] 
[  873.667140][ T5874] The buggy address belongs to a vmalloc virtual mapping
[  873.667160][ T5874] Memory state around the buggy address:
[  873.667173][ T5874]  ffffc9000ef31f00: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  873.667189][ T5874]  ffffc9000ef31f80: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  873.667205][ T5874] >ffffc9000ef32000: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  873.667224][ T5874]                       ^
[  873.667236][ T5874]  ffffc9000ef32080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  873.667252][ T5874]  ffffc9000ef32100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8
[  873.667264][ T5874] ==================================================================
[  873.667282][ T5874] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  873.667305][ T5874] CPU: 0 UID: 0 PID: 5874 Comm: kworker/0:5 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  873.667335][ T5874] Tainted: [L]=SOFTLOCKUP
[  873.667343][ T5874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  873.667363][ T5874] Workqueue: usb_hub_wq hub_event
[  873.667384][ T5874] Call Trace:
[  873.667393][ T5874]  <TASK>
[  873.667402][ T5874]  vpanic+0x1e0/0x670
[  873.667436][ T5874]  panic+0xc5/0xd0
[  873.667464][ T5874]  ? __pfx_panic+0x10/0x10
[  873.667498][ T5874]  ? __list_add_valid_or_report+0x4e/0x130
[  873.667538][ T5874]  ? __list_add_valid_or_report+0x4e/0x130
[  873.667572][ T5874]  check_panic_on_warn+0x89/0xb0
[  873.667608][ T5874]  ? __list_add_valid_or_report+0x4e/0x130
[  873.667642][ T5874]  end_report+0x6f/0x140
[  873.667674][ T5874]  kasan_report+0x128/0x150
[  873.667706][ T5874]  ? __list_add_valid_or_report+0x4e/0x130
[  873.667745][ T5874]  __list_add_valid_or_report+0x4e/0x130
[  873.667782][ T5874]  kcov_remote_stop+0x457/0x680
[  873.667814][ T5874]  hub_event+0x49d8/0x4f60
[  873.667847][ T5874]  ? __lock_acquire+0x6b5/0x2cf0
[  873.667887][ T5874]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  873.667923][ T5874]  ? __pfx_hub_event+0x10/0x10
[  873.667942][ T5874]  ? process_scheduled_works+0xa0f/0x17a0
[  873.667981][ T5874]  ? process_scheduled_works+0xa0f/0x17a0
[  873.668012][ T5874]  ? process_scheduled_works+0xa0f/0x17a0
[  873.668042][ T5874]  process_scheduled_works+0xaec/0x17a0
[  873.668090][ T5874]  ? __pfx_process_scheduled_works+0x10/0x10
[  873.668121][ T5874]  ? do_raw_spin_lock+0x12b/0x2f0
[  873.668153][ T5874]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  873.668185][ T5874]  ? schedule+0x90/0x360
[  873.668214][ T5874]  worker_thread+0xda6/0x1360
[  873.668250][ T5874]  kthread+0x726/0x8b0
[  873.668277][ T5874]  ? __pfx_worker_thread+0x10/0x10
[  873.668298][ T5874]  ? __pfx_kthread+0x10/0x10
[  873.668323][ T5874]  ? rt_spin_unlock+0x14f/0x200
[  873.668348][ T5874]  ? rt_spin_unlock+0x160/0x200
[  873.668367][ T5874]  ? __pfx_kthread+0x10/0x10
[  873.668391][ T5874]  ret_from_fork+0x51b/0xa40
[  873.668410][ T5874]  ? __pfx_ret_from_fork+0x10/0x10
[  873.668427][ T5874]  ? __switch_to+0xc82/0x1410
[  873.668454][ T5874]  ? __pfx_kthread+0x10/0x10
[  873.668476][ T5874]  ret_from_fork_asm+0x1a/0x30
[  873.668508][ T5874]  </TASK>
[  873.669128][ T5874] Kernel Offset: disabled