last executing test programs:

2m5.570340119s ago: executing program 2 (id=1994):
r0 = socket(0x10, 0x803, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=""/191, 0xbf}}], 0x1, 0x2040000, &(0x7f0000003700)={0x77359400})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_MSG_GETSETELEM(r1, 0x0, 0x8084)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, 0x4, 0x6, 0x101, 0x0, 0x0, {0x7, 0x0, 0x8}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000005}, 0x20040800) (fail_nth: 1)

2m5.010902722s ago: executing program 2 (id=1997):
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x0, 0x0)
ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f0000000040)={0x10004, 0x0, &(0x7f0000ffa000/0x3000)=nil}) (async)
r1 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
setsockopt(r0, 0x1, 0x2, &(0x7f00000000c0)="8d0e0f39f0f4cc9e685ce71cc1b22adc17f610ca13db980b22ecf50f5f9bbbba25329b28259a25a1dce242d0da24d70902cb9829102e8be63da62d7c839492d481754c8651a378aa3a4ce2fc9690b4472f1b9d2e826bc2378a3ae05ba7bf4368d95b4d665513", 0x66) (async, rerun: 64)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r0, 0xc018937c, &(0x7f0000000140)={{0x1, 0x1, 0x18, <r2=>r1, {0x4}}, './file0\x00'}) (rerun: 64)
sendto$inet_nvme_of_msg(r2, &(0x7f00000001c0)={@rsp={{0x5, 0xe, 0x18, 0xb, 0x9}, {@u16=0x3680, 0x5, 0x8, 0x3, 0x3}}, @val=&(0x7f0000000180)="a51c71765923c687b5aad690bdb6b3e3870c5eaaeda86313db3b039033ae2b933228c7197fd5af0069bee5"}, 0x88, 0x0, 0x0, 0x0) (async)
r3 = syz_open_dev$audion(&(0x7f0000000280), 0x81, 0x0)
recvmmsg$unix(r3, &(0x7f0000001b80)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000002c0)=""/159, 0x9f}, {&(0x7f0000000380)=""/105, 0x69}, {&(0x7f0000000400)=""/66, 0x42}, {&(0x7f0000000480)=""/124, 0x7c}], 0x4, &(0x7f0000000540)=[@rights={{0x20, 0x1, 0x1, [<r4=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff]}}], 0x38}}, {{&(0x7f0000000580)=@abs, 0x6e, &(0x7f0000000800)=[{&(0x7f0000000600)=""/33, 0x21}, {&(0x7f0000000640)=""/149, 0x95}, {&(0x7f0000000700)=""/212, 0xd4}], 0x3, &(0x7f0000000840)=[@cred={{0x1c, 0x1, 0x2, {<r7=>0x0}}}, @cred={{0x1c}}], 0x40}}, {{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000880)=""/153, 0x99}, {&(0x7f0000000940)=""/39, 0x27}, {&(0x7f0000000980)=""/18, 0x12}], 0x3}}, {{&(0x7f0000000a00), 0x6e, &(0x7f0000000e00)=[{&(0x7f0000000a80)=""/74, 0x4a}, {&(0x7f0000000b00)=""/39, 0x27}, {&(0x7f0000000b40)=""/162, 0xa2}, {&(0x7f0000000c00)=""/213, 0xd5}, {&(0x7f0000000d00)=""/228, 0xe4}], 0x5, &(0x7f0000000e80)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}], 0x38}}, {{&(0x7f0000000ec0), 0x6e, &(0x7f0000001000)=[{&(0x7f0000000f40)=""/159, 0x9f}], 0x1, &(0x7f0000001040)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, <r8=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, <r9=>0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}], 0xa8}}, {{&(0x7f0000001100)=@abs, 0x6e, &(0x7f0000001240)=[{&(0x7f0000001180)=""/177, 0xb1}], 0x1, &(0x7f0000001280)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, <r10=>0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [0xffffffffffffffff, <r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff, <r13=>0xffffffffffffffff, 0xffffffffffffffff]}}], 0x80}}, {{&(0x7f0000001300), 0x6e, &(0x7f00000019c0)=[{&(0x7f0000001380)=""/133, 0x85}, {&(0x7f0000001440)}, {&(0x7f0000001480)=""/233, 0xe9}, {&(0x7f0000001580)=""/213, 0xd5}, {&(0x7f0000001680)=""/241, 0xf1}, {&(0x7f0000001780)=""/99, 0x63}, {&(0x7f0000001800)=""/123, 0x7b}, {&(0x7f0000001880)=""/41, 0x29}, {&(0x7f00000018c0)=""/234, 0xea}], 0x9, &(0x7f0000001a80)=[@cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [<r14=>0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x100}}], 0x7, 0x10063, &(0x7f0000001d40)={0x0, 0x3938700}) (async)
r15 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r15, &(0x7f0000001d80)={0x1f, 0x8, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0xf}, 0xe) (async, rerun: 64)
ioctl$sock_TIOCINQ(r13, 0x541b, &(0x7f0000001dc0)) (async, rerun: 64)
fsetxattr$trusted_overlay_opaque(0xffffffffffffffff, &(0x7f0000001e00), &(0x7f0000001e40), 0x2, 0x3) (async)
ioctl$sock_SIOCGIFINDEX_80211(r12, 0x8933, &(0x7f0000001ec0)={'wlan0\x00', <r16=>0x0})
sendmsg$NL80211_CMD_SET_BSS(r14, &(0x7f0000001f80)={&(0x7f0000001e80)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000001f40)={&(0x7f0000001f00)={0x2c, 0x0, 0x800, 0x70bd2d, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r16}, @void}}, [@NL80211_ATTR_BSS_HT_OPMODE={0x6, 0x6d, 0x3}, @NL80211_ATTR_BSS_CTS_PROT={0x5, 0x1c, 0x5e}]}, 0x2c}, 0x1, 0x0, 0x0, 0x41}, 0x4804)
setsockopt$MRT6_TABLE(r6, 0x29, 0xcf, &(0x7f0000001fc0)=0xfd, 0x4) (async)
ioctl$RNDGETENTCNT(r3, 0x80045200, &(0x7f0000002000))
fsetxattr$security_smack_transmute(r5, &(0x7f0000002040), &(0x7f0000002080), 0x4, 0x2)
mmap$xdp(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000000, 0x10, r8, 0x0) (async, rerun: 32)
r17 = syz_genetlink_get_family_id$nl80211(&(0x7f0000002100), r2) (rerun: 32)
sendmsg$NL80211_CMD_PROBE_MESH_LINK(r5, &(0x7f00000023c0)={&(0x7f00000020c0)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000002380)={&(0x7f0000002140)={0x1fc, r17, 0x1, 0x70bd2c, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0x7f, 0xa}}}}, [@NL80211_ATTR_FRAME={0x8a, 0x33, @data_frame={@a_msdu=@type00={{0x0, 0x2, 0xf, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x7eee}, @device_a, @broadcast, @random="5fc0ee65c594", {0x5, 0x755}, "", @value={0xc, 0x1, 0x0, 0x1, 0x7f}, @value=@ver_80211n={0x0, 0x3, 0x1, 0x2, 0x0, 0x3}}, @a_msdu=[{@device_b, @broadcast, 0x5a, "e6863f19a78a8c7b1302ce822b698e102f97cd6a9884de879d903fbe39c271ec65ed5bf9d7544f479402d5ff177efad2df3718921da827b5d9475be94613c8e792896d848f81cb8f6376af86ddbda07b1c74216112e3830a6c80"}]}}, @NL80211_ATTR_FRAME={0x144, 0x33, @data_frame={@a_msdu=@type10={{0x0, 0x2, 0x6, 0x1, 0x0, 0x1, 0x0, 0x1, 0x1}, {0x7}, @initial, @device_a, @random="4f8b2eb9f689", {0x8, 0x7}}, @random="39742044653ae718d9152f96d2358900b529eb59b29dad00250e071686af3b1110137a50e2e2d97f1eb0484b1db8e06b626b81ff95c4bcfe8a31b02310e1254e54c222fdcec3c384c858fd2aa863016cb98ba1da54e6070064ef0304fae09bec1a74857a2bb17b01787888dfaf9f8ab250c980de6eaa32c44d0fc8a90a45d4c9b2df27947a76ce6def2c93558822edb58b1c14f5517e8816e4324f9982308b30a52a02426d77d2af0f9d29a34427c424a05bad69d99f23ed2ccdbc25588ff3cc61a2a8b7383e8c75792321cb1b9e342b4192a3c57560e161f3f3b819df29c0f694e3bd539086a4e7e7ca297d0882350954eae4d4efbe4d1cb06ebfc29d3f88c29e6c7207cc7c90df3efecb79048b1aa5c4a4e992b003c1b575d4810affe78c87bcc59019d34b9394"}}, @NL80211_ATTR_MAC={0xa, 0x6, @device_b}]}, 0x1fc}, 0x1, 0x0, 0x0, 0x40044}, 0x8000) (async)
setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r13, 0x84, 0x1f, &(0x7f0000002400)={0x0, @in6={{0xa, 0x4e22, 0x358d, @private2, 0x8}}, 0x8, 0x1b}, 0x90)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r10, 0xc0189378, &(0x7f00000024c0)={{0x1, 0x1, 0x18, <r18=>r6}, './file0\x00'})
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r18, 0x7, &(0x7f0000002500)=r9, 0x1) (async)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r4, 0x89f3, &(0x7f0000002580)={'syztnl0\x00', &(0x7f0000002540)={'syztnl1\x00', <r19=>0x0, 0x8000, 0x8000, 0x5, 0x401, {{0x7, 0x4, 0x1, 0x8, 0x1c, 0x67, 0x0, 0x0, 0x4, 0x0, @multicast2, @dev={0xac, 0x14, 0x14, 0x3f}, {[@lsrr={0x83, 0x7, 0x61, [@loopback]}]}}}}})
bind$xdp(r11, &(0x7f00000025c0)={0x2c, 0x0, r19, 0x27, r14}, 0x10) (async)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ptrace$ARCH_GET_GS(0x1e, r7, &(0x7f0000002600), 0x1004) (async)
ioctl$KVM_GET_IRQCHIP(r2, 0xc208ae62, &(0x7f0000002640)={0x2, 0x0, @pic={0x1, 0x4, 0x6, 0x5, 0x40, 0xf8, 0x3, 0x2, 0x3, 0x2, 0x1, 0xd, 0x13, 0x4, 0x0, 0xe}}) (async, rerun: 64)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r15, 0xc02064a4, &(0x7f0000002940)={0x0, 0x3, &(0x7f0000002880)=[0xfff, 0x6bc2, 0x3], &(0x7f00000028c0)=[0x5, 0x800], &(0x7f0000002900)=[0x1d78, 0x0, 0xcca, 0x1, 0x4, 0x5, 0x254, 0x575]}) (async, rerun: 64)
recvmmsg(0xffffffffffffffff, &(0x7f0000002b00)=[{{&(0x7f0000002980)=@can, 0x80, &(0x7f0000002a40)=[{&(0x7f0000002a00)=""/50, 0x32}], 0x1, &(0x7f0000002a80)=""/113, 0x71}, 0x7}], 0x1, 0x10000, &(0x7f0000002b40)={0x77359400})

2m4.003772209s ago: executing program 2 (id=2001):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8822d55593a2179}, 0xc)
syz_emit_ethernet(0x82, &(0x7f0000000300)={@broadcast, @random="1704b45adbde", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x74, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x5, 0x0, 0x0, 0xe0, 0x0, 0xe000, {0x16, 0x4, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @local, {[@lsrr={0x83, 0x3}, @rr={0x7, 0x3}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x0, [{@multicast1=0xe0000089}, {@private}, {@local}, {@remote}, {@private=0xa010100}, {@dev}, {@initdev={0xac, 0x1e, 0x1, 0x0}}]}]}}}}}}}, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x2f)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000140)={{{@in=@dev={0xac, 0x14, 0x14, 0x11}, @in6=@loopback, 0x4e24, 0x0, 0x4, 0x0, 0x2}, {0x0, 0x802, 0x9141, 0x0, 0xfffffffffffffffc, 0xf42, 0x5}, {0x0, 0x0, 0x0, 0x8}, 0x1, 0x0, 0x1, 0x0, 0x4, 0x1}, {{@in6=@empty, 0x0, 0x33}, 0x0, @in=@remote, 0x3501, 0x0, 0x2, 0x4, 0x0, 0x0, 0xfffffffd}}, 0xe8)
socket$kcm(0x29, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)

2m0.938266688s ago: executing program 2 (id=2004):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0xfffffffffffffff5, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x5}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xfffffffffffffea4, 0x2, [@TCA_FQ_PLIMIT={0x0, 0x1, 0xffffffff}, @TCA_FQ_FLOW_DEFAULT_RATE={0x0, 0x6, 0x40004}, @TCA_FQ_TIMER_SLACK={0x0, 0xd, 0x2b3}]}}]}, 0x5f}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
sendmmsg(r0, &(0x7f0000000ec0)=[{{&(0x7f00000002c0)=@l2tp={0x2, 0x0, @private=0xa010100, 0x4}, 0x80, &(0x7f0000000340)=[{&(0x7f00000006c0)="cc5c84001214dbd9e5943aa8a315357330c56529d6b619a78687eea13ea02981afbb0fab70e8c3ab037cd82bd48f4947702a177974e7eff5f2ccdec909645f69e3dea5153157374459f6a21ba8609552d9ada54e81b0f19b55b77cf382ad229baa9decce1ea639a300f1fa65b945a0e29d36cb8ed369e91698c0e9", 0x7b}, {&(0x7f00000007c0)="a960e57530b65741465209e7c6235055450b1ed3da8592b928d8e20971659d8e3ca392643af5fa7ae0e3455099a5f7b857afa34cbf9962bdc9db46a15e7dcf9412a2b98b6ae75ca1bd7eae82d94855e9ced28430f77527b7c0b999eab05883ce32fa9b99187b196d53939db62b2b37c0cd0dea2a1be6f97dbcd0937bb416c3fb74a9d08d9afa4c86a507485b0e6821ba9d82e6b8522a6eba1734eccbc5659567aa08b5b93be09bc2a6d6319acbd1aeb751f8e9b7ce9e2f", 0xb7}, {&(0x7f0000001400)="9af390e2aadb61017e08249a2485ad46a590a90910858e1ceefc66db2ed8f32bf6be0e2f94e7e4db6454393a128402ed26580c7c5ebc85db639da17c927c23dbde640ab030889e8b61f26d270bc73b21c9ac8ba542e6b4ad2cd147059128ba038e4b9ebb20537f437b23b46ec790720e1fb74cef3c677e9978662a84cf2fcf73c73a5e763358496737af6284226bad34fb9083f87d853ab78c816cf32c90bd5c40ff6446214552d29745d34e0c4bfa623d00e5cbb393972371503122a0f44135db5654ace67cddb85a12df91fcf994fc680afe5d34268b23447589ef3f5383d152bf6dd104984297180f896ec8b1ba50952c5ab76e144f5636692d7cf17922c9b447ed6d59553ec6085e07413034875c1ae0947280e1a6f0d5e7f23b32e56ead8590d3269fdcb624cc870968b2f100bf3bc3d2ab105a5f61456d4969181fbd207b6f4d6d9ca0a1920daabec06d0c5e276d18f2571e88373dd41af9080d72aa88b10f8900b48acb61a61007dd4dd0e9240af5382a26f68bd706a83d8df76a4a5d02b39d07f97c4f86dad9e14eb957cc4be52b027a462262589929e3d035188dd9f0561e3ba2de6bafe743d9ae397e9aa423644fba8b2d6425ac1cd78c76e52e04d3a29e74075625fb5e674bab02843991ce804e0d04961f2978f3749c5ad83f355ae5da936fd6e0178d2bd12aacbe0205aa9a15579fd61d738f8d36412e814ba500edaf28ea68b0e96fb1839acf8416d8f5df7fad3b663f68e2ee5784fd01c7021130a490e629b1348acf3479e0392ecabbeeb18ec421c26e76f6f5c480e7decc85a0583a56180f199d26090b10ee5057ec4c1e04be948a5960acda014d646cf91bfdfb9d327f8ab545f8b41e8dbab94f195b189a8642a6b95e0ceb36b640fbdfe21925cc110bd2ef2c3fe24f12f95771b60e2ffbc47e58b2237b5574cadc32aab0f0db3202e4adc44a0651ef97703957857cfb6022578c97802f486bd7f48129f0c120700d0b70e048618a9f1de9f34dbb1f92dadc86f09e6288eb1bdbd1f700cc2df781654dfd57d9da779607080d3bc6dede5818aa8d6c99fa1ffdbb6a1a43040fe1379cf2a8b4b862db428c29e388a6e6b863bc818c2139a0d4238f10baf22f498b6629181f997ac280547e92fe300d0f8dd8b6724df5aa14be73cd630b808a29bfb52707b8db7d0065bd753b3773f8df58c74ea56f4582caa2fa8532b8049fd9ba775afc5b92b767ed0b35d4c086d9af6f7b7ed96f5f9d3734e703fc683fe0ed82b7763c67734067759e27b60036a3b4c53526716c175d75a9fa6ed019d3e1047bcb9c6510665de23cc2802804a0c3a347faba392282df430e5e6141f9eb660f7cb0eaedb832a7880c953bc0188c1f28eb466799e2768886ef81096847f50159278b572b0cca7744d6a572a81ddd2bcea73da3c8a59680bcaaadaf95e1fe91e41a8036835975b072a9587c560e3da854c96c64011755d08fef5228bb2db62a445bc0b9e17dea88854cd6a7c8a288727d5690fc4941978dee5eda2dbdc85915e7a2fdae978adb217b3f6b31cf69b51b9f805f8b447a4868b442933fc0e03860a7084230ff8fdff70665717f9c0bade31f87f5de99643e800feceb0dfdd6d1b67d4056a52f0efa2ed2b1142132c6242d917b46d939aade6a362bf586058385d7fcef1b4e358a093d6781b9e9bf280520ff083a6026bf701237e38927ed21209dbf407a7944ef687b93619b181b9112477fa902f391a7163f93bec2d6369ffba644f4fd5139890fb66bd6017a61d9fd043154eb0ab0de3046cdb8a182a553cece0701a922518cf09cd1ab421ee8ec677a8d453cd8c21bdaa5f8dd804dfe80fffec8c4d778d5e260b65a2f0d3c1b09e9d6bd1f3746aa7fe07374a028a89fc96eb66affbcddfaa01a72058566e33af88e37f43fbba73c0423d54079fad54c136ec5fcd61d5134f833ab44f6cfbc2348871f190ac4c4bc20c97fcb29f4823a8e3bf76f85b10dfd33df0001646a7e0b2ee3e14455f6c8f225b80eed457e772cb2504ded46a24e911428decff4a130be797b6530c33ec1be7b0dd4df6206eca1c4c8dfda776336bcb876d80043195de773fbcf0d3abe53e9a38da0af7a6598815a71ffc937203f5a04e87eb532e579d66d42b06b791b6ebd50e7855f6645d29434bb0280fdf1511b163b12838f39ca864516711501bbe345d46b34ab2f0d8317d45376f73e302a90f5c362b18e1840668a9f27e90f2b715b4b6ae7a6dc387583110a42fd4977635275f7244a1912d0c67cf53d5da8a384839020d71db234fcc4388a735275763f01b2b4967e99f551e489bcc28f693a1e688ac8c39a971f8ae9d973cc7adac4a642a7a84ecca2d0bd24c300b94dff82fa4f95c1ce5fdb9128466443cb8442048e53cd46334d59774de0e2ceefcd4cd2e6c9da7cdc2162346111f7da236d72f33d509d73133951e1a3f84fa7e767cf56fc9bfb3986c5ec501634b92a780f63e0ee61e3d25f51c39b975ea587027a101059e9386f1eaaaab8ebfd5c453e9f86c851f9c78e4e06184f04fa9a54ba0bba5d18108c2973f50cb626eca6e3d5b2907b00d2ad4fff9546482815291bd220fa31c1d1a735562174644fe06131e31ce66064fa6a02d5bda756994f81163b97e854274183bbc4ddeb9bb823944afc", 0x761}], 0x3}}, {{0x0, 0x0, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000880)="90b9f79fecb3ad0dc00ca95fb148a3ba4355cee5ce27d2c10d8474464a37dea0c1ab2a961404f5aa5493cdadb4b6bf4131e96c0aef0f89065db2aa551c68ce3fa911638fd608ff9e30cce409b6e516e59c272cdbbb88c83dc61199d70f8f7e05d9639d278d53151a6720a51979ffd78dcc1a000929160435bd61e3f36c78b9bd5baef79be54e537dfc26029f52cfd5b4dd3416fc140fce45c077", 0x9a}, {&(0x7f0000000a40)}], 0x3}}], 0x2, 0x11)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x4f5b9e40, 0x8, 0x96282c4, 0x2040, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x45, 0x4, 0x2, 0x4}, 0x50)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x2, 0x12, @loopback, @mcast2, 0x10, 0x10, 0x6, 0x101}})
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00'})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[], 0x6f4}}, 0x0)

1m59.028055119s ago: executing program 2 (id=2009):
r0 = creat(0x0, 0x4b)
close(r0)
syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
fcntl$addseals(0xffffffffffffffff, 0x409, 0x7)
ioctl$FIONCLEX(0xffffffffffffffff, 0x5450)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000300)={'wg1\x00'})

1m58.300891408s ago: executing program 2 (id=2011):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000580)='contention_begin\x00', r3, 0x0, 0x9}, 0x18)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, 0x0, 0x0)
sendmsg$DEVLINK_CMD_RATE_SET(0xffffffffffffffff, 0x0, 0x4000801)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000180)="64670feea1096f00003e660f38054c880f323e26640fb9a9c94f660fc7b27f1a360f09366764f4660fdd40e69a3a00e300baa000b0e5ee", 0x37}], 0x1, 0x6, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$KVM_GET_CPUID2(r4, 0xc008ae91, &(0x7f00000000c0))
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20000000)
openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0xffffffffffffffff, 0x3, 0x20}, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000010f80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x5c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x34, 0x3, 0x0, 0x1, [{0x30, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x24, 0xb, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @counter={{0xc}, @void}}, {0x10, 0x1, 0x0, 0x1, @counter={{0xc}, @void}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xe0}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

1m52.002970357s ago: executing program 0 (id=2026):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100))
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0xfffffffffffffff5, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x5}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xfffffffffffffea4, 0x2, [@TCA_FQ_PLIMIT={0x0, 0x1, 0xffffffff}, @TCA_FQ_FLOW_DEFAULT_RATE={0x0, 0x6, 0x40004}, @TCA_FQ_TIMER_SLACK={0x0, 0xd, 0x2b3}]}}]}, 0x5f}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
sendmmsg(r0, &(0x7f0000000ec0)=[{{&(0x7f00000002c0)=@l2tp={0x2, 0x0, @private=0xa010100, 0x4}, 0x80, &(0x7f0000000340)=[{&(0x7f00000006c0)="cc5c84001214dbd9e5943aa8a315357330c56529d6b619a78687eea13ea02981afbb0fab70e8c3ab037cd82bd48f4947702a177974e7eff5f2ccdec909645f69e3dea5153157374459f6a21ba8609552d9ada54e81b0f19b55b77cf382ad229baa9decce1ea639a300f1fa65b945a0e29d36cb8ed369e91698c0e9", 0x7b}, {&(0x7f00000007c0)="a960e57530b65741465209e7c6235055450b1ed3da8592b928d8e20971659d8e3ca392643af5fa7ae0e3455099a5f7b857afa34cbf9962bdc9db46a15e7dcf9412a2b98b6ae75ca1bd7eae82d94855e9ced28430f77527b7c0b999eab05883ce32fa9b99187b196d53939db62b2b37c0cd0dea2a1be6f97dbcd0937bb416c3fb74a9d08d9afa4c86a507485b0e6821ba9d82e6b8522a6eba1734eccbc5659567aa08b5b93be09bc2a6d6319acbd1aeb751f8e9b7ce9e2f", 0xb7}, {&(0x7f0000001400)="9af390e2aadb61017e08249a2485ad46a590a90910858e1ceefc66db2ed8f32bf6be0e2f94e7e4db6454393a128402ed26580c7c5ebc85db639da17c927c23dbde640ab030889e8b61f26d270bc73b21c9ac8ba542e6b4ad2cd147059128ba038e4b9ebb20537f437b23b46ec790720e1fb74cef3c677e9978662a84cf2fcf73c73a5e763358496737af6284226bad34fb9083f87d853ab78c816cf32c90bd5c40ff6446214552d29745d34e0c4bfa623d00e5cbb393972371503122a0f44135db5654ace67cddb85a12df91fcf994fc680afe5d34268b23447589ef3f5383d152bf6dd104984297180f896ec8b1ba50952c5ab76e144f5636692d7cf17922c9b447ed6d59553ec6085e07413034875c1ae0947280e1a6f0d5e7f23b32e56ead8590d3269fdcb624cc870968b2f100bf3bc3d2ab105a5f61456d4969181fbd207b6f4d6d9ca0a1920daabec06d0c5e276d18f2571e88373dd41af9080d72aa88b10f8900b48acb61a61007dd4dd0e9240af5382a26f68bd706a83d8df76a4a5d02b39d07f97c4f86dad9e14eb957cc4be52b027a462262589929e3d035188dd9f0561e3ba2de6bafe743d9ae397e9aa423644fba8b2d6425ac1cd78c76e52e04d3a29e74075625fb5e674bab02843991ce804e0d04961f2978f3749c5ad83f355ae5da936fd6e0178d2bd12aacbe0205aa9a15579fd61d738f8d36412e814ba500edaf28ea68b0e96fb1839acf8416d8f5df7fad3b663f68e2ee5784fd01c7021130a490e629b1348acf3479e0392ecabbeeb18ec421c26e76f6f5c480e7decc85a0583a56180f199d26090b10ee5057ec4c1e04be948a5960acda014d646cf91bfdfb9d327f8ab545f8b41e8dbab94f195b189a8642a6b95e0ceb36b640fbdfe21925cc110bd2ef2c3fe24f12f95771b60e2ffbc47e58b2237b5574cadc32aab0f0db3202e4adc44a0651ef97703957857cfb6022578c97802f486bd7f48129f0c120700d0b70e048618a9f1de9f34dbb1f92dadc86f09e6288eb1bdbd1f700cc2df781654dfd57d9da779607080d3bc6dede5818aa8d6c99fa1ffdbb6a1a43040fe1379cf2a8b4b862db428c29e388a6e6b863bc818c2139a0d4238f10baf22f498b6629181f997ac280547e92fe300d0f8dd8b6724df5aa14be73cd630b808a29bfb52707b8db7d0065bd753b3773f8df58c74ea56f4582caa2fa8532b8049fd9ba775afc5b92b767ed0b35d4c086d9af6f7b7ed96f5f9d3734e703fc683fe0ed82b7763c67734067759e27b60036a3b4c53526716c175d75a9fa6ed019d3e1047bcb9c6510665de23cc2802804a0c3a347faba392282df430e5e6141f9eb660f7cb0eaedb832a7880c953bc0188c1f28eb466799e2768886ef81096847f50159278b572b0cca7744d6a572a81ddd2bcea73da3c8a59680bcaaadaf95e1fe91e41a8036835975b072a9587c560e3da854c96c64011755d08fef5228bb2db62a445bc0b9e17dea88854cd6a7c8a288727d5690fc4941978dee5eda2dbdc85915e7a2fdae978adb217b3f6b31cf69b51b9f805f8b447a4868b442933fc0e03860a7084230ff8fdff70665717f9c0bade31f87f5de99643e800feceb0dfdd6d1b67d4056a52f0efa2ed2b1142132c6242d917b46d939aade6a362bf586058385d7fcef1b4e358a093d6781b9e9bf280520ff083a6026bf701237e38927ed21209dbf407a7944ef687b93619b181b9112477fa902f391a7163f93bec2d6369ffba644f4fd5139890fb66bd6017a61d9fd043154eb0ab0de3046cdb8a182a553cece0701a922518cf09cd1ab421ee8ec677a8d453cd8c21bdaa5f8dd804dfe80fffec8c4d778d5e260b65a2f0d3c1b09e9d6bd1f3746aa7fe07374a028a89fc96eb66affbcddfaa01a72058566e33af88e37f43fbba73c0423d54079fad54c136ec5fcd61d5134f833ab44f6cfbc2348871f190ac4c4bc20c97fcb29f4823a8e3bf76f85b10dfd33df0001646a7e0b2ee3e14455f6c8f225b80eed457e772cb2504ded46a24e911428decff4a130be797b6530c33ec1be7b0dd4df6206eca1c4c8dfda776336bcb876d80043195de773fbcf0d3abe53e9a38da0af7a6598815a71ffc937203f5a04e87eb532e579d66d42b06b791b6ebd50e7855f6645d29434bb0280fdf1511b163b12838f39ca864516711501bbe345d46b34ab2f0d8317d45376f73e302a90f5c362b18e1840668a9f27e90f2b715b4b6ae7a6dc387583110a42fd4977635275f7244a1912d0c67cf53d5da8a384839020d71db234fcc4388a735275763f01b2b4967e99f551e489bcc28f693a1e688ac8c39a971f8ae9d973cc7adac4a642a7a84ecca2d0bd24c300b94dff82fa4f95c1ce5fdb9128466443cb8442048e53cd46334d59774de0e2ceefcd4cd2e6c9da7cdc2162346111f7da236d72f33d509d73133951e1a3f84fa7e767cf56fc9bfb3986c5ec501634b92a780f63e0ee61e3d25f51c39b975ea587027a101059e9386f1eaaaab8ebfd5c453e9f86c851f9c78e4e06184f04fa9a54ba0bba5d18108c2973f50cb626eca6e3d5b2907b00d2ad4fff9546482815291bd220fa31c1d1a735562174644fe06131e31ce66064fa6a02d5bda756994f81163b97e854274183bbc4ddeb9bb823944afc", 0x761}], 0x3}}, {{0x0, 0x0, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000880)="90b9f79fecb3ad0dc00ca95fb148a3ba4355cee5ce27d2c10d8474464a37dea0c1ab2a961404f5aa5493cdadb4b6bf4131e96c0aef0f89065db2aa551c68ce3fa911638fd608ff9e30cce409b6e516e59c272cdbbb88c83dc61199d70f8f7e05d9639d278d53151a6720a51979ffd78dcc1a000929160435bd61e3f36c78b9bd5baef79be54e537dfc26029f52cfd5b4dd3416fc140fce45c077", 0x9a}, {&(0x7f0000000a40)}], 0x3}}], 0x2, 0x11)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x4f5b9e40, 0x8, 0x96282c4, 0x2040, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x45, 0x4, 0x2, 0x4}, 0x50)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x2, 0x12, @loopback, @mcast2, 0x10, 0x10, 0x6, 0x101}})
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4], 0x6f4}}, 0x0)

1m51.104081435s ago: executing program 0 (id=2029):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f00000003c0)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x22, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
openat$smackfs_ipv6host(0xffffffffffffff9c, &(0x7f0000004e40), 0x2, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0)

1m46.051715408s ago: executing program 0 (id=2033):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0x75, 0x109301)
unshare(0x20000400)
ioctl$USBDEVFS_ALLOW_SUSPEND(r0, 0x5522) (fail_nth: 1)
socket$nl_generic(0x10, 0x3, 0x10)

1m45.275973144s ago: executing program 0 (id=2037):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, 0xffffffffffffffff, 0x0, 0x9}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x5}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x6, 0x40004}, @TCA_FQ_TIMER_SLACK={0x8, 0xd, 0x2b3}]}}]}, 0x40}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
sendmmsg(r0, &(0x7f0000000ec0)=[{{&(0x7f00000002c0)=@l2tp={0x2, 0x0, @private=0xa010100, 0x4}, 0x80, &(0x7f0000000340)=[{&(0x7f00000006c0)="cc5c84001214dbd9e5943aa8a315357330c56529d6b619a78687eea13ea02981afbb0fab70e8c3ab037cd82bd48f4947702a177974e7eff5f2ccdec909645f69e3dea5153157374459f6a21ba8609552d9ada54e81b0f19b55b77cf382ad229baa9decce1ea639a300f1fa65b945a0e29d36cb8ed369e91698c0e9", 0x7b}, {&(0x7f00000007c0)="a960e57530b65741465209e7c6235055450b1ed3da8592b928d8e20971659d8e3ca392643af5fa7ae0e3455099a5f7b857afa34cbf9962bdc9db46a15e7dcf9412a2b98b6ae75ca1bd7eae82d94855e9ced28430f77527b7c0b999eab05883ce32fa9b99187b196d53939db62b2b37c0cd0dea2a1be6f97dbcd0937bb416c3fb74a9d08d9afa4c86a507485b0e6821ba9d82e6b8522a6eba1734eccbc5659567aa08b5b93be09bc2a6d6319acbd1aeb751f8e9b7ce9e2f", 0xb7}, {&(0x7f0000001400)="9af390e2aadb61017e08249a2485ad46a590a90910858e1ceefc66db2ed8f32bf6be0e2f94e7e4db6454393a128402ed26580c7c5ebc85db639da17c927c23dbde640ab030889e8b61f26d270bc73b21c9ac8ba542e6b4ad2cd147059128ba038e4b9ebb20537f437b23b46ec790720e1fb74cef3c677e9978662a84cf2fcf73c73a5e763358496737af6284226bad34fb9083f87d853ab78c816cf32c90bd5c40ff6446214552d29745d34e0c4bfa623d00e5cbb393972371503122a0f44135db5654ace67cddb85a12df91fcf994fc680afe5d34268b23447589ef3f5383d152bf6dd104984297180f896ec8b1ba50952c5ab76e144f5636692d7cf17922c9b447ed6d59553ec6085e07413034875c1ae0947280e1a6f0d5e7f23b32e56ead8590d3269fdcb624cc870968b2f100bf3bc3d2ab105a5f61456d4969181fbd207b6f4d6d9ca0a1920daabec06d0c5e276d18f2571e88373dd41af9080d72aa88b10f8900b48acb61a61007dd4dd0e9240af5382a26f68bd706a83d8df76a4a5d02b39d07f97c4f86dad9e14eb957cc4be52b027a462262589929e3d035188dd9f0561e3ba2de6bafe743d9ae397e9aa423644fba8b2d6425ac1cd78c76e52e04d3a29e74075625fb5e674bab02843991ce804e0d04961f2978f3749c5ad83f355ae5da936fd6e0178d2bd12aacbe0205aa9a15579fd61d738f8d36412e814ba500edaf28ea68b0e96fb1839acf8416d8f5df7fad3b663f68e2ee5784fd01c7021130a490e629b1348acf3479e0392ecabbeeb18ec421c26e76f6f5c480e7decc85a0583a56180f199d26090b10ee5057ec4c1e04be948a5960acda014d646cf91bfdfb9d327f8ab545f8b41e8dbab94f195b189a8642a6b95e0ceb36b640fbdfe21925cc110bd2ef2c3fe24f12f95771b60e2ffbc47e58b2237b5574cadc32aab0f0db3202e4adc44a0651ef97703957857cfb6022578c97802f486bd7f48129f0c120700d0b70e048618a9f1de9f34dbb1f92dadc86f09e6288eb1bdbd1f700cc2df781654dfd57d9da779607080d3bc6dede5818aa8d6c99fa1ffdbb6a1a43040fe1379cf2a8b4b862db428c29e388a6e6b863bc818c2139a0d4238f10baf22f498b6629181f997ac280547e92fe300d0f8dd8b6724df5aa14be73cd630b808a29bfb52707b8db7d0065bd753b3773f8df58c74ea56f4582caa2fa8532b8049fd9ba775afc5b92b767ed0b35d4c086d9af6f7b7ed96f5f9d3734e703fc683fe0ed82b7763c67734067759e27b60036a3b4c53526716c175d75a9fa6ed019d3e1047bcb9c6510665de23cc2802804a0c3a347faba392282df430e5e6141f9eb660f7cb0eaedb832a7880c953bc0188c1f28eb466799e2768886ef81096847f50159278b572b0cca7744d6a572a81ddd2bcea73da3c8a59680bcaaadaf95e1fe91e41a8036835975b072a9587c560e3da854c96c64011755d08fef5228bb2db62a445bc0b9e17dea88854cd6a7c8a288727d5690fc4941978dee5eda2dbdc85915e7a2fdae978adb217b3f6b31cf69b51b9f805f8b447a4868b442933fc0e03860a7084230ff8fdff70665717f9c0bade31f87f5de99643e800feceb0dfdd6d1b67d4056a52f0efa2ed2b1142132c6242d917b46d939aade6a362bf586058385d7fcef1b4e358a093d6781b9e9bf280520ff083a6026bf701237e38927ed21209dbf407a7944ef687b93619b181b9112477fa902f391a7163f93bec2d6369ffba644f4fd5139890fb66bd6017a61d9fd043154eb0ab0de3046cdb8a182a553cece0701a922518cf09cd1ab421ee8ec677a8d453cd8c21bdaa5f8dd804dfe80fffec8c4d778d5e260b65a2f0d3c1b09e9d6bd1f3746aa7fe07374a028a89fc96eb66affbcddfaa01a72058566e33af88e37f43fbba73c0423d54079fad54c136ec5fcd61d5134f833ab44f6cfbc2348871f190ac4c4bc20c97fcb29f4823a8e3bf76f85b10dfd33df0001646a7e0b2ee3e14455f6c8f225b80eed457e772cb2504ded46a24e911428decff4a130be797b6530c33ec1be7b0dd4df6206eca1c4c8dfda776336bcb876d80043195de773fbcf0d3abe53e9a38da0af7a6598815a71ffc937203f5a04e87eb532e579d66d42b06b791b6ebd50e7855f6645d29434bb0280fdf1511b163b12838f39ca864516711501bbe345d46b34ab2f0d8317d45376f73e302a90f5c362b18e1840668a9f27e90f2b715b4b6ae7a6dc387583110a42fd4977635275f7244a1912d0c67cf53d5da8a384839020d71db234fcc4388a735275763f01b2b4967e99f551e489bcc28f693a1e688ac8c39a971f8ae9d973cc7adac4a642a7a84ecca2d0bd24c300b94dff82fa4f95c1ce5fdb9128466443cb8442048e53cd46334d59774de0e2ceefcd4cd2e6c9da7cdc2162346111f7da236d72f33d509d73133951e1a3f84fa7e767cf56fc9bfb3986c5ec501634b92a780f63e0ee61e3d25f51c39b975ea587027a101059e9386f1eaaaab8ebfd5c453e9f86c851f9c78e4e06184f04fa9a54ba0bba5d18108c2973f50cb626eca6e3d5b2907b00d2ad4fff9546482815291bd220fa31c1d1a735562174644fe06131e31ce66064fa6a02d5bda756994f81163b97e854274183bbc4ddeb9bb823944afc3e07caf510732df2835fd11de82cb318b88f4d385adb57ac73ffe7f3d1e387848766e11000c94123f2a7d33a93d3b030ebb1206f26221a1ceef44a708693796ab80add7d9b6907c653c6becc21d49c380b3fea419276a387ad482fc3614fa7cac6ea9d07dffc85c1d3f01f57aa9816f32e3237b05d191c3f3d2ed31c313346176d18dc53307afc3aea306a5b44189b6fce062cd21319f1c0a5cf3bc84aaff275491d5fa26d12173e134bdb776478c27502dd4786cc079b6eb00d05f1c8c27a2e326ef11ad1866529b60e6a9e9ae776f01071e364a4604dfe79fbdfc9828628e50940398cc6b925ea8806ee3bbd22129c5d37551eb5e1ef613b027aebce0a83963888396f3e7c953e5416b522fd3a0660fefaea0fc97ca7d82191e2e8f23ca2aa56e8b9de2e1d3e093b8c3f4d7e700b7193b3d83c5b6bb1e7ff2a1c574c9d15ad79631573e41d46653601c510ec7cd0d6125c8e600ebb41247988c28305ac47eead817fecf4460c2221a399134d1d11363401090691a7bf1f58f27a09311d6591cef3d879570667e9e10eebf7df32ec9417f0132be9f1485b167b58b0bf88e31fb2d3957fa05a4d3f191c1d1caa189fc0c11c04287ceaee39a147aced6e3e9c2fe8f51a9823401ad4bf92b0fd4070aae1fe886b8c160a0d2a1507259e58c5608654f05f444877bf9ec215933d6f0a89a3f6199a23c535d8cf9541f2eb970261b12325884fe64330f67a8b07748522c58e5096a04afc67f08b4b0b3da2c9e010b8f079fabdbd187b3d1f69b9f8110e0ec3a488aa8b8563745f7e9fdc1faeaf542858f417d3a75d416e8f55c46cd962d9ac96ce8b56f7a0e22350d2b9e8a537780edddd519fd43baec4834aa6abb0b8c4007dfbb9dac74bf3802108966bf7d5a2999d16110ad0d2cab1c72c2d0ddce14e5043ee62fe9b722355dd2b7e728a589da59ef46dae95f1b89c22d5487a855bc1ee5f9d1427f643e2fa8748e07e6b51e365ab5e23e32401acc229c09f56868532ca611fa678b13f7f580392aee230878817f9dadc9b071245f75b7f626ab6f3342e8d80c3735e3a37646dfddeddec617fd3c155bb0735dd74eb1b71b957645978638f6bab555681b1e0047f7ccf370051f8fd42b171d16291a79ab5aad78940d12129d4de9f1d0a17f539fe333c7e3af31703dd147044ab4efd666cda9942c14cb25fae13cdb497bf7d71094192765df81234cf3dc9d38cdf373a06f5b723ab987708c8ed1b1b7c14cf55663298e752621be837d9e8f806552e0d605515dc0346354c76536d7681bac9dce48479abf18fc8b45862471ce1d75957a23c6bee5b2eb0022d557b6ad6153124e4594d26cc4a6e70de89086e0365039d215c2d9c7d881766b564b58be42104b4a4cad074eb1600be3a98fd7e19296066ee8a8d141d1b9f070c06c58c4f6e5c73b43022f39a13e701220064ceac7951818b1a88f68b2241efc57d37f224161533c75e279500896058aa03ce9571567172b57dbd40e1e14f8068cec77cde8da6aebf54039de9c7251289192616dca9d90bcc3ca24708dde9309d00d9a61c7be33f5858729ca3726fd8e8fdf911e58d3908797ec7b53cec49a8d51a3a30c3172b4277a8be98346488f10385ab3396ba34390f5f44a6f51606a392c25f4b6c65d3cee98004c5312b9f2a6349facbb7f0491fa0505ddc859e25963fae59e8ff05282c108be2a267690c8d53cd2ab7189b997cca8f0905ebcdc86a29b851546284870b348d54023e16262e78c034885696e931e1b2a7b2c23c59ef21393370a16f068ce46115e6b1c3ba9375bb9cb644ec9032bb2eb57eb4897284164af7a8b0a7019a610985dad9f1ce9f12a9a2399ee63fd6d21ee4adc8cbeb7ffe22b50e14c959042197ae45c8f8db2a5d03d6d9c2d5e826112a0bf6d21854a6d5fc77604e4117d7e9a92804c7db9f3eeca536b61a079654f8afbccc140602db833e537ac3c591b98549b5c70734e98b5a47eb9cc16ab2e0ed4f32ff69558e5dcfa2a3b54b8cf3326d4cdd7e9a0c19e4b703070a996acb40a882c2c512e38b4e3d31fe918a3562526132c7bbd497d3f5d40881e6c7363f2e21c8ae8d3ade72d57b6fe9a6cce7f100ae63775c6706b5004312b057aa9191e7614a69584974629c81e536b6422072cdb55b5d98418bf0b15268551548fbc6a9c84f4f701461c5e8e9f12573cc7611758c085582c823f9500d1fb8fa0eb44423f78fa60262f1578304c834865ba39ae3a1a393cfc3c9892518fca1ce37752f488faeabcb616700e831239025481f489c56331ea60ab91a77a73aca23da9fc2a2f171a0b42708ca64bc23985acd303b5eb32045bd55755facde52d4c5d134374736438996a956b5515a21c3c92968187235f0ec1cc68f671776f6b9805f2597bf6f0f93e55c843db7e590a923867da924981b1f653882bb744b3642e31fc43edbd028e804a71e40a80f0f3945fef279b7d7e060e3f2c3cf755b26a37f600021015ff3096c726ea948c2a25d1dbd7e5f7a6865109a83e99ec6e57bb1eea68c40131e1237e33766212f5fab50541a7028d734aaf1b6da21ef19b513a83d0f66f2db05960d404f918d23095e731b7f95bf79b04c91e419891fd04338508b1d44d47c954855550b1db8ab5e4c6d433d3e0113a9a5945d8f1bfb76", 0xec2}], 0x3}}, {{0x0, 0x0, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000880)="90b9f79fecb3ad0dc00ca95fb148a3ba4355cee5ce27d2c10d8474464a37dea0c1ab2a961404f5aa5493cdadb4b6bf4131e96c0aef0f89065db2aa551c68ce3fa911638fd608ff9e30cce409b6e516e59c272cdbbb88c83dc61199d70f8f7e05d9639d278d53151a6720a51979ffd78dcc1a000929160435bd61e3f36c78b9bd5baef79be54e537dfc26029f52cfd5b4dd3416fc140f", 0x96}, {&(0x7f0000000a40)}], 0x3}}], 0x2, 0x11)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x4f5b9e40, 0x8, 0x96282c4, 0x2040, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x45, 0x4, 0x2, 0x4}, 0x50)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x2, 0x12, @loopback, @mcast2, 0x10, 0x10, 0x6, 0x101}})
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1m45.034427918s ago: executing program 0 (id=2040):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, 0xffffffffffffffff, 0x0, 0x9}, 0x18)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x144}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0xfffffffffffffff5, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x5}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xfffffffffffffea4, 0x2, [@TCA_FQ_PLIMIT={0x0, 0x1, 0xffffffff}, @TCA_FQ_FLOW_DEFAULT_RATE={0x0, 0x6, 0x40004}, @TCA_FQ_TIMER_SLACK={0x0, 0xd, 0x2b3}]}}]}, 0x5f}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0}, 0x30)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
sendmmsg(r0, &(0x7f0000000ec0)=[{{&(0x7f00000002c0)=@l2tp={0x2, 0x0, @private=0xa010100, 0x4}, 0x80, &(0x7f0000000340)=[{&(0x7f00000006c0)="cc5c84001214dbd9e5943aa8a315357330c56529d6b619a78687eea13ea02981afbb0fab70e8c3ab037cd82bd48f4947702a177974e7eff5f2ccdec909645f69e3dea5153157374459f6a21ba8609552d9ada54e81b0f19b55b77cf382ad229baa9decce1ea639a300f1fa65b945a0e29d36cb8ed369e91698c0e9", 0x7b}, {&(0x7f00000007c0)}, {&(0x7f0000001400)="9af390e2aadb61017e08249a2485ad46a590a90910858e1ceefc66db2ed8f32bf6be0e2f94e7e4db6454393a128402ed26580c7c5ebc85db639da17c927c23dbde640ab030889e8b61f26d270bc73b21c9ac8ba542e6b4ad2cd147059128ba038e4b9ebb20537f437b23b46ec790720e1fb74cef3c677e9978662a84cf2fcf73c73a5e763358496737af6284226bad34fb9083f87d853ab78c816cf32c90bd5c40ff6446214552d29745d34e0c4bfa623d00e5cbb393972371503122a0f44135db5654ace67cddb85a12df91fcf994fc680afe5d34268b23447589ef3f5383d152bf6dd104984297180f896ec8b1ba50952c5ab76e144f5636692d7cf17922c9b447ed6d59553ec6085e07413034875c1ae0947280e1a6f0d5e7f23b32e56ead8590d3269fdcb624cc870968b2f100bf3bc3d2ab105a5f61456d4969181fbd207b6f4d6d9ca0a1920daabec06d0c5e276d18f2571e88373dd41af9080d72aa88b10f8900b48acb61a61007dd4dd0e9240af5382a26f68bd706a83d8df76a4a5d02b39d07f97c4f86dad9e14eb957cc4be52b027a462262589929e3d035188dd9f0561e3ba2de6bafe743d9ae397e9aa423644fba8b2d6425ac1cd78c76e52e04d3a29e74075625fb5e674bab02843991ce804e0d04961f2978f3749c5ad83f355ae5da936fd6e0178d2bd12aacbe0205aa9a15579fd61d738f8d36412e814ba500edaf28ea68b0e96fb1839acf8416d8f5df7fad3b663f68e2ee5784fd01c7021130a490e629b1348acf3479e0392ecabbeeb18ec421c26e76f6f5c480e7decc85a0583a56180f199d26090b10ee5057ec4c1e04be948a5960acda014d646cf91bfdfb9d327f8ab545f8b41e8dbab94f195b189a8642a6b95e0ceb36b640fbdfe21925cc110bd2ef2c3fe24f12f95771b60e2ffbc47e58b2237b5574cadc32aab0f0db3202e4adc44a0651ef97703957857cfb6022578c97802f486bd7f48129f0c120700d0b70e048618a9f1de9f34dbb1f92dadc86f09e6288eb1bdbd1f700cc2df781654dfd57d9da779607080d3bc6dede5818aa8d6c99fa1ffdbb6a1a43040fe1379cf2a8b4b862db428c29e388a6e6b863bc818c2139a0d4238f10baf22f498b6629181f997ac280547e92fe300d0f8dd8b6724df5aa14be73cd630b808a29bfb52707b8db7d0065bd753b3773f8df58c74ea56f4582caa2fa8532b8049fd9ba775afc5b92b767ed0b35d4c086d9af6f7b7ed96f5f9d3734e703fc683fe0ed82b7763c67734067759e27b60036a3b4c53526716c175d75a9fa6ed019d3e1047bcb9c6510665de23cc2802804a0c3a347faba392282df430e5e6141f9eb660f7cb0eaedb832a7880c953bc0188c1f28eb466799e2768886ef81096847f50159278b572b0cca7744d6a572a81ddd2bcea73da3c8a59680bcaaadaf95e1fe91e41a8036835975b072a9587c560e3da854c96c64011755d08fef5228bb2db62a445bc0b9e17dea88854cd6a7c8a288727d5690fc4941978dee5eda2dbdc85915e7a2fdae978adb217b3f6b31cf69b51b9f805f8b447a4868b442933fc0e03860a7084230ff8fdff70665717f9c0bade31f87f5de99643e800feceb0dfdd6d1b67d4056a52f0efa2ed2b1142132c6242d917b46d939aade6a362bf586058385d7fcef1b4e358a093d6781b9e9bf280520ff083a6026bf701237e38927ed21209dbf407a7944ef687b93619b181b9112477fa902f391a7163f93bec2d6369ffba644f4fd5139890fb66bd6017a61d9fd043154eb0ab0de3046cdb8a182a553cece0701a922518cf09cd1ab421ee8ec677a8d453cd8c21bdaa5f8dd804dfe80fffec8c4d778d5e260b65a2f0d3c1b09e9d6bd1f3746aa7fe07374a028a89fc96eb66affbcddfaa01a72058566e33af88e37f43fbba73c0423d54079fad54c136ec5fcd61d5134f833ab44f6cfbc2348871f190ac4c4bc20c97fcb29f4823a8e3bf76f85b10dfd33df0001646a7e0b2ee3e14455f6c8f225b80eed457e772cb2504ded46a24e911428decff4a130be797b6530c33ec1be7b0dd4df6206eca1c4c8dfda776336bcb876d80043195de773fbcf0d3abe53e9a38da0af7a6598815a71ffc937203f5a04e87eb532e579d66d42b06b791b6ebd50e7855f6645d29434bb0280fdf1511b163b12838f39ca864516711501bbe345d46b34ab2f0d8317d45376f73e302a90f5c362b18e1840668a9f27e90f2b715b4b6ae7a6dc387583110a42fd4977635275f7244a1912d0c67cf53d5da8a384839020d71db234fcc4388a735275763f01b2b4967e99f551e489bcc28f693a1e688ac8c39a971f8ae9d973cc7adac4a642a7a84ecca2d0bd24c300b94dff82fa4f95c1ce5fdb9128466443cb8442048e53cd46334d59774de0e2ceefcd4cd2e6c9da7cdc2162346111f7da236d72f33d509d73133951e1a3f84fa7e767cf56fc9bfb3986c5ec501634b92a780f63e0ee61e3d25f51c39b975ea587027a101059e9386f1eaaaab8ebfd5c453e9f86c851f9c78e4e06184f04fa9a54ba0bba5d18108c2973f50cb626eca6e3d5b2907b00d2ad4fff9546482815291bd220fa31c1d1a735562174644fe06131e31ce66064fa6a02d5bda756994f81163b97e854274183bbc4ddeb9bb823944afc3e07caf510732df2835fd11de82cb318b88f4d385adb57ac73ffe7f3d1e387848766e11000c94123f2a7d33a93d3b030ebb1206f26221a1ceef44a708693796ab80add7d9b6907c653c6becc21d49c380b3fea419276a387ad482fc3614fa7cac6ea9d07dffc85c1d3f01f57aa9816f32e3237b05d191c3f3d2ed31c313346176d18dc53307afc3aea306a5b44189b6fce062cd21319f1c0a5cf3bc84aaff275491d5fa26d12173e134bdb776478c27502dd4786cc079b6eb00d05f1c8c27a2e326ef11ad1866529b60e6a9e9ae776f01071e364a4604dfe79fbdfc9828628e50940398cc6b925ea8806ee3bbd22129c5d37551eb5e1ef613b027aebce0a83963888396f3e7c953e5416b522fd3a0660fefaea0fc97ca7d82191e2e8f23ca2aa56e8b9de2e1d3e093b8c3f4d7e700b7193b3d83c5b6bb1e7ff2a1c574c9d15ad79631573e41d46653601c510ec7cd0d6125c8e600ebb41247988c28305ac47eead817fecf4460c2221a399134d1d11363401090691a7bf1f58f27a09311d6591cef3d879570667e9e10eebf7df32ec9417f0132be9f1485b167b58b0bf88e31fb2d3957fa05a4d3f191c1d1caa189fc0c11c04287ceaee39a147aced6e3e9c2fe8f51a9823401ad4bf92b0fd4070aae1fe886b8c160a0d2a1507259e58c5608654f05f444877bf9ec215933d6f0a89a3f6199a23c535d8cf9541f2eb970261b12325884fe64330f67a8b07748522c58e5096a04afc67f08b4b0b3da2c9e010b8f079fabdbd187b3d1f69b9f8110e0ec3a488aa8b8563745f7e9fdc1faeaf542858f417d3a75d416e8f55c46cd962d9ac96ce8b56f7a0e22350d2b9e8a537780edddd519fd43baec4834aa6abb0b8c4007dfbb9dac74bf3802108966bf7d5a2999d16110ad0d2cab1c72c2d0ddce14e5043ee62fe9b722355dd2b7e728a589da59ef46dae95f1b89c22d5487a855bc1ee5f9d1427f643e2fa8748e07e6b51e365ab5e23e32401acc229c09f56868532ca611fa678b13f7f580392aee230878817f9dadc9b071245f75b7f626ab6f3342e8d80c3735e3a37646dfddeddec617fd3c155bb0735dd74eb1b71b957645978638f6bab555681b1e0047f7ccf370051f8fd42b171d16291a79ab5aad78940d12129d4de9f1d0a17f539fe333c7e3af31703dd147044ab4efd666cda9942c14cb25fae13cdb497bf7d71094192765df81234cf3dc9d38cdf373a06f5b723ab987708c8ed1b1b7c14cf55663298e752621be837d9e8f806552e0d605515dc0346354c76536d7681bac9dce48479abf18fc8b45862471ce1d75957a23c6bee5b2eb0022d557b6ad6153124e4594d26cc4a6e70de89086e0365039d215c2d9c7d881766b564b58be42104b4a4cad074eb1600be3a98fd7e19296066ee8a8d141d1b9f070c06c58c4f6e5c73b43022f39a13e701220064ceac7951818b1a88f68b2241efc57d37f224161533c75e279500896058aa03ce9571567172b57dbd40e1e14f8068cec77cde8da6aebf54039de9c7251289192616dca9d90bcc3ca24708dde9309d00d9a61c7be33f5858729ca3726fd8e8fdf911e58d3908797ec7b53cec49a8d51a3a30c3172b4277a8be98346488f10385ab3396ba34390f5f44a6f51606a392c25f4b6c65d3cee98004c5312b9f2a6349facbb7f0491fa0505ddc859e25963fae59e8ff05282c108be2a267690c8d53cd2ab7189b997cca8f0905ebcdc86a29b851546284870b348d54023e16262e78c034885696e931e1b2a7b2c23c59ef21393370a16f068ce46115e6b1c3ba9375bb9cb644ec9032bb2eb57eb4897284164af7a8b0a7019a610985dad9f1ce9f12a9a2399ee63fd6d21ee4adc8cbeb7ffe22b50e14c959042197ae45c8f8db2a5d03d6d9c2d5e826112a0bf6d21854a6d5fc77604e4117d7e9a92804c7db9f3eeca536b61a079654f8afbccc140602db833e537ac3c591b98549b5c70734e98b5a47eb9cc16ab2e0ed4f32ff69558e5dcfa2a3b54b8cf3326d4cdd7e9a0c19e4b703070a996acb40a882c2c512e38b4e3d31fe918a3562526132c7bbd497d3f5d40881e6c7363f2e21c8ae8d3ade72d57b6fe9a6cce7f100ae63775c6706b5004312b057aa9191e7614a69584974629c81e536b6422072cdb55b5d98418bf0b15268551548fbc6a9c84f4f701461c5e8e9f12573cc7611758c085582c823f9500d1fb8fa0eb44423f78fa60262f1578304c834865ba39ae3a1a393cfc3c9892518fca1ce37752f488faeabcb616700e831239025481f489c56331ea60ab91a77a73aca23da9fc2a2f171a0b42708ca64bc23985acd303b5eb32045bd55755facde52d4c5d134374736438996a956b5515a21c3c92968187235f0ec1cc68f671776f6b9805f2597bf6f0f93e55c843db7e590a923867da924981b1f653882bb744b3642e31fc43edbd028e804a71e40a80f0f3945fef279b7d7e060e3f2c3cf755b26a37f600021015ff3096c726ea948c2a25d1dbd7e5f7a6865109a83e99ec6e57bb1eea68c40131e1237e33766212f5fab50541a7028d734aaf1b6da21ef19b513a83d0f66f2db05960d404f918d23095e731b7f95bf79b04c91e419891fd04338508b1d44d47c954855550b1db8ab5e4c6d433d3e0113a9a5945d8f1bfb76", 0xec2}], 0x3}}, {{0x0, 0x0, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000880)="90b9f79fecb3ad0dc00ca95fb148a3ba4355cee5ce27d2c10d8474464a37dea0c1ab2a961404f5aa5493cdadb4b6bf4131e96c0aef0f89065db2aa551c68ce3fa911638fd608ff9e30cce409b6e516e59c272cdbbb88c83dc61199d70f8f7e05d9639d278d53151a6720a51979ffd78dcc1a000929160435bd61e3f36c78b9bd5baef79be54e53", 0x87}, {&(0x7f0000000a40)}], 0x3}}], 0x2, 0x11)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x4f5b9e40, 0x8, 0x96282c4, 0x2040, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x45, 0x4, 0x2, 0x4}, 0x50)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x2, 0x12, @loopback, @mcast2, 0x10, 0x10, 0x6, 0x101}})
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f", 0xcd}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1m43.920342956s ago: executing program 0 (id=2041):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x89901)
mount_setattr(r1, 0x0, 0x8000, &(0x7f0000001dc0)={0x81, 0x0, 0x80000}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x7, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000ffffffff000000000786dc0018110000", @ANYRES32=r1, @ANYRES32, @ANYBLOB], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ff}, 0x94)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = syz_open_dev$video(&(0x7f0000000080), 0x7, 0x0)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r3, 0xc034564b, &(0x7f0000000100)={0xc08, 0x44495658, 0x284, 0x1e0, 0x0, @discrete={0x8000002, 0xfffffffc}})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
io_submit(0x0, 0x1, &(0x7f00000015c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x3, 0x7, 0xffffffffffffffff, &(0x7f0000000340)="da376fa652b7680d5467644051a37bcb6ff85d466c43f80c8dc172f5ce2b4f5efc39797d17e7ea4543723f4c43b4ef46cf", 0x31, 0xa3b, 0x0, 0x1}])
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000140)=@x86={0x4e, 0x80, 0x9, 0x0, 0x80, 0x8, 0x53, 0x8, 0x3, 0x5, 0x4, 0xe2, 0x0, 0xc, 0x9, 0x49, 0x4, 0x10, 0xd, '\x00', 0x6, 0x7})
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r5, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000804}, 0x44810)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r5, 0x80286722, &(0x7f0000000380)={&(0x7f0000000300)=""/45, 0x2d, 0x9, 0xe2})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="180100001c0000000008051700000000850000bb2e0f2e829ad90029deda2ada16bd5bec5a80d2e696d254d9018e5c172e57b5844ea7da972225072abc31b964abd3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
r7 = userfaultfd(0x1)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f0000000040))
ioctl$UFFDIO_WRITEPROTECT(r7, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2})
ioctl$UFFDIO_WRITEPROTECT(r7, 0xc018aa06, &(0x7f0000000080)={{&(0x7f0000a4d000/0x1000)=nil, 0x20a4d000}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000003c0)='sys_enter\x00', r6}, 0x18)
nanosleep(&(0x7f00000001c0)={0x0, 0x3938700}, &(0x7f0000001280))
futex_waitv(&(0x7f0000001b00)=[{0x3, &(0x7f0000000940)=0x200000006, 0x6}], 0x1, 0x0, 0x0, 0x1)
sched_setaffinity(0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='mounts\x00')
epoll_create1(0x80000)
syz_open_dev$cec(&(0x7f0000000180), 0x0, 0x401)

1m42.872037171s ago: executing program 32 (id=2011):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000580)='contention_begin\x00', r3, 0x0, 0x9}, 0x18)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, 0x0, 0x0)
sendmsg$DEVLINK_CMD_RATE_SET(0xffffffffffffffff, 0x0, 0x4000801)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000180)="64670feea1096f00003e660f38054c880f323e26640fb9a9c94f660fc7b27f1a360f09366764f4660fdd40e69a3a00e300baa000b0e5ee", 0x37}], 0x1, 0x6, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$KVM_GET_CPUID2(r4, 0xc008ae91, &(0x7f00000000c0))
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20000000)
openat$adsp1(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000000)={0xffffffffffffffff, 0x3, 0x20}, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000010f80)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x5c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x34, 0x3, 0x0, 0x1, [{0x30, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x24, 0xb, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @counter={{0xc}, @void}}, {0x10, 0x1, 0x0, 0x1, @counter={{0xc}, @void}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xe0}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

1m42.794239654s ago: executing program 4 (id=2045):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000040)={'vxcan0\x00'})
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000080)={'vxcan1\x00'})
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r3=>0x0})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r4, 0x89f3, &(0x7f0000000080)={'ip_vti0\x00', &(0x7f0000000100)={'syztnl1\x00', 0x0, 0x0, 0x7800, 0x4000000, 0x2, {{0x5, 0x4, 0x0, 0x16, 0x14, 0x0, 0x0, 0x6, 0x4, 0x0, @empty, @empty}}}})
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_opts(r5, 0x0, 0xc, &(0x7f0000000400)="001ca73e", 0x4)
setsockopt$inet_opts(r5, 0x0, 0xd, &(0x7f0000000000)='S', 0x1)
getsockopt$inet_opts(r5, 0x0, 0x9, &(0x7f0000000100)=""/19, &(0x7f0000000080)=0x13)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000080)={'vxcan0\x00', <r6=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="240000001800010000000000000200001d01080008000a00", @ANYRES32=r3, @ANYBLOB='\b\x00\t\x00', @ANYRES32=r6, @ANYBLOB="d9ce601e44257cf11253da0cadcc9ec03cc1789c4a22445b7ef453e3bb8bfad568b9c42b68ac833ae702bccfdcaf57c28f397a0d6c9150abb08dea20e7be30268cd1dd71b5d34c4d5e94560f234e1a9ce632a8d7cb71c947af06c05b29b4362dca813c3198a159c6580b9fd6c0deee8ce35d069198a4b38816df54b2df14a0dc347b60ed88cb761651357c751a769cc6fc7fc669a8e1449df58ae8ccfdd49029e19d1344450382c734d56e8dc92f4021ce7744c7be1c9a72e594e5639b1a211716b30bc7f213b5dc3130229137a691a9bee632972a0280a7c7e95c763762b0"], 0x24}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3400000019"], 0x34}}, 0x0)
r7 = socket$kcm(0x21, 0x2, 0xa)
sendmsg$kcm(r7, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800"], 0x18}, 0xfc00)

1m41.73883288s ago: executing program 4 (id=2047):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x3, [@struct={0x0, 0x2, 0x0, 0x13, 0x0, 0x2, [{0x1}, {0xfffffffd}]}]}, {0x0, [0x2e]}}, 0x0, 0x3f}, 0x20)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000340)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="090526bd7000fddbdf255200000008000300", @ANYRES32=r2, @ANYBLOB="0500da0000000100050088000500000004002a00060048"], 0x50}, 0x1, 0x0, 0x0, 0x8080}, 0x4044000)

1m40.191224194s ago: executing program 4 (id=2050):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, 0xffffffffffffffff, 0x0, 0x9}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x5}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x14, 0x2, [@TCA_FQ_FLOW_DEFAULT_RATE={0x8, 0x6, 0x40004}, @TCA_FQ_TIMER_SLACK={0x8, 0xd, 0x2b3}]}}]}, 0x40}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
sendmmsg(r0, &(0x7f0000000ec0)=[{{&(0x7f00000002c0)=@l2tp={0x2, 0x0, @private=0xa010100, 0x4}, 0x80, &(0x7f0000000340)=[{&(0x7f00000006c0)="cc5c84001214dbd9e5943aa8a315357330c56529d6b619a78687eea13ea02981afbb0fab70e8c3ab037cd82bd48f4947702a177974e7eff5f2ccdec909645f69e3dea5153157374459f6a21ba8609552d9ada54e81b0f19b55b77cf382ad229baa9decce1ea639a300f1fa65b945a0e29d36cb8ed369e91698c0e9", 0x7b}, {&(0x7f00000007c0)="a960e57530b65741465209e7c6235055450b1ed3da8592b928d8e20971659d8e3ca392643af5fa7ae0e3455099a5f7b857afa34cbf9962bdc9db46a15e7dcf9412a2b98b6ae75ca1bd7eae82d94855e9ced28430f77527b7c0b999eab05883ce32fa9b99187b196d53939db62b2b37c0cd0dea2a1be6f97dbcd0937bb416c3fb74a9d08d9afa4c86a507485b0e6821ba9d82e6b8522a6eba1734eccbc5659567aa08b5b93be09bc2a6d6319acbd1aeb751f8e9b7ce9e2f", 0xb7}, {&(0x7f0000001400)="9af390e2aadb61017e08249a2485ad46a590a90910858e1ceefc66db2ed8f32bf6be0e2f94e7e4db6454393a128402ed26580c7c5ebc85db639da17c927c23dbde640ab030889e8b61f26d270bc73b21c9ac8ba542e6b4ad2cd147059128ba038e4b9ebb20537f437b23b46ec790720e1fb74cef3c677e9978662a84cf2fcf73c73a5e763358496737af6284226bad34fb9083f87d853ab78c816cf32c90bd5c40ff6446214552d29745d34e0c4bfa623d00e5cbb393972371503122a0f44135db5654ace67cddb85a12df91fcf994fc680afe5d34268b23447589ef3f5383d152bf6dd104984297180f896ec8b1ba50952c5ab76e144f5636692d7cf17922c9b447ed6d59553ec6085e07413034875c1ae0947280e1a6f0d5e7f23b32e56ead8590d3269fdcb624cc870968b2f100bf3bc3d2ab105a5f61456d4969181fbd207b6f4d6d9ca0a1920daabec06d0c5e276d18f2571e88373dd41af9080d72aa88b10f8900b48acb61a61007dd4dd0e9240af5382a26f68bd706a83d8df76a4a5d02b39d07f97c4f86dad9e14eb957cc4be52b027a462262589929e3d035188dd9f0561e3ba2de6bafe743d9ae397e9aa423644fba8b2d6425ac1cd78c76e52e04d3a29e74075625fb5e674bab02843991ce804e0d04961f2978f3749c5ad83f355ae5da936fd6e0178d2bd12aacbe0205aa9a15579fd61d738f8d36412e814ba500edaf28ea68b0e96fb1839acf8416d8f5df7fad3b663f68e2ee5784fd01c7021130a490e629b1348acf3479e0392ecabbeeb18ec421c26e76f6f5c480e7decc85a0583a56180f199d26090b10ee5057ec4c1e04be948a5960acda014d646cf91bfdfb9d327f8ab545f8b41e8dbab94f195b189a8642a6b95e0ceb36b640fbdfe21925cc110bd2ef2c3fe24f12f95771b60e2ffbc47e58b2237b5574cadc32aab0f0db3202e4adc44a0651ef97703957857cfb6022578c97802f486bd7f48129f0c120700d0b70e048618a9f1de9f34dbb1f92dadc86f09e6288eb1bdbd1f700cc2df781654dfd57d9da779607080d3bc6dede5818aa8d6c99fa1ffdbb6a1a43040fe1379cf2a8b4b862db428c29e388a6e6b863bc818c2139a0d4238f10baf22f498b6629181f997ac280547e92fe300d0f8dd8b6724df5aa14be73cd630b808a29bfb52707b8db7d0065bd753b3773f8df58c74ea56f4582caa2fa8532b8049fd9ba775afc5b92b767ed0b35d4c086d9af6f7b7ed96f5f9d3734e703fc683fe0ed82b7763c67734067759e27b60036a3b4c53526716c175d75a9fa6ed019d3e1047bcb9c6510665de23cc2802804a0c3a347faba392282df430e5e6141f9eb660f7cb0eaedb832a7880c953bc0188c1f28eb466799e2768886ef81096847f50159278b572b0cca7744d6a572a81ddd2bcea73da3c8a59680bcaaadaf95e1fe91e41a8036835975b072a9587c560e3da854c96c64011755d08fef5228bb2db62a445bc0b9e17dea88854cd6a7c8a288727d5690fc4941978dee5eda2dbdc85915e7a2fdae978adb217b3f6b31cf69b51b9f805f8b447a4868b442933fc0e03860a7084230ff8fdff70665717f9c0bade31f87f5de99643e800feceb0dfdd6d1b67d4056a52f0efa2ed2b1142132c6242d917b46d939aade6a362bf586058385d7fcef1b4e358a093d6781b9e9bf280520ff083a6026bf701237e38927ed21209dbf407a7944ef687b93619b181b9112477fa902f391a7163f93bec2d6369ffba644f4fd5139890fb66bd6017a61d9fd043154eb0ab0de3046cdb8a182a553cece0701a922518cf09cd1ab421ee8ec677a8d453cd8c21bdaa5f8dd804dfe80fffec8c4d778d5e260b65a2f0d3c1b09e9d6bd1f3746aa7fe07374a028a89fc96eb66affbcddfaa01a72058566e33af88e37f43fbba73c0423d54079fad54c136ec5fcd61d5134f833ab44f6cfbc2348871f190ac4c4bc20c97fcb29f4823a8e3bf76f85b10dfd33df0001646a7e0b2ee3e14455f6c8f225b80eed457e772cb2504ded46a24e911428decff4a130be797b6530c33ec1be7b0dd4df6206eca1c4c8dfda776336bcb876d80043195de773fbcf0d3abe53e9a38da0af7a6598815a71ffc937203f5a04e87eb532e579d66d42b06b791b6ebd50e7855f6645d29434bb0280fdf1511b163b12838f39ca864516711501bbe345d46b34ab2f0d8317d45376f73e302a90f5c362b18e1840668a9f27e90f2b715b4b6ae7a6dc387583110a42fd4977635275f7244a1912d0c67cf53d5da8a384839020d71db234fcc4388a735275763f01b2b4967e99f551e489bcc28f693a1e688ac8c39a971f8ae9d973cc7adac4a642a7a84ecca2d0bd24c300b94dff82fa4f95c1ce5fdb9128466443cb8442048e53cd46334d59774de0e2ceefcd4cd2e6c9da7cdc2162346111f7da236d72f33d509d73133951e1a3f84fa7e767cf56fc9bfb3986c5ec501634b92a780f63e0ee61e3d25f51c39b975ea587027a101059e9386f1eaaaab8ebfd5c453e9f86c851f9c78e4e06184f04fa9a54ba0bba5d18108c2973f50cb626eca6e3d5b2907b00d2ad4fff9546482815291bd220fa31c1d1a735562174644fe06131e31ce66064fa6a02d5bda756994f81163b97e854274183bbc4ddeb9bb823944afc3e07caf510732df2835fd11de82cb318b88f4d385adb57ac73ffe7f3d1e387848766e11000c94123f2a7d33a93d3b030ebb1206f26221a1ceef44a708693796ab80add7d9b6907c653c6becc21d49c380b3fea419276a387ad482fc3614fa7cac6ea9d07dffc85c1d3f01f57aa9816f32e3237b05d191c3f3d2ed31c313346176d18dc53307afc3aea306a5b44189b6fce062cd21319f1c0a5cf3bc84aaff275491d5fa26d12173e134bdb776478c27502dd4786cc079b6eb00d05f1c8c27a2e326ef11ad1866529b60e6a9e9ae776f01071e364a4604dfe79fbdfc9828628e50940398cc6b925ea8806ee3bbd22129c5d37551eb5e1ef613b027aebce0a83963888396f3e7c953e5416b522fd3a0660fefaea0fc97ca7d82191e2e8f23ca2aa56e8b9de2e1d3e093b8c3f4d7e700b7193b3d83c5b6bb1e7ff2a1c574c9d15ad79631573e41d46653601c510ec7cd0d6125c8e600ebb41247988c28305ac47eead817fecf4460c2221a399134d1d11363401090691a7bf1f58f27a09311d6591cef3d879570667e9e10eebf7df32ec9417f0132be9f1485b167b58b0bf88e31fb2d3957fa05a4d3f191c1d1caa189fc0c11c04287ceaee39a147aced6e3e9c2fe8f51a9823401ad4bf92b0fd4070aae1fe886b8c160a0d2a1507259e58c5608654f05f444877bf9ec215933d6f0a89a3f6199a23c535d8cf9541f2eb970261b12325884fe64330f67a8b07748522c58e5096a04afc67f08b4b0b3da2c9e010b8f079fabdbd187b3d1f69b9f8110e0ec3a488aa8b8563745f7e9fdc1faeaf542858f417d3a75d416e8f55c46cd962d9ac96ce8b56f7a0e22350d2b9e8a537780edddd519fd43baec4834aa6abb0b8c4007dfbb9dac74bf3802108966bf7d5a2999d16110ad0d2cab1c72c2d0ddce14e5043ee62fe9b722355dd2b7e728a589da59ef46dae95f1b89c22d5487a855bc1ee5f9d1427f643e2fa8748e07e6b51e365ab5e23e32401acc229c09f56868532ca611fa678b13f7f580392aee230878817f9dadc9b071245f75b7f626ab6f3342e8d80c3735e3a37646dfddeddec617fd3c155bb0735dd74eb1b71b957645978638f6bab555681b1e0047f7ccf370051f8fd42b171d16291a79ab5aad78940d12129d4de9f1d0a17f539fe333c7e3af31703dd147044ab4efd666cda9942c14cb25fae13cdb497bf7d71094192765df81234cf3dc9d38cdf373a06f5b723ab987708c8ed1b1b7c14cf55663298e752621be837d9e8f806552e0d605515dc0346354c76536d7681bac9dce48479abf18fc8b45862471ce1d75957a23c6bee5b2eb0022d557b6ad6153124e4594d26cc4a6e70de89086e0365039d215c2d9c7d881766b564b58be42104b4a4cad074eb1600be3a98fd7e19296066ee8a8d141d1b9f070c06c58c4f6e5c73b43022f39a13e701220064ceac7951818b1a88f68b2241efc57d37f224161533c75e279500896058aa03ce9571567172b57dbd40e1e14f8068cec77cde8da6aebf54039de9c7251289192616dca9d90bcc3ca24708dde9309d00d9a61c7be33f5858729ca3726fd8e8fdf911e58d3908797ec7b53cec49a8d51a3a30c3172b4277a8be98346488f10385ab3396ba34390f5f44a6f51606a392c25f4b6c65d3cee98004c5312b9f2a6349facbb7f0491fa0505ddc859e25963fae59e8ff05282c108be2a267690c8d53cd2ab7189b997cca8f0905ebcdc86a29b851546284870b348d54023e16262e78c034885696e931e1b2a7b2c23c59ef21393370a16f068ce46115e6b1c3ba9375bb9cb644ec9032bb2eb57eb4897284164af7a8b0a7019a610985dad9f1ce9f12a9a2399ee63fd6d21ee4adc8cbeb7ffe22b50e14c959042197ae45c8f8db2a5d03d6d9c2d5e826112a0bf6d21854a6d5fc77604e4117d7e9a92804c7db9f3eeca536b61a079654f8afbccc140602db833e537ac3c591b98549b5c70734e98b5a47eb9cc16ab2e0ed4f32ff69558e5dcfa2a3b54b8cf3326d4cdd7e9a0c19e4b703070a996acb40a882c2c512e38b4e3d31fe918a3562526132c7bbd497d3f5d40881e6c7363f2e21c8ae8d3ade72d57b6fe9a6cce7f100ae63775c6706b5004312b057aa9191e7614a69584974629c81e536b6422072cdb55b5d98418bf0b15268551548fbc6a9c84f4f701461c5e8e9f12573cc7611758c085582c823f9500d1fb8fa0eb44423f78fa60262f1578304c834865ba39ae3a1a393cfc3c9892518fca1ce37752f488faeabcb616700e831239025481f489c56331ea60ab91a77a73aca23da9fc2a2f171a0b42708ca64bc23985acd303b5eb32045bd55755facde52d4c5d134374736438996a956b5515a21c3c92968187235f0ec1cc68f671776f6b9805f2597bf6f0f93e55c843db7e590a923867da924981b1f653882bb744b3642e31fc43edbd028e804a71e40a80f0f3945fef279b7d7e060e3f2c3cf755b26a37f600021015ff3096c726ea948c2a25d1dbd7e5f7a6865109a83e99ec6e57bb1eea68c40131e1237e33766212f5fab50541a7028d734aaf1b6da21ef19b513a83d0f66f2db05960d404f918d23095e731b7f95bf79b04c91e419891fd04338508b1d44d47c954855550b1db8ab5e4c6d433d3e0113a9a5945d8f1bfb76", 0xec2}], 0x3}}, {{0x0, 0x0, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000880)="90b9f79fecb3ad0dc00ca95fb148a3ba4355cee5ce27d2c10d8474464a37dea0c1ab2a961404f5aa5493cdadb4b6bf4131e96c0aef0f89065db2aa551c68ce3fa911638fd608ff9e30cce409b6e516e59c272cdbbb88c83dc61199d70f8f7e05d9639d278d53151a6720a51979ffd78dcc1a000929160435bd61e3f36c78b9bd5baef79be54e537dfc26029f52cfd5b4dd3416fc140f", 0x96}, {&(0x7f0000000a40)}], 0x3}}], 0x2, 0x11)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x4f5b9e40, 0x8, 0x96282c4, 0x2040, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x45, 0x4, 0x2, 0x4}, 0x50)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x2, 0x12, @loopback, @mcast2, 0x10, 0x10, 0x6, 0x101}})
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1m38.160290804s ago: executing program 4 (id=2052):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, 0xffffffffffffffff, 0x0, 0x9}, 0x18)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0xfffffffffffffff5, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x5}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xfffffffffffffea4, 0x2, [@TCA_FQ_PLIMIT={0x0, 0x1, 0xffffffff}, @TCA_FQ_FLOW_DEFAULT_RATE={0x0, 0x6, 0x40004}, @TCA_FQ_TIMER_SLACK={0x0, 0xd, 0x2b3}]}}]}, 0x5f}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
sendmmsg(r0, &(0x7f0000000ec0)=[{{&(0x7f00000002c0)=@l2tp={0x2, 0x0, @private=0xa010100, 0x4}, 0x80, &(0x7f0000000340)=[{&(0x7f00000006c0)="cc5c84001214dbd9e5943aa8a315357330c56529d6b619a78687eea13ea02981afbb0fab70e8c3ab037cd82bd48f4947702a177974e7eff5f2ccdec909645f69e3dea5153157374459f6a21ba8609552d9ada54e81b0f19b55b77cf382ad229baa9decce1ea639a300f1fa65b945a0e29d36cb8ed369e91698c0e9", 0x7b}, {&(0x7f00000007c0)="a960e57530b65741465209e7c6235055450b1ed3da8592b928d8e20971659d8e3ca392643af5fa7ae0e3455099a5f7b857afa34cbf9962bdc9db46a15e7dcf9412a2b98b6ae75ca1bd7eae82d94855e9ced28430f77527b7c0b999eab05883ce32fa9b99187b196d53939db62b2b37c0cd0dea2a1be6f97dbcd0937bb416c3fb74a9d08d9afa4c86a507485b0e6821ba9d82e6b8522a6eba1734eccbc5659567aa08b5b93be09bc2a6d6319acbd1aeb751f8e9b7ce9e2f", 0xb7}, {&(0x7f0000001400)="9af390e2aadb61017e08249a2485ad46a590a90910858e1ceefc66db2ed8f32bf6be0e2f94e7e4db6454393a128402ed26580c7c5ebc85db639da17c927c23dbde640ab030889e8b61f26d270bc73b21c9ac8ba542e6b4ad2cd147059128ba038e4b9ebb20537f437b23b46ec790720e1fb74cef3c677e9978662a84cf2fcf73c73a5e763358496737af6284226bad34fb9083f87d853ab78c816cf32c90bd5c40ff6446214552d29745d34e0c4bfa623d00e5cbb393972371503122a0f44135db5654ace67cddb85a12df91fcf994fc680afe5d34268b23447589ef3f5383d152bf6dd104984297180f896ec8b1ba50952c5ab76e144f5636692d7cf17922c9b447ed6d59553ec6085e07413034875c1ae0947280e1a6f0d5e7f23b32e56ead8590d3269fdcb624cc870968b2f100bf3bc3d2ab105a5f61456d4969181fbd207b6f4d6d9ca0a1920daabec06d0c5e276d18f2571e88373dd41af9080d72aa88b10f8900b48acb61a61007dd4dd0e9240af5382a26f68bd706a83d8df76a4a5d02b39d07f97c4f86dad9e14eb957cc4be52b027a462262589929e3d035188dd9f0561e3ba2de6bafe743d9ae397e9aa423644fba8b2d6425ac1cd78c76e52e04d3a29e74075625fb5e674bab02843991ce804e0d04961f2978f3749c5ad83f355ae5da936fd6e0178d2bd12aacbe0205aa9a15579fd61d738f8d36412e814ba500edaf28ea68b0e96fb1839acf8416d8f5df7fad3b663f68e2ee5784fd01c7021130a490e629b1348acf3479e0392ecabbeeb18ec421c26e76f6f5c480e7decc85a0583a56180f199d26090b10ee5057ec4c1e04be948a5960acda014d646cf91bfdfb9d327f8ab545f8b41e8dbab94f195b189a8642a6b95e0ceb36b640fbdfe21925cc110bd2ef2c3fe24f12f95771b60e2ffbc47e58b2237b5574cadc32aab0f0db3202e4adc44a0651ef97703957857cfb6022578c97802f486bd7f48129f0c120700d0b70e048618a9f1de9f34dbb1f92dadc86f09e6288eb1bdbd1f700cc2df781654dfd57d9da779607080d3bc6dede5818aa8d6c99fa1ffdbb6a1a43040fe1379cf2a8b4b862db428c29e388a6e6b863bc818c2139a0d4238f10baf22f498b6629181f997ac280547e92fe300d0f8dd8b6724df5aa14be73cd630b808a29bfb52707b8db7d0065bd753b3773f8df58c74ea56f4582caa2fa8532b8049fd9ba775afc5b92b767ed0b35d4c086d9af6f7b7ed96f5f9d3734e703fc683fe0ed82b7763c67734067759e27b60036a3b4c53526716c175d75a9fa6ed019d3e1047bcb9c6510665de23cc2802804a0c3a347faba392282df430e5e6141f9eb660f7cb0eaedb832a7880c953bc0188c1f28eb466799e2768886ef81096847f50159278b572b0cca7744d6a572a81ddd2bcea73da3c8a59680bcaaadaf95e1fe91e41a8036835975b072a9587c560e3da854c96c64011755d08fef5228bb2db62a445bc0b9e17dea88854cd6a7c8a288727d5690fc4941978dee5eda2dbdc85915e7a2fdae978adb217b3f6b31cf69b51b9f805f8b447a4868b442933fc0e03860a7084230ff8fdff70665717f9c0bade31f87f5de99643e800feceb0dfdd6d1b67d4056a52f0efa2ed2b1142132c6242d917b46d939aade6a362bf586058385d7fcef1b4e358a093d6781b9e9bf280520ff083a6026bf701237e38927ed21209dbf407a7944ef687b93619b181b9112477fa902f391a7163f93bec2d6369ffba644f4fd5139890fb66bd6017a61d9fd043154eb0ab0de3046cdb8a182a553cece0701a922518cf09cd1ab421ee8ec677a8d453cd8c21bdaa5f8dd804dfe80fffec8c4d778d5e260b65a2f0d3c1b09e9d6bd1f3746aa7fe07374a028a89fc96eb66affbcddfaa01a72058566e33af88e37f43fbba73c0423d54079fad54c136ec5fcd61d5134f833ab44f6cfbc2348871f190ac4c4bc20c97fcb29f4823a8e3bf76f85b10dfd33df0001646a7e0b2ee3e14455f6c8f225b80eed457e772cb2504ded46a24e911428decff4a130be797b6530c33ec1be7b0dd4df6206eca1c4c8dfda776336bcb876d80043195de773fbcf0d3abe53e9a38da0af7a6598815a71ffc937203f5a04e87eb532e579d66d42b06b791b6ebd50e7855f6645d29434bb0280fdf1511b163b12838f39ca864516711501bbe345d46b34ab2f0d8317d45376f73e302a90f5c362b18e1840668a9f27e90f2b715b4b6ae7a6dc387583110a42fd4977635275f7244a1912d0c67cf53d5da8a384839020d71db234fcc4388a735275763f01b2b4967e99f551e489bcc28f693a1e688ac8c39a971f8ae9d973cc7adac4a642a7a84ecca2d0bd24c300b94dff82fa4f95c1ce5fdb9128466443cb8442048e53cd46334d59774de0e2ceefcd4cd2e6c9da7cdc2162346111f7da236d72f33d509d73133951e1a3f84fa7e767cf56fc9bfb3986c5ec501634b92a780f63e0ee61e3d25f51c39b975ea587027a101059e9386f1eaaaab8ebfd5c453e9f86c851f9c78e4e06184f04fa9a54ba0bba5d18108c2973f50cb626eca6e3d5b2907b00d2ad4fff9546482815291bd220fa31c1d1a735562174644fe06131e31ce66064fa6a02d5bda756994f81163b97e854274183bbc4ddeb9bb823944afc3e07caf510732df2835fd11de82cb318b88f4d385adb57ac73ffe7f3d1e387848766e11000c94123f2a7d33a93d3b030ebb1206f26221a1ceef44a708693796ab80add7d9b6907c653c6becc21d49c380b3fea419276a387ad482fc3614fa7cac6ea9d07dffc85c1d3f01f57aa9816f32e3237b05d191c3f3d2ed31c313346176d18dc53307afc3aea306a5b44189b6fce062cd21319f1c0a5cf3bc84aaff275491d5fa26d12173e134bdb776478c27502dd4786cc079b6eb00d05f1c8c27a2e326ef11ad1866529b60e6a9e9ae776f01071e364a4604dfe79fbdfc9828628e50940398cc6b925ea8806ee3bbd22129c5d37551eb5e1ef613b027aebce0a83963888396f3e7c953e5416b522fd3a0660fefaea0fc97ca7d82191e2e8f23ca2aa56e8b9de2e1d3e093b8c3f4d7e700b7193b3d83c5b6bb1e7ff2a1c574c9d15ad79631573e41d46653601c510ec7cd0d6125c8e600ebb41247988c28305ac47eead817fecf4460c2221a399134d1d11363401090691a7bf1f58f27a09311d6591cef3d879570667e9e10eebf7df32ec9417f0132be9f1485b167b58b0bf88e31fb2d3957fa05a4d3f191c1d1caa189fc0c11c04287ceaee39a147aced6e3e9c2fe8f51a9823401ad4bf92b0fd4070aae1fe886b8c160a0d2a1507259e58c5608654f05f444877bf9ec215933d6f0a89a3f6199a23c535d8cf9541f2eb970261b12325884fe64330f67a8b07748522c58e5096a04afc67f08b4b0b3da2c9e010b8f079fabdbd187b3d1f69b9f8110e0ec3a488aa8b8563745f7e9fdc1faeaf542858f417d3a75d416e8f55c46cd962d9ac96ce8b56f7a0e22350d2b9e8a537780edddd519fd43baec4834aa6abb0b8c4007dfbb9dac74bf3802108966bf7d5a2999d16110ad0d2cab1c72c2d0ddce14e5043ee62fe9b722355dd2b7e728a589da59ef46dae95f1b89c22d5487a855bc1ee5f9d1427f643e2fa8748e07e6b51e365ab5e23e32401acc229c09f56868532ca611fa678b13f7f580392aee230878817f9dadc9b071245f75b7f626ab6f3342e8d80c3735e3a37646dfddeddec617fd3c155bb0735dd74eb1b71b957645978638f6bab555681b1e0047f7ccf370051f8fd42b171d16291a79ab5aad78940d12129d4de9f1d0a17f539fe333c7e3af31703dd147044ab4efd666cda9942c14cb25fae13cdb497bf7d71094192765df81234cf3dc9d38cdf373a06f5b723ab987708c8ed1b1b7c14cf55663298e752621be837d9e8f806552e0d605515dc0346354c76536d7681bac9dce48479abf18fc8b45862471ce1d75957a23c6bee5b2eb0022d557b6ad6153124e4594d26cc4a6e70de89086e0365039d215c2d9c7d881766b564b58be42104b4a4cad074eb1600be3a98fd7e19296066ee8a8d141d1b9f070c06c58c4f6e5c73b43022f39a13e701220064ceac7951818b1a88f68b2241efc57d37f224161533c75e279500896058aa03ce9571567172b57dbd40e1e14f8068cec77cde8da6aebf54039de9c7251289192616dca9d90bcc3ca24708dde9309d00d9a61c7be33f5858729ca3726fd8e8fdf911e58d3908797ec7b53cec49a8d51a3a30c3172b4277a8be98346488f10385ab3396ba34390f5f44a6f51606a392c25f4b6c65d3cee98004c5312b9f2a6349facbb7f0491fa0505ddc859e25963fae59e8ff05282c108be2a267690c8d53cd2ab7189b997cca8f0905ebcdc86a29b851546284870b348d54023e16262e78c034885696e931e1b2a7b2c23c59ef21393370a16f068ce46115e6b1c3ba9375bb9cb644ec9032bb2eb57eb4897284164af7a8b0a7019a610985dad9f1ce9f12a9a2399ee63fd6d21ee4adc8cbeb7ffe22b50e14c959042197ae45c8f8db2a5d03d6d9c2d5e826112a0bf6d21854a6d5fc77604e4117d7e9a92804c7db9f3eeca536b61a079654f8afbccc140602db833e537ac3c591b98549b5c70734e98b5a47eb9cc16ab2e0ed4f32ff69558e5dcfa2a3b54b8cf3326d4cdd7e9a0c19e4b703070a996acb40a882c2c512e38b4e3d31fe918a3562526132c7bbd497d3f5d40881e6c7363f2e21c8ae8d3ade72d57b6fe9a6cce7f100ae63775c6706b5004312b057aa9191e7614a69584974629c81e536b6422072cdb55b5d98418bf0b15268551548fbc6a9c84f4f701461c5e8e9f12573cc7611758c085582c823f9500d1fb8fa0eb44423f78fa60262f1578304c834865ba39ae3a1a393cfc3c9892518fca1ce37752f488faeabcb616700e831239025481f489c56331ea60ab91a77a73aca23da9fc2a2f171a0b42708ca64bc23985a", 0xdd6}], 0x3}}, {{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000880)="90b9f79fecb3ad0dc00ca95fb148a3ba4355cee5ce27d2c10d8474464a37dea0c1ab2a961404f5aa5493cdadb4b6bf4131e96c0aef0f89065db2aa551c68ce3fa911638fd608ff9e30cce409b6e516e59c272cdbbb88c83dc61199d70f8f7e05d9639d278d53151a6720a51979ffd78dcc1a000929160435bd61e3f36c78b9bd5baef79be54e537dfc26029f52cfd5b4dd3416fc140fce45c077", 0x9a}, {&(0x7f0000000a40)}], 0x2}}], 0x2, 0x11)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x2, 0x12, @loopback, @mcast2, 0x10, 0x10, 0x6, 0x101}})
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b", 0x44}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1m37.455359119s ago: executing program 4 (id=2054):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$inet(0x2, 0x3, 0x1)
sendmsg$inet(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x2, 0x0, @initdev={0xac, 0x1e, 0x3, 0x0}}, 0x10, &(0x7f0000000340)=[{&(0x7f0000000040)="080c299a73633bdf0700000000000000d94e153f2636347b4fcf6e919fa4a8981a2ee942b00000000000", 0x2a}, {0x0}], 0x2, &(0x7f0000000780)=[@ip_tos_u8={{0x11, 0x0, 0x7}}], 0x18}, 0x0)
r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000002600), 0x1, 0x0)
lseek(r2, 0x1ff, 0x4)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000400)={'syztnl0\x00', &(0x7f0000000380)={'syztnl2\x00', <r3=>0x0, 0x2f, 0x1, 0x5, 0x8b, 0x21, @private0={0xfc, 0x0, '\x00', 0x1}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x10, 0x0, 0xf9fd, 0x4}})
sendmsg$can_j1939(r0, &(0x7f0000000800)={&(0x7f0000000440)={0x1d, r3, 0x3, {0x1, 0xff, 0x3}, 0xff}, 0x18, &(0x7f00000007c0)={&(0x7f0000000680)="7907b331e10f8912aa88ecc438146774ab376f330aa5d34c6062aec8758d03455ca7883fe38299a039fb61c97d5469d7f7da3f513c568cdbeafa32a714534d7e6e264e501fe2eafc40dac2d53d6962f1ce5ea6f449b290082f3712a4663ab4796a064e0674049e22c6fabdc9486c1aaa3711edc70853956daa99441da8d5895b3cae0882eda7d083fb5e1e42bd268e81ebf6b1edb6dfe6428b0de9c3dddfda184816cf43f35b9c1092265f31f6e7ecf3a49bb7032badd192edcc655ee97ab4aee80674bc7f35cd3b7b6e72a4c1ee56ccea94685811181379fe02c8ea37856b58b339b763ce1e2b20e9bb9ececad4faa59fe879e1997d", 0xf6}, 0x1, 0x0, 0x0, 0x4000040}, 0x8000)
r4 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2b, &(0x7f0000000c40)={0x0, {{0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, '\x00', 0x3a}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2c, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2b, &(0x7f0000000480)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x1}}, {{0xa, 0x0, 0x7, @initdev={0xfe, 0x88, '\x00', 0x3, 0x0}, 0xfffffff8}}}, 0x108)
r5 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
ioctl$sock_SIOCGIFBR(r5, 0x8940, &(0x7f00000008c0)=@get={0x1, &(0x7f0000000840)=""/109, 0xb6})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SYS_SET(r7, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000000714000271c4e16cfcdbdf250900020073797a320000000008004400", @ANYRES32, @ANYBLOB="0900020073797a300000000008000100010000000500540001000000"], 0x40}, 0x1, 0x0, 0x0, 0x4004010}, 0xc005)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
r9 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r9, 0x40045542, &(0x7f00000001c0)=0x200803)
syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x0)
r10 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000500000000000000000018110000", @ANYRES32=r10, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x22, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r11 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='mm_migrate_pages\x00', r11, 0x0, 0x9}, 0x18)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r12=>0x0})
getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f0000000a00)={{{@in=@local, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0}}, {{@in=@dev}}}, &(0x7f0000000900)=0xe8)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000b00)={{{@in=@broadcast, @in=@multicast1, 0x4e20, 0x1, 0x4e22, 0x7f, 0x0, 0x0, 0x0, 0x32, 0x0, r13}, {0x1ff, 0x8000000000000000, 0x1, 0xfffffffffffffff7, 0xa, 0x6, 0x7}, {0x1, 0x7f, 0x3, 0x8000000000000000}, 0xfffffffb, 0x0, 0x2, 0x1, 0x3, 0x3}, {{@in6=@empty, 0x4d2, 0xff}, 0xa, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x3502, 0x3, 0x0, 0xeb, 0x2, 0x8000, 0x3}}, 0xe8)
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)={0x48, r8, 0x1, 0x70bd27, 0x0, {{}, {@val={0x8, 0x3, r12}, @void}}, [@NL80211_ATTR_FRAME={0x2a, 0x33, @action={{{}, {}, @device_b, @device_a, @random="bc2d63a15b52", {0x0, 0xffa}}, @ext_ch_sw={0x4, 0x4, {{}, @val={0x76, 0x6, {0x4, 0x5, 0x29, 0x3}}}}}}]}, 0x48}}, 0x0)

1m32.98766444s ago: executing program 4 (id=2062):
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000001c0), 0x4000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1}, './file0\x00'})
r2 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0xa4, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r3, {}, {0xffff, 0xffff}, {0x2, 0xd}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x2}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1], 0x0, [0x8, 0x6, 0x3c, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x401]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}]}}]}, 0xa4}}, 0x0)
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902"], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

1m28.259911955s ago: executing program 33 (id=2041):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x89901)
mount_setattr(r1, 0x0, 0x8000, &(0x7f0000001dc0)={0x81, 0x0, 0x80000}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x7, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="18000000ffffffff000000000786dc0018110000", @ANYRES32=r1, @ANYRES32, @ANYBLOB], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7ff}, 0x94)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = syz_open_dev$video(&(0x7f0000000080), 0x7, 0x0)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r3, 0xc034564b, &(0x7f0000000100)={0xc08, 0x44495658, 0x284, 0x1e0, 0x0, @discrete={0x8000002, 0xfffffffc}})
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
io_submit(0x0, 0x1, &(0x7f00000015c0)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x3, 0x7, 0xffffffffffffffff, &(0x7f0000000340)="da376fa652b7680d5467644051a37bcb6ff85d466c43f80c8dc172f5ce2b4f5efc39797d17e7ea4543723f4c43b4ef46cf", 0x31, 0xa3b, 0x0, 0x1}])
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000140)=@x86={0x4e, 0x80, 0x9, 0x0, 0x80, 0x8, 0x53, 0x8, 0x3, 0x5, 0x4, 0xe2, 0x0, 0xc, 0x9, 0x49, 0x4, 0x10, 0xd, '\x00', 0x6, 0x7})
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_CQ_GET(r5, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000804}, 0x44810)
ioctl$INCFS_IOC_GET_FILLED_BLOCKS(r5, 0x80286722, &(0x7f0000000380)={&(0x7f0000000300)=""/45, 0x2d, 0x9, 0xe2})
ioctl$KVM_RUN(r1, 0xae80, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="180100001c0000000008051700000000850000bb2e0f2e829ad90029deda2ada16bd5bec5a80d2e696d254d9018e5c172e57b5844ea7da972225072abc31b964abd3"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
r7 = userfaultfd(0x1)
ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f0000000040))
ioctl$UFFDIO_WRITEPROTECT(r7, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000800000/0x800000)=nil, 0x802000}, 0x2})
ioctl$UFFDIO_WRITEPROTECT(r7, 0xc018aa06, &(0x7f0000000080)={{&(0x7f0000a4d000/0x1000)=nil, 0x20a4d000}})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000003c0)='sys_enter\x00', r6}, 0x18)
nanosleep(&(0x7f00000001c0)={0x0, 0x3938700}, &(0x7f0000001280))
futex_waitv(&(0x7f0000001b00)=[{0x3, &(0x7f0000000940)=0x200000006, 0x6}], 0x1, 0x0, 0x0, 0x1)
sched_setaffinity(0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='mounts\x00')
epoll_create1(0x80000)
syz_open_dev$cec(&(0x7f0000000180), 0x0, 0x401)

1m13.184759313s ago: executing program 34 (id=2062):
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000001c0), 0x4000, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc018937e, &(0x7f0000000080)={{0x1, 0x1, 0x18, r1}, './file0\x00'})
r2 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000240)=@newqdisc={0xa4, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r3, {}, {0xffff, 0xffff}, {0x2, 0xd}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x2}, @TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1], 0x0, [0x8, 0x6, 0x3c, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x401]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x8, 0x4, 0x4000000}]}]}]}}]}, 0xa4}}, 0x0)
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r5, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040), 0x80000, 0x0)
syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902"], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

36.775116145s ago: executing program 3 (id=2139):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00'}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x62, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df})
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fcntl$notify(0xffffffffffffffff, 0x402, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x2, 0x4)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)

35.102774085s ago: executing program 3 (id=2140):
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00'}, 0x18)
socket(0xa, 0x5, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec85"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x48)
prlimit64(0x0, 0x1, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x83d4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_emit_ethernet(0x142, &(0x7f0000000500)=ANY=[@ANYBLOB="9f3002aa6df200000000000086dd600a8435010c2f00fe8000000000000000000000000000bbfe8000000000000000000000000000aa8715000000000000c910fc020000000000000000000000000000c910fe80000000000000000000000000002b0502000101010005745a84fedc281377f1f2d3e1083c1c06cab2bd62b844161e48ea62f21ade3f4a61a259a55ea81d0332be92ba9fba2aa12afbce8e1e2ae745618927cfe2394613ba5ad55a1cd3a198b444002d5a168717f4b2e6fdd420f5e8c62426e9a6a222fa7259da8da6f91e3efd1c2021c23fd3f77abf3d42e40401070401100502bb1500010000000206020100000000ff010000000000000000000000000001ff020000000000000000000000000001fe80000000000000000000000000001c00000108660000003c0022eb", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="1c26b661921b564c"], 0x0)
r2 = syz_usb_connect$hid(0x5, 0x36, &(0x7f00000005c0)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x10, 0x56a, 0xed, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0xc, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x7, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x8}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x4, 0x1, 0x1}}}}}]}}]}}, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f00000002c0)={0x21, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x8, {[@global=@item_012={0x0, 0x1, 0x3}, @global=@item_012={0x1, 0x1, 0x1, "a0"}, @main=@item_4={0x3, 0x0, 0x8, "069011aa"}]}}, 0x0}, 0xfffffffffffffffc)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
dup(0xffffffffffffffff)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
openat$audio1(0xffffffffffffff9c, &(0x7f00000000c0), 0x505, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
getsockname$packet(r4, 0x0, &(0x7f00000002c0)=0x4c)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xb, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="660a0000000000006111670000000000850000008a00000095"], &(0x7f0000000000)='GPL\x00'}, 0x94)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, 0x0, 0x805)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f00000003c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x7}]}]}}, 0x0, 0x2e, 0x0, 0x1}, 0x28)
socket$packet(0x11, 0x3, 0x300)
r5 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r5, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/51, 0x0, 0x5000})
fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, <r6=>0x0})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={r6, r0, 0x0, 0x4, &(0x7f00000001c0)='+}$\x00'}, 0x30)

29.271841767s ago: executing program 3 (id=2145):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, 0xffffffffffffffff, 0x0, 0x9}, 0x18)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)={0x0, 0x144}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001200)={0x0, 0xfffffffffffffff5, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x3, 0x5}, {0xffff, 0xffff}, {0x0, 0xa}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xfffffffffffffea4, 0x2, [@TCA_FQ_PLIMIT={0x0, 0x1, 0xffffffff}, @TCA_FQ_FLOW_DEFAULT_RATE={0x0, 0x6, 0x40004}, @TCA_FQ_TIMER_SLACK={0x0, 0xd, 0x2b3}]}}]}, 0x5f}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
sendmmsg(r0, &(0x7f0000000ec0)=[{{&(0x7f00000002c0)=@l2tp={0x2, 0x0, @private=0xa010100, 0x4}, 0x80, &(0x7f0000000340)=[{&(0x7f00000006c0)="cc5c84001214dbd9e5943aa8a315357330c56529d6b619a78687eea13ea02981afbb0fab70e8c3ab037cd82bd48f4947702a177974e7eff5f2ccdec909645f69e3dea5153157374459f6a21ba8609552d9ada54e81b0f19b55b77cf382ad229baa9decce1ea639a300f1fa65b945a0e29d36cb8ed369e91698c0e9", 0x7b}, {&(0x7f00000007c0)="a960e57530b65741465209e7c6235055450b1ed3da8592b928d8e20971659d8e3ca392643af5fa7ae0e3455099a5f7b857afa34cbf9962bdc9db46a15e7dcf9412a2b98b6ae75ca1bd7eae82d94855e9ced28430f77527b7c0b999eab05883ce32fa9b99187b196d53939db62b2b37c0cd0dea2a1be6f97dbcd0937bb416c3fb74a9d08d9afa", 0x86}, {&(0x7f0000001400)="9af390e2aadb61017e08249a2485ad46a590a90910858e1ceefc66db2ed8f32bf6be0e2f94e7e4db6454393a128402ed26580c7c5ebc85db639da17c927c23dbde640ab030889e8b61f26d270bc73b21c9ac8ba542e6b4ad2cd147059128ba038e4b9ebb20537f437b23b46ec790720e1fb74cef3c677e9978662a84cf2fcf73c73a5e763358496737af6284226bad34fb9083f87d853ab78c816cf32c90bd5c40ff6446214552d29745d34e0c4bfa623d00e5cbb393972371503122a0f44135db5654ace67cddb85a12df91fcf994fc680afe5d34268b23447589ef3f5383d152bf6dd104984297180f896ec8b1ba50952c5ab76e144f5636692d7cf17922c9b447ed6d59553ec6085e07413034875c1ae0947280e1a6f0d5e7f23b32e56ead8590d3269fdcb624cc870968b2f100bf3bc3d2ab105a5f61456d4969181fbd207b6f4d6d9ca0a1920daabec06d0c5e276d18f2571e88373dd41af9080d72aa88b10f8900b48acb61a61007dd4dd0e9240af5382a26f68bd706a83d8df76a4a5d02b39d07f97c4f86dad9e14eb957cc4be52b027a462262589929e3d035188dd9f0561e3ba2de6bafe743d9ae397e9aa423644fba8b2d6425ac1cd78c76e52e04d3a29e74075625fb5e674bab02843991ce804e0d04961f2978f3749c5ad83f355ae5da936fd6e0178d2bd12aacbe0205aa9a15579fd61d738f8d36412e814ba500edaf28ea68b0e96fb1839acf8416d8f5df7fad3b663f68e2ee5784fd01c7021130a490e629b1348acf3479e0392ecabbeeb18ec421c26e76f6f5c480e7decc85a0583a56180f199d26090b10ee5057ec4c1e04be948a5960acda014d646cf91bfdfb9d327f8ab545f8b41e8dbab94f195b189a8642a6b95e0ceb36b640fbdfe21925cc110bd2ef2c3fe24f12f95771b60e2ffbc47e58b2237b5574cadc32aab0f0db3202e4adc44a0651ef97703957857cfb6022578c97802f486bd7f48129f0c120700d0b70e048618a9f1de9f34dbb1f92dadc86f09e6288eb1bdbd1f700cc2df781654dfd57d9da779607080d3bc6dede5818aa8d6c99fa1ffdbb6a1a43040fe1379cf2a8b4b862db428c29e388a6e6b863bc818c2139a0d4238f10baf22f498b6629181f997ac280547e92fe300d0f8dd8b6724df5aa14be73cd630b808a29bfb52707b8db7d0065bd753b3773f8df58c74ea56f4582caa2fa8532b8049fd9ba775afc5b92b767ed0b35d4c086d9af6f7b7ed96f5f9d3734e703fc683fe0ed82b7763c67734067759e27b60036a3b4c53526716c175d75a9fa6ed019d3e1047bcb9c6510665de23cc2802804a0c3a347faba392282df430e5e6141f9eb660f7cb0eaedb832a7880c953bc0188c1f28eb466799e2768886ef81096847f50159278b572b0cca7744d6a572a81ddd2bcea73da3c8a59680bcaaadaf95e1fe91e41a8036835975b072a9587c560e3da854c96c64011755d08fef5228bb2db62a445bc0b9e17dea88854cd6a7c8a288727d5690fc4941978dee5eda2dbdc85915e7a2fdae978adb217b3f6b31cf69b51b9f805f8b447a4868b442933fc0e03860a7084230ff8fdff70665717f9c0bade31f87f5de99643e800feceb0dfdd6d1b67d4056a52f0efa2ed2b1142132c6242d917b46d939aade6a362bf586058385d7fcef1b4e358a093d6781b9e9bf280520ff083a6026bf701237e38927ed21209dbf407a7944ef687b93619b181b9112477fa902f391a7163f93bec2d6369ffba644f4fd5139890fb66bd6017a61d9fd043154eb0ab0de3046cdb8a182a553cece0701a922518cf09cd1ab421ee8ec677a8d453cd8c21bdaa5f8dd804dfe80fffec8c4d778d5e260b65a2f0d3c1b09e9d6bd1f3746aa7fe07374a028a89fc96eb66affbcddfaa01a72058566e33af88e37f43fbba73c0423d54079fad54c136ec5fcd61d5134f833ab44f6cfbc2348871f190ac4c4bc20c97fcb29f4823a8e3bf76f85b10dfd33df0001646a7e0b2ee3e14455f6c8f225b80eed457e772cb2504ded46a24e911428decff4a130be797b6530c33ec1be7b0dd4df6206eca1c4c8dfda776336bcb876d80043195de773fbcf0d3abe53e9a38da0af7a6598815a71ffc937203f5a04e87eb532e579d66d42b06b791b6ebd50e7855f6645d29434bb0280fdf1511b163b12838f39ca864516711501bbe345d46b34ab2f0d8317d45376f73e302a90f5c362b18e1840668a9f27e90f2b715b4b6ae7a6dc387583110a42fd4977635275f7244a1912d0c67cf53d5da8a384839020d71db234fcc4388a735275763f01b2b4967e99f551e489bcc28f693a1e688ac8c39a971f8ae9d973cc7adac4a642a7a84ecca2d0bd24c300b94dff82fa4f95c1ce5fdb9128466443cb8442048e53cd46334d59774de0e2ceefcd4cd2e6c9da7cdc2162346111f7da236d72f33d509d73133951e1a3f84fa7e767cf56fc9bfb3986c5ec501634b92a780f63e0ee61e3d25f51c39b975ea587027a101059e9386f1eaaaab8ebfd5c453e9f86c851f9c78e4e06184f04fa9a54ba0bba5d18108c2973f50cb626eca6e3d5b2907b00d2ad4fff9546482815291bd220fa31c1d1a735562174644fe06131e31ce660", 0x744}], 0x3}}, {{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000880)="90b9f79fecb3ad0dc00ca95fb148a3ba4355cee5ce27d2c10d8474464a37dea0c1ab2a961404f5aa5493cdadb4b6bf4131e96c0aef0f89065db2aa551c68ce3fa911638fd608ff9e30cce409b6e516e59c272cdbbb88c83dc61199d70f8f7e05d9639d278d53151a6720a51979ffd78dcc1a000929160435bd61e3f36c78b9bd5baef79be54e537dfc26029f52cfd5b4dd3416fc140fce45c077", 0x9a}, {&(0x7f0000000a40)}], 0x2}}], 0x2, 0x11)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@bloom_filter={0x1e, 0x4f5b9e40, 0x8, 0x96282c4, 0x2040, 0xffffffffffffffff, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x45, 0x4, 0x2, 0x4}, 0x50)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000080)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x20, 0x0, 0x2, 0x12, @loopback, @mcast2, 0x10, 0x10, 0x6, 0x101}})
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

28.291519356s ago: executing program 1 (id=2147):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00'}, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x62, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df})
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fcntl$notify(0xffffffffffffffff, 0x402, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000280)=0x2, 0x4)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)

27.906836444s ago: executing program 1 (id=2148):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_BUS_LOCK_EXIT(r1, 0x4068aea3, &(0x7f00000004c0)={0xc1, 0x0, 0x2})
ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x6)
r2 = socket$inet6_icmp(0xa, 0x2, 0x3a)
getsockopt$IP6T_SO_GET_REVISION_MATCH(r2, 0x29, 0x44, &(0x7f0000000100)={'icmp\x00'}, &(0x7f0000000240)=0x1e)
r3 = socket(0x1d, 0x2, 0x6)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r4, &(0x7f0000000140)='^', 0x34000, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10)
listen(r4, 0xda90)
ioctl$SIOCGSTAMPNS(r4, 0x8907, 0x0)
sendmsg$rds(0xffffffffffffffff, &(0x7f0000000f40)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000740)=""/228, 0xe4}, {&(0x7f0000000840)=""/130, 0x82}, {&(0x7f0000000900)}], 0x3, &(0x7f0000000d40)=[@rdma_map={0x30, 0x114, 0x3, {{&(0x7f0000000980)=""/74, 0x4a}, &(0x7f0000000a00)}}, @zcopy_cookie={0x18, 0x114, 0xc, 0x7ff}, @rdma_args={0x48, 0x114, 0x1, {{0x3, 0x6}, {&(0x7f0000000a40)=""/71, 0x47}, &(0x7f0000000b80)=[{&(0x7f0000001b80)=""/4096, 0x1000}, {&(0x7f0000002b80)=""/4096, 0x1000}, {&(0x7f0000000ac0)=""/171, 0xab}], 0x3, 0x22, 0x81}}, @fadd={0x58, 0x114, 0x6, {{0x6, 0x10000}, &(0x7f0000000bc0)=0x982a, &(0x7f0000000c00)=0x2, 0x0, 0x9b1, 0x4, 0xbe9c, 0x40, 0x2}}, @fadd={0x58, 0x114, 0x6, {{0x8, 0x9}, &(0x7f0000000c40)=0x100000001, &(0x7f0000000c80), 0x5, 0x545, 0x1000, 0x100000001, 0x10, 0x8}}, @zcopy_cookie={0x18}, @zcopy_cookie={0x18, 0x114, 0xc, 0xf4}, @mask_cswp={0x58, 0x114, 0x9, {{0x9, 0x4fb6}, &(0x7f0000000cc0)=0x800, &(0x7f0000000d00)=0x1, 0x6, 0x8, 0x8, 0xffffffffffff3152, 0x12, 0xdd}}], 0x1c8}, 0xc010)
accept4(r4, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001340)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x2c)
ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x101801, 0x0)
write$vga_arbiter(r6, &(0x7f0000000900)=ANY=[@ANYBLOB="746172676574205043493a31396cd2cc815d3a663a342e316300"], 0x15)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f00000000c0)={0x80a0000, 0x3000, 0x0, 0x0, 0x3})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), 0xffffffffffffffff)
recvmsg(r2, &(0x7f0000000700)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000600)=""/144, 0x90}, {&(0x7f0000000000)=""/47, 0x2f}], 0x2, &(0x7f00000006c0)=""/11, 0xb}, 0x40004121)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x71b2, 0x3180, 0x8000, 0x6c}, &(0x7f0000000340), &(0x7f0000000540))
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r8, 0x13, &(0x7f00000002c0)=[0xa, 0x10000000], 0x2)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380), r3)
sendmsg$TIPC_NL_NAME_TABLE_GET(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000400)={&(0x7f0000000f80)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r9, @ANYBLOB="85ce26bd7000fcdbdf251e04277c0c000580070001006962004d377275803043ed25f6"], 0x20}, 0x1, 0x0, 0x0, 0x880}, 0x8481)
sendmsg$NL80211_CMD_VENDOR(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000001b40)={&(0x7f00000002c0)=ANY=[@ANYBLOB="0000000000000003ca7a6dbf00"/25, @ANYBLOB="1bdd3063811d4cbb728b152059ee6f7d72f2a3d200307744028742cb0107f3", @ANYBLOB="a1ab00000000000000003200000008001781"], 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080), 0x400, &(0x7f0000000140)=ANY=[@ANYBLOB='mpol=bind:', @ANYRESDEC, @ANYBLOB='f'])
bind$can_j1939(r3, 0x0, 0x0)

27.008681644s ago: executing program 1 (id=2149):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
poll(&(0x7f0000000040)=[{0xffffffffffffffff, 0x80cd}], 0x1, 0x7)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fchown(r1, 0x0, 0xee01)
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x210481, 0x20)
openat(r2, &(0x7f0000000080)='./file0\x00', 0xc8440, 0x4e8)
fchownat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x1000)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000040)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x12, r3, 0x0)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x8a05f664f2838e9, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003f00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x840)

26.340185424s ago: executing program 1 (id=2150):
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0100000004000000400000004000000041000000", @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="0000c7e60658ef542cbceabc9600000023a9000000000000000000000000000000000000004ae7659d2352c039f8f2bce12a359561050ca5899159f79f749b8271c92305ba90004931b38654cb92a82a289ec9178460491d6ab23a8cd24fdaf787084751f6b53cc1710df7ad75be1726489a42fd052bbfb53bfa5f8433a8e0f826e4c3fa6b8bf99199f6ba05ab670120e5638c3ac295f420580f669687abfc389ee62c4feb4602a32dadae633a8db4780604b2a9b2edd243e3fc4abc3d5370653f2e66e24c7f9f8623e251529d6e6adddca20025b6f4b6320a5f4103c742a375dbacc806eddd9487973a240f9c9b0570331eb289f37aadec8cb4f5da5a96675d87e83af842a149db18f1122be5c049f4f8565c8fd9dfe1262e0606a06cce0353347140402f0e5d980d66f17f1633b5c4bfb9519d78073e242549be20acfafbe1cad25f744ec912df6ab71e31b03b70b3b93d770d3079d3084a603b44e16491fdc486bf4be32d9c697ef557a07a666137d69573968afff89f2f1f2e1a107f3e1f643c614d14262f8e33208c86c37f6870a880ca7b95777a6cdf6733e19feb"], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setitimer(0x1, &(0x7f0000000580)={{}, {0x0, 0x2710}}, 0x0)

25.719068529s ago: executing program 1 (id=2151):
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r0, &(0x7f0000000100)={{0x3, @default, 0x1}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
ioctl$sock_netdev_private(0xffffffffffffffff, 0x8914, &(0x7f0000000000))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x5, 0x0, 0x0)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmsg$inet6(r2, &(0x7f0000002280)={&(0x7f0000001e40)={0xa, 0x4e24, 0x0, @mcast1}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="b005000000000000290000003600000000b2"], 0x5b0}, 0x20008001)
sendmsg$inet6(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000600)="e5f1fddfe175759743a2d6055bef6ad67f4806ff6ac3a93555c1b5b84294df29b09e92680ca8bd3dc842c3147716237f0ad0c3ab59f41083aeb894e76f3c7fc753f2fca40d24553fdd9396171c35ecfd0932f37aa306040bd37f78526b319e572be0ae8b40f01b3835c385e789683bed9c65ccd19545b738fb470ef7c7247c631882fe3cee1ad627ad729a685446e0c1b6ca16a98bececc6ed604084f0de672a6143", 0xa2}, {&(0x7f0000000280)="fa4930a291faf9e475b8d2ac9681a2bf266ea9e2f7feb52241e739006ef78c0aeb4dd989f1bf69e01e4eb4bb743569e49e3db4ab502ed6980a5794e38f83ba0c77252adc9d177719cb1f7991ee501ad1ff9d69f88d4bb7a70b76402fd5b3", 0x5e}, {&(0x7f00000022c0)="3b9eccc918ce8c50894cb802b04e9492b64a02d85d3ed05eac49318868ad13e4fa9e2f1b165dfcc79e43ed30bb0c212bebb71afc79347f2f1a90e936a487e1ce171789626d34ffa8e3b4415ad869955133f81fab7f450d7ef6df7bf6a16cc39fd78e88662ffd1c3b31ffe836682b1ad9c331a068a75d12fd346d77f5cdacee9fee2203a321c260b0b5fdc8b5d7d43148f4b0fb550dd9d8746f0a0444cfa52af90a966921f9cb48b0c99727166a2f59c12dae2fcc4d891258bd723b5fd1fcb4cb219c87fadebe2582802ef18165f5ff67ba0d4eb4d3ef1f80ba9dff1a74dd5874b3d8017ff61b5174d9660e54f2b5f94f29f6665567b2ca6d0549a500a428ce29b197f754f8e3b6c7dc21260ce97551074886667837db75c9a21cdf92b14dcb2e1f997bab3bf1902b8d8e9eb238c021fdbe48675473dac385e2fada25f767ce5e7576c2dc496841123c81314f100e0648405f0ca9b5aa012d9316f3945e613aba10d1fbc2917143ed606c5513394343c9fac6f95ee678031ba5f4a81d8c2ae0d31c5711c91845f07b0add2bb4bd0f700217044582adf1850b0af5f04b63906918b7312fc3a800d67d8293604321633c41153f83662b2cbec354cf9c33e9eaa8ab2c5e4d86f82d379e98ad8d749595829b548ad77596448bf718c5e52a7dac04f62fde8ab1cc55ee5b6fd57327c8e678c1c8f9b8c235c132faffc553d54253f67d40075d91b7abaa303e5844ee31871fcdded3d8de8df952ae53e60d73e57267117129a4b42df34faa3287bb1c475d9ef904b7a4d33f1f8014e59905c3dc145e3974d71487ce05c9149fb4f9788ef0f519151d82391d783df5753819a0d967d842e60d28257741fb8b794b18a4e2f2f4f10412aa580062d0ef3691f4bdc14d283d672ae10fbbe23fa15f9225642aad56cc8a36538afe97750a0bf313cf3b9fdd881aa067b3b6ad9a69c04b50c9b4f8e29c11d7dcaf08b57ecd5cfd8a01b0e50313d09ea6b3634867f0c23c06055e04c36bddcdc6f4e30b2b6c0b0fa25a20843570bd582df937f7f48cd8e07abcfeaef4f8a72b34978ba5c95d65731943cdf2df8357311bb28d7d72fb9226dcbd059b14242c6fd4ab1ac90367a27ab715ebe553416966ceb79db37cd2dc45687269e4dad3cf50211fbfdd77a44c730a4732a12ff99fd151d205379bee91935a7bf4eef879d564872fdb2d7c399972ce5d44b59ea05d19a6b00c717b1dd3401a169b4402152b6f21c84c865f00ed0a9da758decaf1ad20138b80bee54a918d5d7dd5432c7ee34ae786cf7f55ea7f67229c39b81cccf80ccb424d139df240a9b18b3c4223de42e71ee7264a1c5db8da2d7fb3dfae2befb2f26e0c996d204ba3df39b111c445f3affed9c9fc8c2b67630de56b5a922f3fd7e0c2ef97df3ad486354937c4606a91874c7403dadaeabd03fe82c92cde4d67c6ac2ad7eedc9761224bf0c6b73ba60934f5c2db9846de4c41c6cb2f5ac6a7ad47418279f6cdd951679c1530ee4dab6d81a8cb41db64fc28ab9598c26fe51f6ddb0900a971aacc92a7e2dfbb596a1571609a4b8bc86c5c218b9220ceca304b7052a58e8c6ce427e4c9b127a133e625c02bf77a89ebff746f829401230f2a757c3ce04a6d01b35350973d24637526278fa724cb3053fd04cba673f682992041dc1cbebe9b574e5ab39307d695b2470cc21122e9c587301630351eeaa5dc1c8bb685ce2b0f4cc25d584354799858c2a11fe1b70518659acff13ad9702e6fd3116d311628bbd9b86f6a09c2a00ad08440860b621716799576b0de92285d0700004719a1eddbb691878526c34ad392e1d72f04d7830686f792152e7e497bc76721aa1c0493698efb8f463d0403d134b9ca6b19240e496edad804be73acb88b0fd1e0de3f00f83a135cf1b58376137e6e93136682343440fd4f96f00d56f9ff265cf5f4b8cc663d56eace1c1eb9fc8bcfcc5f947f14633886ae2b4c6b2bdeb71fcc7802945e484188b3f0425fd96996780f4f9e5ba028e5a600c65bdf6fc6936fc5f9e1792a02cb428f97262167e47a13f6a6634b99eb1791e7cd82f14c8c3353a52569c12e5b40a404564b4cba2fa7f247fbd74e1ab16f4caf68f6ebad58634970c1336d38c3feaf2b5c4eb8afb45aedb65c54b7e6a811c337d68ca5fc58279d7c4c524eb02bb36cd61f6269ce6b81e542e86500c837f7144962b2a6772981bed18a2173e41d73a74235f468305b3f0d5bd0a8f6ce90f6ba63f25322705d6464f9a24cdc13a528a9ae5f3907aa7018f5a1582c5242dbd325d05fef384da2f2cbd65ac0905a2311d75f72e2e1d30d34a62f91ebb79464ad1ca22b94e84d14c2337d13a017f80b3011d715c8629b1a2b638d4e20cdd639ad3db15e85db21494fb5e6ea599f0412d2b238a8a93b9bc930a9e126942c04f26e27631a2a46ef3115c683494bf2d805d03f76b07ea99380725914d01de34b1a5ab51487ea4c70c9591d6f84db21bb1c65c29d47a61b4e227e8bd917e6ff9d8cc1027bd2cf453b49d59cc9d21b13533df66c76cade633aaea0345f8d6e3b14375cc99d0b3e4c0eab870c9bc7b6911014fa556c8db62c3fcfec23deb242278c49b743987d0f65969f2e517b8de7d0b2a74865246cb4f32d40e1a4ea050563f28d3b9f598cf16265b270183cbaf91a2ef96c5aaaf7223a0bdf83c9fbdb324497e11aa4ed8ef02c5c9b7556504c957f2123603c62df3098ba82cd8d9f9738af0067e509159689741a262afd436b8d21c6104d092e66e2fbefa0b7e2c84c6d8ed44410224929b5ff349bef8d9ed6df6193424858f58039e4437b01e12517c86056108c7e6bc21caa884b9f3fd116657b2c8ca30ea557e6c4b60641686d0edf7c49a1c26589f82715e2e1914385bb91100169cf509aa1f3372ab65ccb422d1db5ff6acfde3af9bc2aef6e01455ac94f9d9655dc6020e858f97bb69dce077215d1427f61aabe63786384a2195ce411207aea8af9e3a0e736bf1af08ce4aecf45ce79c46a7f3cb111b14c54de41f13c54b68fa5fa11bfbbf6bfcde697b300a2bbc152260db6bd5d9e9a648d9e54531c4e16610b885dd9e2f620879ca8d126f843630f17ddc42fb502a0f51ee6c630eb734c54891094684f9e34e5331ccb5570bed0fc99361e681e9e2f9ee16c8d3d89ddc7b1e51c70942b0a890d69411f1e8a8e73c6415eeb848a6987f806af7ef5c62ec16b862164943325b8c5b3ae2d8df2e33bb5dac9546c2b32070d05bb2753c6ade48f1c54fb0e3333c2de138a736a19e895037090336bc5e7e3683f7cdf148d20f5bbcfaa458fb9a24faa62c7151577ac9ab8f10af0e70b35c8c2d5d30c53e394d1eda842fef1647ec686022df373ca10be06ab8d74b56f2c7108f08d56b6c9e3980c6f30e14a1a154c5fec893deb607868eeeb6f981cfd08056b54f3327bb733cbd64c7c79447489dd6950b07c079544da5f184e21dbe9478dc0b5ed245e0dc9f60b577d0230e4a92fe1d7c2d1cb354f65da8f28692159b103e6564c58854f8bedc969f4e1158b58a90f21aa67686fcd74a8cc8909fe8557662582bf916cb409af96267dc0cbb5232309c5934e152e758f28518f37fa1da83fdfefb0f2991a13aa4c3fe008e1ae0c4184c5e78474c05581299f3e9d24c433685dcea029494a7b7bd74cc986b3a4a92b5f6a21a2f7dcee7605474e1508ab632a9a4aa1992c7bf3d9265bffb047cdd0ebce043e411a3260de73af0dcbf6197a60a81846b3ae05db1227d5fc2815a9a7572764bbcf83d47fe202ffff6bda074405bb6132e3063bfd0ebdca4b8f8074", 0xa89}], 0x3}, 0x20000044)
pipe(&(0x7f0000000080)={<r3=>0xffffffffffffffff})
r4 = socket$inet_udp(0x2, 0x2, 0x0)
close(r4)
splice(r3, 0x0, r4, 0x0, 0x4ffe6, 0x0)
ioctl$EVIOCGID(r3, 0x80084502, &(0x7f0000000000)=""/133)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$IEEE802154_LLSEC_GETPARAMS(r5, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x14, r6, 0x4, 0x70bd2d, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x4008000)

25.437958174s ago: executing program 1 (id=2152):
openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x5)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0xfffffffe})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x5, 0x2, 0x180, 0x4, 0x0, 0xf1, 0x50, 0x12, 0x5, 0x0, 0x29, 0x0, 0x7, 0x4, 0xbdb], 0x5000, 0x42900})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x14, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x7, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0xa7c, 0x68ff, 0x5, 0x9, 0x3], 0xeeee8000, 0x202})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0xeeee0000, 0x8, 0x8, 0xb, 0xe6, 0x40, 0x9, 0x0, 0x81, 0x45}, {0x5000, 0x3000, 0x3, 0x0, 0x42, 0x4, 0x7d, 0x7, 0x36, 0x2, 0x2, 0x87}, {0x0, 0x33325000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xeeee0000, 0x9, 0x6, 0x5, 0x42, 0xb, 0xff, 0x8, 0x7, 0xe}, {0x3000, 0xd000, 0xf, 0x3, 0x16, 0xa, 0xab, 0x8, 0xc, 0x9, 0x8, 0x97}, {0x2000, 0xeeef0000, 0xf, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0x31, 0x1, 0x7}, {0x3000, 0x1, 0x0, 0x5, 0x7, 0x5, 0xa, 0x3, 0x8, 0x81, 0x42, 0x70}, {0x0, 0x4000, 0xa, 0x5, 0xcd, 0x9, 0x1, 0x9, 0x2, 0xc, 0xb0, 0x81}, {0xeeee0000, 0x30}, {0xdddd0000, 0x7}, 0x80000031, 0x0, 0x3000, 0x2024, 0x2, 0x0, 0x100000, [0x6800000000000000, 0x4, 0x3, 0x8]})
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 1)

21.75688593s ago: executing program 3 (id=2153):
r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0x3, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x6, &(0x7f0000000180)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
r1 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102392, 0x18ff8)
sendmsg$netlink(r0, 0x0, 0x2c000894)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc011}, 0x8000002)
write$binfmt_elf64(0xffffffffffffffff, 0x0, 0x1820)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000002, 0x200000005c832, 0xffffffffffffffff, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
close(0x3)
bind$alg(r2, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-blowfish-asm\x00'}, 0x58)
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)="b187394ce43eba3cc453a0bb290938a58fc72abc5ae0ecaf4cf84ba9a3e187", 0x1f, 0x0, 0x0, 0x0)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)

20.268597853s ago: executing program 3 (id=2154):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r4, 0xc0a85320, &(0x7f00000005c0)={{0x80}, 'port0\x00', 0x62, 0x11cfa, 0x0, 0x8000008, 0x3, 0x4, 0x1, 0x0, 0x7cce8c743ee810df})
r5 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r5, 0x402, 0x21)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000280)=0x2, 0x4)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r6, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000009c0)=ANY=[@ANYBLOB="140000", @ANYRES16, @ANYRES64=r4], 0x14}, 0x1, 0x0, 0x0, 0x8886}, 0x20004880)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

18.66689673s ago: executing program 3 (id=2155):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000880)=ANY=[@ANYBLOB="3c00000010000104fcfffffffbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="03150000040000001b0012800b0001006970766c616e00000c000280060002e5e3b30000a20488f4d4133dce33ac2a515ebbd8a2ceba4e90c86c86690af4d24e004fc2f9fa467d733e0781eef05a31f7008fd65e6d2b5fe812e0f89e46cb8525e464087b3bb07520088f4a9753063e21169adc4b14e3c64c74cce12fbe930015e4e92cf790a09ff73f87bb0296b838d91cbd421587865113bc64991530fa101eff79aee2a89da3d87ccc47d5153ea3a48052a488a4158b2d34be33069a0834c1cdc5ac92642b245065886a7baee13364426c84583c105eb200d5d2c5009b8084597ef9317209a2e749f04b7611208c3b7f7d8fcf3607b7748d57dc3e6b3c86a96f8d6141eac31fd0197c5a79b0b1f8c289802c8fb7cae75c665c4d7fac5ad967908ed09cb92b90c4fcaa6b24f82bfea504a2ded352c6f87a74d562848e39c45eb2c09f79e044ba58d5a08d00000000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
socket$alg(0x26, 0x5, 0x0)
socket$rds(0x15, 0x5, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000580)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc22fe88c43b82a0a5d3eb61c238a5159ea98db9c00aeef644ae98a8cb8dffff3b7ba14d7971910b559623af8295", 0x13c}], 0x2}, 0x4000001)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x9, 0x5f, 0x5, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x8, 0x0, 0x1000, 0x124, 0x1, 0x7, 0x3c5b, 0x1, 0x24, 0x6, 0x1, 0x5, 0x5, 0xe661, 0x4, 0x7, 0x5, 0x8, 0x4c74, 0x80000000, 0x3fffc, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x7, 0x1, 0x407, 0x4, 0xfffffff9, 0x8, 0x4006, 0x6, 0x7, 0x0, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x6, 0x9, 0x4, 0xfffffffe, 0x40], [0x10000003, 0xf0000000, 0x8000012b, 0x8004, 0x5, 0x6, 0x129432e2, 0x1, 0xf9, 0xe, 0x10, 0x6c7, 0x9, 0xfffffffc, 0x80000003, 0x203, 0x0, 0x5, 0x2f, 0xe, 0x312, 0xd, 0xea4, 0xa1, 0x4, 0x7, 0x7fff, 0x5a7c, 0x7ff, 0x401, 0x6, 0x0, 0xff, 0x401, 0x1000009, 0x5f31, 0xd, 0x4e2, 0x2, 0x4, 0xb, 0x401, 0x101, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfdffffff, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x3, 0x9, 0x250, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x404, 0x0, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x0, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x2, 0x5, 0x8, 0x401, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0xeedf0991, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0xdfe, 0xa2, 0x7, 0x100000a9, 0x5, 0x9, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x6, 0x40, 0x0, 0x7ff, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x81, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x7, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0x80000003, 0x5, 0xfffffff9, 0xc8, 0x9, 0xfffff000, 0x7, 0x3, 0x7e, 0x100, 0x9602, 0x1ff, 0xaf, 0xfffffff9, 0x6, 0x226, 0x2, 0x7, 0x8, 0x30b1d693, 0xa21, 0x1000f40, 0x5, 0x1, 0x6c1b, 0x0, 0x4, 0xffef, 0xb1e, 0xd7, 0x200, 0xffff3441, 0x8001]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

2.364788485s ago: executing program 35 (id=2152):
openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
sendmsg$NL80211_CMD_SET_QOS_MAP(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20004000}, 0x5)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0xfffffffe})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x5, 0x2, 0x180, 0x4, 0x0, 0xf1, 0x50, 0x12, 0x5, 0x0, 0x29, 0x0, 0x7, 0x4, 0xbdb], 0x5000, 0x42900})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x14, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000400)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x7, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x0, 0xa7c, 0x68ff, 0x5, 0x9, 0x3], 0xeeee8000, 0x202})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0xeeee0000, 0x8, 0x8, 0xb, 0xe6, 0x40, 0x9, 0x0, 0x81, 0x45}, {0x5000, 0x3000, 0x3, 0x0, 0x42, 0x4, 0x7d, 0x7, 0x36, 0x2, 0x2, 0x87}, {0x0, 0x33325000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xeeee0000, 0x9, 0x6, 0x5, 0x42, 0xb, 0xff, 0x8, 0x7, 0xe}, {0x3000, 0xd000, 0xf, 0x3, 0x16, 0xa, 0xab, 0x8, 0xc, 0x9, 0x8, 0x97}, {0x2000, 0xeeef0000, 0xf, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0x31, 0x1, 0x7}, {0x3000, 0x1, 0x0, 0x5, 0x7, 0x5, 0xa, 0x3, 0x8, 0x81, 0x42, 0x70}, {0x0, 0x4000, 0xa, 0x5, 0xcd, 0x9, 0x1, 0x9, 0x2, 0xc, 0xb0, 0x81}, {0xeeee0000, 0x30}, {0xdddd0000, 0x7}, 0x80000031, 0x0, 0x3000, 0x2024, 0x2, 0x0, 0x100000, [0x6800000000000000, 0x4, 0x3, 0x8]})
ioctl$KVM_RUN(r2, 0xae80, 0x0) (fail_nth: 1)

0s ago: executing program 36 (id=2155):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000880)=ANY=[@ANYBLOB="3c00000010000104fcfffffffbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="03150000040000001b0012800b0001006970766c616e00000c000280060002e5e3b30000a20488f4d4133dce33ac2a515ebbd8a2ceba4e90c86c86690af4d24e004fc2f9fa467d733e0781eef05a31f7008fd65e6d2b5fe812e0f89e46cb8525e464087b3bb07520088f4a9753063e21169adc4b14e3c64c74cce12fbe930015e4e92cf790a09ff73f87bb0296b838d91cbd421587865113bc64991530fa101eff79aee2a89da3d87ccc47d5153ea3a48052a488a4158b2d34be33069a0834c1cdc5ac92642b245065886a7baee13364426c84583c105eb200d5d2c5009b8084597ef9317209a2e749f04b7611208c3b7f7d8fcf3607b7748d57dc3e6b3c86a96f8d6141eac31fd0197c5a79b0b1f8c289802c8fb7cae75c665c4d7fac5ad967908ed09cb92b90c4fcaa6b24f82bfea504a2ded352c6f87a74d562848e39c45eb2c09f79e044ba58d5a08d00000000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
socket$alg(0x26, 0x5, 0x0)
socket$rds(0x15, 0x5, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000580)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc22fe88c43b82a0a5d3eb61c238a5159ea98db9c00aeef644ae98a8cb8dffff3b7ba14d7971910b559623af8295", 0x13c}], 0x2}, 0x4000001)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x9, 0x5f, 0x5, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x8, 0x0, 0x1000, 0x124, 0x1, 0x7, 0x3c5b, 0x1, 0x24, 0x6, 0x1, 0x5, 0x5, 0xe661, 0x4, 0x7, 0x5, 0x8, 0x4c74, 0x80000000, 0x3fffc, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x7, 0x1, 0x407, 0x4, 0xfffffff9, 0x8, 0x4006, 0x6, 0x7, 0x0, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x6, 0x9, 0x4, 0xfffffffe, 0x40], [0x10000003, 0xf0000000, 0x8000012b, 0x8004, 0x5, 0x6, 0x129432e2, 0x1, 0xf9, 0xe, 0x10, 0x6c7, 0x9, 0xfffffffc, 0x80000003, 0x203, 0x0, 0x5, 0x2f, 0xe, 0x312, 0xd, 0xea4, 0xa1, 0x4, 0x7, 0x7fff, 0x5a7c, 0x7ff, 0x401, 0x6, 0x0, 0xff, 0x401, 0x1000009, 0x5f31, 0xd, 0x4e2, 0x2, 0x4, 0xb, 0x401, 0x101, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfdffffff, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x3, 0x9, 0x250, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x404, 0x0, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x0, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x2, 0x5, 0x8, 0x401, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0xeedf0991, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0xdfe, 0xa2, 0x7, 0x100000a9, 0x5, 0x9, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x6, 0x40, 0x0, 0x7ff, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x81, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x7, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0x80000003, 0x5, 0xfffffff9, 0xc8, 0x9, 0xfffff000, 0x7, 0x3, 0x7e, 0x100, 0x9602, 0x1ff, 0xaf, 0xfffffff9, 0x6, 0x226, 0x2, 0x7, 0x8, 0x30b1d693, 0xa21, 0x1000f40, 0x5, 0x1, 0x6c1b, 0x0, 0x4, 0xffef, 0xb1e, 0xd7, 0x200, 0xffff3441, 0x8001]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

 device descriptor read/8, error -71
[  308.260815][ T9113] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  308.417834][ T5917] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  308.417995][ T9113] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  308.438660][ T5917] usb 3-1: device descriptor read/8, error -71
[  308.550154][ T5917] usb usb3-port1: unable to enumerate USB device
[  308.633581][ T9113] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  309.050657][ T9464] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.053478][ T9464] bridge0: port 1(bridge_slave_0) entered disabled state
[  309.053722][ T9464] bridge_slave_0: entered allmulticast mode
[  309.056394][ T9464] bridge_slave_0: entered promiscuous mode
[  309.089655][ T9464] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.089834][ T9464] bridge0: port 2(bridge_slave_1) entered disabled state
[  309.090032][ T9464] bridge_slave_1: entered allmulticast mode
[  309.092912][ T9464] bridge_slave_1: entered promiscuous mode
[  309.477364][ T5120] Bluetooth: hci1: command tx timeout
[  310.702761][ T9657] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1489'.
[  310.946635][ T9464] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  311.076883][ T9657] 8021q: adding VLAN 0 to HW filter on device bond1
[  311.532304][ T5120] Bluetooth: hci1: command tx timeout
[  311.700360][ T9673] FAULT_INJECTION: forcing a failure.
[  311.700360][ T9673] name failslab, interval 1, probability 0, space 0, times 0
[  311.700399][ T9673] CPU: 1 UID: 0 PID: 9673 Comm: syz.4.1494 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  311.700422][ T9673] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  311.700434][ T9673] Call Trace:
[  311.700441][ T9673]  <TASK>
[  311.700450][ T9673]  dump_stack_lvl+0x189/0x250
[  311.700480][ T9673]  ? __pfx____ratelimit+0x10/0x10
[  311.700506][ T9673]  ? __pfx_dump_stack_lvl+0x10/0x10
[  311.700531][ T9673]  ? __pfx__printk+0x10/0x10
[  311.700560][ T9673]  ? __pfx___might_resched+0x10/0x10
[  311.700585][ T9673]  should_fail_ex+0x46c/0x600
[  311.700616][ T9673]  should_failslab+0xa8/0x100
[  311.700643][ T9673]  __kmalloc_noprof+0xcc/0x7d0
[  311.700665][ T9673]  ? kfree+0x51/0x950
[  311.700683][ T9673]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  311.700712][ T9673]  tomoyo_realpath_from_path+0xe3/0x5d0
[  311.700736][ T9673]  ? tomoyo_domain+0xda/0x130
[  311.700764][ T9673]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  311.700792][ T9673]  tomoyo_path_number_perm+0x1e8/0x5a0
[  311.700822][ T9673]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  311.700853][ T9673]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  311.700879][ T9673]  ? lockdep_hardirqs_on+0x9c/0x150
[  311.700935][ T9673]  ? __fget_files+0x2a/0x420
[  311.700964][ T9673]  ? __fget_files+0x3a6/0x420
[  311.700986][ T9673]  ? __fget_files+0x2a/0x420
[  311.701015][ T9673]  security_file_ioctl+0xcb/0x2d0
[  311.701037][ T9673]  __se_sys_ioctl+0x47/0x170
[  311.701061][ T9673]  do_syscall_64+0xfa/0xfa0
[  311.701084][ T9673]  ? lockdep_hardirqs_on+0x9c/0x150
[  311.701107][ T9673]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.701131][ T9673]  ? clear_bhb_loop+0x60/0xb0
[  311.701155][ T9673]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.701177][ T9673] RIP: 0033:0x7f50fecbf6c9
[  311.701193][ T9673] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.701209][ T9673] RSP: 002b:00007f50fcedc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  311.701230][ T9673] RAX: ffffffffffffffda RBX: 00007f50fef16180 RCX: 00007f50fecbf6c9
[  311.701244][ T9673] RDX: 0000200000000180 RSI: 00000000c0303e03 RDI: 000000000000000a
[  311.701257][ T9673] RBP: 00007f50fcedc090 R08: 0000000000000000 R09: 0000000000000000
[  311.701269][ T9673] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  311.701280][ T9673] R13: 00007f50fef16218 R14: 00007f50fef16180 R15: 00007ffda0128118
[  311.701314][ T9673]  </TASK>
[  311.701322][ T9673] ERROR: Out of memory at tomoyo_realpath_from_path.
[  312.691097][ T9659] bond1 (unregistering): Released all slaves
[  312.732072][ T9464] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  312.892114][ T9695] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1503'.
[  313.420228][ T9464] team0: Port device team_slave_0 added
[  313.725743][ T9464] team0: Port device team_slave_1 added
[  314.046377][ T9739] mmap: syz.0.1524 (9739): VmData 37466112 exceed data ulimit 2949. Update limits or use boot option ignore_rlimit_data.
[  314.120169][ T9741] FAULT_INJECTION: forcing a failure.
[  314.120169][ T9741] name failslab, interval 1, probability 0, space 0, times 0
[  314.120201][ T9741] CPU: 0 UID: 0 PID: 9741 Comm: syz.4.1525 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  314.120222][ T9741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  314.120232][ T9741] Call Trace:
[  314.120240][ T9741]  <TASK>
[  314.120248][ T9741]  dump_stack_lvl+0x189/0x250
[  314.120278][ T9741]  ? __pfx____ratelimit+0x10/0x10
[  314.120302][ T9741]  ? __pfx_dump_stack_lvl+0x10/0x10
[  314.120326][ T9741]  ? __pfx__printk+0x10/0x10
[  314.120356][ T9741]  ? __pfx___might_resched+0x10/0x10
[  314.120386][ T9741]  should_fail_ex+0x46c/0x600
[  314.120416][ T9741]  should_failslab+0xa8/0x100
[  314.120443][ T9741]  __kmalloc_noprof+0xcc/0x7d0
[  314.120466][ T9741]  ? kfree+0x51/0x950
[  314.120484][ T9741]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  314.120512][ T9741]  tomoyo_realpath_from_path+0xe3/0x5d0
[  314.120537][ T9741]  ? tomoyo_domain+0xda/0x130
[  314.120565][ T9741]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  314.120592][ T9741]  tomoyo_path_number_perm+0x1e8/0x5a0
[  314.120621][ T9741]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  314.120653][ T9741]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  314.120678][ T9741]  ? lockdep_hardirqs_on+0x9c/0x150
[  314.120732][ T9741]  ? __fget_files+0x2a/0x420
[  314.120761][ T9741]  ? __fget_files+0x3a6/0x420
[  314.120782][ T9741]  ? __fget_files+0x2a/0x420
[  314.120810][ T9741]  security_file_ioctl+0xcb/0x2d0
[  314.120831][ T9741]  __se_sys_ioctl+0x47/0x170
[  314.120855][ T9741]  do_syscall_64+0xfa/0xfa0
[  314.120877][ T9741]  ? lockdep_hardirqs_on+0x9c/0x150
[  314.120899][ T9741]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.120924][ T9741]  ? clear_bhb_loop+0x60/0xb0
[  314.120947][ T9741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  314.120963][ T9741] RIP: 0033:0x7f50fecbf6c9
[  314.120978][ T9741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  314.120993][ T9741] RSP: 002b:00007f50fcf1e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  314.121010][ T9741] RAX: ffffffffffffffda RBX: 00007f50fef15fa0 RCX: 00007f50fecbf6c9
[  314.121023][ T9741] RDX: 0000200000000100 RSI: 000000004008ae89 RDI: 0000000000000005
[  314.121034][ T9741] RBP: 00007f50fcf1e090 R08: 0000000000000000 R09: 0000000000000000
[  314.121046][ T9741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  314.121056][ T9741] R13: 00007f50fef16038 R14: 00007f50fef15fa0 R15: 00007ffda0128118
[  314.121086][ T9741]  </TASK>
[  314.121094][ T9741] ERROR: Out of memory at tomoyo_realpath_from_path.
[  314.552569][ T9464] batman_adv: batadv0: Adding interface: batadv_slave_0
[  314.552587][ T9464] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  314.552613][ T9464] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  314.585156][ T9464] batman_adv: batadv0: Adding interface: batadv_slave_1
[  314.585171][ T9464] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  314.585197][ T9464] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  315.195012][ T9464] hsr_slave_0: entered promiscuous mode
[  315.203907][ T9464] hsr_slave_1: entered promiscuous mode
[  315.209519][ T9464] debugfs: 'hsr0' already exists in 'hsr'
[  315.209545][ T9464] Cannot create hsr debugfs directory
[  315.310966][ T9762] openvswitch: netlink: IP tunnel dst address not specified
[  316.501907][ T9773] FAULT_INJECTION: forcing a failure.
[  316.501907][ T9773] name failslab, interval 1, probability 0, space 0, times 0
[  316.501942][ T9773] CPU: 0 UID: 0 PID: 9773 Comm: syz.4.1535 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  316.501964][ T9773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  316.501976][ T9773] Call Trace:
[  316.501984][ T9773]  <TASK>
[  316.501992][ T9773]  dump_stack_lvl+0x189/0x250
[  316.502023][ T9773]  ? __pfx____ratelimit+0x10/0x10
[  316.502048][ T9773]  ? __pfx_dump_stack_lvl+0x10/0x10
[  316.502074][ T9773]  ? __pfx__printk+0x10/0x10
[  316.502102][ T9773]  ? __pfx___might_resched+0x10/0x10
[  316.502123][ T9773]  ? fs_reclaim_acquire+0x7d/0x100
[  316.502153][ T9773]  should_fail_ex+0x46c/0x600
[  316.502186][ T9773]  ? getname_flags+0xb8/0x540
[  316.502212][ T9773]  should_failslab+0xa8/0x100
[  316.502238][ T9773]  ? getname_flags+0xb8/0x540
[  316.502261][ T9773]  kmem_cache_alloc_noprof+0x6f/0x6b0
[  316.502287][ T9773]  ? __pfx_vfs_write+0x10/0x10
[  316.502312][ T9773]  getname_flags+0xb8/0x540
[  316.502343][ T9773]  do_sys_openat2+0xbc/0x1c0
[  316.502365][ T9773]  ? __pfx_do_sys_openat2+0x10/0x10
[  316.502388][ T9773]  ? ksys_write+0x230/0x260
[  316.502413][ T9773]  ? __pfx_ksys_write+0x10/0x10
[  316.502438][ T9773]  __x64_sys_openat+0x138/0x170
[  316.502463][ T9773]  do_syscall_64+0xfa/0xfa0
[  316.502489][ T9773]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.502507][ T9773]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  316.502524][ T9773]  ? clear_bhb_loop+0x60/0xb0
[  316.502547][ T9773]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  316.502565][ T9773] RIP: 0033:0x7f50fecbf6c9
[  316.502582][ T9773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  316.502598][ T9773] RSP: 002b:00007f50fcedc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  316.502618][ T9773] RAX: ffffffffffffffda RBX: 00007f50fef16180 RCX: 00007f50fecbf6c9
[  316.502632][ T9773] RDX: 0000000000000000 RSI: 0000200000000480 RDI: ffffffffffffff9c
[  316.502645][ T9773] RBP: 00007f50fcedc090 R08: 0000000000000000 R09: 0000000000000000
[  316.502657][ T9773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  316.502668][ T9773] R13: 00007f50fef16218 R14: 00007f50fef16180 R15: 00007ffda0128118
[  316.502701][ T9773]  </TASK>
[  317.328697][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  317.328769][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  317.952407][ T9785] netlink: 1624 bytes leftover after parsing attributes in process `syz.0.1541'.
[  318.043486][   T13] bridge_slave_1: left allmulticast mode
[  318.043514][   T13] bridge_slave_1: left promiscuous mode
[  318.043756][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  318.149576][   T13] bridge_slave_0: left allmulticast mode
[  318.149604][   T13] bridge_slave_0: left promiscuous mode
[  318.149860][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  320.429288][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  320.511410][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  320.552893][   T13] bond0 (unregistering): Released all slaves
[  320.770297][ T9113] 8021q: adding VLAN 0 to HW filter on device bond0
[  321.188046][   T13] hsr_slave_0: left promiscuous mode
[  321.228921][   T13] hsr_slave_1: left promiscuous mode
[  321.229876][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  321.280914][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  321.335879][ T9912] FAULT_INJECTION: forcing a failure.
[  321.335879][ T9912] name failslab, interval 1, probability 0, space 0, times 0
[  321.335913][ T9912] CPU: 1 UID: 0 PID: 9912 Comm: syz.2.1600 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  321.335935][ T9912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  321.335947][ T9912] Call Trace:
[  321.335954][ T9912]  <TASK>
[  321.335962][ T9912]  dump_stack_lvl+0x189/0x250
[  321.335992][ T9912]  ? __pfx____ratelimit+0x10/0x10
[  321.336016][ T9912]  ? __pfx_dump_stack_lvl+0x10/0x10
[  321.336041][ T9912]  ? __pfx__printk+0x10/0x10
[  321.336068][ T9912]  ? __pfx___might_resched+0x10/0x10
[  321.336087][ T9912]  ? fs_reclaim_acquire+0x7d/0x100
[  321.336115][ T9912]  should_fail_ex+0x46c/0x600
[  321.336151][ T9912]  ? getname_flags+0xb8/0x540
[  321.336175][ T9912]  should_failslab+0xa8/0x100
[  321.336201][ T9912]  ? getname_flags+0xb8/0x540
[  321.336223][ T9912]  kmem_cache_alloc_noprof+0x6f/0x6b0
[  321.336247][ T9912]  ? ksys_write+0x230/0x260
[  321.336273][ T9912]  getname_flags+0xb8/0x540
[  321.336303][ T9912]  __x64_sys_unlinkat+0xac/0xf0
[  321.336328][ T9912]  do_syscall_64+0xfa/0xfa0
[  321.336350][ T9912]  ? lockdep_hardirqs_on+0x9c/0x150
[  321.336374][ T9912]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.336392][ T9912]  ? clear_bhb_loop+0x60/0xb0
[  321.336415][ T9912]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  321.336433][ T9912] RIP: 0033:0x7f9301bdf6c9
[  321.336449][ T9912] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  321.336466][ T9912] RSP: 002b:00007f92ffe3e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000107
[  321.336486][ T9912] RAX: ffffffffffffffda RBX: 00007f9301e35fa0 RCX: 00007f9301bdf6c9
[  321.336500][ T9912] RDX: 0000000000000200 RSI: 0000200000000380 RDI: ffffffffffffff9c
[  321.336513][ T9912] RBP: 00007f92ffe3e090 R08: 0000000000000000 R09: 0000000000000000
[  321.336525][ T9912] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  321.336536][ T9912] R13: 00007f9301e36038 R14: 00007f9301e35fa0 R15: 00007fffb2219028
[  321.336569][ T9912]  </TASK>
[  322.023168][    C1] vkms_vblank_simulate: vblank timer overrun
[  322.207979][    C1] vkms_vblank_simulate: vblank timer overrun
[  322.375854][    C1] vkms_vblank_simulate: vblank timer overrun
[  322.461215][    C1] vkms_vblank_simulate: vblank timer overrun
[  322.718464][ T9937] FAULT_INJECTION: forcing a failure.
[  322.718464][ T9937] name failslab, interval 1, probability 0, space 0, times 0
[  322.718499][ T9937] CPU: 1 UID: 0 PID: 9937 Comm: syz.2.1611 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  322.718521][ T9937] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  322.718532][ T9937] Call Trace:
[  322.718540][ T9937]  <TASK>
[  322.718548][ T9937]  dump_stack_lvl+0x189/0x250
[  322.718579][ T9937]  ? __pfx____ratelimit+0x10/0x10
[  322.718603][ T9937]  ? __pfx_dump_stack_lvl+0x10/0x10
[  322.718629][ T9937]  ? __pfx__printk+0x10/0x10
[  322.718657][ T9937]  ? __pfx___might_resched+0x10/0x10
[  322.718682][ T9937]  should_fail_ex+0x46c/0x600
[  322.718713][ T9937]  should_failslab+0xa8/0x100
[  322.718741][ T9937]  __kmalloc_noprof+0xcc/0x7d0
[  322.718765][ T9937]  ? kfree+0x51/0x950
[  322.718783][ T9937]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  322.718811][ T9937]  tomoyo_realpath_from_path+0xe3/0x5d0
[  322.718835][ T9937]  ? tomoyo_domain+0xda/0x130
[  322.718863][ T9937]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  322.718890][ T9937]  tomoyo_path_number_perm+0x1e8/0x5a0
[  322.718920][ T9937]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  322.718952][ T9937]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  322.718977][ T9937]  ? lockdep_hardirqs_on+0x9c/0x150
[  322.719029][ T9937]  ? __fget_files+0x2a/0x420
[  322.719055][ T9937]  ? __fget_files+0x3a6/0x420
[  322.719075][ T9937]  ? __fget_files+0x2a/0x420
[  322.719102][ T9937]  security_file_ioctl+0xcb/0x2d0
[  322.719123][ T9937]  __se_sys_ioctl+0x47/0x170
[  322.719146][ T9937]  do_syscall_64+0xfa/0xfa0
[  322.719168][ T9937]  ? lockdep_hardirqs_on+0x9c/0x150
[  322.719191][ T9937]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.719210][ T9937]  ? clear_bhb_loop+0x60/0xb0
[  322.719232][ T9937]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  322.719249][ T9937] RIP: 0033:0x7f9301bdf6c9
[  322.719267][ T9937] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  322.719283][ T9937] RSP: 002b:00007f92ffe3e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  322.719311][ T9937] RAX: ffffffffffffffda RBX: 00007f9301e35fa0 RCX: 00007f9301bdf6c9
[  322.719325][ T9937] RDX: 0000200000000340 RSI: 00000000c018643a RDI: 0000000000000003
[  322.719338][ T9937] RBP: 00007f92ffe3e090 R08: 0000000000000000 R09: 0000000000000000
[  322.719350][ T9937] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  322.719361][ T9937] R13: 00007f9301e36038 R14: 00007f9301e35fa0 R15: 00007fffb2219028
[  322.719394][ T9937]  </TASK>
[  322.719402][ T9937] ERROR: Out of memory at tomoyo_realpath_from_path.
[  323.177161][ T9947] FAULT_INJECTION: forcing a failure.
[  323.177161][ T9947] name failslab, interval 1, probability 0, space 0, times 0
[  323.177194][ T9947] CPU: 1 UID: 0 PID: 9947 Comm: syz.4.1617 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  323.177214][ T9947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  323.177225][ T9947] Call Trace:
[  323.177232][ T9947]  <TASK>
[  323.177239][ T9947]  dump_stack_lvl+0x189/0x250
[  323.177277][ T9947]  ? __pfx____ratelimit+0x10/0x10
[  323.177299][ T9947]  ? __pfx_dump_stack_lvl+0x10/0x10
[  323.177322][ T9947]  ? __pfx__printk+0x10/0x10
[  323.177347][ T9947]  ? __pfx___might_resched+0x10/0x10
[  323.177370][ T9947]  should_fail_ex+0x46c/0x600
[  323.177398][ T9947]  should_failslab+0xa8/0x100
[  323.177424][ T9947]  __kmalloc_noprof+0xcc/0x7d0
[  323.177445][ T9947]  ? kfree+0x51/0x950
[  323.177461][ T9947]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  323.177487][ T9947]  tomoyo_realpath_from_path+0xe3/0x5d0
[  323.177508][ T9947]  ? tomoyo_domain+0xda/0x130
[  323.177533][ T9947]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  323.177559][ T9947]  tomoyo_path_number_perm+0x1e8/0x5a0
[  323.177587][ T9947]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  323.177615][ T9947]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  323.177638][ T9947]  ? lockdep_hardirqs_on+0x9c/0x150
[  323.177688][ T9947]  ? __fget_files+0x2a/0x420
[  323.177719][ T9947]  ? __fget_files+0x3a6/0x420
[  323.177739][ T9947]  ? __fget_files+0x2a/0x420
[  323.177765][ T9947]  security_file_ioctl+0xcb/0x2d0
[  323.177785][ T9947]  __se_sys_ioctl+0x47/0x170
[  323.177807][ T9947]  do_syscall_64+0xfa/0xfa0
[  323.177829][ T9947]  ? lockdep_hardirqs_on+0x9c/0x150
[  323.177850][ T9947]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.177867][ T9947]  ? clear_bhb_loop+0x60/0xb0
[  323.177887][ T9947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  323.177903][ T9947] RIP: 0033:0x7f50fecbf6c9
[  323.177920][ T9947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  323.177934][ T9947] RSP: 002b:00007f50fcf1e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  323.177953][ T9947] RAX: ffffffffffffffda RBX: 00007f50fef15fa0 RCX: 00007f50fecbf6c9
[  323.177965][ T9947] RDX: 0000200000000000 RSI: 00000000c008561c RDI: 0000000000000003
[  323.177977][ T9947] RBP: 00007f50fcf1e090 R08: 0000000000000000 R09: 0000000000000000
[  323.177987][ T9947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  323.177997][ T9947] R13: 00007f50fef16038 R14: 00007f50fef15fa0 R15: 00007ffda0128118
[  323.178028][ T9947]  </TASK>
[  323.187964][ T9947] ERROR: Out of memory at tomoyo_realpath_from_path.
[  323.768103][   T13] team0 (unregistering): Port device team_slave_1 removed
[  324.028561][   T13] team0 (unregistering): Port device team_slave_0 removed
[  324.213582][ T9988] FAULT_INJECTION: forcing a failure.
[  324.213582][ T9988] name failslab, interval 1, probability 0, space 0, times 0
[  324.213605][ T9988] CPU: 0 UID: 0 PID: 9988 Comm: syz.4.1637 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  324.213618][ T9988] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  324.213624][ T9988] Call Trace:
[  324.213629][ T9988]  <TASK>
[  324.213634][ T9988]  dump_stack_lvl+0x189/0x250
[  324.213655][ T9988]  ? __pfx____ratelimit+0x10/0x10
[  324.213669][ T9988]  ? __pfx_dump_stack_lvl+0x10/0x10
[  324.213684][ T9988]  ? __pfx__printk+0x10/0x10
[  324.213699][ T9988]  ? __pfx___might_resched+0x10/0x10
[  324.213711][ T9988]  ? fs_reclaim_acquire+0x7d/0x100
[  324.213728][ T9988]  should_fail_ex+0x46c/0x600
[  324.213745][ T9988]  ? __alloc_skb+0x112/0x2d0
[  324.213755][ T9988]  should_failslab+0xa8/0x100
[  324.213771][ T9988]  ? __alloc_skb+0x112/0x2d0
[  324.213780][ T9988]  kmem_cache_alloc_node_noprof+0x78/0x6e0
[  324.213798][ T9988]  __alloc_skb+0x112/0x2d0
[  324.213811][ T9988]  alloc_skb_with_frags+0xca/0x890
[  324.213830][ T9988]  sock_alloc_send_pskb+0x859/0x990
[  324.213859][ T9988]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  324.213873][ T9988]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[  324.213888][ T9988]  ? __might_fault+0xb0/0x130
[  324.213905][ T9988]  hci_sock_sendmsg+0x207/0xef0
[  324.213926][ T9988]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  324.213948][ T9988]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  324.213962][ T9988]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[  324.213979][ T9988]  __sock_sendmsg+0x21c/0x270
[  324.213996][ T9988]  sock_write_iter+0x27f/0x370
[  324.214012][ T9988]  ? __pfx_sock_write_iter+0x10/0x10
[  324.214038][ T9988]  vfs_write+0x5d5/0xb40
[  324.214054][ T9988]  ? __pfx_sock_write_iter+0x10/0x10
[  324.214068][ T9988]  ? __pfx_vfs_write+0x10/0x10
[  324.214092][ T9988]  ? __fget_files+0x2a/0x420
[  324.214112][ T9988]  ksys_write+0x14b/0x260
[  324.214126][ T9988]  ? __pfx_ksys_write+0x10/0x10
[  324.214141][ T9988]  ? do_syscall_64+0xbe/0xfa0
[  324.214158][ T9988]  do_syscall_64+0xfa/0xfa0
[  324.214171][ T9988]  ? lockdep_hardirqs_on+0x9c/0x150
[  324.214185][ T9988]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.214195][ T9988]  ? clear_bhb_loop+0x60/0xb0
[  324.214208][ T9988]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  324.214219][ T9988] RIP: 0033:0x7f50fecbf6c9
[  324.214229][ T9988] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  324.214238][ T9988] RSP: 002b:00007f50fcf1e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  324.214249][ T9988] RAX: ffffffffffffffda RBX: 00007f50fef15fa0 RCX: 00007f50fecbf6c9
[  324.214257][ T9988] RDX: 0000000000000006 RSI: 0000200000000080 RDI: 0000000000000004
[  324.214264][ T9988] RBP: 00007f50fcf1e090 R08: 0000000000000000 R09: 0000000000000000
[  324.214270][ T9988] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  324.214276][ T9988] R13: 00007f50fef16038 R14: 00007f50fef15fa0 R15: 00007ffda0128118
[  324.214293][ T9988]  </TASK>
[  324.852815][T10014] syz.0.1648 uses obsolete (PF_INET,SOCK_PACKET)
[  325.083143][    C1] vkms_vblank_simulate: vblank timer overrun
[  328.205871][ T9113] 8021q: adding VLAN 0 to HW filter on device team0
[  328.259569][ T4830] bridge0: port 1(bridge_slave_0) entered blocking state
[  328.285559][T10034] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1655'.
[  328.293164][ T4830] bridge0: port 1(bridge_slave_0) entered forwarding state
[  328.462298][ T4830] bridge0: port 2(bridge_slave_1) entered blocking state
[  328.463144][ T4830] bridge0: port 2(bridge_slave_1) entered forwarding state
[  329.433220][    C1] vkms_vblank_simulate: vblank timer overrun
[  329.590681][ T9464] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  329.637283][ T9464] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  329.683484][    C1] vkms_vblank_simulate: vblank timer overrun
[  329.719267][ T5132] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  329.752138][ T9464] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  329.815534][ T9464] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  329.879920][ T5132] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  329.879948][ T5132] usb 1-1: config 0 has no interface number 0
[  329.882594][ T5132] usb 1-1: New USB device found, idVendor=04e8, idProduct=6601, bcdDevice=93.2f
[  329.882623][ T5132] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  329.882645][ T5132] usb 1-1: Product: syz
[  329.882660][ T5132] usb 1-1: Manufacturer: syz
[  329.882674][ T5132] usb 1-1: SerialNumber: syz
[  329.905566][ T5132] usb 1-1: config 0 descriptor??
[  329.922125][ T5132] usb 1-1: active config #0 != 1 ??
[  329.976601][ T9113] 8021q: adding VLAN 0 to HW filter on device batadv0
[  330.744433][ T5876] usb 1-1: USB disconnect, device number 13
[  330.773683][ T9113] veth0_vlan: entered promiscuous mode
[  330.856331][ T9113] veth1_vlan: entered promiscuous mode
[  330.916207][ T9464] 8021q: adding VLAN 0 to HW filter on device bond0
[  331.019072][ T9464] 8021q: adding VLAN 0 to HW filter on device team0
[  331.059367][ T2223] bridge0: port 1(bridge_slave_0) entered blocking state
[  331.059582][ T2223] bridge0: port 1(bridge_slave_0) entered forwarding state
[  331.078877][ T9113] veth0_macvtap: entered promiscuous mode
[  331.095851][  T173] bridge0: port 2(bridge_slave_1) entered blocking state
[  331.096023][  T173] bridge0: port 2(bridge_slave_1) entered forwarding state
[  331.125203][ T9113] veth1_macvtap: entered promiscuous mode
[  331.182074][ T9113] batman_adv: batadv0: Interface activated: batadv_slave_0
[  331.214030][ T9113] batman_adv: batadv0: Interface activated: batadv_slave_1
[  331.277087][  T173] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  331.277406][  T173] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  331.278160][  T173] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  331.278736][  T173] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  331.470037][T10113] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1684'.
[  331.759238][ T1148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  331.759259][ T1148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  331.990867][  T173] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  331.990889][  T173] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  332.078449][ T9464] 8021q: adding VLAN 0 to HW filter on device batadv0
[  332.322927][ T9464] veth0_vlan: entered promiscuous mode
[  332.370013][ T9464] veth1_vlan: entered promiscuous mode
[  332.527312][ T9464] veth0_macvtap: entered promiscuous mode
[  332.543304][ T9464] veth1_macvtap: entered promiscuous mode
[  332.672681][ T9464] batman_adv: batadv0: Interface activated: batadv_slave_0
[  332.712586][ T9464] batman_adv: batadv0: Interface activated: batadv_slave_1
[  332.719813][    T9] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  332.726150][T10158] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1702'.
[  332.787205][   T69] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  332.798811][   T69] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  332.800767][   T69] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  332.802702][   T69] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  332.882503][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  332.882531][    T9] usb 1-1: config 0 has no interfaces?
[  332.882562][    T9] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  332.882586][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  332.891361][    T9] usb 1-1: config 0 descriptor??
[  333.178521][T10149] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  333.237141][    T9] usb 1-1: USB disconnect, device number 14
[  333.896305][ T1148] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  333.896326][ T1148] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  334.320666][ T2223] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  334.320687][ T2223] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  336.473648][T10211] netlink: 'syz.0.1720': attribute type 1 has an invalid length.
[  336.616500][T10208] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1722'.
[  337.072119][T10228] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1728'.
[  337.502892][   T61] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  337.513305][   T61] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  337.514876][   T61] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  337.516540][   T61] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  337.517470][   T61] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  337.752797][T10228] 8021q: adding VLAN 0 to HW filter on device bond1
[  338.917463][T10246] FAULT_INJECTION: forcing a failure.
[  338.917463][T10246] name failslab, interval 1, probability 0, space 0, times 0
[  338.917497][T10246] CPU: 1 UID: 0 PID: 10246 Comm: syz.3.1732 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  338.917520][T10246] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  338.917531][T10246] Call Trace:
[  338.917539][T10246]  <TASK>
[  338.917547][T10246]  dump_stack_lvl+0x189/0x250
[  338.917577][T10246]  ? __pfx____ratelimit+0x10/0x10
[  338.917602][T10246]  ? __pfx_dump_stack_lvl+0x10/0x10
[  338.917627][T10246]  ? __pfx__printk+0x10/0x10
[  338.917655][T10246]  ? __pfx___might_resched+0x10/0x10
[  338.917675][T10246]  ? fs_reclaim_acquire+0x7d/0x100
[  338.917708][T10246]  should_fail_ex+0x46c/0x600
[  338.917737][T10246]  should_failslab+0xa8/0x100
[  338.917764][T10246]  __kmalloc_cache_noprof+0x6f/0x6c0
[  338.917787][T10246]  ? resv_map_alloc+0x51/0x2e0
[  338.917813][T10246]  resv_map_alloc+0x51/0x2e0
[  338.917836][T10246]  hugetlbfs_get_inode+0x68/0x660
[  338.917862][T10246]  ? fput+0xa0/0xd0
[  338.917882][T10246]  hugetlb_file_setup+0x21d/0x640
[  338.917907][T10246]  ksys_mmap_pgoff+0x22f/0x720
[  338.917932][T10246]  ? __x64_sys_mmap+0x7f/0x140
[  338.917956][T10246]  do_syscall_64+0xfa/0xfa0
[  338.917978][T10246]  ? lockdep_hardirqs_on+0x9c/0x150
[  338.917999][T10246]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.918017][T10246]  ? clear_bhb_loop+0x60/0xb0
[  338.918039][T10246]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.918056][T10246] RIP: 0033:0x7f20cb91f6c9
[  338.918073][T10246] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  338.918087][T10246] RSP: 002b:00007f20c9b7e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  338.918106][T10246] RAX: ffffffffffffffda RBX: 00007f20cbb75fa0 RCX: 00007f20cb91f6c9
[  338.918119][T10246] RDX: 0000000003000003 RSI: 000000000095c000 RDI: 0000200000000000
[  338.918131][T10246] RBP: 00007f20c9b7e090 R08: ffffffffffffffff R09: 0000000000000000
[  338.918144][T10246] R10: 8c4b815a5465c2b1 R11: 0000000000000246 R12: 0000000000000001
[  338.918157][T10246] R13: 00007f20cbb76038 R14: 00007f20cbb75fa0 R15: 00007ffd6091cd18
[  338.918186][T10246]  </TASK>
[  339.608253][ T5120] Bluetooth: hci3: command tx timeout
[  339.886061][T10257] netlink: 'syz.1.1736': attribute type 72 has an invalid length.
[  339.911136][T10231] bond1 (unregistering): Released all slaves
[  340.056013][T10259] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1737'.
[  341.614093][T10275] Falling back ldisc for ttyprintk.
[  341.697913][ T5120] Bluetooth: hci3: command tx timeout
[  341.745933][ T1361] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.960599][T10283] netlink: 1688 bytes leftover after parsing attributes in process `syz.2.1745'.
[  342.049821][ T1361] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  342.137563][T10287] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1747'.
[  342.150771][T10285] netlink: 'syz.0.1746': attribute type 72 has an invalid length.
[  342.490610][T10287] bond0: (slave bond_slave_1): Releasing backup interface
[  343.673498][ T1361] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  343.767881][ T5120] Bluetooth: hci3: command tx timeout
[  344.838393][T10317] netlink: 1688 bytes leftover after parsing attributes in process `syz.2.1758'.
[  344.950994][T10319] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.1757'.
[  345.061873][ T1361] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.557852][T10340] FAULT_INJECTION: forcing a failure.
[  345.557852][T10340] name failslab, interval 1, probability 0, space 0, times 0
[  345.557910][T10340] CPU: 1 UID: 0 PID: 10340 Comm: syz.3.1763 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  345.557933][T10340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  345.557945][T10340] Call Trace:
[  345.557953][T10340]  <TASK>
[  345.557962][T10340]  dump_stack_lvl+0x189/0x250
[  345.557993][T10340]  ? __pfx____ratelimit+0x10/0x10
[  345.558018][T10340]  ? __pfx_dump_stack_lvl+0x10/0x10
[  345.558043][T10340]  ? __pfx__printk+0x10/0x10
[  345.558071][T10340]  ? __pfx___might_resched+0x10/0x10
[  345.558091][T10340]  ? fs_reclaim_acquire+0x7d/0x100
[  345.558121][T10340]  should_fail_ex+0x46c/0x600
[  345.558149][T10340]  ? prepare_creds+0x31/0x6c0
[  345.558174][T10340]  should_failslab+0xa8/0x100
[  345.558201][T10340]  ? prepare_creds+0x31/0x6c0
[  345.558224][T10340]  kmem_cache_alloc_noprof+0x6f/0x6b0
[  345.558256][T10340]  prepare_creds+0x31/0x6c0
[  345.558286][T10340]  cap_task_prctl+0x25b/0xaa0
[  345.558311][T10340]  security_task_prctl+0xf6/0x190
[  345.558342][T10340]  __se_sys_prctl+0xa4/0x1830
[  345.558364][T10340]  ? __pfx___se_sys_prctl+0x10/0x10
[  345.558387][T10340]  ? do_syscall_64+0xbe/0xfa0
[  345.558410][T10340]  ? __x64_sys_prctl+0x20/0xc0
[  345.558430][T10340]  do_syscall_64+0xfa/0xfa0
[  345.558456][T10340]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.558473][T10340]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  345.558491][T10340]  ? clear_bhb_loop+0x60/0xb0
[  345.558513][T10340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  345.558531][T10340] RIP: 0033:0x7f20cb91f6c9
[  345.558548][T10340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  345.558565][T10340] RSP: 002b:00007f20c9b3c038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[  345.558585][T10340] RAX: ffffffffffffffda RBX: 00007f20cbb76180 RCX: 00007f20cb91f6c9
[  345.558599][T10340] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000018
[  345.558616][T10340] RBP: 00007f20c9b3c090 R08: 0000000000000000 R09: 0000000000000000
[  345.558628][T10340] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  345.558639][T10340] R13: 00007f20cbb76218 R14: 00007f20cbb76180 R15: 00007ffd6091cd18
[  345.558672][T10340]  </TASK>
[  346.212512][ T5120] Bluetooth: hci3: command tx timeout
[  346.752268][T10353] FAULT_INJECTION: forcing a failure.
[  346.752268][T10353] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  346.752323][T10353] CPU: 0 UID: 0 PID: 10353 Comm: syz.2.1770 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  346.752347][T10353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  346.752358][T10353] Call Trace:
[  346.752366][T10353]  <TASK>
[  346.752374][T10353]  dump_stack_lvl+0x189/0x250
[  346.752397][T10353]  ? __pfx____ratelimit+0x10/0x10
[  346.752412][T10353]  ? __pfx_dump_stack_lvl+0x10/0x10
[  346.752427][T10353]  ? __pfx__printk+0x10/0x10
[  346.752446][T10353]  should_fail_ex+0x46c/0x600
[  346.752464][T10353]  strncpy_from_user+0x36/0x290
[  346.752479][T10353]  do_tcp_setsockopt+0x2ab/0x1f20
[  346.752494][T10353]  ? __pfx_do_tcp_setsockopt+0x10/0x10
[  346.752505][T10353]  ? irqentry_exit+0x74/0x90
[  346.752519][T10353]  ? lockdep_hardirqs_on+0x9c/0x150
[  346.752540][T10353]  ? sock_common_setsockopt+0x36/0xc0
[  346.752554][T10353]  ? tcp_setsockopt+0x3d/0xe0
[  346.752564][T10353]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  346.752580][T10353]  do_sock_setsockopt+0x17c/0x1b0
[  346.752595][T10353]  __x64_sys_setsockopt+0x145/0x1b0
[  346.752610][T10353]  do_syscall_64+0xfa/0xfa0
[  346.752625][T10353]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.752635][T10353]  ? asm_sysvec_call_function_single+0x1a/0x20
[  346.752645][T10353]  ? clear_bhb_loop+0x60/0xb0
[  346.752657][T10353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  346.752667][T10353] RIP: 0033:0x7f9301bdf6c9
[  346.752677][T10353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  346.752686][T10353] RSP: 002b:00007f92ffe1d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  346.752698][T10353] RAX: ffffffffffffffda RBX: 00007f9301e36090 RCX: 00007f9301bdf6c9
[  346.752706][T10353] RDX: 000000000000001f RSI: 0000000000000006 RDI: 0000000000000004
[  346.752712][T10353] RBP: 00007f92ffe1d090 R08: 0000000000000004 R09: 0000000000000000
[  346.752719][T10353] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[  346.752725][T10353] R13: 00007f9301e36128 R14: 00007f9301e36090 R15: 00007fffb2219028
[  346.752747][T10353]  </TASK>
[  347.311658][T10354] netlink: 1688 bytes leftover after parsing attributes in process `syz.1.1771'.
[  347.466250][T10234] chnl_net:caif_netlink_parms(): no params data found
[  347.737933][    T9] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  347.895649][    T9] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  347.895684][    T9] usb 3-1: config 0 has no interface number 0
[  347.915319][    T9] usb 3-1: New USB device found, idVendor=04e8, idProduct=6601, bcdDevice=93.2f
[  347.915349][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  347.915370][    T9] usb 3-1: Product: syz
[  347.915385][    T9] usb 3-1: Manufacturer: syz
[  347.915400][    T9] usb 3-1: SerialNumber: syz
[  347.943472][T10376] kvm: pic: non byte read
[  347.943816][T10376] kvm: pic: non byte read
[  347.944114][T10376] kvm: pic: non byte read
[  347.944404][T10376] kvm: pic: non byte read
[  347.944733][T10376] kvm: pic: non byte read
[  347.945023][T10376] kvm: pic: non byte read
[  347.945389][T10376] kvm: pic: level sensitive irq not supported
[  347.945463][T10376] kvm: pic: non byte read
[  347.945717][T10376] kvm: pic: level sensitive irq not supported
[  347.945773][T10376] kvm: pic: non byte read
[  347.946067][T10376] kvm: pic: non byte read
[  348.073967][    T9] usb 3-1: config 0 descriptor??
[  348.093218][    T9] usb 3-1: active config #0 != 1 ??
[  348.110436][ T1361] bridge_slave_1: left allmulticast mode
[  348.110464][ T1361] bridge_slave_1: left promiscuous mode
[  348.110719][ T1361] bridge0: port 2(bridge_slave_1) entered disabled state
[  348.198792][ T1361] bridge_slave_0: left allmulticast mode
[  348.198812][ T1361] bridge_slave_0: left promiscuous mode
[  348.199012][ T1361] bridge0: port 1(bridge_slave_0) entered disabled state
[  348.297858][ T5965] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  348.746469][ T5965] usb 2-1: device descriptor read/64, error -71
[  348.892692][ T5917] usb 3-1: USB disconnect, device number 10
[  348.964671][T10387] netlink: 'syz.3.1783': attribute type 72 has an invalid length.
[  348.980556][ T5965] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  349.112100][ T5965] usb 2-1: device descriptor read/64, error -71
[  349.229895][ T5965] usb usb2-port1: attempt power cycle
[  349.567858][ T5965] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  349.589105][ T5965] usb 2-1: device descriptor read/8, error -71
[  349.871124][ T5965] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  349.914049][ T5965] usb 2-1: device descriptor read/8, error -71
[  350.019962][ T5965] usb usb2-port1: unable to enumerate USB device
[  350.838418][ T1361] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  350.924469][ T1361] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  350.990563][ T1361] bond0 (unregistering): Released all slaves
[  351.361411][T10234] bridge0: port 1(bridge_slave_0) entered blocking state
[  351.361545][T10234] bridge0: port 1(bridge_slave_0) entered disabled state
[  351.361764][T10234] bridge_slave_0: entered allmulticast mode
[  351.397871][T10234] bridge_slave_0: entered promiscuous mode
[  351.428019][T10234] bridge0: port 2(bridge_slave_1) entered blocking state
[  351.428154][T10234] bridge0: port 2(bridge_slave_1) entered disabled state
[  351.428398][T10234] bridge_slave_1: entered allmulticast mode
[  351.459093][T10234] bridge_slave_1: entered promiscuous mode
[  351.678215][T10417] FAULT_INJECTION: forcing a failure.
[  351.678215][T10417] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  351.678238][T10417] CPU: 0 UID: 0 PID: 10417 Comm: syz.1.1792 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  351.678257][T10417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  351.678264][T10417] Call Trace:
[  351.678270][T10417]  <TASK>
[  351.678276][T10417]  dump_stack_lvl+0x189/0x250
[  351.678298][T10417]  ? __pfx____ratelimit+0x10/0x10
[  351.678313][T10417]  ? __pfx_dump_stack_lvl+0x10/0x10
[  351.678328][T10417]  ? __pfx__printk+0x10/0x10
[  351.678349][T10417]  should_fail_ex+0x46c/0x600
[  351.678367][T10417]  _copy_to_user+0x31/0xb0
[  351.678380][T10417]  simple_read_from_buffer+0xe1/0x170
[  351.678397][T10417]  proc_fail_nth_read+0x1b6/0x220
[  351.678412][T10417]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  351.678424][T10417]  ? rw_verify_area+0x2ac/0x4e0
[  351.678437][T10417]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  351.678448][T10417]  vfs_read+0x206/0xa30
[  351.678466][T10417]  ? __pfx_vfs_read+0x10/0x10
[  351.678477][T10417]  ? try_to_take_rt_mutex+0x7fd/0xac0
[  351.678494][T10417]  ? mutex_lock_nested+0x154/0x1d0
[  351.678504][T10417]  ? fdget_pos+0x253/0x320
[  351.678524][T10417]  ksys_read+0x14b/0x260
[  351.678537][T10417]  ? __pfx_ksys_read+0x10/0x10
[  351.678552][T10417]  ? do_syscall_64+0xbe/0xfa0
[  351.678568][T10417]  do_syscall_64+0xfa/0xfa0
[  351.678582][T10417]  ? lockdep_hardirqs_on+0x9c/0x150
[  351.678596][T10417]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.678606][T10417]  ? clear_bhb_loop+0x60/0xb0
[  351.678618][T10417]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.678628][T10417] RIP: 0033:0x7f5dc525e0dc
[  351.678639][T10417] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  351.678649][T10417] RSP: 002b:00007f5dc34a5030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  351.678661][T10417] RAX: ffffffffffffffda RBX: 00007f5dc54b6090 RCX: 00007f5dc525e0dc
[  351.678668][T10417] RDX: 000000000000000f RSI: 00007f5dc34a50a0 RDI: 0000000000000005
[  351.678675][T10417] RBP: 00007f5dc34a5090 R08: 0000000000000000 R09: 0000000000000000
[  351.678681][T10417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  351.678687][T10417] R13: 00007f5dc54b6128 R14: 00007f5dc54b6090 R15: 00007ffd8a0ce5e8
[  351.678705][T10417]  </TASK>
[  351.747579][T10416] netlink: 'syz.2.1793': attribute type 72 has an invalid length.
[  352.522411][T10234] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  352.539297][T10234] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  352.820910][T10448] netlink: 'syz.0.1804': attribute type 72 has an invalid length.
[  353.708709][T10475] FAULT_INJECTION: forcing a failure.
[  353.708709][T10475] name failslab, interval 1, probability 0, space 0, times 0
[  353.708768][T10475] CPU: 1 UID: 0 PID: 10475 Comm: syz.2.1809 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  353.708791][T10475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  353.708802][T10475] Call Trace:
[  353.708811][T10475]  <TASK>
[  353.708819][T10475]  dump_stack_lvl+0x189/0x250
[  353.708856][T10475]  ? __pfx____ratelimit+0x10/0x10
[  353.708880][T10475]  ? __pfx_dump_stack_lvl+0x10/0x10
[  353.708907][T10475]  ? __pfx__printk+0x10/0x10
[  353.708935][T10475]  ? __pfx___might_resched+0x10/0x10
[  353.708960][T10475]  should_fail_ex+0x46c/0x600
[  353.708992][T10475]  should_failslab+0xa8/0x100
[  353.709020][T10475]  __kmalloc_noprof+0xcc/0x7d0
[  353.709042][T10475]  ? kfree+0x51/0x950
[  353.709061][T10475]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  353.709090][T10475]  tomoyo_realpath_from_path+0xe3/0x5d0
[  353.709114][T10475]  ? tomoyo_domain+0xda/0x130
[  353.709142][T10475]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  353.709170][T10475]  tomoyo_path_number_perm+0x1e8/0x5a0
[  353.709200][T10475]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  353.709228][T10475]  ? __pfx___schedule+0x10/0x10
[  353.709290][T10475]  ? __fget_files+0x2a/0x420
[  353.709320][T10475]  ? __fget_files+0x3a6/0x420
[  353.709343][T10475]  ? __fget_files+0x2a/0x420
[  353.709371][T10475]  security_file_ioctl+0xcb/0x2d0
[  353.709393][T10475]  __se_sys_ioctl+0x47/0x170
[  353.709417][T10475]  do_syscall_64+0xfa/0xfa0
[  353.709444][T10475]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.709461][T10475]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  353.709479][T10475]  ? clear_bhb_loop+0x60/0xb0
[  353.709502][T10475]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.709520][T10475] RIP: 0033:0x7f9301bdf6c9
[  353.709537][T10475] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.709553][T10475] RSP: 002b:00007f92ffdfc038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  353.709573][T10475] RAX: ffffffffffffffda RBX: 00007f9301e36180 RCX: 00007f9301bdf6c9
[  353.709587][T10475] RDX: 0000200000000140 RSI: 0000000040104593 RDI: 0000000000000007
[  353.709599][T10475] RBP: 00007f92ffdfc090 R08: 0000000000000000 R09: 0000000000000000
[  353.709612][T10475] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  353.709624][T10475] R13: 00007f9301e36218 R14: 00007f9301e36180 R15: 00007fffb2219028
[  353.709658][T10475]  </TASK>
[  353.709694][T10475] ERROR: Out of memory at tomoyo_realpath_from_path.
[  354.965972][T10234] team0: Port device team_slave_0 added
[  355.043888][T10479] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1813'.
[  356.441709][  T992] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  357.013866][ T1361] hsr_slave_0: left promiscuous mode
[  357.088514][ T1361] hsr_slave_1: left promiscuous mode
[  357.089456][ T1361] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  357.089488][ T1361] batman_adv: batadv0: Removing interface: batadv_slave_0
[  357.127993][  T992] usb 3-1: device descriptor read/64, error -71
[  357.156477][T10497] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.1817'.
[  357.377928][  T992] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  357.478719][ T1361] veth1_macvtap: left promiscuous mode
[  357.478830][ T1361] veth0_macvtap: left promiscuous mode
[  357.479097][ T1361] veth1_vlan: left promiscuous mode
[  357.480144][ T1361] veth0_vlan: left promiscuous mode
[  357.691412][  T992] usb 3-1: device descriptor read/64, error -71
[  357.801157][  T992] usb usb3-port1: attempt power cycle
[  358.137849][  T992] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  359.945463][ T1361] team0 (unregistering): Port device team_slave_1 removed
[  360.208568][ T1361] team0 (unregistering): Port device team_slave_0 removed
[  362.593824][T10234] team0: Port device team_slave_1 added
[  362.650783][  T992] usb 3-1: device descriptor read/8, error -71
[  362.891579][T10516] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1824'.
[  363.340013][T10511] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  363.474528][T10518] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  363.485404][ T5965] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  363.775530][ T5965] usb 1-1: device descriptor read/64, error -71
[  364.109644][T10511] netlink: 'syz.3.1820': attribute type 12 has an invalid length.
[  364.139892][T10522] netlink: 'syz.1.1822': attribute type 12 has an invalid length.
[  364.148794][T10234] batman_adv: batadv0: Adding interface: batadv_slave_0
[  364.148810][T10234] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  364.148835][T10234] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  364.160988][T10234] batman_adv: batadv0: Adding interface: batadv_slave_1
[  364.161003][T10234] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  364.161028][T10234] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  364.227890][ T5965] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  364.357869][ T5965] usb 1-1: device descriptor read/64, error -71
[  365.387503][ T5965] usb usb1-port1: attempt power cycle
[  365.532293][  T992] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  365.561267][T10234] hsr_slave_0: entered promiscuous mode
[  365.562666][T10234] hsr_slave_1: entered promiscuous mode
[  365.563645][T10234] debugfs: 'hsr0' already exists in 'hsr'
[  365.563669][T10234] Cannot create hsr debugfs directory
[  365.634121][T10544] netlink: 1752 bytes leftover after parsing attributes in process `syz.1.1829'.
[  365.697814][  T992] usb 4-1: Using ep0 maxpacket: 32
[  365.700092][  T992] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  365.700118][  T992] usb 4-1: config 0 has no interface number 0
[  365.703152][  T992] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  365.703179][  T992] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  365.703200][  T992] usb 4-1: Product: syz
[  365.703214][  T992] usb 4-1: Manufacturer: syz
[  365.703230][  T992] usb 4-1: SerialNumber: syz
[  365.737850][ T5965] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  365.782049][  T992] usb 4-1: config 0 descriptor??
[  365.803389][  T992] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  365.862778][ T5965] usb 1-1: device descriptor read/8, error -71
[  366.045916][  T992] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  366.052258][T10554] netlink: 'syz.0.1832': attribute type 5 has an invalid length.
[  366.086646][  T992] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  366.462886][    C1] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -71
[  366.463843][ T5876] usb 4-1: USB disconnect, device number 7
[  366.547900][ T5876] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  366.548207][T10563] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1835'.
[  366.565288][ T5876] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  366.566187][ T5876] quatech2 4-1:0.51: device disconnected
[  367.813391][   T37] kauditd_printk_skb: 1 callbacks suppressed
[  367.813409][   T37] audit: type=1326 audit(1762948104.687:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10574 comm="syz.2.1839" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9301bdf6c9 code=0x0
[  367.872560][   T37] audit: type=1326 audit(1762948104.747:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10574 comm="syz.2.1839" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9301bdf6c9 code=0x0
[  367.970508][T10583] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.1841'.
[  369.993810][T10621] FAULT_INJECTION: forcing a failure.
[  369.993810][T10621] name failslab, interval 1, probability 0, space 0, times 0
[  369.993840][T10621] CPU: 0 UID: 0 PID: 10621 Comm: syz.1.1854 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  369.993862][T10621] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  369.993874][T10621] Call Trace:
[  369.993882][T10621]  <TASK>
[  369.993891][T10621]  dump_stack_lvl+0x189/0x250
[  369.993922][T10621]  ? __pfx____ratelimit+0x10/0x10
[  369.993946][T10621]  ? __pfx_dump_stack_lvl+0x10/0x10
[  369.993972][T10621]  ? __pfx__printk+0x10/0x10
[  369.994000][T10621]  ? __pfx___might_resched+0x10/0x10
[  369.994019][T10621]  ? fs_reclaim_acquire+0x7d/0x100
[  369.994048][T10621]  should_fail_ex+0x46c/0x600
[  369.994076][T10621]  ? getname_flags+0xb8/0x540
[  369.994099][T10621]  should_failslab+0xa8/0x100
[  369.994124][T10621]  ? getname_flags+0xb8/0x540
[  369.994145][T10621]  kmem_cache_alloc_noprof+0x6f/0x6b0
[  369.994169][T10621]  ? ksys_write+0x230/0x260
[  369.994193][T10621]  getname_flags+0xb8/0x540
[  369.994223][T10621]  __x64_sys_unlinkat+0xac/0xf0
[  369.994248][T10621]  do_syscall_64+0xfa/0xfa0
[  369.994271][T10621]  ? lockdep_hardirqs_on+0x9c/0x150
[  369.994294][T10621]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.994312][T10621]  ? clear_bhb_loop+0x60/0xb0
[  369.994341][T10621]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  369.994358][T10621] RIP: 0033:0x7f5dc525f6c9
[  369.994376][T10621] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  369.994392][T10621] RSP: 002b:00007f5dc34c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000107
[  369.994412][T10621] RAX: ffffffffffffffda RBX: 00007f5dc54b5fa0 RCX: 00007f5dc525f6c9
[  369.994426][T10621] RDX: 0000000000000200 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  369.994439][T10621] RBP: 00007f5dc34c6090 R08: 0000000000000000 R09: 0000000000000000
[  369.994451][T10621] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  369.994461][T10621] R13: 00007f5dc54b6038 R14: 00007f5dc54b5fa0 R15: 00007ffd8a0ce5e8
[  369.994495][T10621]  </TASK>
[  370.237856][ T5876] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  370.362140][T10628] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.1855'.
[  370.424077][ T5876] usb 4-1: New USB device found, idVendor=0bfd, idProduct=0017, bcdDevice=2f.a3
[  370.424101][ T5876] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.424120][ T5876] usb 4-1: Product: syz
[  370.424131][ T5876] usb 4-1: Manufacturer: syz
[  370.424142][ T5876] usb 4-1: SerialNumber: syz
[  370.485951][ T5876] usb 4-1: config 0 descriptor??
[  370.594729][ T5876] kvaser_usb 4-1:0.0: error -ENODEV: Cannot get usb endpoint(s)
[  370.778133][ T5965] usb 4-1: USB disconnect, device number 8
[  371.465520][T10670] netlink: 112 bytes leftover after parsing attributes in process `syz.1.1869'.
[  371.732881][T10234] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  371.743378][T10683] netlink: 'syz.2.1872': attribute type 11 has an invalid length.
[  371.743401][T10683] netlink: 190972 bytes leftover after parsing attributes in process `syz.2.1872'.
[  371.799730][T10234] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  371.841145][T10234] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  371.922670][T10234] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  372.254111][T10709] FAULT_INJECTION: forcing a failure.
[  372.254111][T10709] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  372.254145][T10709] CPU: 0 UID: 0 PID: 10709 Comm: syz.1.1878 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  372.254166][T10709] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  372.254177][T10709] Call Trace:
[  372.254185][T10709]  <TASK>
[  372.254193][T10709]  dump_stack_lvl+0x189/0x250
[  372.254224][T10709]  ? __pfx____ratelimit+0x10/0x10
[  372.254249][T10709]  ? __pfx_dump_stack_lvl+0x10/0x10
[  372.254274][T10709]  ? __pfx__printk+0x10/0x10
[  372.254296][T10709]  ? __might_fault+0xb0/0x130
[  372.254331][T10709]  should_fail_ex+0x46c/0x600
[  372.254362][T10709]  _copy_from_user+0x2d/0xb0
[  372.254383][T10709]  do_ip_vs_set_ctl+0x2d3/0xa60
[  372.254412][T10709]  ? __pfx_do_ip_vs_set_ctl+0x10/0x10
[  372.254440][T10709]  ? lockdep_hardirqs_on+0x9c/0x150
[  372.254471][T10709]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  372.254503][T10709]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  372.254524][T10709]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  372.254551][T10709]  ? nf_setsockopt+0x221/0x290
[  372.254579][T10709]  nf_setsockopt+0x26f/0x290
[  372.254604][T10709]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  372.254631][T10709]  do_sock_setsockopt+0x17c/0x1b0
[  372.254656][T10709]  __x64_sys_setsockopt+0x145/0x1b0
[  372.254681][T10709]  do_syscall_64+0xfa/0xfa0
[  372.254703][T10709]  ? lockdep_hardirqs_on+0x9c/0x150
[  372.254726][T10709]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.254742][T10709]  ? clear_bhb_loop+0x60/0xb0
[  372.254763][T10709]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.254780][T10709] RIP: 0033:0x7f5dc525f6c9
[  372.254796][T10709] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  372.254812][T10709] RSP: 002b:00007f5dc34c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  372.254832][T10709] RAX: ffffffffffffffda RBX: 00007f5dc54b5fa0 RCX: 00007f5dc525f6c9
[  372.254846][T10709] RDX: 0000000000000488 RSI: 0000000000000000 RDI: 0000000000000003
[  372.254857][T10709] RBP: 00007f5dc34c6090 R08: 0000000000000044 R09: 0000000000000000
[  372.254869][T10709] R10: 00002000000007c0 R11: 0000000000000246 R12: 0000000000000001
[  372.254881][T10709] R13: 00007f5dc54b6038 R14: 00007f5dc54b5fa0 R15: 00007ffd8a0ce5e8
[  372.254919][T10709]  </TASK>
[  373.057501][T10234] 8021q: adding VLAN 0 to HW filter on device bond0
[  373.404661][T10234] 8021q: adding VLAN 0 to HW filter on device team0
[  373.444365][ T1148] bridge0: port 1(bridge_slave_0) entered blocking state
[  373.444662][ T1148] bridge0: port 1(bridge_slave_0) entered forwarding state
[  373.497024][ T1355] bridge0: port 2(bridge_slave_1) entered blocking state
[  373.497305][ T1355] bridge0: port 2(bridge_slave_1) entered forwarding state
[  374.527919][ T5876] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  374.689677][T10750] binder: 10749:10750 ioctl c0306201 200000000080 returned -14
[  374.690523][T10750] binder: BINDER_SET_CONTEXT_MGR already set
[  374.690535][T10750] binder: 10749:10750 ioctl 4018620d 200000000040 returned -16
[  374.691257][T10750] FAULT_INJECTION: forcing a failure.
[  374.691257][T10750] name failslab, interval 1, probability 0, space 0, times 0
[  374.691286][T10750] CPU: 0 UID: 0 PID: 10750 Comm: syz.2.1891 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  374.691308][T10750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  374.691318][T10750] Call Trace:
[  374.691327][T10750]  <TASK>
[  374.691335][T10750]  dump_stack_lvl+0x189/0x250
[  374.691366][T10750]  ? __pfx____ratelimit+0x10/0x10
[  374.691391][T10750]  ? __pfx_dump_stack_lvl+0x10/0x10
[  374.691416][T10750]  ? __pfx__printk+0x10/0x10
[  374.691441][T10750]  ? __pfx___might_resched+0x10/0x10
[  374.691466][T10750]  should_fail_ex+0x46c/0x600
[  374.691496][T10750]  should_failslab+0xa8/0x100
[  374.691524][T10750]  __kmalloc_noprof+0xcc/0x7d0
[  374.691547][T10750]  ? kfree+0x51/0x950
[  374.691565][T10750]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  374.691593][T10750]  tomoyo_realpath_from_path+0xe3/0x5d0
[  374.691617][T10750]  ? tomoyo_domain+0xda/0x130
[  374.691644][T10750]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  374.691671][T10750]  tomoyo_path_number_perm+0x1e8/0x5a0
[  374.691699][T10750]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  374.691729][T10750]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  374.691755][T10750]  ? lockdep_hardirqs_on+0x9c/0x150
[  374.691809][T10750]  ? __fget_files+0x2a/0x420
[  374.691839][T10750]  ? __fget_files+0x3a6/0x420
[  374.691860][T10750]  ? __fget_files+0x2a/0x420
[  374.691894][T10750]  security_file_ioctl+0xcb/0x2d0
[  374.691915][T10750]  __se_sys_ioctl+0x47/0x170
[  374.691937][T10750]  do_syscall_64+0xfa/0xfa0
[  374.691959][T10750]  ? lockdep_hardirqs_on+0x9c/0x150
[  374.691982][T10750]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  374.692000][T10750]  ? clear_bhb_loop+0x60/0xb0
[  374.692022][T10750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  374.692040][T10750] RIP: 0033:0x7f9301bdf6c9
[  374.692057][T10750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  374.692072][T10750] RSP: 002b:00007f92ffe3e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  374.692093][T10750] RAX: ffffffffffffffda RBX: 00007f9301e35fa0 RCX: 00007f9301bdf6c9
[  374.692107][T10750] RDX: 00002000000003c0 RSI: 00000000c0306201 RDI: 0000000000000003
[  374.692119][T10750] RBP: 00007f92ffe3e090 R08: 0000000000000000 R09: 0000000000000000
[  374.692132][T10750] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  374.692143][T10750] R13: 00007f9301e36038 R14: 00007f9301e35fa0 R15: 00007fffb2219028
[  374.692177][T10750]  </TASK>
[  374.692185][T10750] ERROR: Out of memory at tomoyo_realpath_from_path.
[  374.692486][ T5876] usb 4-1: Using ep0 maxpacket: 32
[  374.709762][ T5876] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  374.709792][ T5876] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  375.037841][ T5876] usb 4-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=4d.a7
[  375.037872][ T5876] usb 4-1: New USB device strings: Mfr=152, Product=158, SerialNumber=3
[  375.037893][ T5876] usb 4-1: Product: syz
[  375.037906][ T5876] usb 4-1: Manufacturer: syz
[  375.037921][ T5876] usb 4-1: SerialNumber: syz
[  375.110181][ T5876] usb 4-1: config 0 descriptor??
[  375.158479][ T5876] usb 4-1: no audio or video endpoints found
[  375.237498][T10234] 8021q: adding VLAN 0 to HW filter on device batadv0
[  375.355951][ T5965] usb 4-1: USB disconnect, device number 9
[  375.452714][ T5855] usb 1-1: new full-speed USB device number 19 using dummy_hcd
[  375.613979][ T5855] usb 1-1: config 0 has an invalid interface number: 41 but max is 0
[  375.614009][ T5855] usb 1-1: config 0 has no interface number 0
[  375.614058][ T5855] usb 1-1: config 0 interface 41 has no altsetting 0
[  375.617619][ T5855] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  375.617649][ T5855] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  375.617669][ T5855] usb 1-1: Product: syz
[  375.617683][ T5855] usb 1-1: Manufacturer: syz
[  375.619286][ T5855] usb 1-1: SerialNumber: syz
[  375.649369][ T5855] usb 1-1: config 0 descriptor??
[  375.777911][    T9] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  375.910537][    T9] usb 3-1: device descriptor read/64, error -71
[  376.063717][T10756] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1892'.
[  376.133549][T10786] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1892'.
[  376.149165][    T9] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  376.255147][T10787] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  376.272565][T10787] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  376.279834][    T9] usb 3-1: device descriptor read/64, error -71
[  376.400530][    T9] usb usb3-port1: attempt power cycle
[  376.697877][  T992] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  376.748053][    T9] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  376.768869][    T9] usb 3-1: device descriptor read/8, error -71
[  376.900818][  T992] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  376.900847][  T992] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  376.900867][  T992] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  376.900928][  T992] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  376.900954][  T992] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  376.904730][  T992] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  376.904757][  T992] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  376.904778][  T992] usb 4-1: Product: syz
[  376.904790][  T992] usb 4-1: Manufacturer: syz
[  377.008993][    T9] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  377.028925][    T9] usb 3-1: device descriptor read/8, error -71
[  377.031663][  T992] cdc_wdm 4-1:1.0: skipping garbage
[  377.031683][  T992] cdc_wdm 4-1:1.0: skipping garbage
[  377.054869][  T992] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  377.054890][  T992] cdc_wdm 4-1:1.0: Unknown control protocol
[  377.067552][T10234] veth0_vlan: entered promiscuous mode
[  377.118296][T10810] FAULT_INJECTION: forcing a failure.
[  377.118296][T10810] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  377.118330][T10810] CPU: 1 UID: 0 PID: 10810 Comm: syz.1.1906 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  377.118352][T10810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  377.118363][T10810] Call Trace:
[  377.118371][T10810]  <TASK>
[  377.118379][T10810]  dump_stack_lvl+0x189/0x250
[  377.118417][T10810]  ? __pfx____ratelimit+0x10/0x10
[  377.118441][T10810]  ? __pfx_dump_stack_lvl+0x10/0x10
[  377.118466][T10810]  ? __pfx__printk+0x10/0x10
[  377.118488][T10810]  ? __might_fault+0xb0/0x130
[  377.118523][T10810]  should_fail_ex+0x46c/0x600
[  377.118554][T10810]  _copy_from_user+0x2d/0xb0
[  377.118574][T10810]  ___sys_sendmsg+0x158/0x2a0
[  377.118600][T10810]  ? __pfx____sys_sendmsg+0x10/0x10
[  377.118656][T10810]  ? __fget_files+0x2a/0x420
[  377.118680][T10810]  ? __fget_files+0x3a6/0x420
[  377.118714][T10810]  __x64_sys_sendmsg+0x1a1/0x260
[  377.118739][T10810]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  377.118778][T10810]  ? do_syscall_64+0xbe/0xfa0
[  377.118806][T10810]  do_syscall_64+0xfa/0xfa0
[  377.118828][T10810]  ? lockdep_hardirqs_on+0x9c/0x150
[  377.118851][T10810]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.118869][T10810]  ? clear_bhb_loop+0x60/0xb0
[  377.118889][T10810]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.118906][T10810] RIP: 0033:0x7f5dc525f6c9
[  377.118922][T10810] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  377.118938][T10810] RSP: 002b:00007f5dc34c6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  377.118957][T10810] RAX: ffffffffffffffda RBX: 00007f5dc54b5fa0 RCX: 00007f5dc525f6c9
[  377.118968][T10810] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  377.118978][T10810] RBP: 00007f5dc34c6090 R08: 0000000000000000 R09: 0000000000000000
[  377.118988][T10810] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  377.118996][T10810] R13: 00007f5dc54b6038 R14: 00007f5dc54b5fa0 R15: 00007ffd8a0ce5e8
[  377.119020][T10810]  </TASK>
[  377.138711][    T9] usb usb3-port1: unable to enumerate USB device
[  377.152108][T10234] veth1_vlan: entered promiscuous mode
[  377.219203][T10793] FAULT_INJECTION: forcing a failure.
[  377.219203][T10793] name failslab, interval 1, probability 0, space 0, times 0
[  377.219236][T10793] CPU: 0 UID: 0 PID: 10793 Comm: syz.3.1900 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  377.219261][T10793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  377.219272][T10793] Call Trace:
[  377.219279][T10793]  <TASK>
[  377.219287][T10793]  dump_stack_lvl+0x189/0x250
[  377.219318][T10793]  ? __pfx____ratelimit+0x10/0x10
[  377.219342][T10793]  ? __pfx_dump_stack_lvl+0x10/0x10
[  377.219367][T10793]  ? __pfx__printk+0x10/0x10
[  377.219394][T10793]  ? __pfx___might_resched+0x10/0x10
[  377.219415][T10793]  ? fs_reclaim_acquire+0x7d/0x100
[  377.219442][T10793]  should_fail_ex+0x46c/0x600
[  377.219470][T10793]  ? getname_flags+0xb8/0x540
[  377.219493][T10793]  should_failslab+0xa8/0x100
[  377.219519][T10793]  ? getname_flags+0xb8/0x540
[  377.219541][T10793]  kmem_cache_alloc_noprof+0x6f/0x6b0
[  377.219565][T10793]  ? __pfx_vfs_write+0x10/0x10
[  377.219590][T10793]  getname_flags+0xb8/0x540
[  377.219619][T10793]  do_sys_openat2+0xbc/0x1c0
[  377.219640][T10793]  ? __pfx_do_sys_openat2+0x10/0x10
[  377.219668][T10793]  ? ksys_write+0x230/0x260
[  377.219691][T10793]  ? __pfx_ksys_write+0x10/0x10
[  377.219715][T10793]  __x64_sys_openat+0x138/0x170
[  377.219739][T10793]  do_syscall_64+0xfa/0xfa0
[  377.219761][T10793]  ? lockdep_hardirqs_on+0x9c/0x150
[  377.219784][T10793]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.219802][T10793]  ? clear_bhb_loop+0x60/0xb0
[  377.219824][T10793]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.219842][T10793] RIP: 0033:0x7f20cb91df10
[  377.219858][T10793] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 69 95 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 bc 95 02 00 8b 44
[  377.219873][T10793] RSP: 002b:00007f20c9b7db70 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  377.219892][T10793] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f20cb91df10
[  377.219904][T10793] RDX: 0000000000000002 RSI: 00007f20c9b7dc10 RDI: 00000000ffffff9c
[  377.219916][T10793] RBP: 00007f20c9b7dc10 R08: 0000000000000000 R09: 00007f20c9b7d987
[  377.219957][T10793] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000001
[  377.219968][T10793] R13: 00007f20cbb76038 R14: 00007f20cbb75fa0 R15: 00007ffd6091cd18
[  377.219999][T10793]  </TASK>
[  377.330670][T10234] veth0_macvtap: entered promiscuous mode
[  377.362943][T10234] veth1_macvtap: entered promiscuous mode
[  377.444669][ T5876] usb 4-1: USB disconnect, device number 10
[  377.553005][T10234] batman_adv: batadv0: Interface activated: batadv_slave_0
[  377.681763][T10234] batman_adv: batadv0: Interface activated: batadv_slave_1
[  377.710984][  T152] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  377.711095][  T173] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  377.711132][  T173] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  377.754852][  T173] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  378.193384][  T152] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  378.193405][  T152] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  378.286396][ T5855] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): set LINK LED failed : -71
[  378.286644][ T5855] CoreChips 1-1:0.41: probe with driver CoreChips failed with error -71
[  378.367168][ T5855] usb 1-1: USB disconnect, device number 19
[  378.497878][ T3662] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  378.497899][ T3662] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  378.669562][T10838] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1913'.
[  378.733011][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  378.733081][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  379.125351][    C1] vkms_vblank_simulate: vblank timer overrun
[  379.608208][    C1] vkms_vblank_simulate: vblank timer overrun
[  380.069272][    C1] vkms_vblank_simulate: vblank timer overrun
[  380.239135][T10867] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1921'.
[  380.254829][T10869] FAULT_INJECTION: forcing a failure.
[  380.254829][T10869] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  380.254863][T10869] CPU: 1 UID: 0 PID: 10869 Comm: syz.2.1922 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  380.254884][T10869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  380.254896][T10869] Call Trace:
[  380.254904][T10869]  <TASK>
[  380.254912][T10869]  dump_stack_lvl+0x189/0x250
[  380.254943][T10869]  ? __pfx____ratelimit+0x10/0x10
[  380.254967][T10869]  ? __pfx_dump_stack_lvl+0x10/0x10
[  380.254992][T10869]  ? __pfx__printk+0x10/0x10
[  380.255013][T10869]  ? __might_fault+0xb0/0x130
[  380.255055][T10869]  should_fail_ex+0x46c/0x600
[  380.255084][T10869]  _copy_from_user+0x2d/0xb0
[  380.255105][T10869]  ax25_setsockopt+0x16c/0xc20
[  380.255134][T10869]  ? __pfx_ax25_setsockopt+0x10/0x10
[  380.255162][T10869]  ? __fget_files+0x2a/0x420
[  380.255185][T10869]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  380.255209][T10869]  ? __pfx_ax25_setsockopt+0x10/0x10
[  380.255231][T10869]  do_sock_setsockopt+0x17c/0x1b0
[  380.255257][T10869]  __x64_sys_setsockopt+0x145/0x1b0
[  380.255283][T10869]  do_syscall_64+0xfa/0xfa0
[  380.255306][T10869]  ? lockdep_hardirqs_on+0x9c/0x150
[  380.255329][T10869]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.255347][T10869]  ? clear_bhb_loop+0x60/0xb0
[  380.255368][T10869]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  380.255385][T10869] RIP: 0033:0x7f9301bdf6c9
[  380.255401][T10869] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  380.255417][T10869] RSP: 002b:00007f92ffe3e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  380.255436][T10869] RAX: ffffffffffffffda RBX: 00007f9301e35fa0 RCX: 00007f9301bdf6c9
[  380.255450][T10869] RDX: 0000000000000019 RSI: 0000000000000101 RDI: 0000000000000005
[  380.255461][T10869] RBP: 00007f92ffe3e090 R08: 0000000000000010 R09: 0000000000000000
[  380.255472][T10869] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[  380.255484][T10869] R13: 00007f9301e36038 R14: 00007f9301e35fa0 R15: 00007fffb2219028
[  380.255515][T10869]  </TASK>
[  380.409963][T10867] 8021q: adding VLAN 0 to HW filter on device bond1
[  380.437843][ T5855] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  380.600229][ T5855] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  380.600258][ T5855] usb 5-1: config 0 has no interfaces?
[  380.600289][ T5855] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  380.600312][ T5855] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  380.643147][ T5855] usb 5-1: config 0 descriptor??
[  380.972523][T10863] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  380.988290][ T5855] usb 5-1: USB disconnect, device number 12
[  381.598303][T10890] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1928'.
[  381.619950][T10895] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1929'.
[  382.202198][T10903] binder: 10901:10903 ioctl c008561c 2000000000c0 returned -22
[  382.202500][T10903] binder: 10901:10903 ioctl 4028af11 0 returned -22
[  383.950261][T10944] FAULT_INJECTION: forcing a failure.
[  383.950261][T10944] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  383.950294][T10944] CPU: 0 UID: 0 PID: 10944 Comm: syz.1.1947 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  383.950317][T10944] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  383.950328][T10944] Call Trace:
[  383.950335][T10944]  <TASK>
[  383.950342][T10944]  dump_stack_lvl+0x189/0x250
[  383.950372][T10944]  ? __pfx____ratelimit+0x10/0x10
[  383.950395][T10944]  ? __pfx_dump_stack_lvl+0x10/0x10
[  383.950420][T10944]  ? __pfx__printk+0x10/0x10
[  383.950441][T10944]  ? __might_fault+0xb0/0x130
[  383.950478][T10944]  should_fail_ex+0x46c/0x600
[  383.950508][T10944]  _copy_from_user+0x2d/0xb0
[  383.950529][T10944]  ___sys_sendmsg+0x158/0x2a0
[  383.950555][T10944]  ? __pfx____sys_sendmsg+0x10/0x10
[  383.950614][T10944]  ? __fget_files+0x2a/0x420
[  383.950637][T10944]  ? __fget_files+0x3a6/0x420
[  383.950672][T10944]  __sys_sendmmsg+0x22d/0x430
[  383.950700][T10944]  ? __pfx___sys_sendmmsg+0x10/0x10
[  383.950740][T10944]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  383.950780][T10944]  ? ksys_write+0x230/0x260
[  383.950804][T10944]  ? __pfx_ksys_write+0x10/0x10
[  383.950831][T10944]  __x64_sys_sendmmsg+0xa0/0xc0
[  383.950855][T10944]  do_syscall_64+0xfa/0xfa0
[  383.950878][T10944]  ? lockdep_hardirqs_on+0x9c/0x150
[  383.950902][T10944]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.950920][T10944]  ? clear_bhb_loop+0x60/0xb0
[  383.950943][T10944]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.950961][T10944] RIP: 0033:0x7f5dc525f6c9
[  383.950978][T10944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  383.950993][T10944] RSP: 002b:00007f5dc34a5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  383.951013][T10944] RAX: ffffffffffffffda RBX: 00007f5dc54b6090 RCX: 00007f5dc525f6c9
[  383.951027][T10944] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[  383.951040][T10944] RBP: 00007f5dc34a5090 R08: 0000000000000000 R09: 0000000000000000
[  383.951052][T10944] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  383.951063][T10944] R13: 00007f5dc54b6128 R14: 00007f5dc54b6090 R15: 00007ffd8a0ce5e8
[  383.951095][T10944]  </TASK>
[  384.252191][T10873] bond1 (unregistering): Released all slaves
[  384.428214][ T5855] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  384.646942][ T5855] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  384.647413][ T5855] usb 4-1: config 0 has no interfaces?
[  384.666674][ T5855] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  384.666879][ T5855] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  385.272321][    C0] vkms_vblank_simulate: vblank timer overrun
[  385.325018][    C0] vkms_vblank_simulate: vblank timer overrun
[  385.341854][ T5855] usb 4-1: config 0 descriptor??
[  385.589439][T10945] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  385.616698][ T5855] usb 4-1: USB disconnect, device number 11
[  386.385285][T10968] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1954'.
[  386.385967][    C0] vkms_vblank_simulate: vblank timer overrun
[  386.412831][ T5876] usb 3-1: new low-speed USB device number 19 using dummy_hcd
[  386.559544][    C0] vkms_vblank_simulate: vblank timer overrun
[  386.615721][    C0] vkms_vblank_simulate: vblank timer overrun
[  386.687903][ T5876] usb 3-1: device descriptor read/64, error -71
[  387.008254][ T5876] usb 3-1: new low-speed USB device number 20 using dummy_hcd
[  387.375025][ T5876] usb 3-1: device descriptor read/64, error -71
[  387.491325][ T5876] usb usb3-port1: attempt power cycle
[  387.880332][ T5876] usb 3-1: new low-speed USB device number 21 using dummy_hcd
[  387.898529][ T5876] usb 3-1: device descriptor read/8, error -71
[  388.137973][ T5876] usb 3-1: new low-speed USB device number 22 using dummy_hcd
[  388.163877][ T5876] usb 3-1: device descriptor read/8, error -71
[  388.469683][    C0] vkms_vblank_simulate: vblank timer overrun
[  388.474360][ T5876] usb usb3-port1: unable to enumerate USB device
[  388.653118][T11004] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1970'.
[  388.656220][    C0] vkms_vblank_simulate: vblank timer overrun
[  389.034260][    C0] vkms_vblank_simulate: vblank timer overrun
[  389.757840][ T5132] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  389.911072][T11023] FAULT_INJECTION: forcing a failure.
[  389.911072][T11023] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  389.911107][T11023] CPU: 0 UID: 0 PID: 11023 Comm: syz.4.1971 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  389.911129][T11023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  389.911141][T11023] Call Trace:
[  389.911149][T11023]  <TASK>
[  389.911157][T11023]  dump_stack_lvl+0x189/0x250
[  389.911187][T11023]  ? __pfx____ratelimit+0x10/0x10
[  389.911212][T11023]  ? __pfx_dump_stack_lvl+0x10/0x10
[  389.911238][T11023]  ? __pfx__printk+0x10/0x10
[  389.911259][T11023]  ? __might_fault+0xb0/0x130
[  389.911301][T11023]  should_fail_ex+0x46c/0x600
[  389.911332][T11023]  _copy_from_user+0x2d/0xb0
[  389.911354][T11023]  __se_sys_copy_file_range+0x1b0/0x470
[  389.911380][T11023]  ? fput+0xa0/0xd0
[  389.911401][T11023]  ? __pfx___se_sys_copy_file_range+0x10/0x10
[  389.911427][T11023]  ? __pfx_ksys_write+0x10/0x10
[  389.911452][T11023]  ? __x64_sys_copy_file_range+0x21/0xf0
[  389.911482][T11023]  do_syscall_64+0xfa/0xfa0
[  389.911506][T11023]  ? lockdep_hardirqs_on+0x9c/0x150
[  389.911529][T11023]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.911547][T11023]  ? clear_bhb_loop+0x60/0xb0
[  389.911570][T11023]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  389.911588][T11023] RIP: 0033:0x7fe77831f6c9
[  389.911605][T11023] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  389.911621][T11023] RSP: 002b:00007fe77655d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000146
[  389.911641][T11023] RAX: ffffffffffffffda RBX: 00007fe778576090 RCX: 00007fe77831f6c9
[  389.911655][T11023] RDX: 0000000000000003 RSI: 0000000000000000 RDI: 0000000000000003
[  389.911667][T11023] RBP: 00007fe77655d090 R08: 0000000000000b51 R09: 0000000000000000
[  389.911679][T11023] R10: 00002000000000c0 R11: 0000000000000246 R12: 0000000000000001
[  389.911691][T11023] R13: 00007fe778576128 R14: 00007fe778576090 R15: 00007ffd2487db78
[  389.911723][T11023]  </TASK>
[  389.921810][ T5132] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  389.921837][ T5132] usb 3-1: config 0 has no interfaces?
[  389.921869][ T5132] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  389.921893][ T5132] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  389.977946][ T5132] usb 3-1: config 0 descriptor??
[  390.308284][T11013] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  390.378090][   T37] audit: type=1326 audit(1762948127.247:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11029 comm="syz.3.1984" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f20cb91f6c9 code=0x0
[  390.420331][ T5132] usb 3-1: USB disconnect, device number 23
[  390.432680][   T37] audit: type=1326 audit(1762948127.307:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11029 comm="syz.3.1984" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f20cb91f6c9 code=0x0
[  390.757900][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.204755][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.236789][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.270390][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.311733][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.343156][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.374212][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.478701][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.514339][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.548223][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.580103][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.629828][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.660759][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.781785][    C0] vkms_vblank_simulate: vblank timer overrun
[  391.799304][    C0] vkms_vblank_simulate: vblank timer overrun
[  392.739526][T11059] FAULT_INJECTION: forcing a failure.
[  392.739526][T11059] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  392.739560][T11059] CPU: 0 UID: 0 PID: 11059 Comm: syz.2.1994 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  392.739582][T11059] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  392.739593][T11059] Call Trace:
[  392.739601][T11059]  <TASK>
[  392.739609][T11059]  dump_stack_lvl+0x189/0x250
[  392.739640][T11059]  ? __pfx____ratelimit+0x10/0x10
[  392.739664][T11059]  ? __pfx_dump_stack_lvl+0x10/0x10
[  392.739690][T11059]  ? __pfx__printk+0x10/0x10
[  392.739711][T11059]  ? __might_fault+0xb0/0x130
[  392.739748][T11059]  should_fail_ex+0x46c/0x600
[  392.739777][T11059]  _copy_from_user+0x2d/0xb0
[  392.739798][T11059]  ___sys_sendmsg+0x158/0x2a0
[  392.739825][T11059]  ? __pfx____sys_sendmsg+0x10/0x10
[  392.739883][T11059]  ? __fget_files+0x2a/0x420
[  392.739907][T11059]  ? __fget_files+0x3a6/0x420
[  392.739942][T11059]  __x64_sys_sendmsg+0x1a1/0x260
[  392.739967][T11059]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  392.739998][T11059]  ? __pfx_ksys_write+0x10/0x10
[  392.740031][T11059]  ? do_syscall_64+0xbe/0xfa0
[  392.740060][T11059]  do_syscall_64+0xfa/0xfa0
[  392.740083][T11059]  ? lockdep_hardirqs_on+0x9c/0x150
[  392.740106][T11059]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.740125][T11059]  ? clear_bhb_loop+0x60/0xb0
[  392.740147][T11059]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  392.740165][T11059] RIP: 0033:0x7f9301bdf6c9
[  392.740182][T11059] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  392.740198][T11059] RSP: 002b:00007f92ffe3e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  392.740218][T11059] RAX: ffffffffffffffda RBX: 00007f9301e35fa0 RCX: 00007f9301bdf6c9
[  392.740232][T11059] RDX: 0000000020040800 RSI: 0000200000000240 RDI: 0000000000000005
[  392.740245][T11059] RBP: 00007f92ffe3e090 R08: 0000000000000000 R09: 0000000000000000
[  392.740257][T11059] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  392.740269][T11059] R13: 00007f9301e36038 R14: 00007f9301e35fa0 R15: 00007fffb2219028
[  392.740301][T11059]  </TASK>
[  393.145364][    C0] vkms_vblank_simulate: vblank timer overrun
[  393.176749][    C0] vkms_vblank_simulate: vblank timer overrun
[  393.208328][    C0] vkms_vblank_simulate: vblank timer overrun
[  393.239990][    C0] vkms_vblank_simulate: vblank timer overrun
[  393.270574][    C0] vkms_vblank_simulate: vblank timer overrun
[  393.299344][    C0] vkms_vblank_simulate: vblank timer overrun
[  394.043226][    C0] vkms_vblank_simulate: vblank timer overrun
[  394.073197][    C0] vkms_vblank_simulate: vblank timer overrun
[  394.102019][    C0] vkms_vblank_simulate: vblank timer overrun
[  394.132344][    C0] vkms_vblank_simulate: vblank timer overrun
[  394.307959][    C0] vkms_vblank_simulate: vblank timer overrun
[  394.338080][    C0] vkms_vblank_simulate: vblank timer overrun
[  394.370536][    C0] vkms_vblank_simulate: vblank timer overrun
[  394.403663][    C0] vkms_vblank_simulate: vblank timer overrun
[  394.456845][    C0] vkms_vblank_simulate: vblank timer overrun
[  394.490800][    C0] vkms_vblank_simulate: vblank timer overrun
[  394.529033][    C0] vkms_vblank_simulate: vblank timer overrun
[  394.557765][    C0] vkms_vblank_simulate: vblank timer overrun
[  394.606573][    C0] vkms_vblank_simulate: vblank timer overrun
[  394.634973][    C0] vkms_vblank_simulate: vblank timer overrun
[  394.765605][   T37] audit: type=1326 audit(1762948130.857:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11073 comm="syz.0.1999" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0ee1edf6c9 code=0x0
[  394.765657][   T37] audit: type=1326 audit(1762948130.987:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11073 comm="syz.0.1999" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0ee1edf6c9 code=0x0
[  394.907840][ T5876] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  394.987628][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.017826][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.076260][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.109243][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.139600][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.172547][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.207391][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.236287][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.266099][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.299775][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.333014][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.365229][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.400233][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.461570][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.493171][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.523528][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.553960][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.834841][   T31] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  395.914025][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.945004][    C0] vkms_vblank_simulate: vblank timer overrun
[  395.976156][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.008574][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.040739][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.128686][ T5876] usb 4-1: Using ep0 maxpacket: 16
[  396.131939][ T5876] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  396.131971][ T5876] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  396.131993][ T5876] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  396.132036][ T5876] usb 4-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[  396.132060][ T5876] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  396.137220][ T5876] usb 4-1: config 0 descriptor??
[  396.253430][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.285317][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.333155][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.395403][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.443758][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.475560][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.555715][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.587086][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.618789][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.667613][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.699254][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.775910][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.821691][    C0] vkms_vblank_simulate: vblank timer overrun
[  396.897819][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.058470][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.089806][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.184085][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.233401][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.312448][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.358201][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.387376][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.435181][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.482054][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.543111][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.589938][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.620808][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.652947][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.767412][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.812188][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.842812][    C0] vkms_vblank_simulate: vblank timer overrun
[  397.875808][    C0] vkms_vblank_simulate: vblank timer overrun
[  398.117011][ T5876] usbhid 4-1:0.0: can't add hid device: -71
[  398.117142][ T5876] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  398.187932][ T5876] usb 4-1: USB disconnect, device number 12
[  399.924612][    C0] vkms_vblank_simulate: vblank timer overrun
[  399.999491][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.030695][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.084341][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.117732][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.147269][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.177947][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.209432][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.239496][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.298487][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.332675][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.382954][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.415787][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.446980][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.478021][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.510973][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.544172][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.578374][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.634000][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.668592][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.699272][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.731940][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.763884][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.827778][ T5876] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  400.872614][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.906087][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.979187][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.010012][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.073036][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.428851][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.461074][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.493127][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.524660][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.557914][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.589409][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.638287][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.889223][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.922206][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.003293][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.032926][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.069021][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.101899][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.133272][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.166481][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.198250][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.229876][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.262489][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.295097][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.327152][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.360095][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.390170][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.452349][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.485616][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.516546][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.548819][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.582070][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.613649][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.644881][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.671456][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.719116][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.750414][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.840007][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.873224][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.904955][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.951590][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.982503][    C0] vkms_vblank_simulate: vblank timer overrun
[  403.332135][ T5876] usb 4-1: device descriptor read/all, error -71
[  403.846371][    C0] vkms_vblank_simulate: vblank timer overrun
[  404.231972][  T992] Process accounting resumed
[  404.525018][    C0] vkms_vblank_simulate: vblank timer overrun
[  404.557445][    C0] vkms_vblank_simulate: vblank timer overrun
[  404.587991][    C0] vkms_vblank_simulate: vblank timer overrun
[  404.652685][    C0] vkms_vblank_simulate: vblank timer overrun
[  405.361497][T11142] 9pnet_fd: Insufficient options for proto=fd
[  406.239126][T11157] FAULT_INJECTION: forcing a failure.
[  406.239126][T11157] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  406.239160][T11157] CPU: 0 UID: 0 PID: 11157 Comm: syz.1.2027 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  406.239183][T11157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  406.239194][T11157] Call Trace:
[  406.239203][T11157]  <TASK>
[  406.239211][T11157]  dump_stack_lvl+0x189/0x250
[  406.239241][T11157]  ? __pfx____ratelimit+0x10/0x10
[  406.239265][T11157]  ? __pfx_dump_stack_lvl+0x10/0x10
[  406.239291][T11157]  ? __pfx__printk+0x10/0x10
[  406.239314][T11157]  ? __might_fault+0xb0/0x130
[  406.239349][T11157]  should_fail_ex+0x46c/0x600
[  406.239379][T11157]  _copy_from_user+0x2d/0xb0
[  406.239400][T11157]  ___sys_sendmsg+0x158/0x2a0
[  406.239426][T11157]  ? __pfx____sys_sendmsg+0x10/0x10
[  406.239485][T11157]  ? __fget_files+0x2a/0x420
[  406.239508][T11157]  ? __fget_files+0x3a6/0x420
[  406.239543][T11157]  __x64_sys_sendmsg+0x1a1/0x260
[  406.239567][T11157]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  406.239605][T11157]  ? __pfx_ksys_write+0x10/0x10
[  406.239632][T11157]  ? do_syscall_64+0xbe/0xfa0
[  406.239660][T11157]  do_syscall_64+0xfa/0xfa0
[  406.239683][T11157]  ? lockdep_hardirqs_on+0x9c/0x150
[  406.239707][T11157]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.239726][T11157]  ? clear_bhb_loop+0x60/0xb0
[  406.239748][T11157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.239766][T11157] RIP: 0033:0x7f5dc525f6c9
[  406.239783][T11157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  406.239798][T11157] RSP: 002b:00007f5dc34c6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  406.239817][T11157] RAX: ffffffffffffffda RBX: 00007f5dc54b5fa0 RCX: 00007f5dc525f6c9
[  406.239829][T11157] RDX: 0000000000000000 RSI: 0000200000000180 RDI: 0000000000000003
[  406.239841][T11157] RBP: 00007f5dc34c6090 R08: 0000000000000000 R09: 0000000000000000
[  406.239852][T11157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  406.239863][T11157] R13: 00007f5dc54b6038 R14: 00007f5dc54b5fa0 R15: 00007ffd8a0ce5e8
[  406.239891][T11157]  </TASK>
[  406.277801][   T31] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  406.907815][   T31] usb 5-1: Using ep0 maxpacket: 16
[  406.910722][   T31] usb 5-1: unable to get BOS descriptor or descriptor too short
[  406.912249][   T31] usb 5-1: config 1 interface 0 altsetting 5 endpoint 0x1 has invalid maxpacket 1576, setting to 1024
[  406.912281][   T31] usb 5-1: config 1 interface 0 altsetting 5 bulk endpoint 0x1 has invalid maxpacket 1024
[  406.912306][   T31] usb 5-1: config 1 interface 0 altsetting 5 bulk endpoint 0x82 has invalid maxpacket 16
[  406.912338][   T31] usb 5-1: config 1 interface 0 has no altsetting 0
[  406.917221][   T31] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  406.917247][   T31] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.917268][   T31] usb 5-1: Product: syz
[  406.917283][   T31] usb 5-1: Manufacturer: syz
[  406.917298][   T31] usb 5-1: SerialNumber: syz
[  406.923868][T11159] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.2026'.
[  407.165311][T11154] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  407.165445][T11154] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  410.259641][T11176] FAULT_INJECTION: forcing a failure.
[  410.259641][T11176] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  410.259679][T11176] CPU: 1 UID: 0 PID: 11176 Comm: syz.1.2032 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  410.259728][T11176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  410.259744][T11176] Call Trace:
[  410.259752][T11176]  <TASK>
[  410.259761][T11176]  dump_stack_lvl+0x189/0x250
[  410.259792][T11176]  ? __pfx____ratelimit+0x10/0x10
[  410.259817][T11176]  ? __pfx_dump_stack_lvl+0x10/0x10
[  410.259843][T11176]  ? __pfx__printk+0x10/0x10
[  410.259865][T11176]  ? __might_fault+0xb0/0x130
[  410.259902][T11176]  should_fail_ex+0x46c/0x600
[  410.259933][T11176]  _copy_from_user+0x2d/0xb0
[  410.259955][T11176]  __sys_bpf+0x1e3/0x860
[  410.259983][T11176]  ? __pfx___sys_bpf+0x10/0x10
[  410.260005][T11176]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  410.260043][T11176]  ? ksys_write+0x230/0x260
[  410.260069][T11176]  ? __pfx_ksys_write+0x10/0x10
[  410.260098][T11176]  __x64_sys_bpf+0x7c/0x90
[  410.260122][T11176]  do_syscall_64+0xfa/0xfa0
[  410.260145][T11176]  ? lockdep_hardirqs_on+0x9c/0x150
[  410.260176][T11176]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.260195][T11176]  ? clear_bhb_loop+0x60/0xb0
[  410.260218][T11176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  410.260236][T11176] RIP: 0033:0x7f5dc525f6c9
[  410.260253][T11176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  410.260270][T11176] RSP: 002b:00007f5dc3484038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  410.260290][T11176] RAX: ffffffffffffffda RBX: 00007f5dc54b6180 RCX: 00007f5dc525f6c9
[  410.260304][T11176] RDX: 0000000000000028 RSI: 0000200000000000 RDI: 0000000000000012
[  410.260317][T11176] RBP: 00007f5dc3484090 R08: 0000000000000000 R09: 0000000000000000
[  410.260329][T11176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  410.260340][T11176] R13: 00007f5dc54b6218 R14: 00007f5dc54b6180 R15: 00007ffd8a0ce5e8
[  410.260374][T11176]  </TASK>
[  411.805646][   T61] Bluetooth: hci5: command 0x0406 tx timeout
[  412.278427][   T31] usblp 5-1:1.0: usblp0: USB Bidirectional printer dev 13 if 0 alt 5 proto 2 vid 0x0525 pid 0xA4A8
[  412.499339][T11179] FAULT_INJECTION: forcing a failure.
[  412.499339][T11179] name failslab, interval 1, probability 0, space 0, times 0
[  412.499371][T11179] CPU: 1 UID: 0 PID: 11179 Comm: syz.0.2033 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  412.499393][T11179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  412.499404][T11179] Call Trace:
[  412.499411][T11179]  <TASK>
[  412.499419][T11179]  dump_stack_lvl+0x189/0x250
[  412.499450][T11179]  ? __pfx____ratelimit+0x10/0x10
[  412.499475][T11179]  ? __pfx_dump_stack_lvl+0x10/0x10
[  412.499500][T11179]  ? __pfx__printk+0x10/0x10
[  412.499528][T11179]  ? __pfx___might_resched+0x10/0x10
[  412.499552][T11179]  should_fail_ex+0x46c/0x600
[  412.499582][T11179]  should_failslab+0xa8/0x100
[  412.499610][T11179]  __kmalloc_noprof+0xcc/0x7d0
[  412.499632][T11179]  ? kfree+0x51/0x950
[  412.499650][T11179]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  412.499678][T11179]  tomoyo_realpath_from_path+0xe3/0x5d0
[  412.499707][T11179]  ? tomoyo_domain+0xda/0x130
[  412.499734][T11179]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  412.499762][T11179]  tomoyo_path_number_perm+0x1e8/0x5a0
[  412.499792][T11179]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  412.499821][T11179]  ? sb_end_write+0xe9/0x1c0
[  412.499849][T11179]  ? vfs_write+0x965/0xb40
[  412.499906][T11179]  ? ksys_write+0x1e7/0x260
[  412.499932][T11179]  security_file_ioctl+0xcb/0x2d0
[  412.499954][T11179]  __se_sys_ioctl+0x47/0x170
[  412.499977][T11179]  do_syscall_64+0xfa/0xfa0
[  412.499999][T11179]  ? lockdep_hardirqs_on+0x9c/0x150
[  412.500022][T11179]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  412.500041][T11179]  ? clear_bhb_loop+0x60/0xb0
[  412.500063][T11179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  412.500080][T11179] RIP: 0033:0x7f0ee1edf6c9
[  412.500097][T11179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  412.500112][T11179] RSP: 002b:00007f0ee013e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  412.500131][T11179] RAX: ffffffffffffffda RBX: 00007f0ee2135fa0 RCX: 00007f0ee1edf6c9
[  412.500144][T11179] RDX: 0000000000000000 RSI: 0000000000005522 RDI: 0000000000000003
[  412.500156][T11179] RBP: 00007f0ee013e090 R08: 0000000000000000 R09: 0000000000000000
[  412.500168][T11179] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  412.500178][T11179] R13: 00007f0ee2136038 R14: 00007f0ee2135fa0 R15: 00007fffd6e5c338
[  412.500211][T11179]  </TASK>
[  412.500218][T11179] ERROR: Out of memory at tomoyo_realpath_from_path.
[  413.017955][   T31] usb 5-1: USB disconnect, device number 13
[  413.086355][   T31] usblp0: removed
[  414.162153][T11190] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.2039'.
[  416.996473][T11209] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2047'.
[  421.095537][T11223] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2035'.
[  421.730930][   T61] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  421.783329][   T61] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  421.786260][   T61] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  421.800309][   T61] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  421.805524][   T61] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  423.889425][ T5120] Bluetooth: hci2: command tx timeout
[  425.379908][   T37] audit: type=1326 audit(1762948162.257:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11252 comm="syz.3.2064" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f20cb91f6c9 code=0x0
[  425.499617][   T37] audit: type=1326 audit(1762948162.367:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11252 comm="syz.3.2064" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f20cb91f6c9 code=0x0
[  425.927973][ T5120] Bluetooth: hci2: command tx timeout
[  426.100314][    T9] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[  426.690588][    T9] usb 5-1: config 0 has too many interfaces: 60, using maximum allowed: 32
[  426.690617][    T9] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 60
[  426.690654][    T9] usb 5-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  426.690679][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  426.695911][    T9] usb 5-1: config 0 descriptor??
[  428.008006][ T5120] Bluetooth: hci2: command tx timeout
[  430.087801][ T5120] Bluetooth: hci2: command tx timeout
[  430.677119][T11267] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2066'.
[  430.913417][ T5132] usb 5-1: USB disconnect, device number 14
[  432.940188][T11286] netlink: 11 bytes leftover after parsing attributes in process `syz.3.2071'.
[  434.855140][   T61] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  434.873989][   T61] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  434.877605][   T61] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  434.879981][   T61] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  434.880718][   T61] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  435.347419][T11234] chnl_net:caif_netlink_parms(): no params data found
[  435.572734][   T37] audit: type=1326 audit(1762948172.447:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11299 comm="syz.3.2075" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f20cb91f6c9 code=0x0
[  435.662662][   T37] audit: type=1326 audit(1762948172.537:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11299 comm="syz.3.2075" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f20cb91f6c9 code=0x0
[  436.981600][   T61] Bluetooth: hci4: command tx timeout
[  439.078019][   T61] Bluetooth: hci4: command tx timeout
[  439.316623][T11323] nfs4: Unknown parameter '
Ð³É '
[  439.730949][T11329] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2083'.
[  440.176218][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  440.176292][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  441.127806][   T61] Bluetooth: hci4: command tx timeout
[  443.887740][   T61] Bluetooth: hci4: command tx timeout
[  444.792473][T11234] bridge0: port 1(bridge_slave_0) entered blocking state
[  444.792781][T11234] bridge0: port 1(bridge_slave_0) entered disabled state
[  444.793027][T11234] bridge_slave_0: entered allmulticast mode
[  444.847964][T11234] bridge_slave_0: entered promiscuous mode
[  445.253674][T11234] bridge0: port 2(bridge_slave_1) entered blocking state
[  445.253809][T11234] bridge0: port 2(bridge_slave_1) entered disabled state
[  445.254019][T11234] bridge_slave_1: entered allmulticast mode
[  445.291926][T11234] bridge_slave_1: entered promiscuous mode
[  447.485014][ T5120] Bluetooth: hci1: command 0x0406 tx timeout
[  448.322878][T11234] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  448.354985][T11234] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  449.730938][ T5120] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  449.735560][ T5120] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  449.736718][ T5120] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  449.751033][ T5120] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  449.756202][ T5120] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  451.847831][   T61] Bluetooth: hci3: command tx timeout
[  453.928112][   T61] Bluetooth: hci3: command tx timeout
[  456.007844][   T61] Bluetooth: hci3: command tx timeout
[  456.825742][T11234] team0: Port device team_slave_0 added
[  457.266739][T11234] team0: Port device team_slave_1 added
[  458.087937][   T61] Bluetooth: hci3: command tx timeout
[  458.180672][T11385] FAULT_INJECTION: forcing a failure.
[  458.180672][T11385] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  458.180725][T11385] CPU: 0 UID: 0 PID: 11385 Comm: syz.1.2101 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  458.180747][T11385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  458.180761][T11385] Call Trace:
[  458.180772][T11385]  <TASK>
[  458.180781][T11385]  dump_stack_lvl+0x189/0x250
[  458.180811][T11385]  ? __pfx____ratelimit+0x10/0x10
[  458.180835][T11385]  ? __pfx_dump_stack_lvl+0x10/0x10
[  458.180860][T11385]  ? __pfx__printk+0x10/0x10
[  458.180882][T11385]  ? __might_fault+0xb0/0x130
[  458.180917][T11385]  should_fail_ex+0x46c/0x600
[  458.180946][T11385]  _copy_from_user+0x2d/0xb0
[  458.180967][T11385]  ___sys_sendmsg+0x158/0x2a0
[  458.181001][T11385]  ? __pfx____sys_sendmsg+0x10/0x10
[  458.181058][T11385]  ? __fget_files+0x2a/0x420
[  458.181082][T11385]  ? __fget_files+0x3a6/0x420
[  458.181116][T11385]  __sys_sendmmsg+0x22d/0x430
[  458.181143][T11385]  ? __pfx___sys_sendmmsg+0x10/0x10
[  458.181174][T11385]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  458.181209][T11385]  ? ksys_write+0x230/0x260
[  458.181233][T11385]  ? __pfx_ksys_write+0x10/0x10
[  458.181259][T11385]  __x64_sys_sendmmsg+0xa0/0xc0
[  458.181281][T11385]  do_syscall_64+0xfa/0xfa0
[  458.181302][T11385]  ? lockdep_hardirqs_on+0x9c/0x150
[  458.181324][T11385]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  458.181342][T11385]  ? clear_bhb_loop+0x60/0xb0
[  458.181366][T11385]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  458.181384][T11385] RIP: 0033:0x7f5dc525f6c9
[  458.181401][T11385] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  458.181417][T11385] RSP: 002b:00007f5dc34c6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[  458.181438][T11385] RAX: ffffffffffffffda RBX: 00007f5dc54b5fa0 RCX: 00007f5dc525f6c9
[  458.181453][T11385] RDX: 040000000000009f RSI: 00002000000002c0 RDI: 0000000000000003
[  458.181465][T11385] RBP: 00007f5dc34c6090 R08: 0000000000000000 R09: 0000000000000000
[  458.181477][T11385] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  458.181488][T11385] R13: 00007f5dc54b6038 R14: 00007f5dc54b5fa0 R15: 00007ffd8a0ce5e8
[  458.181521][T11385]  </TASK>
[  460.945106][T11234] batman_adv: batadv0: Adding interface: batadv_slave_0
[  460.945123][T11234] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  460.945149][T11234] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  461.115747][T11234] batman_adv: batadv0: Adding interface: batadv_slave_1
[  461.115763][T11234] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  461.115791][T11234] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  463.031713][T11404] FAULT_INJECTION: forcing a failure.
[  463.031713][T11404] name failslab, interval 1, probability 0, space 0, times 0
[  463.031745][T11404] CPU: 1 UID: 0 PID: 11404 Comm: syz.3.2108 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  463.031767][T11404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  463.031778][T11404] Call Trace:
[  463.031786][T11404]  <TASK>
[  463.031794][T11404]  dump_stack_lvl+0x189/0x250
[  463.031825][T11404]  ? __pfx____ratelimit+0x10/0x10
[  463.031850][T11404]  ? __pfx_dump_stack_lvl+0x10/0x10
[  463.031875][T11404]  ? __pfx__printk+0x10/0x10
[  463.031904][T11404]  ? __pfx___might_resched+0x10/0x10
[  463.031925][T11404]  ? fs_reclaim_acquire+0x7d/0x100
[  463.031953][T11404]  should_fail_ex+0x46c/0x600
[  463.031982][T11404]  ? getname_flags+0xb8/0x540
[  463.032006][T11404]  should_failslab+0xa8/0x100
[  463.032031][T11404]  ? getname_flags+0xb8/0x540
[  463.032054][T11404]  kmem_cache_alloc_noprof+0x6f/0x6b0
[  463.032078][T11404]  ? __pfx_vfs_write+0x10/0x10
[  463.032104][T11404]  getname_flags+0xb8/0x540
[  463.032134][T11404]  do_sys_openat2+0xbc/0x1c0
[  463.032155][T11404]  ? __pfx_do_sys_openat2+0x10/0x10
[  463.032178][T11404]  ? ksys_write+0x230/0x260
[  463.032202][T11404]  ? __pfx_ksys_write+0x10/0x10
[  463.032226][T11404]  __x64_sys_openat+0x138/0x170
[  463.032251][T11404]  do_syscall_64+0xfa/0xfa0
[  463.032274][T11404]  ? lockdep_hardirqs_on+0x9c/0x150
[  463.032297][T11404]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  463.032316][T11404]  ? clear_bhb_loop+0x60/0xb0
[  463.032338][T11404]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  463.032356][T11404] RIP: 0033:0x7f20cb91f6c9
[  463.032372][T11404] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  463.032387][T11404] RSP: 002b:00007f20c9b5d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  463.032407][T11404] RAX: ffffffffffffffda RBX: 00007f20cbb76090 RCX: 00007f20cb91f6c9
[  463.032422][T11404] RDX: 00000000000e0480 RSI: 0000200000000300 RDI: ffffffffffffff9c
[  463.032435][T11404] RBP: 00007f20c9b5d090 R08: 0000000000000000 R09: 0000000000000000
[  463.032446][T11404] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  463.032457][T11404] R13: 00007f20cbb76128 R14: 00007f20cbb76090 R15: 00007ffd6091cd18
[  463.032490][T11404]  </TASK>
[  465.811820][T11234] hsr_slave_0: entered promiscuous mode
[  465.813223][T11234] hsr_slave_1: entered promiscuous mode
[  465.818474][T11234] debugfs: 'hsr0' already exists in 'hsr'
[  465.818506][T11234] Cannot create hsr debugfs directory
[  469.870720][T11294] chnl_net:caif_netlink_parms(): no params data found
[  480.790764][T11294] bridge0: port 1(bridge_slave_0) entered blocking state
[  480.790924][T11294] bridge0: port 1(bridge_slave_0) entered disabled state
[  480.791161][T11294] bridge_slave_0: entered allmulticast mode
[  480.832388][T11294] bridge_slave_0: entered promiscuous mode
[  481.556286][T11294] bridge0: port 2(bridge_slave_1) entered blocking state
[  481.556517][T11294] bridge0: port 2(bridge_slave_1) entered disabled state
[  481.556735][T11294] bridge_slave_1: entered allmulticast mode
[  481.567816][ T5132] usb 2-1: new full-speed USB device number 16 using dummy_hcd
[  481.610479][T11294] bridge_slave_1: entered promiscuous mode
[  481.759750][ T5120] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  481.767006][ T5120] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  481.776580][ T5120] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  481.779669][ T5120] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  481.781492][ T5120] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  483.472340][ T5132] usb 2-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  483.472362][ T5132] usb 2-1: config 0 interface 0 has no altsetting 0
[  483.472388][ T5132] usb 2-1: New USB device found, idVendor=1e7d, idProduct=3138, bcdDevice= 0.00
[  483.472401][ T5132] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.884629][ T5120] Bluetooth: hci6: command tx timeout
[  484.094096][ T5132] usb 2-1: config 0 descriptor??
[  485.067022][ T5132] usb 2-1: can't set config #0, error -71
[  485.077879][ T5132] usb 2-1: USB disconnect, device number 16
[  485.408142][ T7262] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  485.667992][ T7262] usb 4-1: Using ep0 maxpacket: 16
[  485.719395][ T7262] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  485.719443][ T7262] usb 4-1: New USB device found, idVendor=056a, idProduct=00ed, bcdDevice= 0.00
[  485.719467][ T7262] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  485.771013][ T7262] usb 4-1: config 0 descriptor??
[  486.018404][ T5120] Bluetooth: hci6: command tx timeout
[  488.107917][ T5120] Bluetooth: hci6: command tx timeout
[  488.402916][T11507] syz.3.2140 (11507) used greatest stack depth: 17320 bytes left
[  488.662944][ T7262] usb 4-1: USB disconnect, device number 15
[  489.928994][T11350] chnl_net:caif_netlink_parms(): no params data found
[  489.941418][T11294] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  490.167888][ T5120] Bluetooth: hci6: command tx timeout
[  493.173408][   T61] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  493.191180][   T61] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  493.192475][   T61] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  493.194092][   T61] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  493.194905][   T61] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  495.295292][   T61] Bluetooth: hci0: command tx timeout
[  497.368615][   T61] Bluetooth: hci0: command tx timeout
[  499.447892][   T61] Bluetooth: hci0: command tx timeout
[  499.497922][T11547] netlink: 11 bytes leftover after parsing attributes in process `syz.3.2155'.
[  501.768284][   T61] Bluetooth: hci0: command tx timeout
[  501.882548][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  501.893521][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  528.984778][   T69] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  529.191062][ T5120] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  529.194952][ T5120] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  529.205689][ T5120] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  529.246150][ T5120] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  529.247104][ T5120] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  530.568776][T11567] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  530.627048][T11567] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  530.653290][T11567] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  530.665930][T11567] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  530.666696][T11567] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  531.138817][ T5120] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  531.142319][ T5120] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  531.143627][ T5120] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  531.146610][ T5120] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  531.147501][ T5120] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  532.727872][T11567] Bluetooth: hci1: command tx timeout
[  533.267511][T11567] Bluetooth: hci2: command tx timeout
[  533.269770][T11567] Bluetooth: hci4: command tx timeout
[  534.807881][T11567] Bluetooth: hci1: command tx timeout
[  535.287828][T11567] Bluetooth: hci2: command tx timeout
[  535.367810][T11567] Bluetooth: hci4: command tx timeout
[  536.887947][T11567] Bluetooth: hci1: command tx timeout
[  537.367749][T11567] Bluetooth: hci2: command tx timeout
[  537.709399][T11567] Bluetooth: hci4: command tx timeout
[  539.117747][T11567] Bluetooth: hci1: command tx timeout
[  539.457767][T11567] Bluetooth: hci2: command tx timeout
[  539.767823][T11567] Bluetooth: hci4: command tx timeout
[  551.959108][ T5120] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  551.980773][ T5120] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  551.982122][ T5120] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  551.997989][ T5120] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  552.013075][ T5120] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  554.167773][T11567] Bluetooth: hci3: command tx timeout
[  556.292454][T11567] Bluetooth: hci3: command tx timeout
[  558.617859][T11567] Bluetooth: hci3: command tx timeout
[  560.647895][ T5120] Bluetooth: hci3: command tx timeout
[  563.173183][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  563.173258][ T1322] ieee802154 phy1 wpan1: encryption failed: -22
[  567.718807][T11567] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  567.723856][T11567] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  567.746477][T11567] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  567.750016][T11567] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  567.750761][T11567] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  569.999399][ T5120] Bluetooth: hci5: command tx timeout
[  572.008007][ T5120] Bluetooth: hci5: command tx timeout
[  574.097853][ T5120] Bluetooth: hci5: command tx timeout
[  576.240327][ T5120] Bluetooth: hci5: command tx timeout
[  585.099821][T11567] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  585.126271][T11567] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  585.157937][T11567] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  585.219674][T11567] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  585.235387][T11567] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  587.468905][T11567] Bluetooth: hci0: command tx timeout
[  589.937712][T11567] Bluetooth: hci0: command tx timeout
[  592.087893][T11567] Bluetooth: hci0: command tx timeout
[  594.167927][T11567] Bluetooth: hci0: command tx timeout
[  596.979276][   T61] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  597.028956][   T61] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  597.034320][   T61] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  597.054625][ T5809] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  597.055311][ T5809] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  597.056582][ T5809] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  597.059809][ T5809] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  597.060611][ T5809] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  597.093072][ T5120] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  597.109865][ T5809] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  599.133270][T11567] Bluetooth: hci8: command tx timeout
[  599.212419][T11567] Bluetooth: hci7: command tx timeout
[  601.207851][T11567] Bluetooth: hci8: command tx timeout
[  601.291878][T11567] Bluetooth: hci7: command tx timeout
[  603.287735][T11567] Bluetooth: hci8: command tx timeout
[  603.591130][T11567] Bluetooth: hci7: command tx timeout
[  605.367757][T11567] Bluetooth: hci8: command tx timeout
[  605.608130][T11567] Bluetooth: hci7: command tx timeout
[  606.087747][T11567] Bluetooth: hci6: command 0x0406 tx timeout
[  611.089279][T11567] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  611.133686][T11567] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  611.137517][T11567] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  611.173506][T11567] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  611.177097][T11567] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  613.287882][ T5809] Bluetooth: hci1: command tx timeout
[  615.367720][ T5809] Bluetooth: hci1: command tx timeout
[  616.807813][   T38] INFO: task kworker/u8:11:1361 blocked for more than 143 seconds.
[  616.807836][   T38]       Not tainted syzkaller #0
[  616.807846][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  616.807855][   T38] task:kworker/u8:11   state:D stack:20168 pid:1361  tgid:1361  ppid:2      task_flags:0x4208060 flags:0x00080000
[  616.807904][   T38] Workqueue: events_unbound bpf_map_free_deferred
[  616.807933][   T38] Call Trace:
[  616.807940][   T38]  <TASK>
[  616.807954][   T38]  __schedule+0x16f3/0x4c20
[  616.807994][   T38]  ? __init_swait_queue_head+0xa9/0x150
[  616.808029][   T38]  ? __pfx___schedule+0x10/0x10
[  616.808072][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  616.808101][   T38]  rt_mutex_schedule+0x77/0xf0
[  616.808121][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  616.808143][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  616.808183][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  616.808207][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  616.808229][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  616.808249][   T38]  ? __lock_acquire+0xab9/0xd20
[  616.808284][   T38]  ? rcu_barrier+0x4c/0x570
[  616.808319][   T38]  ? rcu_barrier+0x4c/0x570
[  616.808336][   T38]  mutex_lock_nested+0x16a/0x1d0
[  616.808356][   T38]  ? synchronize_rcu+0x11a/0x310
[  616.808379][   T38]  rcu_barrier+0x4c/0x570
[  616.808404][   T38]  ? rt_spin_unlock+0x161/0x200
[  616.808428][   T38]  dev_map_free+0x11f/0x6a0
[  616.808451][   T38]  ? kfree+0x51/0x950
[  616.808471][   T38]  ? bpf_map_free+0x86/0x3f0
[  616.808499][   T38]  bpf_map_free+0x19b/0x3f0
[  616.808522][   T38]  ? process_scheduled_works+0x9ef/0x17b0
[  616.808548][   T38]  process_scheduled_works+0xae1/0x17b0
[  616.808610][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[  616.808652][   T38]  worker_thread+0x8a0/0xda0
[  616.808678][   T38]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  616.808713][   T38]  ? __kthread_parkme+0x7b/0x200
[  616.808748][   T38]  kthread+0x711/0x8a0
[  616.808778][   T38]  ? __pfx_worker_thread+0x10/0x10
[  616.808800][   T38]  ? __pfx_kthread+0x10/0x10
[  616.808822][   T38]  ? rt_spin_unlock+0x150/0x200
[  616.808849][   T38]  ? rt_spin_unlock+0x161/0x200
[  616.808867][   T38]  ? __pfx_kthread+0x10/0x10
[  616.808895][   T38]  ret_from_fork+0x4bc/0x870
[  616.808920][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  616.808950][   T38]  ? __switch_to_asm+0x39/0x70
[  616.808969][   T38]  ? __switch_to_asm+0x33/0x70
[  616.808986][   T38]  ? __pfx_kthread+0x10/0x10
[  616.809013][   T38]  ret_from_fork_asm+0x1a/0x30
[  616.809050][   T38]  </TASK>
[  616.809158][   T38] INFO: task syz.4.1944:10940 blocked for more than 143 seconds.
[  616.809171][   T38]       Not tainted syzkaller #0
[  616.809181][   T38]       Blocked by coredump.
[  616.809187][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  616.809196][   T38] task:syz.4.1944      state:D stack:20520 pid:10940 tgid:10940 ppid:10234  task_flags:0x40044c flags:0x00080003
[  616.809243][   T38] Call Trace:
[  616.809249][   T38]  <TASK>
[  616.809261][   T38]  __schedule+0x16f3/0x4c20
[  616.809312][   T38]  ? __pfx___schedule+0x10/0x10
[  616.809355][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  616.809383][   T38]  rt_mutex_schedule+0x77/0xf0
[  616.809402][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[  616.809424][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[  616.809463][   T38]  rt_mutex_slowlock+0x2b1/0x6e0
[  616.809487][   T38]  ? rt_mutex_slowlock+0x1c9/0x6e0
[  616.809509][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  616.809528][   T38]  ? __lock_acquire+0xab9/0xd20
[  616.809563][   T38]  ? rcu_barrier+0x4c/0x570
[  616.809603][   T38]  ? rcu_barrier+0x4c/0x570
[  616.809620][   T38]  mutex_lock_nested+0x16a/0x1d0
[  616.809640][   T38]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  616.809663][   T38]  ? __pfx_tun_chr_close+0x10/0x10
[  616.809687][   T38]  rcu_barrier+0x4c/0x570
[  616.809711][   T38]  ? __pfx_tun_chr_close+0x10/0x10
[  616.809734][   T38]  ? __pfx_tun_chr_close+0x10/0x10
[  616.809758][   T38]  netdev_run_todo+0x327/0xea0
[  616.809785][   T38]  ? __pfx_netif_state_change+0x10/0x10
[  616.809813][   T38]  ? __pfx_netdev_run_todo+0x10/0x10
[  616.809835][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  616.809870][   T38]  ? netdev_state_change+0x1ca/0x220
[  616.809892][   T38]  ? __pfx_tun_chr_close+0x10/0x10
[  616.809915][   T38]  tun_chr_close+0x13f/0x1c0
[  616.809940][   T38]  __fput+0x45b/0xa80
[  616.809971][   T38]  task_work_run+0x1d4/0x260
[  616.809994][   T38]  ? __pfx_task_work_run+0x10/0x10
[  616.810012][   T38]  ? do_exit+0x6b0/0x2300
[  616.810038][   T38]  ? do_exit+0x6b0/0x2300
[  616.810066][   T38]  do_exit+0x6b5/0x2300
[  616.810091][   T38]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  616.810129][   T38]  ? __pfx_do_exit+0x10/0x10
[  616.810151][   T38]  ? rt_mutex_slowunlock+0x493/0x8a0
[  616.810172][   T38]  ? rt_spin_lock+0x1c1/0x3e0
[  616.810207][   T38]  do_group_exit+0x21c/0x2d0
[  616.810226][   T38]  ? rt_spin_unlock+0x161/0x200
[  616.810250][   T38]  get_signal+0x125d/0x1310
[  616.810296][   T38]  arch_do_signal_or_restart+0xa0/0x790
[  616.810317][   T38]  ? __pfx_get_timespec64+0x10/0x10
[  616.810342][   T38]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  616.810380][   T38]  ? exit_to_user_mode_loop+0x40/0x130
[  616.810409][   T38]  exit_to_user_mode_loop+0x72/0x130
[  616.810434][   T38]  do_syscall_64+0x2bd/0xfa0
[  616.810457][   T38]  ? lockdep_hardirqs_on+0x9c/0x150
[  616.810481][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  616.810500][   T38]  ? clear_bhb_loop+0x60/0xb0
[  616.810523][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  616.810541][   T38] RIP: 0033:0x7fe778351f85
[  616.810558][   T38] RSP: 002b:00007fe77657df80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[  616.810583][   T38] RAX: fffffffffffffdfc RBX: 00007fe778575fa0 RCX: 00007fe778351f85
[  616.810597][   T38] RDX: 00007fe77657dfc0 RSI: 0000000000000000 RDI: 0000000000000000
[  616.810610][   T38] RBP: 00007fe7783a1f91 R08: 0000000000000000 R09: 0000000000000000
[  616.810623][   T38] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  616.810635][   T38] R13: 00007fe778576038 R14: 00007fe778575fa0 R15: 00007ffd2487db78
[  616.810668][   T38]  </TASK>
[  616.810708][   T38] 
[  616.810708][   T38] Showing all locks held in the system:
[  616.810721][   T38] 2 locks held by kworker/0:0/9:
[  616.810732][   T38]  #0: ffff88813ff55138 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  616.810782][   T38]  #1: ffffc900000e7ba0 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  616.810828][   T38] 2 locks held by kworker/u8:0/12:
[  616.810837][   T38]  #0: ffff88801df56938 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  616.810873][   T38]  #1: ffffc90000117ba0 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  616.810912][   T38] 8 locks held by ksoftirqd/0/15:
[  616.810924][   T38] 4 locks held by rcuc/0/20:
[  616.810935][   T38]  #0: ffffffff8d44aca0 (local_bh){.+.+}-{1:3}, at: __local_bh_disable_ip+0xa1/0x540
[  616.810981][   T38]  #1: ffffffff8d5aa840 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0xa1/0x540
[  616.811027][   T38]  #2: ffffffff8d5aa960 (rcu_callback){....}-{0:0}, at: rcu_cpu_kthread+0x23e/0x1b50
[  616.811076][   T38]  #3: ffff88803a7466f0 (&dir->lock#2){+.+.}-{3:3}, at: ref_tracker_free+0x111/0x7c0
[  616.811132][   T38] 4 locks held by rcuc/1/28:
[  616.811143][   T38] 5 locks held by ksoftirqd/1/30:
[  616.811154][   T38] 1 lock held by khungtaskd/38:
[  616.811165][   T38]  #0: ffffffff8d5aa840 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  616.811214][   T38] 6 locks held by kworker/u8:4/69:
[  616.811225][   T38]  #0: ffff888019ad4938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  616.811272][   T38]  #1: ffffc9000154fba0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  616.811319][   T38]  #2: ffffffff8e8564e0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x820
[  616.811362][   T38]  #3: ffff888035fd00d8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x10a/0x3d0
[  616.811405][   T38]  #4: ffff888035fd1300 (&devlink->lock_key#5){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x11c/0x3d0
[  616.811452][   T38]  #5: ffffffff8d5b01f0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  616.811504][   T38] 4 locks held by kworker/u8:9/1351:
[  616.811516][   T38] 3 locks held by kworker/u8:11/1361:
[  616.811527][   T38]  #0: ffff88813ff69938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  616.811638][   T38]  #1: ffffc900054d7ba0 ((work_completion)(&map->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  616.811685][   T38]  #2: ffffffff8d5b01f0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  616.811742][   T38] 2 locks held by getty/5563:
[  616.811752][   T38]  #0: ffff88814e2450a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  616.811798][   T38]  #1: ffffc90003e832e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1400
[  616.811851][   T38] 1 lock held by syz-executor/9464:
[  616.811862][   T38]  #0: ffffffff8d5b01f0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  616.811909][   T38] 1 lock held by syz.4.1944/10940:
[  616.811920][   T38]  #0: ffffffff8d5b01f0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  616.811969][   T38] 1 lock held by syz.0.2041/11191:
[  616.811980][   T38]  #0: ffffffff8d5b01f0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  616.812028][   T38] 1 lock held by syz-executor/11234:
[  616.812039][   T38]  #0: ffffffff8d5b01f0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  616.812083][   T38] 1 lock held by syz.4.2062/11257:
[  616.812098][   T38]  #0: ffffffff8d5b01f0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  616.812141][   T38] 1 lock held by syz-executor/11294:
[  616.812152][   T38]  #0: ffffffff8d5b01f0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  616.812196][   T38] 1 lock held by syz-executor/11350:
[  616.812207][   T38]  #0: ffffffff8d5b01f0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  616.812251][   T38] 2 locks held by syz-executor/11493:
[  616.812261][   T38]  #0: ffffffff8e8564e0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x337/0x4e0
[  616.812304][   T38]  #1: ffffffff8d5b01f0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  616.812349][   T38] 1 lock held by syz.1.2152/11536:
[  616.812360][   T38]  #0: ffffffff8d5b01f0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  616.812409][   T38] 1 lock held by syz.3.2155/11547:
[  616.812420][   T38]  #0: ffffffff8d5b01f0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  616.812464][   T38] 1 lock held by syz-executor/11561:
[  616.812475][   T38]  #0: ffffffff8d5b01f0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  616.812520][   T38] 2 locks held by syz-executor/11564:
[  616.812531][   T38]  #0: ffffffff8e8564e0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x337/0x4e0
[  616.812598][   T38]  #1: ffffffff8d5b01f0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  616.812642][   T38] 2 locks held by syz-executor/11568:
[  616.812700][   T38]  #0: ffffffff8e8564e0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x337/0x4e0
[  616.812744][   T38]  #1: ffffffff8d5b01f0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  616.812788][   T38] 2 locks held by syz-executor/11571:
[  616.812799][   T38]  #0: ffffffff8e8564e0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x337/0x4e0
[  616.812838][   T38]  #1: ffffffff8d5b01f0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[  616.812883][   T38] 5 locks held by syz-executor/11587:
[  616.812894][   T38] 2 locks held by syz-executor/11597:
[  616.812905][   T38]  #0: ffffffff8e8564e0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x337/0x4e0
[  616.812947][   T38]  #1: ffffffff8e8633f8 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x2ab/0x800
[  616.812998][   T38] 2 locks held by syz-executor/11598:
[  616.813008][   T38]  #0: ffffffff8e8564e0 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x337/0x4e0
[  616.813050][   T38]  #1: ffffffff8e8633f8 (rtnl_mutex){+.+.}-{4:4}, at: ip_tunnel_init_net+0x2ab/0x800
[  616.813100][   T38] 1 lock held by syz-executor/11609:
[  616.813110][   T38]  #0: ffffffff8e8633f8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8e9/0x1c80
[  616.813153][   T38] 1 lock held by syz-executor/11612:
[  616.813164][   T38] 
[  616.813169][   T38] =============================================
[  616.813169][   T38] 
[  616.813179][   T38] NMI backtrace for cpu 0
[  616.813193][   T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  616.813214][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  616.813226][   T38] Call Trace:
[  616.813234][   T38]  <TASK>
[  616.813241][   T38]  dump_stack_lvl+0x189/0x250
[  616.813270][   T38]  ? __pfx_dump_stack_lvl+0x10/0x10
[  616.813297][   T38]  ? __pfx__printk+0x10/0x10
[  616.813330][   T38]  nmi_cpu_backtrace+0x39e/0x3d0
[  616.813354][   T38]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  616.813377][   T38]  ? __pfx__printk+0x10/0x10
[  616.813403][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  616.813426][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  616.813449][   T38]  watchdog+0xf60/0xfa0
[  616.813479][   T38]  ? watchdog+0x1e2/0xfa0
[  616.813509][   T38]  kthread+0x711/0x8a0
[  616.813537][   T38]  ? __pfx_watchdog+0x10/0x10
[  616.813560][   T38]  ? __pfx_kthread+0x10/0x10
[  616.813588][   T38]  ? rt_spin_unlock+0x150/0x200
[  616.813612][   T38]  ? rt_spin_unlock+0x161/0x200
[  616.813630][   T38]  ? __pfx_kthread+0x10/0x10
[  616.813657][   T38]  ret_from_fork+0x4bc/0x870
[  616.813680][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  616.813709][   T38]  ? __switch_to_asm+0x39/0x70
[  616.813726][   T38]  ? __switch_to_asm+0x33/0x70
[  616.813743][   T38]  ? __pfx_kthread+0x10/0x10
[  616.813769][   T38]  ret_from_fork_asm+0x1a/0x30
[  616.813804][   T38]  </TASK>
[  616.813811][   T38] Sending NMI from CPU 0 to CPUs 1:
[  616.813834][    C1] NMI backtrace for cpu 1
[  616.813857][    C1] CPU: 1 UID: 0 PID: 11612 Comm: syz-executor Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  616.813876][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  616.813886][    C1] RIP: 0010:check_preemption_disabled+0x5c/0x120
[  616.813911][    C1] Code: 04 e2 06 48 3b 4c 24 08 0f 85 cc 00 00 00 48 83 c4 10 5b 41 5e 41 5f 5d e9 d1 a3 03 00 cc 48 c7 04 24 00 00 00 00 9c 8f 04 24 <f7> 04 24 00 02 00 00 74 c8 65 4c 8b 3c 25 08 90 a2 91 41 f6 47 2f
[  616.813926][    C1] RSP: 0018:ffffc9000bdd7790 EFLAGS: 00000046
[  616.813940][    C1] RAX: 0000000000000001 RBX: 0000000000000000 RCX: 0000000080000000
[  616.813951][    C1] RDX: 0000000000000001 RSI: ffffffff8cf64ecd RDI: ffffffff8b3ddd60
[  616.813963][    C1] RBP: ffffffff82271b8a R08: 0000000000000000 R09: ffffffff82271b8a
[  616.813974][    C1] R10: dffffc0000000000 R11: ffffed1006e798ca R12: 0000000000000002
[  616.813987][    C1] R13: ffffffff8d5aa840 R14: 0000000000000000 R15: 0000000000000246
[  616.813998][    C1] FS:  000055558fa84500(0000) GS:ffff888126ef7000(0000) knlGS:0000000000000000
[  616.814013][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  616.814025][    C1] CR2: 00007f2c9a2056e8 CR3: 000000002904c000 CR4: 00000000003526f0
[  616.814040][    C1] Call Trace:
[  616.814047][    C1]  <TASK>
[  616.814054][    C1]  ? __page_table_check_zero+0xba/0x530
[  616.814074][    C1]  lock_acquire+0x130/0x360
[  616.814097][    C1]  ? __page_table_check_zero+0xba/0x530
[  616.814115][    C1]  __page_table_check_zero+0xd7/0x530
[  616.814134][    C1]  ? __page_table_check_zero+0xba/0x530
[  616.814154][    C1]  post_alloc_hook+0x253/0x2a0
[  616.814176][    C1]  get_page_from_freelist+0x28c0/0x2960
[  616.814203][    C1]  ? fs_reclaim_acquire+0x7d/0x100
[  616.814235][    C1]  __alloc_frozen_pages_noprof+0x181/0x370
[  616.814257][    C1]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  616.814278][    C1]  ? alloc_pages_bulk_mempolicy_noprof+0x362/0x16c0
[  616.814307][    C1]  alloc_pages_mpol+0xd1/0x380
[  616.814329][    C1]  alloc_pages_noprof+0xcf/0x1e0
[  616.814350][    C1]  __vmalloc_node_range_noprof+0x96c/0x12d0
[  616.814382][    C1]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  616.814406][    C1]  vmalloc_user_noprof+0xad/0xf0
[  616.814425][    C1]  ? kcov_ioctl+0x58/0x650
[  616.814444][    C1]  kcov_ioctl+0x58/0x650
[  616.814463][    C1]  ? bpf_lsm_file_ioctl+0x9/0x20
[  616.814479][    C1]  ? __pfx_kcov_ioctl+0x10/0x10
[  616.814498][    C1]  __se_sys_ioctl+0xff/0x170
[  616.814515][    C1]  do_syscall_64+0xfa/0xfa0
[  616.814535][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  616.814554][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  616.814570][    C1]  ? clear_bhb_loop+0x60/0xb0
[  616.814588][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  616.814603][    C1] RIP: 0033:0x7f2c9947f2cb
[  616.814617][    C1] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[  616.814631][    C1] RSP: 002b:00007fff3099e2a0 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  616.814647][    C1] RAX: ffffffffffffffda RBX: 0000000000080000 RCX: 00007f2c9947f2cb
[  616.814659][    C1] RDX: 0000000000080000 RSI: ffffffff80086301 RDI: 00000000000000d9
[  616.814670][    C1] RBP: 00007f2c996d6128 R08: 00000000000000d8 R09: 0000000000000000
[  616.814681][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  616.814692][    C1] R13: 0000000000000003 R14: 00007fff3099e5e8 R15: 0000000000000000
[  616.814710][    C1]  </TASK>
[  617.544048][ T5809] Bluetooth: hci1: command tx timeout
[  619.719715][ T5809] Bluetooth: hci1: command tx timeout
[  624.495950][ T1322] ieee802154 phy0 wpan0: encryption failed: -22
[  624.496022][ T1322] ieee802154 phy1 wpan1: encryption failed: -22