last executing test programs:

20m4.227567281s ago: executing program 0 (id=1):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_dev$sg(&(0x7f00000001c0), 0x0, 0x8401)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$kcm(0xa, 0x2, 0x0)
socket(0x2, 0x80805, 0x0)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, 0x0, 0x0)
sendmsg$sock(r4, 0x0, 0x40048c4)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
gettid()
ioctl$KVM_RUN(r6, 0xae80, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0xa00, 0x100)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

19m49.339683383s ago: executing program 1 (id=24):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f00000001c0)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r2 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
sendfile(r3, r2, 0x0, 0x7ffffffd)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f0000000340)=r3}, 0x20)
r5 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$alg(r5, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000412ff8)="63429860415b7ac7", 0x8)
r8 = accept(r5, 0x0, 0x0)
sendmmsg$alg(r8, &(0x7f0000000740)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)="564004c6852da7a299e4c397614090d1a6e12edf1767f157", 0xfcdc}], 0x1, &(0x7f0000000480)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmsg(r8, &(0x7f000000b680)={0x0, 0xffffffffffffffc3, &(0x7f000000b600)=[{&(0x7f000000b4c0)=""/5, 0x4}, {&(0x7f000000b500)=""/153, 0xfb59}], 0x2}, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002940)={r3, 0xe0, &(0x7f0000002840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000580)=[0x0], ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0x7, 0x1, &(0x7f00000026c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000002700)=[0x0], 0x0, 0x4f, &(0x7f0000002740)=[{}, {}], 0x10, 0x10, &(0x7f0000002780), &(0x7f00000027c0), 0x8, 0x1e, 0x8, 0x8, &(0x7f0000002800)}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000002a40)=@bpf_ext={0x1c, 0x20, &(0x7f0000002b00)=@framed={{0x18, 0x0, 0x0, 0x0, 0x77, 0x0, 0x0, 0x0, 0x3c6}, [@ringbuf_query, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @map_fd={0x18, 0x0, 0x1, 0x0, r2}, @initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74f46b5f}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}, @generic={0xf3, 0xd, 0x1, 0x4, 0x7}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}]}, &(0x7f00000004c0)='syzkaller\x00', 0x40, 0x67, &(0x7f0000000500)=""/103, 0x41000, 0x8, '\x00', r9, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000002980)={0x1, 0x4}, 0x8, 0x10, &(0x7f00000029c0)={0x0, 0x2, 0x9, 0x80000001}, 0x10, 0x26b57, r2, 0x0, &(0x7f0000002a00)=[r3], 0x0, 0x10, 0xe}, 0x94)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f00000007c0)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000ffff00000000000000bd0000000000000000000000e4ec01000000004000000000fc00000000000000000000000000013da51fd47aa2e2f700000000000000000000000000000000000000000000000000000000000000060000000000000000050000000a004e200e8a34c38f36f0c7eb2700d609bcf41076d88144448ebe7994dd1b33d7c8787734cc315672f62261ceeede940774fd94d2767288cfb3a20882449d601ff878eedd3d57c9eb3a723b62102bd534c8a304a975d752e82cc8d5f969771c94a1d69cfd8694e29b9468fca5df65ece31ed7c209325604001fcd06adc3ac391f60a3523d6d0b4a8a"], 0x310)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2c, &(0x7f00000005c0)={0x1, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'})
socket$nl_route(0x10, 0x3, 0x0)

19m47.913000152s ago: executing program 32 (id=1):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_dev$sg(&(0x7f00000001c0), 0x0, 0x8401)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$kcm(0xa, 0x2, 0x0)
socket(0x2, 0x80805, 0x0)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x482, 0x0, 0x0)
sendmsg$sock(r4, 0x0, 0x40048c4)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
gettid()
ioctl$KVM_RUN(r6, 0xae80, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0xa00, 0x100)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

19m46.322159796s ago: executing program 1 (id=30):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000700)={0xffffffffffffffff, 0x0, 0x45, 0xb1, &(0x7f00000004c0)="7c710adf3078156e485ef7f470519cf08f662efb5b60813cdc76a75848d2bd9a1176b0ff3bcaa2180b492908a4c81acc94c40737c45b0b7a7a1ab8e0a24c5e53a2ebbab2bf", &(0x7f0000000540)=""/177, 0xff, 0x0, 0x61, 0x50, &(0x7f0000000600)="54691f9a7f9a206571cb348d3161ede018e8dfd3bcafcfae14e6761957bd47dbe8354b96a30edaf8fa6e7e643104b8fcbaabc9da221b33030c0574d2aae2e398e91fbeb6a532e3fa3c918eff236e6d3e31e3e93eb85ac1f0b34e8c699051441a1d", &(0x7f0000000680)="9601ae025d815368484fbcc33d9ef00a2c7d0450875333f1a262d2d27126172c38931ea34fdc32deccd25968b2f5d25c01e15a263ac32bf2fa72bb11b3c37d3a669d8ba82d1dfd1feff9609bbc47616b", 0x3, 0x0, 0x8}, 0x50)
syz_kvm_setup_cpu$x86(r1, r0, &(0x7f00003a1000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000000)="9a01000000f800b8d58800000f23d00f21f8351000000d0f23f864640f79ea66baf80cb8c85f5480ef66bafc0cecc4c2adac17b9550200000f320f2860c7c4e11751df0f2e2d00000080b9800000c00f3235008000000f30", 0x58}], 0x1, 0x4a, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(r2, 0x4048ae9b, &(0x7f0000000180)={0x70003, 0x0, {[0x800003, 0x1f5, 0x483, 0x7, 0x3, 0x4, 0x4, 0xb68c]}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

19m44.517971141s ago: executing program 1 (id=35):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000280)={[0x60000000004, 0x1000000000, 0x80000000000005, 0x41, 0x2000000, 0x0, 0x2004cb, 0x800, 0xa1d, 0x9, 0x5, 0x0, 0x3, 0x2, 0x2], 0x10000, 0x202})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000240)=@x86={0x6, 0x1, 0x1, 0x0, 0x12, 0x8, 0x7f, 0x7, 0xb0, 0xa5, 0x3, 0x33, 0x0, 0xfffffffc, 0x0, 0x0, 0x1, 0x8, 0xf, '\x00', 0xe9, 0xa1})
ioctl$KVM_SET_SREGS(r2, 0x4138ae84, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

19m43.149702562s ago: executing program 1 (id=39):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f00000001c0)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
r2 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
pipe2$watch_queue(&(0x7f0000000140)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
sendfile(r3, r2, 0x0, 0x7ffffffd)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r3, <r4=>0xffffffffffffffff}, &(0x7f0000000180), &(0x7f0000000340)=r3}, 0x20)
r5 = socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$alg(r5, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-serpent-avx2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000412ff8)="63429860415b7ac7", 0x8)
r8 = accept(r5, 0x0, 0x0)
sendmmsg$alg(r8, &(0x7f0000000740)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000001c0)="564004c6852da7a299e4c397614090d1a6e12edf1767f157", 0xfcdc}], 0x1, &(0x7f0000000480)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmsg(r8, &(0x7f000000b680)={0x0, 0xffffffffffffffc3, &(0x7f000000b600)=[{&(0x7f000000b4c0)=""/5, 0x4}, {&(0x7f000000b500)=""/153, 0xfb59}], 0x2}, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000002940)={r3, 0xe0, &(0x7f0000002840)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000580)=[0x0], ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0x7, 0x1, &(0x7f00000026c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000002700)=[0x0], 0x0, 0x4f, &(0x7f0000002740)=[{}, {}], 0x10, 0x10, &(0x7f0000002780), &(0x7f00000027c0), 0x8, 0x1e, 0x8, 0x8, &(0x7f0000002800)}}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000002a40)=@bpf_ext={0x1c, 0x20, &(0x7f0000002b00)=@framed={{0x18, 0x0, 0x0, 0x0, 0x77, 0x0, 0x0, 0x0, 0x3c6}, [@ringbuf_query, @tail_call={{0x18, 0x2, 0x1, 0x0, r3}}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}, @map_fd={0x18, 0x0, 0x1, 0x0, r2}, @initr0={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x74f46b5f}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}}, @generic={0xf3, 0xd, 0x1, 0x4, 0x7}, @ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffff9}]}, &(0x7f00000004c0)='syzkaller\x00', 0x40, 0x67, &(0x7f0000000500)=""/103, 0x41000, 0x8, '\x00', r9, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000002980)={0x1, 0x4}, 0x8, 0x10, &(0x7f00000029c0)={0x0, 0x2, 0x9, 0x80000001}, 0x10, 0x26b57, r2, 0x0, &(0x7f0000002a00)=[r3], 0x0, 0x10, 0xe}, 0x94)
setsockopt$inet6_MCAST_MSFILTER(r1, 0x29, 0x30, &(0x7f00000007c0)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000ffff00000000000000bd0000000000000000000000e4ec01000000004000000000fc00000000000000000000000000013da51fd47aa2e2f700000000000000000000000000000000000000000000000000000000000000060000000000000000050000000a004e200e8a34c38f36f0c7eb2700d609bcf41076d88144448ebe7994dd1b33d7c8787734cc315672f62261ceeede940774fd94d2767288cfb3a20882449d601ff878eedd3d57c9eb3a723b62102bd534c8a304a975d752e82cc8d5f969771c94a1d69cfd8694e29b9468fca5df65ece31ed7c209325604001fcd06adc3ac391f60a3523d6d0b4a8a"], 0x310)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2c, &(0x7f00000005c0)={0x1, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @empty}}}, 0x108)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00'})
socket$nl_route(0x10, 0x3, 0x0)

19m41.779181546s ago: executing program 1 (id=44):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x10240, 0x1e0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='proc\x00', 0x0, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r2=>r0, {0x1}}, './file0\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="300000001800010300000000000000008a100000000300080000000014000100ff0500000000000000000000080b0001"], 0x30}}, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000000100)=0xb7, 0x4)
r3 = socket(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0xe64, 0x4, @empty, 0x82}, 0x67)
r4 = getuid()
setreuid(0xffffffffffffffff, r4)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
getdents64(r5, 0x0, 0x0)
r6 = syz_open_dev$char_usb(0xc, 0xb4, 0xf)
fcntl$setflags(r6, 0x2, 0x1)

19m41.504663331s ago: executing program 1 (id=46):
r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
close(r0)
fcntl$setstatus(r0, 0x4, 0x2c00)
r1 = gettid()
fcntl$setown(r0, 0x8, r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e08371b0c"], 0xb)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r4, 0xc0045006, &(0x7f0000000080)=0x7f)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f00000000c0)=0x6)
socket$inet_sctp(0x2, 0x5, 0x84)
read$dsp(r4, &(0x7f00000011c0)=""/4117, 0x200021d5) (fail_nth: 1)
ioctl$PIO_UNIMAPCLR(r2, 0x4b68, 0x0)

19m26.338526755s ago: executing program 33 (id=46):
r0 = signalfd(0xffffffffffffffff, &(0x7f00000001c0), 0x8)
close(r0)
fcntl$setstatus(r0, 0x4, 0x2c00)
r1 = gettid()
fcntl$setown(r0, 0x8, r1)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040e08371b0c"], 0xb)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$audio(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r4, 0xc0045006, &(0x7f0000000080)=0x7f)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, &(0x7f00000000c0)=0x6)
socket$inet_sctp(0x2, 0x5, 0x84)
read$dsp(r4, &(0x7f00000011c0)=""/4117, 0x200021d5) (fail_nth: 1)
ioctl$PIO_UNIMAPCLR(r2, 0x4b68, 0x0)

10m21.073808372s ago: executing program 2 (id=2883):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
pipe2$9p(&(0x7f0000001940)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4880)
write$P9_RCLUNK(r0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET(r4, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000000540)=ANY=[@ANYBLOB="20000000000000000000000000000000028000010c00f27f0800014000000fff"], 0x20}, 0x1, 0x0, 0x0, 0x801}, 0x40000)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(0xffffffffffffffff, 0x4058534c, &(0x7f00000000c0)={0xff, 0x9, 0x2, 0xffffff7f, 0x5, 0x1})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$devlink(&(0x7f0000000180), 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
creat(&(0x7f0000000040)='./bus\x00', 0x182)
open(&(0x7f0000000340)='./bus\x00', 0x4c27e, 0x2)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff0000/0xd000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r8 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1700000004"], 0x50)
io_uring_enter(r8, 0x2219, 0x7721, 0x33, 0x0, 0x0)
sendmsg$DEVLINK_CMD_PORT_GET(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000580)=ANY=[@ANYBLOB="4855ff033983daec153735fd7037e6370382a433c7bf63e8a3581e47bc844a3feea0f05f45b4545aef9ce9fc422c7923cc5bc11fa1562fbadda6f4d9a0b13f07d453b0e1b501dfc9e0bdabf62523ad7d80bdd7bbba3d2c31aa", @ANYRES16=r6, @ANYBLOB="01000000000000000000390000000e0001006e657464657673696d0000000f0002006e657464657673696d3000000800030001000000"], 0x3c}, 0x1, 0x0, 0x0, 0xc000894}, 0x24008800)
r9 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000400), 0x240000, 0x0)
ioctl$mixer_OSS_GETVERSION(r9, 0x80044d76, &(0x7f0000000480))
sendmsg$DEVLINK_CMD_RATE_SET(r5, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000380)={&(0x7f0000000240)={0x100, r6, 0x800, 0x70bd28, 0x25dfdbfe, {}, [@DEVLINK_ATTR_RATE_NODE_NAME={0xec, 0xa8, @random="3d0939a3d233123ae2e965545cac7c0fee0f95c8b5ab833b304295c4e2f23303b834198dd5402f41b967f06fe1064d36ad83f1a51bef0ddd3ef33a7b5a630bcc842a7a319559956c9c2326df3acd6b62703648e2cf2199c1b2bf422ee938340e302e68c34eaf05c889ed4a1d6872f34b9941ca479f449f7ad17ee6fcefe9b7f6cc99923e68a930340e323a41ac07eadc4f2f3e5e2e28c885e57d5f393a42590c0d9add257b3c0ad48791be21cd9036ba1c2d4a19abffb018f5215745147fba85590a7c3db963a0ffd353f338d44e0c986e3b8ec62e2fb24a08cef8f51e577119ae002eca89dc73ae"}]}, 0x100}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
ioctl$UDMABUF_CREATE(0xffffffffffffffff, 0x40187542, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0, 0x8000})

10m19.561501077s ago: executing program 2 (id=2884):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)=ANY=[@ANYBLOB="5c000000090601080000000000000000070000000900020073797a3100000000050001000700"], 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)

10m19.24293689s ago: executing program 2 (id=2886):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CAP_EXIT_HYPERCALL(r4, 0x4068aea3, &(0x7f0000000000))
ioctl$KVM_SET_SREGS(r5, 0x4138ae84, &(0x7f0000000100)={{0x0, 0xb000, 0x0, 0xfe, 0x8, 0x0, 0x0, 0x2, 0x0, 0x8, 0x9, 0x2}, {0xffff1000, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x7}, {0x2000, 0x5000, 0xc, 0xff, 0x7, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfc}, {0x3000, 0xd000, 0x0, 0x0, 0x0, 0x0, 0xff, 0x3, 0x8, 0x1, 0x6}, {0x1000, 0xffff1000, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x4}, {0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x4, 0x0, 0x0, 0x5}, {0x0, 0x70000, 0xa, 0xfe, 0x0, 0x0, 0x3}, {0x0, 0x3003, 0x3, 0x0, 0x0, 0x1, 0xfe, 0xca, 0x26, 0x0, 0x3}, {0xdddd0000}, {0xdddd1000, 0x41}, 0xddf8ffdb, 0x0, 0x10000, 0x50, 0x0, 0xf801, 0x0, [0x0, 0x0, 0x1, 0x4]})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mount(0x0, 0x0, &(0x7f0000000000)='devpts\x00', 0x0, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, 0x0)
mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x2010042, &(0x7f0000000340)={[], [{@func={'func', 0x3d, 'MMAP_CHECK'}}, {@dont_appraise}, {@seclabel}, {@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@rootcontext={'rootcontext', 0x3d, 'sysadm_u'}}, {@hash}]})
mount(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x40078, 0x0)

10m12.154074771s ago: executing program 2 (id=2898):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
lseek(r0, 0x3, 0x1)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
recvmmsg(r1, &(0x7f0000001540)=[{{0x0, 0x0, 0x0}, 0x2}], 0x1, 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_G_EDID(r0, 0xc0285628, &(0x7f0000000080)={0x0, 0x0, 0xb12, '\x00', &(0x7f0000000040)=0x8})
socket$pppl2tp(0x18, 0x1, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000440)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000001cc0)="83556f524e5b4275202de9e9190a4e45413b785e52d04218ff14259285fc60a04bc6b2219b8c6853a6622cf43ff12c6e70030000009d24e78c3e9315e114c8a7316f4fe07425a43afc3f2146fd5b3fa9944ac1fff9e40cb9d497259e2f8443386550fc0255f733c2c4592534f4c24aa04090941068f785925c294a23cffdd0da78bccb1ee094cc21d79dddfd1ee274ec69d98e4ce1efdf0600000000000000e348b88fd9387473855b1fdcd7493d01f0453924af3a79bc5d40b7e5ab2c6bd87501f9966ca87560521e3999c6952f389f038abd8f0b2c59445502d726c974e0e57eab107a6ad6f2a998529e4bdafb9ed3a4c3482682f5369b1ca77c8d03000000000000000da5b3b17b58909c93344ff6b6908a5de6530ebb79b7096253ed28f981b117f1af480914519ce90117ffc37d83297da593ce451f464a6b272b35441e3bc42881092cc92420590b6230a6af3817a7b4ca4d7a46e0c5d814ee1f6d9a20a255c54b88476ac582e3e4d99ba105b0f4dfb48d666aa23f70fbe69249f33f75fb4e5cbf27f1ecd1f47bfa745d508d3c599de413ab6b7f00ae14e2ed3c83da269536787bf4f73f0d117b8415df306504b3020bfa61450bd88b8c73362f2ccd2217a49b8948f0ead1cac7c3f8da62ecc2219826bde12cf42eb9f9378909858d000000006316d96e2735850218ae8f25571077a7602a55d51b2582a5d5e322e5816bc464beace66726fa5a8b0b84be74b85dd81115bf7dc16d2a45db14e6b52e05ab8f54b7d775d90d09ea7a63d7a84812ed0456346fcbd1ef7b0f8f3f6818a99270f678ec85e3ce2ce718531e898016f81dec1c2702e7e0b04539cdc298c00cd464ca36342b634a61e2ba", 0x26a}], 0x1}}], 0x1, 0x60c5895)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x202, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x91)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota')
r3 = creat(&(0x7f0000000440)='./file0/file0\x00', 0x188)
quotactl_fd$Q_SETINFO(r3, 0xffffffff80000601, 0xee01, &(0x7f0000000080)={0x0, 0x10, 0x1, 0x2})
r4 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
ioctl$KVM_GET_MSRS_cpu(r5, 0xc008ae88, &(0x7f0000000380)={0x21, 0x0, [{0x298, 0x0, 0x100}]})
r6 = creat(&(0x7f00000001c0)='./bus\x00', 0x77)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000001b518110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000180)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x61, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{}, &(0x7f0000000000), &(0x7f00000005c0)=r8}, 0x20)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000400)='io_uring_create\x00', r9}, 0x18)
syz_io_uring_setup(0x893, &(0x7f0000000140)={0x0, 0xafe5, 0x1, 0x4, 0x1b9}, &(0x7f0000000000), &(0x7f0000000340))
r10 = open(&(0x7f0000000100)='./bus\x00', 0x0, 0x10)
lsetxattr$security_ima(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000240), &(0x7f00000004c0)=ANY=[@ANYBLOB="27e58d4e7c93f22293c53ce6e125251491b30aae4fc7e50d8c3272ca42ede01d6831e25067c507a26732a589b0492c6796bd758d80b2a562b2a258980c5c3d3a776f44d09ee032cbc75dead40d48d2d683b47ae9a8e258128045069b811d299c9c9c1335fcb2699cd3a9eb3925c1f1f326fe2271a84ce4d72809aeb993990b72b10b166c0d4d60260d32649bfcd9955485acb8d9d97a5756e13228d92118293703a67b000000"], 0x2, 0x1)
dup3(r10, r6, 0x80000)
r11 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000020000000000000f9ffff0b85000000ae000000850000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r11}, 0x90)
syz_clone3(&(0x7f0000001880)={0x100000200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

10m9.842152984s ago: executing program 2 (id=2901):
r0 = bpf$TOKEN_CREATE(0x24, &(0x7f0000000040), 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000940)=ANY=[@ANYRES32=r0], &(0x7f0000000240)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x41, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r1}, 0x18)
r2 = io_uring_setup(0x7022, &(0x7f0000000000)={0x0, 0xfc16, 0x1, 0x1, 0xeb})
io_uring_register$IORING_UNREGISTER_PBUF_RING(r2, 0x17, &(0x7f00000001c0)={0x0, 0x0, 0x1}, 0x1)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/handlers\x00', 0x0, 0x0)
preadv(r3, &(0x7f0000000480)=[{&(0x7f0000000380)=""/156, 0x9c}], 0x1, 0x2, 0x0)
r4 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000080)=0xffffffffffffffff, 0x4)
r5 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={0xffffffffffffffff}, 0x4)
r6 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'macvlan1\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=@newqdisc={0x40, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r7, {0x0, 0x2}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x44}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x9}]}, 0x40}, 0x1, 0x0, 0x0, 0x4008094}, 0x8840)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1, 0x5, &(0x7f0000001600)=ANY=[@ANYRES8=r5], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', r7, @fallback=0x36, r4, 0x8, &(0x7f0000000000)={0x20000006}, 0x8, 0x10, &(0x7f0000000000)={0x0, 0x2000007}, 0x10, 0x0, r5}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r9, 0x1, 0x32, &(0x7f0000000380)=r8, 0x4)
sendmsg$sock(r9, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000280)="67f1", 0xfdef}], 0x1}, 0x40840)

10m5.220228977s ago: executing program 2 (id=2905):
symlink(&(0x7f0000000200)='./file0\x00', 0x0)
symlink(&(0x7f0000004500)='./file1/file0\x00', &(0x7f0000004540)='./file0\x00')
r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x0, 0xe, 0x33565348, 0x0, 0x0, 0x0, 0x3, 0xfeedcafe, 0x3, 0x0, 0x2, 0x2}})

10m3.066878158s ago: executing program 34 (id=2905):
symlink(&(0x7f0000000200)='./file0\x00', 0x0)
symlink(&(0x7f0000004500)='./file1/file0\x00', &(0x7f0000004540)='./file0\x00')
r0 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x0, 0xe, 0x33565348, 0x0, 0x0, 0x0, 0x3, 0xfeedcafe, 0x3, 0x0, 0x2, 0x2}})

4m43.312204301s ago: executing program 3 (id=3623):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, 0x0, 0x0)

4m42.358144965s ago: executing program 3 (id=3624):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00'}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0xf)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000040)={0x20002004})

4m39.843427122s ago: executing program 3 (id=3626):
r0 = socket(0x10, 0x80002, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r4)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r5, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="a4280400000000001400350076657468305f746f5f626f6e6400000008000a", @ANYRES32=r6], 0x3c}, 0x1, 0x0, 0x0, 0x4008800}, 0x8000)
sendmmsg$alg(r0, &(0x7f00000000c0), 0x492492492492627, 0x0)

4m37.403263835s ago: executing program 3 (id=3633):
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000000)='macvtap0\x00', 0x10)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000080)="31138867cdbb418d9ea12f82a3f69ecbe48cedb4d156c0a9", 0x18}, {&(0x7f00000000c0)="5c8598e94f4155710c9c269be10624c7d32e9bbb8e3db0c272e1c2dc14835670a4690dd648a650f7a1bdb921ff5d0976866c7e255c09fe3510646a79795531c95de1f379359e7a5d56aefe1eab24c1a43f25ce98af", 0x55}], 0x2}, 0x80)
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/cgroups\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000200)={<r1=>0x0, 0x5a70, 0x9, [0x4000, 0x8489, 0x1, 0x8, 0x5, 0x8, 0x3, 0x6, 0xadcc]}, &(0x7f0000000240)=0x1a)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000280)={r1, 0x2}, 0x8)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000002c0)={r1, @in6={{0xa, 0x4e24, 0x100, @remote, 0x8001}}, 0xba8, 0x86ac, 0x200, 0x0, 0x60, 0x7, 0x5}, 0x9c)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r0, 0x89f8, &(0x7f0000000580)={'erspan0\x00', &(0x7f0000000500)={'sit0\x00', <r2=>0x0, 0x8000, 0x7800, 0x59e4, 0x3, {{0xb, 0x4, 0x0, 0x6, 0x2c, 0x67, 0x0, 0x36, 0x29, 0x0, @broadcast, @empty, {[@timestamp_addr={0x44, 0x14, 0x42, 0x1, 0x3, [{@rand_addr=0x64010101, 0x9}, {@local, 0xfffffffd}]}, @end]}}}}})
bpf$TOKEN_CREATE(0x24, &(0x7f0000000640)={0x0, r0}, 0x8)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000900)=ANY=[@ANYBLOB="0200000004000000080000000100000080000000", @ANYRES32=r0, @ANYBLOB='\b\x00'/20, @ANYRES32=r2, @ANYRES32, @ANYBLOB="02000000040000000000000000000000000000000bc1ce878e"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x4, 0x15, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000005b70800000000000012f9f8ff00000000b70800009f0400007b8af0ff00000000bf0100001400000007010000f8f9ffffbfa40000000000000704ffb702000008000800182300"/92, @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000800000085000000a5000000850000009a00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70200000000000085000000860000009500000000000000"], &(0x7f0000000480)='syzkaller\x00', 0x9, 0x15, &(0x7f00000004c0)=""/21, 0x40e00, 0x0, '\x00', r2, @fallback=0xc, r0, 0x8, &(0x7f00000005c0)={0x3, 0x3}, 0x8, 0x10, &(0x7f0000000600)={0x4, 0x10, 0x200, 0x10}, 0x10, 0xffffffffffffffff, r0, 0xa, &(0x7f00000006c0)=[r0, r0, r0, 0x1, r3], &(0x7f0000000700)=[{0x1, 0x1, 0x4, 0x1}, {0x1, 0x5, 0xb, 0x3}, {0x3, 0x5, 0x7, 0xa}, {0x1, 0x3, 0x3, 0x1}, {0x3, 0x4, 0x2, 0x5}, {0x4, 0x1, 0x8, 0x1}, {0x5, 0x4, 0x7, 0x92bd6ac4404fc077}, {0x1, 0x5, 0xa, 0x9}, {0x1, 0x2, 0xe, 0x5}, {0x0, 0x1, 0x7, 0x7}], 0x10, 0x3}, 0x94)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
ioctl$KVM_CAP_X2APIC_API(r0, 0x4068aea3, &(0x7f0000000a80)={0x81, 0x0, 0x3})
getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000b00)={{{@in6=@empty, @in=@empty}}, {{@in6=@private1}, 0x0, @in=@initdev}}, &(0x7f0000000680)=0xe8)
ppoll(&(0x7f0000000c40)=[{r0, 0x4043}, {0xffffffffffffffff, 0x6008}, {0xffffffffffffffff, 0x2000}], 0x3, &(0x7f0000000c80), &(0x7f0000000cc0)={[0x3]}, 0x8)
sendmsg$nl_route_sched_retired(r0, &(0x7f0000000e00)={&(0x7f0000000d00)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000dc0)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x0)
getsockopt$CAN_RAW_JOIN_FILTERS(r0, 0x65, 0x6, &(0x7f0000000e40), &(0x7f0000000e80)=0x4)
write$cgroup_pressure(r0, &(0x7f0000000ec0)={'full', 0x20, 0x10, 0x20, 0x6a5}, 0x2f)
pipe2$watch_queue(&(0x7f0000000f00)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x80)
close_range(r4, 0xffffffffffffffff, 0x2)
read$msr(r5, &(0x7f0000000f40)=""/94, 0x5e)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000fc0)={r1, 0x100}, &(0x7f0000001000)=0x8)
r6 = socket$nl_audit(0x10, 0x3, 0x9)
r7 = openat$audio(0xffffffffffffff9c, &(0x7f0000000200), 0xa2442, 0x0)
ioctl$SNDCTL_DSP_SYNC(r7, 0x5001, 0x0)
sendmsg$AUDIT_TTY_GET(r6, &(0x7f0000001100)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000001080)={0x10, 0x3f8, 0x300, 0x70bd2b, 0x25dfdbfd, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x4000005}, 0x800)

4m37.050230971s ago: executing program 3 (id=3636):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e7627cc39d724e2e34e7a24154f26ae3125b36d0504965295d0453902ac7079b11a3a1e655e482331e3dc35b2e7e4e3ea99064fe5b9c8ae0ca3e5fd653f3286a99d81ce4eba765c38d097391ad4babac38ce5b4344e24a361cd54e5"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0xf)
r6 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r5, &(0x7f0000000040)={0x20002004})

4m31.901868384s ago: executing program 3 (id=3646):
r0 = socket$packet(0x11, 0xa, 0x300)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x4d, &(0x7f0000003840)=0xd, 0x4)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x86, 0x4)
sendto$inet6(r1, 0x0, 0x0, 0x40000, &(0x7f0000000180)={0xa, 0x4e20, 0x8001, @loopback, 0x627bcafb}, 0x1c)
recvmmsg(r1, &(0x7f0000000840)=[{{0x0, 0xb, 0x0, 0x0, 0x0, 0xffffffffffffff49}, 0x7ffffffe}, {{&(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x0, &(0x7f0000000240)=[{&(0x7f0000000100)=""/70}, {&(0x7f00000001c0)=""/80}], 0x0, &(0x7f0000000280)=""/237}, 0x4}, {{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000380)=""/110}, {&(0x7f0000000400)=""/54}, {&(0x7f0000000440)=""/253}, {&(0x7f0000000540)=""/81}, {&(0x7f00000005c0)=""/146}, {&(0x7f0000000680)=""/110}], 0x0, &(0x7f0000000780)=""/167}, 0xc}], 0x1, 0x2002, 0x0)
recvmmsg(r0, &(0x7f0000003c80), 0x3ffff87, 0x2, 0x0)

4m15.53492573s ago: executing program 35 (id=3646):
r0 = socket$packet(0x11, 0xa, 0x300)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x4d, &(0x7f0000003840)=0xd, 0x4)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f00000000c0)=0x86, 0x4)
sendto$inet6(r1, 0x0, 0x0, 0x40000, &(0x7f0000000180)={0xa, 0x4e20, 0x8001, @loopback, 0x627bcafb}, 0x1c)
recvmmsg(r1, &(0x7f0000000840)=[{{0x0, 0xb, 0x0, 0x0, 0x0, 0xffffffffffffff49}, 0x7ffffffe}, {{&(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @local}}}, 0x0, &(0x7f0000000240)=[{&(0x7f0000000100)=""/70}, {&(0x7f00000001c0)=""/80}], 0x0, &(0x7f0000000280)=""/237}, 0x4}, {{0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000380)=""/110}, {&(0x7f0000000400)=""/54}, {&(0x7f0000000440)=""/253}, {&(0x7f0000000540)=""/81}, {&(0x7f00000005c0)=""/146}, {&(0x7f0000000680)=""/110}], 0x0, &(0x7f0000000780)=""/167}, 0xc}], 0x1, 0x2002, 0x0)
recvmmsg(r0, &(0x7f0000003c80), 0x3ffff87, 0x2, 0x0)

1m28.901228707s ago: executing program 8 (id=4202):
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, 0x0, 0x0)
r4 = socket(0x10, 0x3, 0xf)
r5 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r4, &(0x7f0000000040)={0x20002004})

1m25.929365719s ago: executing program 8 (id=4210):
syz_emit_ethernet(0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="4c000000020603000000000000000000000000001400078008001240000000000500150002000000050001000600000005000500020000000500040000000000090002"], 0x4c}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, 0x0, 0x0, 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x200e19}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00', 0x7, 0x0, 0x0, 0x41100}, 0x94)
socket$inet_smc(0x2b, 0x1, 0x0)
accept$alg(0xffffffffffffffff, 0x0, 0x0)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@local})
ioctl$IOCTL_VMCI_DATAGRAM_SEND(r0, 0x7ab, &(0x7f0000000040)={&(0x7f0000000280)={{@local}, {@local}, 0x400, "787c2ce2fba15d4e9f8e96bc11e2ca247a20c3e26661b174fe1825253be9e8480cb4f3524914f59ba189c1429727ef39b4164f93bb821987b3b7f73495bc8e745304668e0e46798c7f5917ea8428d41cab5612336f04000000000000008e9c1c86a394feb64fb06f77dadbcb20fc62741432b7dca37007d68e98fe46135d6a1c5ed42102f58daa5211319db84aa9abac734be47c908dc3ffa3aa7b61ec16d3d1209fc618f6c4532ea582628502ac46d167db6d53d8f3184df68414e6b6ec0109664c570e155654e03d58dadd0e5a7bab42bbb4a9afdefc115eb1609e7b50dbd94b94ba09000000000000001c9e4a41d3e16af21d6c897a1121bc14de16e78d6d7f2ae79db44e302539fd926e0b91e0fc589e2fa19b218d0508b5ce3ad40d03936693ca5aa41ddc07cf492874569ab037e0530e38245b98131ae0c9afd871df5f51331938764f5a7dd96890edd467b2fbc335ed081729b5ea722a98b34d0dac6de995de4ee263c81b2567b3f87e0897857edd5d7e97d61fc67076eab4846010d4828cc879f95cddb69ff6438f2a109285c46d8224c36069d30c3c9cf4a6800ae224111136bd9c1e06c4bfc4685d7bb6a72345772b3ce9bf105490743dc4b700f24ce6b250b95e6c383fe44967a55d140baf0ec339e3815b29a2246cb5c953048c43266485bbd9d0caecf00e9501a4433b54930cba54e06607ada2f5d818e4804294fcf53058e58e0d33d4aa6dc943811056908fe9116e65cdddac1d2fb24d1eacee389af38b7e5a7056d0de50c6b49fb38388cf28c2d6dd3dbbab84ffbef4b0c02a77f018e8a9749a557909e6aa96185d268dad7744b094d8c6134b8defe26674d65f908f9c3a8c201f661fc26efe0eff248d3a473fe32a5b3643bfad8f186c2af3fbaa1d38560c1244c79a0e48893eefb792af281650f34f6c2d9a6c622aba234b63586713cb66179a0897d98ee5228569c32c1a682807c8db7eb197ccbbd6549db86a6a9aebbf5dc14060f22e2b07d6166f43c25ae0c88be7a4dc38e7ed08972a355b0e5d6fc43b8e5594fa6b36a36a44bb94b75eaff11dc17105f54beda54da2a1ea1acfab354745057dd2e7725f2c8450b19fdf37e19f6ce43449e9191f5a5beb4a1bc176f6130052e83acefd8ff18d592bb75f15f86c9113e4bd67ad420c33ae706cdc10060277b83ef30a50d4ac19c9a791b309377aa20a4743bbb799abc3ba58071b628c9ba8103bbfe389939e55296ec9b4f8d3a03aff30ce9aa0dd6e5158a672be8f3da8349ed4ad82f6ca67ee29e8b234840cf7846e604e5b8135abd94d71fe0a79180e75d4e193ea8df466c087b660fe984943751a9f6df8545699701d478c2b3daa949155770e74835bcd972de27afd20b02ce0e504c15b0237437200"}, 0x418, 0x7fffffff})
r1 = accept4$tipc(0xffffffffffffffff, &(0x7f00000003c0), &(0x7f0000000400)=0x10, 0x0)
recvfrom$inet_nvme(0xffffffffffffffff, &(0x7f0000000340)=""/67, 0x43, 0x40, &(0x7f0000000540)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x1, 0x1, 0x1, 0x2}}, 0x80)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000080900010073797a30000000005c000000030a03000000000000000000050000000900010073797a30000000000900030073797a300000000008000c40000000032800048008000240000000120800014000000000"], 0xa4}}, 0x0)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r3, &(0x7f0000000200)={{0x3, @default, 0x1}, [@default, @default, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
r4 = socket$rxrpc(0x21, 0x2, 0xa)
connect$rxrpc(r4, &(0x7f0000000080)=@in6={0x21, 0x3, 0x2, 0x1c, {0xa, 0x0, 0x0, @mcast1}}, 0x24)
connect$rxrpc(r4, &(0x7f0000000000)=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @mcast1}}, 0x24)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x40080)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a500000000c0a010100000000000000000a0000062900020073797a31000000000900010073797a3100000000240003017006000100d103f023200303a7cd9305e316af7c00000c000440000000002df31ab30400008014000000110001000000000000000000010000"], 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

1m23.004611494s ago: executing program 8 (id=4215):
r0 = socket$tipc(0x1e, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
r2 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000040)={0x40, 0x1, 0x3}, 0x10)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socket$nl_generic(0x10, 0x3, 0x10)
userfaultfd(0x80001)
socket$netlink(0x10, 0x3, 0x0)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r3, 0xc0045006, &(0x7f00000001c0)=0x6f)
write$dsp(r3, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x10003, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10)

1m21.861299273s ago: executing program 8 (id=4224):
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYRESOCT], 0x30}, 0x4000080)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4040)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'gretap0\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f0000000180)="0b0312002e0064000200475400f6a13bb1000000086086dd48", 0x19, 0x0, &(0x7f0000000140)={0x11, 0x88a8, r1}, 0x14)

1m18.729813388s ago: executing program 8 (id=4230):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f00000000c0)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000140)={0xbf48ce7, "1803c80980000000080000000003000000d600", <r5=>0xffffffffffffffff})
r6 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000002c0), 0x101881, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r6, 0xc0285700, &(0x7f0000000200)={0x40000002, "fa02791d2a69a2610f02000000000000001100010000000800", <r7=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r7, 0xc0303e03, &(0x7f0000000080)={"6739669f274d13b691ebe45b00e4f5b53e0ca34dd02acecdc67c5e3126628168", r5, <r8=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, &(0x7f00000000c0)={0x0, 0x5}, &(0x7f0000000140)=0x8)
setsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffffff, 0x84, 0x11, &(0x7f0000000180)={0x0, 0xff}, 0x8)
r9 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000280), 0xcf585196b54926f4, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r6, 0xc0285700, &(0x7f0000000240)={0x1b, "8a6035ceeae33ffb37cb097feff800000000000400", <r10=>0xffffffffffffffff})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r9, 0xc0285700, &(0x7f00000004c0)={0x9, "34e6498c270e0000b56a000005000000000000000000000000000100", <r11=>0xffffffffffffffff})
close(0x3)
ioctl$SYNC_IOC_MERGE(r8, 0xc0303e03, &(0x7f00000000c0)={"0e337b42cc00d331ff0007000000000000001a00", r11, <r12=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r10, 0xc0303e03, &(0x7f0000000040)={"130f2672af9ee0452321864922cd3bebd7f9cec5064e58445f1268334b4900", r12})
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r13 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x161042, 0x0)
ioctl$PPPIOCNEWUNIT(r13, 0xc004743e, &(0x7f0000000000)=0x5)
ioctl$PPPIOCGNPMODE(r13, 0xc008744c, &(0x7f0000000100)={0x2b, 0x3})
r14 = semget$private(0x0, 0x7, 0x191)
semop(r14, &(0x7f0000000040)=[{0x1, 0xd5da, 0x1000}], 0x1)

1m15.308346184s ago: executing program 8 (id=4237):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
syz_usb_connect$uac1(0x0, 0xac, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(0x0, r4)
ioctl$TCSBRKP(0xffffffffffffffff, 0x5425, 0x0)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r5, &(0x7f00000007c0), 0x0, 0x200088c0, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
ioctl$BLKRRPART(0xffffffffffffffff, 0x125f, 0x0)
shutdown(r5, 0x1)
io_setup(0x7, 0x0)
syslog(0x3, &(0x7f0000000200)=""/90, 0x5a)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010024000000ffdbdf251500000024001d8120"], 0x38}}, 0x0)
ioctl$INCFS_IOC_FILL_BLOCKS(r0, 0x80106720, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x4)
r7 = fsopen(&(0x7f0000000180)='debugfs\x00', 0x1)
r8 = fcntl$dupfd(r7, 0x406, r7)
fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000080)='mode\x00', &(0x7f0000000040)='7', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)
r9 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r9, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r10, @ANYBLOB="0000000000004a641c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)

55.123414609s ago: executing program 36 (id=4237):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000800), 0xffffffffffffffff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
syz_usb_connect$uac1(0x0, 0xac, 0x0, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(0x0, r4)
ioctl$TCSBRKP(0xffffffffffffffff, 0x5425, 0x0)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendto$inet6(r5, &(0x7f00000007c0), 0x0, 0x200088c0, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
ioctl$BLKRRPART(0xffffffffffffffff, 0x125f, 0x0)
shutdown(r5, 0x1)
io_setup(0x7, 0x0)
syslog(0x3, &(0x7f0000000200)=""/90, 0x5a)
sendmsg$NL80211_CMD_SET_TID_CONFIG(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010024000000ffdbdf251500000024001d8120"], 0x38}}, 0x0)
ioctl$INCFS_IOC_FILL_BLOCKS(r0, 0x80106720, 0x0)
r6 = socket$netlink(0x10, 0x3, 0x4)
r7 = fsopen(&(0x7f0000000180)='debugfs\x00', 0x1)
r8 = fcntl$dupfd(r7, 0x406, r7)
fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000080)='mode\x00', &(0x7f0000000040)='7', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r8, 0x6, 0x0, 0x0, 0x0)
r9 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r9, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r10, @ANYBLOB="0000000000004a641c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)

35.08905631s ago: executing program 7 (id=4311):
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000240)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0x6}}, './file0\x00'})

34.929818014s ago: executing program 7 (id=4313):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x2, @remote, 0x7}, 0x1c)
r1 = openat$incfs(0xffffffffffffffff, &(0x7f00000000c0)='.pending_reads\x00', 0x400000, 0x43)
ioctl$KVM_S390_VCPU_FAULT(r1, 0x4008ae52, &(0x7f0000000100)=0x1)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f0000000040)={'ipvs\x00'}, &(0x7f0000000080)=0x1e)
setsockopt(r0, 0x1, 0x10000000000009, &(0x7f0000000180)="890538e4", 0x667)
openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
lstat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200))
r2 = syz_io_uring_setup(0x3488, &(0x7f0000000500)={0x0, 0xd2a7, 0x10100, 0x1000, 0x181}, &(0x7f00000002c0)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0)
r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0)
syz_io_uring_submit(r3, r4, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, r5}})
io_uring_enter(r2, 0x7a98, 0x0, 0x0, 0x0, 0x0)

33.220592665s ago: executing program 7 (id=4323):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x1)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
sched_setattr(0x0, &(0x7f0000000140)={0x38, 0x0, 0x10000004, 0x8000, 0x7, 0x3, 0x3, 0x7ff, 0x3, 0x4}, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000000040)={0x50, 0x0, r4, {0x7, 0x1f, 0x0, 0x10400}}, 0x50)
syz_fuse_handle_req(r3, &(0x7f0000008380)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x20, 0x0, 0x88}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
writev(r5, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x56000}], 0x1) (fail_nth: 1)
close(r3)

32.353754291s ago: executing program 7 (id=4326):
syz_open_dev$vim2m(&(0x7f0000000080), 0x2, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
sendmsg$DEVLINK_CMD_PORT_GET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)=ANY=[@ANYRESHEX=0x0, @ANYRES16, @ANYBLOB="010029bd70000000000049000000080001007063690011000200303030"], 0x60}}, 0x24004000)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB], 0x1c}}, 0x2000c840)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r3=>0xffffffffffffffff})
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = fsopen(&(0x7f0000000300)='tracefs\x00', 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000580)='gid', &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xeaEb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)

31.823694553s ago: executing program 6 (id=4327):
syz_open_dev$vim2m(&(0x7f0000000080), 0x2, 0x2)
openat$tun(0xffffffffffffff9c, 0x0, 0x48241, 0x0)
sendmsg$DEVLINK_CMD_PORT_GET(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000040)=ANY=[@ANYRESHEX=0x0, @ANYRES16, @ANYBLOB="010029bd70000000000049000000080001007063690011000200303030"], 0x60}}, 0x24004000)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=ANY=[@ANYBLOB], 0x1c}}, 0x2000c840)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r3=>0xffffffffffffffff})
r4 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'veth0_to_batadv\x00', <r5=>0x0})
sendmsg$can_raw(r4, &(0x7f0000000140)={&(0x7f0000000e80)={0x1d, r5}, 0x10, &(0x7f00000005c0)={&(0x7f0000000ec0)=@can={{}, 0x80, 0x2, 0x4, 0x2}, 0x210}}, 0x4080811)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000340)={0x1b, 0x0, 0x0, 0x10000, 0x0, 0xffffffffffffffff, 0x8b, '\x00', r5, 0xffffffffffffffff, 0x3, 0x5, 0x2}, 0x50)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = fsopen(&(0x7f0000000300)='tracefs\x00', 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, 0x0)
fsconfig$FSCONFIG_SET_STRING(r6, 0x1, &(0x7f0000000580)='gid', &(0x7f0000000440)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xeaEb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80Y\xc2\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\xf8\xc9@h\x01\xf5\xcb\x88\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9a\x84\'\xa3\xf1\xd9<\xb9k\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)

30.506978784s ago: executing program 7 (id=4330):
socket$tipc(0x1e, 0x5, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
userfaultfd(0x80001)
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, 0x0)
openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x10003, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)

30.151509704s ago: executing program 6 (id=4332):
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3002, 0x6, &(0x7f0000000000)=0xa636, 0x9, 0x0)
set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x4, 0x5, &(0x7f0000000540)=ANY=[@ANYBLOB="18020000030000000000000000000000850000002f000000850000000800000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
mount$fuseblk(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0xb, &(0x7f00000001c0)=@framed={{}, [@printk={@d, {}, {0x7, 0x1, 0x4}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffc}, {0x85, 0x0, 0x0, 0x99}}]}, &(0x7f0000000000)='syzkaller\x00', 0x6, 0xfe9, &(0x7f0000002e00)=""/4073}, 0x94)

29.262060332s ago: executing program 6 (id=4334):
socket$tipc(0x1e, 0x5, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000040)={0x40, 0x1, 0x3}, 0x10)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f00000001c0)=0x6f)
r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read$dsp(r3, &(0x7f00000002c0)=""/4096, 0x1000)
write$dsp(r2, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x10003, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)

29.094716126s ago: executing program 7 (id=4336):
unshare(0x6a040000)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001800dd8d00000000000000000200101e000100"/36], 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='net/fib_trie\x00')
syz_open_dev$vbi(&(0x7f0000000080), 0x2, 0x2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = syz_open_dev$radio(&(0x7f0000000100), 0x2, 0x2)
preadv2(r4, &(0x7f0000000500)=[{&(0x7f00000001c0)=""/45, 0x2d}], 0x1, 0xfff, 0x2, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
read$FUSE(r2, &(0x7f0000000d80)={0x2020}, 0x2020)

27.191977909s ago: executing program 6 (id=4345):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = fcntl$dupfd(r0, 0x406, r0)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
shutdown(r0, 0x1)
sendmsg$nl_route(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x3c000841}, 0x20048000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xa4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB="500000000001010400000000141a000002000010240001801400018008000100e000000108000200e00000010c00028005000100000000001800028014000180080001"], 0x50}}, 0x0)
setsockopt$RXRPC_SECURITY_KEY(r1, 0x110, 0x1, &(0x7f00000000c0)='/dev/loop#\x00', 0xb)
r3 = syz_open_dev$loop(&(0x7f0000000080), 0x47ffffa, 0x122c42)
fadvise64(r3, 0x5, 0x7, 0x5)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[], 0xa4}, 0x1, 0x0, 0x0, 0x4000895}, 0x4000800)

26.068408817s ago: executing program 6 (id=4347):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) (async)
r1 = fsmount(r0, 0x0, 0x2)
fchdir(r1) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffffff000}], 0x5, 0x0, 0x3f) (async)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) (async)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r4, 0x29, 0x4e, &(0x7f0000000040)=0x78, 0x4) (async)
bind$inet6(r4, &(0x7f0000000280)={0xa, 0x4e20, 0xe, @private2={0xfc, 0x2, '\x00', 0x1}, 0x6}, 0x1c)

25.742493262s ago: executing program 4 (id=4350):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r2 = socket(0x2, 0x3, 0x2)
getsockopt(r2, 0xff, 0x100000000000001, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r3 = getpid()
ioctl$AUTOFS_DEV_IOCTL_READY(r0, 0xc0189376, &(0x7f0000000240)={{0x1, 0x1, 0x18, <r4=>r1, {0x6}}, './file0\x00'})
r5 = eventfd(0x10000)
io_submit(0x0, 0x3, &(0x7f0000000840)=[&(0x7f0000000280)={0x0, 0x0, 0x0, 0x2, 0x1, r4, &(0x7f0000000400)="a9815958f30eed3960c097ef9ce9d03e22291b89f5eaa43bccbe54d42d08650707b4d71cc9c39769e12791be0292bcf4f97740f53d5c100e8a6e908be281d35e0ab34755ce535e90ef014df58ae28ca845030ef0224a22e3ce2d129d69047031c5ab96832811790479", 0x69, 0x0, 0x0, 0x1, r5}, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x1, 0x1, 0xffffffffffffffff, &(0x7f0000000580)="da5d99990626ef214b702b42ca699ac041d5819492511436c40c1f34fa4e21acd480b03738d041c73c527b726625ba305dedcdfc7f8d8c5dcd36694fe72296e39a8d9346e02cca2b2ed5e2d1d10fee5222149e6d327df07656117ec0a47659c7d70496db5eac6cd855b2baeaa5a1296f1f01fcf7d5d7d403514967b62a04616947cba94a35b507851d", 0x89, 0x3, 0x0, 0x7}, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x1, 0x5b, r1, &(0x7f0000000780)="e8dc90ad51dec9ca9ddaa73112e5852dd1660af43ea0132b46b62da032ff08b6b93fa92dcf87db9bf45066d0a635b73d46816bf5ea9180bcd1ad8d90ff6aab97dbfee59ea55202313bda1f03c73423ab725b2daf52b488fb70075944e3941745ca3fa6dd5fa98dcf57f51e2f0958fa7760a813d6c744ae2c608850eb2ddc2f383dd05cc6", 0x84, 0xf}])
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x81c0, 0x0)
r8 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x1, 0x0)
r9 = landlock_create_ruleset(&(0x7f0000000140)={0x4000}, 0x18, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r9, 0x1, &(0x7f0000000180)={0x4000, r8}, 0x0)
landlock_restrict_self(r9, 0x0)

23.458846514s ago: executing program 4 (id=4358):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x39749000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x5421, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1700000007"], 0x50)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)
socket$netlink(0x10, 0x3, 0x8000000004)
capset(&(0x7f0000000c00)={0x20080522}, &(0x7f0000000140))
openat$comedi(0xffffffffffffff9c, 0x0, 0x20002, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x10802, 0x0)
ioctl$SIOCGSKNS(r3, 0x894c, &(0x7f0000000340)={'vcan0\x00', 0x600})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
syz_io_uring_setup(0x49a, &(0x7f0000000280)={0x0, 0x86fc, 0x200, 0x0, 0x400252, 0x0, r4}, 0x0, 0x0)

23.176740796s ago: executing program 6 (id=4359):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000300), 0x4004, 0x0)
ioctl$KVM_CAP_VM_TYPES(r3, 0x4068aea3, &(0x7f0000000400)={0xeb, 0x0, 0xa})
ioctl$KVM_XEN_HVM_CONFIG(r2, 0x4038ae7a, &(0x7f0000000000)={0x80, 0x40000105, 0x0, 0x0})
ioctl$KVM_XEN_HVM_CONFIG(r2, 0x4038ae7a, &(0x7f0000000180)={0x82, 0x0, 0x0, 0x0})
sendmsg$nl_netfilter(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001200)={0x18, 0x7, 0xa, 0x101, 0x70bd25, 0x25dfdbfd, {0x1, 0x0, 0x4}, [@generic='W']}, 0x18}, 0x1, 0x0, 0x0, 0x44}, 0x44800)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32, @ANYBLOB="0000000000000000b7000000000000007b5af8ff00000000bfa200000000000007020000d6ffffffb703000008000000b70400000000000085000000140000"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0xcc03, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x3c, r6, 0x1, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private1}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}]}, 0x3c}}, 0x80)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x3c, r6, 0x10, 0x70bd2a, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x5}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x7}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4050}, 0x400c0)
r7 = socket$kcm(0xa, 0x3, 0x73)
sendmsg$inet(r7, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @multicast2}, 0x10, 0x0}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a40)=ANY=[@ANYBLOB="b70200000d000000bfa300000000000005000000000000007a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67d5b310efcfa89147a7fb0a93d035f2f206d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d7be3e8c254a5cba117cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e6a9f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d996d60a17e3c184b751c51160100000000000080148b9a31ee8dc8b544f3c4a532e60a0ac346dfebd31a08060000000200000000000000334d83239dd20100008000000000d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08a406f99f7b1e1ad828267d4eadd3964663e085354133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0183babc190ae2ebf8aad34732181feb28cb0bae7c34dc5e7c805210600000000000000c3dec04b25df45d4f71ab158c36657b7218baa07a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d01776839b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4e6068f1bf710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2b2ff7f9a7d365e63845f3e1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000010000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edef8ba72205beff7771bcb293747b88486cacee403000000a2919a4b09e168e4e4d5ff2ed893f2e314679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289c2f884d0766cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2efce676a93110904d5e055af44664b53c764d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007976694b6a0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d201721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e671282a2d3066ac968c7d7d7db195f255b1b4a85eb9ee0a3b68c9e209756623adf685dd715d68ed1274b4d5502f512493af8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f74b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b2c16bd94d2da66059de81abfa15eeeae3b0ba38d8bb1bf032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f5533d3c58104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7866f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ec8faf3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7abc231f8cde79b7a6c5aafe954b8ba37818e40c14b36f2d7c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1df7ffffff735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c095162b82ceaeaae9b1713b5f2ee68e2b53d44bd84bf6960157e96bbb96b5e10d66c87e7a9a7d53c281d88ebb175a4dbb82130e6870980e47913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8988d833e71943fe2c1c65a3cf355e5b91114052f8a398d8e10c96b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3df3572a7d9ef5f6103997f1f9e4b0c3970bda50f6c0af58dbd6c031b1a5a7512c58965c514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e24d192d67a1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb2200040000fc1e3865d17d128306d1b81884a934cb0000000000d367000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44b615ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f530043a6cd72af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a673804220423f52ad8178b9fd04bff816e00000000000000000000000000000000000000000079aaf19bd1e18f582aac5b83d76bd57297512fdcdad18bcf2455bc80394d8f34e2ef84733038f4b6ef516d7baa99f24f2f100fc46aec9dc19b30fe9966b7ae563b6459d86fd3b4c7173f06387517e4189f3fb09c069e20220354b054f2391efe55a0cc7f738b3987ae033ceabddec65ec31f98c7e0858e8d411087889964b8fb3c31f74fa7b2e6e1c1d84a46d8be8afff1ac67eb2da30294d4a0f89978d4e2137319b6448da45bd00eb23aa5be1d566782b5a4aa291a854a4932bcbf472fd1175b521edb1763bb7dae4a124b0006e2ce4799519b3dbd3c0109b17fe2b4b87f6ad4b7176c9c1959669ef42cfce81fbc6dcdc7f9bde1a66c0b3cf9329bfecf0217bda1b72924ee9d90a3bd0be833f206244b5ba0648309018da5442ebd22bca0363183aae9d38f80638f52015cab5a8d772f9b92cb2f286783fa976f7d215136cae0b0b0539dc7dbd56035a69807514c732763f542f10401e65368b821b584fe2f82c94b2f5930246800000000000000000000000000000000000000c8ed77d8ac9f28a2e8f205900241ec8872fe3ecdf73abfc4024298a69649e17f3fe5ebba1e17f2f280e6d3f094cd3448700c5ee102b5d1b04f08ab2e5272990646eca26a62431e8c942ea2c0c621b4821eb5beceee6d53468852159452cf47aead473a8638a4d1ce2d4c6df1074e8cb3ec16149e6b4b7ec1a9aa1b63f41d08afd3d885b98330e25eedaaf5f361b2e81ce0c52ee84a2b340afdc59b177921e2f2a99132b82ed3291196038fe9a4f5a5dc734788c71bf46222d266a48628774c87b88bf3dcbea4574a87726345587e1e233fd4117063d183f477cc53c52a3fafcb998a96cf9f61cdd9ffa82d648880552ac506811accffc85ca34b262ed983d4645f4657522ed32b278891c26d5e70d41f9a5c8df8dc163fd84a81af0020a10fe53ce940d350d62b526f198620abdad179a273682175da1d9d82fde7eb9a45b566e78904238d00908b5876b4ebfca376d631b9b0caf3f1ef32ae87507aace4715efaf840ebda28e741a8b6b29eed5861168b4e1b3842f6db4443974dd0f0d4ceed9ca62fd2a839a8150335dc2b9640825b83c8bf4f931a51b093bf2dc84809af7c14f04b58d64e4f852bc49cf1126567e11f61774559bdbcc500000000000000000000000000eab10c8c592cb6f1ebccd9eb16c155a0666189eb16cea09f164363456645c9b7c168bc214615a7e94ff3d53f85c6396c42050f3205cef3009458f33949efa6a583d87795448b8b21ab6a7ca4bd8b0da30dee0af8b3a0f3cfd0ad9a8e7819b2057e2e5d8b453b6f743f8fc4dee677658958c4d4663ddcdfd0fc44e996665ab5586a4eb40a959fb0dababa05e776c29cf2443ad1d2fa0920288db88e645033ae1a4357078810d20bd93b8194214554c3f8c6efd61bc40000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r8, 0x18000000000002a0, 0xe40, 0x0, &(0x7f00000002c0)="f6eb094549002060009b8538a4ba", 0x0, 0x806, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r4, 0x2f000000, 0xe, 0x0, &(0x7f0000000740)="000000000000c000ee6e3e20630c", 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

23.137608931s ago: executing program 4 (id=4360):
r0 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_LINK_SET(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000040)={0x38, r0, 0x601, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x5, 0x6}]}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x24004005}, 0x448c0)
r2 = fsopen(&(0x7f0000000440)='ceph\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r2, 0x6, 0x0, 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x100)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r4)
sendmsg$NLBL_MGMT_C_ADD(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c010000", @ANYRES16=r5, @ANYBLOB="cd3e0000000000000000010000000800020005000000ce00010043ecf8a077157cd8bc73e1b93314cdcbb6b9bb84e5bcdb7f9af2eacc913a7640e8332d1daa67516c7f094b740c631f175dd5d0f0a8ebd2679204020b006f64e62cd3404917f3be657330adc6bf2f2ab6286f917412935536f4406edcdc8a3779814659bebb63d2c301a5e2568cb30000000056da47bd6246c86e86ac9cfbdae22622b43a13e9096385b4cb17bf6d8436e77f709e436462ad3ba28f73bf36e8e358673326e220d60a9d3d7e3c932faf89062b965db52beeff385e442adbb8d87480d48f4b3d4530e852830000140005"], 0x11c}}, 0x0)
sendmsg$NLBL_MGMT_C_ADDDEF(r3, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x34, r5, 0x300, 0x70bd27, 0x25dfdbfc, {}, [@NLBL_MGMT_A_DOMAIN={0x5, 0x1, '\x00'}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @initdev={0xac, 0x1e, 0x0, 0x0}}, @NLBL_MGMT_A_CV4DOI={0x8, 0x4, 0xa92659e00095459b}, @NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @multicast2}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x4c801)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000040)='/dev/comedi1\x00', 0x600, 0x0)
r6 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000080)=<r8=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r6, 0x16, &(0x7f0000000380)={&(0x7f0000001000)={[{0x0}, {0x0}, {0x0}, {0x0}]}, 0x4}, 0x1)
r9 = socket(0x10, 0x3, 0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000003c0)=@IORING_OP_SEND={0x1a, 0x20, 0x0, r9, 0x0, 0x0, 0xfffffd49, 0x20044080, 0x1})
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000300)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48284b70043dc6124d877142a48448b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68af2ad0810000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d4023f210fa34b63a715a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900000000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b6c7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48fc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f01000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb796ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab04000000ffe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890decace0200f404e4e1f74b7eed82571be54c72d978cf906df0042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef29cd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9fdc75aaaf0100483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a998de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270bb29b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214d00000000d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ce21d69993e9960ff5f76015e6c354463d7d0917fc80e5009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab4000000000000000028df75cf43f8ecc8d37b126602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd63bed8d31c31c37a373d4efd89fa516dab183ee65744fb8fc4f9ce2242e0f00000000010000000000000000000057d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fa03b84f63e022fe755f4007a4a899eaf52c4f49198e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c716357d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c24936615ee68538e8fddd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba1c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63c41cbde2ba66ad81168070c8c6e18a6e452a31bde54ad3e16304d06a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c7340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf"], 0x0}, 0x94)
io_uring_enter(r6, 0x27e2, 0x0, 0x0, 0x0, 0x0)
r10 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r10, 0x84, 0x64, &(0x7f00000000c0)=[@in={0x2, 0x4e24, @loopback}, @in6={0xa, 0x0, 0x10, @empty, 0x7fe}], 0x2c)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f0000000680)={0x4, 0x0, 0x0, 0x4, 0x0, 0x0, 0xa}, &(0x7f0000000000)={0x22, 0x0, 0x0, 0x2, 0x0, 0x0, 0x8, 0x240}, 0x0, 0x0, 0x0)
r11 = fsmount(r2, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r2, 0x7, 0x0, 0x0, 0x0)
ioctl$AUTOFS_IOC_SETTIMEOUT(r11, 0x80049367, &(0x7f0000000000)=0x9)

22.88349987s ago: executing program 4 (id=4363):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000002200)=@base={0x12, 0x26, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x7}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r1, <r2=>0xffffffffffffffff}, 0x0, &(0x7f0000000740)=r0}, 0x20)
unshare(0x22020600)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={r2, &(0x7f0000000300), 0x0}, 0x20)

22.192624452s ago: executing program 4 (id=4365):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100}, 0x94)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x66, 0x0, 0x0, 0x11, 0x0, @empty, @multicast1}, {0x0, 0x4e20, 0x8}}}}}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0x63, 0x0, &(0x7f0000000000)="ff", 0x0, 0x149d, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x50)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r2)
r3 = syz_open_dev$video4linux(&(0x7f0000000000), 0x0, 0x1)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r3, 0xc040563d, &(0x7f0000000080)={0x0, 0x0, 0x100, 0x4, {0x1, 0x9, 0x5, 0x9}})
r4 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, 0x0)
r5 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r5, 0x8914, 0x0)
socket$unix(0x1, 0x2, 0x0)
openat$adsp1(0xffffffffffffff9c, &(0x7f00000004c0), 0x200080, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r7 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r7, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r8=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r7, 0xc02064b6, &(0x7f0000000180)={0x0, <r9=>r8, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000100)=[0x0, 0x0, 0x0]})
r10 = signalfd(0xffffffffffffffff, &(0x7f00000000c0)={[0x6ba]}, 0x8)
r11 = fsopen(&(0x7f0000000100)='ext4\x00', 0x1)
mount$9p_fd(0x0, &(0x7f0000000000)='.\x00', &(0x7f0000000040), 0xa, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r10}, 0x2c, {'wfdno', 0x3d, r11}})
ioctl$DRM_IOCTL_MODE_GETCRTC(r10, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x1c, r9, <r12=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r7, 0xc06864ce, &(0x7f0000000440)={r12, 0x2, 0x0, 0x0, 0x0, [<r13=>0x0], [], [0x0, 0x0, 0x0, 0x4]})
r14 = msgget$private(0x0, 0x3ac)
msgrcv(r14, 0x0, 0x48, 0x2, 0x2000)
msgsnd(r14, &(0x7f0000000000)={0x2}, 0x8, 0x800)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r6, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r6, 0xc00c642d, &(0x7f0000000080)={r13, 0x0, <r15=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r7, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r15})

19.857724304s ago: executing program 5 (id=4378):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_io_uring_setup(0x110, &(0x7f00000000c0)={0x0, 0x10, 0x0, 0x3, 0x80}, &(0x7f0000000180)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f0000000040), 0x1b})
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0) (fail_nth: 1)

18.561834626s ago: executing program 5 (id=4379):
io_uring_setup(0x414d, &(0x7f0000000000)={0x0, 0x8dd3, 0x1, 0x0, 0x235})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x13f}}, 0x20)
ioctl$AUTOFS_IOC_PROTOSUBVER(0xffffffffffffffff, 0x80049367, 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, 0x0, 0x0)
writev(r4, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0x3f, &(0x7f00000002c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x31, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}, {"b5c3da1b12dcf5cadc"}}}}}}, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
fsopen(0x0, 0x1)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x3, 0x2001, 0x4, 0x5, {0x200004, 0x5, 0x5, 0xa, 0x8000, 0x9, 0x4, 0x5, 0x9, 0xd25, 0x7, 0x60b, 0x6d, 0xfffb, "6f4f1b1330d057b30bd15586b7445443c528a97436419c2cd5ae7297dceeb0be"}})

18.526031264s ago: executing program 4 (id=4380):
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0xc, 0x8001, 0x0, 0x9, 0x4f, 0x8, 0xfa11, 0x1}, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
kexec_load(0x0, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0x0, 0xff, 0x1c}, 0xc)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1c, 0x0, &(0x7f00000001c0)=0x3b)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r4, 0x4068aea3, &(0x7f0000000000)={0xa3, 0x0, 0xfffffffffffffffe})
r5 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r5, &(0x7f0000000040), 0xc)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000600)={'team0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000800)=@newqdisc={0x98, 0x24, 0x300, 0xfffffffd, 0x0, {0x0, 0x0, 0x12, r8, {}, {0xffff, 0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x68, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}}, @TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x1}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x4, 0xc}]}}]}, 0x98}}, 0x0)
r9 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
write$binfmt_aout(r9, &(0x7f00000001c0)=ANY=[@ANYBLOB="03010000b5"], 0xc8)
writev(r5, &(0x7f00000002c0)=[{&(0x7f0000000500)="e3", 0x1}], 0x1)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r10 = syz_io_uring_setup(0x2eeb, &(0x7f0000000400)={0x0, 0x8894, 0x0, 0x3, 0x2a7, 0x0, r5}, &(0x7f00000000c0), &(0x7f0000000180))
io_uring_enter(r10, 0x74ae, 0xee2, 0x10, &(0x7f0000000480)={[0xdd1]}, 0x8)

17.02937054s ago: executing program 5 (id=4381):
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
getsockopt$netlink(r0, 0x10e, 0x9, 0x0, &(0x7f00000000c0))
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1a1)
setxattr$security_capability(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040), &(0x7f0000000080)=@v3={0x3000000, [{0x4, 0x2}, {0x7, 0x7}], 0xffffffffffffffff}, 0x18, 0x0)
sendmsg$tipc(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000001600)='>', 0x1}], 0x1, 0x0, 0x0, 0x8000}, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCGSOFTCAR(r1, 0x5416, &(0x7f0000001100))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r2 = socket$kcm(0x29, 0x5, 0x0)
write$cgroup_pressure(r2, &(0x7f0000000000)={'full', 0x20, 0x2000000000000}, 0x2f)

16.921629955s ago: executing program 5 (id=4382):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f0000000480)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat$vcsa(0xffffffffffffff9c, 0x0, 0x101000, 0x0)
modify_ldt$write2(0x11, &(0x7f0000000100)={0x1d30, 0x0, 0x2000, 0x1}, 0x10)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
futex_waitv(&(0x7f0000001080)=[{0x3, &(0x7f0000001040)=0x3, 0x82}], 0x1, 0x0, &(0x7f0000001100)={0x77359400}, 0x1)

16.381575916s ago: executing program 5 (id=4383):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0x40}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x4000000000008d}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x1042, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='mountinfo\x00')
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/slabinfo\x00', 0x0, 0x0)
read$FUSE(r2, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x2200cd0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000c80)={'lo\x00'})
syz_io_uring_setup(0x3e1e, &(0x7f0000000200)={0x0, 0x80009e3a, 0x80, 0x2, 0x1bd}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x79, 0x4)
socket$nl_generic(0x10, 0x3, 0x10)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000000)={0x0, &(0x7f0000000280)}, 0x10)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)

16.269732971s ago: executing program 5 (id=4384):
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0xc, 0x8001, 0x0, 0x9, 0x4f, 0x8, 0xfa11, 0x1}, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
kexec_load(0x0, 0x0, 0x0, 0x0) (fail_nth: 1)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0x0, 0xff, 0x1c}, 0xc)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1c, 0x0, &(0x7f00000001c0)=0x3b)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r4, 0x4068aea3, &(0x7f0000000000)={0xa3, 0x0, 0xfffffffffffffffe})
r5 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r5, &(0x7f0000000040), 0xc)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000600)={'team0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000800)=@newqdisc={0x98, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x68, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x3]}}, @TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x1}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x4, 0xc}]}}]}, 0x98}}, 0x0)
r9 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
write$binfmt_aout(r9, &(0x7f00000001c0)=ANY=[@ANYBLOB="03010000b5"], 0xc8)
writev(r5, &(0x7f00000002c0)=[{&(0x7f0000000500)="e3", 0x1}], 0x1)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r10 = syz_io_uring_setup(0x2eeb, &(0x7f0000000400)={0x0, 0x8894, 0x0, 0x3, 0x2a7, 0x0, r5}, &(0x7f0000000100), &(0x7f0000000180))
io_uring_enter(r10, 0x74ae, 0xee2, 0x10, &(0x7f0000000480)={[0xdd1]}, 0x8)

11.915218648s ago: executing program 37 (id=4336):
unshare(0x6a040000)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@ipv6_newnexthop={0x1c, 0x68, 0x5fb9a818fb7378e9, 0x0, 0x0, {}, [@NHA_BLACKHOLE={0x4}]}, 0x1c}}, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001800dd8d00000000000000000200101e000100"/36], 0x24}, 0x1, 0x0, 0x0, 0x4a044}, 0x4010)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000180)='net/fib_trie\x00')
syz_open_dev$vbi(&(0x7f0000000080), 0x2, 0x2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = syz_open_dev$radio(&(0x7f0000000100), 0x2, 0x2)
preadv2(r4, &(0x7f0000000500)=[{&(0x7f00000001c0)=""/45, 0x2d}], 0x1, 0xfff, 0x2, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)
read$FUSE(r2, &(0x7f0000000d80)={0x2020}, 0x2020)

6.552488144s ago: executing program 38 (id=4359):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000300), 0x4004, 0x0)
ioctl$KVM_CAP_VM_TYPES(r3, 0x4068aea3, &(0x7f0000000400)={0xeb, 0x0, 0xa})
ioctl$KVM_XEN_HVM_CONFIG(r2, 0x4038ae7a, &(0x7f0000000000)={0x80, 0x40000105, 0x0, 0x0})
ioctl$KVM_XEN_HVM_CONFIG(r2, 0x4038ae7a, &(0x7f0000000180)={0x82, 0x0, 0x0, 0x0})
sendmsg$nl_netfilter(r0, &(0x7f00000016c0)={0x0, 0x0, &(0x7f0000001680)={&(0x7f0000001200)={0x18, 0x7, 0xa, 0x101, 0x70bd25, 0x25dfdbfd, {0x1, 0x0, 0x4}, [@generic='W']}, 0x18}, 0x1, 0x0, 0x0, 0x44}, 0x44800)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32, @ANYBLOB="0000000000000000b7000000000000007b5af8ff00000000bfa200000000000007020000d6ffffffb703000008000000b70400000000000085000000140000"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0xcc03, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$mptcp(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x3c, r6, 0x1, 0x0, 0x0, {0x7}, [@MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @private1}, @MPTCP_PM_ADDR_ATTR_IF_IDX={0x8}]}]}, 0x3c}}, 0x80)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x3c, r6, 0x10, 0x70bd2a, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x5}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x5}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x6}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x2}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x7}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4050}, 0x400c0)
r7 = socket$kcm(0xa, 0x3, 0x73)
sendmsg$inet(r7, &(0x7f0000001180)={&(0x7f0000000000)={0xa, 0x0, @multicast2}, 0x10, 0x0}, 0x0)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a40)=ANY=[@ANYBLOB="b70200000d000000bfa300000000000005000000000000007a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67d5b310efcfa89147a7fb0a93d035f2f206d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d7be3e8c254a5cba117cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e6a9f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d996d60a17e3c184b751c51160100000000000080148b9a31ee8dc8b544f3c4a532e60a0ac346dfebd31a08060000000200000000000000334d83239dd20100008000000000d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08a406f99f7b1e1ad828267d4eadd3964663e085354133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0183babc190ae2ebf8aad34732181feb28cb0bae7c34dc5e7c805210600000000000000c3dec04b25df45d4f71ab158c36657b7218baa07a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d01776839b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4e6068f1bf710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2b2ff7f9a7d365e63845f3e1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000010000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edef8ba72205beff7771bcb293747b88486cacee403000000a2919a4b09e168e4e4d5ff2ed893f2e314679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289c2f884d0766cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2efce676a93110904d5e055af44664b53c764d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007976694b6a0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d201721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e671282a2d3066ac968c7d7d7db195f255b1b4a85eb9ee0a3b68c9e209756623adf685dd715d68ed1274b4d5502f512493af8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f74b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b2c16bd94d2da66059de81abfa15eeeae3b0ba38d8bb1bf032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f5533d3c58104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7866f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be20281bde0b348cf2c60538a505ad4a0510eebb023e4954c9eb6cd70627f5c03d867dbf3ad5d1f1dc852064dd0efafc3df20ec8faf3d194db76127f88f284fa1b71ab964fdd2474471da76373e65e9a8bf844bdfdd348bc7d00c4c7e7abc231f8cde79b7a6c5aafe954b8ba37818e40c14b36f2d7c23f9f614576b689436fef2f27f8b1e756e00262e22bca49c43fd73e7e99b2fa44a8c1df7ffffff735ad6c5fabf082e0df0f8ba7e24272165f2f5b28230c095162b82ceaeaae9b1713b5f2ee68e2b53d44bd84bf6960157e96bbb96b5e10d66c87e7a9a7d53c281d88ebb175a4dbb82130e6870980e47913110f091d21760d985afd3163f2e6880682432f9b3b97d57a9f980edfa1116a3d04d58872a07d6a7e12db673acd2f7b8988d833e71943fe2c1c65a3cf355e5b91114052f8a398d8e10c96b955c56b55bfd3ecf0af694c71a03f2996c15b1ba971de1cb9c7e6a0000000000000014783ef54c51199317413f98dca8ff3df3572a7d9ef5f6103997f1f9e4b0c3970bda50f6c0af58dbd6c031b1a5a7512c58965c514adfa17d31429c68db50a93d88199defd3b4625fea426ff9293a28a544a6a9e24d192d67a1b3c6b14c4ec6d164e902ce4913843d65d841973468729ea12bf6d3499036dbb66718f3497855c3baa6cc07c0fa388ec9df0617c1a28ef5a595ee267a76175b8a057e6efaf4fefe46def451f2858fe71a53e77b1a44e98843bb3a40102da3703dfb9f61bdcea2fb810b32d52e2157a150a63ea6135d1cf6f864c2e68884d7245bc5d61dc5a114d10ffb2200040000fc1e3865d17d128306d1b81884a934cb0000000000d367000098a4526e6468987dbc63bff7590eb388afaba43d811996333eef7e9f472bee293f0c40d434b8be07cbd52325296e22802493edb5c590ad208bac683a8b2d4c9d2d57ff846ae8c422e0b28546671f11d8157bb762c91f3fbcca8e21589c92446ae65d408c0637ffcc2d44b615ce003dd1e12b085e186d069a55c2e96efbe5024d61a56a36d988c0f530043a6cd72af0fcd540a9d4e293690c5e697b3a1480e46df5371bca1cfb28a57c1b3c956ec81397e81fbf870a673804220423f52ad8178b9fd04bff816e00000000000000000000000000000000000000000079aaf19bd1e18f582aac5b83d76bd57297512fdcdad18bcf2455bc80394d8f34e2ef84733038f4b6ef516d7baa99f24f2f100fc46aec9dc19b30fe9966b7ae563b6459d86fd3b4c7173f06387517e4189f3fb09c069e20220354b054f2391efe55a0cc7f738b3987ae033ceabddec65ec31f98c7e0858e8d411087889964b8fb3c31f74fa7b2e6e1c1d84a46d8be8afff1ac67eb2da30294d4a0f89978d4e2137319b6448da45bd00eb23aa5be1d566782b5a4aa291a854a4932bcbf472fd1175b521edb1763bb7dae4a124b0006e2ce4799519b3dbd3c0109b17fe2b4b87f6ad4b7176c9c1959669ef42cfce81fbc6dcdc7f9bde1a66c0b3cf9329bfecf0217bda1b72924ee9d90a3bd0be833f206244b5ba0648309018da5442ebd22bca0363183aae9d38f80638f52015cab5a8d772f9b92cb2f286783fa976f7d215136cae0b0b0539dc7dbd56035a69807514c732763f542f10401e65368b821b584fe2f82c94b2f5930246800000000000000000000000000000000000000c8ed77d8ac9f28a2e8f205900241ec8872fe3ecdf73abfc4024298a69649e17f3fe5ebba1e17f2f280e6d3f094cd3448700c5ee102b5d1b04f08ab2e5272990646eca26a62431e8c942ea2c0c621b4821eb5beceee6d53468852159452cf47aead473a8638a4d1ce2d4c6df1074e8cb3ec16149e6b4b7ec1a9aa1b63f41d08afd3d885b98330e25eedaaf5f361b2e81ce0c52ee84a2b340afdc59b177921e2f2a99132b82ed3291196038fe9a4f5a5dc734788c71bf46222d266a48628774c87b88bf3dcbea4574a87726345587e1e233fd4117063d183f477cc53c52a3fafcb998a96cf9f61cdd9ffa82d648880552ac506811accffc85ca34b262ed983d4645f4657522ed32b278891c26d5e70d41f9a5c8df8dc163fd84a81af0020a10fe53ce940d350d62b526f198620abdad179a273682175da1d9d82fde7eb9a45b566e78904238d00908b5876b4ebfca376d631b9b0caf3f1ef32ae87507aace4715efaf840ebda28e741a8b6b29eed5861168b4e1b3842f6db4443974dd0f0d4ceed9ca62fd2a839a8150335dc2b9640825b83c8bf4f931a51b093bf2dc84809af7c14f04b58d64e4f852bc49cf1126567e11f61774559bdbcc500000000000000000000000000eab10c8c592cb6f1ebccd9eb16c155a0666189eb16cea09f164363456645c9b7c168bc214615a7e94ff3d53f85c6396c42050f3205cef3009458f33949efa6a583d87795448b8b21ab6a7ca4bd8b0da30dee0af8b3a0f3cfd0ad9a8e7819b2057e2e5d8b453b6f743f8fc4dee677658958c4d4663ddcdfd0fc44e996665ab5586a4eb40a959fb0dababa05e776c29cf2443ad1d2fa0920288db88e645033ae1a4357078810d20bd93b8194214554c3f8c6efd61bc40000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r8, 0x18000000000002a0, 0xe40, 0x0, &(0x7f00000002c0)="f6eb094549002060009b8538a4ba", 0x0, 0x806, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r4, 0x2f000000, 0xe, 0x0, &(0x7f0000000740)="000000000000c000ee6e3e20630c", 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2.19136414s ago: executing program 39 (id=4380):
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0xc, 0x8001, 0x0, 0x9, 0x4f, 0x8, 0xfa11, 0x1}, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
kexec_load(0x0, 0x0, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0x0, 0xff, 0x1c}, 0xc)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1c, 0x0, &(0x7f00000001c0)=0x3b)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r4, 0x4068aea3, &(0x7f0000000000)={0xa3, 0x0, 0xfffffffffffffffe})
r5 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r5, &(0x7f0000000040), 0xc)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000600)={'team0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000800)=@newqdisc={0x98, 0x24, 0x300, 0xfffffffd, 0x0, {0x0, 0x0, 0x12, r8, {}, {0xffff, 0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x68, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}}, @TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x1}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x4, 0xc}]}}]}, 0x98}}, 0x0)
r9 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
write$binfmt_aout(r9, &(0x7f00000001c0)=ANY=[@ANYBLOB="03010000b5"], 0xc8)
writev(r5, &(0x7f00000002c0)=[{&(0x7f0000000500)="e3", 0x1}], 0x1)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r10 = syz_io_uring_setup(0x2eeb, &(0x7f0000000400)={0x0, 0x8894, 0x0, 0x3, 0x2a7, 0x0, r5}, &(0x7f00000000c0), &(0x7f0000000180))
io_uring_enter(r10, 0x74ae, 0xee2, 0x10, &(0x7f0000000480)={[0xdd1]}, 0x8)

0s ago: executing program 40 (id=4384):
syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0xc, 0x8001, 0x0, 0x9, 0x4f, 0x8, 0xfa11, 0x1}, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
kexec_load(0x0, 0x0, 0x0, 0x0) (fail_nth: 1)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000340)={0x0, 0xff, 0x1c}, 0xc)
getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x1c, 0x0, &(0x7f00000001c0)=0x3b)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_ENLIGHTENED_VMCS(r4, 0x4068aea3, &(0x7f0000000000)={0xa3, 0x0, 0xfffffffffffffffe})
r5 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r5, &(0x7f0000000040), 0xc)
r6 = socket$netlink(0x10, 0x3, 0x0)
r7 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r7, 0x8933, &(0x7f0000000600)={'team0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000800)=@newqdisc={0x98, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x12, r8, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x68, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [], 0x0, [0x8, 0x4], [0x3]}}, @TCA_TAPRIO_ATTR_FLAGS={0x8, 0xa, 0x1}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x4, 0xc}]}}]}, 0x98}}, 0x0)
r9 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
write$binfmt_aout(r9, &(0x7f00000001c0)=ANY=[@ANYBLOB="03010000b5"], 0xc8)
writev(r5, &(0x7f00000002c0)=[{&(0x7f0000000500)="e3", 0x1}], 0x1)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r10 = syz_io_uring_setup(0x2eeb, &(0x7f0000000400)={0x0, 0x8894, 0x0, 0x3, 0x2a7, 0x0, r5}, &(0x7f0000000100), &(0x7f0000000180))
io_uring_enter(r10, 0x74ae, 0xee2, 0x10, &(0x7f0000000480)={[0xdd1]}, 0x8)

kernel console output (not intermixed with test programs):

230710][T15544] usb 7-1: config 0 interface 120 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1081.234471][T15544] usb 7-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=ac.13
[ 1081.234504][T15544] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1081.234526][T15544] usb 7-1: Product: syz
[ 1081.234542][T15544] usb 7-1: Manufacturer: syz
[ 1081.234558][T15544] usb 7-1: SerialNumber: syz
[ 1081.314929][T15544] usb 7-1: config 0 descriptor??
[ 1081.340946][T16837] fuse: Bad value for 'user_id'
[ 1081.340979][T16837] fuse: Bad value for 'user_id'
[ 1081.489583][T15544] msi2500 7-1:0.120: Registered as swradio24
[ 1081.489609][T15544] msi2500 7-1:0.120: SDR API is still slightly experimental and functionality changes may follow
[ 1081.575655][T15651] usb 7-1: USB disconnect, device number 8
[ 1082.178064][T16845] bond0: option ad_actor_sys_prio: mode dependency failed, not supported in mode balance-rr(0)
[ 1084.392722][T16863] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1085.433255][T16865] program syz.4.3721 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1085.540550][T16867] netlink: 7 bytes leftover after parsing attributes in process `syz.7.3725'.
[ 1085.793306][T16867] netlink: 7 bytes leftover after parsing attributes in process `syz.7.3725'.
[ 1086.988780][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[ 1086.988875][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[ 1087.254336][T16721] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1087.343396][T16721] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1087.441488][T16882] fuse: Bad value for 'fd'
[ 1087.463251][T16721] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1087.465621][T16886] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3730'.
[ 1087.548518][T16721] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1087.696631][T14775] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[ 1087.799916][T16721] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1087.839286][T16721] 8021q: adding VLAN 0 to HW filter on device team0
[ 1087.858033][T14775] usb 8-1: Using ep0 maxpacket: 32
[ 1087.861887][T14775] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 1087.864100][T14775] usb 8-1: config 1 interface 0 altsetting 248 bulk endpoint 0x1 has invalid maxpacket 64
[ 1087.864143][T14775] usb 8-1: config 1 interface 0 altsetting 248 bulk endpoint 0x82 has invalid maxpacket 120
[ 1087.864170][T14775] usb 8-1: config 1 interface 0 has no altsetting 0
[ 1087.867995][T14775] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1087.868075][T14775] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1087.868142][T14775] usb 8-1: Product: syz
[ 1087.868185][T14775] usb 8-1: Manufacturer: syz
[ 1087.868227][T14775] usb 8-1: SerialNumber: syz
[ 1087.949236][ T1688] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1087.949347][ T1688] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1087.983953][T16884] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1087.984087][T16884] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[ 1087.984572][ T6801] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1087.984723][ T6801] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1088.324114][T16895] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1088.344267][T16895] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1089.431404][T14775] usblp 8-1:1.0: usblp0: USB Bidirectional printer dev 16 if 0 alt 248 proto 2 vid 0x0525 pid 0xA4A8
[ 1089.440108][T14775] usb 8-1: USB disconnect, device number 16
[ 1090.363721][T14775] usblp0: removed
[ 1091.939220][T16721] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1095.116898][T16936] FAULT_INJECTION: forcing a failure.
[ 1095.116898][T16936] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1095.116956][T16936] CPU: 1 UID: 0 PID: 16936 Comm: syz.6.3740 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1095.116982][T16936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1095.116996][T16936] Call Trace:
[ 1095.117004][T16936]  <TASK>
[ 1095.117015][T16936]  dump_stack_lvl+0xe8/0x150
[ 1095.117054][T16936]  should_fail_ex+0x46c/0x600
[ 1095.117092][T16936]  _copy_from_user+0x2d/0xb0
[ 1095.117115][T16936]  ___sys_sendmsg+0x158/0x2a0
[ 1095.117146][T16936]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1095.117181][T16936]  ? kstrtouint+0x6e/0xe0
[ 1095.117230][T16936]  ? __fget_files+0x2a/0x420
[ 1095.117252][T16936]  ? __fget_files+0x3a6/0x420
[ 1095.117283][T16936]  __sys_sendmmsg+0x22d/0x430
[ 1095.117313][T16936]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 1095.117346][T16936]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1095.117390][T16936]  ? ksys_write+0x230/0x260
[ 1095.117425][T16936]  ? __pfx_ksys_write+0x10/0x10
[ 1095.117463][T16936]  __x64_sys_sendmmsg+0xa0/0xc0
[ 1095.117506][T16936]  do_syscall_64+0xec/0xf80
[ 1095.117528][T16936]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1095.117551][T16936]  ? trace_irq_disable+0x37/0x100
[ 1095.117575][T16936]  ? clear_bhb_loop+0x60/0xb0
[ 1095.117603][T16936]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1095.117629][T16936] RIP: 0033:0x7f0e0751f749
[ 1095.117650][T16936] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1095.117669][T16936] RSP: 002b:00007f0e05786038 EFLAGS: 00000246 ORIG_RAX: 0000000000000133
[ 1095.117693][T16936] RAX: ffffffffffffffda RBX: 00007f0e07775fa0 RCX: 00007f0e0751f749
[ 1095.117708][T16936] RDX: 0000000000000001 RSI: 0000200000001800 RDI: 0000000000000003
[ 1095.117720][T16936] RBP: 00007f0e05786090 R08: 0000000000000000 R09: 0000000000000000
[ 1095.117732][T16936] R10: 0000000004000000 R11: 0000000000000246 R12: 0000000000000001
[ 1095.117744][T16936] R13: 00007f0e07776038 R14: 00007f0e07775fa0 R15: 00007ffd93548d38
[ 1095.117778][T16936]  </TASK>
[ 1095.516286][T16721] veth0_vlan: entered promiscuous mode
[ 1095.596625][T16721] veth1_vlan: entered promiscuous mode
[ 1095.773337][T16721] veth0_macvtap: entered promiscuous mode
[ 1095.810877][T16721] veth1_macvtap: entered promiscuous mode
[ 1096.183158][T16721] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1096.277395][T16721] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1096.451202][ T6801] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1096.931782][ T6801] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1096.932596][ T6801] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1096.979208][ T6801] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1100.002582][ T6628] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1100.002607][ T6628] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1100.354999][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1100.355025][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1100.765876][T16972] fuse: Bad value for 'fd'
[ 1102.614692][T15544] usb 8-1: new high-speed USB device number 17 using dummy_hcd
[ 1102.786133][T15544] usb 8-1: Using ep0 maxpacket: 32
[ 1102.788939][T15544] usb 8-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1102.788971][T15544] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1103.233536][T15544] usb 8-1: config 0 descriptor??
[ 1103.247518][T15544] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1105.213169][T16999] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3758'.
[ 1105.213212][T16999] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3758'.
[ 1105.273685][T15544] gspca_vc032x: reg_r err -110
[ 1105.273710][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1105.273723][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1105.273734][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1105.273744][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1105.273754][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1105.273765][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1105.273776][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1105.273786][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1105.273797][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1105.273807][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1105.273817][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1105.273827][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1105.273838][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1105.273848][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1105.273858][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1105.273869][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1105.273878][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1105.273888][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1105.273898][T15544] gspca_vc032x: Unknown sensor...
[ 1105.273989][T15544] vc032x 8-1:0.0: probe with driver vc032x failed with error -22
[ 1106.196759][T17011] netlink: 7 bytes leftover after parsing attributes in process `syz.8.3762'.
[ 1106.290386][T17011] netlink: 7 bytes leftover after parsing attributes in process `syz.8.3762'.
[ 1106.368118][T14775] usb 5-1: new full-speed USB device number 18 using dummy_hcd
[ 1106.437342][T17013] netlink: 'syz.6.3752': attribute type 1 has an invalid length.
[ 1106.437370][T17013] netlink: 9188 bytes leftover after parsing attributes in process `syz.6.3752'.
[ 1106.481496][T15572] usb 8-1: USB disconnect, device number 17
[ 1106.541920][T14775] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1106.541970][T14775] usb 5-1: New USB device found, idVendor=057e, idProduct=a00e, bcdDevice= 0.00
[ 1106.541997][T14775] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1106.547442][T14775] usb 5-1: config 0 descriptor??
[ 1106.707013][T17017] fuse: Bad value for 'fd'
[ 1106.821999][T17008] netlink: 19 bytes leftover after parsing attributes in process `syz.4.3763'.
[ 1107.095555][T17008] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1107.096033][T17008] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1107.149150][T14775] usbhid 5-1:0.0: can't add hid device: -71
[ 1107.149280][T14775] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1107.174450][T14775] usb 5-1: USB disconnect, device number 18
[ 1112.795344][T17055] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3775'.
[ 1112.988078][T17056] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3775'.
[ 1113.079823][T17055] bridge5: port 1(veth9) entered blocking state
[ 1113.085211][T17055] bridge5: port 1(veth9) entered disabled state
[ 1113.086169][T17055] veth9: entered allmulticast mode
[ 1113.191396][T17055] veth9: entered promiscuous mode
[ 1113.308591][T15572] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1113.351548][T17060] fuse: Bad value for 'fd'
[ 1113.470704][T15572] usb 9-1: Using ep0 maxpacket: 32
[ 1113.478100][T15572] usb 9-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1113.478133][T15572] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1113.538045][T15572] usb 9-1: config 0 descriptor??
[ 1113.563871][T15572] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1113.662679][T17057] bridge5: port 2(veth11) entered blocking state
[ 1113.662817][T17057] bridge5: port 2(veth11) entered disabled state
[ 1113.663106][T17057] veth11: entered allmulticast mode
[ 1113.671136][T17057] veth11: entered promiscuous mode
[ 1114.749780][T17069] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3774'.
[ 1114.749823][T17069] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3774'.
[ 1114.812851][T15572] gspca_vc032x: reg_r err -110
[ 1114.812873][T15572] gspca_vc032x: I2c Bus Busy Wait 00
[ 1114.812884][T15572] gspca_vc032x: I2c Bus Busy Wait 00
[ 1114.812892][T15572] gspca_vc032x: I2c Bus Busy Wait 00
[ 1114.812902][T15572] gspca_vc032x: I2c Bus Busy Wait 00
[ 1114.812911][T15572] gspca_vc032x: I2c Bus Busy Wait 00
[ 1114.813042][T15572] gspca_vc032x: I2c Bus Busy Wait 00
[ 1114.813052][T15572] gspca_vc032x: I2c Bus Busy Wait 00
[ 1114.813063][T15572] gspca_vc032x: I2c Bus Busy Wait 00
[ 1114.813072][T15572] gspca_vc032x: I2c Bus Busy Wait 00
[ 1114.813081][T15572] gspca_vc032x: I2c Bus Busy Wait 00
[ 1114.813091][T15572] gspca_vc032x: I2c Bus Busy Wait 00
[ 1114.813100][T15572] gspca_vc032x: I2c Bus Busy Wait 00
[ 1114.813110][T15572] gspca_vc032x: I2c Bus Busy Wait 00
[ 1114.813120][T15572] gspca_vc032x: I2c Bus Busy Wait 00
[ 1114.813130][T15572] gspca_vc032x: I2c Bus Busy Wait 00
[ 1114.813139][T15572] gspca_vc032x: I2c Bus Busy Wait 00
[ 1114.813148][T15572] gspca_vc032x: I2c Bus Busy Wait 00
[ 1114.813157][T15572] gspca_vc032x: I2c Bus Busy Wait 00
[ 1114.813167][T15572] gspca_vc032x: Unknown sensor...
[ 1114.813252][T15572] vc032x 9-1:0.0: probe with driver vc032x failed with error -22
[ 1116.656371][T17086] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1117.671166][T14775] usb 9-1: USB disconnect, device number 2
[ 1118.042852][T17096] netlink: 7 bytes leftover after parsing attributes in process `syz.6.3786'.
[ 1118.830445][T17096] netlink: 7 bytes leftover after parsing attributes in process `syz.6.3786'.
[ 1119.192266][T17107] fuse: Bad value for 'fd'
[ 1119.585433][T17115] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3790'.
[ 1122.164413][T15544] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[ 1122.378309][T15544] usb 7-1: Using ep0 maxpacket: 32
[ 1122.517208][T15544] usb 7-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1122.517251][T15544] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1122.524956][T15544] usb 7-1: config 0 descriptor??
[ 1122.575577][T15544] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1123.351563][T17146] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3794'.
[ 1123.351605][T17146] netlink: 16 bytes leftover after parsing attributes in process `syz.6.3794'.
[ 1124.329177][T15544] gspca_vc032x: reg_r err -110
[ 1124.329202][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1124.329214][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1124.329223][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1124.329234][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1124.329298][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1124.329308][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1124.329318][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1124.329328][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1124.329338][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1124.329348][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1124.329358][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1124.329369][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1124.329379][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1124.329389][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1124.329400][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1124.329410][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1124.329420][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1124.329431][T15544] gspca_vc032x: I2c Bus Busy Wait 00
[ 1124.329440][T15544] gspca_vc032x: Unknown sensor...
[ 1124.329540][T15544] vc032x 7-1:0.0: probe with driver vc032x failed with error -22
[ 1124.776114][T17156] autofs: Bad value for 'fd'
[ 1124.892163][T17157] netlink: 7 bytes leftover after parsing attributes in process `syz.5.3800'.
[ 1124.929871][T17159] fuse: Bad value for 'fd'
[ 1124.938150][T17157] netlink: 7 bytes leftover after parsing attributes in process `syz.5.3800'.
[ 1125.603739][ T6011] usb 7-1: USB disconnect, device number 9
[ 1125.617202][T17165] FAULT_INJECTION: forcing a failure.
[ 1125.617202][T17165] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1125.617375][T17165] CPU: 0 UID: 0 PID: 17165 Comm: syz.5.3803 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1125.617404][T17165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1125.617419][T17165] Call Trace:
[ 1125.617428][T17165]  <TASK>
[ 1125.617439][T17165]  dump_stack_lvl+0xe8/0x150
[ 1125.617476][T17165]  should_fail_ex+0x46c/0x600
[ 1125.617515][T17165]  _copy_to_user+0x31/0xb0
[ 1125.617541][T17165]  simple_read_from_buffer+0xe1/0x170
[ 1125.617572][T17165]  proc_fail_nth_read+0x1b6/0x220
[ 1125.617611][T17165]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1125.617650][T17165]  ? rw_verify_area+0x2ac/0x4e0
[ 1125.617682][T17165]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1125.617719][T17165]  vfs_read+0x206/0xa30
[ 1125.617761][T17165]  ? __pfx_vfs_read+0x10/0x10
[ 1125.617797][T17165]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1125.617823][T17165]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1125.617846][T17165]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1125.617871][T17165]  ? mutex_lock_nested+0x154/0x1d0
[ 1125.617901][T17165]  ? fdget_pos+0x253/0x320
[ 1125.617936][T17165]  ksys_read+0x14b/0x260
[ 1125.617979][T17165]  ? __pfx_ksys_read+0x10/0x10
[ 1125.618025][T17165]  do_syscall_64+0xec/0xf80
[ 1125.618049][T17165]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1125.618072][T17165]  ? trace_irq_disable+0x37/0x100
[ 1125.618098][T17165]  ? clear_bhb_loop+0x60/0xb0
[ 1125.618127][T17165]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1125.618150][T17165] RIP: 0033:0x7fd59d7ce15c
[ 1125.618170][T17165] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1125.618190][T17165] RSP: 002b:00007fd59b9ec030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1125.618214][T17165] RAX: ffffffffffffffda RBX: 00007fd59da26180 RCX: 00007fd59d7ce15c
[ 1125.618231][T17165] RDX: 000000000000000f RSI: 00007fd59b9ec0a0 RDI: 0000000000000005
[ 1125.618246][T17165] RBP: 00007fd59b9ec090 R08: 0000000000000000 R09: 0000000000000000
[ 1125.618260][T17165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1125.618274][T17165] R13: 00007fd59da26218 R14: 00007fd59da26180 R15: 00007ffc5a4710c8
[ 1125.618317][T17165]  </TASK>
[ 1126.705753][T17174] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3807'.
[ 1127.178738][ T6011] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1127.358666][ T6011] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 1127.377223][ T6011] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1127.377333][ T6011] usb 9-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1127.377364][ T6011] usb 9-1: config 1 interface 1 has no altsetting 0
[ 1127.471794][ T6011] usb 9-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1127.471828][ T6011] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1127.471852][ T6011] usb 9-1: Product: syz
[ 1127.471875][ T6011] usb 9-1: Manufacturer: syz
[ 1127.471892][ T6011] usb 9-1: SerialNumber: syz
[ 1127.941880][ T6011] usb 9-1: 2:1 : no or invalid class specific endpoint descriptor
[ 1127.941944][ T6011] usb 9-1: found format II with max.bitrate = 2418, frame size=7
[ 1127.942019][ T6011] usb 9-1: 2:1: All rates were zero
[ 1127.986395][T17187] autofs: Unknown parameter '0x0000000000000003'
[ 1128.159542][ T6011] usb 9-1: USB disconnect, device number 3
[ 1128.776042][T17197] fuse: Invalid rootmode
[ 1129.159058][ T6011] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1129.317945][ T6011] usb 9-1: Using ep0 maxpacket: 32
[ 1129.530285][ T6011] usb 9-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 1129.530320][ T6011] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1129.568350][ T6011] usb 9-1: config 0 descriptor??
[ 1130.225807][ T6011] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 1130.616289][T17213] autofs: Unknown parameter '0x0000000000000003'
[ 1131.723468][ T6011] gspca_vc032x: reg_r err -110
[ 1131.723491][ T6011] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.723501][ T6011] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.723511][ T6011] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.723521][ T6011] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.723531][ T6011] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.723540][ T6011] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.723550][ T6011] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.723559][ T6011] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.723568][ T6011] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.723577][ T6011] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.723599][ T6011] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.723609][ T6011] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.723617][ T6011] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.723625][ T6011] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.723651][ T6011] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.723661][ T6011] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.723671][ T6011] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.723681][ T6011] gspca_vc032x: I2c Bus Busy Wait 00
[ 1131.723690][ T6011] gspca_vc032x: Unknown sensor...
[ 1131.723778][ T6011] vc032x 9-1:0.0: probe with driver vc032x failed with error -22
[ 1131.797827][T17215] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3815'.
[ 1131.797867][T17215] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3815'.
[ 1132.362241][T15700] IPVS: starting estimator thread 0...
[ 1133.413383][T17223] IPVS: using max 9 ests per chain, 21600 per kthread
[ 1133.789824][ T6011] usb 9-1: USB disconnect, device number 4
[ 1134.965432][T17238] FAULT_INJECTION: forcing a failure.
[ 1134.965432][T17238] name failslab, interval 1, probability 0, space 0, times 0
[ 1134.965470][T17238] CPU: 1 UID: 0 PID: 17238 Comm: syz.7.3830 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1134.965497][T17238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1134.965511][T17238] Call Trace:
[ 1134.965520][T17238]  <TASK>
[ 1134.965528][T17238]  dump_stack_lvl+0xe8/0x150
[ 1134.965577][T17238]  should_fail_ex+0x46c/0x600
[ 1134.965613][T17238]  should_failslab+0xa8/0x100
[ 1134.965637][T17238]  __kmalloc_noprof+0xe0/0x7e0
[ 1134.965669][T17238]  ? kfree+0x4d/0x900
[ 1134.965696][T17238]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1134.965726][T17238]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1134.965751][T17238]  ? tomoyo_domain+0xd9/0x130
[ 1134.965781][T17238]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1134.965817][T17238]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1134.965852][T17238]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1134.965888][T17238]  ? __lock_acquire+0x6b6/0x2cf0
[ 1134.965922][T17238]  ? do_raw_spin_lock+0x121/0x290
[ 1134.965984][T17238]  ? __fget_files+0x2a/0x420
[ 1134.966011][T17238]  ? __fget_files+0x2a/0x420
[ 1134.966033][T17238]  ? __fget_files+0x3a6/0x420
[ 1134.966055][T17238]  ? __fget_files+0x2a/0x420
[ 1134.966083][T17238]  security_file_ioctl+0xcb/0x2d0
[ 1134.966117][T17238]  __se_sys_ioctl+0x47/0x170
[ 1134.966151][T17238]  do_syscall_64+0xec/0xf80
[ 1134.966173][T17238]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1134.966195][T17238]  ? trace_irq_disable+0x37/0x100
[ 1134.966219][T17238]  ? clear_bhb_loop+0x60/0xb0
[ 1134.966246][T17238]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1134.966286][T17238] RIP: 0033:0x7fdd41e6f749
[ 1134.966305][T17238] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1134.966325][T17238] RSP: 002b:00007fdd400d6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1134.966349][T17238] RAX: ffffffffffffffda RBX: 00007fdd420c5fa0 RCX: 00007fdd41e6f749
[ 1134.966366][T17238] RDX: 0000200000000180 RSI: 00000000c0405602 RDI: 0000000000000003
[ 1134.966381][T17238] RBP: 00007fdd400d6090 R08: 0000000000000000 R09: 0000000000000000
[ 1134.966396][T17238] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1134.966409][T17238] R13: 00007fdd420c6038 R14: 00007fdd420c5fa0 R15: 00007ffe19c482d8
[ 1134.966447][T17238]  </TASK>
[ 1134.966529][T17238] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1135.134631][T17239] fuse: Invalid rootmode
[ 1135.353153][T17244] FAULT_INJECTION: forcing a failure.
[ 1135.353153][T17244] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1135.353189][T17244] CPU: 1 UID: 0 PID: 17244 Comm: syz.8.3833 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1135.353215][T17244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1135.353228][T17244] Call Trace:
[ 1135.353236][T17244]  <TASK>
[ 1135.353245][T17244]  dump_stack_lvl+0xe8/0x150
[ 1135.353281][T17244]  should_fail_ex+0x46c/0x600
[ 1135.353316][T17244]  _copy_from_user+0x2d/0xb0
[ 1135.353339][T17244]  ___sys_recvmsg+0x12e/0x510
[ 1135.353374][T17244]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1135.353409][T17244]  ? __fget_files+0x2a/0x420
[ 1135.353452][T17244]  ? __fget_files+0x3a6/0x420
[ 1135.353486][T17244]  do_recvmmsg+0x30d/0x770
[ 1135.353525][T17244]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1135.353569][T17244]  ? rt_mutex_slowunlock+0x1be/0x2e0
[ 1135.353618][T17244]  __x64_sys_recvmmsg+0x190/0x240
[ 1135.353652][T17244]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1135.353697][T17244]  do_syscall_64+0xec/0xf80
[ 1135.353718][T17244]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1135.353740][T17244]  ? trace_irq_disable+0x37/0x100
[ 1135.353765][T17244]  ? clear_bhb_loop+0x60/0xb0
[ 1135.353792][T17244]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1135.353814][T17244] RIP: 0033:0x7f65d3cef749
[ 1135.353845][T17244] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1135.353872][T17244] RSP: 002b:00007f65d1f56038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1135.353895][T17244] RAX: ffffffffffffffda RBX: 00007f65d3f45fa0 RCX: 00007f65d3cef749
[ 1135.353911][T17244] RDX: 0000000000000001 RSI: 00002000000047c0 RDI: 0000000000000004
[ 1135.353926][T17244] RBP: 00007f65d1f56090 R08: 0000000000000000 R09: 0000000000000000
[ 1135.353940][T17244] R10: 0000000060002000 R11: 0000000000000246 R12: 0000000000000001
[ 1135.353954][T17244] R13: 00007f65d3f46038 R14: 00007f65d3f45fa0 R15: 00007ffeb63fb668
[ 1135.353990][T17244]  </TASK>
[ 1136.530790][T14775] IPVS: starting estimator thread 0...
[ 1136.636477][T17276] IPVS: using max 8 ests per chain, 19200 per kthread
[ 1137.034205][T17284] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1137.035916][T17284] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1138.255783][T14775] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[ 1138.274297][T17292] wireguard0: entered promiscuous mode
[ 1138.274329][T17292] wireguard0: entered allmulticast mode
[ 1138.877767][T17303] tmpfs: Bad value for 'mpol'
[ 1139.018534][   T37] audit: type=1326 audit(1766921634.319:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17302 comm="syz.7.3854" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdd41e6f749 code=0x0
[ 1139.884125][T17331] FAULT_INJECTION: forcing a failure.
[ 1139.884125][T17331] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1139.884163][T17331] CPU: 1 UID: 0 PID: 17331 Comm: syz.5.3862 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1139.884190][T17331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1139.884204][T17331] Call Trace:
[ 1139.884213][T17331]  <TASK>
[ 1139.884223][T17331]  dump_stack_lvl+0xe8/0x150
[ 1139.884260][T17331]  should_fail_ex+0x46c/0x600
[ 1139.884344][T17331]  _copy_from_user+0x2d/0xb0
[ 1139.884369][T17331]  do_sock_getsockopt+0x15c/0x3d0
[ 1139.884403][T17331]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1139.884437][T17331]  ? __fget_files+0x3a6/0x420
[ 1139.884469][T17331]  ? __fget_files+0x2a/0x420
[ 1139.884502][T17331]  __x64_sys_getsockopt+0x1ab/0x250
[ 1139.884542][T17331]  do_syscall_64+0xec/0xf80
[ 1139.884567][T17331]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1139.884589][T17331]  ? trace_irq_disable+0x37/0x100
[ 1139.884615][T17331]  ? clear_bhb_loop+0x60/0xb0
[ 1139.884643][T17331]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1139.884666][T17331] RIP: 0033:0x7fd59d7cf749
[ 1139.884686][T17331] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1139.884706][T17331] RSP: 002b:00007fd59ba2e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 1139.884731][T17331] RAX: ffffffffffffffda RBX: 00007fd59da25fa0 RCX: 00007fd59d7cf749
[ 1139.884748][T17331] RDX: 0000000000000007 RSI: 000000000000003a RDI: 0000000000000003
[ 1139.884762][T17331] RBP: 00007fd59ba2e090 R08: 0000000000000000 R09: 0000000000000000
[ 1139.884776][T17331] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1139.884790][T17331] R13: 00007fd59da26038 R14: 00007fd59da25fa0 R15: 00007ffc5a4710c8
[ 1139.884827][T17331]  </TASK>
[ 1140.100650][T17317] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1140.105767][T17317] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1140.241250][T17317] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1140.545949][T14142] usb 8-1: new high-speed USB device number 18 using dummy_hcd
[ 1140.863002][T14142] usb 8-1: config 1 has an invalid descriptor of length 107, skipping remainder of the config
[ 1140.863035][T14142] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1140.865153][T14142] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1140.865186][T14142] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1140.865209][T14142] usb 8-1: SerialNumber: syz
[ 1141.498791][T15948] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1143.711608][T15948] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1143.879757][T14142] usb 8-1: 0:2 : does not exist
[ 1144.218769][T14142] usb 8-1: USB disconnect, device number 18
[ 1144.284202][T17402] autofs: Unknown parameter '0x0000000000000003'
[ 1145.192544][T17412] FAULT_INJECTION: forcing a failure.
[ 1145.192544][T17412] name failslab, interval 1, probability 0, space 0, times 0
[ 1145.192582][T17412] CPU: 0 UID: 0 PID: 17412 Comm: syz.5.3894 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1145.192610][T17412] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1145.192625][T17412] Call Trace:
[ 1145.192634][T17412]  <TASK>
[ 1145.192644][T17412]  dump_stack_lvl+0xe8/0x150
[ 1145.192681][T17412]  should_fail_ex+0x46c/0x600
[ 1145.192718][T17412]  ? getname_flags+0xb8/0x540
[ 1145.192742][T17412]  should_failslab+0xa8/0x100
[ 1145.192765][T17412]  ? getname_flags+0xb8/0x540
[ 1145.192786][T17412]  kmem_cache_alloc_noprof+0x84/0x6c0
[ 1145.192819][T17412]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1145.192843][T17412]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1145.192872][T17412]  getname_flags+0xb8/0x540
[ 1145.192901][T17412]  user_path_at+0x24/0x60
[ 1145.192933][T17412]  do_fchmodat+0xef/0x200
[ 1145.192962][T17412]  ? __pfx_do_fchmodat+0x10/0x10
[ 1145.192989][T17412]  ? __pfx_ksys_write+0x10/0x10
[ 1145.193032][T17412]  __x64_sys_chmod+0x62/0x70
[ 1145.193057][T17412]  do_syscall_64+0xec/0xf80
[ 1145.193080][T17412]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1145.193103][T17412]  ? trace_irq_disable+0x37/0x100
[ 1145.193128][T17412]  ? clear_bhb_loop+0x60/0xb0
[ 1145.193157][T17412]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1145.193181][T17412] RIP: 0033:0x7fd59d7cf749
[ 1145.193349][T17412] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1145.193369][T17412] RSP: 002b:00007fd59b9ec038 EFLAGS: 00000246 ORIG_RAX: 000000000000005a
[ 1145.193393][T17412] RAX: ffffffffffffffda RBX: 00007fd59da26180 RCX: 00007fd59d7cf749
[ 1145.193410][T17412] RDX: 0000000000000000 RSI: 0000000000000379 RDI: 0000200000000180
[ 1145.193423][T17412] RBP: 00007fd59b9ec090 R08: 0000000000000000 R09: 0000000000000000
[ 1145.193437][T17412] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1145.193449][T17412] R13: 00007fd59da26218 R14: 00007fd59da26180 R15: 00007ffc5a4710c8
[ 1145.193487][T17412]  </TASK>
[ 1145.935697][T15948] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1146.071434][T17417] FAULT_INJECTION: forcing a failure.
[ 1146.071434][T17417] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1146.071471][T17417] CPU: 0 UID: 0 PID: 17417 Comm: syz.5.3896 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1146.071496][T17417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1146.071510][T17417] Call Trace:
[ 1146.071519][T17417]  <TASK>
[ 1146.071528][T17417]  dump_stack_lvl+0xe8/0x150
[ 1146.071563][T17417]  should_fail_ex+0x46c/0x600
[ 1146.071599][T17417]  _copy_from_user+0x2d/0xb0
[ 1146.071622][T17417]  ___sys_sendmsg+0x158/0x2a0
[ 1146.071674][T17417]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1146.071743][T17417]  ? __fget_files+0x2a/0x420
[ 1146.071767][T17417]  ? __fget_files+0x3a6/0x420
[ 1146.071803][T17417]  __x64_sys_sendmsg+0x1a1/0x260
[ 1146.071836][T17417]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1146.071878][T17417]  ? __pfx_ksys_write+0x10/0x10
[ 1146.071924][T17417]  do_syscall_64+0xec/0xf80
[ 1146.071956][T17417]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1146.071978][T17417]  ? trace_irq_disable+0x37/0x100
[ 1146.072002][T17417]  ? clear_bhb_loop+0x60/0xb0
[ 1146.072030][T17417]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1146.072053][T17417] RIP: 0033:0x7fd59d7cf749
[ 1146.072073][T17417] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1146.072093][T17417] RSP: 002b:00007fd59ba2e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1146.072117][T17417] RAX: ffffffffffffffda RBX: 00007fd59da25fa0 RCX: 00007fd59d7cf749
[ 1146.072134][T17417] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000004
[ 1146.072148][T17417] RBP: 00007fd59ba2e090 R08: 0000000000000000 R09: 0000000000000000
[ 1146.072162][T17417] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1146.072176][T17417] R13: 00007fd59da26038 R14: 00007fd59da25fa0 R15: 00007ffc5a4710c8
[ 1146.072212][T17417]  </TASK>
[ 1146.640407][T14280] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1146.671627][T17431] autofs: Unknown parameter 'fd0x0000000000000003'
[ 1147.529062][T14280] usb 9-1: Using ep0 maxpacket: 32
[ 1147.607541][T14280] usb 9-1: config 127 has an invalid interface number: 86 but max is 0
[ 1147.607576][T14280] usb 9-1: config 127 has no interface number 0
[ 1147.607621][T14280] usb 9-1: config 127 interface 86 has no altsetting 0
[ 1147.662012][T14280] usb 9-1: New USB device found, idVendor=0af7, idProduct=0101, bcdDevice=a1.8c
[ 1147.662049][T14280] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1147.662072][T14280] usb 9-1: Product: syz
[ 1147.662088][T14280] usb 9-1: Manufacturer: syz
[ 1147.662105][T14280] usb 9-1: SerialNumber: syz
[ 1147.898576][T14280] flexcop_usb: set interface failed.
[ 1147.898679][T14280] b2c2_flexcop_usb 9-1:127.86: probe with driver b2c2_flexcop_usb failed with error -22
[ 1148.129795][T17449] FAULT_INJECTION: forcing a failure.
[ 1148.129795][T17449] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1148.129860][T17449] CPU: 1 UID: 0 PID: 17449 Comm: syz.4.3906 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1148.129888][T17449] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1148.129903][T17449] Call Trace:
[ 1148.129912][T17449]  <TASK>
[ 1148.129922][T17449]  dump_stack_lvl+0xe8/0x150
[ 1148.129960][T17449]  should_fail_ex+0x46c/0x600
[ 1148.129998][T17449]  _copy_from_user+0x2d/0xb0
[ 1148.130022][T17449]  __sys_connect+0x124/0x450
[ 1148.130052][T17449]  ? __pfx___sys_connect+0x10/0x10
[ 1148.130103][T17449]  __x64_sys_connect+0x7a/0x90
[ 1148.130131][T17449]  do_syscall_64+0xec/0xf80
[ 1148.130154][T17449]  ? rcu_is_watching+0x15/0xb0
[ 1148.130175][T17449]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1148.130199][T17449]  ? clear_bhb_loop+0x60/0xb0
[ 1148.130227][T17449]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1148.130263][T17449] RIP: 0033:0x7fcec120f749
[ 1148.130282][T17449] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1148.130302][T17449] RSP: 002b:00007fcebf42c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 1148.130325][T17449] RAX: ffffffffffffffda RBX: 00007fcec1466180 RCX: 00007fcec120f749
[ 1148.130342][T17449] RDX: 0000000000000010 RSI: 0000200000000200 RDI: 0000000000000005
[ 1148.130356][T17449] RBP: 00007fcebf42c090 R08: 0000000000000000 R09: 0000000000000000
[ 1148.130370][T17449] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1148.130384][T17449] R13: 00007fcec1466218 R14: 00007fcec1466180 R15: 00007ffe4a253a48
[ 1148.130419][T17449]  </TASK>
[ 1149.102782][T17451] IPv6: Can't replace route, no match found
[ 1149.118369][T14280] usb 9-1: USB disconnect, device number 5
[ 1149.165587][T17456] netlink: 40 bytes leftover after parsing attributes in process `syz.6.3907'.
[ 1151.362966][T17476] autofs: Unknown parameter 'fd0x0000000000000003'
[ 1152.012403][T17491] netlink: 7 bytes leftover after parsing attributes in process `syz.8.3919'.
[ 1152.058653][T17493] FAULT_INJECTION: forcing a failure.
[ 1152.058653][T17493] name failslab, interval 1, probability 0, space 0, times 0
[ 1152.058692][T17493] CPU: 0 UID: 0 PID: 17493 Comm: syz.5.3923 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1152.058719][T17493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1152.058733][T17493] Call Trace:
[ 1152.058743][T17493]  <TASK>
[ 1152.058753][T17493]  dump_stack_lvl+0xe8/0x150
[ 1152.058790][T17493]  should_fail_ex+0x46c/0x600
[ 1152.058827][T17493]  ? __alloc_skb+0x1dc/0x3a0
[ 1152.058853][T17493]  should_failslab+0xa8/0x100
[ 1152.058877][T17493]  ? __alloc_skb+0x1dc/0x3a0
[ 1152.058912][T17493]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[ 1152.058946][T17493]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1152.058971][T17493]  ? __alloc_skb+0x198/0x3a0
[ 1152.058997][T17493]  __alloc_skb+0x1dc/0x3a0
[ 1152.059027][T17493]  alloc_skb_with_frags+0xca/0x890
[ 1152.059058][T17493]  ? unwind_next_frame+0xa5/0x23d0
[ 1152.059093][T17493]  ? is_bpf_text_address+0x26/0x2b0
[ 1152.059127][T17493]  sock_alloc_send_pskb+0x859/0x990
[ 1152.059179][T17493]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[ 1152.059212][T17493]  ? __pfx_smack_socket_sendmsg+0x10/0x10
[ 1152.059273][T17493]  ? __lock_acquire+0x6b6/0x2cf0
[ 1152.059318][T17493]  hci_sock_sendmsg+0x1fe/0xf30
[ 1152.059354][T17493]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x300
[ 1152.059382][T17493]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[ 1152.059422][T17493]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1152.059453][T17493]  ? __pfx_hci_sock_sendmsg+0x10/0x10
[ 1152.059487][T17493]  __sock_sendmsg+0x21c/0x270
[ 1152.059527][T17493]  sock_write_iter+0x27f/0x370
[ 1152.059565][T17493]  ? __pfx_sock_write_iter+0x10/0x10
[ 1152.059624][T17493]  vfs_write+0x5d5/0xb40
[ 1152.059663][T17493]  ? __pfx_sock_write_iter+0x10/0x10
[ 1152.059699][T17493]  ? __pfx_vfs_write+0x10/0x10
[ 1152.059743][T17493]  ? __fget_files+0x2a/0x420
[ 1152.059778][T17493]  ksys_write+0x14b/0x260
[ 1152.059814][T17493]  ? __pfx_ksys_write+0x10/0x10
[ 1152.059860][T17493]  do_syscall_64+0xec/0xf80
[ 1152.059884][T17493]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1152.059907][T17493]  ? trace_irq_disable+0x37/0x100
[ 1152.059932][T17493]  ? clear_bhb_loop+0x60/0xb0
[ 1152.059960][T17493]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1152.059984][T17493] RIP: 0033:0x7fd59d7cf749
[ 1152.060004][T17493] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1152.060024][T17493] RSP: 002b:00007fd59ba2e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1152.060048][T17493] RAX: ffffffffffffffda RBX: 00007fd59da25fa0 RCX: 00007fd59d7cf749
[ 1152.060064][T17493] RDX: 000000000000000d RSI: 0000200000000000 RDI: 0000000000000004
[ 1152.060078][T17493] RBP: 00007fd59ba2e090 R08: 0000000000000000 R09: 0000000000000000
[ 1152.060091][T17493] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1152.060103][T17493] R13: 00007fd59da26038 R14: 00007fd59da25fa0 R15: 00007ffc5a4710c8
[ 1152.060139][T17493]  </TASK>
[ 1152.373510][T13536] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[ 1152.452670][T17491] netlink: 7 bytes leftover after parsing attributes in process `syz.8.3919'.
[ 1152.535481][T17496] FAULT_INJECTION: forcing a failure.
[ 1152.535481][T17496] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1152.535520][T17496] CPU: 1 UID: 0 PID: 17496 Comm: syz.6.3920 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1152.535553][T17496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1152.535568][T17496] Call Trace:
[ 1152.535577][T17496]  <TASK>
[ 1152.535587][T17496]  dump_stack_lvl+0xe8/0x150
[ 1152.535624][T17496]  should_fail_ex+0x46c/0x600
[ 1152.535661][T17496]  _copy_to_user+0x31/0xb0
[ 1152.535686][T17496]  simple_read_from_buffer+0xe1/0x170
[ 1152.535716][T17496]  proc_fail_nth_read+0x1b6/0x220
[ 1152.535754][T17496]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1152.535793][T17496]  ? rw_verify_area+0x2ac/0x4e0
[ 1152.535823][T17496]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1152.535860][T17496]  vfs_read+0x206/0xa30
[ 1152.535900][T17496]  ? __pfx_vfs_read+0x10/0x10
[ 1152.535935][T17496]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1152.535959][T17496]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1152.535982][T17496]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1152.536004][T17496]  ? mutex_lock_nested+0x154/0x1d0
[ 1152.536034][T17496]  ? fdget_pos+0x253/0x320
[ 1152.536068][T17496]  ksys_read+0x14b/0x260
[ 1152.536104][T17496]  ? __pfx_ksys_read+0x10/0x10
[ 1152.536148][T17496]  do_syscall_64+0xec/0xf80
[ 1152.536171][T17496]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1152.536193][T17496]  ? trace_irq_disable+0x37/0x100
[ 1152.536217][T17496]  ? clear_bhb_loop+0x60/0xb0
[ 1152.536245][T17496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1152.536267][T17496] RIP: 0033:0x7f0e0751e15c
[ 1152.536288][T17496] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1152.536308][T17496] RSP: 002b:00007f0e05744030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1152.536349][T17496] RAX: ffffffffffffffda RBX: 00007f0e07776180 RCX: 00007f0e0751e15c
[ 1152.536366][T17496] RDX: 000000000000000f RSI: 00007f0e057440a0 RDI: 0000000000000007
[ 1152.536381][T17496] RBP: 00007f0e05744090 R08: 0000000000000000 R09: 0000000000000000
[ 1152.536395][T17496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1152.536410][T17496] R13: 00007f0e07776218 R14: 00007f0e07776180 R15: 00007ffd93548d38
[ 1152.536460][T17496]  </TASK>
[ 1152.611138][T13536] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1152.611190][T13536] usb 5-1: New USB device found, idVendor=04d8, idProduct=f372, bcdDevice= 0.00
[ 1152.611217][T13536] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1152.892056][T13536] usb 5-1: config 0 descriptor??
[ 1152.996241][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[ 1152.997644][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[ 1153.432046][T17504] netlink: 7 bytes leftover after parsing attributes in process `syz.8.3928'.
[ 1153.606967][T13536] hid-led 0003:04D8:F372.0004: hidraw0: USB HID v0.00 Device [HID 04d8:f372] on usb-dummy_hcd.4-1/input0
[ 1153.698286][T13536] hid-led 0003:04D8:F372.0004: Greynut Luxafor initialized
[ 1154.631822][T17516] FAULT_INJECTION: forcing a failure.
[ 1154.631822][T17516] name failslab, interval 1, probability 0, space 0, times 0
[ 1154.631885][T17516] CPU: 1 UID: 0 PID: 17516 Comm: syz.5.3931 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1154.631912][T17516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1154.631927][T17516] Call Trace:
[ 1154.631936][T17516]  <TASK>
[ 1154.631946][T17516]  dump_stack_lvl+0xe8/0x150
[ 1154.632001][T17516]  should_fail_ex+0x46c/0x600
[ 1154.632040][T17516]  should_failslab+0xa8/0x100
[ 1154.632065][T17516]  __kmalloc_cache_noprof+0x84/0x6d0
[ 1154.632103][T17516]  ? ceph_get_tree+0x1b2/0x1a10
[ 1154.632153][T17516]  ceph_get_tree+0x1b2/0x1a10
[ 1154.632190][T17516]  ? safesetid_security_capable+0xa9/0x1a0
[ 1154.632232][T17516]  vfs_get_tree+0x92/0x2a0
[ 1154.632270][T17516]  vfs_cmd_create+0xa2/0x200
[ 1154.632310][T17516]  __se_sys_fsconfig+0x794/0x8e0
[ 1154.632353][T17516]  ? __pfx___se_sys_fsconfig+0x10/0x10
[ 1154.632386][T17516]  ? ksys_write+0x230/0x260
[ 1154.632423][T17516]  ? __pfx_ksys_write+0x10/0x10
[ 1154.632463][T17516]  ? __x64_sys_fsconfig+0x20/0xc0
[ 1154.632501][T17516]  do_syscall_64+0xec/0xf80
[ 1154.632525][T17516]  ? rcu_is_watching+0x15/0xb0
[ 1154.632545][T17516]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1154.632569][T17516]  ? clear_bhb_loop+0x60/0xb0
[ 1154.632598][T17516]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1154.632622][T17516] RIP: 0033:0x7fd59d7cf749
[ 1154.632642][T17516] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1154.632663][T17516] RSP: 002b:00007fd59b9ec038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[ 1154.632687][T17516] RAX: ffffffffffffffda RBX: 00007fd59da26180 RCX: 00007fd59d7cf749
[ 1154.632705][T17516] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000007
[ 1154.632718][T17516] RBP: 00007fd59b9ec090 R08: 0000000000000000 R09: 0000000000000000
[ 1154.632733][T17516] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1154.632759][T17516] R13: 00007fd59da26218 R14: 00007fd59da26180 R15: 00007ffc5a4710c8
[ 1154.632796][T17516]  </TASK>
[ 1155.279157][T14280] usb 5-1: USB disconnect, device number 20
[ 1155.340764][ T6802] leds luxafor0:blue:led5: Setting an LED's brightness failed (-38)
[ 1155.366324][T14107] leds luxafor0:green:led5: Setting an LED's brightness failed (-38)
[ 1155.388489][T14107] leds luxafor0:red:led5: Setting an LED's brightness failed (-38)
[ 1155.401706][T14107] leds luxafor0:blue:led4: Setting an LED's brightness failed (-38)
[ 1155.464599][ T6801] leds luxafor0:green:led4: Setting an LED's brightness failed (-38)
[ 1155.561449][T17527] FAULT_INJECTION: forcing a failure.
[ 1155.561449][T17527] name failslab, interval 1, probability 0, space 0, times 0
[ 1155.561486][T17527] CPU: 0 UID: 0 PID: 17527 Comm: syz.5.3936 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1155.561513][T17527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1155.561527][T17527] Call Trace:
[ 1155.561536][T17527]  <TASK>
[ 1155.561545][T17527]  dump_stack_lvl+0xe8/0x150
[ 1155.561582][T17527]  should_fail_ex+0x46c/0x600
[ 1155.561617][T17527]  ? __alloc_skb+0x1dc/0x3a0
[ 1155.561641][T17527]  should_failslab+0xa8/0x100
[ 1155.561664][T17527]  ? __alloc_skb+0x1dc/0x3a0
[ 1155.561687][T17527]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[ 1155.561721][T17527]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1155.561745][T17527]  ? __alloc_skb+0x198/0x3a0
[ 1155.561771][T17527]  __alloc_skb+0x1dc/0x3a0
[ 1155.561801][T17527]  alloc_skb_with_frags+0xca/0x890
[ 1155.561833][T17527]  ? __lock_acquire+0x6b6/0x2cf0
[ 1155.561867][T17527]  ? __lock_acquire+0x6b6/0x2cf0
[ 1155.561901][T17527]  sock_alloc_send_pskb+0x859/0x990
[ 1155.561952][T17527]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[ 1155.561982][T17527]  ? is_bpf_text_address+0x26/0x2b0
[ 1155.562027][T17527]  ? __lock_acquire+0x6b6/0x2cf0
[ 1155.562064][T17527]  tun_get_user+0xa4e/0x3de0
[ 1155.562116][T17527]  ? __pfx_tun_get_user+0x10/0x10
[ 1155.562148][T17527]  ? __lock_acquire+0x6b6/0x2cf0
[ 1155.562181][T17527]  ? kstrtoull+0x12f/0x1d0
[ 1155.562218][T17527]  ? ref_tracker_alloc+0x2fe/0x450
[ 1155.562247][T17527]  ? get_pid_task+0x20/0x1f0
[ 1155.562282][T17527]  ? __pfx_ref_tracker_alloc+0x10/0x10
[ 1155.562315][T17527]  ? tun_get+0x1c/0x2f0
[ 1155.562343][T17527]  ? tun_get+0x1c/0x2f0
[ 1155.562376][T17527]  ? tun_get+0x1c/0x2f0
[ 1155.562403][T17527]  ? tun_get+0x1c/0x2f0
[ 1155.562436][T17527]  tun_chr_write_iter+0x119/0x200
[ 1155.562467][T17527]  vfs_write+0x5d5/0xb40
[ 1155.562504][T17527]  ? __pfx_tun_chr_write_iter+0x10/0x10
[ 1155.562534][T17527]  ? __pfx_vfs_write+0x10/0x10
[ 1155.562576][T17527]  ? __fget_files+0x2a/0x420
[ 1155.562610][T17527]  ksys_write+0x14b/0x260
[ 1155.562645][T17527]  ? __pfx_ksys_write+0x10/0x10
[ 1155.562688][T17527]  do_syscall_64+0xec/0xf80
[ 1155.562711][T17527]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1155.562750][T17527]  ? trace_irq_disable+0x37/0x100
[ 1155.562775][T17527]  ? clear_bhb_loop+0x60/0xb0
[ 1155.562804][T17527]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1155.562827][T17527] RIP: 0033:0x7fd59d7ce1ff
[ 1155.562848][T17527] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[ 1155.562889][T17527] RSP: 002b:00007fd59ba0d000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[ 1155.562914][T17527] RAX: ffffffffffffffda RBX: 00007fd59da26090 RCX: 00007fd59d7ce1ff
[ 1155.562931][T17527] RDX: 0000000000000f87 RSI: 0000200000000000 RDI: 00000000000000c8
[ 1155.562946][T17527] RBP: 00007fd59ba0d090 R08: 0000000000000000 R09: 0000000000000000
[ 1155.562960][T17527] R10: 0000000000000f87 R11: 0000000000000293 R12: 0000000000000001
[ 1155.562974][T17527] R13: 00007fd59da26128 R14: 00007fd59da26090 R15: 00007ffc5a4710c8
[ 1155.563022][T17527]  </TASK>
[ 1155.905192][T15544] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[ 1155.947669][T14025] leds luxafor0:red:led4: Setting an LED's brightness failed (-38)
[ 1155.950439][T14025] leds luxafor0:blue:led3: Setting an LED's brightness failed (-38)
[ 1155.953861][T14025] leds luxafor0:green:led3: Setting an LED's brightness failed (-38)
[ 1155.954969][T14025] leds luxafor0:red:led3: Setting an LED's brightness failed (-38)
[ 1156.051231][T17530] fuse: Bad value for 'fd'
[ 1156.539504][ T6325] leds luxafor0:blue:led2: Setting an LED's brightness failed (-38)
[ 1156.561439][ T6325] leds luxafor0:green:led2: Setting an LED's brightness failed (-38)
[ 1156.562953][ T6325] leds luxafor0:red:led2: Setting an LED's brightness failed (-38)
[ 1156.566842][ T6325] leds luxafor0:blue:led1: Setting an LED's brightness failed (-38)
[ 1156.573837][ T6802] leds luxafor0:green:led1: Setting an LED's brightness failed (-38)
[ 1156.575586][T14025] leds luxafor0:red:led1: Setting an LED's brightness failed (-38)
[ 1156.583823][T14025] leds luxafor0:blue:led0: Setting an LED's brightness failed (-38)
[ 1156.733893][T14025] leds luxafor0:green:led0: Setting an LED's brightness failed (-38)
[ 1156.742659][ T6798] leds luxafor0:red:led0: Setting an LED's brightness failed (-38)
[ 1156.747243][T15544] usb 9-1: Using ep0 maxpacket: 16
[ 1156.749661][T15544] usb 9-1: config 0 has an invalid interface number: 120 but max is 0
[ 1156.749689][T15544] usb 9-1: config 0 has no interface number 0
[ 1156.749741][T15544] usb 9-1: config 0 interface 120 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1156.749767][T15544] usb 9-1: config 0 interface 120 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1156.753017][T15544] usb 9-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=ac.13
[ 1156.753047][T15544] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1156.753071][T15544] usb 9-1: Product: syz
[ 1156.753087][T15544] usb 9-1: Manufacturer: syz
[ 1156.753103][T15544] usb 9-1: SerialNumber: syz
[ 1156.758962][T15544] usb 9-1: config 0 descriptor??
[ 1157.158437][T15544] msi2500 9-1:0.120: Registered as swradio24
[ 1157.158463][T15544] msi2500 9-1:0.120: SDR API is still slightly experimental and functionality changes may follow
[ 1157.171962][T15544] usb 9-1: USB disconnect, device number 6
[ 1157.627821][T13536] kernel read not supported for file /input/event2 (pid: 13536 comm: kworker/0:2)
[ 1157.647988][T17565] FAULT_INJECTION: forcing a failure.
[ 1157.647988][T17565] name failslab, interval 1, probability 0, space 0, times 0
[ 1157.648070][T17565] CPU: 1 UID: 0 PID: 17565 Comm: syz.6.3944 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1157.648143][T17565] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1157.648196][T17565] Call Trace:
[ 1157.648223][T17565]  <TASK>
[ 1157.648251][T17565]  dump_stack_lvl+0xe8/0x150
[ 1157.648356][T17565]  should_fail_ex+0x46c/0x600
[ 1157.648447][T17565]  should_failslab+0xa8/0x100
[ 1157.648507][T17565]  __kmalloc_noprof+0xe0/0x7e0
[ 1157.648591][T17565]  ? kfree+0x4d/0x900
[ 1157.648653][T17565]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1157.648726][T17565]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1157.648796][T17565]  ? tomoyo_domain+0xd9/0x130
[ 1157.648880][T17565]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1157.648982][T17565]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1157.649074][T17565]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1157.649148][T17565]  ? __lock_acquire+0x6b6/0x2cf0
[ 1157.649246][T17565]  ? do_raw_spin_lock+0x121/0x290
[ 1157.649404][T17565]  ? __fget_files+0x2a/0x420
[ 1157.649468][T17565]  ? __fget_files+0x2a/0x420
[ 1157.649528][T17565]  ? __fget_files+0x3a6/0x420
[ 1157.649595][T17565]  ? __fget_files+0x2a/0x420
[ 1157.649671][T17565]  security_file_ioctl+0xcb/0x2d0
[ 1157.649754][T17565]  __se_sys_ioctl+0x47/0x170
[ 1157.649838][T17565]  do_syscall_64+0xec/0xf80
[ 1157.649909][T17565]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1157.649950][T17565]  ? trace_irq_disable+0x37/0x100
[ 1157.650013][T17565]  ? clear_bhb_loop+0x60/0xb0
[ 1157.650084][T17565]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1157.650139][T17565] RIP: 0033:0x7f0e0751f749
[ 1157.650193][T17565] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1157.650245][T17565] RSP: 002b:00007f0e05744038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1157.650294][T17565] RAX: ffffffffffffffda RBX: 00007f0e07776180 RCX: 00007f0e0751f749
[ 1157.650336][T17565] RDX: 0000200000000040 RSI: 0000000000005412 RDI: 0000000000000003
[ 1157.650350][T17565] RBP: 00007f0e05744090 R08: 0000000000000000 R09: 0000000000000000
[ 1157.650363][T17565] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1157.650376][T17565] R13: 00007f0e07776218 R14: 00007f0e07776180 R15: 00007ffd93548d38
[ 1157.650481][T17565]  </TASK>
[ 1157.680878][T17565] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1157.951883][T17572] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3950'.
[ 1158.106033][T17570] netlink: 24 bytes leftover after parsing attributes in process `syz.7.3947'.
[ 1158.905488][T17589] netlink: 7 bytes leftover after parsing attributes in process `syz.6.3956'.
[ 1159.102743][T17595] FAULT_INJECTION: forcing a failure.
[ 1159.102743][T17595] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1159.102771][T17595] CPU: 0 UID: 0 PID: 17595 Comm: syz.5.3958 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1159.102790][T17595] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1159.102800][T17595] Call Trace:
[ 1159.102806][T17595]  <TASK>
[ 1159.102813][T17595]  dump_stack_lvl+0xe8/0x150
[ 1159.102840][T17595]  should_fail_ex+0x46c/0x600
[ 1159.102866][T17595]  _copy_from_user+0x2d/0xb0
[ 1159.102883][T17595]  __sys_bpf+0x1e3/0x860
[ 1159.102903][T17595]  ? __pfx___sys_bpf+0x10/0x10
[ 1159.102919][T17595]  ? rt_mutex_slowunlock+0x1be/0x2e0
[ 1159.102953][T17595]  ? ksys_write+0x230/0x260
[ 1159.102986][T17595]  ? __pfx_ksys_write+0x10/0x10
[ 1159.103014][T17595]  __x64_sys_bpf+0x7c/0x90
[ 1159.103031][T17595]  do_syscall_64+0xec/0xf80
[ 1159.103047][T17595]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1159.103062][T17595]  ? trace_irq_disable+0x37/0x100
[ 1159.103080][T17595]  ? clear_bhb_loop+0x60/0xb0
[ 1159.103099][T17595]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1159.103114][T17595] RIP: 0033:0x7fd59d7cf749
[ 1159.103128][T17595] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1159.103142][T17595] RSP: 002b:00007fd59ba2e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1159.103159][T17595] RAX: ffffffffffffffda RBX: 00007fd59da25fa0 RCX: 00007fd59d7cf749
[ 1159.103171][T17595] RDX: 0000000000000010 RSI: 0000200000000500 RDI: 0000000000000011
[ 1159.103181][T17595] RBP: 00007fd59ba2e090 R08: 0000000000000000 R09: 0000000000000000
[ 1159.103191][T17595] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1159.103201][T17595] R13: 00007fd59da26038 R14: 00007fd59da25fa0 R15: 00007ffc5a4710c8
[ 1159.103237][T17595]  </TASK>
[ 1161.248493][T17625] netlink: 7 bytes leftover after parsing attributes in process `syz.4.3970'.
[ 1161.248734][T17625] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3970'.
[ 1161.248797][T17625] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3970'.
[ 1163.080692][T17659] FAULT_INJECTION: forcing a failure.
[ 1163.080692][T17659] name failslab, interval 1, probability 0, space 0, times 0
[ 1163.080757][T17659] CPU: 0 UID: 0 PID: 17659 Comm: syz.4.3980 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1163.080783][T17659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1163.080798][T17659] Call Trace:
[ 1163.080807][T17659]  <TASK>
[ 1163.080817][T17659]  dump_stack_lvl+0xe8/0x150
[ 1163.080856][T17659]  should_fail_ex+0x46c/0x600
[ 1163.080889][T17659]  ? __pfx_test_keyed_super+0x10/0x10
[ 1163.080923][T17659]  should_failslab+0xa8/0x100
[ 1163.080948][T17659]  __kmalloc_cache_noprof+0x84/0x6d0
[ 1163.080985][T17659]  ? alloc_super+0x5b/0xab0
[ 1163.081013][T17659]  ? __pfx_test_keyed_super+0x10/0x10
[ 1163.081045][T17659]  alloc_super+0x5b/0xab0
[ 1163.081075][T17659]  ? rt_spin_unlock+0x161/0x200
[ 1163.081106][T17659]  ? __pfx_test_keyed_super+0x10/0x10
[ 1163.081137][T17659]  sget_fc+0x329/0xa40
[ 1163.081169][T17659]  ? __pfx_set_anon_super_fc+0x10/0x10
[ 1163.081199][T17659]  ? __pfx_nfsd_fill_super+0x10/0x10
[ 1163.081236][T17659]  get_tree_keyed+0x5c/0x170
[ 1163.081270][T17659]  vfs_get_tree+0x92/0x2a0
[ 1163.081306][T17659]  vfs_cmd_create+0xa2/0x200
[ 1163.081345][T17659]  __se_sys_fsconfig+0x794/0x8e0
[ 1163.081403][T17659]  ? __pfx___se_sys_fsconfig+0x10/0x10
[ 1163.081453][T17659]  ? __x64_sys_fsconfig+0x20/0xc0
[ 1163.081491][T17659]  do_syscall_64+0xec/0xf80
[ 1163.081517][T17659]  ? rcu_is_watching+0x15/0xb0
[ 1163.081538][T17659]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1163.081562][T17659]  ? clear_bhb_loop+0x60/0xb0
[ 1163.081597][T17659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1163.081620][T17659] RIP: 0033:0x7fcec120f749
[ 1163.081642][T17659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1163.081662][T17659] RSP: 002b:00007fcebf42c038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[ 1163.081686][T17659] RAX: ffffffffffffffda RBX: 00007fcec1466180 RCX: 00007fcec120f749
[ 1163.081704][T17659] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000006
[ 1163.081718][T17659] RBP: 00007fcebf42c090 R08: 0000000000000000 R09: 0000000000000000
[ 1163.081733][T17659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1163.081747][T17659] R13: 00007fcec1466218 R14: 00007fcec1466180 R15: 00007ffe4a253a48
[ 1163.081785][T17659]  </TASK>
[ 1163.499744][T14280] usb 8-1: new high-speed USB device number 19 using dummy_hcd
[ 1163.880196][T14280] usb 8-1: Using ep0 maxpacket: 32
[ 1163.883015][T14280] usb 8-1: config 0 has an invalid interface number: 85 but max is 0
[ 1163.883045][T14280] usb 8-1: config 0 has no interface number 0
[ 1163.883101][T14280] usb 8-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1163.883133][T14280] usb 8-1: config 0 interface 85 has no altsetting 0
[ 1163.886273][T14280] usb 8-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1163.886304][T14280] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1163.886327][T14280] usb 8-1: Product: syz
[ 1163.886344][T14280] usb 8-1: Manufacturer: syz
[ 1163.886360][T14280] usb 8-1: SerialNumber: syz
[ 1163.905906][T14280] usb 8-1: config 0 descriptor??
[ 1165.623523][T17657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1165.624909][T17657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1166.074298][T14280] appletouch 8-1:0.85: Geyser mode initialized.
[ 1166.245935][T14280] input: appletouch as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.85/input/input14
[ 1169.765788][T17677] netlink: 7 bytes leftover after parsing attributes in process `syz.8.3985'.
[ 1169.766307][T17677] netlink: 68 bytes leftover after parsing attributes in process `syz.8.3985'.
[ 1169.766703][T17677] netlink: 68 bytes leftover after parsing attributes in process `syz.8.3985'.
[ 1171.120770][T15572] usb 8-1: USB disconnect, device number 19
[ 1171.120899][    C1] appletouch 8-1:0.85: atp_complete: usb_submit_urb failed with result -19
[ 1171.762515][T17691] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1172.433322][T15572] appletouch 8-1:0.85: input: appletouch disconnected
[ 1173.731651][T17714] netlink: 7 bytes leftover after parsing attributes in process `syz.8.3999'.
[ 1173.731854][T17714] netlink: 68 bytes leftover after parsing attributes in process `syz.8.3999'.
[ 1173.731907][T17714] netlink: 68 bytes leftover after parsing attributes in process `syz.8.3999'.
[ 1176.381418][T17738] 9p: Bad value for 'rfdno'
[ 1176.405541][T17741] FAULT_INJECTION: forcing a failure.
[ 1176.405541][T17741] name failslab, interval 1, probability 0, space 0, times 0
[ 1176.405578][T17741] CPU: 0 UID: 0 PID: 17741 Comm: syz.5.4009 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1176.405604][T17741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1176.405617][T17741] Call Trace:
[ 1176.405625][T17741]  <TASK>
[ 1176.405635][T17741]  dump_stack_lvl+0xe8/0x150
[ 1176.405670][T17741]  should_fail_ex+0x46c/0x600
[ 1176.405704][T17741]  ? getname_flags+0xb8/0x540
[ 1176.405726][T17741]  should_failslab+0xa8/0x100
[ 1176.405748][T17741]  ? getname_flags+0xb8/0x540
[ 1176.405768][T17741]  kmem_cache_alloc_noprof+0x84/0x6c0
[ 1176.405797][T17741]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1176.405821][T17741]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1176.405847][T17741]  getname_flags+0xb8/0x540
[ 1176.405874][T17741]  do_sys_openat2+0xbc/0x200
[ 1176.405902][T17741]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1176.405928][T17741]  ? ksys_write+0x230/0x260
[ 1176.405961][T17741]  ? __pfx_ksys_write+0x10/0x10
[ 1176.405996][T17741]  __x64_sys_open+0x11e/0x150
[ 1176.406026][T17741]  do_syscall_64+0xec/0xf80
[ 1176.406047][T17741]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1176.406069][T17741]  ? trace_irq_disable+0x37/0x100
[ 1176.406092][T17741]  ? clear_bhb_loop+0x60/0xb0
[ 1176.406123][T17741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1176.406144][T17741] RIP: 0033:0x7fd59d7cf749
[ 1176.406163][T17741] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1176.406182][T17741] RSP: 002b:00007fd59ba0d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000002
[ 1176.406204][T17741] RAX: ffffffffffffffda RBX: 00007fd59da26090 RCX: 00007fd59d7cf749
[ 1176.406220][T17741] RDX: 0000000000000000 RSI: 0000000000145142 RDI: 0000200000000240
[ 1176.406234][T17741] RBP: 00007fd59ba0d090 R08: 0000000000000000 R09: 0000000000000000
[ 1176.406247][T17741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1176.406260][T17741] R13: 00007fd59da26128 R14: 00007fd59da26090 R15: 00007ffc5a4710c8
[ 1176.406294][T17741]  </TASK>
[ 1176.769541][ T5945] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[ 1176.790670][T17745] netlink: 16402 bytes leftover after parsing attributes in process `syz.7.4011'.
[ 1176.951186][ T5945] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1176.951215][ T5945] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1176.951272][ T5945] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1176.955699][ T5945] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1176.955731][ T5945] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1176.955753][ T5945] usb 5-1: Product: syz
[ 1176.955769][ T5945] usb 5-1: Manufacturer: syz
[ 1176.955785][ T5945] usb 5-1: SerialNumber: syz
[ 1177.058227][ T5945] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[ 1177.058282][ T5945] cdc_ncm 5-1:1.0: bind() failure
[ 1180.536487][T14142] usb 5-1: USB disconnect, device number 21
[ 1181.069277][T17799] FAULT_INJECTION: forcing a failure.
[ 1181.069277][T17799] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1181.069341][T17799] CPU: 1 UID: 0 PID: 17799 Comm: syz.4.4028 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1181.069369][T17799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1181.069384][T17799] Call Trace:
[ 1181.069392][T17799]  <TASK>
[ 1181.069402][T17799]  dump_stack_lvl+0xe8/0x150
[ 1181.069439][T17799]  should_fail_ex+0x46c/0x600
[ 1181.069475][T17799]  _copy_from_user+0x2d/0xb0
[ 1181.069499][T17799]  ___sys_sendmsg+0x158/0x2a0
[ 1181.069532][T17799]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1181.069565][T17799]  ? __schedule+0x1475/0x5070
[ 1181.069631][T17799]  ? __fget_files+0x2a/0x420
[ 1181.069655][T17799]  ? __fget_files+0x3a6/0x420
[ 1181.069690][T17799]  __x64_sys_sendmsg+0x1a1/0x260
[ 1181.069718][T17799]  ? irqentry_exit+0x5dd/0x660
[ 1181.069742][T17799]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1181.069777][T17799]  ? irqentry_exit+0x5dd/0x660
[ 1181.069824][T17799]  do_syscall_64+0xec/0xf80
[ 1181.069845][T17799]  ? rcu_is_watching+0x15/0xb0
[ 1181.069865][T17799]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1181.069888][T17799]  ? clear_bhb_loop+0x60/0xb0
[ 1181.069916][T17799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1181.069939][T17799] RIP: 0033:0x7fcec120f749
[ 1181.069958][T17799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1181.069978][T17799] RSP: 002b:00007fcebf42c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1181.070002][T17799] RAX: ffffffffffffffda RBX: 00007fcec1466180 RCX: 00007fcec120f749
[ 1181.070018][T17799] RDX: 0000000000000080 RSI: 0000200000000140 RDI: 0000000000000005
[ 1181.070032][T17799] RBP: 00007fcebf42c090 R08: 0000000000000000 R09: 0000000000000000
[ 1181.070046][T17799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1181.070059][T17799] R13: 00007fcec1466218 R14: 00007fcec1466180 R15: 00007ffe4a253a48
[ 1181.070094][T17799]  </TASK>
[ 1184.412863][T17829] FAULT_INJECTION: forcing a failure.
[ 1184.412863][T17829] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1184.412900][T17829] CPU: 0 UID: 0 PID: 17829 Comm: syz.5.4039 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1184.412926][T17829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1184.412939][T17829] Call Trace:
[ 1184.412947][T17829]  <TASK>
[ 1184.412956][T17829]  dump_stack_lvl+0xe8/0x150
[ 1184.412992][T17829]  should_fail_ex+0x46c/0x600
[ 1184.413028][T17829]  _copy_from_user+0x2d/0xb0
[ 1184.413050][T17829]  ___sys_sendmsg+0x158/0x2a0
[ 1184.413082][T17829]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1184.413148][T17829]  ? __fget_files+0x2a/0x420
[ 1184.413172][T17829]  ? __fget_files+0x3a6/0x420
[ 1184.413206][T17829]  __x64_sys_sendmsg+0x1a1/0x260
[ 1184.413237][T17829]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1184.413276][T17829]  ? __pfx_ksys_write+0x10/0x10
[ 1184.413320][T17829]  do_syscall_64+0xec/0xf80
[ 1184.413342][T17829]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1184.413364][T17829]  ? trace_irq_disable+0x37/0x100
[ 1184.413388][T17829]  ? clear_bhb_loop+0x60/0xb0
[ 1184.413414][T17829]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1184.413436][T17829] RIP: 0033:0x7fd59d7cf749
[ 1184.413474][T17829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1184.413494][T17829] RSP: 002b:00007fd59ba2e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1184.413518][T17829] RAX: ffffffffffffffda RBX: 00007fd59da25fa0 RCX: 00007fd59d7cf749
[ 1184.413535][T17829] RDX: 0000000000000000 RSI: 00002000000003c0 RDI: 0000000000000004
[ 1184.413550][T17829] RBP: 00007fd59ba2e090 R08: 0000000000000000 R09: 0000000000000000
[ 1184.413563][T17829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1184.413577][T17829] R13: 00007fd59da26038 R14: 00007fd59da25fa0 R15: 00007ffc5a4710c8
[ 1184.413612][T17829]  </TASK>
[ 1185.346656][T17853] FAULT_INJECTION: forcing a failure.
[ 1185.346656][T17853] name failslab, interval 1, probability 0, space 0, times 0
[ 1185.346682][T17853] CPU: 1 UID: 0 PID: 17853 Comm: syz.6.4045 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1185.346700][T17853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1185.346710][T17853] Call Trace:
[ 1185.346716][T17853]  <TASK>
[ 1185.346723][T17853]  dump_stack_lvl+0xe8/0x150
[ 1185.346748][T17853]  should_fail_ex+0x46c/0x600
[ 1185.346774][T17853]  should_failslab+0xa8/0x100
[ 1185.346790][T17853]  __kmalloc_noprof+0xe0/0x7e0
[ 1185.346812][T17853]  ? kfree+0x4d/0x900
[ 1185.346830][T17853]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1185.346851][T17853]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1185.346868][T17853]  ? tomoyo_domain+0xd9/0x130
[ 1185.346887][T17853]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1185.346909][T17853]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1185.346933][T17853]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1185.346954][T17853]  ? __lock_acquire+0x6b6/0x2cf0
[ 1185.346977][T17853]  ? do_raw_spin_lock+0x121/0x290
[ 1185.347018][T17853]  ? __fget_files+0x2a/0x420
[ 1185.347037][T17853]  ? __fget_files+0x2a/0x420
[ 1185.347052][T17853]  ? __fget_files+0x3a6/0x420
[ 1185.347068][T17853]  ? __fget_files+0x2a/0x420
[ 1185.347086][T17853]  security_file_ioctl+0xcb/0x2d0
[ 1185.347111][T17853]  __se_sys_ioctl+0x47/0x170
[ 1185.347134][T17853]  do_syscall_64+0xec/0xf80
[ 1185.347149][T17853]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1185.347164][T17853]  ? trace_irq_disable+0x37/0x100
[ 1185.347181][T17853]  ? clear_bhb_loop+0x60/0xb0
[ 1185.347200][T17853]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1185.347215][T17853] RIP: 0033:0x7f0e0751f749
[ 1185.347228][T17853] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1185.347242][T17853] RSP: 002b:00007f0e05786038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1185.347258][T17853] RAX: ffffffffffffffda RBX: 00007f0e07775fa0 RCX: 00007f0e0751f749
[ 1185.347270][T17853] RDX: 0000200000000000 RSI: 0000000000008b04 RDI: 0000000000000007
[ 1185.347279][T17853] RBP: 00007f0e05786090 R08: 0000000000000000 R09: 0000000000000000
[ 1185.347289][T17853] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1185.347298][T17853] R13: 00007f0e07776038 R14: 00007f0e07775fa0 R15: 00007ffd93548d38
[ 1185.347323][T17853]  </TASK>
[ 1185.347329][T17853] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1192.185612][T17945] FAULT_INJECTION: forcing a failure.
[ 1192.185612][T17945] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1192.185651][T17945] CPU: 1 UID: 0 PID: 17945 Comm: syz.6.4077 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1192.185677][T17945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1192.185691][T17945] Call Trace:
[ 1192.185700][T17945]  <TASK>
[ 1192.185710][T17945]  dump_stack_lvl+0xe8/0x150
[ 1192.185747][T17945]  should_fail_ex+0x46c/0x600
[ 1192.185784][T17945]  _copy_from_user+0x2d/0xb0
[ 1192.185809][T17945]  ___sys_sendmsg+0x158/0x2a0
[ 1192.185842][T17945]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1192.185911][T17945]  ? __fget_files+0x2a/0x420
[ 1192.185935][T17945]  ? __fget_files+0x3a6/0x420
[ 1192.185978][T17945]  __x64_sys_sendmsg+0x1a1/0x260
[ 1192.186010][T17945]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1192.186056][T17945]  ? __pfx_ksys_write+0x10/0x10
[ 1192.186101][T17945]  do_syscall_64+0xec/0xf80
[ 1192.186125][T17945]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1192.186149][T17945]  ? trace_irq_disable+0x37/0x100
[ 1192.186174][T17945]  ? clear_bhb_loop+0x60/0xb0
[ 1192.186203][T17945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1192.186225][T17945] RIP: 0033:0x7f0e0751f749
[ 1192.186245][T17945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1192.186264][T17945] RSP: 002b:00007f0e05786038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1192.186287][T17945] RAX: ffffffffffffffda RBX: 00007f0e07775fa0 RCX: 00007f0e0751f749
[ 1192.186303][T17945] RDX: 0000000004000894 RSI: 0000200000000300 RDI: 0000000000000003
[ 1192.186318][T17945] RBP: 00007f0e05786090 R08: 0000000000000000 R09: 0000000000000000
[ 1192.186331][T17945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1192.186345][T17945] R13: 00007f0e07776038 R14: 00007f0e07775fa0 R15: 00007ffd93548d38
[ 1192.186377][T17945]  </TASK>
[ 1192.536578][T17955] FAULT_INJECTION: forcing a failure.
[ 1192.536578][T17955] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1192.536616][T17955] CPU: 0 UID: 0 PID: 17955 Comm: syz.5.4080 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1192.536643][T17955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1192.536656][T17955] Call Trace:
[ 1192.536665][T17955]  <TASK>
[ 1192.536674][T17955]  dump_stack_lvl+0xe8/0x150
[ 1192.536712][T17955]  should_fail_ex+0x46c/0x600
[ 1192.536776][T17955]  _copy_from_user+0x2d/0xb0
[ 1192.536800][T17955]  ___sys_sendmsg+0x158/0x2a0
[ 1192.536834][T17955]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1192.536902][T17955]  ? __fget_files+0x2a/0x420
[ 1192.536932][T17955]  ? __fget_files+0x3a6/0x420
[ 1192.536968][T17955]  __x64_sys_sendmsg+0x1a1/0x260
[ 1192.537018][T17955]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1192.537059][T17955]  ? __pfx_ksys_write+0x10/0x10
[ 1192.537104][T17955]  do_syscall_64+0xec/0xf80
[ 1192.537126][T17955]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1192.537149][T17955]  ? trace_irq_disable+0x37/0x100
[ 1192.537174][T17955]  ? clear_bhb_loop+0x60/0xb0
[ 1192.537203][T17955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1192.537226][T17955] RIP: 0033:0x7fd59d7cf749
[ 1192.537246][T17955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1192.537266][T17955] RSP: 002b:00007fd59ba2e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1192.537290][T17955] RAX: ffffffffffffffda RBX: 00007fd59da25fa0 RCX: 00007fd59d7cf749
[ 1192.537307][T17955] RDX: 0000000024000914 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1192.537323][T17955] RBP: 00007fd59ba2e090 R08: 0000000000000000 R09: 0000000000000000
[ 1192.537338][T17955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1192.537352][T17955] R13: 00007fd59da26038 R14: 00007fd59da25fa0 R15: 00007ffc5a4710c8
[ 1192.537389][T17955]  </TASK>
[ 1193.812401][ T6011] usb 5-1: new full-speed USB device number 22 using dummy_hcd
[ 1193.986637][ T6011] usb 5-1: config 0 has an invalid interface number: 214 but max is 0
[ 1193.986670][ T6011] usb 5-1: config 0 has no interface number 0
[ 1193.986744][ T6011] usb 5-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1193.990794][ T6011] usb 5-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[ 1193.990836][ T6011] usb 5-1: New USB device strings: Mfr=1, Product=0, SerialNumber=3
[ 1193.990860][ T6011] usb 5-1: Manufacturer: syz
[ 1193.990876][ T6011] usb 5-1: SerialNumber: syz
[ 1194.060842][ T6011] usb 5-1: config 0 descriptor??
[ 1194.751371][ T6011] usbtouchscreen 5-1:0.214: probe with driver usbtouchscreen failed with error -71
[ 1194.756549][ T6011] usb 5-1: USB disconnect, device number 22
[ 1196.993299][T17996] delete_channel: no stack
[ 1197.306058][T18009] FAULT_INJECTION: forcing a failure.
[ 1197.306058][T18009] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1197.306094][T18009] CPU: 0 UID: 0 PID: 18009 Comm: syz.7.4102 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1197.306119][T18009] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1197.306131][T18009] Call Trace:
[ 1197.306140][T18009]  <TASK>
[ 1197.306149][T18009]  dump_stack_lvl+0xe8/0x150
[ 1197.306183][T18009]  should_fail_ex+0x46c/0x600
[ 1197.306216][T18009]  _copy_from_user+0x2d/0xb0
[ 1197.306239][T18009]  __sys_bpf+0x1e3/0x860
[ 1197.306267][T18009]  ? __pfx___sys_bpf+0x10/0x10
[ 1197.306296][T18009]  ? rt_mutex_slowunlock+0x1be/0x2e0
[ 1197.306343][T18009]  ? ksys_write+0x230/0x260
[ 1197.306377][T18009]  ? __pfx_ksys_write+0x10/0x10
[ 1197.306415][T18009]  __x64_sys_bpf+0x7c/0x90
[ 1197.306438][T18009]  do_syscall_64+0xec/0xf80
[ 1197.306460][T18009]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1197.306482][T18009]  ? trace_irq_disable+0x37/0x100
[ 1197.306523][T18009]  ? clear_bhb_loop+0x60/0xb0
[ 1197.306554][T18009]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1197.306576][T18009] RIP: 0033:0x7fdd41e6f749
[ 1197.306596][T18009] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1197.306615][T18009] RSP: 002b:00007fdd400b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1197.306639][T18009] RAX: ffffffffffffffda RBX: 00007fdd420c6090 RCX: 00007fdd41e6f749
[ 1197.306655][T18009] RDX: 0000000000000050 RSI: 0000200000000080 RDI: 000000000000000a
[ 1197.306669][T18009] RBP: 00007fdd400b5090 R08: 0000000000000000 R09: 0000000000000000
[ 1197.306684][T18009] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1197.306697][T18009] R13: 00007fdd420c6128 R14: 00007fdd420c6090 R15: 00007ffe19c482d8
[ 1197.306734][T18009]  </TASK>
[ 1197.758520][T14142] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1198.080102][T14142] usb 6-1: Using ep0 maxpacket: 32
[ 1199.340407][T14142] usb 6-1: config 0 has an invalid interface number: 133 but max is 0
[ 1199.340440][T14142] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1199.340461][T14142] usb 6-1: config 0 has no interface number 0
[ 1199.340512][T14142] usb 6-1: config 0 interface 133 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1024
[ 1199.340539][T14142] usb 6-1: config 0 interface 133 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1199.340564][T14142] usb 6-1: config 0 interface 133 altsetting 0 bulk endpoint 0xF has invalid maxpacket 0
[ 1199.340590][T14142] usb 6-1: config 0 interface 133 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1199.407379][T14142] usb 6-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=71.1e
[ 1199.407411][T14142] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1199.407432][T14142] usb 6-1: Product: syz
[ 1199.407447][T14142] usb 6-1: Manufacturer: syz
[ 1199.407461][T14142] usb 6-1: SerialNumber: syz
[ 1199.437623][ T6011] usb 8-1: new high-speed USB device number 20 using dummy_hcd
[ 1199.461384][T14142] usb 6-1: config 0 descriptor??
[ 1199.463693][T18013] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1199.599124][ T6011] usb 8-1: Using ep0 maxpacket: 16
[ 1199.601823][ T6011] usb 8-1: config 0 has an invalid interface number: 120 but max is 0
[ 1199.601853][ T6011] usb 8-1: config 0 has no interface number 0
[ 1199.601902][ T6011] usb 8-1: config 0 interface 120 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1199.601929][ T6011] usb 8-1: config 0 interface 120 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1199.613733][ T6011] usb 8-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=ac.13
[ 1199.613766][ T6011] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1199.613788][ T6011] usb 8-1: Product: syz
[ 1199.613803][ T6011] usb 8-1: Manufacturer: syz
[ 1199.613819][ T6011] usb 8-1: SerialNumber: syz
[ 1199.633219][ T6011] usb 8-1: config 0 descriptor??
[ 1200.815503][T14142] usb 6-1: probing VID:PID(0424:012C)   
[ 1200.839381][T14142] usb 6-1: vub300 testing BULK OUT EndPoint(0) 0B
[ 1200.839411][T14142] usb 6-1: vub300 testing BULK OUT EndPoint(1) 0F
[ 1200.839437][T14142] usb 6-1: Could not find two sets of bulk-in/out endpoint pairs
[ 1200.839532][T14142] vub300 6-1:0.133: probe with driver vub300 failed with error -22
[ 1201.057941][T14142] usb 6-1: USB disconnect, device number 7
[ 1201.116596][ T6011] msi2500 8-1:0.120: Registered as swradio24
[ 1201.116621][ T6011] msi2500 8-1:0.120: SDR API is still slightly experimental and functionality changes may follow
[ 1201.153258][T18043] syzkaller0: tun_chr_ioctl cmd 1074812117
[ 1203.579974][ T6011] usb 8-1: USB disconnect, device number 20
[ 1203.917661][T18071] FAULT_INJECTION: forcing a failure.
[ 1203.917661][T18071] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1203.917699][T18071] CPU: 0 UID: 0 PID: 18071 Comm: syz.7.4124 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1203.917724][T18071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1203.917738][T18071] Call Trace:
[ 1203.917746][T18071]  <TASK>
[ 1203.917755][T18071]  dump_stack_lvl+0xe8/0x150
[ 1203.917790][T18071]  should_fail_ex+0x46c/0x600
[ 1203.917826][T18071]  _copy_from_user+0x2d/0xb0
[ 1203.917847][T18071]  __sys_connect+0x124/0x450
[ 1203.917875][T18071]  ? __pfx___sys_connect+0x10/0x10
[ 1203.917916][T18071]  ? __pfx_ksys_write+0x10/0x10
[ 1203.917961][T18071]  __x64_sys_connect+0x7a/0x90
[ 1203.917987][T18071]  do_syscall_64+0xec/0xf80
[ 1203.918007][T18071]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1203.918028][T18071]  ? trace_irq_disable+0x37/0x100
[ 1203.918052][T18071]  ? clear_bhb_loop+0x60/0xb0
[ 1203.918078][T18071]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1203.918099][T18071] RIP: 0033:0x7fdd41e6f749
[ 1203.918117][T18071] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1203.918135][T18071] RSP: 002b:00007fdd400d6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[ 1203.918157][T18071] RAX: ffffffffffffffda RBX: 00007fdd420c5fa0 RCX: 00007fdd41e6f749
[ 1203.918172][T18071] RDX: 000000000000001c RSI: 00002000000001c0 RDI: 0000000000000003
[ 1203.918186][T18071] RBP: 00007fdd400d6090 R08: 0000000000000000 R09: 0000000000000000
[ 1203.918199][T18071] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1203.918211][T18071] R13: 00007fdd420c6038 R14: 00007fdd420c5fa0 R15: 00007ffe19c482d8
[ 1203.918246][T18071]  </TASK>
[ 1205.017916][T18087] No control pipe specified
[ 1205.148050][T17003] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[ 1209.842252][T18120] netlink: 16 bytes leftover after parsing attributes in process `syz.5.4135'.
[ 1209.892960][T18123] FAULT_INJECTION: forcing a failure.
[ 1209.892960][T18123] name failslab, interval 1, probability 0, space 0, times 0
[ 1209.892997][T18123] CPU: 0 UID: 0 PID: 18123 Comm: syz.4.4139 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1209.893023][T18123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1209.893036][T18123] Call Trace:
[ 1209.893044][T18123]  <TASK>
[ 1209.893054][T18123]  dump_stack_lvl+0xe8/0x150
[ 1209.893089][T18123]  should_fail_ex+0x46c/0x600
[ 1209.893136][T18123]  should_failslab+0xa8/0x100
[ 1209.893159][T18123]  __kmalloc_noprof+0xe0/0x7e0
[ 1209.893192][T18123]  ? kfree+0x4d/0x900
[ 1209.893218][T18123]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1209.893248][T18123]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1209.893273][T18123]  ? tomoyo_domain+0xd9/0x130
[ 1209.893302][T18123]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1209.893333][T18123]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1209.893368][T18123]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1209.893399][T18123]  ? __lock_acquire+0x6b6/0x2cf0
[ 1209.893432][T18123]  ? do_raw_spin_lock+0x121/0x290
[ 1209.893494][T18123]  ? __fget_files+0x2a/0x420
[ 1209.893522][T18123]  ? __fget_files+0x2a/0x420
[ 1209.893544][T18123]  ? __fget_files+0x3a6/0x420
[ 1209.893567][T18123]  ? __fget_files+0x2a/0x420
[ 1209.893596][T18123]  security_file_ioctl+0xcb/0x2d0
[ 1209.893631][T18123]  __se_sys_ioctl+0x47/0x170
[ 1209.893670][T18123]  do_syscall_64+0xec/0xf80
[ 1209.893693][T18123]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1209.893715][T18123]  ? trace_irq_disable+0x37/0x100
[ 1209.893739][T18123]  ? clear_bhb_loop+0x60/0xb0
[ 1209.893768][T18123]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1209.893790][T18123] RIP: 0033:0x7fcec120f749
[ 1209.893810][T18123] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1209.893829][T18123] RSP: 002b:00007fcebf46e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1209.893852][T18123] RAX: ffffffffffffffda RBX: 00007fcec1465fa0 RCX: 00007fcec120f749
[ 1209.893869][T18123] RDX: 0000200000000100 RSI: 000000000000891b RDI: 0000000000000003
[ 1209.893883][T18123] RBP: 00007fcebf46e090 R08: 0000000000000000 R09: 0000000000000000
[ 1209.893897][T18123] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1209.893910][T18123] R13: 00007fcec1466038 R14: 00007fcec1465fa0 R15: 00007ffe4a253a48
[ 1209.893946][T18123]  </TASK>
[ 1209.893967][T18123] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1209.971092][T17003] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[ 1210.146016][T17003] usb 9-1: Using ep0 maxpacket: 8
[ 1210.149298][T17003] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 1210.150907][T17003] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1210.154476][T17003] usb 9-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[ 1210.154506][T17003] usb 9-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[ 1210.154529][T17003] usb 9-1: Product: syz
[ 1210.154546][T17003] usb 9-1: Manufacturer: syz
[ 1210.154562][T17003] usb 9-1: SerialNumber: syz
[ 1210.360612][T18130] fuse: Bad value for 'fd'
[ 1211.095752][T17003] usb 9-1: config 0 descriptor??
[ 1211.255902][T17003] usb 9-1: can't set config #0, error -71
[ 1211.264639][T17003] usb 9-1: USB disconnect, device number 8
[ 1212.973282][   T37] audit: type=1326 audit(1766921703.452:287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=18161 comm="syz.7.4155" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdd41e6f749 code=0x0
[ 1213.267728][T18172] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4155'.
[ 1213.303263][T18172] tmpfs: Unknown parameter 'grpquotaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa€
'
[ 1213.343396][T18173] fuse: Bad value for 'fd'
[ 1214.696338][T18193] fuse: Bad value for 'rootmode'
[ 1216.845154][T18216] FAULT_INJECTION: forcing a failure.
[ 1216.845154][T18216] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1216.845194][T18216] CPU: 0 UID: 0 PID: 18216 Comm: syz.4.4173 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1216.845222][T18216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1216.845237][T18216] Call Trace:
[ 1216.845246][T18216]  <TASK>
[ 1216.845258][T18216]  dump_stack_lvl+0xe8/0x150
[ 1216.845296][T18216]  should_fail_ex+0x46c/0x600
[ 1216.845334][T18216]  _copy_from_user+0x2d/0xb0
[ 1216.845359][T18216]  ___sys_recvmsg+0x12e/0x510
[ 1216.845398][T18216]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1216.845434][T18216]  ? __fget_files+0x2a/0x420
[ 1216.845480][T18216]  ? __fget_files+0x3a6/0x420
[ 1216.845516][T18216]  do_recvmmsg+0x30d/0x770
[ 1216.845558][T18216]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1216.845603][T18216]  ? rt_mutex_slowunlock+0x1be/0x2e0
[ 1216.845665][T18216]  __x64_sys_recvmmsg+0x190/0x240
[ 1216.845717][T18216]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1216.845770][T18216]  do_syscall_64+0xec/0xf80
[ 1216.845793][T18216]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1216.845816][T18216]  ? trace_irq_disable+0x37/0x100
[ 1216.845841][T18216]  ? clear_bhb_loop+0x60/0xb0
[ 1216.845869][T18216]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1216.845892][T18216] RIP: 0033:0x7fcec120f749
[ 1216.845912][T18216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1216.845933][T18216] RSP: 002b:00007fcebf46e038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1216.845956][T18216] RAX: ffffffffffffffda RBX: 00007fcec1465fa0 RCX: 00007fcec120f749
[ 1216.845973][T18216] RDX: 0000000000000001 RSI: 0000200000003a80 RDI: 0000000000000004
[ 1216.845988][T18216] RBP: 00007fcebf46e090 R08: 0000000000000000 R09: 0000000000000000
[ 1216.846003][T18216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1216.846017][T18216] R13: 00007fcec1466038 R14: 00007fcec1465fa0 R15: 00007ffe4a253a48
[ 1216.846054][T18216]  </TASK>
[ 1218.495288][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[ 1218.495362][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[ 1218.949632][T18243] FAULT_INJECTION: forcing a failure.
[ 1218.949632][T18243] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1218.949700][T18243] CPU: 0 UID: 0 PID: 18243 Comm: syz.8.4180 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1218.949727][T18243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1218.949742][T18243] Call Trace:
[ 1218.949752][T18243]  <TASK>
[ 1218.949763][T18243]  dump_stack_lvl+0xe8/0x150
[ 1218.949800][T18243]  should_fail_ex+0x46c/0x600
[ 1218.949838][T18243]  _copy_from_user+0x2d/0xb0
[ 1218.949862][T18243]  io_submit_one+0xc2/0x1440
[ 1218.949900][T18243]  ? irqentry_exit+0x5dd/0x660
[ 1218.949923][T18243]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1218.949946][T18243]  ? irqentry_exit+0x5dd/0x660
[ 1218.949973][T18243]  ? __pfx_io_submit_one+0x10/0x10
[ 1218.950006][T18243]  ? __might_fault+0xb0/0x130
[ 1218.950073][T18243]  ? __might_fault+0xb0/0x130
[ 1218.950114][T18243]  __se_sys_io_submit+0x185/0x320
[ 1218.950147][T18243]  ? __pfx___se_sys_io_submit+0x10/0x10
[ 1218.950174][T18243]  ? ksys_write+0x230/0x260
[ 1218.950228][T18243]  do_syscall_64+0xec/0xf80
[ 1218.950251][T18243]  ? rcu_is_watching+0x15/0xb0
[ 1218.950272][T18243]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1218.950297][T18243]  ? clear_bhb_loop+0x60/0xb0
[ 1218.950327][T18243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1218.950351][T18243] RIP: 0033:0x7f65d3cef749
[ 1218.950372][T18243] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1218.950392][T18243] RSP: 002b:00007f65d1f14038 EFLAGS: 00000246 ORIG_RAX: 00000000000000d1
[ 1218.950418][T18243] RAX: ffffffffffffffda RBX: 00007f65d3f46180 RCX: 00007f65d3cef749
[ 1218.950436][T18243] RDX: 0000200000000340 RSI: 0000000000000001 RDI: 00007f65d1ed0000
[ 1218.950452][T18243] RBP: 00007f65d1f14090 R08: 0000000000000000 R09: 0000000000000000
[ 1218.950468][T18243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1218.950483][T18243] R13: 00007f65d3f46218 R14: 00007f65d3f46180 R15: 00007ffeb63fb668
[ 1218.950520][T18243]  </TASK>
[ 1222.297114][T18257] fuse: Bad value for 'rootmode'
[ 1223.027052][T18263] tmpfs: Bad value for 'mpol'
[ 1223.317353][T15651] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[ 1223.370517][T13279] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[ 1223.393867][T18265] FAULT_INJECTION: forcing a failure.
[ 1223.393867][T18265] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1223.393913][T18265] CPU: 0 UID: 0 PID: 18265 Comm: syz.5.4186 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1223.393941][T18265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1223.393956][T18265] Call Trace:
[ 1223.393966][T18265]  <TASK>
[ 1223.393976][T18265]  dump_stack_lvl+0xe8/0x150
[ 1223.394014][T18265]  should_fail_ex+0x46c/0x600
[ 1223.394051][T18265]  _copy_from_user+0x2d/0xb0
[ 1223.394076][T18265]  tipc_setsockopt+0x4b2/0x970
[ 1223.394115][T18265]  ? __pfx_tipc_setsockopt+0x10/0x10
[ 1223.394148][T18265]  ? __fget_files+0x2a/0x420
[ 1223.394177][T18265]  ? __fget_files+0x2a/0x420
[ 1223.394201][T18265]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[ 1223.394234][T18265]  ? __pfx_tipc_setsockopt+0x10/0x10
[ 1223.394267][T18265]  do_sock_setsockopt+0x17c/0x1b0
[ 1223.394301][T18265]  __x64_sys_setsockopt+0x145/0x1b0
[ 1223.394336][T18265]  do_syscall_64+0xec/0xf80
[ 1223.394360][T18265]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1223.394383][T18265]  ? trace_irq_disable+0x37/0x100
[ 1223.394409][T18265]  ? clear_bhb_loop+0x60/0xb0
[ 1223.394438][T18265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1223.394461][T18265] RIP: 0033:0x7fd59d7cf749
[ 1223.394482][T18265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1223.394503][T18265] RSP: 002b:00007fd59b9ec038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1223.394527][T18265] RAX: ffffffffffffffda RBX: 00007fd59da26180 RCX: 00007fd59d7cf749
[ 1223.394545][T18265] RDX: 0000000000000087 RSI: 000000000000010f RDI: 0000000000000009
[ 1223.394559][T18265] RBP: 00007fd59b9ec090 R08: 0000000000000010 R09: 0000000000000000
[ 1223.394593][T18265] R10: 0000200000000040 R11: 0000000000000246 R12: 0000000000000001
[ 1223.394609][T18265] R13: 00007fd59da26218 R14: 00007fd59da26180 R15: 00007ffc5a4710c8
[ 1223.394648][T18265]  </TASK>
[ 1223.477435][T15651] usb 5-1: Using ep0 maxpacket: 16
[ 1223.530897][T15651] usb 5-1: config 0 has an invalid interface number: 120 but max is 0
[ 1223.530928][T15651] usb 5-1: config 0 has no interface number 0
[ 1223.530983][T15651] usb 5-1: config 0 interface 120 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1223.531012][T15651] usb 5-1: config 0 interface 120 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1223.650664][T15651] usb 5-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=ac.13
[ 1223.650699][T15651] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1223.650722][T15651] usb 5-1: Product: syz
[ 1223.650739][T15651] usb 5-1: Manufacturer: syz
[ 1223.650756][T15651] usb 5-1: SerialNumber: syz
[ 1223.691717][T15651] usb 5-1: config 0 descriptor??
[ 1223.723306][T13279] usb 9-1: Using ep0 maxpacket: 16
[ 1223.725892][T13279] usb 9-1: config 0 has an invalid interface number: 108 but max is 0
[ 1223.725923][T13279] usb 9-1: config 0 has no interface number 0
[ 1223.725975][T13279] usb 9-1: config 0 interface 108 altsetting 0 endpoint 0x2 has an invalid bInterval 58, changing to 9
[ 1223.726032][T13279] usb 9-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=15.4c
[ 1223.726051][T13279] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1223.787580][T13279] usb 9-1: config 0 descriptor??
[ 1223.850264][T15651] msi2500 5-1:0.120: Registered as swradio24
[ 1223.850290][T15651] msi2500 5-1:0.120: SDR API is still slightly experimental and functionality changes may follow
[ 1223.940628][   T31] usb 5-1: USB disconnect, device number 23
[ 1224.020102][T15651] usb 9-1: USB disconnect, device number 9
[ 1226.044247][T18291] netlink: 20 bytes leftover after parsing attributes in process `syz.8.4197'.
[ 1226.132890][T18291] netlink: 16 bytes leftover after parsing attributes in process `syz.8.4197'.
[ 1227.183697][T18299] fuse: Unknown parameter 'use00000000000000000000'
[ 1231.236717][T18329] FAULT_INJECTION: forcing a failure.
[ 1231.236717][T18329] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1231.236756][T18329] CPU: 0 UID: 0 PID: 18329 Comm: syz.5.4208 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1231.236783][T18329] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1231.236798][T18329] Call Trace:
[ 1231.236809][T18329]  <TASK>
[ 1231.236820][T18329]  dump_stack_lvl+0xe8/0x150
[ 1231.236857][T18329]  should_fail_ex+0x46c/0x600
[ 1231.236894][T18329]  _copy_from_user+0x2d/0xb0
[ 1231.236919][T18329]  __sys_bpf+0x1e3/0x860
[ 1231.236947][T18329]  ? __pfx___sys_bpf+0x10/0x10
[ 1231.236972][T18329]  ? rt_mutex_slowunlock+0x1be/0x2e0
[ 1231.237015][T18329]  ? ksys_write+0x230/0x260
[ 1231.237044][T18329]  ? __pfx_ksys_write+0x10/0x10
[ 1231.237076][T18329]  __x64_sys_bpf+0x7c/0x90
[ 1231.237097][T18329]  do_syscall_64+0xec/0xf80
[ 1231.237115][T18329]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1231.237135][T18329]  ? clear_bhb_loop+0x60/0xb0
[ 1231.237178][T18329]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1231.237196][T18329] RIP: 0033:0x7fd59d7cf749
[ 1231.237212][T18329] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1231.237230][T18329] RSP: 002b:00007fd59ba0d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1231.237249][T18329] RAX: ffffffffffffffda RBX: 00007fd59da26090 RCX: 00007fd59d7cf749
[ 1231.237263][T18329] RDX: 0000000000000020 RSI: 0000200000000840 RDI: 0000000000000002
[ 1231.237275][T18329] RBP: 00007fd59ba0d090 R08: 0000000000000000 R09: 0000000000000000
[ 1231.237287][T18329] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1231.237298][T18329] R13: 00007fd59da26128 R14: 00007fd59da26090 R15: 00007ffc5a4710c8
[ 1231.237326][T18329]  </TASK>
[ 1232.675647][T13874] usb 5-1: new full-speed USB device number 24 using dummy_hcd
[ 1232.815014][T18335] netlink: 20 bytes leftover after parsing attributes in process `syz.8.4210'.
[ 1233.259516][T13874] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1233.259547][T13874] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1233.259568][T13874] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1233.259591][T13874] usb 5-1: config 1 has no interface number 1
[ 1233.259642][T13874] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1233.259685][T13874] usb 5-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1233.310923][T18335] netlink: 16 bytes leftover after parsing attributes in process `syz.8.4210'.
[ 1233.342641][T13874] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1233.342677][T13874] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1233.342701][T13874] usb 5-1: Product: syz
[ 1233.342718][T13874] usb 5-1: Manufacturer: syz
[ 1233.342735][T13874] usb 5-1: SerialNumber: syz
[ 1233.612263][T18328] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1233.612706][T18328] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1233.685975][T13874] usb 5-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[ 1233.686068][T13874] usb 5-1: MIDIStreaming interface descriptor not found
[ 1233.789324][T13874] usb 5-1: USB disconnect, device number 24
[ 1237.381732][T18373] netlink: 20 bytes leftover after parsing attributes in process `syz.4.4225'.
[ 1237.994652][T18383] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4225'.
[ 1246.068719][T18434] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4245'.
[ 1246.260299][T18434] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4245'.
[ 1250.191004][T13279] usb 8-1: new high-speed USB device number 21 using dummy_hcd
[ 1252.222706][T13279] usb 8-1: Using ep0 maxpacket: 16
[ 1252.228059][T13279] usb 8-1: config 0 has an invalid interface number: 120 but max is 0
[ 1252.228089][T13279] usb 8-1: config 0 has no interface number 0
[ 1252.228142][T13279] usb 8-1: config 0 interface 120 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1252.228168][T13279] usb 8-1: config 0 interface 120 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[ 1252.231380][T13279] usb 8-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=ac.13
[ 1252.231414][T13279] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1252.231438][T13279] usb 8-1: Product: syz
[ 1252.231456][T13279] usb 8-1: Manufacturer: syz
[ 1252.231473][T13279] usb 8-1: SerialNumber: syz
[ 1252.314009][T13279] usb 8-1: config 0 descriptor??
[ 1252.425053][T13279] msi2500 8-1:0.120: Registered as swradio24
[ 1252.425078][T13279] msi2500 8-1:0.120: SDR API is still slightly experimental and functionality changes may follow
[ 1252.588329][T13279] usb 8-1: USB disconnect, device number 21
[ 1254.601362][T18507] FAULT_INJECTION: forcing a failure.
[ 1254.601362][T18507] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1254.601429][T18507] CPU: 1 UID: 0 PID: 18507 Comm: syz.7.4267 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1254.601462][T18507] Tainted: [L]=SOFTLOCKUP
[ 1254.601471][T18507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1254.601486][T18507] Call Trace:
[ 1254.601495][T18507]  <TASK>
[ 1254.601505][T18507]  dump_stack_lvl+0xe8/0x150
[ 1254.601543][T18507]  should_fail_ex+0x46c/0x600
[ 1254.601581][T18507]  _copy_from_user+0x2d/0xb0
[ 1254.601605][T18507]  ___sys_sendmsg+0x158/0x2a0
[ 1254.601638][T18507]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1254.601673][T18507]  ? __schedule+0x1475/0x5070
[ 1254.601740][T18507]  ? __fget_files+0x2a/0x420
[ 1254.601765][T18507]  ? __fget_files+0x3a6/0x420
[ 1254.601800][T18507]  __x64_sys_sendmsg+0x1a1/0x260
[ 1254.601830][T18507]  ? irqentry_exit+0x5dd/0x660
[ 1254.601854][T18507]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1254.601882][T18507]  ? irqentry_exit+0x5dd/0x660
[ 1254.601930][T18507]  do_syscall_64+0xec/0xf80
[ 1254.601952][T18507]  ? rcu_is_watching+0x15/0xb0
[ 1254.601973][T18507]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1254.601997][T18507]  ? clear_bhb_loop+0x60/0xb0
[ 1254.602025][T18507]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1254.602048][T18507] RIP: 0033:0x7fdd41e6f749
[ 1254.602068][T18507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1254.602089][T18507] RSP: 002b:00007fdd40094038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1254.602120][T18507] RAX: ffffffffffffffda RBX: 00007fdd420c6180 RCX: 00007fdd41e6f749
[ 1254.602138][T18507] RDX: 0000000000000000 RSI: 0000200000000500 RDI: 0000000000000006
[ 1254.602154][T18507] RBP: 00007fdd40094090 R08: 0000000000000000 R09: 0000000000000000
[ 1254.602169][T18507] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1254.602183][T18507] R13: 00007fdd420c6218 R14: 00007fdd420c6180 R15: 00007ffe19c482d8
[ 1254.602220][T18507]  </TASK>
[ 1263.305668][T13235] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1263.332706][T13235] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1263.343506][T13235] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1263.346266][T13235] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1263.347438][T13235] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1265.778543][T15948] Bluetooth: hci2: command tx timeout
[ 1267.922347][T15948] Bluetooth: hci2: command tx timeout
[ 1270.146834][T15948] Bluetooth: hci2: command tx timeout
[ 1272.370476][T15948] Bluetooth: hci2: command tx timeout
[ 1272.525847][T18535] chnl_net:caif_netlink_parms(): no params data found
[ 1279.498791][T18609] input: syz1 as /devices/virtual/input/input19
[ 1279.811374][T18535] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1279.811607][T18535] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1279.811941][T18535] bridge_slave_0: entered allmulticast mode
[ 1279.846377][T18535] bridge_slave_0: entered promiscuous mode
[ 1279.870337][T18535] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1279.881931][T18535] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1279.882307][T18535] bridge_slave_1: entered allmulticast mode
[ 1279.885222][T18535] bridge_slave_1: entered promiscuous mode
[ 1280.538178][T18631] cgroup: Name too long
[ 1281.315379][T18636] FAULT_INJECTION: forcing a failure.
[ 1281.315379][T18636] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1281.315423][T18636] CPU: 1 UID: 0 PID: 18636 Comm: syz.5.4310 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1281.315457][T18636] Tainted: [L]=SOFTLOCKUP
[ 1281.315466][T18636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1281.315481][T18636] Call Trace:
[ 1281.315491][T18636]  <TASK>
[ 1281.315502][T18636]  dump_stack_lvl+0xe8/0x150
[ 1281.315542][T18636]  should_fail_ex+0x46c/0x600
[ 1281.315581][T18636]  _copy_from_user+0x2d/0xb0
[ 1281.315606][T18636]  ___sys_sendmsg+0x158/0x2a0
[ 1281.315641][T18636]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1281.315729][T18636]  ? __fget_files+0x2a/0x420
[ 1281.315754][T18636]  ? __fget_files+0x3a6/0x420
[ 1281.315792][T18636]  __x64_sys_sendmsg+0x1a1/0x260
[ 1281.315827][T18636]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1281.315869][T18636]  ? __pfx_ksys_write+0x10/0x10
[ 1281.315916][T18636]  do_syscall_64+0xec/0xf80
[ 1281.315941][T18636]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1281.315965][T18636]  ? trace_irq_disable+0x37/0x100
[ 1281.315992][T18636]  ? clear_bhb_loop+0x60/0xb0
[ 1281.316022][T18636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1281.316047][T18636] RIP: 0033:0x7fd59d7cf749
[ 1281.316068][T18636] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1281.316089][T18636] RSP: 002b:00007fd59ba2e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1281.316115][T18636] RAX: ffffffffffffffda RBX: 00007fd59da25fa0 RCX: 00007fd59d7cf749
[ 1281.316133][T18636] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[ 1281.316148][T18636] RBP: 00007fd59ba2e090 R08: 0000000000000000 R09: 0000000000000000
[ 1281.316164][T18636] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1281.316179][T18636] R13: 00007fd59da26038 R14: 00007fd59da25fa0 R15: 00007ffc5a4710c8
[ 1281.316216][T18636]  </TASK>
[ 1283.514733][T18535] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1283.552518][T18535] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1284.385795][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[ 1284.385875][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[ 1284.779198][T18680] FAULT_INJECTION: forcing a failure.
[ 1284.779198][T18680] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1284.779236][T18680] CPU: 0 UID: 0 PID: 18680 Comm: syz.6.4325 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1284.779263][T18680] Tainted: [L]=SOFTLOCKUP
[ 1284.779271][T18680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1284.779283][T18680] Call Trace:
[ 1284.779291][T18680]  <TASK>
[ 1284.779301][T18680]  dump_stack_lvl+0xe8/0x150
[ 1284.779333][T18680]  should_fail_ex+0x46c/0x600
[ 1284.779366][T18680]  _copy_to_user+0x31/0xb0
[ 1284.779388][T18680]  simple_read_from_buffer+0xe1/0x170
[ 1284.779413][T18680]  proc_fail_nth_read+0x1b6/0x220
[ 1284.779448][T18680]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1284.779485][T18680]  ? rw_verify_area+0x2ac/0x4e0
[ 1284.779515][T18680]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1284.779551][T18680]  vfs_read+0x206/0xa30
[ 1284.779590][T18680]  ? __pfx_vfs_read+0x10/0x10
[ 1284.779623][T18680]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1284.779647][T18680]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1284.779669][T18680]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1284.779697][T18680]  ? mutex_lock_nested+0x154/0x1d0
[ 1284.779722][T18680]  ? fdget_pos+0x253/0x320
[ 1284.779752][T18680]  ksys_read+0x14b/0x260
[ 1284.779782][T18680]  ? __pfx_ksys_read+0x10/0x10
[ 1284.779819][T18680]  do_syscall_64+0xec/0xf80
[ 1284.779839][T18680]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1284.779858][T18680]  ? trace_irq_disable+0x37/0x100
[ 1284.779879][T18680]  ? clear_bhb_loop+0x60/0xb0
[ 1284.779903][T18680]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1284.779922][T18680] RIP: 0033:0x7f0e0751e15c
[ 1284.779940][T18680] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1284.779958][T18680] RSP: 002b:00007f0e05765030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1284.779979][T18680] RAX: ffffffffffffffda RBX: 00007f0e07776090 RCX: 00007f0e0751e15c
[ 1284.779993][T18680] RDX: 000000000000000f RSI: 00007f0e057650a0 RDI: 000000000000000a
[ 1284.780006][T18680] RBP: 00007f0e05765090 R08: 0000000000000000 R09: 0000000000000000
[ 1284.780018][T18680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1284.780030][T18680] R13: 00007f0e07776128 R14: 00007f0e07776090 R15: 00007ffd93548d38
[ 1284.780062][T18680]  </TASK>
[ 1285.220055][T15630] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1286.462067][T18535] team0: Port device team_slave_0 added
[ 1286.738211][T15630] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1287.568089][T18535] team0: Port device team_slave_1 added
[ 1287.939825][T18715] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4336'.
[ 1288.020054][T15630] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1289.641838][T18731] FAULT_INJECTION: forcing a failure.
[ 1289.641838][T18731] name failslab, interval 1, probability 0, space 0, times 0
[ 1289.641878][T18731] CPU: 1 UID: 0 PID: 18731 Comm: syz.5.4344 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1289.641911][T18731] Tainted: [L]=SOFTLOCKUP
[ 1289.641919][T18731] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1289.641934][T18731] Call Trace:
[ 1289.641943][T18731]  <TASK>
[ 1289.641954][T18731]  dump_stack_lvl+0xe8/0x150
[ 1289.642002][T18731]  should_fail_ex+0x46c/0x600
[ 1289.642038][T18731]  ? __alloc_skb+0x1dc/0x3a0
[ 1289.642062][T18731]  should_failslab+0xa8/0x100
[ 1289.642087][T18731]  ? __alloc_skb+0x1dc/0x3a0
[ 1289.642110][T18731]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[ 1289.642142][T18731]  ? __pfx_tcp_current_mss+0x10/0x10
[ 1289.642176][T18731]  ? try_to_take_rt_mutex+0x840/0xb00
[ 1289.642217][T18731]  __alloc_skb+0x1dc/0x3a0
[ 1289.642247][T18731]  tcp_stream_alloc_skb+0x3d/0x350
[ 1289.642279][T18731]  tcp_sendmsg_locked+0x1abe/0x5520
[ 1289.642362][T18731]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[ 1289.642406][T18731]  ? __local_bh_enable_ip+0x1af/0x2c0
[ 1289.642451][T18731]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1289.642480][T18731]  tcp_sendmsg+0x2f/0x50
[ 1289.642508][T18731]  __sock_sendmsg+0x19c/0x270
[ 1289.642548][T18731]  __sys_sendto+0x3c7/0x520
[ 1289.642578][T18731]  ? __pfx___sys_sendto+0x10/0x10
[ 1289.642635][T18731]  ? ksys_write+0x230/0x260
[ 1289.642671][T18731]  ? __pfx_ksys_write+0x10/0x10
[ 1289.642710][T18731]  __x64_sys_sendto+0xde/0x100
[ 1289.642741][T18731]  do_syscall_64+0xec/0xf80
[ 1289.642764][T18731]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1289.642787][T18731]  ? trace_irq_disable+0x37/0x100
[ 1289.642813][T18731]  ? clear_bhb_loop+0x60/0xb0
[ 1289.642842][T18731]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1289.642866][T18731] RIP: 0033:0x7fd59d7cf749
[ 1289.642887][T18731] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1289.642908][T18731] RSP: 002b:00007fd59ba2e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1289.642933][T18731] RAX: ffffffffffffffda RBX: 00007fd59da25fa0 RCX: 00007fd59d7cf749
[ 1289.642951][T18731] RDX: 994b6e03113064ae RSI: 0000200000000700 RDI: 0000000000000003
[ 1289.642968][T18731] RBP: 00007fd59ba2e090 R08: 0000000000000000 R09: 0000000000000000
[ 1289.642991][T18731] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1289.643006][T18731] R13: 00007fd59da26038 R14: 00007fd59da25fa0 R15: 00007ffc5a4710c8
[ 1289.643045][T18731]  </TASK>
[ 1290.639709][T15630] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1293.354281][T18535] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1293.354301][T18535] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1293.354332][T18535] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1293.365354][T18766] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4357'.
[ 1293.445678][T18535] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1293.445697][T18535] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1293.445731][T18535] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1293.703202][T18772] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4360'.
[ 1293.789240][T18777] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4359'.
[ 1294.902827][T18791] faux_driver vgem: [drm] Unknown color mode 181; guessing buffer size.
[ 1296.296757][T18535] hsr_slave_0: entered promiscuous mode
[ 1296.309765][T18535] hsr_slave_1: entered promiscuous mode
[ 1296.311009][T18535] debugfs: 'hsr0' already exists in 'hsr'
[ 1296.311038][T18535] Cannot create hsr debugfs directory
[ 1299.626022][T18822] mmap: syz.4.4380 (18822) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[ 1302.132449][T18833] FAULT_INJECTION: forcing a failure.
[ 1302.132449][T18833] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1302.132492][T18833] CPU: 1 UID: 0 PID: 18833 Comm: syz.5.4384 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1302.132527][T18833] Tainted: [L]=SOFTLOCKUP
[ 1302.132536][T18833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1302.132552][T18833] Call Trace:
[ 1302.132562][T18833]  <TASK>
[ 1302.132573][T18833]  dump_stack_lvl+0xe8/0x150
[ 1302.132611][T18833]  should_fail_ex+0x46c/0x600
[ 1302.132651][T18833]  _copy_from_user+0x2d/0xb0
[ 1302.132676][T18833]  memdup_user+0x5e/0xd0
[ 1302.132707][T18833]  __se_sys_kexec_load+0x109/0x160
[ 1302.132744][T18833]  do_syscall_64+0xec/0xf80
[ 1302.132778][T18833]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1302.132803][T18833]  ? trace_irq_disable+0x37/0x100
[ 1302.132829][T18833]  ? clear_bhb_loop+0x60/0xb0
[ 1302.132860][T18833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1302.132884][T18833] RIP: 0033:0x7fd59d7cf749
[ 1302.132905][T18833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1302.132926][T18833] RSP: 002b:00007fd59b9ec038 EFLAGS: 00000246 ORIG_RAX: 00000000000000f6
[ 1302.132950][T18833] RAX: ffffffffffffffda RBX: 00007fd59da26180 RCX: 00007fd59d7cf749
[ 1302.132968][T18833] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 1302.132982][T18833] RBP: 00007fd59b9ec090 R08: 0000000000000000 R09: 0000000000000000
[ 1302.132998][T18833] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1302.133012][T18833] R13: 00007fd59da26218 R14: 00007fd59da26180 R15: 00007ffc5a4710c8
[ 1302.133049][T18833]  </TASK>
[ 1305.825479][T18535] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1307.988388][T18838] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1308.011650][T18838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1308.020508][T18838] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1308.022712][T18838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1308.034719][T18838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1308.981667][T15630] bridge_slave_1: left allmulticast mode
[ 1308.981702][T15630] bridge_slave_1: left promiscuous mode
[ 1308.981991][T15630] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1310.269575][T18838] Bluetooth: hci1: command tx timeout
[ 1310.524336][T15948] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1310.544073][T15948] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1310.560858][T15948] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1310.562262][T15948] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1310.563790][T15948] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1310.689886][T15630] bridge_slave_0: left allmulticast mode
[ 1310.689919][T15630] bridge_slave_0: left promiscuous mode
[ 1310.690204][T15630] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1312.493994][T15948] Bluetooth: hci1: command tx timeout
[ 1312.761691][T15948] Bluetooth: hci4: command tx timeout
[ 1314.718324][T15948] Bluetooth: hci1: command tx timeout
[ 1315.224070][T15948] Bluetooth: hci4: command tx timeout
[ 1315.396289][T18838] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1315.419632][T18838] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1315.456369][T18838] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1315.533712][T18838] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1315.536324][T18838] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1316.959313][T18838] Bluetooth: hci1: command tx timeout
[ 1317.382299][T18838] Bluetooth: hci4: command tx timeout
[ 1317.425923][T15948] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1317.450266][T15948] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1317.474955][T15948] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1317.476288][T15948] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1317.486637][T15948] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1317.798173][T15948] Bluetooth: hci6: command tx timeout
[ 1319.605545][T15948] Bluetooth: hci4: command tx timeout
[ 1319.682898][T15948] Bluetooth: hci0: command tx timeout
[ 1320.037921][T15948] Bluetooth: hci6: command tx timeout
[ 1321.905231][T15948] Bluetooth: hci0: command tx timeout
[ 1322.246890][T15948] Bluetooth: hci6: command tx timeout
[ 1324.129543][T15948] Bluetooth: hci0: command tx timeout
[ 1324.472311][T15948] Bluetooth: hci6: command tx timeout
[ 1326.353845][T15948] Bluetooth: hci0: command tx timeout
[ 1327.159307][T18838] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1327.174062][T18838] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1327.195314][T18838] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1327.197822][T18838] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1327.226335][T18838] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1329.445037][T15948] Bluetooth: hci5: command tx timeout
[ 1331.657729][T15948] Bluetooth: hci5: command tx timeout
[ 1333.881991][T15948] Bluetooth: hci5: command tx timeout
[ 1336.108206][T15948] Bluetooth: hci5: command tx timeout
[ 1349.805609][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[ 1349.805690][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[ 1371.780818][T18838] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1371.799558][T18838] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1371.833963][T18838] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1371.837139][T18838] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1371.838037][T18838] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1374.016548][T18838] Bluetooth: hci7: command tx timeout
[ 1375.232820][T15948] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 1375.253473][T15948] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 1375.255096][T15948] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 1375.256477][T15948] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 1375.286114][T15948] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 1376.230129][T15948] Bluetooth: hci7: command tx timeout
[ 1377.524494][T15948] Bluetooth: hci8: command tx timeout
[ 1378.454573][T15948] Bluetooth: hci7: command tx timeout
[ 1379.739705][T15948] Bluetooth: hci8: command tx timeout
[ 1379.906658][T18838] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[ 1379.931931][T18838] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[ 1379.933787][T18838] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[ 1379.981983][T18838] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[ 1379.983142][T18838] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[ 1380.678817][T18838] Bluetooth: hci7: command tx timeout
[ 1381.962659][T15948] Bluetooth: hci8: command tx timeout
[ 1382.218966][T18838] Bluetooth: hci9: command tx timeout
[ 1382.346740][T15948] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[ 1382.377301][T15948] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[ 1382.387270][T15948] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[ 1382.388631][T15948] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[ 1382.390413][T15948] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[ 1384.186892][T15948] Bluetooth: hci8: command tx timeout
[ 1384.443253][T15948] Bluetooth: hci9: command tx timeout
[ 1384.785470][T15948] Bluetooth: hci10: command tx timeout
[ 1386.668338][T15948] Bluetooth: hci9: command tx timeout
[ 1387.009735][T15948] Bluetooth: hci10: command tx timeout
[ 1388.902683][T15948] Bluetooth: hci9: command tx timeout
[ 1389.234333][T15948] Bluetooth: hci10: command tx timeout
[ 1391.463313][T15948] Bluetooth: hci10: command tx timeout
[ 1391.676736][T18838] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1391.710122][T18838] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1391.713026][T18838] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1391.725969][T18838] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1391.771502][T18838] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1393.939492][T15948] Bluetooth: hci3: command tx timeout
[ 1395.844199][T15948] Bluetooth: hci2: command 0x0406 tx timeout
[ 1396.163977][T15948] Bluetooth: hci3: command tx timeout
[ 1398.399906][T15948] Bluetooth: hci3: command tx timeout
[ 1400.612511][T18838] Bluetooth: hci3: command tx timeout
[ 1415.526506][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[ 1415.526589][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[ 1438.077959][T18881] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[ 1438.083591][T18881] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[ 1438.109098][T18881] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[ 1438.110531][T18881] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[ 1438.112481][T18881] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[ 1439.629114][T18881] Bluetooth: hci1: command 0x0406 tx timeout
[ 1439.743605][T15948] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[ 1439.780791][T15948] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[ 1439.784049][T15948] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[ 1439.802466][T15948] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[ 1439.803797][T15948] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[ 1440.308569][T18881] Bluetooth: hci11: command tx timeout
[ 1442.543687][T18838] Bluetooth: hci11: command tx timeout
[ 1442.706371][T18838] Bluetooth: hci12: command tx timeout
[ 1444.757395][T18838] Bluetooth: hci11: command tx timeout
[ 1444.930479][T18838] Bluetooth: hci12: command tx timeout
[ 1445.100144][T18838] Bluetooth: hci4: command 0x0406 tx timeout
[ 1445.363315][T15948] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[ 1445.385133][T15948] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[ 1445.406540][T15948] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[ 1445.407930][T15948] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[ 1445.420238][T15948] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[ 1446.981745][T18881] Bluetooth: hci11: command tx timeout
[ 1447.154729][T18881] Bluetooth: hci12: command tx timeout
[ 1447.571995][T15948] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[ 1447.598680][T18838] Bluetooth: hci13: command tx timeout
[ 1447.615381][T15948] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[ 1447.642174][T15948] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[ 1447.643673][T15948] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[ 1447.661446][T15948] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[ 1449.389922][T15948] Bluetooth: hci12: command tx timeout
[ 1449.815915][T15948] Bluetooth: hci13: command tx timeout
[ 1449.892893][T15948] Bluetooth: hci14: command tx timeout
[ 1450.603542][T15948] Bluetooth: hci6: command 0x0406 tx timeout
[ 1450.603587][T15948] Bluetooth: hci0: command 0x0406 tx timeout
[ 1452.029351][T18881] Bluetooth: hci13: command tx timeout
[ 1452.115000][T18881] Bluetooth: hci14: command tx timeout
[ 1454.253658][T18881] Bluetooth: hci13: command tx timeout
[ 1454.340733][T18881] Bluetooth: hci14: command tx timeout
[ 1456.375903][T18838] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[ 1456.383059][T18838] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[ 1456.385350][T18838] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[ 1456.436503][T18838] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[ 1456.437597][T18838] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[ 1456.570903][T18881] Bluetooth: hci14: command tx timeout
[ 1458.616923][T18838] Bluetooth: hci15: command tx timeout
[ 1460.852004][T18881] Bluetooth: hci15: command tx timeout
[ 1461.541166][T18881] Bluetooth: hci5: command 0x0406 tx timeout
[ 1462.725338][   T38] INFO: task kworker/u8:1:13 blocked for more than 143 seconds.
[ 1462.725370][   T38]       Tainted: G             L      syzkaller #0
[ 1462.725385][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1462.725397][   T38] task:kworker/u8:1    state:D stack:21144 pid:13    tgid:13    ppid:2      task_flags:0x4208060 flags:0x00080000
[ 1462.725486][   T38] Workqueue: events_unbound linkwatch_event
[ 1462.725534][   T38] Call Trace:
[ 1462.725544][   T38]  <TASK>
[ 1462.725560][   T38]  __schedule+0x145f/0x5070
[ 1462.725641][   T38]  ? __pfx___schedule+0x10/0x10
[ 1462.725698][   T38]  rt_mutex_schedule+0x77/0xf0
[ 1462.725738][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 1462.725771][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[ 1462.725821][   T38]  rt_mutex_slowlock+0x2a8/0x6b0
[ 1462.725857][   T38]  ? rt_mutex_slowlock+0x1c9/0x6b0
[ 1462.725891][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 1462.725936][   T38]  ? linkwatch_event+0xe/0x60
[ 1462.725983][   T38]  ? linkwatch_event+0xe/0x60
[ 1462.726014][   T38]  mutex_lock_nested+0x16a/0x1d0
[ 1462.726046][   T38]  ? process_scheduled_works+0x9ef/0x1770
[ 1462.726077][   T38]  linkwatch_event+0xe/0x60
[ 1462.726110][   T38]  process_scheduled_works+0xad1/0x1770
[ 1462.726169][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1462.726194][   T38]  ? do_raw_spin_lock+0x121/0x290
[ 1462.726241][   T38]  worker_thread+0x8a0/0xda0
[ 1462.726299][   T38]  kthread+0x711/0x8a0
[ 1462.726338][   T38]  ? __pfx_worker_thread+0x10/0x10
[ 1462.726365][   T38]  ? __pfx_kthread+0x10/0x10
[ 1462.726396][   T38]  ? rt_spin_unlock+0x150/0x200
[ 1462.726434][   T38]  ? rt_spin_unlock+0x161/0x200
[ 1462.726464][   T38]  ? __pfx_kthread+0x10/0x10
[ 1462.726506][   T38]  ret_from_fork+0x510/0xa50
[ 1462.726537][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 1462.726562][   T38]  ? __switch_to+0xc9e/0x1480
[ 1462.726603][   T38]  ? __pfx_kthread+0x10/0x10
[ 1462.726638][   T38]  ret_from_fork_asm+0x1a/0x30
[ 1462.726694][   T38]  </TASK>
[ 1462.726925][   T38] INFO: task kworker/0:12:18057 blocked for more than 143 seconds.
[ 1462.726947][   T38]       Tainted: G             L      syzkaller #0
[ 1462.726961][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1462.726972][   T38] task:kworker/0:12    state:D stack:24008 pid:18057 tgid:18057 ppid:2      task_flags:0x4208060 flags:0x00080000
[ 1462.727040][   T38] Workqueue: events switchdev_deferred_process_work
[ 1462.727066][   T38] Call Trace:
[ 1462.727075][   T38]  <TASK>
[ 1462.727090][   T38]  __schedule+0x145f/0x5070
[ 1462.727142][   T38]  ? __lock_acquire+0x6b6/0x2cf0
[ 1462.727188][   T38]  ? __pfx___schedule+0x10/0x10
[ 1462.727245][   T38]  rt_mutex_schedule+0x77/0xf0
[ 1462.727283][   T38]  rt_mutex[ 1462.727283][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 1462.727317][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[ 1462.727368][   T38]  rt_mutex_slowlock+0x2a8/0x6b0
[ 1462.727404][   T38]  ? rt_mutex_slowlock+0x1c9/0x6b0
[ 1462.727439][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 1462.727483][   T38]  ? switchdev_deferred_process_work+0xe/0x20
[ 1462.727527][   T38]  ? switchdev_deferred_process_work+0xe/0x20
[ 1462.727546][   T38]  mutex_lock_nested+0x16a/0x1d0
[ 1462.727576][   T38]  ? process_scheduled_works+0x9ef/0x1770
[ 1462.727606][   T38]  switchdev_deferred_process_work+0xe/0x20
[ 1462.727631][   T38]  process_scheduled_works+0xad1/0x1770
[ 1462.727690][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1462.727714][   T38]  ? do_raw_spin_lock+0x121/0x290
[ 1462.727760][   T38]  worker_thread+0x8a0/0xda0
[ 1462.727802][   T38]  ? __kthread_parkme+0x7b/0x200
[ 1462.727842][   T38]  kthread+0x711/0x8a0
[ 1462.727879][   T38]  ? __pfx_worker_thread+0x10/0x10
[ 1462.727906][   T38]  ? __pfx_kthread+0x10/0x10
[ 1462.727936][   T38]  ? rt_spin_unlock+0x150/0x200
[ 1462.727972][   T38]  ? rt_spin_unlock+0x161/0x200
[ 1462.728002][   T38]  ? __pfx_kthread+0x10/0x10
[ 1462.728038][   T38]  ret_from_fork+0x510/0xa50
[ 1462.728067][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 1462.728092][   T38]  ? __switch_to+0xc9e/0x1480
[ 1462.728132][   T38]  ? __pfx_kthread+0x10/0x10
[ 1462.728167][   T38]  ret_from_fork_asm+0x1a/0x30
[ 1462.728223][   T38]  </TASK>
[ 1462.728235][   T38] INFO: task syz-executor:18535 blocked for more than 143 seconds.
[ 1462.728255][   T38]       Tainted: G             L      syzkaller #0
[ 1462.728269][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1462.728281][   T38] task:syz-executor    state:D stack:17784 pid:18535 tgid:18535 ppid:1      task_flags:0x400140 flags:0x00080002
[ 1462.728340][   T38] Call Trace:
[ 1462.728348][   T38]  <TASK>
[ 1462.728363][   T38]  __schedule+0x145f/0x5070
[ 1462.728431][   T38]  ? __pfx___schedule+0x10/0x10
[ 1462.728486][   T38]  rt_mutex_schedule+0x77/0xf0
[ 1462.728532][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 1462.728564][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[ 1462.728615][   T38]  rt_mutex_slowlock+0x2a8/0x6b0
[ 1462.728651][   T38]  ? rt_mutex_slowlock+0x1c9/0x6b0
[ 1462.728685][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 1462.728729][   T38]  ? rtnl_newlink+0x8ec/0x1c90
[ 1462.728757][   T38]  ? rtnl_newlink+0x8ec/0x1c90
[ 1462.728787][   T38]  ? rtnl_newlink+0x8ec/0x1c90
[ 1462.728805][   T38]  mutex_lock_nested+0x16a/0x1d0
[ 1462.728833][   T38]  rtnl_newlink+0x8ec/0x1c90
[ 1462.728863][   T38]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1462.728886][   T38]  ? __lock_acquire+0x6b6/0x2cf0
[ 1462.728916][   T38]  ? __lock_acquire+0x6b6/0x2cf0
[ 1462.728942][   T38]  ? __lock_acquire+0x6b6/0x2cf0
[ 1462.728974][   T38]  ? unwind_next_frame+0xa5/0x23d0
[ 1462.729004][   T38]  ? unwind_next_frame+0xa5/0x23d0
[ 1462.729030][   T38]  ? is_bpf_text_address+0x26/0x2b0
[ 1462.729065][   T38]  ? __lock_acquire+0x6b6/0x2cf0
[ 1462.729091][   T38]  ? is_bpf_text_address+0x292/0x2b0
[ 1462.729114][   T38]  ? is_bpf_text_address+0x26/0x2b0
[ 1462.729139][   T38]  ? kernel_text_address+0xa5/0xe0
[ 1462.729168][   T38]  ? __kernel_text_address+0xd/0x40
[ 1462.729195][   T38]  ? unwind_get_return_address+0x4d/0x90
[ 1462.729219][   T38]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1462.729242][   T38]  ? arch_stack_walk+0xfc/0x150
[ 1462.729272][   T38]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1462.729304][   T38]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1462.729324][   T38]  rtnetlink_rcv_msg+0x7cf/0xb70
[ 1462.729347][   T38]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1462.729367][   T38]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1462.729387][   T38]  ? __lock_acquire+0x6b6/0x2cf0
[ 1462.729432][   T38]  netlink_rcv_skb+0x208/0x470
[ 1462.729466][   T38]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1462.729492][   T38]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1462.729562][   T38]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1462.729593][   T38]  netlink_unicast+0x846/0xa10
[ 1462.729631][   T38]  ? __pfx_netlink_unicast+0x10/0x10
[ 1462.729658][   T38]  ? __alloc_skb+0x198/0x3a0
[ 1462.729683][   T38]  ? netlink_sendmsg+0x642/0xb30
[ 1462.729707][   T38]  ? skb_put+0x11b/0x210
[ 1462.729731][   T38]  netlink_sendmsg+0x805/0xb30
[ 1462.729763][   T38]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1462.729794][   T38]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1462.729818][   T38]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1462.729844][   T38]  __sock_sendmsg+0x21c/0x270
[ 1462.729876][   T38]  __sys_sendto+0x3c7/0x520
[ 1462.729898][   T38]  ? __pfx___sys_sendto+0x10/0x10
[ 1462.729940][   T38]  ? fput_close_sync+0x113/0x220
[ 1462.729962][   T38]  ? __pfx_fput_close_sync+0x10/0x10
[ 1462.729991][   T38]  __x64_sys_sendto+0xde/0x100
[ 1462.730016][   T38]  do_syscall_64+0xec/0xf80
[ 1462.730035][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1462.730053][   T38]  ? trace_irq_disable+0x37/0x100
[ 1462.730073][   T38]  ? clear_bhb_loop+0x60/0xb0
[ 1462.730096][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1462.730115][   T38] RIP: 0033:0x7fa2263415dc
[ 1462.730132][   T38] RSP: 002b:00007fff8899a130 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[ 1462.730151][   T38] RAX: ffffffffffffffda RBX: 00007fa2270c35c0 RCX: 00007fa2263415dc
[ 1462.730165][   T38] RDX: 0000000000000030 RSI: 00007fa2270c3610 RDI: 0000000000000006
[ 1462.730177][   T38] RBP: 0000000000000000 R08: 00007fff8899a184 R09: 000000000000000c
[ 1462.730188][   T38] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000006
[ 1462.730199][   T38] R13: 0000000000000000 R14: 00007fa2270c3610 R15: 0000000000000000
[ 1462.730226][   T38]  </TASK>
[ 1462.730235][   T38] INFO: task kworker/u8:36:18576 blocked for more than 143 seconds.
[ 1462.730251][   T38]       Tainted: G             L      syzkaller #0
[ 1462.730264][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1462.730272][   T38] task:kworker/u8:36   state:D stack:24512 pid:18576 tgid:18576 ppid:2      task_flags:0x4208060 flags:0x00080000
[ 1462.730327][   T38] Workqueue: ipv6_addrconf addrconf_dad_work
[ 1462.730350][   T38] Call Trace:
[ 1462.730357][   T38]  <TASK>
[ 1462.730368][   T38]  __schedule+0x145f/0x5070
[ 1462.730418][   T38]  ? __pfx___schedule+0x10/0x10
[ 1462.730458][   T38]  rt_mutex_schedule+0x77/0xf0
[ 1462.730487][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 1462.730518][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[ 1462.730555][   T38]  rt_mutex_slowlock+0x2a8/0x6b0
[ 1462.730581][   T38]  ? rt_mutex_slowlock+0x1c9/0x6b0
[ 1462.730606][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 1462.730639][   T38]  ? addrconf_dad_work+0x119/0x15a0
[ 1462.730666][   T38]  ? addrconf_dad_work+0x119/0x15a0
[ 1462.730694][   T38]  ? addrconf_dad_work+0x119/0x15a0
[ 1462.730716][   T38]  mutex_lock_nested+0x16a/0x1d0
[ 1462.730744][   T38]  addrconf_dad_work+0x119/0x15a0
[ 1462.730771][   T38]  ? do_raw_spin_unlock+0x122/0x240
[ 1462.730798][   T38]  ? __pfx_addrconf_dad_work+0x10/0x10
[ 1462.730822][   T38]  ? process_scheduled_works+0x9ef/0x1770
[ 1462.730847][   T38]  ? process_scheduled_works+0x9ef/0x1770
[ 1462.730867][   T38]  ? process_scheduled_works+0x9ef/0x1770
[ 1462.730889][   T38]  process_scheduled_works+0xad1/0x1770
[ 1462.730931][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1462.730950][   T38]  ? do_raw_spin_lock+0x121/0x290
[ 1462.730984][   T38]  worker_thread+0x8a0/0xda0
[ 1462.731016][   T38]  ? __kthread_parkme+0x7b/0x200
[ 1462.731047][   T38]  kthread+0x711/0x8a0
[ 1462.731075][   T38]  ? __pfx_worker_thread+0x10/0x10
[ 1462.731096][   T38]  ? __pfx_kthread+0x10/0x10
[ 1462.731120][   T38]  ? rt_spin_unlock+0x150/0x200
[ 1462.731151][   T38]  ? rt_spin_unlock+0x161/0x200
[ 1462.731174][   T38]  ? __pfx_kthread+0x10/0x10
[ 1462.731200][   T38]  ret_from_fork+0x510/0xa50
[ 1462.731223][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 1462.731242][   T38]  ? __switch_to+0xc9e/0x1480
[ 1462.731276][   T38]  ? __pfx_kthread+0x10/0x10
[ 1462.731303][   T38]  ret_from_fork_asm+0x1a/0x30
[ 1462.731345][   T38]  </TASK>
[ 1462.731359][   T38] INFO: task syz-executor:18836 blocked for more than 143 seconds.
[ 1462.731374][   T38]       Tainted: G             L      syzkaller #0
[ 1462.731384][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1462.731393][   T38] task:syz-executor    state:D stack:26968 pid:18836 tgid:18836 ppid:1      task_flags:0x400140 flags:0x00080002
[ 1462.731448][   T38] Call Trace:
[ 1462.731455][   T38]  <TASK>
[ 1462.731466][   T38]  __schedule+0x145f/0x5070
[ 1462.731526][   T38]  ? __pfx___schedule+0x10/0x10
[ 1462.731568][   T38]  rt_mutex_schedule+0x77/0xf0
[ 1462.731596][   T38]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 1462.731621][   T38]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[ 1462.731660][   T38]  rt_mutex_slowlock+0x2a8/0x6b0
[ 1462.731689][   T38]  ? rt_mutex_slowlock+0x1c9/0x6b0
[ 1462.731714][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 1462.731747][   T38]  ? inet_rtm_newaddr+0x3b0/0x18b0
[ 1462.731772][   T38]  ? inet_rtm_newaddr+0x3b0/0x18b0
[ 1462.731796][   T38]  ? inet_rtm_newaddr+0x3b0/0x18b0
[ 1462.731814][   T38]  mutex_lock_nested+0x16a/0x1d0
[ 1462.731842][   T38]  inet_rtm_newaddr+0x3b0/0x18b0
[ 1462.731864][   T38]  ? unwind_get_return_address+0x4d/0x90
[ 1462.731891][   T38]  ? arch_stack_walk+0xfc/0x150
[ 1462.731916][   T38]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[ 1462.731951][   T38]  ? __pfx_inet_rtm_newaddr+0x10/0x10
[ 1462.731971][   T38]  rtnetlink_rcv_msg+0x7cf/0xb70
[ 1462.731996][   T38]  ? rtnetlink_rcv_msg+0x1ab/0xb70
[ 1462.732017][   T38]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1462.732038][   T38]  ? __lock_acquire+0x6b6/0x2cf0
[ 1462.732076][   T38]  netlink_rcv_skb+0x208/0x470
[ 1462.732103][   T38]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1462.732125][   T38]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1462.732160][   T38]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1462.732193][   T38]  netlink_unicast+0x846/0xa10
[ 1462.732221][   T38]  ? __pfx_netlink_unicast+0x10/0x10
[ 1462.732242][   T38]  ? __alloc_skb+0x198/0x3a0
[ 1462.732265][   T38]  ? netlink_sendmsg+0x642/0xb30
[ 1462.732288][   T38]  ? skb_put+0x11b/0x210
[ 1462.732311][   T38]  netlink_sendmsg+0x805/0xb30
[ 1462.732343][   T38]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1462.732375][   T38]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1462.732400][   T38]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1462.732427][   T38]  __sock_sendmsg+0x21c/0x270
[ 1462.732458][   T38]  __sys_sendto+0x3c7/0x520
[ 1462.732482][   T38]  ? __pfx___sys_sendto+0x10/0x10
[ 1462.732538][   T38]  ? rcu_is_watching+0x15/0xb0
[ 1462.732562][   T38]  __x64_sys_sendto+0xde/0x100
[ 1462.732586][   T38]  do_syscall_64+0xec/0xf80
[ 1462.732605][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1462.732624][   T38]  ? trace_irq_disable+0x37/0x100
[ 1462.732644][   T38]  ? clear_bhb_loop+0x60/0xb0
[ 1462.732668][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1462.732687][   T38] RIP: 0033:0x7fa6ceae15dc
[ 1462.732704][   T38] RSP: 002b:00007ffe74522cf0 EFLAGS: 00000293 ORIG_RAX: 000000000000002c
[ 1462.732722][   T38] RAX: ffffffffffffffda RBX: 00007fa6cf864620 RCX: 00007fa6ceae15dc
[ 1462.732737][   T38] RDX: 0000000000000028 RSI: 00007fa6cf864670 RDI: 0000000000000003
[ 1462.732750][   T38] RBP: 0000000000000000 R08: 00007ffe74522d44 R09: 000000000000000c
[ 1462.732762][   T38] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000003
[ 1462.732774][   T38] R13: 0000000000000000 R14: 00007fa6cf864670 R15: 0000000000000000
[ 1462.732801][   T38]  </TASK>
[ 1462.732837][   T38] 
[ 1462.732837][   T38] Showing all locks held in the system:
[ 1462.732848][   T38] 3 locks held by kworker/u8:1/13:
[ 1462.732859][   T38]  #0: ffff88813ff69938 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[ 1462.732919][   T38]  #1: ffffc90000127bc0 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[ 1462.732965][   T38]  #2: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0xe/0x60
[ 1462.733017][   T38] 1 lock held by khungtaskd/38:
[ 1462.733027][   T38]  #0: ffffffff8d5ae940 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1462.733129][   T38] 2 locks held by getty/5554:
[ 1462.733140][   T38]  #0: ffff88803473d0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1462.733187][   T38]  #1: ffffc90003e8b2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x44f/0x1460
[ 1462.733240][   T38] 4 locks held by kworker/1:8/5990:
[ 1462.733263][   T38] 2 locks held by kworker/1:4/14775:
[ 1462.733277][   T38] 1 lock held by syz-executor/15119:
[ 1462.733288][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0
[ 1462.733338][   T38] 5 locks held by kworker/u8:30/15630:
[ 1462.733349][   T38]  #0: ffff888019ad4938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[ 1462.733391][   T38]  #1: ffffc90005ae7bc0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[ 1462.733433][   T38]  #2: ffffffff8e898760 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x7b0
[ 1462.733476][   T38]  #3: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: ops_undo_list+0x2a4/0x990
[ 1462.733532][   T38]  #4: ffffffff8d5b43b0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[ 1462.733580][   T38] 3 locks held by kworker/0:12/18057:
[ 1462.733591][   T38]  #0: ffff88813ff55138 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[ 1462.733634][   T38]  #1: ffffc90003ca7bc0 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[ 1462.733677][   T38]  #2: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: switchdev_deferred_process_work+0xe/0x20
[ 1462.733739][   T38] 1 lock held by syz-executor/18535:
[ 1463.022629][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x8ec/0x1c90
[ 1463.022705][   T38] 3 locks held by kworker/u8:36/18576:
[ 1463.022719][   T38]  #0: ffff88814e419938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[ 1463.022780][   T38]  #1: ffffc9000d7d7bc0 ((work_completion)(&(&ifa->dad_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[ 1463.022847][   T38]  #2: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_dad_work+0x119/0x15a0
[ 1463.022912][   T38] 1 lock held by syz.6.4359/18773:
[ 1463.022927][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0
[ 1463.022987][   T38] 1 lock held by syz.4.4380/18816:
[ 1463.023013][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x41/0x1c0
[ 1463.023071][   T38] 1 lock held by syz-executor/18836:
[ 1463.023093][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1463.023149][   T38] 6 locks held by kworker/u9:0/18838:
[ 1463.023163][   T38]  #0: ffff888052828938 ((wq_completion)hci5){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[ 1463.023219][   T38]  #1: ffffc9000d087bc0 ((work_completion)(&hdev->cmd_sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[ 1463.023304][   T38]  #2: ffff888056708f80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_cmd_sync_work+0x1d3/0x400
[ 1463.023373][   T38]  #3: ffff8880567080b0 (&hdev->lock){+.+.}-{4:4}, at: hci_abort_conn_sync+0x242/0xe30
[ 1463.023435][   T38]  #4: ffffffff8ea153b8 (hci_cb_list_lock){+.+.}-{4:4}, at: hci_conn_failed+0x165/0x340
[ 1463.023512][   T38]  #5: ffff88805eb01b58 (&conn->lock#2){+.+.}-{4:4}, at: l2cap_conn_del+0x7b/0x5b0
[ 1463.026197][   T38] 1 lock held by syz-executor/18840:
[ 1463.026212][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1463.026278][   T38] 1 lock held by syz-executor/18843:
[ 1463.026291][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1463.026347][   T38] 1 lock held by syz-executor/18846:
[ 1463.026360][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1463.026415][   T38] 1 lock held by syz-executor/18849:
[ 1463.026429][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1463.026484][   T38] 1 lock held by syz-executor/18858:
[ 1463.026497][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1463.026558][   T38] 1 lock held by syz-executor/18861:
[ 1463.026572][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1463.026646][   T38] 1 lock held by syz-executor/18864:
[ 1463.026661][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1463.026718][   T38] 1 lock held by syz-executor/18867:
[ 1463.026732][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1463.026789][   T38] 1 lock held by syz-executor/18870:
[ 1463.026803][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1463.026860][   T38] 1 lock held by syz-executor/18879:
[ 1463.026874][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1463.026932][   T38] 1 lock held by syz-executor/18883:
[ 1463.026945][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1463.027003][   T38] 1 lock held by syz-executor/18886:
[ 1463.027017][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1463.027074][   T38] 1 lock held by syz-executor/18889:
[ 1463.027088][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1463.027146][   T38] 1 lock held by syz-executor/18893:
[ 1463.027160][   T38]  #0: ffffffff8e8a5878 (rtnl_mutex){+.+.}-{4:4}, at: inet_rtm_newaddr+0x3b0/0x18b0
[ 1463.027282][   T38] 
[ 1463.027289][   T38] =============================================
[ 1463.027289][   T38] 
[ 1463.027315][   T38] NMI backtrace for cpu 0
[ 1463.027349][   T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1463.027379][   T38] Tainted: [L]=SOFTLOCKUP
[ 1463.027387][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1463.027402][   T38] Call Trace:
[ 1463.027411][   T38]  <TASK>
[ 1463.027423][   T38]  dump_stack_lvl+0xe8/0x150
[ 1463.027456][   T38]  nmi_cpu_backtrace+0x274/0x2d0
[ 1463.027487][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1463.027514][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1463.027567][   T38]  sys_info+0x135/0x170
[ 1463.027594][   T38]  watchdog+0xf95/0xfe0
[ 1463.027626][   T38]  ? watchdog+0x20a/0xfe0
[ 1463.027660][   T38]  kthread+0x711/0x8a0
[ 1463.027697][   T38]  ? __pfx_watchdog+0x10/0x10
[ 1463.027723][   T38]  ? __pfx_kthread+0x10/0x10
[ 1463.027753][   T38]  ? rt_spin_unlock+0x150/0x200
[ 1463.027790][   T38]  ? rt_spin_unlock+0x161/0x200
[ 1463.027819][   T38]  ? __pfx_kthread+0x10/0x10
[ 1463.027853][   T38]  ret_from_fork+0x510/0xa50
[ 1463.027881][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 1463.027906][   T38]  ? __switch_to+0xc9e/0x1480
[ 1463.027946][   T38]  ? __pfx_kthread+0x10/0x10
[ 1463.027980][   T38]  ret_from_fork_asm+0x1a/0x30
[ 1463.028032][   T38]  </TASK>
[ 1463.028042][   T38] Sending NMI from CPU 0 to CPUs 1:
[ 1463.028087][    C1] NMI backtrace for cpu 1
[ 1463.028106][    C1] CPU: 1 UID: 0 PID: 6011 Comm: kworker/1:9 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1463.028133][    C1] Tainted: [L]=SOFTLOCKUP
[ 1463.028140][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1463.028153][    C1] Workqueue: wg-crypt-wg0 wg_packet_encrypt_worker
[ 1463.028176][    C1] RIP: 0010:deref_stack_reg+0x194/0x230
[ 1463.028203][    C1] Code: 39 c3 0f 96 c1 4d 39 c6 0f 97 c2 20 c2 20 ca 80 fa 01 75 46 49 8d 40 08 48 39 d8 0f 97 c1 4c 39 f0 0f 96 c0 20 c8 3c 01 75 30 <4c> 89 c7 49 89 f7 e8 11 08 00 00 49 89 c6 48 8b 5c 24 18 48 89 d8
[ 1463.028220][    C1] RSP: 0018:ffffc900056b6360 EFLAGS: 00000202
[ 1463.028236][    C1] RAX: ffffc900056b7201 RBX: ffffc900056b0000 RCX: 0000000000000001
[ 1463.028251][    C1] RDX: ffffc900056b64c8 RSI: dffffc0000000000 RDI: ffffc900056b6488
[ 1463.028266][    C1] RBP: 1ffff92000ad6c91 R08: ffffc900056b7250 R09: 0000000000000000
[ 1463.028281][    C1] R10: ffffc900056b64d8 R11: fffff52000ad6c9d R12: 1ffff92000ad6c92
[ 1463.028295][    C1] R13: 1ffff92000ad6c93 R14: ffffc900056b8000 R15: ffffc900056b6488
[ 1463.028310][    C1] FS:  0000000000000000(0000) GS:ffff888126def000(0000) knlGS:0000000000000000
[ 1463.028326][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1463.028339][    C1] CR2: 00007f96773bae90 CR3: 000000001abc6000 CR4: 00000000003526f0
[ 1463.028357][    C1] DR0: 0000000000800003 DR1: 00000000000001f5 DR2: 0000000000000483
[ 1463.028369][    C1] DR3: 0000000000000007 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1463.028383][    C1] Call Trace:
[ 1463.028390][    C1]  <TASK>
[ 1463.028402][    C1]  unwind_next_frame+0x18cc/0x23d0
[ 1463.028433][    C1]  ? unwind_next_frame+0xa5/0x23d0
[ 1463.028458][    C1]  ? __napi_poll+0xae/0x520
[ 1463.028479][    C1]  ? skb_release_data+0x62d/0x7c0
[ 1463.028502][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1463.028534][    C1]  arch_stack_walk+0x11c/0x150
[ 1463.028562][    C1]  ? net_rx_action+0x64a/0xdb0
[ 1463.028585][    C1]  stack_trace_save+0x9c/0xe0
[ 1463.028608][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1463.028630][    C1]  ? stack_trace_save+0x9c/0xe0
[ 1463.028658][    C1]  ? __lock_acquire+0x6b6/0x2cf0
[ 1463.028685][    C1]  kasan_save_track+0x3e/0x80
[ 1463.028712][    C1]  ? kasan_save_track+0x3e/0x80
[ 1463.028736][    C1]  ? kasan_save_free_info+0x46/0x50
[ 1463.028770][    C1]  ? __kasan_slab_free+0x5c/0x80
[ 1463.028795][    C1]  ? kmem_cache_free+0x18f/0x8d0
[ 1463.028822][    C1]  ? skb_release_data+0x62d/0x7c0
[ 1463.028844][    C1]  ? consume_skb+0x9e/0xf0
[ 1463.028864][    C1]  ? nft_synproxy_eval_v4+0x376/0x560
[ 1463.028884][    C1]  ? nft_synproxy_do_eval+0x345/0x570
[ 1463.028903][    C1]  ? nft_do_chain+0x40c/0x1920
[ 1463.028920][    C1]  ? nft_do_chain_inet+0x25d/0x340
[ 1463.028939][    C1]  ? nf_hook_slow+0xc5/0x220
[ 1463.028963][    C1]  ? NF_HOOK+0x206/0x3a0
[ 1463.028986][    C1]  ? NF_HOOK+0x30c/0x3a0
[ 1463.029008][    C1]  ? __netif_receive_skb+0x143/0x380
[ 1463.029025][    C1]  ? process_backlog+0x315/0x8f0
[ 1463.029043][    C1]  ? __napi_poll+0xae/0x520
[ 1463.029082][    C1]  kasan_save_free_info+0x46/0x50
[ 1463.029103][    C1]  __kasan_slab_free+0x5c/0x80
[ 1463.029130][    C1]  kmem_cache_free+0x18f/0x8d0
[ 1463.029156][    C1]  ? skb_release_data+0x62d/0x7c0
[ 1463.029181][    C1]  skb_release_data+0x62d/0x7c0
[ 1463.029210][    C1]  consume_skb+0x9e/0xf0
[ 1463.029238][    C1]  nft_synproxy_eval_v4+0x376/0x560
[ 1463.029262][    C1]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[ 1463.029285][    C1]  ? nf_ip_checksum+0x13c/0x510
[ 1463.029306][    C1]  nft_synproxy_do_eval+0x345/0x570
[ 1463.029330][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[ 1463.029351][    C1]  ? __schedule+0x1475/0x5070
[ 1463.029387][    C1]  nft_do_chain+0x40c/0x1920
[ 1463.029414][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[ 1463.029454][    C1]  nft_do_chain_inet+0x25d/0x340
[ 1463.029472][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 1463.029497][    C1]  ? NF_HOOK+0x9a/0x3a0
[ 1463.029527][    C1]  ? NF_HOOK+0x9a/0x3a0
[ 1463.029568][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 1463.029589][    C1]  nf_hook_slow+0xc5/0x220
[ 1463.029619][    C1]  NF_HOOK+0x206/0x3a0
[ 1463.029644][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1463.029669][    C1]  ? NF_HOOK+0x9a/0x3a0
[ 1463.029694][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[ 1463.029717][    C1]  ? ip_rcv_finish_core+0xda3/0x1c00
[ 1463.029744][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1463.029771][    C1]  ? skb_dst+0x4f/0xd0
[ 1463.029795][    C1]  ? ip_local_deliver+0x12a/0x1b0
[ 1463.029822][    C1]  NF_HOOK+0x30c/0x3a0
[ 1463.029847][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 1463.029871][    C1]  ? NF_HOOK+0x9a/0x3a0
[ 1463.029895][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[ 1463.029921][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 1463.029952][    C1]  ? __pfx_ip_rcv+0x10/0x10
[ 1463.029975][    C1]  __netif_receive_skb+0x143/0x380
[ 1463.029997][    C1]  ? process_backlog+0x272/0x8f0
[ 1463.030017][    C1]  process_backlog+0x315/0x8f0
[ 1463.030044][    C1]  __napi_poll+0xae/0x520
[ 1463.030063][    C1]  net_rx_action+0x64a/0xdb0
[ 1463.030104][    C1]  ? __pfx_net_rx_action+0x10/0x10
[ 1463.030123][    C1]  ? kvm_sched_clock_read+0x11/0x20
[ 1463.030158][    C1]  ? __pfx_sched_clock_cpu+0x10/0x10
[ 1463.030215][    C1]  handle_softirqs+0x1df/0x650
[ 1463.030245][    C1]  __local_bh_enable_ip+0x171/0x2c0
[ 1463.030270][    C1]  wg_packet_encrypt_worker+0x323/0x16d0
[ 1463.030298][    C1]  ? wg_packet_encrypt_worker+0xd9/0x16d0
[ 1463.030324][    C1]  ? __pfx_wg_packet_encrypt_worker+0x10/0x10
[ 1463.030347][    C1]  ? kvm_sched_clock_read+0x11/0x20
[ 1463.030378][    C1]  ? sched_clock+0x3f/0x60
[ 1463.030408][    C1]  ? finish_task_switch+0x162/0x940
[ 1463.030435][    C1]  ? lock_acquire+0x107/0x340
[ 1463.030467][    C1]  ? finish_task_switch+0x23d/0x940
[ 1463.030495][    C1]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1463.030519][    C1]  ? finish_task_switch+0x23d/0x940
[ 1463.030548][    C1]  ? rcu_is_watching+0x15/0xb0
[ 1463.030568][    C1]  ? trace_sched_exit_tp+0x36/0xf0
[ 1463.030595][    C1]  ? __schedule+0x1475/0x5070
[ 1463.030624][    C1]  ? look_up_lock_class+0x57/0x110
[ 1463.030643][    C1]  ? register_lock_class+0x31/0x2e0
[ 1463.030671][    C1]  ? __lock_acquire+0x6b6/0x2cf0
[ 1463.030703][    C1]  ? __pfx___schedule+0x10/0x10
[ 1463.030732][    C1]  ? do_raw_spin_unlock+0x122/0x240
[ 1463.030757][    C1]  ? process_scheduled_works+0x9ef/0x1770
[ 1463.030779][    C1]  ? process_scheduled_works+0x9ef/0x1770
[ 1463.030802][    C1]  ? preempt_schedule_thunk+0x16/0x30
[ 1463.030823][    C1]  ? process_scheduled_works+0x9ef/0x1770
[ 1463.030843][    C1]  ? process_scheduled_works+0x9ef/0x1770
[ 1463.030865][    C1]  process_scheduled_works+0xad1/0x1770
[ 1463.030902][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1463.030921][    C1]  ? do_raw_spin_lock+0x121/0x290
[ 1463.030952][    C1]  worker_thread+0x8a0/0xda0
[ 1463.030988][    C1]  kthread+0x711/0x8a0
[ 1463.031015][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1463.031037][    C1]  ? __pfx_kthread+0x10/0x10
[ 1463.031062][    C1]  ? rt_spin_unlock+0x150/0x200
[ 1463.031089][    C1]  ? rt_spin_unlock+0x161/0x200
[ 1463.031113][    C1]  ? __pfx_kthread+0x10/0x10
[ 1463.031139][    C1]  ret_from_fork+0x510/0xa50
[ 1463.031161][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1463.031180][    C1]  ? __switch_to+0xc9e/0x1480
[ 1463.031210][    C1]  ? __pfx_kthread+0x10/0x10
[ 1463.031236][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1463.031275][    C1]  </TASK>
[ 1463.032092][   T38] Kernel panic - not syncing: hung_task: blocked tasks
[ 1463.032117][   T38] CPU: 0 UID: 0 PID: 38 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1463.032150][   T38] Tainted: [L]=SOFTLOCKUP
[ 1463.032159][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1463.032173][   T38] Call Trace:
[ 1463.032182][   T38]  <TASK>
[ 1463.032192][   T38]  vpanic+0x1e0/0x670
[ 1463.032231][   T38]  panic+0xb9/0xc0
[ 1463.032270][   T38]  ? __pfx_panic+0x10/0x10
[ 1463.032314][   T38]  ? nmi_trigger_cpumask_backtrace+0x234/0x300
[ 1463.032351][   T38]  watchdog+0xfdf/0xfe0
[ 1463.032383][   T38]  ? watchdog+0x20a/0xfe0
[ 1463.032418][   T38]  kthread+0x711/0x8a0
[ 1463.032455][   T38]  ? __pfx_watchdog+0x10/0x10
[ 1463.032481][   T38]  ? __pfx_kthread+0x10/0x10
[ 1463.032510][   T38]  ? rt_spin_unlock+0x150/0x200
[ 1463.032547][   T38]  ? rt_spin_unlock+0x161/0x200
[ 1463.032576][   T38]  ? __pfx_kthread+0x10/0x10
[ 1463.032611][   T38]  ret_from_fork+0x510/0xa50
[ 1463.032646][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[ 1463.032671][   T38]  ? __switch_to+0xc9e/0x1480
[ 1463.032710][   T38]  ? __pfx_kthread+0x10/0x10
[ 1463.032745][   T38]  ret_from_fork_asm+0x1a/0x30
[ 1463.032796][   T38]  </TASK>
[ 1463.032965][   T38] Kernel Offset: disabled