last executing test programs:

8m10.392505239s ago: executing program 0 (id=342):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="88000000000101040000000020000000020000022400018014000180080001000000000008000200ac1414040c0002800500010000000000240002800c00028005000100000000001400018008000100e000000208000200e0000002080007400000000024000e8014000180080001000000000008000200000000000c000254a6"], 0x88}}, 0x40000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x6)
r3 = getpid()
sched_getaffinity(r3, 0x8, &(0x7f0000000080))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
msgrcv(0x0, 0x0, 0x39, 0x2, 0x3000)
msgsnd(0x0, 0x0, 0x8, 0x0)
r6 = socket$inet6(0xa, 0x80002, 0x0)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$SO_TIMESTAMP(r7, 0x1, 0x40, &(0x7f0000000180)=0x6ffc, 0x4)
getsockopt$SO_TIMESTAMP(r7, 0x1, 0x1d, 0x0, &(0x7f0000000240))
fsetxattr$security_ima(0xffffffffffffffff, 0x0, &(0x7f00000027c0)=@v2={0x3, 0x3, 0x8, 0x3}, 0x9, 0x1)
setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
msgget(0x2, 0x624)
msgget(0x1, 0x240)

8m6.71196243s ago: executing program 0 (id=348):
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
setrlimit(0xd, &(0x7f0000000080)={0x3, 0xf})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)})

8m5.506853383s ago: executing program 0 (id=351):
ioctl$sock_ipv6_tunnel_SIOCGET6RD(0xffffffffffffffff, 0x89f8, &(0x7f0000000040)={'tunl0\x00', &(0x7f0000000600)={'syztnl1\x00', <r0=>0x0, 0x20, 0x80, 0x6, 0x1c, {{0x26, 0x4, 0x0, 0x5, 0x98, 0x67, 0x0, 0x1, 0x2f, 0x0, @empty, @multicast1, {[@rr={0x7, 0x27, 0x14, [@multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, @initdev={0xac, 0x1e, 0x1, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}]}, @timestamp_prespec={0x44, 0x1c, 0xc0, 0x3, 0xb, [{@remote, 0x7}, {@multicast2, 0xc36}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x8}]}, @ssrr={0x89, 0x3, 0xf4}, @ssrr={0x89, 0x1b, 0xd6, [@rand_addr=0x64010102, @local, @rand_addr=0x64010100, @multicast2, @private=0xa010102, @empty]}, @timestamp={0x44, 0x20, 0x23, 0x0, 0x4, [0x9, 0xb0, 0x2, 0x3, 0x10, 0x1, 0x800]}, @noop]}}}}})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socket$inet_udp(0x2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r3, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r3, 0x84, 0x6f, &(0x7f0000000200)={<r4=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r3, 0x84, 0x7a, &(0x7f0000000340)={r4, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r6=>0x0]}, &(0x7f0000000040)=0x8)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r5, 0x84, 0x76, &(0x7f0000000100)={r6, 0x3ff}, &(0x7f0000000140)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f00000003c0)={r6, @in={{0x2, 0x4e23, @rand_addr=0x64010102}}, 0x8, 0x4, 0x401, 0x1ff, 0xb0, 0x81, 0x7b}, 0x9c)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000140)={0x1000, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27", <r9=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f00000000c0)={"3c24139ed44aec57f2e2ad238a7b448ed886923c31d4b8affbf514fd00", r9})
unlinkat(0xffffffffffffff9c, 0x0, 0x0)

8m2.788921723s ago: executing program 0 (id=354):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PIO_SCRNMAP(0xffffffffffffffff, 0x4b41, &(0x7f0000000300)="3270984bcc3df4dc64477a5196f4e71b4dad7e8d0dd85469f9c6d8fb1ca2587b358b88334e09cc29a2690883050797dea98c4f3c00c25b38e7ee4a97df04c2")
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x0, 0x40010140, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000240)='./cgroup\x00', &(0x7f0000000040)='btrfs\x00', 0x0, &(0x7f00000001c0)='discard')
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, &(0x7f00000000c0)="0fc7290f20c06635040000000f22c066b9800000c00f326635001000000f300f0966f2650f30b81e008ed00f06ba2000b80000ef0fc7370f01c2", 0x3a}], 0x1, 0x43, 0x0, 0x0)
sendmsg$NL80211_CMD_STOP_NAN(0xffffffffffffffff, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={&(0x7f0000000440)=ANY=[@ANYBLOB="3d000000363eae319f8a6929fc838b9c8bbb528e522c9270cf597c7c4ecad8303296a60309acafe04c175583135be30e2d1362034bd78b6dfd3fb51426a65326595269e7f89ded1c82c47818f09a43b9f292ec2af429686244dfaf701c969c433a9ff3374d9db22b876ba1b89f918e31108d985cd65b01ff56c1c94146ca6c36b00d2fe23118ed71938bcd89023eeb7a215262c43745aee2a4d47304", @ANYRES16, @ANYBLOB="51fe2abd7000ffdbdf04e93a93d136e5c400", @ANYRES32, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x24000011}, 0x20008000)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x60, 0x1, 0xc, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x82, 0x9, 0x0, 0x0, 0x2, 0xfffffff8, 0x0, 0x3, 0xff, 0x48, '\x00', 0x0, 0x2})

8m0.980715709s ago: executing program 0 (id=359):
getpgrp(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="88000000000101040000000020000000020000022400018014000180080001000000000008000200ac1414040c0002800500010000000000240002800c00028005000100000000001400018008000100e000000208000200e0000002080007400000000024000e8014000180080001000000000008000200000000000c000254a6"], 0x88}}, 0x40000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x6)
r2 = getpid()
sched_getaffinity(r2, 0x8, &(0x7f0000000080))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
msgrcv(0x0, 0x0, 0x39, 0x2, 0x3000)
msgsnd(0x0, 0x0, 0x8, 0x0)
r5 = socket$inet6(0xa, 0x80002, 0x0)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$SO_TIMESTAMP(r6, 0x1, 0x40, &(0x7f0000000180)=0x6ffc, 0x4)
getsockopt$SO_TIMESTAMP(r6, 0x1, 0x1d, 0x0, &(0x7f0000000240))
fsetxattr$security_ima(0xffffffffffffffff, 0x0, &(0x7f00000027c0)=@v2={0x3, 0x3, 0x8, 0x3}, 0x9, 0x1)
setsockopt$inet6_mreq(r5, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
msgget(0x2, 0x624)
msgget(0x1, 0x240)

7m59.836195098s ago: executing program 0 (id=360):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_msfilter(r1, 0x0, 0x29, 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[0x0, 0x0], 0x2, 0x0, 0x0, <r3=>0xffffffffffffffff})
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, 0x0)
recvmsg$qrtr(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f00000015c0)=[{&(0x7f00000000c0)=""/66, 0x42}, {&(0x7f0000000280)=""/67, 0x43}, {&(0x7f0000000340)=""/237, 0xed}, {&(0x7f0000000440)=""/212, 0xd4}, {&(0x7f0000000540)=""/4096, 0x1000}, {&(0x7f0000001540)=""/110, 0x6e}], 0x6, &(0x7f0000002cc0)=[{0xd8, 0x0, 0x0, ""/200}, {0x1010, 0x0, 0x0, ""/4096}, {0x50, 0x0, 0x0, ""/58}, {0x18, 0x0, 0x0, ""/7}, {0x18, 0x0, 0x0, ""/4}, {0xd8, 0x0, 0x0, ""/196}, {0x110, 0x0, 0x0, ""/254}, {0x98, 0x0, 0x0, ""/133}, {0x48, 0x0, 0x0, ""/53}], 0x1430, 0x2001}, 0x38, 0x40000041)
r4 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r6, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r4, &(0x7f0000000000)={0xa0000001})
ppoll(&(0x7f0000000200)=[{r7, 0x1}], 0x1, 0x0, 0x0, 0x3)
epoll_wait(r7, 0x0, 0x0, 0xffffffff)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x8, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r8}}]}, &(0x7f0000000080)='GPL\x00', 0x9, 0xffb, &(0x7f0000001cc0)=""/4091, 0x41100, 0x5}, 0x94)

7m43.994065298s ago: executing program 32 (id=360):
r0 = socket$qrtr(0x2a, 0x2, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_msfilter(r1, 0x0, 0x29, 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r2, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[0x0, 0x0], 0x2, 0x0, 0x0, <r3=>0xffffffffffffffff})
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, 0xffffffffffffffff, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, 0x0)
recvmsg$qrtr(r0, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f00000015c0)=[{&(0x7f00000000c0)=""/66, 0x42}, {&(0x7f0000000280)=""/67, 0x43}, {&(0x7f0000000340)=""/237, 0xed}, {&(0x7f0000000440)=""/212, 0xd4}, {&(0x7f0000000540)=""/4096, 0x1000}, {&(0x7f0000001540)=""/110, 0x6e}], 0x6, &(0x7f0000002cc0)=[{0xd8, 0x0, 0x0, ""/200}, {0x1010, 0x0, 0x0, ""/4096}, {0x50, 0x0, 0x0, ""/58}, {0x18, 0x0, 0x0, ""/7}, {0x18, 0x0, 0x0, ""/4}, {0xd8, 0x0, 0x0, ""/196}, {0x110, 0x0, 0x0, ""/254}, {0x98, 0x0, 0x0, ""/133}, {0x48, 0x0, 0x0, ""/53}], 0x1430, 0x2001}, 0x38, 0x40000041)
r4 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r6, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r4, &(0x7f0000000000)={0xa0000001})
ppoll(&(0x7f0000000200)=[{r7, 0x1}], 0x1, 0x0, 0x0, 0x3)
epoll_wait(r7, 0x0, 0x0, 0xffffffff)
r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x11, 0x8, &(0x7f0000000300)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r8}}]}, &(0x7f0000000080)='GPL\x00', 0x9, 0xffb, &(0x7f0000001cc0)=""/4091, 0x41100, 0x5}, 0x94)

5m52.126796334s ago: executing program 3 (id=561):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd630080fc00082c00db5b6861589b"], 0xfdef)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x5, 0x47, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000500)={'gre0\x00', &(0x7f0000000280)={'tunl0\x00', 0x0, 0x710, 0x1100, 0x1, 0x0, {{0x5, 0x4, 0x0, 0x1, 0x14, 0x0, 0x0, 0x5, 0x2f, 0x0, @empty, @private}}}})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x6f}, 0x94) (async)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907001175f37538e486dd630080fc00082c00db5b6861589b"], 0xfdef) (async)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90) (async)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x5, 0x47, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) (async)
socket(0x10, 0x3, 0x0) (async)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000500)={'gre0\x00', &(0x7f0000000280)={'tunl0\x00', 0x0, 0x710, 0x1100, 0x1, 0x0, {{0x5, 0x4, 0x0, 0x1, 0x14, 0x0, 0x0, 0x5, 0x2f, 0x0, @empty, @private}}}}) (async)

5m51.327985172s ago: executing program 3 (id=562):
r0 = socket$key(0xf, 0x3, 0x2)
r1 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8}, &(0x7f0000010080), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000000c0)=[{0x0}, {0x0}], 0x2)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r1, 0x10, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000540)=[{0x0, 0x11}, {&(0x7f0000000340), 0xa002a0}], &(0x7f00000005c0), 0x2}, 0x20)
sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x3, &(0x7f00000000c0)={&(0x7f0000000340)={0x2, 0x5, 0x0, 0x2, 0xe, 0x0, 0x0, 0x7, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0xe, @in6={0xa, 0x4e24, 0xfffffffd, @private1, 0x8598}}, @sadb_sa={0x2, 0x1, 0x4d4, 0x0, 0x81}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x4e22, 0xfffff800, @private1={0xfc, 0x1, '\x00', 0x1}, 0x6}}]}, 0x70}, 0x1, 0x400000000000000}, 0x0)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
socket$key(0xf, 0x3, 0x2)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="180100000000292214261c21fe1031fdbf33f5325dc200000000000000000000850000006d0000009520efefc8a9c209c49deae4ab71ede3b3d52b79cf9924f7bf1fa12170dbb2cd47f5a372272d8ebf8f1d13fb342abd6680249074db1209fb452534abede5f27f8f763920b761236adae265fdd1764e8a18a2df66b1a6260f161fb00caff187619c05fb1298c4c824e5a383c8d6"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$int_in(r7, 0x5452, &(0x7f00000001c0)=0x1)
pipe(0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, &(0x7f0000000100)={0x0})
connect$unix(r6, 0x0, 0x0)
r8 = syz_open_dev$radio(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r8, 0xc0205647, &(0x7f0000000200)={0xf020000, 0x1, 0x800, 0xffffffffffffffff, 0x0, 0x0})
setsockopt$WPAN_WANTLQI(r2, 0x0, 0x3, &(0x7f0000000000)=0x1, 0x4)
r9 = syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
syz_usb_ep_write$ath9k_ep2(r9, 0x83, 0x8, &(0x7f0000000980)=ANY=[@ANYBLOB="bcea"])
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)={0x14, 0x14, 0x1, 0x800000, 0x0, "", [@nested={0x4}]}, 0x14}], 0x1}, 0x0)

5m45.823424501s ago: executing program 3 (id=572):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000002480)={&(0x7f0000000000)={0x2, 0x0, @local}, 0x41, 0x0, 0x11}, 0x0)
r0 = socket$kcm(0x2, 0x5, 0x84)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000003c0)=[{}, {0x10000002}]}, 0x94)
r1 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
socket$inet6(0xa, 0x1, 0x0)
close(r3)
close(r1)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r4=>0xffffffffffffffff]}}], 0x18}, 0x0)
ioctl$F2FS_IOC_PRECACHE_EXTENTS(r2, 0xf50f, 0x0)
socket$kcm(0xa, 0x5, 0x0)
setsockopt$sock_attach_bpf(r1, 0x84, 0x64, &(0x7f0000000000)=r4, 0x10)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r5, 0x40045431, &(0x7f0000000100)={0x0, 0x5, 0xffdffff8, 0xffffffff, 0x5, "ff000000000000000000000000000200"})
r6 = syz_open_pts(r5, 0x0)
ioctl$TCXONC(r6, 0x540a, 0x0)
close(0xffffffffffffffff)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[@rights={{0x14, 0x1, 0x1, [<r7=>0xffffffffffffffff]}}], 0x49}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x18, 0x42, 0x107, 0x0, 0x0, {0x4, 0x7c}, [@nested={0x4, 0xfc}]}, 0x18}, 0x1, 0x0, 0x0, 0xc000}, 0x4040)
setsockopt$sock_attach_bpf(r0, 0x84, 0x64, &(0x7f0000000000)=r7, 0x10)

5m44.851990682s ago: executing program 3 (id=578):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = socket$nl_audit(0x10, 0x3, 0x9)
sendmsg$AUDIT_MAKE_EQUIV(r0, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000240)={0x20, 0x3f7, 0x300, 0x70bd27, 0x25dfdbfc, {0x1, 0x7, '.', './file1'}}, 0x20}, 0x1, 0x0, 0x0, 0xc080}, 0x24008015)
setreuid(0x0, 0xee00)
r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
move_pages(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
prctl$PR_SET_MM(0x23, 0x5, &(0x7f0000351000/0x2000)=nil)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00')
preadv(r3, &(0x7f00000000c0)=[{&(0x7f0000000640)=""/4112, 0x1010}], 0x1, 0x4000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x4)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000)='gadgetfs\x00', 0xc94, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mmap$binder(&(0x7f0000350000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x2)
ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x40049366, 0x0)

5m44.503220455s ago: executing program 3 (id=580):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x88}}, 0x40000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x6)
r3 = getpid()
sched_getaffinity(r3, 0x8, &(0x7f0000000080))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
msgrcv(0x0, 0x0, 0x39, 0x2, 0x3000)
msgsnd(0x0, 0x0, 0x8, 0x0)
r6 = socket$inet6(0xa, 0x80002, 0x0)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$SO_TIMESTAMP(r7, 0x1, 0x40, &(0x7f0000000180)=0x6ffc, 0x4)
getsockopt$SO_TIMESTAMP(r7, 0x1, 0x1d, 0x0, &(0x7f0000000240))
fsetxattr$security_ima(0xffffffffffffffff, 0x0, &(0x7f00000027c0)=@v2={0x3, 0x3, 0x8, 0x3}, 0x9, 0x1)
setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
msgget(0x2, 0x624)
msgget(0x1, 0x240)

5m42.324609803s ago: executing program 3 (id=582):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)
sendmsg$802154_dgram(r0, &(0x7f00000004c0)={&(0x7f0000000040)={0x24, @long={0x3, 0xfd179bf0ab0119c0}}, 0x14, &(0x7f0000000480)={0x0}, 0x1, 0x0, 0x0, 0x20000080}, 0x8000)

5m40.30559724s ago: executing program 33 (id=582):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
bind$802154_dgram(r0, &(0x7f0000000000)={0x24, @long={0x3, 0x0, {0xaaaaaaaaaaaa0102}}}, 0x14)
sendmsg$802154_dgram(r0, &(0x7f00000004c0)={&(0x7f0000000040)={0x24, @long={0x3, 0xfd179bf0ab0119c0}}, 0x14, &(0x7f0000000480)={0x0}, 0x1, 0x0, 0x0, 0x20000080}, 0x8000)

16.264446536s ago: executing program 2 (id=1297):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0xfffffffe}, 0x50)
pipe2(&(0x7f0000001440)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
splice(r3, 0x0, r2, 0x0, 0x6, 0x0)
fcntl$setpipe(r2, 0x407, 0xb)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000f00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r4}, 0x10)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000200)=@generic={&(0x7f0000000180)='./file0\x00', 0x0, 0x8}, 0x18)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)

14.94034522s ago: executing program 1 (id=1307):
r0 = syz_usb_connect$lan78xx(0x3, 0x3f, &(0x7f0000000280)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x424, 0x7850, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000000)={0x34, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000940)={0x34, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000003f00)={0x84, &(0x7f0000003b00)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000880)={0x34, &(0x7f00000000c0)=ANY=[@ANYBLOB="858ef8f20bb5a631b4c4cd5da14720fba632699c4a6d43ec697f3abc02c7c8bcf9026963c3bda648342b46d347792a54b401282b4ec37d17d0d2bdeff0e55cf0ad236a24bb", @ANYRES64=r0, @ANYRES8=r0], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, &(0x7f0000000e80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000b80)={0x84, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
unshare(0x400)
r1 = socket$rxrpc(0x21, 0x2, 0xa)
poll(&(0x7f0000000600)=[{r1, 0x2}], 0x1, 0x7f)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
r2 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x9f, 0x18, 0x76, 0x20, 0x17ef, 0x7203, 0x2e36, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xbc, 0x0, 0x2, 0x9e, 0x88, 0x33, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x20, 0x0, 0x0, 0x3}}]}}]}}]}}, 0x0)
syz_usb_control_io$rtl8150(r2, 0x0, 0x0)
syz_usb_control_io$rtl8150(r2, 0x0, &(0x7f00000029c0)={0x2c, &(0x7f0000000080)={0x20, 0x3, 0x2, '~K'}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r2, 0x0, &(0x7f0000002640)={0x44, &(0x7f0000000000)=ANY=[@ANYBLOB="200e02"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r2, 0x0, &(0x7f0000000a80)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)={0x40, 0xb, 0x2, "31fb"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$rtl8150(r2, 0x0, &(0x7f00000027c0)={0x2c, &(0x7f0000002600)=ANY=[@ANYBLOB="201814"], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r2, 0x0, &(0x7f0000000780)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x40, 0x9, 0x1, 0x34}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r2, 0x0, 0x0)
syz_usb_control_io$uac1(r2, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r2, &(0x7f0000000140)={0x14, &(0x7f0000000040)={0x40, 0xf, 0x8, {0x8, 0x5, "ed22ad8e2977"}}, &(0x7f0000000080)={0x0, 0x3, 0x1a, {0x1a}}}, &(0x7f0000000540)={0x44, &(0x7f00000002c0)={0x20, 0x11, 0xc9, "5209d88b5bcf32cd6660c21092e6b9aa748f9b39d9c9a286f159656060d45cf4fb5077ed6f76998565fe7b37c08d37019eddebbcce2ce212525c76a5509e4c78d7e110c6c8e856f8aee47096706bd252f140a3cb4585a6d587141576368381313921afa1ee6003e618d020e74f24e94fdfee375ad9e56c7cee53ca71bf7636f21b2846eba72dc2f361762f2a1289050dd4013bfd6ef9ed0b081d7f7abd86106c29e0912373ec90f3eafdc450bb202e67df108a49dbf025226434d429b8a5bbb7cbd072892954a15484"}, &(0x7f0000000240)={0x0, 0xa, 0x1, 0x9}, &(0x7f00000003c0)={0x0, 0x8, 0x1, 0x6}, &(0x7f0000000400)={0x20, 0x80, 0x1c, {0xa, 0x9, 0xffffff01, 0x4, 0xaf0, 0x720, 0x7, 0x1d9e, 0x6, 0x4, 0x18, 0x3}}, &(0x7f0000000440)={0x20, 0x85, 0x4, 0x85}, &(0x7f0000000480)={0x20, 0x83, 0x2, 0x1}, &(0x7f00000004c0)={0x20, 0x87, 0x2, 0x3}, &(0x7f0000000500)={0x20, 0x89, 0x2}})

12.911733956s ago: executing program 2 (id=1320):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0x5, &(0x7f0000000040)=0x29)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x20080000, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs$namespace(0x0, &(0x7f0000001380)='ns/cgroup\x00')

10.984570617s ago: executing program 1 (id=1323):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
syz_io_uring_setup(0xefe, &(0x7f0000000140)={0x0, 0xcc19, 0x10806}, &(0x7f0000000000), &(0x7f0000000380))
unshare(0x24020400)
pselect6(0x40, &(0x7f0000000100), 0x0, &(0x7f0000000240)={0x1f, 0xfffffffffffffffe, 0xe, 0x0, 0x7, 0x4, 0x0, 0xfffffffffffffffc}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0) (fail_nth: 6)

9.475314844s ago: executing program 2 (id=1326):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000dfff75390000000000000000850000007d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r0}, 0x10)
r1 = syz_io_uring_setup(0x3b85, &(0x7f00000001c0)={0x0, 0xad84, 0x1, 0x22, 0x339}, &(0x7f0000000180), &(0x7f0000000000))
io_uring_register$IORING_REGISTER_PBUF_RING(r1, 0x16, &(0x7f0000000140)={&(0x7f0000003000)={[{&(0x7f0000000600)="b79c51e6f50685c996b8fabb794da6db5aa1f7655bce57bbb2c188cc8126158e4229ff3de9c3f9e46fcfa84145e6e9fa083029f30ee461b046953929a51c7f86f37f92684fd797bb16a7e7222dbf07d6812e26a2b284983ad0ca18e72a42afc3025d2d45f80b4f185d1f4995296c1752b36856f653197f58c0dc67a6c3d39d462c66e4cf28aae82d61f71fda79362e4f2595579dff138f39857f06df7c98f0629e308ca6a6a184b72a9b60f9dd4d65801580e084962e55f8dd58cd34186e4957df84c84ff1562e9a7bb0e11690fd28def9273605b1dbc3abace6b5d3a70215a36f7fcab1b47b9f29a10549916cc5fcdec804e7381e869f69cbd74b427bf73048714fdcf82f404bce0728fa3ea542afccce34627bc37c2dcf2cc3510db0563f22db02b06dd4a8ec24b5de4dde25d5c4d4e01f08ef2adec0c766c730d975ce44370f2ea3b87cf7cfbcccfb89525277c2c7d1fc12d7d9fc67d236d83070def6abaa1b3cb09870f8a14ec7e26029fde5dbf9fadc3aeddcb4e93b7261238a812444233d1ce2b5dd3182de1c18944d16ad196e4d65934aaa96f22a2bb80e58e21aeee54b6d0bc82b3785d17ca9bc3ba137201f92a716ddf34aa0733b72ac0f7ef9eaf5f887d0c736ee4376fd14bcadc46946e253e20c6db38f637a534e7151e668f40ad0c4c9d7296a9b33b37c6cb30b0e2d87d70cf5470a01734ac7b52d7f4c219b23d4d96500d7564727c11ecd2171d3583068df03543d00a89512a15bee2091ee41b0f2226c2d891857923720695d4619d063d1fdb9277122991807b8ff4b40a5d50469237aa5d413a6ad68f30a17b18f8500ddb9b545726f44d46801d578d57b7a6423e208de5ec5fd8b3194a9bd84d2064b13a20c66c8b4540f4faee15012741e23f91a24b1d698580a1aa268706b1f4d546610f1993fe2c97456413a6a96340ceee0cde321425208d212db3b18e9f16f14720fbe4dc471559b9491e77e50fa237dbfec0ee94362fd938407d67c954b9d5d4f7e23e0b546045265bb7f8162b0734938b134189bbdc5717228ea8814b819a02861c9eab9a420b3b95be84bfc70cbb863b39ce88fb89ee627af0bcdb2a2b1a4b45dfc2e2d4e247f8e52e590ba2a37b4312ef5ab6b9b2345f3b8eceb4870e768e7f8d448f034c43d480ac76c72ea884f2d83b234c69bc49f629825c4481e6ed9eba14200453ddf7ef9aa6f0148fa01d4ddd6e9f59140766ccea7a71727a149afc69fa6840c2df2c1dc3f4400fda7ad08fc8076b452ec69325c2dd4b615e6553d2ce84502719eff203bf41837b4a32e7cf71e8de869fbafc4fda894b12d5d060900b8a7df891489e00383b932c3940dacc50a80b6ee123837fbbe8ecd5a4af4ffb8adc9c3d27ed45fb60e88fac0b988ba40045c556394631ce7b3d22d9bd1fdd8dd825ccb0ac6e87d7fcb0b0577fa0387abf08c016f8b20ca70f5fc1f6c1b0372ce41a7e68803f41092372d04b7a79b39747c93eb71a34c393b3c174fd69c7e19c09fe1840fe5ef72b7459e54df5341ac32bf213fe324e840a9fc16d599f9c29545748db4a8116279cde1e547606bf2483feb7898476cfefd4b1a1b425a7862e1d83113ea9e265218c8bcc7390669523bd233cd309d63c029e1459c8b19cd0a7f06b5a8e8d7eb0570eb5c79145ceaeabe61a68e1916174b6713460bc9c63aa30c36ad640057adcf17c6d320692ca7c22aec089606a5879fbb74ad403e04cadf204fd170486a432288e6dd0ea041786dee1add5e9f5c2b89ef021f7ff4190d0eefca319e9b372c08b95e211d6862a8bfdea6c0a49e1d1298fa58bbe3f5f6e70f75966a3d5172c526b45b57734d1a8f99c25fdd2aeb488696791768b3c3505505eab7985c493176f5b1f5bbbe7aff49e5b6cbf5b77d41d456619aa1cdb30cf9f3690dfca9dbe304d7a29c9148124665b12549e15d1c6c46f88929d8af97e91110a7a63c1aa5e66cec8d5030aad56c912d940fcedc7e86c16c46d0b4a70faaedd13933a67bbe6461a00934a8b20f76a11d3802b8ea6f839b8b67081120c133cbc3d65fa3a7d356f5954512834754c3c80e80e21fa3f541ce1a9ebe6deb480a765689c9928da23497487cfab9ad3de5b2d3dba1c586c335d3757eb5ba93238696b699d75fe0cf3e5b4cc5e31a5633974889050e581a0897e7f10661f2d24bc668b1c0974ea02db3a7f39c7e12eea7890393d48017212c63abfd2272e924cd980f8f517028a1fc691de54d88a063747dd90f46ef13eebfde9593dd65c7e95a4bfd22c33827c0c2432a52d62da6a644ae10809f5a9afd196603ce479799b1b42e49d88066f0c8e61f61578bc157dd673f854a85233a278c4932a628ca68808172eaabee33f152eb647533248b6f098762eb9a04f855e65fe24ca149064a7e4b08383662ad8f6c9380e6155849ed58802d261403c2d83bef4055f3e05f2dc5a2cd26a9e7b2f609411c93e6e25b86a7f1b15db228bc97c32a06f5c12ac29745c60bef31d99149ae5daf3b4360db2ecff00d715418406678f6e78ac3600befe31d6e3a55bfb3725872b567ffb7d9825cfff288929dc92d5445b453626749be50f3726823e3a6f05f8b6f8533e3ff8189654606fea92ecec8fd28f30de76c07957d818bc9da778eae25ece64ef1fe832f4b020bdcc983ddc6ded4dc25ab92119b9d2bbd86170998eb70de8db8299f0be7cc43c70c375e90db116cb6da6ff4751b2ebc446f011d808459023fe49be489e280cb58a176e4eb6e94c0bbd7cec5592316805555a800a231ca63baef3edb4e5dc5b0ba5d80440aacd9d978703f31f88542913dceba40dc7d225c2ce243110a033134fbbab9b68f758f0388dab797039551df8396e5cf3755278ca6fff5d274a6bb68292834917bb932f93aa24c72fbf002bcd147b4bbe739cfec7ccfd5e35244a7e57dbb38df56679941d006be25c4ca667648115c3056d088ddfccf5c21f6fc36a54544c5a82cb3955fe504e99e93a50ffbfda0d5090f9e065974b8f102c33b2cc60b91d7329296450dddedb0e4d1cef6b4b3cc7317230a7985c778a3bd80b924a0bf92062e2ac54f1bdcaf2b12c3d97fdbd2197c60ff8d452e5204631057e99808cb8a5f140b4062ee951c4963cde32e7eed1bd99ea4adb1be129104746c9ed12700f4b042fdbc97ce310186d78c028b0f893ac4700cf0cc3a310331960f60c4c8dcc2f1f56769c7540254adab928b751cdfe9eeaa087bd90437ac6526a18af83d79878f3bb59737742ef0053f51c0aef49f8bd5c4fe0e3a180f93ec3acb7c1d28d0d50a8cf7d77924df5d2e03a8f511cd8f646e2ee898832d28b26144ccb67cc42871cef3f381d77e9e2692f367bd0826d71fd50e578a62d0a346df176d84b3805015e03b810686901dd4c3e1e6e0a9671ccb44498a044cad0c95c63240d1c07f475195a16b68becde82fc1610e732b8dc4a338f78eb635d44fbfafad9b281f85d97c484b28fcb5393c3a716aa5d56b24d1a602edc3312c493c871bcc9319e53a5ab69eb66483828de4be2416100aca8fad17fe482e6e9b25865aa091be5946521cc198544c1d5d8315a0f7a6b13e1c0937dde07279c16b06389e38368d1256cebd56cdd9199d3b94db0672bf4ab80a4d922188326d80faf1636ccc539c177169521fd0df70d7e8b3884ec4e4bf0e0e5af68b15e70a1933a607226e3907d9290c88481bfda4789c0c07df4a65d91e95ff5a0e4006491b0e7e7d93f906992225314e0bb150c889849d73f0b8db07704085c804d1c87551f20260f3b716258dc6262354aa9bb124451cb3caba8bfda7470990a482ec72f445bb9c4451b85e441971d1894b64ab23161ad9385e4252aa241c25af8557ea2f5629f22d3c34a6d19c77b5a8d89483093f0a36ed6bec9a89ce9906cdcdc2c1de094a06877ba5cf34aa8a22b445290d7d8a77d4b26c646a3d34186c992198e2924caf8778b04f904946e89497f2ecb2dcaf012382010619bc9144e997f57287ca5c4e26e07bdf5d1cdf0b42436486ee044e2bf3ea4358562826faa41690dcd03d1119b6b9e5d34584d6ea1de8807d50d16e36fab5ce00c47df608f677f323787e7dd4b96d06ecefd15b0f87ea4af69d80903c6e82d34bc64817c5bd23cfaf5f02a193305f2a83572599105ad391c89fef75d25f8ff65f0c365b568b9183933435516dcf140e8741796b6f7b5e98756e4973e4e22e38b876666bf090a698a3ef0ef4ba60b850cbc6062b753206eb075d70c073feb60e22155038b842faf26399d0b64b9ffd1fabbd5b0815eb9c6e392b80abf179c8e98918fac26f2d5aacd3df4252d9378460078d8ac30e95b4e4499597cc88e9f9e35525fb6e188e9684b61edf25ec883e4e941ffff6ebfa884e59f60958400c4af68be927ab8d22408b93f4892ad585947c02b19c7b42bb3d6bddf92dc027b9ae609612618d0ec8fe5bf93fbcd8a7d433eb5c131b4bb35fc3510cc1b41259da2c2c50a4fa1fee300f1cb7769772f4a83ad6706237b269e48d03408647b529e2f444ea916580909b70ba9be2d3957df5cec8fe393543e49ea68f270cd042594d1a79e8a6d779c57ebb64e1917cc7f077dc35d2db9c98b9fb41f7602c73ab67aa1993583b078bf47a03ce605850732066b5cd34b0dc775b0ced96a387deed69165a891c52056499b96d88e12e713b4836cb8147ce326b93f879bf57f7f65d2b1295c6b2b2b1a7e9bd1a0bcf79ebc1beb5262e8a27c17223c0672b08bf5dea5cd9f42be91ded99fcb9c84a0f3800545ec788efc5c094b1cd42686999107e01ff87f2f8e740e6b5e7dbdcd54d7045dd489f6afef0e0584a21a5baea0ed5efbefb29d6390518a45f354b5436d8d61d03393a560c8a6c8305613195950bbcc5c266deec932d98893256807569d47d98606ce3c7c8896e684f9d781bee0b6c50099032c3cf8d7b303e395b91ca08a589a4fbc6530669b902e600b0c8b2016221b836734a27fc1bf26155ddcbf05662cd07dbc6d49dea7dd417e5c70bcb6e4fce22d3af5d15d96a0b3203ed8f80cad9d84cbc7e24e2cb96bd75e0f852e2f62aa1551e776f83f7ae3922fb3a901cae65ebb0bee363608db8de27d9efa8216940395fbf75c44843da5f79b51eb3cbc4d975a8895af99fe845260384982802758fe4f2ce27b01108c08203de28ee3b49dc63573883e7fa857103f44a9cc0266ae53ccec74183c024eb4e70d9b82a7008edfbdc473a786a59050e905abd99ae2de22f5e108430e1f6b1181128a2bd288995e69a48fa5bee45ca13cced94eb5263013ebf1a1b435ddaebfc76179bd4152dc745f8dec31e1fe2a9c7e39dfdac9e8cbcb8e37f28f3a3aa64d9f1170fcd7f2999d41561714aba8a33cd5c46e3e00c769e17f7e9d00abe2f50fe64b35682a6ae41e54b17a1785b4f0eaeefd1a97cb78c9b1b3299d6f70d88a20f83f39b5c337373f192ccfaac415f9346f31e3c32f0482110525ad777bb9c9443d3a1dcbe0879b9b35ac67542f8f82051bb86a2b55652a3c6dfbee4e316f2eeaabfbcf1210930e6cb2c2899a8f8e03a2b16fc57e745333f398e6acd4a9aac3718edb165a890a056a6fb83ed6f0de7e55e723141e3323065d757b63b656288469e0b492308a9e72d368e269874f6a28a63e653900b57390796e5213bf3422f2c80fba8ca6939c2a9df875f8519333e33351d1bd286e2eb1c854121b4fd23378708fc2ff2348574aac0f11dd5347d102e693a23aca4d83bee5b3af44e047753146524ddbb4db58a0ffe83dab199932c979f9bddcf44", 0x1000, 0x2}, {&(0x7f00000003c0)="4b6274845d164017f8ecdc61c78b880f33bb4e5e95952c28051722a85d52f59cd0ea2d88531628ec192e75623970ac299aada82c5847db860a238b1b63045254a81622802f2bef825de3c6aeacaf638ab70fd41833d23ce9a3981d9fa6195d27518d7496aa1feff772cd2dd7538b5ff2dd5a8611d0d9b566704835b3e8465f1391e40ca80ba60e61b2afda4ea7ae4923a471267e38cb1f04b5d6aa7db6258e420e41cc54339c5fce68093579b33220ca9769f1d41efe77a6c9e2453d1f8ca40fd645438ed0e6f8cc7b9a1e5629461763bac8a16168a408d0764eb72a2e283f92dde0d42e6d2188", 0xe7, 0x3}, {&(0x7f0000000040)="b8c80db1b6c8ce199e1d0f747f280db737b2e4715558f729399cfa54af9e63ebe5f700004115fabf3feb9087c5a07c9f1f013a78f76aab8d9950d2acdc2bae3b7fb1f6a4266a0e12bd23eda5b238d55f7f1d53", 0x53}, {&(0x7f0000001600)="2a11f323fe24cdaf1b4b5d885954f04f51bc3356251442488b256408e450da7c33ed0d7b64837dbdb8bb714acfe989ca6c975e00ce9b6300ca83347bdcb2412ed33902e6b5463b5f4bd285cd4695c6cc3c516e0614c57a576504f7489e5ecf8ab7e23c8a9af687ff946d2bca9bb2a4e2b1cc20d2303ff9912ac5fafb9339f02c237dffd550ba7873f4a83eae08e0fda79dc7516187c271888e9f332e68ea4559b5920f9322e8370d360307aadf29926c76c262891d2202d05a96502e9fb8514da7b5462989be94cf8edb9919de36c031dbb79b92dd197d75ab01", 0xda, 0x3}, {&(0x7f0000001700)="c4d9756653a49fdc9ec725c1424f8bf6cc6680b325eee8c357b71a3c52d4b32ec4ab6755b9b311cd9988575a77f93e8673a92bc55b62567536b6b7dad9cc67117473d7ddb74d6a2006f937ce2889dd66910bd1d3e1a88a79454cc33b19c0f9ad76c8bb48a60a3e9f68cea432268eaafcd7c66b8b3a54e2b00c44737c9fdb2615e9ddae29a1ee9be0bbfe75a415098d170e8d311e84659d97c98af76d10bffd2cb751c96be02c6a44c9ecd873839090ba5d6284190209f05ee32fa456e6eaf5d2ad41aa53aea4e8051367fc7f44d41dd5ee3d6baa96d26fb414a2469f978dfaf20ef621cfd23c1911e4f670d94cc41c6ecc4c64b687a815b3fd8ce978f31b555a7e7ae51ab4d17d664c9e97caf5c1b88020f24797eff8daef19e8098ca1950854047d1d49813f8c06d2cb36434a090b65133501bf4ce3ecadc7ed37f6bd62df368774ea40bf1ba14206bd7b585779eb684cec6b418945e7baf2b3d5627d63098f5c35323be2f366ae66eafefb1079401601cd36f9db9932c01f42f8b626498dcfca87e2b6e8c2ae37a15c952fb0f6013a583169d48ea9d2ecbb383163b1916e1095cb45ed90ce35872193f78ecc108d988fb71c4d9f5b091d85f8c012756946d6f6bcad569ecf508624b06bf5c5edffba4d05a6ae4bf64247d59d1fdebbcf6e145ceed2d8d5606e2258f75313bf69bd3aeca021e7c9cecf52011019edd92215d6e740410df436b0f6b0a429b1c954a318cc0609844de23a68aca6542ad989e3a1b82e284b9e9ad70382865fccef2bb32b57d4d8b399b0de45572073eb897393cafae3c4dd5965c1226ef9c9ef914f40f8b3fd1feb48d7b015aba773aa33f6c5af41c253bfe629228582177417b2095ad5f6dce95829cab7bd66812750cfc4a704c26822f0aced67cc49769d70b065cf0079f54c3d193f38e4ed59376ffb170776ae2f0f2022f8cad9e5f20759ec8ff7ff1c669f26961b487ad3e5ce104fc5be04604b00c358ddfb71eb2a2ae6a120661e9d6247e7ab81805ccb972c0bd1eb03e898fb2e479de7d7fe454b4234e849e77ca18d0d563d72f838ad4f6463d2bd96748bb60b01143312993fda839d7e69dc73396b594417e594942555fb109cbf265159765ab72836e84dd0a82598fef75ed2de23d8bf1d0e4eeca6c826f659e91dc22178a3abf0b3c1c33bc7fabfb0a6e15f175f994c856f19bfaf5871bc0be7aabf739817d3bdc63efcb44271696beb77e6a2895943b7c1183c6d8ca416adbb5e5e5313266a97b6d08a889dc4715adb2abb3ac3286fd4999b2fba816c5ad38f9c577563360c59ba813ea268b18ee8e67f54621971986609b2bc8dbb5585bdf51e53354fa2811afccaae64d2e0df8a90dcc0d19745dc5d8b9e1ab4e4e051302ef030a57f1830aa59b822b960c7dc01d2255b1a01d0bdf170d3923776aef4c6565a7c48e77b9d2572fa19cba4de31745f55262ca804ab5d1d519891ffedf906c440d32fe6c2f814676bb944914bc0fe9b7a7456ff25a6ae6a7dbdebef87e1676c0bbac0b0fcad1f8c30a6e3f9dbe56016240a62425f6c79c005c3d355b5d3e1c67dc9a0586c8e823665ca63d9093b11ae0077c67d1d64b6f82eeaa2096d4bf24e8c2f15cbd4f8dd8fc49bc2cc58944160e6b5322cc7bf1b76fb28aafc884ee4eda5249effa082d596bc09298370fdaa13884f54944f7ee409d02ce51612e585ae96c116b6d858c1888e35d402d2088e17cb14301ea7cc4bd2b9302f8b22b0a432959e28f487f2c9c457e890515490b7002f6925f2bd316fe33da57bf0d0c3f40948d48b2922f2b5bb49b9853ed09a83bd5677e3e70e11b96dedcefe9ab52ef63264b6722c6b5c89588f3dc2bce58e196ce2dd3577ce6d7995c33651709c1cab0184126f8546c28d8669c2082d24702b4ee9ad48cd07392017c4def6485dada3f68aafc06e4474a08c59459d57f2333cbe39b634fa9c837317cb8a1f5fe9a5fb38ff59ee2034459b9f45fe92c8a16b4251216b53ed8af2072c7c6b63e8c3b17e5f22082dd5d7b773dc3936efa4bb39f5c64dbc84384b26f1ee556b619b407be555d2fbe86b680d442206856f577f7ed1fc95384b70f98f19dac4fcc179187fc4ec751f2856893e831c5c42cdf4fd7c8cceedcf6251645b8b64f41169fdac28205357a5cd5cff16ecf021e00d2d7fb9a9745dabedfdc188fb6877d774dbc38d90a2118cc68668280e831c51a0df7a3fbed3f2364db708c8e727724321a30d15bd0a9d875d4ea879c631b77d97194d9eefd15c9e14404238336119a039b621eac785cb3195c36b2cac1a318f82d579d10df81db758c419a191f125ea448a51f9f87c91699df7f2b0eadfd10f1b6a1fe84175ac565914c7e3b0185d30ee1aaa09d84e0be11c4f9ba97e38d35f643fce23c7a269844a8d425177799f0d8ca5779dff728fed15f0c6ce5d57b8b9456bd7512ae5cc987805d01f05730da98edca272cd5e2baa031f69d71fde7587c9190d5adfaaa1a84bf016a4b57e45063e5642e16a31f38ccf03d339f2486e1d95d9fa563ba8a3ab391cdae320bd1c07f62012046740367462c55583118a9d4cd946e452a55bb742ab6d53b4fac7b44cddc3901e7153721b2ad5aad18d3e1003957633c415ed73c37a1a80175c04d7336e67dc42a838a5e8c83632f8f37c1a9fde0951a5a81dfcaf18a3d5249a99e9302a3803700471af8fe3c320a2f9202fe7a62a196b66da5ac7e06b646c46ae15227fb887cae9c5881cdba0d7546a19db665e128ad658c1fc53af2388bbc04216caa8c1ec711a52522af38e01e3ded1be3d657ed8b45b3929c4e7b2743ae528e1d8182f10d28a2a3fbbb9ad4a6bbe4a719f722f47e4c3eec97e978d1170049b49d9708ccb8bba02b3cf7e22a88981eeb534abf98f37a7b7ee77c41a2ac52847b3cfb9d555e0ac0ea48b16a2291e0626428c5e769ee400fd7881e45c556f5dd6865fc5f2c6a83e1a7ae09934acd6d1570a8140db401ced5f23d46c8f31363681507900419e54186d92401f79316c087de5e561ed2085b605e492e58abf2e606a538e7aa297e148baaac33681cce3a8b6eb890fa478c243f7a7fc47ec8b08ca6c64508ab440d6750362b71589e42b9efd2cad3ccd56769c46649d5c1dd80ab583b9141d80fd515c24f391171b5034d6f2d2999f2293f96a370aaaee0c3093d503bb03c8b678d030eda2c7bbda635e19b738fd4237175248368098cf8091fa841b7b60ba1d391f33ced0e6ce33378fa8d8fbae183faf932d2486fe5dc0741f0221fb41d923978faa37a403688be9881ce100f93a902780c578a71c91e7c12f9113d0d16800e86b422ca77ca04d34754ed35e4f78d24da653e0c2c6d0b0d96155165e48d882bcaa4ee0ebf3d840c8237ea49fe553fb97dafcbb18cc5df95c522a2584db0574f288c6ec7a46583a0dd1b8feb62dd55ff43c3dfffc55308935c7ab5c02c84d9fc3ea16b513d2d2f1be1847db6ff9c7be7956c3e8c7dcd295a0402f75319a14180fffaf412e2cd48f15cb86d022981d6e25a66f59d30b34ed3febcdbf22fcd2a392986b19c7ed6d0faf29b404eb622de121deab8ab483331f46a90d2fdab8b6c9020018d0535b39a6d5fb145f81da7344f391e12f227f0a56eef8d2bfa2a47004b1cae5804e798c5fa452f1c15f60c0b2d7f3c9d4fb8bb5dcc5cfb1feb918284b63b1aa043461cadc527f7a03b34201b0e5ab5a0cab3f09b2be381098accedc435e07a806b040e878395b500a4b094268ba64613c58b00e0306f16b327458bba8db43e8a1472f6e871863796cb1e251a458f2853e6e5ea3aeaa6ba73f5d7b1f9c083356b7e0958adc60061eb5de43a48dbcb04a3a8a80610328f49a9754703a661291c35529e6560402a9be145a9287359ec60493d413b693bd7636da5f9d3bb4506e60191c0a8d01d1e8a2b84932a14a66d58f13160fdaf9177a96185575166eb796e20e42ca0c174ae5a639dc16850d409e477d6eaf7811b08b7fcd739e5a70954fb5d4c03a9a5b8bc5eaa45842c604fe1b01ef2a3d86bdf37955acc42716398308e06b9bb766193bde86e9fbfc503f9eabe82a9d03e15cd7d69bf5636d5f3ad0187a2af27972404266100c46c40e8cd78c2b2f040d015d983c7d4b4c252dd9f7649b0540c03bf78b22d26b2bafe9e229a1bc90bed9162fb6aa76493d19e33a109a1f2dba0facd723f83e058fd64e6c425c14197eb045643eb51d7cfeb6c560380a91352d62c02a27a6993a7da76bd2400f4ddc2186e0b2562cce42f0600679be64b37fda2d4ec4657674ed0834fd2ff08d6d5c6f4c93c2c87c45a48196d164357c8aa2e5e80198125e5505111c3490c57b7faaeb145fad587a5bd8d3f12e950cefdf75a9423e8edd375ba266900d801604a889e0f527da4659840ca12ae5589c6a35c9dd984c36e6a77d400ff10838172f9395efced6acc2490d60a1b2c6523fb67c3b86d6aab757eb351cd0d7b153ccb1479daafcd060391426b3b0b7c9bf56bc0c7aa9916da5af89fedcac0dd704ccc0389791f69d00c63d208c8453fa4c94d3a6f1f188b568af30ae2a8b3fcac9e66aa6ca6cc4c16b103490ead46b1aac74eb63c45a67297fbf8ec06886401e7fc49947e9e53b65c61b92d80d933850471629b1950b900ef915cf997f2542055f6c44a221de7ddbf92f0db5d16927d1056347454df2f929f4c9e63223e725248e157fb7152247ec298dadf6aa764c82472188d1a89141196256168fb66a5b26cc5c1183b48960d6fc041412bb40a1455def771ec5936ef6f8c3e812ce3e42754b2d2c7d4cd8b89263b17dbfd2b62560c0cefa3dd560fce621926882ea7627bf06f08634eaebfee85b42d7b9a9bb2b4747a2818608d744575b2623b97ef576bbc7db58ac37b7304f601f0536c203c3465b0cad2cd44ef70fd9df4c261c88d49299f87cfe43f4d3e48d3f4a261297ea799ae160959843de0504d22040d7afe2f7f139a01a68d25cc4c2bc3cda0c8db31a16e4609f88aa2132f1e9eefe03bc7c1b79e9d3b96f6e21bfc4a38c19d799097c15f98b715d308b54fff16d1244a8b79414627761c3fe385e68a9e66330daad865c98a6b4e577e37113cf26e77351e21ec2576f65f22f71f46f8e2459801671d5e4300f905de1d8243b7279011af03dd136ea5cd38d112730bf75088d936410a7aac8b8ce6335d950a4c20782d1efeab5253c4da529eac0a93f9ced4156dba4bdcbf6d0fcdd2c2a8dc6929e791f3ac8ac5e4b4b0b67fefe1f9eb4ab305aa9dace573211218acf036735089c4545b40cfb5e8aa0431ca325a4d222edacc8ce4f27d25074b8841a9f8a3c797567f7e9493d454b29fd3f95133f3e18f8d3f18e78a24eae451ac4fa3f02734bba19871a65b8e6d71df7317f4722f92e0a7b8257b7c9b04c8fc4aaf8248a6ff551b6a41663d26280a056dd22f2f664348258e7b0c26409ffc53cbc2a27b81ef6694fe971f92d4bf6e08f9a20ddaa8da5a8337aaca22934eb080470833d6a0a3f27a47fc21bd04228d3316edbbdd15348274b6a42c143347d30aac6873b1bfaa5a82c75b9899ebc2980cdf1aa2102de52b8b1f91d7232d7ae0df6366a032200552ba3abb2017119dc7a84853d022692daa559bac07f269bd569109ed5f5f7e286c6796e9c1e26fc83af5df942626718b2c86ffc6b14cdca59c875a3188946363aa5d723f08e561759845fa38303facd14321e23223090e0c7d231d584ed6f6562d276c8674a407da65a7cd1f449a02178827c1d4a60c1c59404f246298e", 0x1000}, {&(0x7f0000002700)="c22d4ad3b97dddb1cab91c634e8f8ffdb3c315389abb27f6c885755908caa8b39da91a2d0e18eee9745bd176dd9c8b0f12ab95683abc53ce937ca3aceff6c81b1208a577729243020e9659ff3d883e31", 0x50, 0x3}, {&(0x7f0000002780)="c15b6cf321d7d5a5acdff3a8fee5a3c5e108d9062340e53763de6545d51c35d204392c03db3c358947130026a75f73b024afabb91d88e6a1296cd7665d623d980bdbc04af792b511f8a9f622c606b46deb145ade7f44c9efb5521292d293072a2035995fe7213a0918fef26063c2c8e3247bfcb2c7ad594ce756628cce10c98d6b8d5258eccf8fdb2cd23930d4a38b2410922c1fa336a1728fc7e54cd55b7ea9bdbec8312946bf4c65d720956bcd6143eff21ef5537ebca136e6cfed5808192a3f21", 0xc2, 0x1}, {0x0, 0x0, 0x1}]}, 0x8, 0x1}, 0x1)

9.076464283s ago: executing program 4 (id=1330):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000240)=0x29dd, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendto$packet(r0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x11, 0x0, r1}, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="66a4c3", @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f0000002140)={0x2020}, 0x2020)
syz_clone3(&(0x7f0000000900)={0x23800000, &(0x7f0000000040)=<r3=>0xffffffffffffffff, 0x0, 0x0, {0x27}, 0x0, 0x0, 0x0, 0x0}, 0x58)
io_setup(0x8, &(0x7f0000000600)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000001300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x6, r3, 0x0}])

9.076202704s ago: executing program 1 (id=1331):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x3, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000fcffffff0000ff000000000085200000050000f2000000000000ee830600000000000001"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r1 = socket$igmp(0x2, 0x3, 0x2)
pipe2$watch_queue(&(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000180)={'erspan0\x00', <r3=>0x0, 0x80, 0x7, 0x7, 0x3, {{0xe, 0x4, 0x0, 0x8, 0x38, 0x65, 0x0, 0x3, 0x29, 0x0, @multicast2, @rand_addr=0x64010100, {[@timestamp={0x44, 0x18, 0xf9, 0x0, 0x2, [0x4, 0xff, 0x8, 0x6, 0x3]}, @timestamp_addr={0x44, 0xc, 0x1, 0x1, 0x3, [{@multicast2, 0x6}]}]}}}}})
setsockopt$inet_pktinfo(r1, 0x0, 0x8, &(0x7f0000000200)={r3, @empty, @empty}, 0xc)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000380)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

8.885719625s ago: executing program 1 (id=1332):
bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00'})
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000700)='./file1\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r2, 0xc0189378, &(0x7f0000000140)={{0x1, 0x1, 0x18, r1, {r2}}, './file1\x00'})

8.670843163s ago: executing program 4 (id=1334):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r2 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000001340)=@hci={0x1f, 0x5865, 0x31}, 0x80, &(0x7f0000000100)=[{&(0x7f00000000c0)="b8b2821400000081000000008100", 0xe}, {&(0x7f0000000000)="7522892f", 0x4}], 0x2}, 0x4000080)
epoll_create1(0x80000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
ppoll(&(0x7f0000000300)=[{r4, 0x10}], 0x4, 0x0, 0x0, 0x0)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x6, 0x27, 0x1, 0x1}, {0x3, 0x5, 0xf1, 0x401}]}, 0x10)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x85, 0x7, 0x7ffc0001}]})
msgctl$MSG_INFO(0x0, 0xc, &(0x7f0000000cc0)=""/4082)
r5 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
write$tcp_congestion(r5, &(0x7f0000000340)='highspeed\x00', 0xa)
close_range(r4, r3, 0x0)

8.247857786s ago: executing program 2 (id=1336):
socket$nl_route(0x10, 0x3, 0x0)
socket(0xa, 0x3, 0xff)
r0 = getpgrp(0xffffffffffffffff)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x1}, 0x28)

8.232998878s ago: executing program 1 (id=1337):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0x5, &(0x7f0000000040)=0x29)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x20080000, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs$namespace(0x0, &(0x7f0000001380)='ns/cgroup\x00')

6.698084742s ago: executing program 2 (id=1338):
r0 = socket(0x2000000000000021, 0x2, 0x10000000000002)
inotify_init1(0x80000)
prlimit64(0x0, 0x3, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x4, &(0x7f0000006680))
pipe(&(0x7f00000001c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
writev(r1, 0x0, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000002c0)={<r3=>0xffffffffffffffff}, 0x13f}}, 0x20)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r4)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_CONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="050000000000000000002e00000008000300", @ANYRES32=r6, @ANYBLOB="0a00340002020202020201001800490008ac0f000bac0f0005ac0f"], 0x40}}, 0x0)
r7 = getpgrp(0x0)
sched_setaffinity(r7, 0x8, &(0x7f0000000040)=0x5)
getsockopt$packet_int(r0, 0x107, 0xb, &(0x7f0000000080), &(0x7f0000000240)=0x4)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r8 = getpid()
sched_setscheduler(r8, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r9 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r9, 0x1, 0x0)
r10 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r10, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_io_uring_setup(0x9e, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f00000000c0)=0x1, r3, 0x0, 0x1, 0x4}}, 0x20)
connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24)
sendmmsg(r0, &(0x7f0000000180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0)
recvmmsg(r0, &(0x7f0000001fc0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=""/177, 0xb1}, 0x7}], 0x1, 0x10002, 0x0)

5.639844239s ago: executing program 1 (id=1339):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x141800, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r6, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0x5})
r7 = eventfd2(0x0, 0x1)
ioctl$KVM_IRQFD(r6, 0x4020ae76, &(0x7f0000000000)={r7, 0xc, 0x0, r7})
r8 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="180000000f1401"], 0x18}, 0x1, 0x0, 0x0, 0x4000800}, 0x4008000)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r9=>0xffffffffffffffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r10=>0xffffffffffffffff})
splice(r10, 0x0, r9, 0x0, 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r9, 0xc01064c8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)})
write$eventfd(r7, &(0x7f0000000240), 0x8)
r11 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r12=>0x0})
r13 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_OCB(r11, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x24, r13, 0x1, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r12}, @void}}, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1711}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000004}, 0x448d0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x800, 0x70bd26, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0xffff, 0x6}, {0xfff7, 0xfff2}, {0xffff, 0x2}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x40098}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=@newqdisc={0x58, 0x28, 0x4ee4e6a52ff56541, 0x5001, 0xfffffdfc, {0x0, 0x0, 0x0, r3, {0x3, 0xfff2}, {0xa, 0xfff1}, {0x2, 0x9}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x0, 0xdb, 0x7ff, 0x2, 0x40009, 0x6, 0x2, 0xfffffffb, 0xc00000}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x800}, 0x4000000)

5.456691781s ago: executing program 6 (id=1340):
r0 = openat$smackfs_change_rule(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$binfmt_script(r0, &(0x7f0000000180)={'#! ', './file0', [{}, {0x20, '$[-:[]-\'\')'}, {0x20, '#! '}, {0x20, '[-\x98%/%#'}, {}, {0x20, '#! '}, {0x20, '#! '}], 0xa, '\t:O'}, 0x2f)

5.365544513s ago: executing program 4 (id=1341):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r1 = syz_open_dev$video4linux(&(0x7f0000000400), 0x3, 0x0)
ioctl$VIDIOC_G_EXT_CTRLS(r1, 0xc040564a, &(0x7f0000000000)={0x0, 0x1, 0x101b, 0xffffffffffffffff, 0x0, 0x0})
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000480)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x50, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x14}, @NFTA_SET_DESC={0xc, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x81}]}]}, @NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xc0}, 0x1, 0x0, 0x0, 0x4000854}, 0x40)

5.36221318s ago: executing program 5 (id=1342):
r0 = socket$nl_route(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
bind$netlink(r1, &(0x7f0000000480)={0x10, 0x0, 0x0, 0xf0ffffff}, 0xc)
close_range(r1, r1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sendmsg$NL802154_CMD_SET_WPAN_PHY_NETNS(0xffffffffffffffff, &(0x7f0000001140)={&(0x7f0000000f80)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000001100)={&(0x7f00000003c0)={0x54, 0x0, 0x800, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_NETNS_FD={0x8}, @NL802154_ATTR_WPAN_DEV={0xc}, @NL802154_ATTR_WPAN_PHY={0x8, 0x1, 0x2}, @NL802154_ATTR_PID={0x8, 0x1c, r2}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}, @NL802154_ATTR_PID={0x8}, @NL802154_ATTR_IFINDEX={0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0x20008841}, 0x40001)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x4)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x854}, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f00000019c0)=ANY=[@ANYBLOB="b70000001c000000bca30000000000002403000020feffff620af0fff8ffffff71a4f2ff000000001f03000000000000e5000500000000002604fdffff02000015010000033800001d13fcff000000007a0af0ff0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23d"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000000c0)={0x400}, 0x10}, 0x94)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=@mpls_delroute={0x28, 0x19, 0x1, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x3, 0x0, 0x5}, [@RTA_MULTIPATH={0xc, 0x9, {0x2, 0x1, 0xd7}}]}, 0x28}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000880)=@newqdisc={0x178, 0x24, 0xd0f, 0x200000, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x148, 0x2, [@TCA_GRED_STAB={0x104, 0x2, "abcc61b4e508c02286f1bafc7a22c407a52b0e13291c865d493f15736245f220cd4e40006df455836aa3bd3aaa2c9b95578719c46f89e01798d28b6d63cf7465ea95bd97b018b7afaccdcb28bb42d677b73c44e790f0875fb4b795ca95b7dd712d2c5d69945535f92f74a71236743acd06103cd77bd07f2df5989ee40e409b077cc85e96554beb53c986a216051bd5979a8cfcfe9f98be58ffcf44f6cfda8579dbaedceee578bfd1fb554b6e185e9315425ef0a3fc69d17ede93fc7c46357990f7acfdb8216ea52f604b9f12033688caa4b04adecfc926b3f6ca25bcb5432905e3f30ccbf10cf0f2d00858ba2bbd2702b8d4a7a7c744fbaa2fa35b1c586020d6"}, @TCA_GRED_PARMS={0x38, 0x1, {0x100, 0x5, 0x400, 0x9, 0x81, 0x101, 0xe, 0xc40, 0x7fffffff, 0xfffffffd, 0x20, 0xb, 0x1f, 0x6, 0xca11, 0xffff}}, @TCA_GRED_LIMIT={0x3d, 0x5, 0xe6}]}}]}, 0x178}, 0x1, 0x0, 0x0, 0x845}, 0x24008004)
socket$inet_tcp(0x2, 0x1, 0x0)

5.144764585s ago: executing program 6 (id=1343):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
write$tun(r0, &(0x7f0000000340)=ANY=[], 0x141)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$FUSE_ATTR(r1, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000004000)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a076d839240d29c034055b67dafe6c8dc3d5d0f65acc0d06d1a1434e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622e03b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab0300817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c690220b87b20581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd713089856f756436303767d2e24f29e5dad9796edb697a8ad004eea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014751c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff22dc518afc9ffc2cc788bee1b47683db01a2f9398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa407e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae526aca54183fb01c73f979ca9857399537f5831808b0dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a0c93d47018c12e7ba8188a22e8b15c3e233db00002e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f5011e4845535a8b90dfae158b94f50adab188dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeef0005b4896c7aabf4df517d90bdc01e73835d50200a90800c66ee2b1ad76dff9f9003f07000099d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987595ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e547f7ad33850d9feccd0111a2e3700845dee734fe7da3770845cf442d488afd80e17000000000000000000000000000000000000000000000000000005202000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a12489c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db08407081c6281e2d8429a8639034a75f4c7df3ea8fc2018d07af14915f29b719f54926fc32468f65bd06b4092140faed0c329be610c3082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b4c8787361f3289f86ae826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec833c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033bb9cc16bd83a00840e31d828ec78e116ae46c4897e2795b6ff92e9a1e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce1d9bc7ef3e3f40c14089c82759106f422582b42e3e8484ea5a6ad9aa520000afe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da357f9e93ce055019c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403502734137ff47257f164391c672b6079e65d7295eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb74b5589829b6b0679b5d6fccbecfae5553d9950d48c774eaa35b24fce69a20d8bc410d9f48bf7eac90529cd6af061c9e53addddc620ce73c5d177e3d097159f2768636fc10276c6a0adc57483b3f7083f66b87ef296ee85e9bb70a3009a5d30f479e293a3302e11350ea857b37e76ca2f50378e4092ce2c574ad278b9b7b717c571afb2077b019fd9d89efd59b41f051ec5a8ff87ecc8df917a1e386d849fcd10e2f9ca52e02339c2f4666b0c545e25f1cd62421c28d25994be0cff7271a0dee38d7ac4ac736b090e1d29f981fd9086e4000000000000646174b55d251f7f8ca5ccc22a5efb33b237eff5597a3c3a5f3a9bb54abb40e54593e1a7ce4cfa17b3c3fe91c06363496341eae20dcc59b6179b32ddddef5c34000096a54c0c571a91878f61f74912e2299e5501d4d6943bfd74c856511726f0ac8f7d17f1c6b4451c1bcdc6b6e1700e4cd87709d97afc5423c96fa981873d4369b04bbf1fb9f68f17991540868e408201ad1a74179e489aa61f021a437a3fa935588be2068f7ff9b253106326fde795e530b93626cc68e06e602198724249b4445eef08401cd1a3e266db41474e69902e4d8f5da4e94cc36794258fd4032de7ab36bc24c5efd5c8495c1ccd580033c55725f2d60354f8ad5914a0155eaa743350ddb388f486b6de0549ef3b1b3c3b7d4d3a830ff39885776119408029be3788dd8422b1ab7b4c9d5b7d8682fd759c713108e1bdfc64b9121bbf07099def5c0ce3c861ae4b5cad8bba5a0b6059b9ef90c2f96a59320309e25df89484522bb1d6eaa92164f9e4042cb689a45a898354c17b08705205a9189772bcbcb6414e44b33a2470d3bc16f761c33f565b9da5e7991ad8482579cc1b16c1fcec815a5482ae8b1779c5e339971a6ec1217bcfd1ef24284de8a0a9f068f297037d6478c2434a9a18dcc6c7c791e444a79d7ce37f9cf2826b47ad8ca6a2fa254aa02cd098026798a6d336348af0fc11fa2809a5ebbe17ca4d0f889d518f64ee50f562b5fdb1f76d4a7fe14701f8ed0c6a55d66a6efea3e449e6b478abc5b196dd5308cb20c4e2a0bd702651bb39f10523102dcd8ece692159028f314e0d6bfa400475c6699fdc40efe0948e3cef7419a7f113134e5ee20fd87c4521ccfbd32d6f147f743d30866bdd86ca8bf0c7bcc475f4ed53517aaa51f1c151d859a7f0b53abd332c84bdad313e82ac3777a6f7f649ff8a25f6dfe09cb29213896b49a825257bf143e9fa3bbd47009e66fe5705b3ef2b40a182e408c680727d64e00e1ce508f8fd64ac6c84ccc28fc333067de63b9bb5daaa12ce60ee3779ded79651be69d2a413cd948a873dd7ad7017b150828cf100d3df8537f22aff58343c9ee966fceb594bbe10b911427f76a25a219be2f85287b7f83d323a30991067ad1369792166062085ff20c5fb9f6e4f78dd09c7d2d6ca3c8a5d0d26ccbe576f44a1bc94194817"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r2, 0x18000000000002a0, 0xe80, 0x6000, &(0x7f0000000640)="b9ff03076844268cb89e14f088a847e088641100050000210283ac141440e0", 0x0, 0x11, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r4}, 0x19)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000500)={'ip6tnl0\x00', &(0x7f00000003c0)={'ip6tnl0\x00', <r5=>0x0, 0x4, 0x3b, 0xfc, 0x18fb, 0x20, @ipv4={'\x00', '\xff\xff', @multicast1}, @local, 0x1, 0x1, 0x2, 0x1}})
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@bloom_filter={0x1e, 0x1, 0x7, 0x2, 0x1008, r3, 0x400, '\x00', r5, 0xffffffffffffffff, 0x0, 0x3, 0x2, 0x1}, 0x50)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
close(r6)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x20040055}, 0x40)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c00018006000100d1de0000080003400000000114000000110001"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="2c0100000d0aeb0700000000000000000a0000010900020073797a31000000000900010073797a3100"], 0x12c}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x10012, r0, 0x0)
r9 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r9, 0x6, 0xd, &(0x7f0000000180)='bbr', 0x3)

4.862701247s ago: executing program 5 (id=1344):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000100)=[{{&(0x7f0000000300)={0xa, 0x4e21, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7}, 0x1c, &(0x7f0000000cc0)=[{&(0x7f00000000c0)='O', 0x1}], 0x1}}, {{&(0x7f0000000080)={0xa, 0x4e22, 0xe2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x10000}, 0x1c, &(0x7f0000000480)=[{&(0x7f0000000180)="b0", 0x1}], 0x1}}], 0x2, 0x2400400c)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff8000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
dup(r0)
r1 = syz_open_dev$vivid(&(0x7f0000000100), 0x3, 0x2)
ioctl$VIDIOC_ENUM_FMT(r1, 0xc0405602, &(0x7f0000000140)={0x3, 0xa, 0x2, "7520f2f185915e8a70fde729a2e3894d8eb2be672737411f6b8b7aacd7518285", 0x47425247})
io_uring_setup(0x1c79, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0xd, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000400)='mm_migrate_pages\x00', r3, 0x0, 0x5}, 0x18)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

4.855503095s ago: executing program 4 (id=1345):
r0 = epoll_create1(0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = epoll_create1(0x0)
r3 = fcntl$dupfd(r1, 0x406, r0)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f0000000000)={0x20000002})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000040)={0x20000001})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r1, &(0x7f00000002c0)={0xa0000013})
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r4, &(0x7f0000000580)={0xa0002008, 0x1000000})

4.689927615s ago: executing program 6 (id=1346):
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000005c40), 0x80c00, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000100)={'vxcan0\x00', <r3=>0x0})
r4 = socket(0x1d, 0x2, 0x6)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r5, 0x8933, &(0x7f0000000140)={'vxcan1\x00'})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r6 = getpid()
sched_setscheduler(r6, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r8, &(0x7f00000bd000), 0x318, 0x0)
r9 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r9, 0x5393, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xae, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, 0x94)
syz_emit_ethernet(0x7a, &(0x7f00000002c0)={@local, @multicast, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "ee527e", 0x44, 0x3c, 0x0, @empty, @mcast2}}}}, 0x0)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r10}, 0x10)
r11 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, r11, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$can_j1939(r4, 0x0, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=@getchain={0x24, 0x11, 0x1, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x8}, {0x7, 0xf}, {0x0, 0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x44060}, 0x98)
close_range(r0, 0xffffffffffffffff, 0x0)

4.632443808s ago: executing program 5 (id=1347):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="88000000000101040000000020000000020000022400018014000180080001000000000008000200ac1414040c0002800500010000000000240002800c00028005000100000000001400018008000100e000000208000200e0000002080007400000000024000e8014000180080001000000000008000200000000000c000254a6"], 0x88}}, 0x40000)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x6)
r3 = getpid()
sched_getaffinity(r3, 0x8, &(0x7f0000000080))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
msgrcv(0x0, 0x0, 0x39, 0x2, 0x3000)
msgsnd(0x0, 0x0, 0x8, 0x0)
r6 = socket$inet6(0xa, 0x80002, 0x0)
r7 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$SO_TIMESTAMP(r7, 0x1, 0x40, 0x0, 0x0)
getsockopt$SO_TIMESTAMP(r7, 0x1, 0x1d, 0x0, 0x0)
fsetxattr$security_ima(0xffffffffffffffff, 0x0, &(0x7f00000027c0)=@v2={0x3, 0x3, 0x8, 0x3}, 0x9, 0x1)
setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
msgget(0x2, 0x624)
msgget(0x1, 0x240)

4.369200351s ago: executing program 5 (id=1348):
socket$nl_route(0x10, 0x3, 0x0)
socket(0xa, 0x3, 0xff)
r0 = getpgrp(0xffffffffffffffff)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000504000000002e"], 0x0, 0x37, 0x0, 0x1}, 0x28)

4.254716666s ago: executing program 4 (id=1349):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x800001000088}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
sched_setaffinity(0x0, 0x5, &(0x7f0000000040)=0x29)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x20080000, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs$namespace(0x0, &(0x7f0000001380)='ns/cgroup\x00')

2.487893444s ago: executing program 4 (id=1350):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid() (async)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) (async)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
bind$bt_l2cap(r3, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r3, 0x3)
r4 = accept4(r3, 0x0, 0x0, 0x800)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c90001"], 0x16) (async)
open(0x0, 0xc162, 0x0) (async)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) (async)
io_submit(0x0, 0x0, 0x0) (async)
sendto$inet6(r4, 0x0, 0x0, 0x0, 0x0, 0x0) (async)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) (async)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6) (async)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="18050000000000fe000000004b64ffec850000007d000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0xc)
r6 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r6, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c) (async)
sendmmsg$inet6(r6, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

2.329850306s ago: executing program 6 (id=1351):
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x3, 0x5, &(0x7f00000003c0)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x20}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000380)='GPL\x00', 0x1}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0x1, 0x100008, 0x4, 0x8, 0x1, 0xffffffffffffffff, 0x400000}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240), &(0x7f0000001940), 0x2000cc0, r2}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000180)={r2, &(0x7f0000000000), &(0x7f0000000100)=""/120}, 0x20)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x6, 0xb, &(0x7f0000006680))
arch_prctl$ARCH_REQ_XCOMP_PERM(0x1023, 0x11)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xa00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r3 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000840)=[{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000600)="b942782e11e878a6bf36cf8edb8bcf7bc04f6ee721da51a1790426a71ea604563e03cda220a7bedbd94157807f21ba911f897794cf319a26ade5b89e5eebae6d08f2f476fa207d05c8e9ed1db400f4fb518d71f722e84df6821944eb6c73b189d332b29e16455cbbd11a76eb227795fe08e7ce4fbcf956a6e26901820823aa53592f16eb5f0c7e51644e237624b5d76abf01ab4c08f302134162", 0x9a}, {&(0x7f00000006c0)="232de30d95ed98e3382b6d5b0fd313977873a28da299b4594a3c38d75022a8736ce84950859e56ca8607a0c8c8099fd8831f2191b0757a3a1e5ad0d262af8194c96549fff072dd46d68ce5e964744845aa4fb0b85ccce245b4ccadeee15b80ab4787cf937472706931bef99e17e449d6b055a55b1358e6ba390c30bc304c21e10c612e19404f7f9cfffcdf8e76d5c89cbd4d5c639a68f598dceeaebd842553681d2d93d808dce11560ddf6c1f141747ec2a65a4e31919dac713e7d2fb7918fa438f63cca619a1c7dbd96369e79e1b59c222dc3074e", 0xd5}, {&(0x7f0000000440)="b62513038a5bdadc0f82047cb0b49899e10207821b0ff9cd238fae2e71441c8de45e394c73eb1f672172092ebd0c4548ce633a1a0eebffae9d89824182405a3259e6c7d1dee81bdc6cb678252fac47d2628d3352e71c5545d06d2f5911f7bd9e8c5815fdc896224ce86c57b8d06ad846fe7d14a5b24d53322766", 0x7a}, {&(0x7f0000002f80)="583ea9a9cacc63e8ff2b66d5ab9344da9297d863099c4021bdc9165586344b7e6ad99fb6c2ef8664765572262396b92cef2071416d7c4e43688c975bfcf336ca7384070acfd92f689b4d08c79d5b887ff25712499cc862187086201e7004a9cfa44c4040822164b2c5c76c295d609dc65fa3862418fdb4fe456c1a74b4b78c3848bcf7cf5e103bc421ff5ca1796cc6d4f122203891ff545b0bdbfb96a0a18df44483ca3408afed3bba6ee57b9097a022e83e3c0be9262239919f1f5c1dc3969fb42e2e96c5e6535ffa577360265db4f421569f8e14b7e247c90a93716abe5ff47e694128096f9d546a2578ef23c65e6ffd57c91cdebd64213fbbd723532c59631c72cc4911be7785492276600a74a50f1e3c76d51625dc37fc96a3da773836de8eebe2159ce1ed63ca3036ff9fd6baead53560a76a8ab78f044ed89247b5472ea7293ecb1140dffdc5fc56fca5fbe4a9a7ba5a94f0b93da4b1e0f7577756b75561380cdff78aa9be981ccda8ee03781b400d7efe39213949fb9c78c1cfb874f5ad1adc9255d42e002026797ca2cdf8dbb7e5bbf3afed87108dbdbda9fddc062eca8aff0ee74f837aae74f8282a79aa69d55ae4a72bc9a02eb039308cd6dfc931bf94b07b8819deb4c836d81699e72531bb32ebc5cc635f3514977aa1232eacb66d9b0cc5a118423d21a51a1575e66e138d184b44308b8bac4e3748079d5138a38c8b3b27552a305040a7dd4a2d81e965a865402f832ccd6385f8bf00e24cf6e56a50955c9ce803c552d8035a529d67e325614e7049eec90ab80f01a32ef8e7b2a773c1b9bd67534eb2503745e9ff85b107ed27bbe0b6f22c50f724bc0cc7813de75164256054a23ccf17b6a3ebbb314aed3a9c167c38ac6687af7153dd3a82e3f5e0c340eec085af9f6ec29c5889e563151e5b4a0fa317968cb7827570d9986b5fbff08bccde56235d95845b05865bf986ddd49bd74a68f400cf92682dd4494eb6159a66c98f7b66f61c628dec73a529d445b9c9793c182321e3aa8ccd25206eedb2014ad5082880347038f30eea039dd98ed49ec4f6734d181c3cbbb703dbb397574c53f41dc7461a33b3d99f3e7421e1c996254d7863c2ef6003fa0ec4209e93d7fb0516d68bc7bbf958e65e9641183c09deaa147e2fcdd0e64a6d18b191e64d678a57e0e642332f30ff256a8c67e5097090a0762189920989748a714262a223d337397a573c3b4ec7572e31b2d79f795e267b4a3d8b9ed373f22edb229ac035d05038f7699b7697bdaf102a9724571856872ecba6508afe770009519fb88c8d53e96d8aeea1dd92e2b3287055824026ba53e0440982070354ecfbb1bcdcbd3192bccb2580080111ce78816ca5ef8a5c3514d48702d977036fdd324661685244b1d80e9da73c384a9a5f4d5ac501d853a9a6b0385c18b53df21a35d01418cd28d89dbcee487022c110456735616db00d7bff771c954c777f4bc089b8697033b592441e3e2b2d2cf9c8769ce233f6dcd17f9cc869750ba05e359b7b140a4dafb349ce80c256bb5073eafbc05487c51efe98acbbe26c93916b78389d76a32ff4704598e6caa771ca39e7d4a10c5ba80b076303ba6547bbc1330ec73a7b289841ef0ebbc3634e02de76d6cd44cb4306bf2184409927c17353869961dd09124acbcbd90f44961ef402da35bce909d750bf7ab40fc9237c1bf2d4b79fbfeff1926a928adfb434e646521fbaf7d8b7e207c9f8cea83803d1e78fcf822155bbef88e56a207503950db278e5c60b35bb2cc57d719ffbe7b2b53ec9efcc0fcf26f23161974335728f8e7f754bc24d1fbc2c0d9faafc737506563d71f15479723b7eb023c6a8e2c80798fc4393e2d9adfd5e9245796f5bbe5b564f4e0fa35443c102a2e38ed3ca71d091f640119729a96517a8263e88e8937635a3d46db0a5b3c32f3a5d764aeba0d8aab2aec41f52d8dbeac411bd066be55e2e69612a3de2e3662cf93ce203691991f10e76bb8bf526d0bd40d44bceb9cf41921cd2c4c144e5f65d2a5327acdb21806af5a28385becc6a71f7533c5b7a85661fb1fe8c4fc02e2c6b797393b1ed89215fb869b92ce5d072c7910bc9b9052af1c0851ac511e8d3fa51a33d9a4806a0a19e487f4d5f934ceddf46a13bf24e40a9e597b0f0e6d05dd573b852d15a0d86d65392d1aca2f58024a932571beb87047c129583ca37befedc98e93f3166c899f60f574e3f69d5e6182b090c58db7d69cbe00fffb27114200e65b1d7f6517df966988f9ae96ef1af09c2dbf58d358302cee84734332bccfabd7ee5d1ffdb45d6dce75765e5b317db1430df48d975c20835252131f984a90b414b1e7aa40225aa118b5a6229a1d9c4165c08cbbb7eccd38f9d926dac56070a301e6cf41e194f7b25fde38fbdc081986dbc7b28ebd467be8d13fb601bbb22356f9a656799d441442dd8e9eae560f1cd89d47681d7976c53d0dc21eb78816661f80a09811a847c6979f49efcf09256b3170011c4c1dae22d6114f2ce18af3d9c5e37ab117b4a37e45f9ee772e6accfd93425333306e0243002f14667884c62e572b714c5e2fb9f5860c264b53dc21075e1e361e20dda9ecb6bdd9f08d161bf90d5a110732dcede12777d59f5c6bea7cf4cd3e32276f23830afa4627e67f83e18a13b247238c2a813904e5e92f6804b8826cb1d8fcd73504b2c195949b95e26535ac554a6f0bb3ec9a03268b413d332a66ad49198e900c0800161da69067ee59bc7b940979e85f09c6485dea304d6006c22d945ab7c06acc6b1c9d1513f637345c7a719f273d77440683fc1c0806d94fd2034ac226e04b2a073963a1428c84357f98310598541b1fe45df53dd776da7371f38df5450d353befb95c763bd34784c11415439719cfb629857b77553d77ba80d558be86df5d09d04109c74c1a6dafc45ae99c7e5f46a4590ba5aff946e1cd4ac03c2dd7ee8269118e6dd2ac625960ac78420fb2a147a406ab45dec6764adad701c424b667b0f88f70e2e49db961b7c430525b47d84780e8442760e215c7963c1d4923f5d5c3c242626d229cab47f2820100b4ff5950c465b846898b38f453f7e63d1ad816d250aaab0311b2527f3400c1bab87e967fa261990fbc3d8f82dee5ea2aecdcd2287be85acb911cfd1d0beeb07aa4486c1dd88ae092eb705573e8875a7f0f26735e0aa658970ba452979d5493eae512594aecc2bcef964b6018c5ab3024eccd75114409bd74d00347e77d8568c2cfd6e9f4f78bbdf2484243fcde5098c6a400dd85a897593b8d231760ceb4273bd24bcae3afd76eefb82d4b37364d1bb30705e52473a22b2a6d381fbd015dfb685dd62fa519f86b7e2cdbd1dd9ad0bd949e1d60d42dc555c82769ba5010be51c2ebd969d606e26df8114f6ab6f4fa177392c95a1b47b00caaaff5a8341ec1ad699753bfdb59de78bdc0fecda2a610b82f2192a94617824fa8c39fa731f1ae08ed7ff7c60809c8803a6f7dacdf74013ef3e227a2297a9cb7b0e62bc1610cf298215e7907535180de43eb0921b5af689099677b7d70d0aa20753e7152baa984dca4de1ada6ff80dcce3e838e77d0e3aadad79851e514af2e063700e29b9d5413f49aec52c8ee79c67a7a51d634ea9ab29b37a9041a6501418d3164e89884948d227fde188218c3c836533840c5742c1fef962c29774ead94b002234a180a6de7e214b5b20f508c1a768f1d402933ef4ebe0bd5b1b5b94c344d1a9f02356aeaef6012ba7ed270da330cd2d64d174d0f6170049bb3673a647fc25342bbd1a8b4fe3a3e1e20ffe745355bca3e6d7758edf0dcb4175d618ecd84c4b5a23582e5f1e62c7e1d2da4d5cb2c82e7f49ea720903723d93d7b8be877abb64d818ef5493b4539a4bba6f2311bec41892fbe3679d2a4bcc27343cd995c3fdf0e086411437b0795588c0dc41e688e0b9f06765b6a28fc1f78cf4fd2b0a9310eea64ab81b7dcfe5562c1ff4b0c2d3f29c90ff9108afbf7c2c2670ed9867325808b4a22a7f2d6a15cdfbe6be1a3130b704436bc2720fa3c7e14e614f82d7e4c38f19862b99bbe6bce40bbc0d7437a7b8e15b925d773be7036aeec07c650eb636776c49bb802897b7abc7974012e752c59d23fdfd01b737759a02093d95be56debdf044c590290821f95c14aed65b1527b4528f62e3579702eab9c70683a0af8dc2e4b393d8c37a475ba1612ae001585669272c00f30f1cb2f0e552a70812a28aff88399a0b305ac65e170dadbfa0e562cca432dfe45ebb27e663a5d5b6d31e59640e4b3002293a93e32fd70f86b81e71beefae38e724ffdf9ae82216e3c43631a459a7996754bb6d31ef430cf6f38acd706c431a3c1cbcc3c77dde397f5d7a84e8c862609e0b37d0ca952dc44f2945864301d657d9d7cdf38d4969579eb461b5e575a6166bf6ec4895fc28c13790a4c8bbc7f0f329d4599426791a0d5877180b38ff854c22c87b30b2200b4f5401765deb94cf88652b424b224c094da0370025dbebad76364a995f637b8a3ab9c241cc12420c9c1862280194bbe38989bfa62559e9040009c1d5b85e35dacc0f5558087f96f756c2ddbf6af4a6ccccbfb3562a00695a82af91f51ddea8d289a4ab536fa85469ae7af1575b00094d7153f79d1aa6f8515d5b24326f09d863a45a0a38cafd4ae5c0bee12705d568f5fffc6ef459dbe247cc880587b7c16dc27f63a69c54a0ee3419a26ac6e9011997f18471aeef95994ba7bde070570f81ecf15b3e119327e4bbc9fdc8470407fed2076a13173666c952ea8f8a51237c5e25bb4e27a51bb65ceb5cc8fbc8d3c59af953cbcaa1936ef6801c70f9b9afb0367ddad03c79b4ac38808debe2349757231da3b686697f129dcf3eb5cf41104708fa237ee0ee047937ae2f75da027aadd4cb1d12ae95c0e5986da657ff1f1c0d40b967b131788770ec467b4bf0d530a72ea24fcac58bcf74b952778f6a855b228bf6dfb40288e35dfe565c49d7179f2fe7e668380b8a116ffd2a09d7832340b714a823cc792f416d265b44a4f2371d18d0def744f987fbbfb0eece94392882a74683e5f144c55d7107e33adba4b888ad1414ca9206218bdcda884f59fd3125000ec7579279e47b83d8792ff6691856bab55793d4799775a17314bde3385c2a23df0e58bf7884d62604f24a1f7f59ec0bae65098f745949655df642b174590ac30897e057569821ffb200bc392dbd812d8e7fed284ab1528d0e991e9923c30f3c84f76cdcfc1cac80f8e5991673b2ce69b06088e7e096d38a2f5e1a165212a876d6a5f2adb7675198e69b977aa1834585275e11eed93ca186f6287943c7218760a26df641412377544441c7a2d1a5b7a73bc9a706b43854df0b648ca6d3267b1aba22903a89d79c536c89326bff84c80c9aae31d3729e793a713665168aaa9552f39cee4cad020792a717b19c43941d3964034399577ec5c6d", 0xf17}], 0x4}, {0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000040)="099fa79d83c16a6e45d4960062e82bc67a2f25419d88838bbf48e9f8ab3ea9409e84d5458d8212b2a59fb312fe9253f54c0ee15d12fd27dce3034de3a3b71a4c79c08f0594d2912f6bb6", 0x4a}], 0x1, &(0x7f00000007c0)=[@op={0x18}, @assoc={0x18, 0x117, 0x4, 0x2}, @assoc={0x18, 0x117, 0x4, 0xa27}, @assoc={0x18, 0x117, 0x4, 0xfffffffb}], 0x60, 0x10008000}], 0x2, 0x44804)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

589.741998ms ago: executing program 2 (id=1352):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000b80)={0xffffffffffffffff, 0x2000012, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xb}, 0x50)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback, 0x7fc}], 0x2c)
sendto$inet6(r0, &(0x7f0000000040)="e4", 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000200)={0x41, 0x80, 0xfe, 0x1, 0x9, 0x40, 0x8, 0x5a, 0x0, 0x0, 0x9, 0x0, 0x0, 0x5}, 0xe)
recvmmsg(r0, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/21, 0x15}, 0x1ff}], 0x4000000000001bf, 0x40000023, 0x0)
r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000600)=ANY=[@ANYBLOB="0a00000017000000ff01000001"], 0x50)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f00000002c0)={<r2=>0x0, @in={{0x2, 0x4e20, @multicast2}}, 0x4, 0x1, 0x10000, 0x7, 0x8}, &(0x7f0000000380)=0x98)
setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000400)={r2, 0x8}, 0x8)
prctl$PR_SET_IO_FLUSHER(0x4a, 0x2)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x64, 0x64, 0xa, [@typedef={0xc, 0x0, 0x0, 0x8, 0x5}, @var={0xe, 0x0, 0x0, 0xe, 0x4}, @enum={0x4, 0x3, 0x0, 0x6, 0x4, [{0xe, 0x1}, {0x4, 0x9}, {0x10, 0x1}]}, @union={0x7, 0x2, 0x0, 0x5, 0x0, 0xf, [{0x10, 0x3, 0x8}, {0x10, 0x4}]}]}, {0x0, [0x30, 0x5f, 0x61, 0x5f, 0x61, 0x5f, 0x61, 0x5f]}}, &(0x7f0000000100)=""/205, 0x86, 0xcd, 0x1, 0xce, 0x10000}, 0x28)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)={0x3, 0x4, 0x4, 0xa, 0x0, r1, 0x4, '\x00', 0x0, r3, 0x5, 0x3, 0x200003}, 0x50)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000780)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$TIPC_SRC_DROPPABLE(r4, 0x10f, 0x80, &(0x7f00000007c0)=0x9, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x22, &(0x7f0000000640)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@btf_id={0x18, 0x6, 0x3, 0x0, 0x4}, @alu={0x7, 0x1, 0x6, 0x2, 0x0, 0xffffffffffffffff, 0xffffffffffffffff}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @btf_id={0x18, 0xa, 0x3, 0x0, 0x1}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='GPL\x00', 0x2, 0xee, &(0x7f0000000500)=""/238}, 0x94)

337.231494ms ago: executing program 5 (id=1353):
r0 = openat$smackfs_change_rule(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$binfmt_script(r0, &(0x7f0000000180)={'#! ', './file0', [{}, {0x20, '$[-:[]-\'\')'}, {0x20, '#! '}, {0x20, '[-\x98%/%#'}, {}, {0x20, '!@c%'}, {0x20, '#! '}], 0xa, '\t:O'}, 0x30)

247.944956ms ago: executing program 5 (id=1354):
clock_adjtime(0x0, &(0x7f0000000040)={0xd4e, 0x0, 0x800000000000000, 0x4, 0xfffffffffffffff9, 0x0, 0x7, 0x1000000000, 0x800000000000000, 0xc3c0000000000000, 0x10002, 0x7, 0x8, 0x1ff, 0x0, 0x4, 0x7, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffe, 0x0, 0x3, 0x0, 0x2})
r0 = syz_open_dev$loop(&(0x7f0000000440), 0xf, 0x183043)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000001240)=@x86={0xd1, 0x8, 0x5, 0x0, 0xfffffffe, 0x2, 0xfa, 0x22, 0x8, 0xc, 0x82, 0x4, 0x0, 0xffff, 0xb, 0xfa, 0xf4, 0x7, 0x5, '\x00', 0x8, 0x2582984b})
ioctl$KVM_SET_IRQCHIP(r2, 0x8208ae63, &(0x7f0000000380)={0x2, 0x0, @ioapic={0x8000000, 0x9, 0x10000, 0xfffffffe, 0x0, [{0x2, 0x4, 0x87, '\x00', 0x8}, {0x9, 0x8, 0x2, '\x00', 0xb}, {0xff, 0x7f, 0xd3, '\x00', 0x67}, {0x0, 0x5, 0xf5, '\x00', 0xf}, {0x7, 0x9, 0xc, '\x00', 0xfb}, {0x0, 0x4, 0x54, '\x00', 0xff}, {0x71, 0xd5, 0xf1, '\x00', 0x83}, {0x3, 0x4, 0xc}, {0x7f, 0x5, 0xb, '\x00', 0x8}, {0xd7, 0xd, 0x8, '\x00', 0x6}, {0x0, 0x28, 0x80, '\x00', 0xdc}, {0xff, 0x5, 0xfe, '\x00', 0x1}, {0xfe, 0x7, 0x26}, {0xcf, 0x3, 0x1, '\x00', 0x6}, {0xf, 0xee, 0x7, '\x00', 0x3}, {0x39, 0x2, 0x6, '\x00', 0xb}, {0x9, 0x6, 0x2, '\x00', 0x8}, {0x5, 0xc, 0x5, '\x00', 0xc}, {0x1, 0x1, 0x7, '\x00', 0xc2}, {0x0, 0x80, 0xe, '\x00', 0x7f}, {0x1, 0xc, 0x80, '\x00', 0x7f}, {0x10, 0x6, 0x3, '\x00', 0x10}, {0x1, 0x23, 0xf3, '\x00', 0x4}, {0x7, 0x6, 0x4}]}})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000005c0)={r4, 0x800, {0x2a00, 0x80010000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x4, 0x1d, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd6447a4b4e00d9683dda1af1ea09d0200fb0a010000000000f5ffff0200", "2809e8dbe10859892d0000b420a9c81f40f05f819e0117020000f20020000000e903001000", "90be8b1c5512406c7f00", [0x4, 0x5]}})
r5 = io_uring_setup(0x6f6, &(0x7f00000003c0)={0x0, 0x0, 0x802, 0x8000, 0x4})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$igmp(0x2, 0x3, 0x2)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='net/raw\x00')
preadv(r6, &(0x7f00000002c0)=[{&(0x7f0000000440)=""/239, 0xef}], 0x1, 0xff, 0x3)
io_uring_register$IORING_REGISTER_BUFFERS2(r5, 0xf, &(0x7f0000005500)={0x3, 0x0, 0x0, &(0x7f0000005480)=[{0x0}, {0x0}, {&(0x7f0000005380)=""/255, 0xff}], &(0x7f00000054c0)=[0x0, 0x0, 0x5]}, 0x20)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r5, 0x10, &(0x7f0000007cc0)={0x2, 0x0, &(0x7f0000007c40)=[{0x0}], 0x0, 0x1}, 0x20)
r7 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
preadv(r7, &(0x7f0000000640)=[{&(0x7f0000000140)=""/134, 0x86}], 0x1, 0x0, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f0000000200), 0x20000, 0x0)
r8 = syz_open_dev$loop(&(0x7f0000000300), 0x8f, 0x0)
ioctl$LOOP_CONFIGURE(r8, 0x4c0a, &(0x7f0000001280)={r0, 0x200, {0x2a12, 0x80010000, 0x0, 0x3, 0x20000000000006, 0x0, 0x0, 0x3, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7ca64c6a4b4e00d9683dda1af1ea80000000000000000000000deff1200100000000000000000000000000800", "2809a9000000038948224ad54afac11d875375bdb2420000b420a1a93c7540f4767f9e01177d3dd40600000061ac000000800800", "90be8b1c55f96400", [0x5, 0x4]}})
syz_emit_ethernet(0x3e, &(0x7f0000000700)=ANY=[@ANYBLOB="cc2bfff8ffffffffffffffbb08004500003000000000000190780a010102ac1414aa0b019078002259aa133801ab323311ea806d0a00004512b79e0067000510110001ac1e0101e000000256c77fe31054d209f0195c17e8934094498195429ae1ca25a25a1ccceecb1db50f0eb95b7d715cb5a774a7760514303230f09414af32fc014d75269efc8d16b4893e352293dba0eca70cdfda3a05ccedcf0fcb5d9bd7025b7dc2b0cd7d2e9e9764552a7174e3f452ca1d9dc4fcf24b30415bcc39e5f6ab4a6ed4329552c517b115691c093e9f33353c4d105febed5acd35c88b3ec897d96fded4ca95e0787711ccee069ce20487fd4ca3488eaadc1234de0401f7c81751a3ceb66e01db523a2eed19e0b17fba4a549899bd96a35c43276d18c898af2085cd497d3404c828f49b55ae0858c232509475"], 0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r6, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0x2, 0x4e21, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}}, {0xa, 0x0, 0xfffffffd, @mcast2}}}, 0x48)
r9 = syz_usb_connect(0x0, 0x24, &(0x7f0000000980)=ANY=[@ANYBLOB="12010000b1bd2f087d0403508c2f010203010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r9, &(0x7f00000000c0)={0xc, &(0x7f0000000100)=ANY=[@ANYBLOB="0000f50000000341e9"], 0x0}, 0x0)
syz_usb_control_io$uac1(r9, 0x0, 0x0)
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r8)

217.826497ms ago: executing program 6 (id=1355):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000180)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
syz_io_uring_setup(0xefe, &(0x7f0000000140)={0x0, 0xcc19, 0x10806}, &(0x7f0000000000), &(0x7f0000000380))
unshare(0x24020400)
pselect6(0x40, &(0x7f0000000100)={0x100000}, 0x0, &(0x7f0000000240)={0x1f, 0xfffffffffffffffe, 0xe, 0x0, 0x7, 0x4, 0x0, 0xfffffffffffffffc}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)

0s ago: executing program 6 (id=1356):
r0 = epoll_create1(0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r2}, 0x18)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
pipe2$9p(&(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x80800)
write$P9_RGETLOCK(r4, &(0x7f0000000100)={0x1f, 0x37, 0x1, {0x0, 0x81, 0x5, r3, 0x1, '$'}}, 0x1f)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@mpls_newroute={0x1c, 0x18, 0x601, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}}, 0x1c}}, 0x0)
r8 = epoll_create1(0x0)
r9 = fcntl$dupfd(r1, 0x406, r0)
r10 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r8, &(0x7f0000000000)={0x20000002})
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r9, &(0x7f0000000040)={0x20000001})
epoll_ctl$EPOLL_CTL_ADD(r10, 0x1, r1, &(0x7f00000002c0)={0xa0000013})

kernel console output (not intermixed with test programs):

94967295 subj=_ pid=9572 comm="syz.2.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cb203f749 code=0x7fc00000
[  632.129073][   T37] audit: type=1326 audit(631.957:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9572 comm="syz.2.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cb203f749 code=0x7fc00000
[  632.129313][   T37] audit: type=1326 audit(631.957:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9572 comm="syz.2.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cb203f749 code=0x7fc00000
[  632.129557][   T37] audit: type=1326 audit(631.957:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9572 comm="syz.2.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2cb203f749 code=0x7fc00000
[  632.177306][   T10] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  632.339850][   T10] usb 5-1: config 1 has an invalid interface number: 7 but max is 0
[  632.339877][   T10] usb 5-1: config 1 has no interface number 0
[  632.339936][   T10] usb 5-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  632.339962][   T10] usb 5-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  632.339984][   T10] usb 5-1: config 1 interface 7 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 32
[  632.340007][   T10] usb 5-1: config 1 interface 7 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  632.343372][   T10] usb 5-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[  632.343401][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  632.343421][   T10] usb 5-1: Product: syz
[  632.343445][   T10] usb 5-1: Manufacturer: syz
[  632.343459][   T10] usb 5-1: SerialNumber: syz
[  632.361809][ T9579] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  632.361998][ T9579] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  632.417851][ T6448] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[  632.567321][ T6448] usb 6-1: Using ep0 maxpacket: 32
[  632.570562][ T6448] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  632.570588][ T6448] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  632.577956][ T6448] usb 6-1: New USB device found, idVendor=0ac8, idProduct=c301, bcdDevice= d.65
[  632.578032][ T6448] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  632.578052][ T6448] usb 6-1: Product: syz
[  632.578066][ T6448] usb 6-1: Manufacturer: syz
[  632.578080][ T6448] usb 6-1: SerialNumber: syz
[  632.589914][ T9579] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  632.592221][ T9579] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  632.601599][ T6448] usb 6-1: config 0 descriptor??
[  632.625284][   T10] usb 5-1: No status endpoint found
[  632.849743][   T10] usb 5-1: USB disconnect, device number 52
[  634.534144][ T9597] 9pnet_fd: Insufficient options for proto=fd
[  634.731487][ T9603] FAULT_INJECTION: forcing a failure.
[  634.731487][ T9603] name failslab, interval 1, probability 0, space 0, times 0
[  634.731524][ T9603] CPU: 1 UID: 0 PID: 9603 Comm: syz.2.1040 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  634.731552][ T9603] Tainted: [L]=SOFTLOCKUP
[  634.731560][ T9603] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  634.731572][ T9603] Call Trace:
[  634.731580][ T9603]  <TASK>
[  634.731588][ T9603]  dump_stack_lvl+0xe8/0x150
[  634.731618][ T9603]  should_fail_ex+0x46c/0x600
[  634.731647][ T9603]  ? skb_clone+0x212/0x3a0
[  634.731670][ T9603]  should_failslab+0xa8/0x100
[  634.731689][ T9603]  ? skb_clone+0x212/0x3a0
[  634.731709][ T9603]  kmem_cache_alloc_noprof+0x84/0x6c0
[  634.731734][ T9603]  ? safesetid_security_capable+0xa9/0x1a0
[  634.731767][ T9603]  skb_clone+0x212/0x3a0
[  634.731789][ T9603]  ? nfnetlink_rcv+0x4ba/0x2590
[  634.731814][ T9603]  nfnetlink_rcv+0x4ec/0x2590
[  634.731839][ T9603]  ? __local_bh_enable_ip+0x1af/0x2c0
[  634.731866][ T9603]  ? __dev_queue_xmit+0x253/0x3210
[  634.731890][ T9603]  ? __dev_queue_xmit+0x196a/0x3210
[  634.731911][ T9603]  ? netlink_unicast+0x811/0xa10
[  634.731930][ T9603]  ? netlink_sendmsg+0x805/0xb30
[  634.731951][ T9603]  ? __sock_sendmsg+0x21c/0x270
[  634.731979][ T9603]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  634.732009][ T9603]  ? __dev_queue_xmit+0x253/0x3210
[  634.732035][ T9603]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  634.732070][ T9603]  ? ref_tracker_free+0x61e/0x7c0
[  634.732094][ T9603]  ? __asan_memcpy+0x40/0x70
[  634.732115][ T9603]  ? __pfx_ref_tracker_free+0x10/0x10
[  634.732138][ T9603]  ? __skb_clone+0x63/0x7a0
[  634.732164][ T9603]  ? __skb_clone+0x483/0x7a0
[  634.732200][ T9603]  ? skb_clone+0x246/0x3a0
[  634.732227][ T9603]  ? __netlink_deliver_tap+0x807/0x850
[  634.732251][ T9603]  ? netlink_deliver_tap+0x2e/0x1b0
[  634.732290][ T9603]  netlink_unicast+0x846/0xa10
[  634.732321][ T9603]  ? __pfx_netlink_unicast+0x10/0x10
[  634.732341][ T9603]  ? __alloc_skb+0x198/0x3a0
[  634.732360][ T9603]  ? netlink_sendmsg+0x642/0xb30
[  634.732379][ T9603]  ? skb_put+0x11b/0x210
[  634.732401][ T9603]  netlink_sendmsg+0x805/0xb30
[  634.732432][ T9603]  ? __pfx_netlink_sendmsg+0x10/0x10
[  634.732462][ T9603]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  634.732486][ T9603]  ? __pfx_netlink_sendmsg+0x10/0x10
[  634.732508][ T9603]  __sock_sendmsg+0x21c/0x270
[  634.732535][ T9603]  ____sys_sendmsg+0x508/0x810
[  634.732563][ T9603]  ? __pfx_____sys_sendmsg+0x10/0x10
[  634.732596][ T9603]  ? import_iovec+0x74/0xa0
[  634.732618][ T9603]  ___sys_sendmsg+0x21f/0x2a0
[  634.732644][ T9603]  ? __pfx____sys_sendmsg+0x10/0x10
[  634.732700][ T9603]  ? __fget_files+0x2a/0x420
[  634.732720][ T9603]  ? __fget_files+0x3a6/0x420
[  634.732747][ T9603]  __x64_sys_sendmsg+0x1a1/0x260
[  634.732771][ T9603]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  634.732801][ T9603]  ? __pfx_ksys_write+0x10/0x10
[  634.732834][ T9603]  do_syscall_64+0xec/0xf80
[  634.732852][ T9603]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  634.732869][ T9603]  ? trace_irq_disable+0x37/0x100
[  634.732887][ T9603]  ? clear_bhb_loop+0x60/0xb0
[  634.732909][ T9603]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  634.732927][ T9603] RIP: 0033:0x7f2cb203f749
[  634.732944][ T9603] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  634.732961][ T9603] RSP: 002b:00007f2cb02a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  634.732981][ T9603] RAX: ffffffffffffffda RBX: 00007f2cb2295fa0 RCX: 00007f2cb203f749
[  634.732995][ T9603] RDX: 0000000000000040 RSI: 0000200000009b40 RDI: 0000000000000003
[  634.733007][ T9603] RBP: 00007f2cb02a6090 R08: 0000000000000000 R09: 0000000000000000
[  634.733020][ T9603] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  634.733031][ T9603] R13: 00007f2cb2296038 R14: 00007f2cb2295fa0 R15: 00007ffceb0349c8
[  634.733062][ T9603]  </TASK>
[  635.107324][   T10] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  635.231617][ T9607] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1042'.
[  635.231658][ T9607] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1042'.
[  635.232899][ T9607] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1042'.
[  635.232931][ T9607] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1042'.
[  635.287300][   T10] usb 2-1: Using ep0 maxpacket: 8
[  635.290026][   T10] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 7
[  635.292610][   T10] usb 2-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  635.292637][   T10] usb 2-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  635.292657][   T10] usb 2-1: Product: syz
[  635.292672][   T10] usb 2-1: Manufacturer: syz
[  635.292691][   T10] usb 2-1: SerialNumber: syz
[  635.569066][   T10] usb 2-1: Invalid connection information received from device
[  636.650087][  T804] usb 2-1: USB disconnect, device number 44
[  636.704903][ T5891] usb 6-1: USB disconnect, device number 29
[  637.295802][ T9625] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1046'.
[  638.146976][ T9627] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1046'.
[  639.953001][ T9648] netlink: 'syz.1.1054': attribute type 1 has an invalid length.
[  639.953024][ T9648] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1054'.
[  640.146509][ T9651] IPVS: persistence engine module ip_vs_pe_ not found
[  640.405993][ T9660] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1057'.
[  641.221246][    T9] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  641.524175][    T9] usb 2-1: Using ep0 maxpacket: 32
[  641.592089][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[  641.642296][    T9] usb 2-1: config 250 has an invalid interface number: 249 but max is 0
[  641.642335][    T9] usb 2-1: config 250 has no interface number 0
[  641.642408][    T9] usb 2-1: config 250 interface 249 has no altsetting 0
[  641.671863][    T9] usb 2-1: New USB device found, idVendor=046d, idProduct=0960, bcdDevice=97.4e
[  641.671902][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  641.671959][    T9] usb 2-1: Product: syz
[  641.671973][    T9] usb 2-1: Manufacturer: syz
[  641.672019][    T9] usb 2-1: SerialNumber: syz
[  642.544655][    T9] gspca_main: sunplus-2.14.0 probing 046d:0960
[  642.550242][    T9] gspca_sunplus: reg_w_riv err -71
[  642.550347][    T9] sunplus 2-1:250.249: probe with driver sunplus failed with error -71
[  642.568517][    T9] usb 2-1: USB disconnect, device number 45
[  642.768193][ T9680] FAULT_INJECTION: forcing a failure.
[  642.768193][ T9680] name failslab, interval 1, probability 0, space 0, times 0
[  642.768229][ T9680] CPU: 0 UID: 0 PID: 9680 Comm: syz.2.1060 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  642.768256][ T9680] Tainted: [L]=SOFTLOCKUP
[  642.768264][ T9680] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  642.768277][ T9680] Call Trace:
[  642.768285][ T9680]  <TASK>
[  642.768294][ T9680]  dump_stack_lvl+0xe8/0x150
[  642.768325][ T9680]  should_fail_ex+0x46c/0x600
[  642.768354][ T9680]  ? __alloc_skb+0x1dc/0x3a0
[  642.768384][ T9680]  should_failslab+0xa8/0x100
[  642.768405][ T9680]  ? __alloc_skb+0x1dc/0x3a0
[  642.768424][ T9680]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[  642.768451][ T9680]  ? lockdep_hardirqs_on+0x7b/0x110
[  642.768472][ T9680]  ? __alloc_skb+0x198/0x3a0
[  642.768494][ T9680]  __alloc_skb+0x1dc/0x3a0
[  642.768519][ T9680]  netlink_sendmsg+0x5c6/0xb30
[  642.768554][ T9680]  ? __pfx_netlink_sendmsg+0x10/0x10
[  642.768587][ T9680]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  642.768611][ T9680]  ? __pfx_netlink_sendmsg+0x10/0x10
[  642.768635][ T9680]  __sock_sendmsg+0x21c/0x270
[  642.768667][ T9680]  ____sys_sendmsg+0x508/0x810
[  642.768696][ T9680]  ? __pfx_____sys_sendmsg+0x10/0x10
[  642.768729][ T9680]  ? import_iovec+0x74/0xa0
[  642.768752][ T9680]  ___sys_sendmsg+0x21f/0x2a0
[  642.768778][ T9680]  ? __pfx____sys_sendmsg+0x10/0x10
[  642.768837][ T9680]  ? __fget_files+0x2a/0x420
[  642.768857][ T9680]  ? __fget_files+0x3a6/0x420
[  642.768887][ T9680]  __x64_sys_sendmsg+0x1a1/0x260
[  642.768913][ T9680]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  642.768948][ T9680]  ? __pfx_ksys_write+0x10/0x10
[  642.768984][ T9680]  do_syscall_64+0xec/0xf80
[  642.769003][ T9680]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  642.769022][ T9680]  ? trace_irq_disable+0x37/0x100
[  642.769043][ T9680]  ? clear_bhb_loop+0x60/0xb0
[  642.769067][ T9680]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  642.769085][ T9680] RIP: 0033:0x7f2cb203f749
[  642.769104][ T9680] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  642.769121][ T9680] RSP: 002b:00007f2cb02a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  642.769141][ T9680] RAX: ffffffffffffffda RBX: 00007f2cb2295fa0 RCX: 00007f2cb203f749
[  642.769155][ T9680] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000003
[  642.769167][ T9680] RBP: 00007f2cb02a6090 R08: 0000000000000000 R09: 0000000000000000
[  642.769179][ T9680] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  642.769191][ T9680] R13: 00007f2cb2296038 R14: 00007f2cb2295fa0 R15: 00007ffceb0349c8
[  642.769221][ T9680]  </TASK>
[  642.917319][    T9] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[  643.068120][    T9] usb 6-1: Using ep0 maxpacket: 32
[  643.070437][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  643.070463][    T9] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  643.073114][    T9] usb 6-1: New USB device found, idVendor=0ac8, idProduct=c301, bcdDevice= d.65
[  643.073141][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  643.073161][    T9] usb 6-1: Product: syz
[  643.073171][    T9] usb 6-1: Manufacturer: syz
[  643.073179][    T9] usb 6-1: SerialNumber: syz
[  643.076592][    T9] usb 6-1: config 0 descriptor??
[  645.337440][ T9699] 9pnet_fd: Insufficient options for proto=fd
[  646.017279][ T9716] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1069'.
[  648.688291][ T5877] usb 6-1: USB disconnect, device number 30
[  648.916592][ T9727] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1070'.
[  649.842314][ T9735] 9pnet_fd: p9_fd_create_tcp (9735): problem connecting socket to 127.0.0.1
[  649.848713][ T9736] overlayfs: missing 'lowerdir'
[  650.020412][ T9743] program syz.6.1076 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  651.127287][ T5969] usb 5-1: new full-speed USB device number 53 using dummy_hcd
[  651.151520][ T9751] netlink: 'syz.1.1066': attribute type 1 has an invalid length.
[  651.151544][ T9751] netlink: 224 bytes leftover after parsing attributes in process `syz.1.1066'.
[  651.247292][ T5891] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  651.279568][ T5969] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x81 has invalid wMaxPacketSize 0
[  651.279600][ T5969] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  651.279623][ T5969] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x3 has invalid wMaxPacketSize 0
[  651.279645][ T5969] usb 5-1: config 1 interface 0 has no altsetting 0
[  651.280896][ T5969] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  651.280923][ T5969] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  651.280943][ T5969] usb 5-1: SerialNumber: syz
[  651.335305][ T5969] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[  651.407262][ T5891] usb 7-1: Using ep0 maxpacket: 32
[  651.409524][ T5891] usb 7-1: config index 0 descriptor too short (expected 35577, got 27)
[  651.409552][ T5891] usb 7-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  651.409572][ T5891] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 92
[  651.409593][ T5891] usb 7-1: config 1 has no interface number 0
[  651.409642][ T5891] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  651.409668][ T5891] usb 7-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  651.409704][ T5891] usb 7-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  651.409725][ T5891] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  652.083276][ T9755] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  652.095815][ T9755] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  652.787106][ T6858] usb 5-1: USB disconnect, device number 53
[  652.856488][ T5891] snd_usb_pod 7-1:1.1: Line 6 Pocket POD found
[  652.899759][ T5891] snd_usb_pod 7-1:1.1: Line 6 Pocket POD now attached
[  653.954873][ T5891] snd_usb_pod 7-1:1.1: line6_send_raw_message_async_part: usb_submit_urb failed (-22)
[  653.980040][    T9] usb 7-1: USB disconnect, device number 8
[  654.006582][    T9] snd_usb_pod 7-1:1.1: Line 6 Pocket POD now disconnected
[  654.477344][ T9234] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[  654.667299][ T9234] usb 6-1: Using ep0 maxpacket: 32
[  654.669313][ T9234] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  654.669337][ T9234] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  654.671705][ T9234] usb 6-1: New USB device found, idVendor=0ac8, idProduct=c301, bcdDevice= d.65
[  654.671733][ T9234] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  654.671753][ T9234] usb 6-1: Product: syz
[  654.671767][ T9234] usb 6-1: Manufacturer: syz
[  654.671782][ T9234] usb 6-1: SerialNumber: syz
[  654.679624][ T9234] usb 6-1: config 0 descriptor??
[  655.109085][ T9793] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1085'.
[  655.114835][ T9794] netlink: 'syz.2.1089': attribute type 1 has an invalid length.
[  655.114856][ T9794] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1089'.
[  655.243505][ T9796] 9pnet_fd: Insufficient options for proto=fd
[  655.352429][ T9799] FAULT_INJECTION: forcing a failure.
[  655.352429][ T9799] name failslab, interval 1, probability 0, space 0, times 0
[  655.352467][ T9799] CPU: 1 UID: 0 PID: 9799 Comm: syz.1.1090 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  655.352495][ T9799] Tainted: [L]=SOFTLOCKUP
[  655.352502][ T9799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  655.352514][ T9799] Call Trace:
[  655.352522][ T9799]  <TASK>
[  655.352530][ T9799]  dump_stack_lvl+0xe8/0x150
[  655.352560][ T9799]  should_fail_ex+0x46c/0x600
[  655.352590][ T9799]  should_failslab+0xa8/0x100
[  655.352611][ T9799]  __kmalloc_cache_noprof+0x84/0x6d0
[  655.352640][ T9799]  ? alloc_fs_context+0x63/0x5a0
[  655.352667][ T9799]  alloc_fs_context+0x63/0x5a0
[  655.352690][ T9799]  ? kfree+0x1bd/0x900
[  655.352710][ T9799]  ? __se_sys_fsopen+0x96/0x2b0
[  655.352741][ T9799]  __se_sys_fsopen+0xa5/0x2b0
[  655.352770][ T9799]  do_syscall_64+0xec/0xf80
[  655.352790][ T9799]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  655.352808][ T9799]  ? trace_irq_disable+0x37/0x100
[  655.352829][ T9799]  ? clear_bhb_loop+0x60/0xb0
[  655.352852][ T9799]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  655.352871][ T9799] RIP: 0033:0x7fc5df7cf749
[  655.352890][ T9799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  655.352908][ T9799] RSP: 002b:00007fc5dda2e038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ae
[  655.352929][ T9799] RAX: ffffffffffffffda RBX: 00007fc5dfa25fa0 RCX: 00007fc5df7cf749
[  655.352944][ T9799] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000000000
[  655.352957][ T9799] RBP: 00007fc5dda2e090 R08: 0000000000000000 R09: 0000000000000000
[  655.352973][ T9799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  655.352985][ T9799] R13: 00007fc5dfa26038 R14: 00007fc5dfa25fa0 R15: 00007ffca1e598b8
[  655.353017][ T9799]  </TASK>
[  655.549880][ T1522] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  655.562602][ T1522] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  655.562655][ T1522] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  655.562691][ T1522] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  655.759919][ T9812] dlm: non-version read from control device 8224
[  656.066294][ T9820] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1096'.
[  657.188721][ T9830] FAULT_INJECTION: forcing a failure.
[  657.188721][ T9830] name failslab, interval 1, probability 0, space 0, times 0
[  657.188757][ T9830] CPU: 1 UID: 0 PID: 9830 Comm: syz.1.1097 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  657.188785][ T9830] Tainted: [L]=SOFTLOCKUP
[  657.188791][ T9830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  657.188803][ T9830] Call Trace:
[  657.188811][ T9830]  <TASK>
[  657.188820][ T9830]  dump_stack_lvl+0xe8/0x150
[  657.188849][ T9830]  should_fail_ex+0x46c/0x600
[  657.188880][ T9830]  should_failslab+0xa8/0x100
[  657.188902][ T9830]  __kmalloc_noprof+0xe0/0x7e0
[  657.188927][ T9830]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  657.188953][ T9830]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  657.188979][ T9830]  genl_family_rcv_msg_doit+0xb8/0x300
[  657.189003][ T9830]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  657.189021][ T9830]  ? rcu_is_watching+0x15/0xb0
[  657.189042][ T9830]  ? rcu_is_watching+0x15/0xb0
[  657.189059][ T9830]  ? cap_capable+0x123/0x440
[  657.189083][ T9830]  ? safesetid_security_capable+0xa9/0x1a0
[  657.189116][ T9830]  ? bpf_lsm_capable+0x9/0x20
[  657.189134][ T9830]  ? security_capable+0x7e/0x2e0
[  657.189159][ T9830]  genl_rcv_msg+0x60e/0x790
[  657.189183][ T9830]  ? __pfx_genl_rcv_msg+0x10/0x10
[  657.189199][ T9830]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  657.189217][ T9830]  ? __pfx_nl80211_set_interface+0x10/0x10
[  657.189244][ T9830]  ? __pfx_nl80211_post_doit+0x10/0x10
[  657.189264][ T9830]  ? __asan_memcpy+0x40/0x70
[  657.189286][ T9830]  ? __pfx_ref_tracker_free+0x10/0x10
[  657.189310][ T9830]  ? __skb_clone+0x63/0x7a0
[  657.189340][ T9830]  netlink_rcv_skb+0x208/0x470
[  657.189365][ T9830]  ? __pfx_genl_rcv_msg+0x10/0x10
[  657.189385][ T9830]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  657.189421][ T9830]  ? netlink_deliver_tap+0x2e/0x1b0
[  657.189444][ T9830]  ? netlink_deliver_tap+0x2e/0x1b0
[  657.189469][ T9830]  genl_rcv+0x28/0x40
[  657.189486][ T9830]  netlink_unicast+0x846/0xa10
[  657.189517][ T9830]  ? __pfx_netlink_unicast+0x10/0x10
[  657.189537][ T9830]  ? __alloc_skb+0x198/0x3a0
[  657.189557][ T9830]  ? netlink_sendmsg+0x642/0xb30
[  657.189579][ T9830]  ? skb_put+0x11b/0x210
[  657.189603][ T9830]  netlink_sendmsg+0x805/0xb30
[  657.189636][ T9830]  ? __pfx_netlink_sendmsg+0x10/0x10
[  657.189669][ T9830]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  657.189693][ T9830]  ? __pfx_netlink_sendmsg+0x10/0x10
[  657.189719][ T9830]  __sock_sendmsg+0x21c/0x270
[  657.189750][ T9830]  ____sys_sendmsg+0x508/0x810
[  657.189779][ T9830]  ? __pfx_____sys_sendmsg+0x10/0x10
[  657.189811][ T9830]  ? import_iovec+0x74/0xa0
[  657.189835][ T9830]  ___sys_sendmsg+0x21f/0x2a0
[  657.189861][ T9830]  ? __pfx____sys_sendmsg+0x10/0x10
[  657.189920][ T9830]  ? __fget_files+0x2a/0x420
[  657.189940][ T9830]  ? __fget_files+0x3a6/0x420
[  657.189970][ T9830]  __x64_sys_sendmsg+0x1a1/0x260
[  657.189995][ T9830]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  657.190028][ T9830]  ? __pfx_ksys_write+0x10/0x10
[  657.190065][ T9830]  do_syscall_64+0xec/0xf80
[  657.190084][ T9830]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  657.190102][ T9830]  ? trace_irq_disable+0x37/0x100
[  657.190122][ T9830]  ? clear_bhb_loop+0x60/0xb0
[  657.190146][ T9830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  657.190165][ T9830] RIP: 0033:0x7fc5df7cf749
[  657.190185][ T9830] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  657.190202][ T9830] RSP: 002b:00007fc5dda2e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  657.190224][ T9830] RAX: ffffffffffffffda RBX: 00007fc5dfa25fa0 RCX: 00007fc5df7cf749
[  657.190246][ T9830] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  657.190258][ T9830] RBP: 00007fc5dda2e090 R08: 0000000000000000 R09: 0000000000000000
[  657.190271][ T9830] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  657.190283][ T9830] R13: 00007fc5dfa26038 R14: 00007fc5dfa25fa0 R15: 00007ffca1e598b8
[  657.190316][ T9830]  </TASK>
[  657.715137][ T5966] usb 6-1: USB disconnect, device number 31
[  658.357499][ T9840] FAULT_INJECTION: forcing a failure.
[  658.357499][ T9840] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  658.357556][ T9840] CPU: 0 UID: 0 PID: 9840 Comm: syz.1.1101 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  658.357586][ T9840] Tainted: [L]=SOFTLOCKUP
[  658.357593][ T9840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  658.357604][ T9840] Call Trace:
[  658.357610][ T9840]  <TASK>
[  658.357616][ T9840]  dump_stack_lvl+0xe8/0x150
[  658.357635][ T9840]  should_fail_ex+0x46c/0x600
[  658.357653][ T9840]  _copy_to_user+0x31/0xb0
[  658.357665][ T9840]  simple_read_from_buffer+0xe1/0x170
[  658.357701][ T9840]  proc_fail_nth_read+0x1b6/0x220
[  658.357718][ T9840]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  658.357735][ T9840]  ? rw_verify_area+0x2ac/0x4e0
[  658.357749][ T9840]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  658.357765][ T9840]  vfs_read+0x206/0xa30
[  658.357783][ T9840]  ? __pfx_vfs_read+0x10/0x10
[  658.357798][ T9840]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  658.357810][ T9840]  ? lockdep_hardirqs_on+0x7b/0x110
[  658.357822][ T9840]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  658.357833][ T9840]  ? mutex_lock_nested+0x154/0x1d0
[  658.357845][ T9840]  ? fdget_pos+0x253/0x320
[  658.357861][ T9840]  ksys_read+0x14b/0x260
[  658.357877][ T9840]  ? __pfx_ksys_read+0x10/0x10
[  658.357897][ T9840]  do_syscall_64+0xec/0xf80
[  658.357907][ T9840]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  658.357917][ T9840]  ? clear_bhb_loop+0x60/0xb0
[  658.357930][ T9840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  658.357940][ T9840] RIP: 0033:0x7fc5df7ce15c
[  658.357950][ T9840] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  658.357960][ T9840] RSP: 002b:00007fc5dda0d030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  658.357972][ T9840] RAX: ffffffffffffffda RBX: 00007fc5dfa26090 RCX: 00007fc5df7ce15c
[  658.357981][ T9840] RDX: 000000000000000f RSI: 00007fc5dda0d0a0 RDI: 0000000000000005
[  658.357990][ T9840] RBP: 00007fc5dda0d090 R08: 0000000000000000 R09: 0000000000000000
[  658.357997][ T9840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  658.358003][ T9840] R13: 00007fc5dfa26128 R14: 00007fc5dfa26090 R15: 00007ffca1e598b8
[  658.358019][ T9840]  </TASK>
[  661.985508][ T9848] FAULT_INJECTION: forcing a failure.
[  661.985508][ T9848] name failslab, interval 1, probability 0, space 0, times 0
[  661.985545][ T9848] CPU: 1 UID: 0 PID: 9848 Comm: syz.4.1105 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  661.985574][ T9848] Tainted: [L]=SOFTLOCKUP
[  661.985582][ T9848] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  661.985594][ T9848] Call Trace:
[  661.985602][ T9848]  <TASK>
[  661.985611][ T9848]  dump_stack_lvl+0xe8/0x150
[  661.985642][ T9848]  should_fail_ex+0x46c/0x600
[  661.985671][ T9848]  ? __alloc_skb+0x1dc/0x3a0
[  661.985692][ T9848]  should_failslab+0xa8/0x100
[  661.985718][ T9848]  ? __alloc_skb+0x1dc/0x3a0
[  661.985738][ T9848]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[  661.985765][ T9848]  ? lockdep_hardirqs_on+0x7b/0x110
[  661.985787][ T9848]  ? __alloc_skb+0x198/0x3a0
[  661.985809][ T9848]  __alloc_skb+0x1dc/0x3a0
[  661.985834][ T9848]  netlink_sendmsg+0x5c6/0xb30
[  661.985869][ T9848]  ? __pfx_netlink_sendmsg+0x10/0x10
[  661.985902][ T9848]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  661.985926][ T9848]  ? __pfx_netlink_sendmsg+0x10/0x10
[  661.985952][ T9848]  __sock_sendmsg+0x21c/0x270
[  661.985983][ T9848]  ____sys_sendmsg+0x508/0x810
[  661.986014][ T9848]  ? __pfx_____sys_sendmsg+0x10/0x10
[  661.986046][ T9848]  ? import_iovec+0x74/0xa0
[  661.986070][ T9848]  ___sys_sendmsg+0x21f/0x2a0
[  661.986097][ T9848]  ? __pfx____sys_sendmsg+0x10/0x10
[  661.986153][ T9848]  ? __fget_files+0x2a/0x420
[  661.986173][ T9848]  ? __fget_files+0x3a6/0x420
[  661.986203][ T9848]  __x64_sys_sendmsg+0x1a1/0x260
[  661.986229][ T9848]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  661.986263][ T9848]  ? __pfx_ksys_write+0x10/0x10
[  661.986303][ T9848]  do_syscall_64+0xec/0xf80
[  661.986322][ T9848]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.986340][ T9848]  ? trace_irq_disable+0x37/0x100
[  661.986361][ T9848]  ? clear_bhb_loop+0x60/0xb0
[  661.986384][ T9848]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  661.986403][ T9848] RIP: 0033:0x7f6d3d8ff749
[  661.986420][ T9848] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  661.986438][ T9848] RSP: 002b:00007f6d3bb5e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  661.986460][ T9848] RAX: ffffffffffffffda RBX: 00007f6d3db55fa0 RCX: 00007f6d3d8ff749
[  661.986474][ T9848] RDX: 0000000000000040 RSI: 0000200000000100 RDI: 0000000000000003
[  661.986488][ T9848] RBP: 00007f6d3bb5e090 R08: 0000000000000000 R09: 0000000000000000
[  661.986501][ T9848] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  661.986513][ T9848] R13: 00007f6d3db56038 R14: 00007f6d3db55fa0 R15: 00007ffe7d371ef8
[  661.986546][ T9848]  </TASK>
[  662.472465][ T9859] Bluetooth: MGMT ver 1.23
[  662.887475][ T5920] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[  663.047234][ T5920] usb 6-1: Using ep0 maxpacket: 32
[  663.050535][ T5920] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  663.050560][ T5920] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  663.083253][ T5920] usb 6-1: New USB device found, idVendor=0ac8, idProduct=c301, bcdDevice= d.65
[  663.083284][ T5920] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  663.083304][ T5920] usb 6-1: Product: syz
[  663.083318][ T5920] usb 6-1: Manufacturer: syz
[  663.083333][ T5920] usb 6-1: SerialNumber: syz
[  663.124483][ T5920] usb 6-1: config 0 descriptor??
[  663.287370][ T9873] FAULT_INJECTION: forcing a failure.
[  663.287370][ T9873] name failslab, interval 1, probability 0, space 0, times 0
[  663.287407][ T9873] CPU: 1 UID: 0 PID: 9873 Comm: syz.1.1103 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  663.287433][ T9873] Tainted: [L]=SOFTLOCKUP
[  663.287441][ T9873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  663.287452][ T9873] Call Trace:
[  663.287460][ T9873]  <TASK>
[  663.287469][ T9873]  dump_stack_lvl+0xe8/0x150
[  663.287500][ T9873]  should_fail_ex+0x46c/0x600
[  663.287528][ T9873]  should_failslab+0xa8/0x100
[  663.287548][ T9873]  __kmalloc_noprof+0xe0/0x7e0
[  663.287573][ T9873]  ? vb2_core_create_bufs+0x3c4/0xde0
[  663.287600][ T9873]  ? vb2_core_create_bufs+0x359/0xde0
[  663.287622][ T9873]  vb2_core_create_bufs+0x3c4/0xde0
[  663.287638][ T9873]  ? arch_stack_walk+0xfc/0x150
[  663.287673][ T9873]  ? __pfx_vb2_core_create_bufs+0x10/0x10
[  663.287691][ T9873]  ? __lock_acquire+0x6b6/0x2cf0
[  663.287721][ T9873]  ? vb2_set_flags_and_caps+0x309/0x5f0
[  663.287755][ T9873]  vb2_create_bufs+0x5b9/0xae0
[  663.287787][ T9873]  ? __pfx_vb2_create_bufs+0x10/0x10
[  663.287818][ T9873]  ? vb2_set_flags_and_caps+0x309/0x5f0
[  663.287852][ T9873]  vb2_ioctl_create_bufs+0x288/0x3f0
[  663.287876][ T9873]  v4l_create_bufs+0x18c/0x290
[  663.287905][ T9873]  __video_do_ioctl+0xa5c/0xc10
[  663.287935][ T9873]  ? __pfx___video_do_ioctl+0x10/0x10
[  663.287968][ T9873]  video_usercopy+0x82a/0x13f0
[  663.287998][ T9873]  ? __pfx___video_do_ioctl+0x10/0x10
[  663.288017][ T9873]  ? __pfx_video_usercopy+0x10/0x10
[  663.288035][ T9873]  ? smack_file_ioctl+0x2ac/0x340
[  663.288073][ T9873]  ? __fget_files+0x2a/0x420
[  663.288091][ T9873]  ? __fget_files+0x3a6/0x420
[  663.288114][ T9873]  v4l2_ioctl+0x190/0x1e0
[  663.288133][ T9873]  ? __pfx_v4l2_ioctl+0x10/0x10
[  663.288153][ T9873]  __se_sys_ioctl+0xff/0x170
[  663.288179][ T9873]  do_syscall_64+0xec/0xf80
[  663.288198][ T9873]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.288215][ T9873]  ? trace_irq_disable+0x37/0x100
[  663.288234][ T9873]  ? clear_bhb_loop+0x60/0xb0
[  663.288257][ T9873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.288276][ T9873] RIP: 0033:0x7fc5df7cf749
[  663.288294][ T9873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  663.288312][ T9873] RSP: 002b:00007fc5dda2e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  663.288333][ T9873] RAX: ffffffffffffffda RBX: 00007fc5dfa25fa0 RCX: 00007fc5df7cf749
[  663.288347][ T9873] RDX: 0000200000000540 RSI: 00000000c100565c RDI: 0000000000000003
[  663.288360][ T9873] RBP: 00007fc5dda2e090 R08: 0000000000000000 R09: 0000000000000000
[  663.288373][ T9873] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  663.288385][ T9873] R13: 00007fc5dfa26038 R14: 00007fc5dfa25fa0 R15: 00007ffca1e598b8
[  663.288419][ T9873]  </TASK>
[  664.475592][ T9878] 9pnet_fd: Insufficient options for proto=fd
[  665.248533][ T9887] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1116'.
[  665.461429][ T9889] netlink: 300 bytes leftover after parsing attributes in process `syz.2.1104'.
[  666.315355][ T5977] usb 6-1: USB disconnect, device number 32
[  667.499707][ T9234] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  667.516834][   T37] kauditd_printk_skb: 445 callbacks suppressed
[  667.516854][   T37] audit: type=1326 audit(667.337:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9911 comm="syz.1.1126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5df7cf749 code=0x7ffc0000
[  667.517863][   T37] audit: type=1326 audit(667.337:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9911 comm="syz.1.1126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5df7cf749 code=0x7ffc0000
[  667.518775][   T37] audit: type=1326 audit(667.347:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9911 comm="syz.1.1126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=5 compat=0 ip=0x7fc5df7cf749 code=0x7ffc0000
[  667.522105][   T37] audit: type=1326 audit(667.347:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9911 comm="syz.1.1126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5df7cf749 code=0x7ffc0000
[  667.522555][   T37] audit: type=1326 audit(667.347:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9911 comm="syz.1.1126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5df7cf749 code=0x7ffc0000
[  667.632951][   T37] audit: type=1326 audit(667.457:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9911 comm="syz.1.1126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fc5df7cf749 code=0x7ffc0000
[  667.635200][   T37] audit: type=1326 audit(667.457:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9911 comm="syz.1.1126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5df7cf749 code=0x7ffc0000
[  667.635255][   T37] audit: type=1326 audit(667.457:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9911 comm="syz.1.1126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5df7cf749 code=0x7ffc0000
[  667.635297][   T37] audit: type=1326 audit(667.457:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9911 comm="syz.1.1126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fc5df7cf749 code=0x7ffc0000
[  667.677338][ T9234] usb 5-1: Using ep0 maxpacket: 16
[  667.697453][ T9234] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  667.697501][ T9234] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  667.697523][ T9234] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  668.624224][ T9234] usb 5-1: config 0 descriptor??
[  668.638845][   T37] audit: type=1326 audit(668.467:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9911 comm="syz.1.1126" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc5df7cf749 code=0x7ffc0000
[  669.643669][ T9234] mcp2221 0003:04D8:00DD.000C: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[  670.051189][ T9908] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  670.052857][ T9908] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  670.227465][ T9234] usb 5-1: USB disconnect, device number 54
[  670.247418][ T5877] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[  670.402271][ T5877] usb 6-1: Using ep0 maxpacket: 32
[  670.404183][ T5877] usb 6-1: config 0 has an invalid interface number: 51 but max is 0
[  670.404208][ T5877] usb 6-1: config 0 has no interface number 0
[  670.406641][ T5877] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  670.406668][ T5877] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  670.406687][ T5877] usb 6-1: Product: syz
[  670.406702][ T5877] usb 6-1: Manufacturer: syz
[  670.406716][ T5877] usb 6-1: SerialNumber: syz
[  670.457278][ T6813] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  670.576254][ T5877] usb 6-1: config 0 descriptor??
[  670.585595][ T5877] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  670.747626][ T6813] usb 3-1: Using ep0 maxpacket: 16
[  670.753875][ T6813] usb 3-1: New USB device found, idVendor=054c, idProduct=002e, bcdDevice= 5.00
[  670.754328][ T6813] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  670.754351][ T6813] usb 3-1: Product: syz
[  670.754365][ T6813] usb 3-1: Manufacturer: syz
[  670.754378][ T6813] usb 3-1: SerialNumber: syz
[  670.811351][ T6813] usb 3-1: config 0 descriptor??
[  670.816024][ T6813] usb-storage 3-1:0.0: USB Mass Storage device detected
[  670.846498][ T6813] usb-storage 3-1:0.0: Quirks match for vid 054c pid 002e: 1
[  670.867311][ T9234] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  671.021617][ T9234] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  671.021651][ T9234] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  671.021673][ T9234] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  671.021715][ T9234] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  671.021738][ T9234] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  671.104184][ T9234] usb 2-1: config 0 descriptor??
[  671.148300][ T5877] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  671.177506][ T5877] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  671.220387][ T9935] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1133'.
[  671.862966][ T9234] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  671.863002][ T9234] plantronics 0003:047F:FFFF.000D: unknown main item tag 0x0
[  671.863127][ T9234] plantronics 0003:047F:FFFF.000D: unbalanced collection at end of report description
[  671.863950][ T9234] plantronics 0003:047F:FFFF.000D: parse failed
[  671.864049][ T9234] plantronics 0003:047F:FFFF.000D: probe with driver plantronics failed with error -22
[  672.014956][    C1] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71
[  672.016609][ T9234] usb 6-1: USB disconnect, device number 33
[  672.072812][ T9234] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  672.092193][ T9234] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  672.100450][ T9234] quatech2 6-1:0.51: device disconnected
[  672.184503][ T9941] loop6: detected capacity change from 0 to 7
[  672.280715][ T9941]  loop6: [POWERTEC] p1
[  672.285083][ T9941] loop6: p1 size 1680801792 extends beyond EOD, truncated
[  672.767929][ T5877] usb 2-1: USB disconnect, device number 46
[  674.107514][ T5969] usb 3-1: USB disconnect, device number 53
[  675.527285][ T6858] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  675.957306][ T6858] usb 5-1: Using ep0 maxpacket: 16
[  675.963258][ T6858] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  675.966412][ T6858] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  675.966442][ T6858] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  675.966463][ T6858] usb 5-1: Product: syz
[  675.966477][ T6858] usb 5-1: Manufacturer: syz
[  675.966492][ T6858] usb 5-1: SerialNumber: syz
[  675.973392][ T6858] usb 5-1: config 0 descriptor??
[  676.038235][ T6858] hub 5-1:0.0: bad descriptor, ignoring hub
[  676.038259][ T6858] hub 5-1:0.0: probe with driver hub failed with error -5
[  676.041254][ T6858] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input38
[  676.091414][ T9965] FAULT_INJECTION: forcing a failure.
[  676.091414][ T9965] name failslab, interval 1, probability 0, space 0, times 0
[  676.091452][ T9965] CPU: 1 UID: 0 PID: 9965 Comm: syz.1.1145 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  676.091480][ T9965] Tainted: [L]=SOFTLOCKUP
[  676.091488][ T9965] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  676.091501][ T9965] Call Trace:
[  676.091509][ T9965]  <TASK>
[  676.091518][ T9965]  dump_stack_lvl+0xe8/0x150
[  676.091549][ T9965]  should_fail_ex+0x46c/0x600
[  676.091578][ T9965]  ? __d_alloc+0x37/0x6f0
[  676.091600][ T9965]  should_failslab+0xa8/0x100
[  676.091620][ T9965]  ? __d_alloc+0x37/0x6f0
[  676.091648][ T9965]  kmem_cache_alloc_lru_noprof+0x88/0x6c0
[  676.091682][ T9965]  __d_alloc+0x37/0x6f0
[  676.091709][ T9965]  path_from_stashed+0x384/0x5c0
[  676.091739][ T9965]  pidfs_alloc_file+0xfa/0x280
[  676.091762][ T9965]  ? __pfx_pidfs_alloc_file+0x10/0x10
[  676.091791][ T9965]  pidfd_prepare+0x155/0x1c0
[  676.091817][ T9965]  sk_getsockopt+0x1af3/0x2460
[  676.091838][ T9965]  ? get_pid_task+0x20/0x1f0
[  676.091870][ T9965]  ? __pfx_sk_getsockopt+0x10/0x10
[  676.091907][ T9965]  ? __lock_acquire+0x6b6/0x2cf0
[  676.091938][ T9965]  ? __might_fault+0xb0/0x130
[  676.091965][ T9965]  ? __might_fault+0xb0/0x130
[  676.092009][ T9965]  do_sock_getsockopt+0x20a/0x3d0
[  676.092083][ T9965]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  676.092107][ T9965]  ? __fget_files+0x3a6/0x420
[  676.092127][ T9965]  ? __fget_files+0x2a/0x420
[  676.092154][ T9965]  __x64_sys_getsockopt+0x1ab/0x250
[  676.092186][ T9965]  do_syscall_64+0xec/0xf80
[  676.092207][ T9965]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  676.092226][ T9965]  ? trace_irq_disable+0x37/0x100
[  676.092247][ T9965]  ? clear_bhb_loop+0x60/0xb0
[  676.092269][ T9965]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  676.092332][ T9965] RIP: 0033:0x7fc5df7cf749
[  676.092345][ T9965] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  676.092358][ T9965] RSP: 002b:00007fc5dda2e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[  676.092378][ T9965] RAX: ffffffffffffffda RBX: 00007fc5dfa25fa0 RCX: 00007fc5df7cf749
[  676.092391][ T9965] RDX: 000000000000004d RSI: 0000000000000001 RDI: 0000000000000004
[  676.092402][ T9965] RBP: 00007fc5dda2e090 R08: 0000200000000040 R09: 0000000000000000
[  676.092414][ T9965] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  676.092426][ T9965] R13: 00007fc5dfa26038 R14: 00007fc5dfa25fa0 R15: 00007ffca1e598b8
[  676.092459][ T9965]  </TASK>
[  676.371152][ T9968] overlayfs: failed to resolve './file1/file0': -2
[  676.624760][ T5920] usb 5-1: USB disconnect, device number 55
[  676.843386][ T9972] FAULT_INJECTION: forcing a failure.
[  676.843386][ T9972] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  676.843424][ T9972] CPU: 0 UID: 0 PID: 9972 Comm: syz.2.1147 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  676.843452][ T9972] Tainted: [L]=SOFTLOCKUP
[  676.843459][ T9972] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  676.843473][ T9972] Call Trace:
[  676.843481][ T9972]  <TASK>
[  676.843490][ T9972]  dump_stack_lvl+0xe8/0x150
[  676.843520][ T9972]  should_fail_ex+0x46c/0x600
[  676.843552][ T9972]  _copy_from_iter+0x1cd/0x1630
[  676.843580][ T9972]  ? kmalloc_reserve+0xbd/0x290
[  676.843601][ T9972]  ? rcu_is_watching+0x15/0xb0
[  676.843627][ T9972]  ? __pfx__copy_from_iter+0x10/0x10
[  676.843653][ T9972]  ? __build_skb_around+0x22d/0x3c0
[  676.843676][ T9972]  ? __alloc_skb+0x198/0x3a0
[  676.843697][ T9972]  ? netlink_sendmsg+0x642/0xb30
[  676.843720][ T9972]  ? skb_put+0x11b/0x210
[  676.843745][ T9972]  netlink_sendmsg+0x6b2/0xb30
[  676.843778][ T9972]  ? __pfx_netlink_sendmsg+0x10/0x10
[  676.843811][ T9972]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  676.843835][ T9972]  ? __pfx_netlink_sendmsg+0x10/0x10
[  676.843860][ T9972]  __sock_sendmsg+0x21c/0x270
[  676.843892][ T9972]  ____sys_sendmsg+0x508/0x810
[  676.843921][ T9972]  ? __pfx_____sys_sendmsg+0x10/0x10
[  676.843953][ T9972]  ? import_iovec+0x74/0xa0
[  676.843976][ T9972]  ___sys_sendmsg+0x21f/0x2a0
[  676.844002][ T9972]  ? __pfx____sys_sendmsg+0x10/0x10
[  676.844060][ T9972]  ? __fget_files+0x2a/0x420
[  676.844080][ T9972]  ? __fget_files+0x3a6/0x420
[  676.844109][ T9972]  __x64_sys_sendmsg+0x1a1/0x260
[  676.844136][ T9972]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  676.844169][ T9972]  ? __pfx_ksys_write+0x10/0x10
[  676.844212][ T9972]  do_syscall_64+0xec/0xf80
[  676.844232][ T9972]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  676.844250][ T9972]  ? trace_irq_disable+0x37/0x100
[  676.844270][ T9972]  ? clear_bhb_loop+0x60/0xb0
[  676.844293][ T9972]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  676.844312][ T9972] RIP: 0033:0x7f2cb203f749
[  676.844329][ T9972] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  676.844346][ T9972] RSP: 002b:00007f2cb02a6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  676.844367][ T9972] RAX: ffffffffffffffda RBX: 00007f2cb2295fa0 RCX: 00007f2cb203f749
[  676.844381][ T9972] RDX: 0000000000000040 RSI: 0000200000009b40 RDI: 0000000000000003
[  676.844394][ T9972] RBP: 00007f2cb02a6090 R08: 0000000000000000 R09: 0000000000000000
[  676.844406][ T9972] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  676.844418][ T9972] R13: 00007f2cb2296038 R14: 00007f2cb2295fa0 R15: 00007ffceb0349c8
[  676.844452][ T9972]  </TASK>
[  677.884671][ T9977] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1139'.
[  678.941821][   T37] kauditd_printk_skb: 2 callbacks suppressed
[  678.941840][   T37] audit: type=1326 audit(678.767:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.4.1148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  678.942121][   T37] audit: type=1326 audit(678.767:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.4.1148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  678.945384][   T37] audit: type=1326 audit(678.767:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.4.1148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  678.945435][   T37] audit: type=1326 audit(678.767:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.4.1148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  678.945675][   T37] audit: type=1326 audit(678.767:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.4.1148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  678.945722][   T37] audit: type=1326 audit(678.767:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.4.1148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  678.945856][   T37] audit: type=1326 audit(678.767:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.4.1148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  678.946058][   T37] audit: type=1326 audit(678.767:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.4.1148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  678.946200][   T37] audit: type=1326 audit(678.767:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.4.1148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  678.946339][   T37] audit: type=1326 audit(678.767:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9979 comm="syz.4.1148" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  679.208155][ T6858] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  679.304482][ T9991] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1153'.
[  679.387254][ T6858] usb 3-1: Using ep0 maxpacket: 16
[  679.399457][ T6858] usb 3-1: New USB device found, idVendor=054c, idProduct=002e, bcdDevice= 5.00
[  679.399486][ T6858] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  679.399505][ T6858] usb 3-1: Product: syz
[  679.399519][ T6858] usb 3-1: Manufacturer: syz
[  679.399533][ T6858] usb 3-1: SerialNumber: syz
[  679.409393][ T6858] usb 3-1: config 0 descriptor??
[  679.413760][ T6858] usb-storage 3-1:0.0: USB Mass Storage device detected
[  679.424862][ T6858] usb-storage 3-1:0.0: Quirks match for vid 054c pid 002e: 1
[  679.675678][ T6364] usb 5-1: new full-speed USB device number 56 using dummy_hcd
[  679.959237][ T6364] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x81 has invalid wMaxPacketSize 0
[  679.959269][ T6364] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  679.959347][ T6364] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x3 has invalid wMaxPacketSize 0
[  679.959369][ T6364] usb 5-1: config 1 interface 0 has no altsetting 0
[  679.961603][ T6364] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  679.961631][ T6364] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  679.961651][ T6364] usb 5-1: SerialNumber: syz
[  680.036466][ T6364] cdc_acm 5-1:1.0: Control and data interfaces are not separated!
[  680.207291][ T6364] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  680.851432][T10004] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  680.864277][T10004] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  681.618596][ T9234] usb 5-1: USB disconnect, device number 56
[  681.657415][ T6858] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  681.697267][ T6364] usb 7-1: Using ep0 maxpacket: 32
[  681.699582][ T6364] usb 7-1: config 0 has an invalid interface number: 188 but max is 0
[  681.699607][ T6364] usb 7-1: config 0 has no interface number 0
[  681.699657][ T6364] usb 7-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  681.702354][ T6364] usb 7-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  681.702382][ T6364] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  681.702402][ T6364] usb 7-1: Product: syz
[  681.702417][ T6364] usb 7-1: Manufacturer: syz
[  681.702431][ T6364] usb 7-1: SerialNumber: syz
[  681.773491][ T6364] usb 7-1: config 0 descriptor??
[  681.774719][T10001] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[  681.807371][ T6858] usb 2-1: Using ep0 maxpacket: 16
[  681.809861][ T6858] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  681.813058][ T6858] usb 2-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  681.813086][ T6858] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  681.813105][ T6858] usb 2-1: Product: syz
[  681.813119][ T6858] usb 2-1: Manufacturer: syz
[  681.813133][ T6858] usb 2-1: SerialNumber: syz
[  681.880455][ T6858] usb 2-1: config 0 descriptor??
[  681.888176][ T6858] hub 2-1:0.0: bad descriptor, ignoring hub
[  681.888212][ T6858] hub 2-1:0.0: probe with driver hub failed with error -5
[  681.898291][ T6858] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input39
[  681.983699][T10001] raw-gadget.2 gadget.6: fail, usb_ep_enable returned -22
[  681.985006][ T5920] usb 3-1: USB disconnect, device number 54
[  682.089143][T10009] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1149'.
[  682.176333][T10011] overlayfs: failed to resolve './file1/file0': -2
[  682.227423][T10008] netlink: 256 bytes leftover after parsing attributes in process `syz.2.1159'.
[  682.242938][T10001] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  682.243323][T10001] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  682.341711][T10014] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1149'.
[  682.498370][ T6858] usb 2-1: USB disconnect, device number 47
[  682.940795][ T6364] asix 7-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  682.940824][ T6364] asix 7-1:0.188 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  682.941142][ T6364] asix 7-1:0.188: probe with driver asix failed with error -71
[  682.991157][ T6364] usb 7-1: USB disconnect, device number 9
[  683.231374][T10032] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1165'.
[  684.096878][T10046] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1160'.
[  685.800312][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  687.556853][T10062] FAULT_INJECTION: forcing a failure.
[  687.556853][T10062] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  687.556891][T10062] CPU: 1 UID: 0 PID: 10062 Comm: syz.4.1173 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  687.556918][T10062] Tainted: [L]=SOFTLOCKUP
[  687.556926][T10062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  687.556947][T10062] Call Trace:
[  687.556955][T10062]  <TASK>
[  687.556963][T10062]  dump_stack_lvl+0xe8/0x150
[  687.556993][T10062]  should_fail_ex+0x46c/0x600
[  687.557024][T10062]  _copy_from_iter+0x4ff/0x1630
[  687.557063][T10062]  ? __pfx__copy_from_iter+0x10/0x10
[  687.557090][T10062]  ? __build_skb_around+0x22d/0x3c0
[  687.557115][T10062]  ? __alloc_skb+0x198/0x3a0
[  687.557137][T10062]  ? netlink_sendmsg+0x642/0xb30
[  687.557157][T10062]  ? skb_put+0x11b/0x210
[  687.557180][T10062]  netlink_sendmsg+0x6b2/0xb30
[  687.557210][T10062]  ? __pfx_netlink_sendmsg+0x10/0x10
[  687.557240][T10062]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  687.557262][T10062]  ? __pfx_netlink_sendmsg+0x10/0x10
[  687.557285][T10062]  __sock_sendmsg+0x21c/0x270
[  687.557314][T10062]  ____sys_sendmsg+0x508/0x810
[  687.557341][T10062]  ? __pfx_____sys_sendmsg+0x10/0x10
[  687.557370][T10062]  ? import_iovec+0x74/0xa0
[  687.557391][T10062]  ___sys_sendmsg+0x21f/0x2a0
[  687.557416][T10062]  ? __pfx____sys_sendmsg+0x10/0x10
[  687.557467][T10062]  ? __fget_files+0x2a/0x420
[  687.557486][T10062]  ? __fget_files+0x3a6/0x420
[  687.557512][T10062]  __x64_sys_sendmsg+0x1a1/0x260
[  687.557536][T10062]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  687.557568][T10062]  ? __pfx_ksys_write+0x10/0x10
[  687.557604][T10062]  do_syscall_64+0xec/0xf80
[  687.557624][T10062]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  687.557643][T10062]  ? trace_irq_disable+0x37/0x100
[  687.557663][T10062]  ? clear_bhb_loop+0x60/0xb0
[  687.557686][T10062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  687.557705][T10062] RIP: 0033:0x7f6d3d8ff749
[  687.557723][T10062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  687.557740][T10062] RSP: 002b:00007f6d3bb5e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  687.557760][T10062] RAX: ffffffffffffffda RBX: 00007f6d3db55fa0 RCX: 00007f6d3d8ff749
[  687.557775][T10062] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000004
[  687.557788][T10062] RBP: 00007f6d3bb5e090 R08: 0000000000000000 R09: 0000000000000000
[  687.557800][T10062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  687.557813][T10062] R13: 00007f6d3db56038 R14: 00007f6d3db55fa0 R15: 00007ffe7d371ef8
[  687.557848][T10062]  </TASK>
[  689.617351][ T6858] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[  689.767242][ T6858] usb 6-1: Using ep0 maxpacket: 16
[  689.773917][ T6858] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  689.776797][ T6858] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  689.776825][ T6858] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  689.776845][ T6858] usb 6-1: Product: syz
[  689.776859][ T6858] usb 6-1: Manufacturer: syz
[  689.776873][ T6858] usb 6-1: SerialNumber: syz
[  689.800374][ T6858] usb 6-1: config 0 descriptor??
[  689.831580][ T6858] hub 6-1:0.0: bad descriptor, ignoring hub
[  689.831603][ T6858] hub 6-1:0.0: probe with driver hub failed with error -5
[  689.834514][ T6858] input: syz syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input40
[  690.097630][T10074] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1172'.
[  690.237318][ T6858] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  690.367630][ T6102] usb 6-1: USB disconnect, device number 34
[  690.487254][ T6858] usb 3-1: Using ep0 maxpacket: 16
[  690.537886][ T6858] usb 3-1: New USB device found, idVendor=054c, idProduct=002e, bcdDevice= 5.00
[  690.537917][ T6858] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  690.537936][ T6858] usb 3-1: Product: syz
[  690.537951][ T6858] usb 3-1: Manufacturer: syz
[  690.537966][ T6858] usb 3-1: SerialNumber: syz
[  690.545362][ T6858] usb 3-1: config 0 descriptor??
[  690.548844][ T6858] usb-storage 3-1:0.0: USB Mass Storage device detected
[  690.562645][ T6858] usb-storage 3-1:0.0: Quirks match for vid 054c pid 002e: 1
[  690.562672][ T6858] usb-storage 3-1:0.0: This device (054c,002e,0500 S 04 P 00) has an unneeded SubClass entry in unusual_devs.h (kernel syzkaller)
[  690.562672][ T6858]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[  690.640692][T10087] CIFS: Unable to determine destination address
[  692.002046][T10097] fuse: Unknown parameter 'f¤Ã0x0000000000000004'
[  692.125218][T10102] FAULT_INJECTION: forcing a failure.
[  692.125218][T10102] name failslab, interval 1, probability 0, space 0, times 0
[  692.125258][T10102] CPU: 1 UID: 0 PID: 10102 Comm: syz.4.1184 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  692.125286][T10102] Tainted: [L]=SOFTLOCKUP
[  692.125294][T10102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  692.125307][T10102] Call Trace:
[  692.125316][T10102]  <TASK>
[  692.125325][T10102]  dump_stack_lvl+0xe8/0x150
[  692.125356][T10102]  should_fail_ex+0x46c/0x600
[  692.125386][T10102]  ? __alloc_skb+0x1dc/0x3a0
[  692.125407][T10102]  should_failslab+0xa8/0x100
[  692.125427][T10102]  ? __alloc_skb+0x1dc/0x3a0
[  692.125454][T10102]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[  692.125481][T10102]  ? lockdep_hardirqs_on+0x7b/0x110
[  692.125503][T10102]  ? __alloc_skb+0x198/0x3a0
[  692.125524][T10102]  __alloc_skb+0x1dc/0x3a0
[  692.125550][T10102]  netlink_ack+0x146/0xa50
[  692.125572][T10102]  ? __pfx_genl_rcv_msg+0x10/0x10
[  692.125590][T10102]  ? __pfx_nl802154_pre_doit+0x10/0x10
[  692.125617][T10102]  ? __pfx_nl802154_post_doit+0x10/0x10
[  692.125642][T10102]  ? __lock_acquire+0x6b6/0x2cf0
[  692.125678][T10102]  netlink_rcv_skb+0x28c/0x470
[  692.125702][T10102]  ? __pfx_genl_rcv_msg+0x10/0x10
[  692.125723][T10102]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  692.125762][T10102]  ? netlink_deliver_tap+0x2e/0x1b0
[  692.125785][T10102]  ? netlink_deliver_tap+0x2e/0x1b0
[  692.125813][T10102]  genl_rcv+0x28/0x40
[  692.125830][T10102]  netlink_unicast+0x846/0xa10
[  692.125861][T10102]  ? __pfx_netlink_unicast+0x10/0x10
[  692.125882][T10102]  ? __alloc_skb+0x198/0x3a0
[  692.125904][T10102]  ? netlink_sendmsg+0x642/0xb30
[  692.125926][T10102]  ? skb_put+0x11b/0x210
[  692.125952][T10102]  netlink_sendmsg+0x805/0xb30
[  692.125986][T10102]  ? __pfx_netlink_sendmsg+0x10/0x10
[  692.126020][T10102]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  692.126044][T10102]  ? __pfx_netlink_sendmsg+0x10/0x10
[  692.126070][T10102]  __sock_sendmsg+0x21c/0x270
[  692.126101][T10102]  ____sys_sendmsg+0x508/0x810
[  692.126131][T10102]  ? __pfx_____sys_sendmsg+0x10/0x10
[  692.126168][T10102]  ? import_iovec+0x74/0xa0
[  692.126191][T10102]  ___sys_sendmsg+0x21f/0x2a0
[  692.126218][T10102]  ? __pfx____sys_sendmsg+0x10/0x10
[  692.126278][T10102]  ? __fget_files+0x2a/0x420
[  692.126297][T10102]  ? __fget_files+0x3a6/0x420
[  692.126328][T10102]  __x64_sys_sendmsg+0x1a1/0x260
[  692.126354][T10102]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  692.126388][T10102]  ? __pfx_ksys_write+0x10/0x10
[  692.126426][T10102]  do_syscall_64+0xec/0xf80
[  692.126451][T10102]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  692.126470][T10102]  ? trace_irq_disable+0x37/0x100
[  692.126490][T10102]  ? clear_bhb_loop+0x60/0xb0
[  692.126514][T10102]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  692.126534][T10102] RIP: 0033:0x7f6d3d8ff749
[  692.126552][T10102] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  692.126570][T10102] RSP: 002b:00007f6d3bb5e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  692.126592][T10102] RAX: ffffffffffffffda RBX: 00007f6d3db55fa0 RCX: 00007f6d3d8ff749
[  692.126607][T10102] RDX: 0000000004000010 RSI: 0000200000000400 RDI: 0000000000000004
[  692.126621][T10102] RBP: 00007f6d3bb5e090 R08: 0000000000000000 R09: 0000000000000000
[  692.126634][T10102] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  692.126647][T10102] R13: 00007f6d3db56038 R14: 00007f6d3db55fa0 R15: 00007ffe7d371ef8
[  692.126682][T10102]  </TASK>
[  692.267386][ T6102] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[  692.449623][ T6102] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  692.449678][ T6102] usb 6-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  692.449700][ T6102] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  692.459552][ T6102] usb 6-1: config 0 descriptor??
[  692.476579][ T6102] pwc: Askey VC010 type 2 USB webcam detected.
[  694.167403][ T6102] pwc: send_video_command error -71
[  694.167435][ T6102] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  694.167547][ T6102] Philips webcam 6-1:0.0: probe with driver Philips webcam failed with error -71
[  694.177002][ T6102] usb 6-1: USB disconnect, device number 35
[  694.223301][ T6448] usb 3-1: USB disconnect, device number 55
[  694.996077][T10126] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  696.989639][ T6448] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  697.835175][ T6448] usb 3-1: Using ep0 maxpacket: 16
[  697.857025][ T6448] usb 3-1: device descriptor read/all, error -71
[  697.977343][ T5966] usb 7-1: new low-speed USB device number 10 using dummy_hcd
[  698.129741][ T5966] usb 7-1: config index 0 descriptor too short (expected 6427, got 27)
[  698.129771][ T5966] usb 7-1: config 0 has an invalid interface number: 21 but max is 0
[  698.129791][ T5966] usb 7-1: config 0 has no interface number 0
[  698.129842][ T5966] usb 7-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  698.129879][ T5966] usb 7-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  698.129901][ T5966] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  698.146399][T10139] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1196'.
[  698.197850][ T5966] usb 7-1: config 0 descriptor??
[  698.418326][T10133] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  698.418717][T10133] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  699.057056][ T5877] usb 7-1: USB disconnect, device number 10
[  701.621301][T10156] FAULT_INJECTION: forcing a failure.
[  701.621301][T10156] name failslab, interval 1, probability 0, space 0, times 0
[  701.621339][T10156] CPU: 1 UID: 0 PID: 10156 Comm: syz.4.1193 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  701.621367][T10156] Tainted: [L]=SOFTLOCKUP
[  701.621376][T10156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  701.621388][T10156] Call Trace:
[  701.621396][T10156]  <TASK>
[  701.621405][T10156]  dump_stack_lvl+0xe8/0x150
[  701.621435][T10156]  should_fail_ex+0x46c/0x600
[  701.621464][T10156]  ? __alloc_skb+0x1dc/0x3a0
[  701.621485][T10156]  should_failslab+0xa8/0x100
[  701.621506][T10156]  ? __alloc_skb+0x1dc/0x3a0
[  701.621524][T10156]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[  701.621551][T10156]  ? lockdep_hardirqs_on+0x7b/0x110
[  701.621573][T10156]  ? __alloc_skb+0x198/0x3a0
[  701.621595][T10156]  __alloc_skb+0x1dc/0x3a0
[  701.621619][T10156]  netlink_ack+0x146/0xa50
[  701.621642][T10156]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  701.621662][T10156]  ? ref_tracker_free+0x61e/0x7c0
[  701.621688][T10156]  ? __asan_memcpy+0x40/0x70
[  701.621718][T10156]  ? __pfx_ref_tracker_free+0x10/0x10
[  701.621753][T10156]  netlink_rcv_skb+0x28c/0x470
[  701.621787][T10156]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  701.621810][T10156]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  701.621845][T10156]  ? netlink_deliver_tap+0x2e/0x1b0
[  701.621876][T10156]  netlink_unicast+0x846/0xa10
[  701.621907][T10156]  ? __pfx_netlink_unicast+0x10/0x10
[  701.621928][T10156]  ? __alloc_skb+0x198/0x3a0
[  701.621949][T10156]  ? netlink_sendmsg+0x642/0xb30
[  701.621971][T10156]  ? skb_put+0x11b/0x210
[  701.621996][T10156]  netlink_sendmsg+0x805/0xb30
[  701.622029][T10156]  ? __pfx_netlink_sendmsg+0x10/0x10
[  701.622062][T10156]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  701.622086][T10156]  ? __pfx_netlink_sendmsg+0x10/0x10
[  701.622112][T10156]  __sock_sendmsg+0x21c/0x270
[  701.622144][T10156]  ____sys_sendmsg+0x508/0x810
[  701.622173][T10156]  ? __pfx_____sys_sendmsg+0x10/0x10
[  701.622206][T10156]  ? import_iovec+0x74/0xa0
[  701.622230][T10156]  ___sys_sendmsg+0x21f/0x2a0
[  701.622256][T10156]  ? __pfx____sys_sendmsg+0x10/0x10
[  701.622314][T10156]  ? __fget_files+0x2a/0x420
[  701.622333][T10156]  ? __fget_files+0x3a6/0x420
[  701.622364][T10156]  __x64_sys_sendmsg+0x1a1/0x260
[  701.622391][T10156]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  701.622424][T10156]  ? __pfx_ksys_write+0x10/0x10
[  701.622460][T10156]  do_syscall_64+0xec/0xf80
[  701.622478][T10156]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  701.622497][T10156]  ? trace_irq_disable+0x37/0x100
[  701.622517][T10156]  ? clear_bhb_loop+0x60/0xb0
[  701.622540][T10156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  701.622559][T10156] RIP: 0033:0x7f6d3d8ff749
[  701.622577][T10156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  701.622594][T10156] RSP: 002b:00007f6d3bb5e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  701.622614][T10156] RAX: ffffffffffffffda RBX: 00007f6d3db55fa0 RCX: 00007f6d3d8ff749
[  701.622630][T10156] RDX: 0000000000000000 RSI: 0000200000000540 RDI: 0000000000000004
[  701.622643][T10156] RBP: 00007f6d3bb5e090 R08: 0000000000000000 R09: 0000000000000000
[  701.622657][T10156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  701.622669][T10156] R13: 00007f6d3db56038 R14: 00007f6d3db55fa0 R15: 00007ffe7d371ef8
[  701.622706][T10156]  </TASK>
[  702.462758][ T9213] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[  703.483872][ T9213] usb 3-1: Using ep0 maxpacket: 8
[  703.486414][ T9213] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E
[  703.486445][ T9213] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  703.486468][ T9213] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  703.561908][ T9213] usb 3-1: New USB device found, idVendor=187f, idProduct=0200, bcdDevice=6b.ad
[  703.561939][ T9213] usb 3-1: New USB device strings: Mfr=55, Product=237, SerialNumber=3
[  703.561960][ T9213] usb 3-1: Product: syz
[  703.561974][ T9213] usb 3-1: Manufacturer: syz
[  703.561989][ T9213] usb 3-1: SerialNumber: syz
[  703.564957][ T9213] usb 3-1: config 0 descriptor??
[  703.604877][ T9213] smsusb:smsusb_probe: board id=2, interface number 0
[  703.616602][ T9213] smsusb:smsusb_probe: Device initialized with return code -19
[  703.641662][T10172] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1204'.
[  703.677401][T10172] netlink: 'syz.5.1204': attribute type 1 has an invalid length.
[  703.677531][T10172] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1204'.
[  703.771297][ T6448] usb 3-1: USB disconnect, device number 58
[  705.049603][ T6448] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[  705.197432][ T6448] usb 6-1: Using ep0 maxpacket: 16
[  705.200865][ T6448] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  705.222908][ T6448] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  705.222937][ T6448] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  705.222957][ T6448] usb 6-1: Product: syz
[  705.222972][ T6448] usb 6-1: Manufacturer: syz
[  705.222986][ T6448] usb 6-1: SerialNumber: syz
[  705.228259][ T6448] usb 6-1: config 0 descriptor??
[  705.249875][ T6448] hub 6-1:0.0: bad descriptor, ignoring hub
[  705.249910][ T6448] hub 6-1:0.0: probe with driver hub failed with error -5
[  705.255071][ T6448] input: syz syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input41
[  705.397319][ T6858] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[  705.547376][ T6858] usb 3-1: Using ep0 maxpacket: 16
[  705.551790][ T6858] usb 3-1: New USB device found, idVendor=054c, idProduct=002e, bcdDevice= 5.00
[  705.551819][ T6858] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  705.551838][ T6858] usb 3-1: Product: syz
[  705.551852][ T6858] usb 3-1: Manufacturer: syz
[  705.551866][ T6858] usb 3-1: SerialNumber: syz
[  705.561862][ T6858] usb 3-1: config 0 descriptor??
[  705.609038][ T6858] usb-storage 3-1:0.0: USB Mass Storage device detected
[  705.639861][ T6858] usb-storage 3-1:0.0: Quirks match for vid 054c pid 002e: 1
[  705.639903][ T6858] usb-storage 3-1:0.0: This device (054c,002e,0500 S 04 P 00) has an unneeded SubClass entry in unusual_devs.h (kernel syzkaller)
[  705.639903][ T6858]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[  706.778516][ T6448] usb 6-1: USB disconnect, device number 36
[  707.226303][T10201] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1212'.
[  708.229058][ T6364] usb 3-1: USB disconnect, device number 59
[  708.397398][T10204] FAULT_INJECTION: forcing a failure.
[  708.397398][T10204] name failslab, interval 1, probability 0, space 0, times 0
[  708.397433][T10204] CPU: 1 UID: 0 PID: 10204 Comm: syz.1.1209 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  708.397461][T10204] Tainted: [L]=SOFTLOCKUP
[  708.397469][T10204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  708.397481][T10204] Call Trace:
[  708.397489][T10204]  <TASK>
[  708.397497][T10204]  dump_stack_lvl+0xe8/0x150
[  708.397529][T10204]  should_fail_ex+0x46c/0x600
[  708.397561][T10204]  should_failslab+0xa8/0x100
[  708.397582][T10204]  __kmalloc_cache_node_noprof+0x8b/0x700
[  708.397611][T10204]  ? page_pool_create_percpu+0x76/0xba0
[  708.397645][T10204]  page_pool_create_percpu+0x76/0xba0
[  708.397670][T10204]  ? bpf_test_run_xdp_live+0x1ba/0x1b20
[  708.397702][T10204]  bpf_test_run_xdp_live+0x1cf/0x1b20
[  708.397735][T10204]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  708.397755][T10204]  ? lockdep_hardirqs_on+0x7b/0x110
[  708.397773][T10204]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  708.397793][T10204]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  708.397817][T10204]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  708.397845][T10204]  ? __pfx_bpf_test_run_xdp_live+0x10/0x10
[  708.397891][T10204]  ? 0xffffffffa020185c
[  708.397934][T10204]  ? __pfx_xdp_test_run_init_page+0x10/0x10
[  708.397970][T10204]  ? _copy_from_user+0x94/0xb0
[  708.397990][T10204]  ? bpf_test_init+0x113/0x150
[  708.398011][T10204]  ? xdp_convert_md_to_buff+0x5b/0x330
[  708.398046][T10204]  bpf_prog_test_run_xdp+0x7c0/0x10e0
[  708.398085][T10204]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  708.398114][T10204]  ? __fget_files+0x2a/0x420
[  708.398140][T10204]  ? __pfx_bpf_prog_test_run_xdp+0x10/0x10
[  708.398166][T10204]  bpf_prog_test_run+0x2cd/0x340
[  708.398193][T10204]  __sys_bpf+0x562/0x860
[  708.398215][T10204]  ? __pfx___sys_bpf+0x10/0x10
[  708.398233][T10204]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  708.398273][T10204]  ? ksys_write+0x230/0x260
[  708.398302][T10204]  ? __pfx_ksys_write+0x10/0x10
[  708.398334][T10204]  __x64_sys_bpf+0x7c/0x90
[  708.398355][T10204]  do_syscall_64+0xec/0xf80
[  708.398374][T10204]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  708.398393][T10204]  ? trace_irq_disable+0x37/0x100
[  708.398413][T10204]  ? clear_bhb_loop+0x60/0xb0
[  708.398437][T10204]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  708.398456][T10204] RIP: 0033:0x7fc5df7cf749
[  708.398474][T10204] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  708.398491][T10204] RSP: 002b:00007fc5dda2e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  708.398513][T10204] RAX: ffffffffffffffda RBX: 00007fc5dfa25fa0 RCX: 00007fc5df7cf749
[  708.398529][T10204] RDX: 0000000000000048 RSI: 0000200000000600 RDI: 000000000000000a
[  708.398542][T10204] RBP: 00007fc5dda2e090 R08: 0000000000000000 R09: 0000000000000000
[  708.398555][T10204] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  708.398568][T10204] R13: 00007fc5dfa26038 R14: 00007fc5dfa25fa0 R15: 00007ffca1e598b8
[  708.398601][T10204]  </TASK>
[  708.399316][ T5891] kernel write not supported for file bpf-prog (pid: 5891 comm: kworker/1:6)
[  708.801398][T10214] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1216'.
[  708.806364][T10214] netlink: 'syz.4.1216': attribute type 1 has an invalid length.
[  708.806386][T10214] netlink: 224 bytes leftover after parsing attributes in process `syz.4.1216'.
[  709.973467][T10221] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  713.294497][T10250] FAULT_INJECTION: forcing a failure.
[  713.294497][T10250] name failslab, interval 1, probability 0, space 0, times 0
[  713.294534][T10250] CPU: 1 UID: 0 PID: 10250 Comm: syz.5.1229 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  713.294562][T10250] Tainted: [L]=SOFTLOCKUP
[  713.294570][T10250] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  713.294582][T10250] Call Trace:
[  713.294591][T10250]  <TASK>
[  713.294600][T10250]  dump_stack_lvl+0xe8/0x150
[  713.294630][T10250]  should_fail_ex+0x46c/0x600
[  713.294657][T10250]  ? __alloc_skb+0x1dc/0x3a0
[  713.294678][T10250]  should_failslab+0xa8/0x100
[  713.294698][T10250]  ? __alloc_skb+0x1dc/0x3a0
[  713.294717][T10250]  kmem_cache_alloc_node_noprof+0x8b/0x6f0
[  713.294743][T10250]  ? lockdep_hardirqs_on+0x7b/0x110
[  713.294765][T10250]  ? __alloc_skb+0x198/0x3a0
[  713.294786][T10250]  __alloc_skb+0x1dc/0x3a0
[  713.294811][T10250]  netlink_ack+0x146/0xa50
[  713.294833][T10250]  ? __pfx_genl_rcv_msg+0x10/0x10
[  713.294856][T10250]  ? __lock_acquire+0x6b6/0x2cf0
[  713.294893][T10250]  netlink_rcv_skb+0x28c/0x470
[  713.294917][T10250]  ? __pfx_genl_rcv_msg+0x10/0x10
[  713.294939][T10250]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  713.294978][T10250]  ? netlink_deliver_tap+0x2e/0x1b0
[  713.295001][T10250]  ? netlink_deliver_tap+0x2e/0x1b0
[  713.295030][T10250]  genl_rcv+0x28/0x40
[  713.295047][T10250]  netlink_unicast+0x846/0xa10
[  713.295078][T10250]  ? __pfx_netlink_unicast+0x10/0x10
[  713.295099][T10250]  ? __alloc_skb+0x198/0x3a0
[  713.295121][T10250]  ? netlink_sendmsg+0x642/0xb30
[  713.295142][T10250]  ? skb_put+0x11b/0x210
[  713.295167][T10250]  netlink_sendmsg+0x805/0xb30
[  713.295200][T10250]  ? __pfx_netlink_sendmsg+0x10/0x10
[  713.295233][T10250]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  713.295258][T10250]  ? __pfx_netlink_sendmsg+0x10/0x10
[  713.295290][T10250]  __sock_sendmsg+0x21c/0x270
[  713.295325][T10250]  ____sys_sendmsg+0x508/0x810
[  713.295354][T10250]  ? __pfx_____sys_sendmsg+0x10/0x10
[  713.295388][T10250]  ? import_iovec+0x74/0xa0
[  713.295411][T10250]  ___sys_sendmsg+0x21f/0x2a0
[  713.295438][T10250]  ? __pfx____sys_sendmsg+0x10/0x10
[  713.295498][T10250]  ? __fget_files+0x2a/0x420
[  713.295518][T10250]  ? __fget_files+0x3a6/0x420
[  713.295549][T10250]  __x64_sys_sendmsg+0x1a1/0x260
[  713.295576][T10250]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  713.295610][T10250]  ? __pfx_ksys_write+0x10/0x10
[  713.295648][T10250]  do_syscall_64+0xec/0xf80
[  713.295668][T10250]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  713.295688][T10250]  ? trace_irq_disable+0x37/0x100
[  713.295709][T10250]  ? clear_bhb_loop+0x60/0xb0
[  713.295733][T10250]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  713.295752][T10250] RIP: 0033:0x7fd21950f749
[  713.295770][T10250] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  713.295789][T10250] RSP: 002b:00007fd21776e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  713.295810][T10250] RAX: ffffffffffffffda RBX: 00007fd219765fa0 RCX: 00007fd21950f749
[  713.295826][T10250] RDX: 000000002000c094 RSI: 0000200000000b00 RDI: 0000000000000004
[  713.295841][T10250] RBP: 00007fd21776e090 R08: 0000000000000000 R09: 0000000000000000
[  713.295854][T10250] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  713.295867][T10250] R13: 00007fd219766038 R14: 00007fd219765fa0 R15: 00007ffeb9ba2458
[  713.295901][T10250]  </TASK>
[  713.420543][T10251] netlink: 40 bytes leftover after parsing attributes in process `syz.6.1222'.
[  713.467308][   T31] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  714.464840][T10261] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1230'.
[  714.472642][T10261] netlink: 'syz.5.1230': attribute type 1 has an invalid length.
[  714.472662][T10261] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1230'.
[  714.517228][   T31] usb 5-1: Using ep0 maxpacket: 16
[  714.523681][   T31] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  714.526035][   T31] usb 5-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  714.526063][   T31] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  714.526082][   T31] usb 5-1: Product: syz
[  714.526097][   T31] usb 5-1: Manufacturer: syz
[  714.526111][   T31] usb 5-1: SerialNumber: syz
[  714.583558][   T31] usb 5-1: config 0 descriptor??
[  714.586440][   T31] hub 5-1:0.0: bad descriptor, ignoring hub
[  714.586478][   T31] hub 5-1:0.0: probe with driver hub failed with error -5
[  714.614783][   T31] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input42
[  714.723421][T10267] fuse: Unknown parameter 'f¤Ã0x0000000000000004'
[  714.841084][T10271] overlayfs: failed to resolve './file1/file0': -2
[  714.937337][ T6184] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  715.087261][ T6184] usb 2-1: Using ep0 maxpacket: 16
[  715.187034][ T6184] usb 2-1: New USB device found, idVendor=054c, idProduct=002e, bcdDevice= 5.00
[  715.187063][ T6184] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  715.187082][ T6184] usb 2-1: Product: syz
[  715.187097][ T6184] usb 2-1: Manufacturer: syz
[  715.187111][ T6184] usb 2-1: SerialNumber: syz
[  715.225647][ T6184] usb 2-1: config 0 descriptor??
[  715.234344][ T6184] usb-storage 2-1:0.0: USB Mass Storage device detected
[  715.239605][ T6184] usb-storage 2-1:0.0: Quirks match for vid 054c pid 002e: 1
[  715.239632][ T6184] usb-storage 2-1:0.0: This device (054c,002e,0500 S 04 P 00) has an unneeded SubClass entry in unusual_devs.h (kernel syzkaller)
[  715.239632][ T6184]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[  716.443527][ T6184] usb 2-1: USB disconnect, device number 48
[  717.690369][ T6102] usb 5-1: USB disconnect, device number 57
[  717.708335][T10289] netlink: 20 bytes leftover after parsing attributes in process `syz.5.1239'.
[  718.089558][ T3503] Bluetooth: (null): Invalid header checksum
[  718.209448][T10300] netlink: 'syz.1.1242': attribute type 1 has an invalid length.
[  719.341510][T10300] 8021q: adding VLAN 0 to HW filter on device bond1
[  719.364927][T10307] bond1: (slave geneve2): making interface the new active one
[  719.372991][T10307] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  719.780844][T10318] bridge1: entered allmulticast mode
[  720.068896][ T6102] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[  720.257385][ T6102] usb 6-1: Using ep0 maxpacket: 16
[  720.305125][ T6102] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  720.557307][ T6184] usb 5-1: new full-speed USB device number 58 using dummy_hcd
[  720.714602][ T6184] usb 5-1: unable to get BOS descriptor or descriptor too short
[  720.716987][ T6184] usb 5-1: not running at top speed; connect to a high speed hub
[  720.746489][ T6184] usb 5-1: config 4 has an invalid interface number: 110 but max is 0
[  720.746519][ T6184] usb 5-1: config 4 has no interface number 0
[  720.746566][ T6184] usb 5-1: config 4 interface 110 has no altsetting 0
[  720.770208][ T6184] usb 5-1: New USB device found, idVendor=06cd, idProduct=011b, bcdDevice=4f.71
[  720.770278][ T6184] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  720.770299][ T6184] usb 5-1: Product: syz
[  720.770313][ T6184] usb 5-1: Manufacturer: syz
[  720.770327][ T6184] usb 5-1: SerialNumber: syz
[  721.338388][ T6102] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  721.338420][ T6102] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  721.338440][ T6102] usb 6-1: Product: syz
[  721.338453][ T6102] usb 6-1: Manufacturer: syz
[  721.338467][ T6102] usb 6-1: SerialNumber: syz
[  725.140995][ T6184] keyspan 5-1:4.110: Keyspan - (without firmware) converter detected
[  725.354338][ T6184] usb 5-1: USB disconnect, device number 58
[  725.358559][ T6184] keyspan 5-1:4.110: device disconnected
[  725.613337][ T6102] usb 6-1: config 0 descriptor??
[  725.689256][ T6102] usb 6-1: can't set config #0, error -71
[  725.696347][ T6102] usb 6-1: USB disconnect, device number 37
[  725.721388][T10338] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.1241'.
[  727.018397][T10352] netlink: 'syz.5.1257': attribute type 1 has an invalid length.
[  727.085975][T10355] netlink: 'syz.2.1256': attribute type 1 has an invalid length.
[  727.086000][T10355] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1256'.
[  727.086278][T10352] 8021q: adding VLAN 0 to HW filter on device bond1
[  727.197337][ T6102] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[  727.357231][ T6102] usb 5-1: Using ep0 maxpacket: 16
[  727.364241][ T6102] usb 5-1: New USB device found, idVendor=054c, idProduct=002e, bcdDevice= 5.00
[  727.364272][ T6102] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  727.364293][ T6102] usb 5-1: Product: syz
[  727.364308][ T6102] usb 5-1: Manufacturer: syz
[  727.364323][ T6102] usb 5-1: SerialNumber: syz
[  727.379553][ T6102] usb 5-1: config 0 descriptor??
[  727.412846][ T6102] usb-storage 5-1:0.0: USB Mass Storage device detected
[  727.441310][ T6102] usb-storage 5-1:0.0: Quirks match for vid 054c pid 002e: 1
[  727.441338][ T6102] usb-storage 5-1:0.0: This device (054c,002e,0500 S 04 P 00) has an unneeded SubClass entry in unusual_devs.h (kernel syzkaller)
[  727.441338][ T6102]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[  727.515754][ T5806] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[  727.568497][T10369] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1259'.
[  728.378803][ T6102] usb 5-1: USB disconnect, device number 59
[  728.417277][ T5806] usb 6-1: Using ep0 maxpacket: 16
[  728.420822][ T5806] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  728.420854][ T5806] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  728.420877][ T5806] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  728.420918][ T5806] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  728.420947][ T5806] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  728.425884][ T5806] usb 6-1: config 0 descriptor??
[  728.629946][T10357] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  728.630325][T10357] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  728.631532][T10357] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  728.631939][T10357] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  728.639953][T10357] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  728.640347][T10357] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  728.642176][T10357] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  728.642529][T10357] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  728.643581][T10357] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  728.643950][T10357] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  728.852121][ T5806] usbhid 6-1:0.0: can't add hid device: -32
[  728.852241][ T5806] usbhid 6-1:0.0: probe with driver usbhid failed with error -32
[  729.006422][T10378] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1263'.
[  729.226941][ T5806] usb 3-1: new high-speed USB device number 60 using dummy_hcd
[  729.382449][ T5806] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  729.382483][ T5806] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  729.382506][ T5806] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  729.382547][ T5806] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  729.382570][ T5806] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  729.419250][ T5806] usb 3-1: config 0 descriptor??
[  729.746448][ T5969] usb 6-1: USB disconnect, device number 38
[  729.838299][ T5806] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  729.838334][ T5806] plantronics 0003:047F:FFFF.000E: unknown main item tag 0x0
[  729.838437][ T5806] plantronics 0003:047F:FFFF.000E: unbalanced collection at end of report description
[  729.839077][ T5806] plantronics 0003:047F:FFFF.000E: parse failed
[  729.839156][ T5806] plantronics 0003:047F:FFFF.000E: probe with driver plantronics failed with error -22
[  731.463134][T10400] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  731.463535][T10400] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  731.476815][T10402] netlink: 'syz.5.1269': attribute type 1 has an invalid length.
[  731.476838][T10402] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1269'.
[  731.737463][ T6448] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[  731.867277][ T6448] usb 5-1: device descriptor read/64, error -71
[  731.873832][T10409] netlink: 'syz.1.1254': attribute type 1 has an invalid length.
[  731.874781][ T5806] usb 3-1: USB disconnect, device number 60
[  732.133342][ T6448] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[  732.207278][    T9] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[  732.257554][ T6448] usb 5-1: device descriptor read/64, error -71
[  732.351180][    T9] usb 6-1: device descriptor read/64, error -71
[  732.369958][ T6448] usb usb5-port1: attempt power cycle
[  732.512143][T10420] FAULT_INJECTION: forcing a failure.
[  732.512143][T10420] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  732.512180][T10420] CPU: 1 UID: 0 PID: 10420 Comm: syz.6.1267 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  732.512207][T10420] Tainted: [L]=SOFTLOCKUP
[  732.512216][T10420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  732.512228][T10420] Call Trace:
[  732.512236][T10420]  <TASK>
[  732.512244][T10420]  dump_stack_lvl+0xe8/0x150
[  732.512276][T10420]  should_fail_ex+0x46c/0x600
[  732.512308][T10420]  _copy_from_user+0x2d/0xb0
[  732.512328][T10420]  ___sys_recvmsg+0x12e/0x510
[  732.512399][T10420]  ? __pfx____sys_recvmsg+0x10/0x10
[  732.512428][T10420]  ? __fget_files+0x2a/0x420
[  732.512478][T10420]  do_recvmmsg+0x30d/0x770
[  732.512511][T10420]  ? __pfx_do_recvmmsg+0x10/0x10
[  732.512547][T10420]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  732.512588][T10420]  __x64_sys_recvmmsg+0x190/0x240
[  732.512616][T10420]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  732.512651][T10420]  do_syscall_64+0xec/0xf80
[  732.512670][T10420]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  732.512689][T10420]  ? trace_irq_disable+0x37/0x100
[  732.512709][T10420]  ? clear_bhb_loop+0x60/0xb0
[  732.512733][T10420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  732.512752][T10420] RIP: 0033:0x7fc29ad8f749
[  732.512769][T10420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  732.512787][T10420] RSP: 002b:00007fc298ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  732.512808][T10420] RAX: ffffffffffffffda RBX: 00007fc29afe5fa0 RCX: 00007fc29ad8f749
[  732.512824][T10420] RDX: 0000000004000210 RSI: 0000200000001740 RDI: 0000000000000003
[  732.512837][T10420] RBP: 00007fc298ff6090 R08: 0000000000000000 R09: 0000000000000000
[  732.512850][T10420] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  732.512862][T10420] R13: 00007fc29afe6038 R14: 00007fc29afe5fa0 R15: 00007ffe15a4f208
[  732.512895][T10420]  </TASK>
[  732.647301][    T9] usb 6-1: new high-speed USB device number 40 using dummy_hcd
[  732.688331][T10422] FAULT_INJECTION: forcing a failure.
[  732.688331][T10422] name failslab, interval 1, probability 0, space 0, times 0
[  732.688368][T10422] CPU: 1 UID: 0 PID: 10422 Comm: syz.6.1273 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  732.688396][T10422] Tainted: [L]=SOFTLOCKUP
[  732.688403][T10422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  732.688416][T10422] Call Trace:
[  732.688424][T10422]  <TASK>
[  732.688432][T10422]  dump_stack_lvl+0xe8/0x150
[  732.688463][T10422]  should_fail_ex+0x46c/0x600
[  732.688494][T10422]  should_failslab+0xa8/0x100
[  732.688515][T10422]  __kmalloc_noprof+0xe0/0x7e0
[  732.688542][T10422]  ? genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  732.688570][T10422]  genl_family_rcv_msg_attrs_parse+0xa3/0x2a0
[  732.688600][T10422]  genl_family_rcv_msg_doit+0xb8/0x300
[  732.688630][T10422]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  732.688649][T10422]  ? rcu_is_watching+0x15/0xb0
[  732.688669][T10422]  ? rcu_is_watching+0x15/0xb0
[  732.688687][T10422]  ? cap_capable+0x123/0x440
[  732.688711][T10422]  ? safesetid_security_capable+0xa9/0x1a0
[  732.688740][T10422]  ? bpf_lsm_capable+0x9/0x20
[  732.688758][T10422]  ? security_capable+0x7e/0x2e0
[  732.688782][T10422]  genl_rcv_msg+0x60e/0x790
[  732.688807][T10422]  ? __pfx_genl_rcv_msg+0x10/0x10
[  732.688825][T10422]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  732.688843][T10422]  ? __pfx_nl80211_set_tx_bitrate_mask+0x10/0x10
[  732.688867][T10422]  ? __pfx_nl80211_post_doit+0x10/0x10
[  732.688888][T10422]  ? __asan_memcpy+0x40/0x70
[  732.688910][T10422]  ? __pfx_ref_tracker_free+0x10/0x10
[  732.688943][T10422]  netlink_rcv_skb+0x208/0x470
[  732.688968][T10422]  ? __pfx_genl_rcv_msg+0x10/0x10
[  732.688989][T10422]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  732.689027][T10422]  ? netlink_deliver_tap+0x2e/0x1b0
[  732.689050][T10422]  ? netlink_deliver_tap+0x2e/0x1b0
[  732.689078][T10422]  genl_rcv+0x28/0x40
[  732.689094][T10422]  netlink_unicast+0x846/0xa10
[  732.689124][T10422]  ? __pfx_netlink_unicast+0x10/0x10
[  732.689145][T10422]  ? __alloc_skb+0x198/0x3a0
[  732.689166][T10422]  ? netlink_sendmsg+0x642/0xb30
[  732.689188][T10422]  ? skb_put+0x11b/0x210
[  732.689212][T10422]  netlink_sendmsg+0x805/0xb30
[  732.689245][T10422]  ? __pfx_netlink_sendmsg+0x10/0x10
[  732.689277][T10422]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  732.689300][T10422]  ? __pfx_netlink_sendmsg+0x10/0x10
[  732.689332][T10422]  __sock_sendmsg+0x21c/0x270
[  732.689362][T10422]  ____sys_sendmsg+0x508/0x810
[  732.689391][T10422]  ? __pfx_____sys_sendmsg+0x10/0x10
[  732.689423][T10422]  ? import_iovec+0x74/0xa0
[  732.689446][T10422]  ___sys_sendmsg+0x21f/0x2a0
[  732.689471][T10422]  ? __pfx____sys_sendmsg+0x10/0x10
[  732.689528][T10422]  ? __fget_files+0x2a/0x420
[  732.689547][T10422]  ? __fget_files+0x3a6/0x420
[  732.689577][T10422]  __x64_sys_sendmsg+0x1a1/0x260
[  732.689603][T10422]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  732.689636][T10422]  ? __pfx_ksys_write+0x10/0x10
[  732.689672][T10422]  do_syscall_64+0xec/0xf80
[  732.689692][T10422]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  732.689710][T10422]  ? trace_irq_disable+0x37/0x100
[  732.689729][T10422]  ? clear_bhb_loop+0x60/0xb0
[  732.689753][T10422]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  732.689771][T10422] RIP: 0033:0x7fc29ad8f749
[  732.689789][T10422] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  732.689806][T10422] RSP: 002b:00007fc298ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  732.689826][T10422] RAX: ffffffffffffffda RBX: 00007fc29afe5fa0 RCX: 00007fc29ad8f749
[  732.689841][T10422] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  732.689853][T10422] RBP: 00007fc298ff6090 R08: 0000000000000000 R09: 0000000000000000
[  732.689866][T10422] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  732.689877][T10422] R13: 00007fc29afe6038 R14: 00007fc29afe5fa0 R15: 00007ffe15a4f208
[  732.689909][T10422]  </TASK>
[  732.737505][ T6448] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[  732.777336][ T6448] usb 5-1: device descriptor read/8, error -71
[  732.893342][T10425] pim6reg: entered allmulticast mode
[  732.897350][    T9] usb 6-1: device descriptor read/64, error -71
[  733.056151][T10428] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1274'.
[  733.137652][    T9] usb usb6-port1: attempt power cycle
[  733.217508][ T6448] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[  733.237969][ T6448] usb 5-1: device descriptor read/8, error -71
[  733.307407][ T5884] usb 3-1: new high-speed USB device number 61 using dummy_hcd
[  733.333293][T10439] FAULT_INJECTION: forcing a failure.
[  733.333293][T10439] name failslab, interval 1, probability 0, space 0, times 0
[  733.333339][T10439] CPU: 1 UID: 0 PID: 10439 Comm: syz.6.1280 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  733.333367][T10439] Tainted: [L]=SOFTLOCKUP
[  733.333375][T10439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  733.333387][T10439] Call Trace:
[  733.333395][T10439]  <TASK>
[  733.333422][T10439]  dump_stack_lvl+0xe8/0x150
[  733.333453][T10439]  should_fail_ex+0x46c/0x600
[  733.333482][T10439]  ? __inet_bhash2_update_saddr+0x1b8/0x2030
[  733.333510][T10439]  should_failslab+0xa8/0x100
[  733.333531][T10439]  ? __inet_bhash2_update_saddr+0x1b8/0x2030
[  733.333555][T10439]  kmem_cache_alloc_noprof+0x84/0x6c0
[  733.333588][T10439]  __inet_bhash2_update_saddr+0x1b8/0x2030
[  733.333616][T10439]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  733.333643][T10439]  ? lockdep_hardirqs_on+0x7b/0x110
[  733.333671][T10439]  ? xfrm_lookup_route+0x103/0x1c0
[  733.333695][T10439]  tcp_v4_connect+0xab2/0x1a90
[  733.333736][T10439]  ? __pfx_tcp_v4_connect+0x10/0x10
[  733.333769][T10439]  __inet_stream_connect+0x2ae/0xe70
[  733.333790][T10439]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  733.333822][T10439]  ? __pfx___inet_stream_connect+0x10/0x10
[  733.333843][T10439]  ? __local_bh_enable+0x1e2/0x2f0
[  733.333871][T10439]  ? __local_bh_enable_ip+0x1af/0x2c0
[  733.333892][T10439]  ? lockdep_hardirqs_on+0x7b/0x110
[  733.333916][T10439]  inet_stream_connect+0x66/0xa0
[  733.333942][T10439]  __sys_connect+0x323/0x450
[  733.333966][T10439]  ? __pfx___sys_connect+0x10/0x10
[  733.333999][T10439]  ? __pfx_ksys_write+0x10/0x10
[  733.334032][T10439]  __x64_sys_connect+0x7a/0x90
[  733.334054][T10439]  do_syscall_64+0xec/0xf80
[  733.334073][T10439]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  733.334091][T10439]  ? trace_irq_disable+0x37/0x100
[  733.334111][T10439]  ? clear_bhb_loop+0x60/0xb0
[  733.334134][T10439]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  733.334153][T10439] RIP: 0033:0x7fc29ad8f749
[  733.334171][T10439] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  733.334189][T10439] RSP: 002b:00007fc298ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  733.334211][T10439] RAX: ffffffffffffffda RBX: 00007fc29afe5fa0 RCX: 00007fc29ad8f749
[  733.334226][T10439] RDX: 0000000000000010 RSI: 0000200000000180 RDI: 0000000000000003
[  733.334239][T10439] RBP: 00007fc298ff6090 R08: 0000000000000000 R09: 0000000000000000
[  733.334252][T10439] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  733.334264][T10439] R13: 00007fc29afe6038 R14: 00007fc29afe5fa0 R15: 00007ffe15a4f208
[  733.334297][T10439]  </TASK>
[  733.474146][T10441] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1281'.
[  733.643002][ T6448] usb usb5-port1: unable to enumerate USB device
[  734.028026][ T5884] usb 3-1: Using ep0 maxpacket: 16
[  734.246339][    T9] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[  734.268116][    T9] usb 6-1: device descriptor read/8, error -71
[  734.296617][ T5884] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  734.296680][ T5884] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  734.296708][ T5884] usb 3-1: config 0 interface 0 altsetting 0 has a duplicate endpoint with address 0x2, skipping
[  734.296730][ T5884] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  734.318451][ T5884] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  734.318480][ T5884] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  734.318498][ T5884] usb 3-1: Manufacturer: syz
[  734.325506][ T5884] usb 3-1: config 0 descriptor??
[  734.507266][    T9] usb 6-1: new high-speed USB device number 42 using dummy_hcd
[  734.527975][    T9] usb 6-1: device descriptor read/8, error -71
[  734.633818][T10446] Bluetooth: MGMT ver 1.23
[  734.670283][    T9] usb usb6-port1: unable to enumerate USB device
[  734.701326][T10448] FAULT_INJECTION: forcing a failure.
[  734.701326][T10448] name failslab, interval 1, probability 0, space 0, times 0
[  734.701371][T10448] CPU: 0 UID: 0 PID: 10448 Comm: syz.1.1284 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  734.701399][T10448] Tainted: [L]=SOFTLOCKUP
[  734.701406][T10448] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  734.701419][T10448] Call Trace:
[  734.701427][T10448]  <TASK>
[  734.701436][T10448]  dump_stack_lvl+0xe8/0x150
[  734.701466][T10448]  should_fail_ex+0x46c/0x600
[  734.701497][T10448]  should_failslab+0xa8/0x100
[  734.701519][T10448]  __kmalloc_cache_noprof+0x84/0x6d0
[  734.701557][T10448]  ? alloc_super+0x5b/0xab0
[  734.701586][T10448]  alloc_super+0x5b/0xab0
[  734.701610][T10448]  ? rt_spin_unlock+0x161/0x200
[  734.701638][T10448]  sget_fc+0x329/0xa40
[  734.701664][T10448]  ? __pfx_set_anon_super_fc+0x10/0x10
[  734.701688][T10448]  ? __pfx_binderfs_fill_super+0x10/0x10
[  734.701710][T10448]  get_tree_nodev+0x2a/0x150
[  734.701737][T10448]  vfs_get_tree+0x92/0x2a0
[  734.701765][T10448]  vfs_cmd_create+0xa2/0x200
[  734.701795][T10448]  __se_sys_fsconfig+0x794/0x8e0
[  734.701828][T10448]  ? __pfx___se_sys_fsconfig+0x10/0x10
[  734.701861][T10448]  ? rcu_is_watching+0x15/0xb0
[  734.701881][T10448]  ? trace_sys_enter+0x25/0xf0
[  734.701908][T10448]  ? __x64_sys_fsconfig+0x20/0xc0
[  734.701936][T10448]  do_syscall_64+0xec/0xf80
[  734.701955][T10448]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  734.701973][T10448]  ? trace_irq_disable+0x37/0x100
[  734.701993][T10448]  ? clear_bhb_loop+0x60/0xb0
[  734.702016][T10448]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  734.702035][T10448] RIP: 0033:0x7fc5df7cf749
[  734.702053][T10448] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  734.702071][T10448] RSP: 002b:00007fc5dda2e038 EFLAGS: 00000246 ORIG_RAX: 00000000000001af
[  734.702093][T10448] RAX: ffffffffffffffda RBX: 00007fc5dfa25fa0 RCX: 00007fc5df7cf749
[  734.702107][T10448] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 0000000000000007
[  734.702120][T10448] RBP: 00007fc5dda2e090 R08: 0000000000000000 R09: 0000000000000000
[  734.702134][T10448] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  734.702145][T10448] R13: 00007fc5dfa26038 R14: 00007fc5dfa25fa0 R15: 00007ffca1e598b8
[  734.702179][T10448]  </TASK>
[  734.933342][T10451] FAULT_INJECTION: forcing a failure.
[  734.933342][T10451] name failslab, interval 1, probability 0, space 0, times 0
[  734.933378][T10451] CPU: 1 UID: 0 PID: 10451 Comm: syz.6.1285 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  734.933404][T10451] Tainted: [L]=SOFTLOCKUP
[  734.933412][T10451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  734.933424][T10451] Call Trace:
[  734.933432][T10451]  <TASK>
[  734.933440][T10451]  dump_stack_lvl+0xe8/0x150
[  734.933469][T10451]  should_fail_ex+0x46c/0x600
[  734.933499][T10451]  ? __d_alloc+0x37/0x6f0
[  734.933520][T10451]  should_failslab+0xa8/0x100
[  734.933540][T10451]  ? __d_alloc+0x37/0x6f0
[  734.933559][T10451]  kmem_cache_alloc_lru_noprof+0x88/0x6c0
[  734.933593][T10451]  __d_alloc+0x37/0x6f0
[  734.933613][T10451]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  734.933637][T10451]  d_alloc_pseudo+0x21/0xc0
[  734.933660][T10451]  alloc_file_pseudo+0xcc/0x210
[  734.933678][T10451]  ? rt_spin_lock+0x1c1/0x3e0
[  734.933702][T10451]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  734.933722][T10451]  ? rt_spin_unlock+0x150/0x200
[  734.933754][T10451]  anon_inode_getfile+0xc5/0x1a0
[  734.933779][T10451]  ? bpf_link_prime+0x47/0x270
[  734.933799][T10451]  bpf_link_prime+0x125/0x270
[  734.933820][T10451]  bpf_raw_tp_link_attach+0x499/0x640
[  734.933852][T10451]  ? __pfx_bpf_raw_tp_link_attach+0x10/0x10
[  734.933890][T10451]  ? __fget_files+0x2a/0x420
[  734.933919][T10451]  bpf_raw_tracepoint_open+0x1b8/0x220
[  734.933946][T10451]  __sys_bpf+0x73e/0x860
[  734.933970][T10451]  ? __pfx___sys_bpf+0x10/0x10
[  734.933988][T10451]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  734.934028][T10451]  ? ksys_write+0x230/0x260
[  734.934055][T10451]  ? __pfx_ksys_write+0x10/0x10
[  734.934096][T10451]  __x64_sys_bpf+0x7c/0x90
[  734.934116][T10451]  do_syscall_64+0xec/0xf80
[  734.934133][T10451]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  734.934151][T10451]  ? trace_irq_disable+0x37/0x100
[  734.934169][T10451]  ? clear_bhb_loop+0x60/0xb0
[  734.934191][T10451]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  734.934208][T10451] RIP: 0033:0x7fc29ad8f749
[  734.934225][T10451] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  734.934242][T10451] RSP: 002b:00007fc298ff6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  734.934264][T10451] RAX: ffffffffffffffda RBX: 00007fc29afe5fa0 RCX: 00007fc29ad8f749
[  734.934279][T10451] RDX: 0000000000000010 RSI: 0000200000000080 RDI: 0000000000000011
[  734.934292][T10451] RBP: 00007fc298ff6090 R08: 0000000000000000 R09: 0000000000000000
[  734.934305][T10451] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  734.934317][T10451] R13: 00007fc29afe6038 R14: 00007fc29afe5fa0 R15: 00007ffe15a4f208
[  734.934348][T10451]  </TASK>
[  736.008167][ T5884] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  736.162736][ T5884] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  736.162771][ T5884] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  736.162798][ T5884] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  736.162841][ T5884] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  736.162863][ T5884] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  736.186395][ T5884] usb 2-1: config 0 descriptor??
[  736.232610][T10465] netlink: 'syz.4.1290': attribute type 1 has an invalid length.
[  736.236532][T10465] netlink: 'syz.4.1290': attribute type 1 has an invalid length.
[  736.649089][T10471] netlink: 256 bytes leftover after parsing attributes in process `syz.4.1292'.
[  736.858286][ T5877] usb 3-1: USB disconnect, device number 61
[  736.893109][ T5884] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  736.893144][ T5884] plantronics 0003:047F:FFFF.000F: unknown main item tag 0x0
[  736.893288][ T5884] plantronics 0003:047F:FFFF.000F: unbalanced collection at end of report description
[  736.894680][ T5884] plantronics 0003:047F:FFFF.000F: parse failed
[  736.894788][ T5884] plantronics 0003:047F:FFFF.000F: probe with driver plantronics failed with error -22
[  736.997264][ T6364] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  737.147948][ T6364] usb 7-1: Using ep0 maxpacket: 32
[  737.152541][ T6364] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  737.152575][ T6364] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  737.152614][ T6364] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  737.152637][ T6364] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  737.178466][ T6364] usb 7-1: config 0 descriptor??
[  737.213277][ T6364] hub 7-1:0.0: USB hub found
[  737.414712][ T6364] hub 7-1:0.0: 1 port detected
[  737.685342][ T7655] usb 2-1: USB disconnect, device number 49
[  738.328354][ T6364] hub 7-1:0.0: hub_hub_status failed (err = -71)
[  738.328381][ T6364] hub 7-1:0.0: config failed, can't get hub status (err -71)
[  738.358545][ T6364] usbhid 7-1:0.0: can't add hid device: -71
[  738.358669][ T6364] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  738.390793][ T6364] usb 7-1: USB disconnect, device number 11
[  738.506743][T10511] FAULT_INJECTION: forcing a failure.
[  738.506743][T10511] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  738.506788][T10511] CPU: 1 UID: 0 PID: 10511 Comm: syz.1.1306 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  738.506814][T10511] Tainted: [L]=SOFTLOCKUP
[  738.506821][T10511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  738.506832][T10511] Call Trace:
[  738.506840][T10511]  <TASK>
[  738.506848][T10511]  dump_stack_lvl+0xe8/0x150
[  738.506877][T10511]  should_fail_ex+0x46c/0x600
[  738.506906][T10511]  _copy_to_user+0x31/0xb0
[  738.506928][T10511]  simple_read_from_buffer+0xe1/0x170
[  738.506952][T10511]  proc_fail_nth_read+0x1b6/0x220
[  738.506981][T10511]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  738.507010][T10511]  ? rw_verify_area+0x2ac/0x4e0
[  738.507033][T10511]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  738.507059][T10511]  vfs_read+0x206/0xa30
[  738.507090][T10511]  ? __pfx_vfs_read+0x10/0x10
[  738.507114][T10511]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  738.507137][T10511]  ? lockdep_hardirqs_on+0x7b/0x110
[  738.507154][T10511]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  738.507171][T10511]  ? mutex_lock_nested+0x154/0x1d0
[  738.507192][T10511]  ? fdget_pos+0x253/0x320
[  738.507219][T10511]  ksys_read+0x14b/0x260
[  738.507241][T10511]  ? __fget_files+0x3a6/0x420
[  738.507261][T10511]  ? __pfx_ksys_read+0x10/0x10
[  738.507285][T10511]  ? __pfx_sock_ioctl+0x10/0x10
[  738.507317][T10511]  do_syscall_64+0xec/0xf80
[  738.507335][T10511]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.507353][T10511]  ? trace_irq_disable+0x37/0x100
[  738.507372][T10511]  ? clear_bhb_loop+0x60/0xb0
[  738.507394][T10511]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.507412][T10511] RIP: 0033:0x7fc5df7ce15c
[  738.507430][T10511] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  738.507448][T10511] RSP: 002b:00007fc5dda2e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  738.507468][T10511] RAX: ffffffffffffffda RBX: 00007fc5dfa25fa0 RCX: 00007fc5df7ce15c
[  738.507481][T10511] RDX: 000000000000000f RSI: 00007fc5dda2e0a0 RDI: 0000000000000003
[  738.507492][T10511] RBP: 00007fc5dda2e090 R08: 0000000000000000 R09: 0000000000000000
[  738.507504][T10511] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  738.507516][T10511] R13: 00007fc5dfa26038 R14: 00007fc5dfa25fa0 R15: 00007ffca1e598b8
[  738.507547][T10511]  </TASK>
[  738.853583][T10518] FAULT_INJECTION: forcing a failure.
[  738.853583][T10518] name failslab, interval 1, probability 0, space 0, times 0
[  738.853619][T10518] CPU: 1 UID: 0 PID: 10518 Comm: syz.5.1309 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  738.853648][T10518] Tainted: [L]=SOFTLOCKUP
[  738.853656][T10518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  738.853668][T10518] Call Trace:
[  738.853677][T10518]  <TASK>
[  738.853685][T10518]  dump_stack_lvl+0xe8/0x150
[  738.853715][T10518]  should_fail_ex+0x46c/0x600
[  738.853746][T10518]  ? alloc_empty_file+0x55/0x1d0
[  738.853767][T10518]  should_failslab+0xa8/0x100
[  738.853787][T10518]  ? alloc_empty_file+0x55/0x1d0
[  738.853806][T10518]  kmem_cache_alloc_noprof+0x84/0x6c0
[  738.853831][T10518]  ? rt_spin_unlock+0x150/0x200
[  738.853863][T10518]  alloc_empty_file+0x55/0x1d0
[  738.853885][T10518]  alloc_file_pseudo+0x13d/0x210
[  738.853910][T10518]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  738.853933][T10518]  ? __pfx_hugetlb_reserve_pages+0x10/0x10
[  738.853955][T10518]  ? hugetlbfs_get_inode+0x448/0x640
[  738.853991][T10518]  hugetlb_file_setup+0x3f0/0x640
[  738.854017][T10518]  ksys_mmap_pgoff+0x22f/0x720
[  738.854043][T10518]  ? __x64_sys_mmap+0x7f/0x140
[  738.854070][T10518]  do_syscall_64+0xec/0xf80
[  738.854089][T10518]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.854108][T10518]  ? trace_irq_disable+0x37/0x100
[  738.854129][T10518]  ? clear_bhb_loop+0x60/0xb0
[  738.854153][T10518]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  738.854173][T10518] RIP: 0033:0x7fd21950f749
[  738.854199][T10518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  738.854217][T10518] RSP: 002b:00007fd21776e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  738.854240][T10518] RAX: ffffffffffffffda RBX: 00007fd219765fa0 RCX: 00007fd21950f749
[  738.854255][T10518] RDX: 0000000000000004 RSI: 0000000000004000 RDI: 0000200000200000
[  738.854270][T10518] RBP: 00007fd21776e090 R08: ffffffffffffffff R09: 0000000000000000
[  738.854284][T10518] R10: 000200000006c832 R11: 0000000000000246 R12: 0000000000000001
[  738.854298][T10518] R13: 00007fd219766038 R14: 00007fd219765fa0 R15: 00007ffeb9ba2458
[  738.854330][T10518]  </TASK>
[  738.877296][ T6364] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  739.055806][ T6364] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  739.055836][ T6364] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  739.055855][ T6364] usb 2-1: Product: syz
[  739.055868][ T6364] usb 2-1: Manufacturer: syz
[  739.055882][ T6364] usb 2-1: SerialNumber: syz
[  739.631414][ T6364] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  739.631479][ T6364] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  739.683615][T10528] Invalid logical block size (673)
[  740.017578][   T31] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  740.187326][   T31] usb 7-1: Using ep0 maxpacket: 16
[  740.190296][   T31] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  740.193649][   T31] usb 7-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  740.193777][   T31] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  740.193798][   T31] usb 7-1: Product: syz
[  740.193813][   T31] usb 7-1: Manufacturer: syz
[  740.193828][   T31] usb 7-1: SerialNumber: syz
[  740.210299][   T31] usb 7-1: config 0 descriptor??
[  740.217762][   T31] hub 7-1:0.0: bad descriptor, ignoring hub
[  740.218011][   T31] hub 7-1:0.0: probe with driver hub failed with error -5
[  740.243628][   T31] input: syz syz as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input43
[  740.519781][T10546] overlayfs: failed to resolve './file1/file0': -2
[  740.569467][   T31] usb 6-1: new full-speed USB device number 43 using dummy_hcd
[  740.737745][   T31] usb 6-1: unable to get BOS descriptor set
[  740.739595][   T31] usb 6-1: not running at top speed; connect to a high speed hub
[  740.746828][   T31] usb 6-1: config 9 has an invalid interface number: 139 but max is 0
[  740.746856][   T31] usb 6-1: config 9 has no interface number 0
[  740.746889][   T31] usb 6-1: config 9 interface 139 has no altsetting 0
[  740.753193][   T31] usb 6-1: New USB device found, idVendor=12d1, idProduct=5437, bcdDevice=7b.f0
[  740.753220][   T31] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  740.753291][   T31] usb 6-1: Product: syz
[  740.753306][   T31] usb 6-1: Manufacturer: syz
[  740.753319][   T31] usb 6-1: SerialNumber: syz
[  740.864630][ T6364] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE
[  740.874030][ T6364] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -EPIPE
[  741.050929][   T31] qmi_wwan 6-1:9.139: probe with driver qmi_wwan failed with error -22
[  741.087552][   T31] usb 6-1: USB disconnect, device number 43
[  741.147945][ T5969] usb 7-1: USB disconnect, device number 12
[  741.342685][T10514] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  741.344841][T10514] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  742.251471][    T9] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[  742.403723][    T9] usb 5-1: unable to read config index 0 descriptor/start: -61
[  742.403759][    T9] usb 5-1: can't read configurations, error -61
[  742.496795][ T6364] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000404. ret = -EPROTO
[  742.496858][ T6364] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  742.503667][ T6364] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  742.563465][ T6364] lan78xx 2-1:1.0: probe with driver lan78xx failed with error -71
[  742.597287][    T9] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[  744.001854][    T9] usb 5-1: unable to read config index 0 descriptor/start: -61
[  744.001889][    T9] usb 5-1: can't read configurations, error -61
[  744.002272][    T9] usb usb5-port1: attempt power cycle
[  744.031488][ T6364] usb 2-1: USB disconnect, device number 50
[  744.205070][T10566] FAULT_INJECTION: forcing a failure.
[  744.205070][T10566] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  744.205109][T10566] CPU: 1 UID: 0 PID: 10566 Comm: syz.1.1323 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  744.205137][T10566] Tainted: [L]=SOFTLOCKUP
[  744.205145][T10566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  744.205158][T10566] Call Trace:
[  744.205167][T10566]  <TASK>
[  744.205183][T10566]  dump_stack_lvl+0xe8/0x150
[  744.205214][T10566]  should_fail_ex+0x46c/0x600
[  744.205245][T10566]  _copy_to_user+0x31/0xb0
[  744.205267][T10566]  put_timespec64+0xc0/0x120
[  744.205295][T10566]  ? __pfx_put_timespec64+0x10/0x10
[  744.205331][T10566]  poll_select_finish+0x47e/0x5e0
[  744.205355][T10566]  ? __pfx_poll_select_finish+0x10/0x10
[  744.205380][T10566]  ? __pfx_set_user_sigmask+0x10/0x10
[  744.205400][T10566]  ? rt_mutex_slowunlock+0x1be/0x2e0
[  744.205425][T10566]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  744.205456][T10566]  __se_sys_pselect6+0x291/0x300
[  744.205489][T10566]  ? __pfx___se_sys_pselect6+0x10/0x10
[  744.205516][T10566]  ? __pfx_ksys_write+0x10/0x10
[  744.205547][T10566]  ? __x64_sys_pselect6+0x21/0xf0
[  744.205576][T10566]  do_syscall_64+0xec/0xf80
[  744.205595][T10566]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  744.205614][T10566]  ? trace_irq_disable+0x37/0x100
[  744.205633][T10566]  ? clear_bhb_loop+0x60/0xb0
[  744.205657][T10566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  744.205675][T10566] RIP: 0033:0x7fc5df7cf749
[  744.205693][T10566] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  744.205711][T10566] RSP: 002b:00007fc5dc9cd038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[  744.205732][T10566] RAX: ffffffffffffffda RBX: 00007fc5dfa26090 RCX: 00007fc5df7cf749
[  744.205748][T10566] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000040
[  744.205761][T10566] RBP: 00007fc5dc9cd090 R08: 0000200000000280 R09: 0000000000000000
[  744.205775][T10566] R10: 0000200000000240 R11: 0000000000000246 R12: 0000000000000001
[  744.205788][T10566] R13: 00007fc5dfa26128 R14: 00007fc5dfa26090 R15: 00007ffca1e598b8
[  744.205820][T10566]  </TASK>
[  744.596793][T10577] fuse: Unknown parameter 'f¤Ã0x0000000000000004'
[  745.044046][   T37] kauditd_printk_skb: 75 callbacks suppressed
[  745.044065][   T37] audit: type=1326 audit(744.867:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10584 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  745.044111][   T37] audit: type=1326 audit(744.867:609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10584 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  745.044151][   T37] audit: type=1326 audit(744.867:610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10584 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  745.044192][   T37] audit: type=1326 audit(744.867:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10584 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  745.044234][   T37] audit: type=1326 audit(744.867:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10584 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  745.044744][   T37] audit: type=1326 audit(744.867:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10584 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  745.044789][   T37] audit: type=1326 audit(744.867:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10584 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  745.045871][   T37] audit: type=1326 audit(744.867:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10584 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  745.045914][   T37] audit: type=1326 audit(744.867:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10584 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  745.046524][   T37] audit: type=1326 audit(744.867:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10584 comm="syz.4.1334" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6d3d8ff749 code=0x7ffc0000
[  745.467316][    T9] usb 6-1: new full-speed USB device number 44 using dummy_hcd
[  747.895156][ T1320] ieee802154 phy0 wpan0: encryption failed: -22
[  747.905438][    T9] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x81 has invalid wMaxPacketSize 0
[  747.905469][    T9] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  747.905490][    T9] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x3 has invalid wMaxPacketSize 0
[  747.905511][    T9] usb 6-1: config 1 interface 0 has no altsetting 0
[  747.952122][    T9] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  747.952152][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  747.952171][    T9] usb 6-1: SerialNumber: syz
[  748.019575][    T9] cdc_acm 6-1:1.0: Control and data interfaces are not separated!
[  748.186780][ T6102] usb 6-1: USB disconnect, device number 44
[  748.636431][T10617] netlink: 256 bytes leftover after parsing attributes in process `syz.6.1343'.
[  749.370888][T10634] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1346'.
[  753.330069][T10653] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1339'.
[  753.697331][ T5884] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[  753.847241][ T5884] usb 6-1: Using ep0 maxpacket: 8
[  753.854336][ T5884] usb 6-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  753.854367][ T5884] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  753.854387][ T5884] usb 6-1: Product: syz
[  753.854455][ T5884] usb 6-1: Manufacturer: syz
[  753.854471][ T5884] usb 6-1: SerialNumber: syz
[  753.900105][ T5884] usb 6-1: config 0 descriptor??
[  753.906640][ T5884] gspca_main: se401-2.14.0 probing 047d:5003
[  754.332247][ T5120] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  754.332281][ T5120] CPU: 1 UID: 0 PID: 5120 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  754.332312][ T5120] Tainted: [L]=SOFTLOCKUP
[  754.332320][ T5120] Hardware name: Google Google Compute Engi[  754.332320][ T5120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  754.332340][ T5120] Workqueue: hci3 hci_rx_work
[  754.332365][ T5120] Call Trace:
[  754.332384][ T5120]  <TASK>
[  754.332396][ T5120]  dump_stack_lvl+0xe8/0x150
[  754.332428][ T5120]  sysfs_create_dir_ns+0x259/0x280
[  754.332461][ T5120]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  754.332490][ T5120]  ? kobject_add_internal+0x69d/0xcd0
[  754.332521][ T5120]  kobject_add_internal+0x6b1/0xcd0
[  754.332553][ T5120]  kobject_add+0x155/0x220
[  754.332581][ T5120]  ? __pfx_kobject_add+0x10/0x10
[  754.332611][ T5120]  ? get_device_parent+0x370/0x3a0
[  754.332638][ T5120]  device_add+0x408/0xb80
[  754.332664][ T5120]  hci_conn_add_sysfs+0xd5/0x210
[  754.332698][ T5120]  le_conn_complete_evt+0xf1d/0x1420
[  754.332735][ T5120]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  754.332760][ T5120]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  754.332782][ T5120]  ? lockdep_hardirqs_on+0x7b/0x110
[  754.332804][ T5120]  ? skb_pull_data+0xfb/0x200
[  754.332837][ T5120]  hci_le_conn_complete_evt+0x187/0x480
[  754.332869][ T5120]  hci_event_packet+0x78f/0x1260
[  754.332902][ T5120]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  754.332928][ T5120]  ? __pfx_hci_event_packet+0x10/0x10
[  754.332956][ T5120]  ? rt_spin_unlock+0x150/0x200
[  754.332992][ T5120]  ? hci_send_to_monitor+0xe2/0x590
[  754.333021][ T5120]  hci_rx_work+0x3ee/0x1060
[  754.333049][ T5120]  ? process_scheduled_works+0x9ef/0x1770
[  754.333074][ T5120]  process_scheduled_works+0xad1/0x1770
[  754.333125][ T5120]  ? __pfx_process_scheduled_works+0x10/0x10
[  754.333146][ T5120]  ? do_raw_spin_lock+0x121/0x290
[  754.333186][ T5120]  worker_thread+0x8a0/0xda0
[  754.333237][ T5120]  kthread+0x711/0x8a0
[  754.333266][ T5120]  ? __pfx_worker_thread+0x10/0x10
[  754.333290][ T5120]  ? __pfx_kthread+0x10/0x10
[  754.333313][ T5120]  ? rt_spin_unlock+0x150/0x200
[  754.333342][ T5120]  ? rt_spin_unlock+0x161/0x200
[  754.333364][ T5120]  ? __pfx_kthread+0x10/0x10
[  754.333397][ T5120]  ret_from_fork+0x510/0xa50
[  754.333422][ T5120]  ? __pfx_ret_from_fork+0x10/0x10
[  754.333443][ T5120]  ? __switch_to+0xc9e/0x1480
[  754.333477][ T5120]  ? __pfx_kthread+0x10/0x10
[  754.333505][ T5120]  ret_from_fork_asm+0x1a/0x30
[  754.333552][ T5120]  </TASK>
[  754.333653][ T5120] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  754.333699][ T5120] Bluetooth: hci3: failed to register connection device
[  754.408142][ T5120] ==================================================================
[  754.408165][ T5120] BUG: KASAN: slab-use-after-free in l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  754.408206][ T5120] Read of size 8 at addr ffff88803765b7b0 by task kworker/u9:1/5120
[  754.408224][ T5120] 
[  754.408239][ T5120] CPU: 1 UID: 0 PID: 5120 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  754.408268][ T5120] Tainted: [L]=SOFTLOCKUP
[  754.408274][ T5120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  754.408287][ T5120] Workqueue: hci3 hci_rx_work
[  754.408305][ T5120] Call Trace:
[  754.408313][ T5120]  <TASK>
[  754.408323][ T5120]  dump_stack_lvl+0xe8/0x150
[  754.408350][ T5120]  print_report+0xca/0x240
[  754.408380][ T5120]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  754.408409][ T5120]  kasan_report+0x118/0x150
[  754.408439][ T5120]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  754.408470][ T5120]  l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  754.408500][ T5120]  l2cap_connect_cfm+0x367/0x10e0
[  754.408530][ T5120]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  754.408554][ T5120]  ? lockdep_hardirqs_on+0x7b/0x110
[  754.408573][ T5120]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  754.408593][ T5120]  ? mutex_lock_nested+0x154/0x1d0
[  754.408617][ T5120]  ? hci_connect_cfm+0x2c/0x140
[  754.408638][ T5120]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  754.408663][ T5120]  hci_connect_cfm+0x95/0x140
[  754.408685][ T5120]  le_conn_complete_evt+0xf65/0x1420
[  754.408713][ T5120]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  754.408736][ T5120]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  754.408756][ T5120]  ? lockdep_hardirqs_on+0x7b/0x110
[  754.408776][ T5120]  ? skb_pull_data+0xfb/0x200
[  754.408805][ T5120]  hci_le_conn_complete_evt+0x187/0x480
[  754.408831][ T5120]  hci_event_packet+0x78f/0x1260
[  754.408861][ T5120]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  754.408883][ T5120]  ? __pfx_hci_event_packet+0x10/0x10
[  754.408911][ T5120]  ? rt_spin_unlock+0x150/0x200
[  754.408939][ T5120]  ? hci_send_to_monitor+0xe2/0x590
[  754.408964][ T5120]  hci_rx_work+0x3ee/0x1060
[  754.408987][ T5120]  ? process_scheduled_works+0x9ef/0x1770
[  754.409010][ T5120]  process_scheduled_works+0xad1/0x1770
[  754.409043][ T5120]  ? __pfx_process_scheduled_works+0x10/0x10
[  754.409063][ T5120]  ? do_raw_spin_lock+0x121/0x290
[  754.409093][ T5120]  worker_thread+0x8a0/0xda0
[  754.409126][ T5120]  kthread+0x711/0x8a0
[  754.409152][ T5120]  ? __pfx_worker_thread+0x10/0x10
[  754.409174][ T5120]  ? __pfx_kthread+0x10/0x10
[  754.409197][ T5120]  ? rt_spin_unlock+0x150/0x200
[  754.409224][ T5120]  ? rt_spin_unlock+0x161/0x200
[  754.409247][ T5120]  ? __pfx_kthread+0x10/0x10
[  754.409272][ T5120]  ret_from_fork+0x510/0xa50
[  754.409295][ T5120]  ? __pfx_ret_from_fork+0x10/0x10
[  754.409315][ T5120]  ? __switch_to+0xc9e/0x1480
[  754.409344][ T5120]  ? __pfx_kthread+0x10/0x10
[  754.409376][ T5120]  ret_from_fork_asm+0x1a/0x30
[  754.409412][ T5120]  </TASK>
[  754.409420][ T5120] 
[  754.409426][ T5120] Allocated by task 5120:
[  754.409437][ T5120]  kasan_save_track+0x3e/0x80
[  754.409461][ T5120]  __kasan_kmalloc+0x93/0xb0
[  754.409484][ T5120]  __kmalloc_noprof+0x23e/0x7e0
[  754.409509][ T5120]  sk_prot_alloc+0xe7/0x220
[  754.409529][ T5120]  sk_alloc+0x3a/0x390
[  754.409546][ T5120]  bt_sock_alloc+0x3b/0x310
[  754.409562][ T5120]  l2cap_sock_new_connection_cb+0xe2/0x2e0
[  754.409587][ T5120]  l2cap_connect_cfm+0x367/0x10e0
[  754.409611][ T5120]  hci_connect_cfm+0x95/0x140
[  754.409630][ T5120]  le_conn_complete_evt+0xf65/0x1420
[  754.409651][ T5120]  hci_le_conn_complete_evt+0x187/0x480
[  754.409671][ T5120]  hci_event_packet+0x78f/0x1260
[  754.409696][ T5120]  hci_rx_work+0x3ee/0x1060
[  754.409711][ T5120]  process_scheduled_works+0xad1/0x1770
[  754.409728][ T5120]  worker_thread+0x8a0/0xda0
[  754.409747][ T5120]  kthread+0x711/0x8a0
[  754.409769][ T5120]  ret_from_fork+0x510/0xa50
[  754.409786][ T5120]  ret_from_fork_asm+0x1a/0x30
[  754.409811][ T5120] 
[  754.409816][ T5120] Freed by task 10671:
[  754.409825][ T5120]  kasan_save_track+0x3e/0x80
[  754.409847][ T5120]  kasan_save_free_info+0x46/0x50
[  754.409866][ T5120]  __kasan_slab_free+0x5c/0x80
[  754.409890][ T5120]  kfree+0x1bd/0x900
[  754.409910][ T5120]  __sk_destruct+0x626/0x880
[  754.409930][ T5120]  l2cap_sock_cleanup_listen+0xe0/0x450
[  754.409954][ T5120]  l2cap_sock_release+0x6e/0x270
[  754.409976][ T5120]  sock_close+0xc3/0x240
[  754.409999][ T5120]  __fput+0x45b/0xa80
[  754.410018][ T5120]  task_work_run+0x1d4/0x260
[  754.410042][ T5120]  do_exit+0x694/0x22f0
[  754.410065][ T5120]  do_group_exit+0x21c/0x2d0
[  754.410088][ T5120]  get_signal+0x125d/0x1310
[  754.410106][ T5120]  arch_do_signal_or_restart+0x9a/0x7a0
[  754.410130][ T5120]  exit_to_user_mode_loop+0x87/0x4e0
[  754.410153][ T5120]  do_syscall_64+0x2c1/0xf80
[  754.410170][ T5120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  754.410187][ T5120] 
[  754.410193][ T5120] The buggy address belongs to the object at ffff88803765b000
[  754.410193][ T5120]  which belongs to the cache kmalloc-2k of size 2048
[  754.410210][ T5120] The buggy address is located 1968 bytes inside of
[  754.410210][ T5120]  freed 2048-byte region [ffff88803765b000, ffff88803765b800)
[  754.410231][ T5120] 
[  754.410236][ T5120] The buggy address belongs to the physical page:
[  754.410259][ T5120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x37658
[  754.410279][ T5120] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  754.410295][ T5120] anon flags: 0x80000000000040(head|node=0|zone=1)
[  754.410312][ T5120] page_type: f5(slab)
[  754.410331][ T5120] raw: 0080000000000040 ffff88813ff27000 0000000000000000 dead000000000001
[  754.410349][ T5120] raw: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[  754.410373][ T5120] head: 0080000000000040 ffff88813ff27000 0000000000000000 dead000000000001
[  754.410390][ T5120] head: 0000000000000000 0000000000080008 00000000f5000000 0000000000000000
[  754.410408][ T5120] head: 0080000000000003 ffffea0000dd9601 00000000ffffffff 00000000ffffffff
[  754.410425][ T5120] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000008
[  754.410437][ T5120] page dumped because: kasan: bad access detected
[  754.410447][ T5120] page_owner tracks the page as allocated
[  754.410460][ T5120] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd28c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5799, tgid 5799 (syz-executor), ts 87518692978, free_ts 87491522319
[  754.410496][ T5120]  post_alloc_hook+0x234/0x290
[  754.410520][ T5120]  get_page_from_freelist+0x28c0/0x2960
[  754.410538][ T5120]  __alloc_frozen_pages_noprof+0x181/0x370
[  754.410556][ T5120]  alloc_pages_mpol+0xd1/0x380
[  754.410571][ T5120]  allocate_slab+0x86/0x3b0
[  754.410591][ T5120]  ___slab_alloc+0xb10/0x13e0
[  754.410608][ T5120]  __slab_alloc+0xc6/0x1f0
[  754.410625][ T5120]  __kmalloc_node_track_caller_noprof+0x2bf/0x810
[  754.410650][ T5120]  kmalloc_reserve+0x136/0x290
[  754.410669][ T5120]  pskb_expand_head+0x19d/0x1160
[  754.410690][ T5120]  netlink_trim+0x1b3/0x2c0
[  754.410709][ T5120]  netlink_broadcast_filtered+0xd6/0x1000
[  754.410730][ T5120]  nlmsg_notify+0xf0/0x1a0
[  754.410750][ T5120]  rtnetlink_event+0x224/0x270
[  754.410768][ T5120]  notifier_call_chain+0x19d/0x3a0
[  754.410790][ T5120]  netif_change_name+0x5db/0x970
[  754.410806][ T5120] page last free pid 5799 tgid 5799 stack trace:
[  754.410818][ T5120]  __free_frozen_pages+0xfe1/0x1170
[  754.410842][ T5120]  __put_partials+0x149/0x170
[  754.410860][ T5120]  __slab_free+0x2af/0x330
[  754.410878][ T5120]  qlist_free_all+0x97/0x100
[  754.410900][ T5120]  kasan_quarantine_reduce+0x148/0x160
[  754.410923][ T5120]  __kasan_slab_alloc+0x22/0x80
[  754.410946][ T5120]  kmem_cache_alloc_node_noprof+0x23c/0x6f0
[  754.410970][ T5120]  __alloc_skb+0x1dc/0x3a0
[  754.410987][ T5120]  netlink_sendmsg+0x5c6/0xb30
[  754.411010][ T5120]  __sock_sendmsg+0x21c/0x270
[  754.411034][ T5120]  __sys_sendto+0x3c7/0x520
[  754.411051][ T5120]  __x64_sys_sendto+0xde/0x100
[  754.411070][ T5120]  do_syscall_64+0xec/0xf80
[  754.411086][ T5120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  754.411104][ T5120] 
[  754.411109][ T5120] Memory state around the buggy address:
[  754.411120][ T5120]  ffff88803765b680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  754.411134][ T5120]  ffff88803765b700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  754.411149][ T5120] >ffff88803765b780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  754.411159][ T5120]                                      ^
[  754.411171][ T5120]  ffff88803765b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  754.411184][ T5120]  ffff88803765b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  754.411195][ T5120] ==================================================================
[  754.411217][ T5120] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  754.411239][ T5120] CPU: 1 UID: 0 PID: 5120 Comm: kworker/u9:1 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[  754.411268][ T5120] Tainted: [L]=SOFTLOCKUP
[  754.411276][ T5120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  754.411290][ T5120] Workqueue: hci3 hci_rx_work
[  754.411310][ T5120] Call Trace:
[  754.411318][ T5120]  <TASK>
[  754.411327][ T5120]  vpanic+0x1e0/0x670
[  754.411356][ T5120]  panic+0xb9/0xc0
[  754.411387][ T5120]  ? __pfx_panic+0x10/0x10
[  754.411414][ T5120]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  754.411443][ T5120]  ? rcu_is_watching+0x15/0xb0
[  754.411466][ T5120]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  754.411494][ T5120]  check_panic_on_warn+0x89/0xb0
[  754.411524][ T5120]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  754.411551][ T5120]  end_report+0x6f/0x140
[  754.411578][ T5120]  kasan_report+0x129/0x150
[  754.411607][ T5120]  ? l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  754.411639][ T5120]  l2cap_sock_new_connection_cb+0x1f9/0x2e0
[  754.411669][ T5120]  l2cap_connect_cfm+0x367/0x10e0
[  754.411698][ T5120]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  754.411722][ T5120]  ? lockdep_hardirqs_on+0x7b/0x110
[  754.411741][ T5120]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  754.411761][ T5120]  ? mutex_lock_nested+0x154/0x1d0
[  754.411785][ T5120]  ? hci_connect_cfm+0x2c/0x140
[  754.411806][ T5120]  ? __pfx_l2cap_connect_cfm+0x10/0x10
[  754.411831][ T5120]  hci_connect_cfm+0x95/0x140
[  754.411853][ T5120]  le_conn_complete_evt+0xf65/0x1420
[  754.411877][ T5120]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  754.411900][ T5120]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  754.411919][ T5120]  ? lockdep_hardirqs_on+0x7b/0x110
[  754.411936][ T5120]  ? skb_pull_data+0xfb/0x200
[  754.411963][ T5120]  hci_le_conn_complete_evt+0x187/0x480
[  754.411988][ T5120]  hci_event_packet+0x78f/0x1260
[  754.412015][ T5120]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  754.412037][ T5120]  ? __pfx_hci_event_packet+0x10/0x10
[  754.412064][ T5120]  ? rt_spin_unlock+0x150/0x200
[  754.412090][ T5120]  ? hci_send_to_monitor+0xe2/0x590
[  754.412114][ T5120]  hci_rx_work+0x3ee/0x1060
[  754.412134][ T5120]  ? process_scheduled_works+0x9ef/0x1770
[  754.412155][ T5120]  process_scheduled_works+0xad1/0x1770
[  754.412183][ T5120]  ? __pfx_process_scheduled_works+0x10/0x10
[  754.412200][ T5120]  ? do_raw_spin_lock+0x121/0x290
[  754.412224][ T5120]  worker_thread+0x8a0/0xda0
[  754.412252][ T5120]  kthread+0x711/0x8a0
[  754.412276][ T5120]  ? __pfx_worker_thread+0x10/0x10
[  754.412397][ T5120]  ? __pfx_kthread+0x10/0x10
[  754.412452][ T5120]  ? rt_spin_unlock+0x150/0x200
[  754.412520][ T5120]  ? rt_spin_unlock+0x161/0x200
[  754.412587][ T5120]  ? __pfx_kthread+0x10/0x10
[  754.412656][ T5120]  ret_from_fork+0x510/0xa50
[  754.412695][ T5120]  ? __pfx_ret_from_fork+0x10/0x10
[  754.412748][ T5120]  ? __switch_to+0xc9e/0x1480
[  754.412820][ T5120]  ? __pfx_kthread+0x10/0x10
[  754.412889][ T5120]  ret_from_fork_asm+0x1a/0x30
[  754.412982][ T5120]  </TASK>
[  754.413415][ T5120] Kernel Offset: disabled