last executing test programs:

22m26.201550281s ago: executing program 0 (id=321):
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x8c01, 0x0)
mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x4, 0x93031, 0xffffffffffffffff, 0x10000000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x4, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, [@call={0x85, 0x0, 0x0, 0x87}]}, &(0x7f0000000080)='GPL\x00'}, 0x94)
r0 = socket$pppoe(0x18, 0x1, 0x0)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f00000000c0)={0xc})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_ACTIVATE(r2, 0x4bfb, 0x10000000000ed9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000180)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000500)={0x8, 0x0, &(0x7f0000000440)=[@release], 0x0, 0x0, 0x0})
r5 = getpid()
sched_setscheduler(r5, 0x0, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x4000, 0x12)
ioctl$PPPOEIOCDFWD(r0, 0xb101, 0x0)
r8 = userfaultfd(0x801)
ioctl$UFFDIO_API(r8, 0xc018aa3f, &(0x7f00000000c0))
r9 = syz_open_procfs(r5, &(0x7f00000000c0)='task\x00')
fchdir(r9)

22m23.85865574s ago: executing program 0 (id=332):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00005f5000)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000980)={0x2, 0x400000000000003, 0x0, 0x0, 0x12, 0x0, 0x0, 0x0, [@sadb_lifetime={0x4, 0x3, 0x0, 0xfffffffffffffffd}, @sadb_address={0x5, 0x6, 0x6c, 0x0, 0x0, @in6={0xa, 0x3, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}, @sadb_address={0x5, 0x5, 0x0, 0x80, 0x0, @in6={0xa, 0x0, 0x0, @mcast1}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x2, 0x3}]}, 0x90}}, 0x0)

22m23.795041497s ago: executing program 0 (id=334):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000007980)=[{{0x0, 0x0, &(0x7f0000001780)=[{0x0}, {&(0x7f00000005c0)}], 0x2}}, {{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000880)="7035778905c2358b3ff9b75d1a3f836c8eb517894eeff6c3ee08f90b36b40ab65fe12942de6e899ac1c72c2b26cab39a23e073567e8b4f311f6f0ee91f1c21aaa91ec103706d8b0bb468babe142dc2fe14205b8b103eddb7dc4859df7a5435fb0ab98a9d090fda41c52411b0bc760b6395b38f4bb42e636f0e3cc18ea09098c449d270e9273c7f9b1ab34a93dc00f86fd9db692070cd76d050a18ecd11675465b23ad28cd927e5d819de8da2c0f7a116988133e822db0f855107e0fbf1f2f03b7036b252c56290a4eb70a44487c19c117db925981fc925b7c45967cdf3", 0xdd}, {&(0x7f00000002c0)="7c1a2d6c68f2b19af5ad5b3fbc13c1398f392d4e4912a47fd97c06e88e711432b971d95d781d72632d1369d5bc4db51e6dedbc9dd35219282a22db679e0734d6f64f608f7db61ee9dcba4b43f11d902fb9ba9566c7f94f39dbcae20665c5e1172a2ea6060acb92714a17ee6714dc06068795e0892d041d8c2f3559", 0x7b}, {&(0x7f0000000540)="08368fefde39d21623e23a9dd67b0c95a48022b4f407396964e4d1d2bcf1a7c71f16681007b08c6061a5a2e2aa144f9f9f3834323ffac830e41ec7ebe29248a7850257cedaaa8a54b1d65005dbd8fe4e86fc625d981ed8c6cd18", 0x5a}, {&(0x7f0000000980)="daa783cd66e6cbbbe761ae363ca91d0f8a1045df4f9a9cd7a8add41c38c00df6cea93ba7396c327f6ae2bcb858d08a21269be6091e8e362d6512bc51b29efdbb313d21d11c4b0a6bb9acd9d29146205ecd9ebff1ea64713b1d959b2bf125b17cece0048ad53d337e6c35da2be8696ea6a8eaf61db2fb466ad55972df50c67b8963976381a454b9763bfe1fe54c638f5d86e693734e2ee396eca7782d29c9d912eb34a80d30164b03624bf7d276c30426acfdfee3bb5a6242f7dc67863bdb918115b0cbc93171494957f635b068543b988682aaf6c00ba59923b259eb", 0xdc}, {&(0x7f0000000780)="e4562c344990b6edfba22eb307933df7454c92ad4d6266de0c508ecec4d22f530e2327f8d8edf73c54257bfc7bb393243b5fcd5f56a49650811e03b2796eb019de5647a4ff4f117a3aae441e9826d45c4cfb9edb82ca009ecadf936755db280697d8fc0fc9a664186582b44242e82bd682a992b95c8724de45f89bb6fee4b7346cb39028e0ed564a02041ea3bfa729481fc09e97", 0x94}, {&(0x7f0000000c80)="2aa89dcc6d20cf5a732764f89bf238658cba80614e317b8304dae54c36f6e447b2b6cc36779a2bc14605bdf8b1beccc5fde0f08e0363a89d728c719de27252ce4ddb980418e0a63877d1df377f63b485e06bcee092556dc841358902ec2c010d4a462bf625f1ebd1b56b45aaf5340b9298d866fae9ec13b1c4b5736e8e98b0f07466b5d9685ec2c7300d", 0x8a}], 0x6, &(0x7f0000000a80)=[@mark={{0x14, 0x1, 0x24, 0x6}}, @mark={{0x14, 0x1, 0x24, 0x8}}, @txtime={{0x18, 0x1, 0x3d, 0x7ff}}, @txtime={{0x18, 0x1, 0x3d, 0x3}}, @timestamping={{0x14, 0x1, 0x25, 0xa0}}], 0x78}}, {{0x0, 0x0, &(0x7f0000001040)=[{0x0}, {&(0x7f0000000d40)="6af118351b2776a2d3525c5f4d7d1103d5d9ab595e516eea9d608d34b09b177f7054e74349a3d6157be1b300dc6c58ab781ab4accbe2aa3169693042c761ea0c193666e4373d7b8ec4f2e36176da156c728696ccdb3dede7b6915fe44e21f74dbebc602610838e539c6a3a7c8cefe2f69cce79f76376f57de01c5517a88714ac6c", 0x81}, {0x0}, {0x0}, {&(0x7f0000000f80)}], 0x5, &(0x7f00000010c0)=[@txtime={{0x18, 0x1, 0x3d, 0xffffffffffffffff}}, @mark={{0x14, 0x1, 0x24, 0xfe3}}, @txtime={{0x18, 0x1, 0x3d, 0x1000000000000}}, @timestamping={{0x14, 0x1, 0x25, 0x2}}], 0x60}}, {{&(0x7f0000001380)=@in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x12}}, 0x80, 0x0}}, {{&(0x7f0000001580)=@l2tp6={0xa, 0x0, 0x1, @ipv4={'\x00', '\xff\xff', @loopback}, 0xdbc2, 0x2}, 0x80, 0x0}}], 0x5, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002dc0)=ANY=[], 0x570}}], 0x1, 0x810)
sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000040601b5a89102006c834ca000000001ffff09"], 0x14}, 0x1, 0x0, 0x0, 0x40040}, 0x800)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r5 = accept4(r4, 0x0, 0x0, 0x800)
sendmmsg$alg(r5, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0, 0xf000})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f0000000600)=""/100, &(0x7f0000000c00)=""/79, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000580)=0x1)

22m23.586886071s ago: executing program 0 (id=337):
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6(0xa, 0x3, 0x7)
bind$inet6(r0, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @mcast1={0xff, 0x5}}, 0x1c)
syz_open_pts(0xffffffffffffffff, 0x200000)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={0x0, r1, 0x0, 0x6}, 0x18)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a4c010000140a040200000000000000000a0000010900020073797a32000000000900020073797a3200000000850008003a23d0414e4add6f2d558afa4281875effa2ae0af41ff7690e051a41488c5764bdd0803b061b4659d758a80b990ac31c536498d05594f64ef0554a8bcc6a14d2ca58ae7b70f5d4f5b9769e5c9007d6fccb18ad75a3b5638048d052e3d73b6b40ee21cda9c1bd7c27fba669209f2e999fac2d25910c86ff4503d40da35fcda85ff10000009800080030f8381499f649e3385814b331c58ffc71ba84f580f477c6465928d001062577c01dcf20b282cf29e6a4cf592a126dde05b6697791472f68c2d33765d034ec32f62ba2511ed4514c1e6f3b7419745191ed0dcbe012dbffa1e22ced3fa85eef4e1b87826c0e740c29e1ce792d42faaf1de95920c8acf460a8e47923ad92104e3c4dfee8ac482362d3f487e1843ecfff2c9a322c88140000001100010000000000000000000200000a"], 0x174}, 0x1, 0x0, 0x0, 0x4008091}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000980)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f00000002c0)={'vlan0\x00', @random="01000200"})
r5 = socket$inet6(0xa, 0x4, 0x3)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r4, 0xf504, 0x0)
connect$inet6(r5, &(0x7f0000000180)={0xa, 0x3, 0x3, @dev={0xfe, 0x80, '\x00', 0xd}, 0x9}, 0x1c)
sendmsg(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000004c0)="06e28092c5ec1d88d05e0a6f2ce709c63de1ab461557270000fc494605c77dc874d0734eed79ecd2e373cf63d3a4e9a461877edf08af5c6c56be907e383f7a1cce50acae1ed1944d1e00f576d2365e27c059eaceee4e56e1f161effd91efedde230512ce932b03ea7ccfb1442c3d8c8954f4b9cdc4bc9dc1f14af9e5b22f9ba40774572c6992ca3e89d70fc2ab813333d71fbea6b7a7b60004285435319ebbae2cc5f343756ed4c9eb88760294047270864a6921876a953daf8b1e8dfa14c0626ce6597cd21a38b8b115ea15c3d63f4119868d4b3948cfcda7f069a9ccb0bbaa4854f0dc1092e6f0b16873951b1e521e1ce63614fc34a7cc07f154261ec71cd457229a5897a9815f7641bdf50b05aa1d5d1a8449f02cfaaeab93fe13c3d9506d0b6601af66ef870fb98b97b7b9d1c3c2790c21dbf6f7ebd3b0a85faa3288257ab2ae248865498bf0b7f23e12cfa7a3137a9903f866eb874415cf20253e94ddfb1533827d155800411faf", 0x16a}, {&(0x7f0000001600)="c9fbe0378bef0a6749d715b5c3e27d03e68c83579553d3bd9cc08edbae86d2f95e95a3fa8ab031e21b5a47e4205c87eefc819e6ea7bd0f6772e957f739339398cd07aeb0522339dde07af5b6ee6b94221ca3494c29be340810d421808f27877885583a2c80d4331aca54533ad84a0ccc5fa28956504f2eafc0f098f878ae3caf30b7981d5e778aaa197d235aa31c4c77fdf0e1c0d31fc7c43969830f82c4b5631e47df6b9a9f59a57e0e7bd1f9e4fcdb4150f713fb9e3530650b43a92853d1e3334fe72113d518a558343615ba8d3412bda82b725855e14c29f7ed81e1cbb76f9684cc6b7fcdc2808119a0f8328b0c5d0e996e50e95605724abb1c635b0bf633f4bcca6213fef03260e56321e3270f322eb13b8ab70c726cbce78c93e4c87d7d7b363542b1b4eb90242ae9459775aa7c045233df9912fc47d6793f40bb5543b537ed6b79e0091e3c069644ce8d6ea00125815fae3c25f4d5c847e76c0c697d7df260ba36e6917f75ccd289070477665e64ac3e00c93228b72763f28104defab475f03841980110b23d02a3d1b74d25c8f2e1c8dfd9243e0bb7a583f091f829329f045f2fc0c40bb4a5205b071d4b6959663c6bfc1f04b23db627ac9fc792cd3355dbbc031d56107ea3379209a49abf03a8347fce6d48cf1968b64558e30210b02214cd0728c6743b89bd4cc2f1d1424fcedd95fa700751a4ff438469fd9e6f3a47200f3fbbde74bdbbeabfb6f96e32366d85a8e6bb6d576687634daac56c9619e4bbeea7606f223d3976c4bea9a07406b037cef4d06cc9e447dc06901c91145aeb9b9726cbf808d253cb01e0806f21d82b928173be2f5bbed1a97e725b17d1d1bd19c14935abd242ca6501c4282f5f1a3e813c68bdb88add0b6fcc14b8355a81b9ac915e5d51212438c5d2993f26456c9ecde871752c99ddbaecb3f6f5f02a0542e898b64a6d475aae01f2aca6c6013907c085ef56483c910cdf4cdcdb516533aeb97644462cd012e0407dfdeff5428e23edd335b1590641353c54f0802f45d880cb8f22ebbac0cc094a771877aac6491aa62350ccde2993826928e6614b76c15e4aae8ede6de392f4f6567f0833ced4458bca37928cc2a70ca20cd38c11138b6ba39a6374ef7f150eb2d5a500a6b9c010d13dcf7318deb8c106e2448c6b21f62051300080dcc9d87db52cefe722035f1508fff231c22bfc8f1d2e14de70a281be8eb3649ace61896f0c33357fcd838db94aaca611b228f76cb4ab983ad3ab636c7260d57bba0061574bb0876afbeb916e252572687b8d28ba7c945f07e0286bedfd7c259769016225a158bf607dd62e11c83bc686a7ab2903ddd64d4e2c44f39ac1f76b80d6be086396e7515441afcadfecb940776ee4f776d3c294dce9aab77e5c2f6c36c20b4343d80d0c3da5f838b948aa684729c578718d3a0811a1dd654e7ad5e414d892ceb3dd704632caa4dcfdc947ce9391ab9abaa0951d12d56623b0028fe78da20a65df9eabb16e4b14bbbfea7108ab4308e7cb540ab8a810cebbf0d3b64ba108d281c91b011f2a8e565c4b802448bad1a57fe6e74fd3278211a70f0767746ed1f234e8edbcb6f8a215e66849a7f10d1533ef626e31725439afd95c9b3a673041459e473d5ddbcc187f55d72d054bf16a714ee0f4bb5d14cf29b853fd6f703b54f227d20ca414b3d6314e9448d211707158ea758e04a2fe7dad468374d62ab4240bb3c9782faa9f87aec26876714b169198931cbd486c01bb2156488467cda498d0a0c62ff6cf03fc68aa3b8051fff5d68e8374796439e9cf12dae426d3692c2d50699eae00ba4b9797fe5295740d8efb64a48bda389e841254638a118337404194e440a2338e2ce0b32395874e0d5cc36c0f1231426d82636e5a7182f82ea545bf7cd5d19ff42a1e8b90193a82452a0eec6575bf7181275d5c2ba2d74a5bda47934d8c89f3225f38959c12b3a2cae85e5108439bc262b69f5bd5f73a86776525f4ecb1685175ffc05aa5faadcc3be80d0b1d1bfc34ffc2ee1cde6bdf0000000000000000000000000000000061293c817aaec775b1f08ddb2e3ce8679267da0b1fb826483e9838e0e283a4e5df6e9aa39a2eaf1a", 0x5da}], 0x2, 0x0, 0x0, 0x2c}, 0x40440c4)

22m23.449727698s ago: executing program 0 (id=338):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
mount$bpf(0x0, 0x0, 0x0, 0x24000, 0x0)
mount$bpf(0x0, &(0x7f00000021c0)='./file0\x00', 0x0, 0x20, 0x0) (fail_nth: 3)

22m21.587508109s ago: executing program 0 (id=342):
openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_io_uring_setup(0xe99, &(0x7f0000000240)={0x0, 0x425e5, 0x1522, 0x3, 0x189}, 0x0, &(0x7f00000001c0))
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405514, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0xff43, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket$tipc(0x1e, 0x5, 0x0)
socket(0x2a, 0x2, 0x0)
connect$tipc(r5, &(0x7f0000000080)=@id={0x1e, 0x3, 0x2, {0x4e22}}, 0x10)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r6, 0x84, 0x76, &(0x7f0000002ac0)={0x0, 0xf31}, 0x8)
sched_setattr(0x0, 0x0, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
preadv(r0, &(0x7f0000000040)=[{&(0x7f0000002780)=""/4096, 0x1000}], 0x1, 0x5b3d2934, 0xfffffff8)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000200))
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x1c}}, 0x0)

22m6.547841441s ago: executing program 32 (id=342):
openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
syz_io_uring_setup(0xe99, &(0x7f0000000240)={0x0, 0x425e5, 0x1522, 0x3, 0x189}, 0x0, &(0x7f00000001c0))
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(0xffffffffffffffff, 0x40405514, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r3, 0xc004743e, 0x110e22fff6)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0xff43, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket$tipc(0x1e, 0x5, 0x0)
socket(0x2a, 0x2, 0x0)
connect$tipc(r5, &(0x7f0000000080)=@id={0x1e, 0x3, 0x2, {0x4e22}}, 0x10)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r6, 0x84, 0x76, &(0x7f0000002ac0)={0x0, 0xf31}, 0x8)
sched_setattr(0x0, 0x0, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1)
preadv(r0, &(0x7f0000000040)=[{&(0x7f0000002780)=""/4096, 0x1000}], 0x1, 0x5b3d2934, 0xfffffff8)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f0000000200))
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x1c}}, 0x0)

13m46.547762581s ago: executing program 5 (id=2161):
r0 = syz_usb_connect$hid(0x1, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="12011001000000086666028800000000000109022d0001000040090904000002030002000921000406012205000905810300000004fd090582"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4048840)
unshare(0x62040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3c, 0x0, 0x0)
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_init_net_socket$ax25(0x3, 0x3, 0x0)
connect$ax25(r1, &(0x7f0000000440)={{0x3, @default, 0xfffffffe}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}]}, 0x48)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, 0x0, 0x8001)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(0xffffffffffffffff, 0x0, 0xc094)
socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x38, &(0x7f0000000040)=0x5)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r6 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r7 = dup2(r6, r6)
ioctl$BLKTRACESETUP(r7, 0xc0481273, &(0x7f0000000240)={'\x00', 0x40, 0xa, 0x1, 0x40000000, 0x10})
ioctl$BLKTRACESTART(r6, 0x1274, 0x0)

13m42.865612889s ago: executing program 5 (id=2185):
r0 = socket(0xa, 0x3, 0xff)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @empty, 0x4000002}, 0x1c)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = syz_open_dev$swradio(&(0x7f0000000040), 0x1, 0x2)
pread64(r2, &(0x7f00000002c0)=""/75, 0x4b, 0x0)
ioctl$VIDIOC_EXPBUF(r2, 0xc0405610, &(0x7f0000000140)={0xf, 0x0, 0x2, 0x80})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r4, 0xc004743e, 0x110e22fff6)
r5 = socket(0x2000000015, 0x80005, 0x0)
bind$inet6(r5, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback, 0x4}, 0x1c)
sendto$inet6(r5, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
recvmsg$can_bcm(r5, &(0x7f00000016c0)={0x0, 0x0, 0x0}, 0x10002)
ioctl$TUNGETVNETLE(r3, 0x8010743f, &(0x7f0000000180))
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'sit0\x00', <r8=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="380000006800010003000000fddbdf250a00000000000000060007000800000008000500", @ANYRES32=r8, @ANYBLOB="100008800c0001000000001c80000000"], 0x38}, 0x1, 0x0, 0x0, 0x4008081}, 0x0)
r9 = dup(r6)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r10, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000001c0)=ANY=[@ANYBLOB="b8000000280001002dbd700000000000fe8000000000000000000000000000bbac1414aa00000000000000000000000000000000000000000a00a00000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000009ad00000000000000000000000000000e2ffffffffffffff0000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000030a000000000001feffffffff7f4000020000000000000800000000990000000100000200000000"], 0xb8}}, 0x0)
ioctl$SIOCSIFHWADDR(r9, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
writev(r1, &(0x7f0000000140)=[{&(0x7f00000001c0)="2e9b3d0007e03dd65193df163e75963f86ddf06712e9001c2f8db0049d90491c3248040000f858dbb8a1", 0x2a}, {&(0x7f0000000580)="c082b44eb524c5a9881d19488b638af6", 0x10}], 0x2)
setsockopt$inet6_int(r0, 0x29, 0x19, &(0x7f0000000100)=0x1, 0x4)
syz_emit_ethernet(0x6e, &(0x7f0000000280)={@dev={'\xaa\xaa\xaa\xaa\xaa', 0xf}, @broadcast, @void, {@ipv6={0x86dd, @icmpv6={0x9, 0x6, 'z&-', 0x38, 0x3a, 0xfe, @local, @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x4000500, {0x2, 0x6, "059b00", 0x3f6f, 0x88, 0x0, @mcast1, @loopback, [@fragment={0x84, 0x0, 0xa, 0x0, 0x0, 0x7, 0x65}]}}}}}}}, 0x0)
socket$unix(0x1, 0x5, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socket$inet6_sctp(0xa, 0x801, 0x84)

13m42.53004779s ago: executing program 5 (id=2186):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000d40)={0x0, 0x40}, 0x1, 0x0, 0x0, 0x4040014}, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
setsockopt$bt_BT_SECURITY(r0, 0x112, 0x4, &(0x7f0000000000)={0x3, 0x1}, 0x2)

13m42.30089628s ago: executing program 5 (id=2187):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
openat$dir(0xffffff9c, &(0x7f0000000000)='./file1\x00', 0x101800, 0x20)
fcntl$getflags(r0, 0x401)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
timer_settime(0x0, 0x1, &(0x7f00000011c0)={{}, {0x0, 0x989680}}, &(0x7f0000001200))
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/snmp\x00')
r4 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x401}, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0xc17, &(0x7f0000000480)={0x0, 0x493e, 0x2, 0x1, 0xbfdffffc, 0x0, r3}, &(0x7f00000001c0), &(0x7f0000000280))

13m40.929706189s ago: executing program 5 (id=2193):
socket$kcm(0x23, 0x5, 0x0)
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0xfffffffd, 0xb6}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000040)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x47f6, 0x0, 0x4, 0x0, 0x0)
sendmsg$IPVS_CMD_NEW_SERVICE(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SET(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)={0x20, 0x1402, 0x1, 0x70bd25, 0x25cfdbfd, "", [@RDMA_NLDEV_ATTR_DEV_DIM={0x5, 0x54, 0x1}, @RDMA_NLDEV_ATTR_DEV_INDEX={0x8, 0x1, 0x1}]}, 0x20}, 0x1, 0x0, 0x0, 0x24040045}, 0x800)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
r5 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r5, 0xc100565c, 0x0)
r6 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r6, 0x400448c8, &(0x7f0000000340)={r4, r4, 0x8, 0x0, 0x0, 0x82, 0x4a, 0x15c2, 0x5886, 0x801, 0x0, 0x8, 'syz1\x00'})
r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r7, 0x400452c8, &(0x7f0000000100))

13m40.160138465s ago: executing program 5 (id=2196):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000df100bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680)) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
setpgid(0xffffffffffffffff, 0x0) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x4, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0xd0}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x18) (async, rerun: 32)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x0, 0xe, 0x0, &(0x7f0000000280)="1d5ff8317ca952a2ba4bfee0f003", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x6}, 0x50) (async, rerun: 32)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = dup(r3) (async)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000000c0), r5)
sendmsg$NLBL_MGMT_C_ADD(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x14, r6, 0x1, 0x400a00, 0x25dfdbf9}, 0x14}, 0x1, 0x0, 0x0, 0x400c080}, 0x4004000) (async)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) (async)
write$tun(r2, &(0x7f0000000100)={@val={0x0, 0x884c}, @void, @eth={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @multicast, @val={@val={0x88a8, 0x0, 0x0, 0x3}, {0x6558}}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x1, 0x3d, 0x28, 0x68, 0x0, 0xaa, 0x6, 0x0, @multicast2, @remote}, {{0x4e20, 0x4e24, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x1, 0x49, 0x0, 0x76}}}}}}}, 0x42) (async)
ioctl$VIDIOC_G_EDID(r4, 0xc0285628, &(0x7f0000000080)={0x0, 0x8737, 0x9, '\x00', &(0x7f0000000000)=0x7})

13m39.820843596s ago: executing program 33 (id=2196):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000df100bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000be000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b}, 0x42) (async)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680)) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
setpgid(0xffffffffffffffff, 0x0) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x4, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0xd0}]}, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='mm_page_alloc\x00', r1}, 0x18) (async, rerun: 32)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000180)={r0, 0x0, 0xe, 0x0, &(0x7f0000000280)="1d5ff8317ca952a2ba4bfee0f003", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x6}, 0x50) (async, rerun: 32)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = dup(r3) (async)
r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000000c0), r5)
sendmsg$NLBL_MGMT_C_ADD(r5, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={0x14, r6, 0x1, 0x400a00, 0x25dfdbf9}, 0x14}, 0x1, 0x0, 0x0, 0x400c080}, 0x4004000) (async)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}) (async)
write$tun(r2, &(0x7f0000000100)={@val={0x0, 0x884c}, @void, @eth={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, @multicast, @val={@val={0x88a8, 0x0, 0x0, 0x3}, {0x6558}}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x1, 0x3d, 0x28, 0x68, 0x0, 0xaa, 0x6, 0x0, @multicast2, @remote}, {{0x4e20, 0x4e24, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x1, 0x49, 0x0, 0x76}}}}}}}, 0x42) (async)
ioctl$VIDIOC_G_EDID(r4, 0xc0285628, &(0x7f0000000080)={0x0, 0x8737, 0x9, '\x00', &(0x7f0000000000)=0x7})

4m15.629213753s ago: executing program 4 (id=4103):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000240)='sys_exit\x00', r0}, 0x18)
sync()

4m14.734908264s ago: executing program 4 (id=4105):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000005580)=""/102392, 0x18ff8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(0xffffffffffffffff, 0x8010500c, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@mpls_delroute={0xa0, 0x18, 0x9, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1, 0x300}, [@RTA_NEWDST={0x84, 0x13, [{0xb, 0x0, 0x1}, {0xae5, 0x0, 0x1}, {0x9}, {0x1}, {0x6}, {0x8, 0x0, 0x1}, {0x3ff, 0x0, 0x1}, {0x9, 0x0, 0x1}, {0x6}, {0x7ff, 0x0, 0x1}, {0x0, 0x0, 0x1}, {0x75a}, {0xfff, 0x0, 0x1}, {0x4}, {0xf0001, 0x0, 0x1}, {0x9}, {0xffff}, {}, {0x3, 0x0, 0x1}, {0x1, 0x0, 0x1}, {0x9}, {0x2}, {0x3ff}, {0x800, 0x0, 0x1}, {0x7ff, 0x0, 0x1}, {0x5}, {0xd24a2, 0x0, 0x1}, {0x572a, 0x0, 0x1}, {0x1, 0x0, 0x1}, {0x6, 0x0, 0x1}, {0x200}, {0x1a}]}]}, 0xa0}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x20000000)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300))
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x24040084)
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000380)=@newqdisc={0x5c, 0x28, 0x4ee4e6a52ff56541, 0x3ffd, 0xfffffdfc, {0x0, 0x0, 0x0, r8, {0x1}, {0xffff, 0xffff}, {0x2, 0xa}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x18, 0x2, [@TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0xc3f2}, @TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME={0xc, 0x8, 0x6}]}}, @qdisc_kind_options=@q_pfifo={{0xa}, {0x8}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000200)={0x18, 0x2e, 0x9, 0x70bd27, 0x25dfdbfc, {0x4}, [@typed={0x4, 0x1c, 0x0, 0x0, @binary}]}, 0x18}, 0x1, 0x0, 0x0, 0x42804}, 0x0)
r9 = syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000201b4510fc0428155d6d01020301090212000100000000090401"], 0x0)
syz_usb_control_io$printer(r9, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r9, 0x0, 0x0)

4m11.461225315s ago: executing program 4 (id=4116):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
fsetxattr(r1, &(0x7f0000000040)=@known='user.syz\x00', &(0x7f00000000c0)='\x00', 0x1, 0x1)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x494041, 0x0)
setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f0000000140)=0x1e4, 0x4)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="400000000906010200000000000a0000000000000900020073797a31000000000500010007000000180007800c00018008000140ffffffff080009"], 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)

4m10.553937406s ago: executing program 4 (id=4121):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
r0 = getpgid(0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
r2 = pidfd_getfd(r1, r1, 0x0)
setns(r2, 0x66020000)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
umount2(&(0x7f0000000040)='.\x00', 0x3e)

4m10.519326736s ago: executing program 4 (id=4122):
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x4)
openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xd, &(0x7f0000000100)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
socket$nl_rdma(0x10, 0x3, 0x14)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0xc8003, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0x14)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r5 = open$dir(&(0x7f0000000080)='./file0\x00', 0xc402, 0x80)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r5, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0xe, &(0x7f0000000900)=ANY=[@ANYBLOB="b7020000f7ffffffbfa70000000000002402000020fe29817a0af0fff8ffffff69a4f0ff00000000b70600000018d1fe2d6405000000000075040000000000400704000000000000b7040000100000206a0700fe000000008500000005000000b70000000a00000095000000000000000000c2c62f6004ad13aa957e2af5e49a53c2868f0399d909a63796c113a80c19aab9d607000000b6c9483be3f0d3253730e714c46cc4f79fd2b316da4f0de8163f6242fa7323f1740637c48468766af540439fce41f144631ac262dcae18c3d1a1fbe96dc86035b44174f7c0620254ab6d285e6b343185089a0f119e31975e551558050800000000000000125d67857f290870093f38153608561a2128a79cce912d1f05de330800a9f5422bee8ca49166f6a587f2f593775afcd071efc5a972f757521b7b38ec273c2ad3e406f8c124f7dc1c4553229a69df4b2780e6da4420d71489fe383e0b5ce08b750502f2b8add8d2dddde19ac050537e973782b4053150580035fb2c579e1b2100000033d1ee8cab6d236f05b1f7b9f78fd5abfe033eb79f7a0b498366f5edfe311258016fbf47d9c85bf5325bf61419372be377022433e20900a262b20bb8b36de7b0e6c5ebfc5baec1ebe58d4af587d33e2935ad68da6e0fea5c21301f5d002b51a5b60fc741cb2c5d4cd5e896774f9293a6435558795043404ac6eafc8310fbcacca7f971b260fd06d4590ded8429fcd1c9a8dbbdedb32675388df363c0bc536e00448208b72405ebf27ddb402e5a2d675aaad92e183cef1eadc1661140fb567b55c72907a1aca75277a5f0022b1e957ba737f10f1161c5ae6e2cc64072ff3b4e76084922242e63d4b7806e30f786cff147e4bc819060678319a0e5534f5a0db52526c30000000000000000000000a63705b1a60525620acca06d57c055059df7651768310c9085c5f86be6ab819506961ad51f18b35fdc3fd4d0a0dbbdcd494ef168931f27748787bee95d739fef7ee67dd21c34647de82707e41d7db6d981a4fcf0bbd3d38ebb7a2489e28c6b28c0f70092ffb016b7766399555f3e6b538c2c862d17e53eaeb2036f9f0ab6e95e71bda4b5bbf53344264ad93bac1207b31d6e9c78181c7fe204c0b7582d1c762857f2a2e0c60f4a4855591a4f70f94df9629e470701103c40c8f6"], 0x0}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000003bc0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
write$P9_RVERSION(r4, &(0x7f0000000c40)=ANY=[], 0x13)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r6, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)=[0x5], &(0x7f0000000180)=[0x2], 0x0, 0x1, 0x1}}, 0x40)
mmap$xdp(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000006, 0x12, r3, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
io_uring_setup(0xb, &(0x7f0000000040)={0x0, 0xc89f, 0xc000, 0x2, 0xc1})

4m9.415020598s ago: executing program 4 (id=4126):
epoll_create1(0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000001f80)=[{{&(0x7f0000000040)={0xa, 0x4e24, 0xe799, @dev={0xfe, 0x80, '\x00', 0x34}, 0x5}, 0x1c, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1400000000000005fb044a81057334358d700329f5f600000000000000000000c795a800000000"], 0x18}}], 0x1, 0x60004)
r1 = fcntl$getown(r0, 0x9)
prlimit64(r1, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xe, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = io_uring_setup(0x1ddd, &(0x7f0000000440)={0x0, 0x40000000, 0x0, 0x1, 0x8})
io_uring_register$IORING_REGISTER_PBUF_RING(r5, 0x16, &(0x7f0000000740)={&(0x7f0000001000)={[{0x0}]}, 0x1}, 0x1)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r5, 0x17, &(0x7f0000000300)={0x0}, 0x1)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
mbind(&(0x7f0000ff9000/0x5000)=nil, 0x5000, 0x1, &(0x7f0000000180)=0x9, 0x7, 0x6)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r7, 0x0, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x8000)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000060a0b0400000000000000000200fffe540004802800018007000100637400001c0002800800014000000002080002400000001405000300010000002800018007000100637400001c0002800800024000000011080004400000000c05000300010000000900010073797a30000000000900020073797a320000000014000000110001"], 0xa8}, 0x1, 0x0, 0x0, 0x840}, 0x0)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_msfilter(r8, 0x0, 0x29, &(0x7f00000002c0)={@empty, @remote, 0x0, 0x5, [@multicast2, @private=0xa010102, @rand_addr=0x64010100, @private=0xa010100, @local]}, 0x24)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x14, 0x19, 0xa, 0x101, 0x0, 0x0, {0x2}}, 0x14}}, 0x24008804)

4m9.265741316s ago: executing program 34 (id=4126):
epoll_create1(0x0)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmmsg$inet6(r0, &(0x7f0000001f80)=[{{&(0x7f0000000040)={0xa, 0x4e24, 0xe799, @dev={0xfe, 0x80, '\x00', 0x34}, 0x5}, 0x1c, 0x0, 0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="1400000000000005fb044a81057334358d700329f5f600000000000000000000c795a800000000"], 0x18}}], 0x1, 0x60004)
r1 = fcntl$getown(r0, 0x9)
prlimit64(r1, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xe, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = io_uring_setup(0x1ddd, &(0x7f0000000440)={0x0, 0x40000000, 0x0, 0x1, 0x8})
io_uring_register$IORING_REGISTER_PBUF_RING(r5, 0x16, &(0x7f0000000740)={&(0x7f0000001000)={[{0x0}]}, 0x1}, 0x1)
io_uring_register$IORING_UNREGISTER_PBUF_RING(r5, 0x17, &(0x7f0000000300)={0x0}, 0x1)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
mbind(&(0x7f0000ff9000/0x5000)=nil, 0x5000, 0x1, &(0x7f0000000180)=0x9, 0x7, 0x6)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r7, 0x0, 0x0)
sendmsg$NFT_BATCH(r6, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x8000)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a80000000060a0b0400000000000000000200fffe540004802800018007000100637400001c0002800800014000000002080002400000001405000300010000002800018007000100637400001c0002800800024000000011080004400000000c05000300010000000900010073797a30000000000900020073797a320000000014000000110001"], 0xa8}, 0x1, 0x0, 0x0, 0x840}, 0x0)
r8 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_msfilter(r8, 0x0, 0x29, &(0x7f00000002c0)={@empty, @remote, 0x0, 0x5, [@multicast2, @private=0xa010102, @rand_addr=0x64010100, @private=0xa010100, @local]}, 0x24)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x14, 0x19, 0xa, 0x101, 0x0, 0x0, {0x2}}, 0x14}}, 0x24008804)

8.783045157s ago: executing program 1 (id=4930):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000020000000000000f9ffff0b850a0000ae000009000000000700000095"], &(0x7f0000000080)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x640d324e0b46ddb9, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r2}, 0x90)
statx(0xffffffffffffffff, 0x0, 0x48e0cdf8471afff4, 0x54663aafb2d54055, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='load default user:t0000000000000004096 ', @ANYRES8=r2], 0x31, 0xfffffffffffffffc)
add_key(&(0x7f0000000400)='id_legacy\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f0000000680)="a68c867ec0cf116e61f4254fc4a073fa67755107a44789eb3ba008faee07115eb36c477b2b8b0827ca854c3be3ada7a846f768473e1779d0b6e7b123e6b1085d15fef8f23dbb313d1652c299468cc86ca59d988e0104000000000000bfb5cde877a0877f864c9406087e5694e8eda27f3227259885406e2c12fbacdea05c3eaed00a5ef0ce513dd712fec67fbb465e6458c0030460dce5415f2aa06775e288e8acc02966f49829d32675411c3676ac8923b305726bfc73131c789ebf3e929032bdce01aa2de569a046121012bf2b922b3de64929ad12e870e3be27c68fe0160f88e51fcf3dcbb2a03af9fbe0a37ff934a8d2d1d0b697945403fa7f196a977daf89757c5d976020eedcba33aac2d1b2920859cfc43f1725a35efd2e2bdcdf7dd13aa33c77e3395b47158a43df9348a3da19a7f695b833a123786994e18511159d460d0000000000c61cc2a060eebe80ec977eb8b3bb5d0e495deb43c64b8766a9888775b6379d1f03e79cd2f5d38d0de748c10ed2546c97e00002b64a22b79ed6bf9578b21d85085b0fc29198a58f0e3c01eefcfd5d2e87df13338d07ce5b24c8e50eeb881b1483fb0000000000", 0x1ad, 0xfffffffffffffffe)
syncfs(0xffffffffffffffff)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$packet(0x11, 0x2, 0x300)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000080)=0x6)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000240)={0x1, @raw_data="a425e2f1a54b24f15655595860608d70ff6e425a6c36af37b33facd22dc8a9c7044410d324b03e654156762092a62fea8f13441431ce248bfc73a6726ee61b5191d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d100a05e97ed3dcad452db6e08a991e2c78b057f55deebde6f0b11ce65700c0a1ad7946ff7c355db87566e3e5abb7a37b52876fd9fa194c09273031900"})

8.781558879s ago: executing program 6 (id=4931):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_buf(r0, 0x0, 0x4, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_SREGS2(r3, 0x4140aecd, &(0x7f0000000140)={{0x80a0000, 0xffff1000, 0xf000, 0x9, 0x7f, 0xe3, 0x81, 0xff, 0x0, 0x84, 0x2, 0xb}, {0xd000, 0xd000, 0x10, 0x3, 0x3, 0x7, 0x5, 0x6, 0x1, 0x4, 0xfa, 0x5}, {0xf000, 0x80a0000, 0x4, 0x4, 0x10, 0x81, 0x4, 0x13, 0x5, 0x7, 0x92, 0x80}, {0x10000, 0xeeef0000, 0xe, 0x5, 0x1, 0x40, 0x2, 0x0, 0xfa, 0x29, 0x9, 0x9}, {0xeeee8000, 0x23189000, 0xf, 0x9, 0x5, 0x2, 0x7, 0xf1, 0x7, 0x6e, 0x0, 0x8}, {0x5000, 0x1000, 0xe, 0x2, 0xad, 0x2, 0x4, 0x5, 0x1, 0xe, 0x6, 0xa}, {0x10000, 0x8080000, 0xe, 0x0, 0xcd, 0x5, 0x5, 0x22, 0x5, 0x6, 0xff, 0x6}, {0x1, 0xeeef0000, 0xd, 0xe, 0x10, 0x3e, 0x3, 0x0, 0x7f, 0x1, 0x0, 0x8}, {0x100000, 0x5}, {0x8080000, 0xfffb}, 0x80000003, 0x0, 0x6000, 0x69, 0x5, 0xa800, 0x8000900, 0x1, [0x71b, 0x2, 0x3, 0x3]})
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
shutdown(0xffffffffffffffff, 0x1)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
ioctl$KVM_SET_DEBUGREGS(r9, 0x4080aea2, &(0x7f00000001c0)={[0xdddd1000, 0x6000, 0x2, 0x1000], 0x2, 0x18})

8.764342294s ago: executing program 2 (id=4932):
setpriority(0x1, 0x0, 0x0)
r0 = syz_open_dev$radio(&(0x7f00000000c0), 0x3, 0x2)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_ports\x00', 0x2, 0x0)
r2 = openat$comedi(0xffffffffffffff9c, 0x0, 0x400, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_RESET_LINK_STATS(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYBLOB="0500000000000000000001000000000000000c410000001400"], 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r4 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
fsopen(0x0, 0x1)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0xc000)
ioctl$COMEDI_DEVCONFIG(r2, 0x40946400, &(0x7f00000000c0)={'dt2815\x00', [0x8002f, 0x80, 0x10002, 0x4, 0x1, 0xcc7, 0x80000008, 0x17, 0xa, 0x24c, 0xfff, 0x7, 0x5, 0x5, 0x2, 0x105, 0x8, 0x2, 0x2009, 0x1, 0x488, 0x6, 0x4000000, 0x20001e5a, 0x1000b, 0x7, 0x9, 0x800008, 0x4, 0x401, 0xfffffffd]})
sendfile(r1, r1, 0x0, 0x8) (fail_nth: 3)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x8000000000015)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r7=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r6, 0x8933, &(0x7f0000000040))
sendmsg$nl_route(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000b40)=@newlink={0x3c, 0x10, 0x401, 0x20000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x8003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r7}]}, 0x3c}, 0x1, 0x0, 0x0, 0x240008c4}, 0x4054)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205647, &(0x7f0000000080)={0xf000000, 0x1, 0x0, 0xffffffffffffffff, 0x0, 0x0})

7.06142215s ago: executing program 3 (id=4934):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi4\x00', 0x400, 0x0)
ioctl$COMEDI_INSNLIST(r0, 0x8010640b, &(0x7f0000000080)={0x1, &(0x7f00001cc500)=[{0xa000005, 0x5ad, &(0x7f0000000100)=[0x3, 0x4, 0x8, 0x1, 0x5, 0x3, 0x4, 0x1, 0x10, 0x31, 0xfffffffa, 0x5, 0x2, 0x9ea4, 0x0, 0xb, 0xfff, 0x4, 0x6, 0xffffff80, 0x8, 0x2, 0x213, 0xa0, 0x5, 0x6, 0xf, 0x3, 0x8, 0x2, 0x9, 0x9, 0xae29, 0x0, 0x2, 0x0, 0xfffffffd, 0x7, 0x7, 0xf, 0x8, 0x80, 0x2, 0x4, 0x6, 0x2, 0x4, 0x8203, 0x7f, 0x7ff, 0x0, 0xfffffffe, 0x10, 0x9f, 0x6, 0xd9, 0x4, 0x3, 0x5, 0x0, 0x400, 0x6, 0x2, 0x5, 0x8, 0x8, 0x0, 0x3, 0x8, 0x8001, 0x7, 0x0, 0xffffff7c, 0x6, 0xc, 0x9, 0x3, 0x0, 0x90, 0x2, 0xe4d, 0x1000, 0x1, 0x3, 0x8, 0xe5, 0x100, 0x0, 0x13, 0x4, 0xffffffff, 0x2, 0x6, 0x9, 0x42587ff8, 0x8, 0x9, 0x7, 0x1, 0x6, 0xc44, 0x6, 0xffff8000, 0x8000, 0x7, 0xb, 0x2, 0x1, 0x7, 0x200, 0x80000001, 0x360f, 0xef7b, 0x800, 0x5, 0x1, 0x9, 0xffffffff, 0x2, 0x5, 0x8001, 0x8, 0xffffffff, 0x3, 0x3ff, 0x4000000, 0x1, 0x7, 0x24, 0x6, 0x4, 0x1, 0x401, 0x6, 0x0, 0x448b0e14, 0x80000000, 0x6, 0x48000, 0xc8, 0x8, 0x5, 0x2, 0x789aa8a7, 0x8, 0x10000, 0x16, 0x3, 0x7fffffff, 0x7, 0x9, 0x2ae874f4, 0xfffff764, 0x3, 0x8e, 0x487d, 0x7f, 0x8, 0x400, 0x95ea, 0x80000000, 0x4, 0x2000000, 0x7fffffff, 0x6, 0xc, 0x3, 0x7, 0x1, 0x7, 0x9b, 0x6, 0x7, 0x12, 0x100, 0xfffffff8, 0x2, 0x6a29812c, 0x8, 0xc88, 0x900, 0xf9, 0x8, 0x6, 0xffffffff, 0x0, 0x0, 0x4, 0x1, 0x9, 0x101, 0x7, 0x81, 0x31, 0x2, 0x0, 0x5, 0x3, 0x7f, 0x1, 0x0, 0x7, 0x2, 0x2, 0x97, 0x50, 0x4736000, 0x3, 0x5, 0x7, 0x140, 0x7, 0xffffffff, 0x2, 0x3ff, 0x101, 0x6, 0x2, 0x2, 0x100, 0x9, 0x100, 0x9, 0xfffffff0, 0x8, 0xffffffff, 0x1, 0x2, 0x17f2, 0x2, 0x1, 0x3, 0x2, 0x7, 0xfffffff9, 0xfffffff2, 0x4, 0x10000, 0x10, 0x4, 0x0, 0x5, 0x1, 0x8, 0x5934, 0x4, 0x70000000, 0x7000000, 0x8001, 0x10001, 0x63fa, 0x4, 0x0, 0xffff7fff, 0x68, 0x1, 0x9, 0x7, 0xfffffffa, 0x4a99, 0x3, 0x3, 0x85da, 0xfffffffb, 0x8, 0x8, 0x1, 0x401, 0x9, 0xfff, 0x9, 0x4, 0x4, 0x9a5, 0x8, 0x0, 0x54800000, 0x0, 0xf, 0x2, 0xd8, 0x1000, 0x100, 0x5, 0x6, 0x2, 0x3, 0x7, 0x5, 0x4, 0x2, 0x40, 0xf0c, 0xff, 0xff, 0x7, 0x9, 0x1, 0x7, 0x80000000, 0x400, 0xbe58, 0x5, 0xc0000000, 0x2, 0x6, 0x0, 0x0, 0x9, 0x8, 0x4, 0xb7bb, 0x4, 0x9, 0x8, 0x49, 0x27cc3f39, 0x5, 0x80000001, 0x9c32, 0x7ff, 0x3ff, 0x8, 0x2, 0x3, 0x100, 0x8, 0x7, 0x16e, 0x5, 0x10, 0x9, 0x1, 0x186c, 0x814d, 0x9, 0x18, 0x6, 0x2, 0x101, 0x8000, 0x56, 0x3, 0x39b6, 0x1200000, 0x1, 0x2, 0x0, 0xffffffff, 0x6a3, 0x3, 0x9, 0x0, 0xf8ba, 0xffffffff, 0x80000001, 0x1, 0x10, 0x3, 0x4, 0x9, 0x1, 0x2, 0x9eeb, 0x2, 0x10000, 0x0, 0x9, 0x16, 0x2f, 0x6703, 0x1, 0x2, 0xc, 0xef5, 0x4, 0x101, 0xe, 0xa4, 0x28c3, 0x7e6, 0x9, 0x9, 0x2, 0x8193, 0x2, 0xc0, 0x4, 0x5, 0x2, 0x6, 0x6, 0x4, 0x4, 0x0, 0x7fffffff, 0xffff, 0x16e, 0x5, 0x1ff, 0x9, 0x3, 0x0, 0x7f, 0xc, 0x2, 0x8, 0xfffff146, 0x4, 0x359c, 0x6, 0x4, 0x0, 0x9, 0x2, 0x80, 0x8, 0x9, 0x8, 0x7, 0x7, 0x3, 0x3, 0x81, 0xfffffffc, 0x7, 0x8, 0x4, 0x10000, 0x3, 0x3, 0x9, 0x9, 0x4, 0xb43, 0x2, 0x10, 0xffffffc0, 0xff, 0x1, 0x0, 0x3, 0x34430f57, 0x1, 0xffff, 0x4, 0x5, 0x10001, 0xff, 0x5, 0x10000, 0x9, 0x800, 0x3, 0x3, 0x2, 0x9, 0x7, 0x6, 0xea5, 0x1, 0x1000, 0xda, 0x9, 0xa, 0x5, 0xa, 0x8, 0x7, 0x1, 0x0, 0x2, 0xfffffff8, 0x400, 0xf, 0x9, 0x6, 0x4, 0x9, 0x9, 0x100, 0x1f2a, 0x5, 0x0, 0x80000000, 0x5be, 0x7, 0xe0000, 0x9, 0xd46a, 0x1, 0xf5f, 0x1, 0x2, 0x8, 0x8001, 0x4, 0x3ff, 0x3ff, 0x3, 0x7fffffff, 0x3c33, 0x9, 0x1d1, 0x3, 0x80, 0x7fff, 0x8, 0x3, 0x4, 0x5, 0x8, 0xa41, 0x0, 0x347, 0x5, 0x3, 0x10000, 0x1, 0x0, 0x9, 0x1, 0xfffffff9, 0x6, 0x8, 0x6, 0x9, 0x8, 0x6, 0x41, 0x3, 0x7, 0xffffa261, 0x7097, 0x2, 0x4, 0x80000000, 0xfffffffb, 0x1487, 0x80000000, 0xfff, 0x2, 0x8, 0x8000, 0x8, 0xf, 0x4, 0x4, 0x1c80, 0x6c8, 0x1, 0xfffffffc, 0x1, 0xcc, 0x10000, 0x8, 0xfffffffa, 0x2, 0x5, 0x1, 0x5, 0x0, 0x0, 0xffff6c09, 0x800, 0x72f1, 0x6, 0x6, 0x8, 0x40, 0x10001, 0x8, 0xffff, 0x4, 0x10000, 0x1, 0x4, 0x5, 0xa7, 0x1, 0x8, 0x0, 0x200, 0xfffffffd, 0xf, 0x7, 0xe, 0x0, 0x2, 0x12db, 0xba2b, 0x800, 0x9f04, 0x7d6d, 0x5, 0x9, 0x3, 0x1800000, 0x1, 0x7, 0x2, 0x10, 0xc, 0x3, 0x6, 0x80000, 0x10, 0x7050, 0x2, 0x1, 0x2, 0xffff7a52, 0x10, 0x6, 0x8, 0x3, 0x1, 0xa, 0x2, 0xb5, 0x1, 0x100, 0x6, 0x3, 0x7ab, 0x331c, 0x2c40, 0x100, 0x8, 0x7, 0x1, 0x9, 0x0, 0x4, 0x1, 0x7, 0xfffff800, 0x39, 0x2, 0x7000000, 0x1, 0xa8, 0x10, 0x100, 0xa0b, 0x9, 0x10000, 0x2, 0x3, 0x4, 0x400, 0x8, 0xab, 0x800, 0xfffffff7, 0x6, 0x3, 0x0, 0xffffffff, 0x9, 0x9, 0xa, 0xe, 0x2, 0x80000000, 0x7, 0x80000000, 0x2, 0x3ff, 0x2, 0x6, 0x7f, 0x7, 0x0, 0x800, 0x10000, 0x4, 0x400, 0x6000, 0x4, 0x7, 0x8591, 0x7, 0x8, 0x1, 0x1, 0x8, 0xb, 0x9, 0x7, 0x7fff, 0x1, 0x10001, 0x0, 0xfffffffe, 0xff, 0x1, 0x9, 0xf, 0x6, 0xfffffff8, 0x2000000, 0x2, 0x6, 0x2366286e, 0x2a, 0x65ecea85, 0x0, 0xd, 0xe16a, 0x7ff, 0x40000, 0x87a6f85a, 0x8, 0x8, 0x80000000, 0xffffffff, 0x2, 0x6, 0x2, 0xec, 0x1, 0xff, 0x8, 0x1, 0x4, 0x2, 0x9, 0x5, 0x4, 0x6, 0x1ff, 0x1000, 0x9, 0x5, 0x334b, 0xa, 0x7ff, 0x3, 0xfffff19d, 0x40, 0x8, 0x9, 0xff, 0x0, 0xe, 0x2, 0x0, 0x8, 0x1, 0x6, 0xa, 0x7, 0x8, 0x3ef4, 0x8, 0xfffffffa, 0x0, 0x401, 0x6, 0x1, 0x3, 0x2, 0x2, 0x7, 0x0, 0x7, 0xa, 0x401, 0x1, 0x3, 0x3, 0xa, 0x6, 0xfffffff5, 0x6, 0x6, 0x0, 0x81, 0x9, 0x3, 0x200, 0x40000, 0xe, 0xd2, 0x99, 0x4, 0x7, 0x2, 0x3, 0x8, 0x3, 0x8, 0x200, 0xffffff81, 0x9, 0xe3c9, 0x2, 0x8, 0x9, 0x8, 0x1, 0x2, 0x7, 0x5, 0x8001, 0x101, 0x6, 0x3527, 0x6b4, 0xffffffff, 0x5, 0x17e6, 0x3, 0x2, 0x2, 0x5, 0xd9, 0x7, 0x6, 0x7, 0x3, 0x6, 0x13b4c30c, 0xf8, 0x2, 0x7e5, 0x0, 0x1, 0x2, 0x2, 0x2, 0x7fffffff, 0x6, 0x2, 0x6, 0x4, 0x5, 0x75, 0x4, 0x80, 0x5, 0xf0, 0x2, 0x2, 0xc, 0x7f, 0x0, 0x55, 0x0, 0x1ff, 0x9, 0x2, 0x2, 0xfff, 0x8, 0x1, 0x0, 0x5, 0x2, 0x80, 0x2, 0xd, 0x8, 0xd5e4, 0x40, 0x9, 0xfba, 0x1, 0x68b30bd1, 0x8, 0xffff, 0x5, 0x5, 0x1, 0xc02f, 0xf, 0x0, 0x4500, 0x81, 0x800, 0xf0400000, 0x5, 0x0, 0x4, 0xd, 0x7c1, 0x9, 0x80000001, 0xfffffffd, 0x1, 0x4, 0x0, 0x8, 0x1000, 0x4, 0x4, 0x0, 0xe, 0x101, 0x5, 0xad, 0xfffffffb, 0x9, 0x0, 0x9, 0x5, 0x4, 0x74407118, 0x2, 0x0, 0x4, 0x4, 0x5, 0x9, 0x6, 0x7, 0x9, 0x4, 0x800, 0x4, 0x1, 0x2, 0x400, 0xdf42, 0x1, 0x1, 0x1, 0x9, 0x0, 0x2, 0x80000000, 0x2f, 0x1, 0x6, 0xffffff5c, 0x1, 0xfff, 0x0, 0x4, 0x9b, 0x4, 0x4, 0xa, 0x1, 0x5, 0x8, 0x4, 0xd1d9, 0x0, 0x8, 0x52, 0x8, 0x0, 0x6, 0x0, 0x9, 0x7, 0x3, 0xfffffff8, 0x4ff, 0x7f, 0x9, 0x8000, 0x8001, 0x39e, 0x2, 0xffff, 0x118c, 0xb28, 0x5772, 0xc32e, 0xc098, 0x7, 0x24, 0x5, 0x7, 0x2, 0x100, 0xffffff7f, 0x4, 0xa23, 0x8, 0x0, 0x800, 0x2, 0xfffff800, 0x6, 0x2, 0x8, 0x4, 0x8, 0x9, 0x8e5, 0x7, 0x6, 0x400, 0x0, 0xbc, 0x5, 0xe9c, 0x5, 0x1, 0xff, 0x5, 0x8000, 0x9, 0x5ea, 0x6, 0x5, 0x4, 0x8, 0xffffffff, 0x38000, 0x8, 0x2, 0x81, 0x2, 0xe, 0xc, 0xb2, 0x5, 0xffffffff, 0x5, 0x2, 0x7, 0x1, 0x4, 0x1, 0x3, 0x7fff, 0x5, 0x100, 0x1000, 0xa51c, 0x2, 0x8, 0x9, 0x8, 0x6, 0x6630, 0x7, 0x4, 0x7, 0x2, 0x4, 0xdd1d, 0x2, 0x0, 0x25, 0x3, 0x8, 0xff, 0x8, 0x7ff, 0x81, 0x7, 0x7, 0x7, 0x8, 0x5, 0xffffff96, 0x1900, 0x2, 0x2, 0x44, 0x3, 0x800, 0xffffffff, 0x10001, 0xf3, 0x6, 0x6, 0x4e0a325e, 0x1, 0x400, 0xd, 0x4, 0x85, 0x3, 0x38, 0x2, 0x7, 0x89a3, 0x2b, 0x898, 0x7, 0x1a8b, 0x0, 0x9, 0x6, 0x0, 0x0, 0xffff, 0x380c, 0x7, 0xf, 0xfffffffb, 0x9, 0xf, 0x2, 0xa, 0x3, 0xff, 0x80000000, 0x2, 0x8, 0x6, 0x5, 0x7, 0x6, 0x80, 0x5, 0x220f, 0x2, 0x2, 0x0, 0x8000, 0xe844, 0x9, 0x3, 0x6, 0x5, 0x2, 0xd76d, 0x0, 0x3c7, 0x1, 0x2, 0x7, 0xcacf, 0x4, 0x80, 0x3, 0x2d0, 0x1, 0x3, 0xa15, 0x1ff, 0xbb, 0xfffffffd, 0x7, 0x384, 0x2, 0x80, 0xc, 0x80, 0x8, 0xfffffff9, 0x6, 0x3, 0x3, 0x8, 0xb25, 0x9, 0x7, 0xffffff96, 0x7fff, 0x8001, 0x6b71ae0f, 0x6, 0x9664, 0x9, 0x2, 0x9, 0xfffffff9, 0x5, 0x400, 0x6, 0x5, 0x9f4, 0x101, 0x8, 0x3ff, 0x1, 0x3, 0x9, 0x4c, 0x2, 0x4, 0xffff1223, 0x7fff, 0x2, 0xfffffffe, 0x0, 0x5, 0xfec, 0x120000, 0x6, 0x4, 0x3, 0x3d, 0xe, 0x81, 0xa, 0x2f73d58b, 0x1, 0x8, 0x6, 0xfffffff9, 0x9, 0x2, 0x1, 0x69d4, 0x7ff, 0x17af16ec, 0x1ff, 0x1, 0x1, 0x35f, 0x3, 0x43, 0x4f, 0xec4, 0x9, 0x0, 0x0, 0x1, 0x7, 0x3ff, 0x9, 0x9d00, 0xff, 0x1000, 0x2, 0x65, 0x9, 0x3ff, 0x1, 0x1, 0x1000, 0x3, 0x200, 0x3, 0x10000, 0x4bd57dce, 0x1, 0xfffffffa, 0x200, 0xc00000, 0xc93c, 0xef8a, 0x1, 0x80, 0x1, 0x10001, 0x1, 0xffffffff, 0x7, 0xc35c, 0x1, 0x9, 0x7f, 0xa77, 0x4, 0x956, 0x0, 0xf, 0x9, 0x37, 0x7, 0x1000, 0x5, 0x10000, 0xfffffffb, 0x1, 0x2, 0xffff8000, 0x5, 0x2, 0x8, 0x3, 0x2, 0x80, 0x1, 0x6, 0x4, 0xffff99bb, 0x7, 0x80000001, 0x3, 0x1, 0x1, 0x6, 0x8, 0x74, 0x38de, 0x101, 0x9, 0x5, 0x1, 0xffffad65, 0x8001, 0x2, 0x7, 0x8001, 0xd, 0x1, 0x2, 0x4000000, 0x2, 0x1, 0x9, 0x2b202f7, 0x1ff, 0x3, 0xfffffff9, 0x9, 0x2, 0xb63, 0x9, 0x4ec3bf9, 0x64, 0x3, 0x5, 0x2, 0x0, 0x90, 0x7, 0xe, 0x45, 0x800, 0x7, 0x8, 0x5, 0x7, 0xb, 0x0, 0x0, 0xc64, 0x3, 0x2, 0x3, 0xbd, 0x0, 0x7, 0x5, 0x9, 0x100, 0x10, 0x1, 0x6, 0x1a, 0x9, 0x6, 0x2, 0x4, 0x98, 0x8001, 0x29f, 0x79, 0x8, 0x7, 0x6, 0x7fff, 0x9, 0x3, 0x5, 0x1d, 0xc, 0x3ff, 0x4, 0xf, 0x800, 0xdb3b, 0x10000, 0x7, 0x8, 0xffff7fff, 0x5, 0x8, 0xb, 0x0, 0xfffffffb, 0x9, 0x0, 0x1, 0x7f, 0x7, 0x83c, 0x4, 0x4, 0x2, 0x7, 0xfffffffd, 0x6, 0x101, 0x401, 0x40, 0x0, 0x80000000, 0x8, 0x6, 0x1, 0x8, 0x7, 0x7, 0x8, 0x6, 0x6, 0xfea, 0x6, 0x4, 0x1ff, 0x2, 0xc75, 0x9, 0x80000000, 0x0, 0x0, 0x7fff, 0x10002, 0x9, 0x1, 0x7, 0x982, 0x0, 0x0, 0x80000000, 0x5, 0xc0000000, 0x74, 0x100, 0x7, 0xfffffff8, 0x8, 0x8, 0x3, 0x6ccd, 0x6, 0x9, 0x4, 0x5, 0x0, 0x80000001, 0x2, 0x7, 0x9, 0xfff, 0xa5, 0x1, 0x100, 0xd, 0x100, 0x80000001, 0x8aa, 0x64, 0x9, 0x7, 0x4fa57480, 0x4, 0x7fff, 0x6], 0x0, 0x8}]})

6.960859095s ago: executing program 1 (id=4935):
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x36, 0x36}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1400000015000103000000"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x17)
mlock(&(0x7f0000bff000/0x400000)=nil, 0x400000)
syz_clone(0x3045900, 0x0, 0xffffffffffffff2b, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c0000001900010025bd701d0107000500898781000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, &(0x7f0000000000)=0x59cc, 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x45b, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYRES8], 0x7c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYRESDEC, @ANYBLOB="4525ac4f47ee2231868b247979283795f916bbe9cb5fd4232da61722b71471dd33e2b493c0718d30a373bd8aa5a663", @ANYRES32=r2, @ANYRES32=r0, @ANYRES8=r0, @ANYRES16=r1], 0x5c}, 0x1, 0x0, 0x0, 0x8c1}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x23, &(0x7f0000000000), 0x0)

6.882474654s ago: executing program 3 (id=4936):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000100ffff00000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000600000085000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0xf)
getsockopt$ax25_int(r1, 0x101, 0xc, &(0x7f0000000040), &(0x7f0000000080)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='objagg_obj_root_create\x00', r0, 0x0, 0x1ff}, 0xfffffd38)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240), 0xa000, 0x0)
readv(r2, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/34, 0x22}, {&(0x7f0000000280)=""/209, 0xd1}], 0x2)
ioctl$SNDCTL_DSP_GETCAPS(r2, 0x8004500f, &(0x7f0000000040))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x103842, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x20842, 0x0)
socket$rds(0x15, 0x5, 0x0)
r3 = userfaultfd(0x801)
r4 = socket(0x2c, 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="110000000400000004000000ff"], 0x17)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r5, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r4}, 0x20)
close(r4)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x1cc})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = open(&(0x7f00000000c0)='./bus\x00', 0x1e5842, 0x2)
sendfile(0xffffffffffffffff, r6, 0x0, 0x1000a3)
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000100)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000aea000/0x2000)=nil, 0x400000, 0x1, 0x2})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r7, &(0x7f0000000580)='1\x00', 0x2)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000000000406a0563000000000000010902"], 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)

6.701469476s ago: executing program 6 (id=4937):
syz_open_dev$usbfs(&(0x7f0000000000), 0x800000001ff, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000008000000f7fffff700"})
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r3 = io_uring_setup(0x7, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x50)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000080)=[{0x0, 0x114}], 0x1}, 0x24044010)
recvmmsg(r4, &(0x7f0000000640)=[{{0x0, 0x0, 0x0}, 0x7ffffbff}], 0x1, 0x14022, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x40)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)

6.198711196s ago: executing program 7 (id=4938):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
close(0xffffffffffffffff)
r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000700)='source', &(0x7f0000000780)='c:::/\x83\xc1\xcfD\xc4AO\x06)\xb03\xfcI\x95w\x96\x9b\xe9\xa6\x1a\x96\xael\x11\xa6\x06\xe3G\xb1\x1d$\xc2;\x8f\xf3\x13\xebB\x93\x94\x01\x8b\x88\xeb\xa3\x01\rx\x86bK&\x13a~//\x18\x14ZM\xcb\xad\x92>\xe5\x01V\xdc\x05#\x13\xe9F\xa0\x1b\xf8\xe12\xe9\x80\x988\xd8?\x86\xe9i\x7f\xa8\xe0c\x94\xc1\xae\x9c\xba\x1c\xfa\xbc\xa8\xbf\xff\xfe\xfe!\x7f2\xf1\xc7P\x80A\x1c2k\xf6}P\x19\xee:i|0\x1c\x13u\xb0I\xaa\xe3\x14\x9a\x1f\x9f(\xd1$\x06\xa8&t&A0\xa7\xef\x9cL\x8e1K', 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000000140), 0x10005}, 0x38)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x0, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x129a02, 0x0)
sendfile(r3, r2, &(0x7f0000000080)=0xb, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x5, 0x4, 0x6, 0x4, 0x0, 0xffffffffffffffff, 0x3}, 0x50)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)='I', 0x1, 0x0, 0x0, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000040), &(0x7f0000000180)=0xe)
bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r4, &(0x7f0000000100), 0x6)

6.065057898s ago: executing program 1 (id=4939):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39ddd8)
socket$nl_netfilter(0x10, 0x3, 0xc)
io_uring_setup(0x2c4e, &(0x7f00000000c0)={0x0, 0x8000002, 0x200, 0x1000001, 0x1a8})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2, 0x0, 0x2000000}, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYRESOCT=r0], 0xfc}}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_GET_MSRS_cpu(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000100)={0x1, 0x0, [{0x28e, 0x0, 0x2}]})
openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi2\x00', 0xa400, 0x0)
write$binfmt_elf32(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="5402"], 0x69)
close(r1)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r5, 0x40505331, &(0x7f0000000100)={{}, {0xe}, 0x4})

5.779168529s ago: executing program 6 (id=4940):
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x36, 0x36}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYRESDEC, @ANYBLOB="4525ac4f47ee2231868b247979283795f916bbe9cb5fd4232da61722b71471dd33e2b493c0718d30a373bd8aa5a663", @ANYRES32=r2, @ANYRES32=r0, @ANYRES8=r0, @ANYRES16=r1], 0x5c}, 0x1, 0x0, 0x0, 0x8c1}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x23, &(0x7f0000000000), 0x0)

5.73811239s ago: executing program 7 (id=4941):
syz_usb_connect(0x5, 0x35, &(0x7f0000000500)=ANY=[@ANYBLOB="120100004aaf36207205a5580a27010203010902230001000000000904010901a37d7e03090500004000020401080b"], 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(0xffffffffffffffff, 0xc06864b8, &(0x7f0000000580)={0x0, 0xc1, 0xf, 0x20203243, 0x3, [0x2], [0x80ffff, 0x0, 0x2, 0xfffffffe], [0x0, 0x0, 0x0, 0x3], [0xfff, 0x0, 0x8000000000000000]})
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000bdd000/0x4000)=nil, 0x4000, &(0x7f0000000180)='workdir')
r0 = openat$sequencer2(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(r0, 0x40085112, &(0x7f0000000d80)=@e={0xff, 0xa, 0x0, 0x0, @SEQ_NOTEON=@special})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r1 = syz_open_dev$video(0x0, 0x101, 0xab02)
ioctl$VIDIOC_S_CROP(r1, 0x4014563c, &(0x7f0000000040)={0x9, {0xf8000000, 0x4, 0x2008, 0xffffbfff}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x200970}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r2 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102392, 0x18ff8)
read$FUSE(0xffffffffffffffff, &(0x7f0000002580)={0x2020}, 0x2020)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x180)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x4c)
symlinkat(&(0x7f0000000040)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
unlink(&(0x7f00000002c0)='./file0/file0\x00')
open(&(0x7f0000000000)='./file1\x00', 0x105101, 0x95)

5.679997894s ago: executing program 2 (id=4942):
r0 = syz_open_dev$evdev(&(0x7f0000000080), 0x6, 0x200080)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
clock_nanosleep(0x2, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x63)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRES16=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f000000a400)={0x2020, 0x0, <r3=>0x0}, 0x2020)
syz_fuse_handle_req(r2, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0xfffffffffffffff6, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0x90, 0xffffffffffffffda, 0x0, {0x3, 0x1, 0x0, 0x0, 0xffffffff, 0x0, {0x6, 0x200000000, 0x0, 0x6, 0x3, 0x0, 0x0, 0xfffffffd, 0x0, 0x6000, 0x2, 0x0, 0x0, 0x101}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3}, 0x50)
r4 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x4842, 0x0)
writev(r4, &(0x7f0000000a40)=[{0x0}, {&(0x7f0000000e00)='t', 0x2fd200}, {0x0, 0x2200}, {&(0x7f0000001000)="d6", 0x20c00}], 0x21)
openat$selinux_load(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r5 = openat$selinux_policy(0xffffff9c, &(0x7f0000001040), 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x300000b, 0x12, r5, 0x0)
ioctl$EVIOCGABS2F(r0, 0x8018456f, &(0x7f0000000180)=""/129)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_TSINFO_GET(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x2c, r7, 0x1, 0x0, 0x0, {0x1c}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond_slave_1\x00'}]}]}, 0x2c}}, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_RW$syz(r5, 0x3ba0, &(0x7f0000000480)={0x48, 0x8, r5, 0x0, 0x1, 0x3287bd, 0x43, &(0x7f0000000400)="f0ba4fb88363d8b8ee7860d0dc45b5bf9be63757b38f11213ee878aac08300ccdc6a67b098bcba196753bc375d8a216ceabc3297f8b85f8c82ccb6541a664d242ea776", 0x4})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$smc(&(0x7f0000000b40), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r8, &(0x7f0000000c40)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000380)={0x48, r9, 0x605, 0x70bd26, 0x25dfdbff, {}, [@SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_to_hsr\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_to_team\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x4}, 0x10)
sendmsg$SMC_PNETID_GET(r0, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x22}, 0xc, &(0x7f00000002c0)={&(0x7f0000000240)={0x64, r9, 0x100, 0x70bd27, 0x25dfdbff, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'macvlan0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x2}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz2\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'netpci0\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_NAME={0x9, 0x1, 'syz1\x00'}]}, 0x64}, 0x1, 0x0, 0x0, 0x801}, 0x20044000)

4.767878994s ago: executing program 6 (id=4943):
madvise(&(0x7f0000bdd000/0x2000)=nil, 0x2000, 0x61)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x80201, 0x0)
write$rfkill(r4, &(0x7f0000000000)={0x0, 0x8, 0x2, 0x1}, 0x8)

4.657951071s ago: executing program 3 (id=4944):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
timer_create(0x1, 0x0, &(0x7f0000000940))
fcntl$lock(0xffffffffffffffff, 0x5, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
fsopen(&(0x7f0000000700)='affs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000100)='mode\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = getpid()
r6 = syz_pidfd_open(r5, 0x0)
open_by_handle_at(r6, &(0x7f0000000180)=ANY=[@ANYBLOB="15000000fe00000064d85688d32a5c55922cc9"], 0x1)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, 0x0, 0x0)
r7 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010100, 0x4e24, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@remote, 0x4e23, 0x10000, 0x0, 0x12d5c, 0x12d5c}}, 0x44)
sendmsg$sock(r7, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev, 0xfffffffc}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)

4.468855888s ago: executing program 2 (id=4945):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
timer_create(0x1, 0x0, &(0x7f0000000940))
fcntl$lock(0xffffffffffffffff, 0x5, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={0x0, r1}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
fsopen(&(0x7f0000000700)='affs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000100)='mode\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = getpid()
r6 = syz_pidfd_open(r5, 0x0)
open_by_handle_at(r6, &(0x7f0000000180)=ANY=[@ANYBLOB="15000000fe00000064d85688d32a5c55922cc9"], 0x1)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, 0x0, 0x0)
r7 = socket$kcm(0xa, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010100, 0x4e24, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@remote, 0x4e23, 0x10000, 0x0, 0x12d5c, 0x12d5c}}, 0x44)
sendmsg$sock(r7, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev, 0xfffffffc}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)

3.714430493s ago: executing program 6 (id=4946):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = getpid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$inet6_tcp_buf(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000020000000000000f9ffff0b850a0000ae000009000000000700000095"], &(0x7f0000000080)='GPL\x00', 0xfffffffd, 0x0, 0x0, 0x640d324e0b46ddb9, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r2}, 0x90)
statx(0xffffffffffffffff, 0x0, 0x48e0cdf8471afff4, 0x54663aafb2d54055, 0x0)
keyctl$instantiate(0xc, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='load default user:t0000000000000004096 ', @ANYRES8=r2], 0x31, 0xfffffffffffffffc)
add_key(&(0x7f0000000400)='id_legacy\x00', &(0x7f0000000180)={'syz', 0x1}, &(0x7f0000000680)="a68c867ec0cf116e61f4254fc4a073fa67755107a44789eb3ba008faee07115eb36c477b2b8b0827ca854c3be3ada7a846f768473e1779d0b6e7b123e6b1085d15fef8f23dbb313d1652c299468cc86ca59d988e0104000000000000bfb5cde877a0877f864c9406087e5694e8eda27f3227259885406e2c12fbacdea05c3eaed00a5ef0ce513dd712fec67fbb465e6458c0030460dce5415f2aa06775e288e8acc02966f49829d32675411c3676ac8923b305726bfc73131c789ebf3e929032bdce01aa2de569a046121012bf2b922b3de64929ad12e870e3be27c68fe0160f88e51fcf3dcbb2a03af9fbe0a37ff934a8d2d1d0b697945403fa7f196a977daf89757c5d976020eedcba33aac2d1b2920859cfc43f1725a35efd2e2bdcdf7dd13aa33c77e3395b47158a43df9348a3da19a7f695b833a123786994e18511159d460d0000000000c61cc2a060eebe80ec977eb8b3bb5d0e495deb43c64b8766a9888775b6379d1f03e79cd2f5d38d0de748c10ed2546c97e00002b64a22b79ed6bf9578b21d85085b0fc29198a58f0e3c01eefcfd5d2e87df13338d07ce5b24c8e50eeb881b1483fb0000000000", 0x1ad, 0xfffffffffffffffe)
syncfs(0xffffffffffffffff)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$packet(0x11, 0x2, 0x300)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r3, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000080)=0x6)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f00000010c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x460, 0x280, 0x268, 0x300, 0x280, 0x268, 0x390, 0x460, 0x460, 0x390, 0x460, 0x9, 0x0, {[{{@uncond, 0x0, 0x240, 0x280, 0x0, {0x9401}, [@common=@inet=@hashlimit2={{0x150}, {'hsr0\x00', {0x0, 0xb, 0x0, 0x3, 0x0, 0x5, 0x9}}}, @common=@unspec=@limit={{0x48}, {0xfff, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x2}}]}, @common=@inet=@LOG={0x40, 'LOG\x00', 0x0, {0x8, 0x21, "6bb6778f9bdec125b0fb4f26be757b1e6f2fb8e9079627dc6726c4bc85e9"}}}, {{@ipv6={@private2, @remote, [], [], 'ip6gretap0\x00', 'ip6_vti0\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x511)

3.233265913s ago: executing program 3 (id=4947):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$inet_buf(r0, 0x0, 0x4, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x6, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x20040, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_SREGS2(r3, 0x4140aecd, &(0x7f0000000140)={{0x80a0000, 0xffff1000, 0xf000, 0x9, 0x7f, 0xe3, 0x81, 0xff, 0x0, 0x84, 0x2, 0xb}, {0xd000, 0xd000, 0x10, 0x3, 0x3, 0x7, 0x5, 0x6, 0x1, 0x4, 0xfa, 0x5}, {0xf000, 0x80a0000, 0x4, 0x4, 0x10, 0x81, 0x4, 0x13, 0x5, 0x7, 0x92, 0x80}, {0x10000, 0xeeef0000, 0xe, 0x5, 0x1, 0x40, 0x2, 0x0, 0xfa, 0x29, 0x9, 0x9}, {0xeeee8000, 0x23189000, 0xf, 0x9, 0x5, 0x2, 0x7, 0xf1, 0x7, 0x6e, 0x0, 0x8}, {0x5000, 0x1000, 0xe, 0x2, 0xad, 0x2, 0x4, 0x5, 0x1, 0xe, 0x6, 0xa}, {0x10000, 0x8080000, 0xe, 0x0, 0xcd, 0x5, 0x5, 0x22, 0x5, 0x6, 0xff, 0x6}, {0x1, 0xeeef0000, 0xd, 0xe, 0x10, 0x3e, 0x3, 0x0, 0x7f, 0x1, 0x0, 0x8}, {0x100000, 0x5}, {0x8080000, 0xfffb}, 0x80000003, 0x0, 0x6000, 0x69, 0x5, 0xa800, 0x8000900, 0x1, [0x71b, 0x2, 0x3, 0x3]})
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
shutdown(0xffffffffffffffff, 0x1)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
ioctl$KVM_SET_DEBUGREGS(r9, 0x4080aea2, &(0x7f00000001c0)={[0xdddd1000, 0x6000, 0x2, 0x1000], 0x2, 0x18})

2.866920297s ago: executing program 2 (id=4948):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x15d74000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r3, &(0x7f0000000140)='^', 0x34000, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10)
listen(r3, 0xda90)
accept4(r3, 0x0, 0x0, 0x0)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[], 0x10}, 0x1, 0x0, 0x0, 0x80c0}, 0x804)
syz_genetlink_get_family_id$nfc(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000002c0))
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f0000000380))
sendmsg$NFC_CMD_LLC_SDREQ(0xffffffffffffffff, 0x0, 0x40000)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000006207000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x68, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
write$UHID_INPUT(r6, &(0x7f0000004000)={0xf, {"a2e3ad21ed0d09f91b50090987f70906d038e7ff7fc6e5539b0d3d0e8b089b33396d63060890e0878f0e1ac6e7049b334a959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b07580936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383701d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b6080000007a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb06ffc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb15da202d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0xfffffffffffffe59}}, 0xfa)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000001100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x30, 0x30, 0x4, [@var={0x2, 0x0, 0x0, 0x11, 0x3}, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{}]}, @func_proto={0x2, 0x0, 0x0, 0xc, 0x2}]}, {0x0, [0x0, 0x61]}}, 0x0, 0x4c, 0x0, 0x2}, 0x20)
socket$nl_generic(0x10, 0x3, 0x10)

2.645276808s ago: executing program 7 (id=4949):
syz_usb_connect(0x2, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="120100000c9768405e0483020b9901e4020109021b000100000000090400fb0160291d00090509a9143c"], 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c2", 0x17)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x40800)
recvmmsg$unix(r1, &(0x7f0000000880)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000280)=""/45, 0x2d}], 0x1}}], 0x1, 0x43, 0x0)
r2 = syz_open_dev$audion(&(0x7f0000000000), 0x3, 0x1)
r3 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x3, 0x0, {0x60, 0x0, 0x0, r4, {0x0, 0x3}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_INTERVAL={0x8, 0x3, 0x7fffffff}, @TCA_FQ_CODEL_ECN={0x8}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x1d4}, 0x8840)
r5 = io_uring_setup(0x12b9, &(0x7f00000002c0)={0x0, 0x48c7, 0x810, 0xfffffffc, 0x1000168})
r6 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000380)=ANY=[@ANYRES32=r7, @ANYRES32=r6, @ANYBLOB='&'], 0x10)
close_range(r5, 0xffffffffffffffff, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000640)=ANY=[@ANYBLOB="1500000065ffff00000000080039503230303c124c"], 0x5ce)
ioctl$SIOCGETMIFCNT_IN6(r2, 0x89e0, 0x0)

2.163455566s ago: executing program 1 (id=4950):
syz_open_dev$usbfs(&(0x7f0000000000), 0x800000001ff, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000008000000f7fffff700"})
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r3 = io_uring_setup(0x7, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x50)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000080)=[{0x0, 0x114}], 0x1}, 0x24044010)
recvmmsg(r4, &(0x7f0000000640)=[{{0x0, 0x0, 0x0}, 0x7ffffbff}], 0x1, 0x14022, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x40)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)

1.439955514s ago: executing program 2 (id=4951):
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x36, 0x36}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=ANY=[@ANYBLOB="1400000015000103000000"], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x17)
mlock(&(0x7f0000bff000/0x400000)=nil, 0x400000)
syz_clone(0x3045900, 0x0, 0xffffffffffffff2b, 0x0, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=ANY=[@ANYBLOB="1c0000001900010025bd701d0107000500898781000000"], 0x1c}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2a, &(0x7f0000000000)=0x59cc, 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x45b, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYRES8], 0x7c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYRESDEC, @ANYBLOB="4525ac4f47ee2231868b247979283795f916bbe9cb5fd4232da61722b71471dd33e2b493c0718d30a373bd8aa5a663", @ANYRES32=r2, @ANYRES32=r0, @ANYRES8=r0, @ANYRES16=r1], 0x5c}, 0x1, 0x0, 0x0, 0x8c1}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x23, &(0x7f0000000000), 0x0)

1.275837426s ago: executing program 3 (id=4952):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
close(0xffffffffffffffff)
r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000700)='source', &(0x7f0000000780)='c:::/\x83\xc1\xcfD\xc4AO\x06)\xb03\xfcI\x95w\x96\x9b\xe9\xa6\x1a\x96\xael\x11\xa6\x06\xe3G\xb1\x1d$\xc2;\x8f\xf3\x13\xebB\x93\x94\x01\x8b\x88\xeb\xa3\x01\rx\x86bK&\x13a~//\x18\x14ZM\xcb\xad\x92>\xe5\x01V\xdc\x05#\x13\xe9F\xa0\x1b\xf8\xe12\xe9\x80\x988\xd8?\x86\xe9i\x7f\xa8\xe0c\x94\xc1\xae\x9c\xba\x1c\xfa\xbc\xa8\xbf\xff\xfe\xfe!\x7f2\xf1\xc7P\x80A\x1c2k\xf6}P\x19\xee:i|0\x1c\x13u\xb0I\xaa\xe3\x14\x9a\x1f\x9f(\xd1$\x06\xa8&t&A0\xa7\xef\x9cL\x8e1K', 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000000140), 0x10005}, 0x38)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x0, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x129a02, 0x0)
sendfile(r3, r2, &(0x7f0000000080)=0xb, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x5, 0x4, 0x6, 0x4, 0x0, 0xffffffffffffffff, 0x3}, 0x50)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)='I', 0x1, 0x0, 0x0, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$inet_sctp_SCTP_EVENTS(0xffffffffffffffff, 0x84, 0xb, &(0x7f0000000040), &(0x7f0000000180)=0xe)
bind$bt_hci(r4, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r4, &(0x7f0000000100), 0x6)

1.181780634s ago: executing program 1 (id=4953):
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x36, 0x36}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
socketpair$unix(0x1, 0x1, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYRESDEC, @ANYBLOB="4525ac4f47ee2231868b247979283795f916bbe9cb5fd4232da61722b71471dd33e2b493c0718d30a373bd8aa5a663", @ANYRES32=r2, @ANYRES32=r0, @ANYRES8=r0, @ANYRES16=r1], 0x5c}, 0x1, 0x0, 0x0, 0x8c1}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x23, &(0x7f0000000000), 0x0)

853.058449ms ago: executing program 7 (id=4954):
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ppoll(&(0x7f0000000180)=[{r0, 0x1}], 0x1, 0x0, 0x0, 0x0) (fail_nth: 4)

803.020921ms ago: executing program 3 (id=4955):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="180000000100ffff00000000000000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000600000085000000040000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_init_net_socket$ax25(0x3, 0x2, 0xf)
getsockopt$ax25_int(r1, 0x101, 0xc, &(0x7f0000000040), &(0x7f0000000080)=0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000140)='objagg_obj_root_create\x00', r0, 0x0, 0x1ff}, 0xfffffd38)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000240), 0xa000, 0x0)
readv(r2, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/34, 0x22}, {&(0x7f0000000280)=""/209, 0xd1}], 0x2)
ioctl$SNDCTL_DSP_GETCAPS(r2, 0x8004500f, &(0x7f0000000040))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x103842, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x20842, 0x0)
socket$rds(0x15, 0x5, 0x0)
r3 = userfaultfd(0x801)
r4 = socket(0x2c, 0x3, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="110000000400000004000000ff"], 0x17)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r5, &(0x7f0000000140), &(0x7f0000000080)=@udp6=r4}, 0x20)
close(r4)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000001c0)={0xaa, 0x1cc})
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}})
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = open(&(0x7f00000000c0)='./bus\x00', 0x1e5842, 0x2)
sendfile(0xffffffffffffffff, r6, 0x0, 0x1000a3)
ioctl$UFFDIO_COPY(r3, 0xc028aa03, &(0x7f0000000100)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000aea000/0x2000)=nil, 0x400000, 0x1, 0x2})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r7 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r7, &(0x7f0000000580)='1\x00', 0x2)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000000000406a0563000000000000010902"], 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)

220.616847ms ago: executing program 2 (id=4956):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000005580)=""/102392, 0x18ff8)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDCTL_DSP_GETOSPACE(0xffffffffffffffff, 0x8010500c, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@mpls_delroute={0xa0, 0x18, 0x9, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1, 0x300}, [@RTA_NEWDST={0x84, 0x13, [{0xb, 0x0, 0x1}, {0xae5, 0x0, 0x1}, {0x9}, {0x1}, {0x6}, {0x8, 0x0, 0x1}, {0x3ff, 0x0, 0x1}, {0x9, 0x0, 0x1}, {0x6}, {0x7ff, 0x0, 0x1}, {0x0, 0x0, 0x1}, {0x75a}, {0xfff, 0x0, 0x1}, {0x4}, {0xf0001, 0x0, 0x1}, {0x9}, {0xffff}, {}, {0x3, 0x0, 0x1}, {0x1, 0x0, 0x1}, {0x9}, {0x2}, {0x3ff}, {0x800, 0x0, 0x1}, {0x7ff, 0x0, 0x1}, {0x5}, {0xd24a2, 0x0, 0x1}, {0x572a, 0x0, 0x1}, {0x1, 0x0, 0x1}, {0x6, 0x0, 0x1}, {0x200}, {0x1a}]}]}, 0xa0}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x20000000)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300))
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r8, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x24040084)
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000380)=@newqdisc={0x5c, 0x28, 0x4ee4e6a52ff56541, 0x3ffd, 0xfffffdfc, {0x0, 0x0, 0x0, r8, {0x1}, {0xffff, 0xffff}, {0x2, 0xa}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x18, 0x2, [@TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0xc3f2}, @TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME={0xc, 0x8, 0x6}]}}, @qdisc_kind_options=@q_pfifo={{0xa}, {0x8}}]}, 0x5c}, 0x1, 0x0, 0x0, 0x400dc}, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000340)={0x0}, 0x1, 0x0, 0x0, 0x42804}, 0x0)
r9 = syz_usb_connect(0x0, 0x24, 0x0, 0x0)
syz_usb_control_io$printer(r9, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r9, 0x0, 0x0)

181.340251ms ago: executing program 7 (id=4957):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi4\x00', 0x400, 0x0)
ioctl$COMEDI_INSNLIST(r0, 0x8010640b, &(0x7f0000000080)={0x1, &(0x7f00001cc500)=[{0xa000005, 0x5ab, &(0x7f0000000100)=[0x3, 0x4, 0x8, 0x1, 0x5, 0x3, 0x4, 0x1, 0x10, 0x31, 0xfffffffa, 0x5, 0x2, 0x9ea4, 0x0, 0xb, 0xfff, 0x4, 0x6, 0xffffff80, 0x8, 0x2, 0x213, 0xa0, 0x5, 0x6, 0xf, 0x3, 0x8, 0x2, 0x9, 0x9, 0xae29, 0x0, 0x2, 0x0, 0xfffffffd, 0x7, 0x7, 0xf, 0x8, 0x80, 0x2, 0x4, 0x6, 0x2, 0x4, 0x8203, 0x7f, 0x7ff, 0x0, 0xfffffffe, 0x10, 0x9f, 0x6, 0xd9, 0x4, 0x3, 0x5, 0x0, 0x400, 0x6, 0x2, 0x5, 0x8, 0x8, 0x0, 0x3, 0x8, 0x8001, 0x7, 0x0, 0xffffff7c, 0x6, 0xc, 0x9, 0x3, 0x0, 0x90, 0x2, 0xe4d, 0x1000, 0x1, 0x3, 0x8, 0xe5, 0x100, 0x0, 0x13, 0x4, 0xffffffff, 0x2, 0x6, 0x9, 0x42587ff8, 0x8, 0x9, 0x7, 0x1, 0x6, 0xc44, 0x6, 0xffff8000, 0x8000, 0x7, 0xb, 0x2, 0x1, 0x7, 0x200, 0x80000001, 0x360f, 0xef7b, 0x800, 0x5, 0x1, 0x9, 0xffffffff, 0x2, 0x5, 0x8001, 0x8, 0xffffffff, 0x3, 0x3ff, 0x4000000, 0x1, 0x7, 0x24, 0x6, 0x4, 0x1, 0x401, 0x6, 0x0, 0x448b0e14, 0x80000000, 0x6, 0x48000, 0xc8, 0x8, 0x5, 0x2, 0x789aa8a7, 0x8, 0x10000, 0x16, 0x3, 0x7fffffff, 0x7, 0x9, 0x2ae874f4, 0xfffff764, 0x3, 0x8e, 0x487d, 0x7f, 0x8, 0x400, 0x95ea, 0x80000000, 0x4, 0x2000000, 0x7fffffff, 0x6, 0xc, 0x3, 0x7, 0x1, 0x7, 0x9b, 0x6, 0x7, 0x12, 0x100, 0xfffffff8, 0x2, 0x6a29812c, 0x8, 0xc88, 0x900, 0xf9, 0x8, 0x6, 0xffffffff, 0x0, 0x0, 0x4, 0x1, 0x9, 0x101, 0x7, 0x81, 0x31, 0x2, 0x0, 0x5, 0x3, 0x7f, 0x1, 0x0, 0x7, 0x2, 0x2, 0x97, 0x50, 0x4736000, 0x3, 0x5, 0x7, 0x140, 0x7, 0xffffffff, 0x2, 0x3ff, 0x101, 0x6, 0x2, 0x2, 0x100, 0x9, 0x100, 0x9, 0xfffffff0, 0x8, 0xffffffff, 0x1, 0x2, 0x17f2, 0x2, 0x1, 0x3, 0x2, 0x7, 0xfffffff9, 0xfffffff2, 0x4, 0x10000, 0x10, 0x4, 0x0, 0x5, 0x1, 0x8, 0x5934, 0x4, 0x70000000, 0x7000000, 0x8001, 0x10001, 0x63fa, 0x4, 0x0, 0xffff7fff, 0x68, 0x1, 0x9, 0x7, 0xfffffffa, 0x4a99, 0x3, 0x3, 0x85da, 0xfffffffb, 0x8, 0x8, 0x1, 0x401, 0x9, 0xfff, 0x9, 0x4, 0x4, 0x9a5, 0x8, 0x0, 0x54800000, 0x0, 0xf, 0x2, 0xd8, 0x1000, 0x100, 0x5, 0x6, 0x2, 0x3, 0x7, 0x5, 0x4, 0x2, 0x40, 0xf0c, 0xff, 0xff, 0x7, 0x9, 0x1, 0x7, 0x80000000, 0x400, 0xbe58, 0x5, 0xc0000000, 0x2, 0x6, 0x0, 0x0, 0x9, 0x8, 0x4, 0xb7bb, 0x4, 0x9, 0x8, 0x49, 0x27cc3f39, 0x5, 0x80000001, 0x9c32, 0x7ff, 0x3ff, 0x8, 0x2, 0x3, 0x100, 0x8, 0x7, 0x16e, 0x5, 0x10, 0x9, 0x1, 0x186c, 0x814d, 0x9, 0x18, 0x6, 0x2, 0x101, 0x8000, 0x56, 0x3, 0x39b6, 0x1200000, 0x1, 0x2, 0x0, 0xffffffff, 0x6a3, 0x3, 0x9, 0x0, 0xf8ba, 0xffffffff, 0x80000001, 0x1, 0x10, 0x3, 0x4, 0x9, 0x1, 0x2, 0x9eeb, 0x2, 0x10000, 0x0, 0x9, 0x16, 0x2f, 0x6703, 0x1, 0x2, 0xc, 0xef5, 0x4, 0x101, 0xe, 0xa4, 0x28c3, 0x7e6, 0x9, 0x9, 0x2, 0x8193, 0x2, 0xc0, 0x4, 0x5, 0x2, 0x6, 0x6, 0x4, 0x4, 0x0, 0x7fffffff, 0xffff, 0x16e, 0x5, 0x1ff, 0x9, 0x3, 0x0, 0x7f, 0xc, 0x2, 0x8, 0xfffff146, 0x4, 0x359c, 0x6, 0x4, 0x0, 0x9, 0x2, 0x80, 0x8, 0x9, 0x8, 0x7, 0x7, 0x3, 0x3, 0x81, 0xfffffffc, 0x7, 0x8, 0x4, 0x10000, 0x3, 0x3, 0x9, 0x9, 0x4, 0xb43, 0x2, 0x10, 0xffffffc0, 0xff, 0x1, 0x0, 0x3, 0x34430f57, 0x1, 0xffff, 0x4, 0x5, 0x10001, 0xff, 0x5, 0x10000, 0x9, 0x800, 0x3, 0x3, 0x2, 0x9, 0x7, 0x6, 0xea5, 0x1, 0x1000, 0xda, 0x9, 0xa, 0x5, 0xa, 0x8, 0x7, 0x1, 0x0, 0x2, 0xfffffff8, 0x400, 0xf, 0x9, 0x6, 0x4, 0x9, 0x9, 0x100, 0x1f2a, 0x5, 0x0, 0x80000000, 0x5be, 0x7, 0xe0000, 0x9, 0xd46a, 0x1, 0xf5f, 0x1, 0x2, 0x8, 0x8001, 0x4, 0x3ff, 0x3ff, 0x3, 0x7fffffff, 0x3c33, 0x9, 0x1d1, 0x3, 0x80, 0x7fff, 0x8, 0x3, 0x4, 0x5, 0x8, 0xa41, 0x0, 0x347, 0x5, 0x3, 0x10000, 0x1, 0x0, 0x9, 0x1, 0xfffffff9, 0x6, 0x8, 0x6, 0x9, 0x8, 0x6, 0x41, 0x3, 0x7, 0xffffa261, 0x7097, 0x2, 0x4, 0x80000000, 0xfffffffb, 0x1487, 0x80000000, 0xfff, 0x2, 0x8, 0x8000, 0x8, 0xf, 0x4, 0x4, 0x1c80, 0x6c8, 0x1, 0xfffffffc, 0x1, 0xcc, 0x10000, 0x8, 0xfffffffa, 0x2, 0x5, 0x1, 0x5, 0x0, 0x0, 0xffff6c09, 0x800, 0x72f1, 0x6, 0x6, 0x8, 0x40, 0x10001, 0x8, 0xffff, 0x4, 0x10000, 0x1, 0x4, 0x5, 0xa7, 0x1, 0x8, 0x0, 0x200, 0xfffffffd, 0xf, 0x7, 0xe, 0x0, 0x2, 0x12db, 0xba2b, 0x800, 0x9f04, 0x7d6d, 0x5, 0x9, 0x3, 0x1800000, 0x1, 0x7, 0x2, 0x10, 0xc, 0x3, 0x6, 0x80000, 0x10, 0x7050, 0x2, 0x1, 0x2, 0xffff7a52, 0x10, 0x6, 0x8, 0x3, 0x1, 0xa, 0x2, 0xb5, 0x1, 0x100, 0x6, 0x3, 0x7ab, 0x331c, 0x2c40, 0x100, 0x8, 0x7, 0x1, 0x9, 0x0, 0x4, 0x1, 0x7, 0xfffff800, 0x39, 0x2, 0x7000000, 0x1, 0xa8, 0x10, 0x100, 0xa0b, 0x9, 0x10000, 0x2, 0x3, 0x4, 0x400, 0x8, 0xab, 0x800, 0xfffffff7, 0x6, 0x3, 0x0, 0xffffffff, 0x9, 0x9, 0xa, 0xe, 0x2, 0x80000000, 0x7, 0x80000000, 0x2, 0x3ff, 0x2, 0x6, 0x7f, 0x7, 0x0, 0x800, 0x10000, 0x4, 0x400, 0x6000, 0x4, 0x7, 0x8591, 0x7, 0x8, 0x1, 0x1, 0x8, 0xb, 0x9, 0x7, 0x7fff, 0x1, 0x10001, 0x0, 0xfffffffe, 0xff, 0x1, 0x9, 0xf, 0x6, 0xfffffff8, 0x2000000, 0x2, 0x6, 0x2366286e, 0x2a, 0x65ecea85, 0x0, 0xd, 0xe16a, 0x7ff, 0x40000, 0x87a6f85a, 0x8, 0x8, 0x80000000, 0xffffffff, 0x2, 0x6, 0x2, 0xec, 0x1, 0xff, 0x8, 0x1, 0x4, 0x2, 0x9, 0x5, 0x4, 0x6, 0x1ff, 0x1000, 0x9, 0x5, 0x334b, 0xa, 0x7ff, 0x3, 0xfffff19d, 0x40, 0x8, 0x9, 0xff, 0x0, 0xe, 0x2, 0x0, 0x8, 0x1, 0x6, 0xa, 0x7, 0x8, 0x3ef4, 0x8, 0xfffffffa, 0x0, 0x401, 0x6, 0x1, 0x3, 0x2, 0x2, 0x7, 0x0, 0x7, 0xa, 0x401, 0x1, 0x3, 0x3, 0xa, 0x6, 0xfffffff5, 0x6, 0x6, 0x0, 0x81, 0x9, 0x3, 0x200, 0x40000, 0xe, 0xd2, 0x99, 0x4, 0x7, 0x2, 0x3, 0x8, 0x3, 0x8, 0x200, 0xffffff81, 0x9, 0xe3c9, 0x2, 0x8, 0x9, 0x8, 0x1, 0x2, 0x7, 0x5, 0x8001, 0x101, 0x6, 0x3527, 0x6b4, 0xffffffff, 0x5, 0x17e6, 0x3, 0x2, 0x2, 0x5, 0xd9, 0x7, 0x6, 0x7, 0x3, 0x6, 0x13b4c30c, 0xf8, 0x2, 0x7e5, 0x0, 0x1, 0x2, 0x2, 0x2, 0x7fffffff, 0x6, 0x2, 0x6, 0x4, 0x5, 0x75, 0x4, 0x80, 0x5, 0xf0, 0x2, 0x2, 0xc, 0x7f, 0x0, 0x55, 0x0, 0x1ff, 0x9, 0x2, 0x2, 0xfff, 0x8, 0x1, 0x0, 0x5, 0x2, 0x80, 0x2, 0xd, 0x8, 0xd5e4, 0x40, 0x9, 0xfba, 0x1, 0x68b30bd1, 0x8, 0xffff, 0x5, 0x5, 0x1, 0xc02f, 0xf, 0x0, 0x4500, 0x81, 0x800, 0xf0400000, 0x5, 0x0, 0x4, 0xd, 0x7c1, 0x9, 0x80000001, 0xfffffffd, 0x1, 0x4, 0x0, 0x8, 0x1000, 0x4, 0x4, 0x0, 0xe, 0x101, 0x5, 0xad, 0xfffffffb, 0x9, 0x0, 0x9, 0x5, 0x4, 0x74407118, 0x2, 0x0, 0x4, 0x4, 0x5, 0x9, 0x6, 0x7, 0x9, 0x4, 0x800, 0x4, 0x1, 0x2, 0x400, 0xdf42, 0x1, 0x1, 0x1, 0x9, 0x0, 0x2, 0x80000000, 0x2f, 0x1, 0x6, 0xffffff5c, 0x1, 0xfff, 0x0, 0x4, 0x9b, 0x4, 0x4, 0xa, 0x1, 0x5, 0x8, 0x4, 0xd1d9, 0x0, 0x8, 0x52, 0x8, 0x0, 0x6, 0x0, 0x9, 0x7, 0x3, 0xfffffff8, 0x4ff, 0x7f, 0x9, 0x8000, 0x8001, 0x39e, 0x2, 0xffff, 0x118c, 0xb28, 0x5772, 0xc32e, 0xc098, 0x7, 0x24, 0x5, 0x7, 0x2, 0x100, 0xffffff7f, 0x4, 0xa23, 0x8, 0x0, 0x800, 0x2, 0xfffff800, 0x6, 0x2, 0x8, 0x4, 0x8, 0x9, 0x8e5, 0x7, 0x6, 0x400, 0x0, 0xbc, 0x5, 0xe9c, 0x5, 0x1, 0xff, 0x5, 0x8000, 0x9, 0x5ea, 0x6, 0x5, 0x4, 0x8, 0xffffffff, 0x38000, 0x8, 0x2, 0x81, 0x2, 0xe, 0xc, 0xb2, 0x5, 0xffffffff, 0x5, 0x2, 0x7, 0x1, 0x4, 0x1, 0x3, 0x7fff, 0x5, 0x100, 0x1000, 0xa51c, 0x2, 0x8, 0x9, 0x8, 0x6, 0x6630, 0x7, 0x4, 0x7, 0x2, 0x4, 0xdd1d, 0x2, 0x0, 0x25, 0x3, 0x8, 0xff, 0x8, 0x7ff, 0x81, 0x7, 0x7, 0x7, 0x8, 0x5, 0xffffff96, 0x1900, 0x2, 0x2, 0x44, 0x3, 0x800, 0xffffffff, 0x10001, 0xf3, 0x6, 0x6, 0x4e0a325e, 0x1, 0x400, 0xd, 0x4, 0x85, 0x3, 0x38, 0x2, 0x7, 0x89a3, 0x2b, 0x898, 0x7, 0x1a8b, 0x0, 0x9, 0x6, 0x0, 0x0, 0xffff, 0x380c, 0x7, 0xf, 0xfffffffb, 0x9, 0xf, 0x2, 0xa, 0x3, 0xff, 0x80000000, 0x2, 0x8, 0x6, 0x5, 0x7, 0x6, 0x80, 0x5, 0x220f, 0x2, 0x2, 0x0, 0x8000, 0xe844, 0x9, 0x3, 0x6, 0x5, 0x2, 0xd76d, 0x0, 0x3c7, 0x1, 0x2, 0x7, 0xcacf, 0x4, 0x80, 0x3, 0x2d0, 0x1, 0x3, 0xa15, 0x1ff, 0xbb, 0xfffffffd, 0x7, 0x384, 0x2, 0x80, 0xc, 0x80, 0x8, 0xfffffff9, 0x6, 0x3, 0x3, 0x8, 0xb25, 0x9, 0x7, 0xffffff96, 0x7fff, 0x8001, 0x6b71ae0f, 0x6, 0x9664, 0x9, 0x2, 0x9, 0xfffffff9, 0x5, 0x400, 0x6, 0x5, 0x9f4, 0x101, 0x8, 0x3ff, 0x1, 0x3, 0x9, 0x4c, 0x2, 0x4, 0xffff1223, 0x7fff, 0x2, 0xfffffffe, 0x0, 0x5, 0xfec, 0x120000, 0x6, 0x4, 0x3, 0x3d, 0xe, 0x81, 0xa, 0x2f73d58b, 0x1, 0x8, 0x6, 0xfffffff9, 0x9, 0x2, 0x1, 0x69d4, 0x7ff, 0x17af16ec, 0x1ff, 0x1, 0x1, 0x35f, 0x3, 0x43, 0x4f, 0xec4, 0x9, 0x0, 0x0, 0x1, 0x7, 0x3ff, 0x9, 0x9d00, 0xff, 0x1000, 0x2, 0x65, 0x9, 0x3ff, 0x1, 0x1, 0x1000, 0x3, 0x200, 0x3, 0x10000, 0x4bd57dce, 0x1, 0xfffffffa, 0x200, 0xc00000, 0xc93c, 0xef8a, 0x1, 0x80, 0x1, 0x10001, 0x1, 0xffffffff, 0x7, 0xc35c, 0x1, 0x9, 0x7f, 0xa77, 0x4, 0x956, 0x0, 0xf, 0x9, 0x37, 0x7, 0x1000, 0x5, 0x10000, 0xfffffffb, 0x1, 0x2, 0xffff8000, 0x5, 0x2, 0x8, 0x3, 0x2, 0x80, 0x1, 0x6, 0x4, 0xffff99bb, 0x7, 0x80000001, 0x3, 0x1, 0x1, 0x6, 0x8, 0x74, 0x38de, 0x101, 0x9, 0x5, 0x1, 0xffffad65, 0x8001, 0x2, 0x7, 0x8001, 0xd, 0x1, 0x2, 0x4000000, 0x2, 0x1, 0x9, 0x3, 0xfffffff9, 0x9, 0x2, 0xb63, 0x9, 0x4ec3bf9, 0x64, 0x3, 0x5, 0x2, 0x0, 0x90, 0x7, 0xe, 0x45, 0x800, 0x7, 0x8, 0x5, 0x7, 0xb, 0x0, 0x0, 0xc64, 0x3, 0x2, 0x3, 0xbd, 0x0, 0x7, 0x5, 0x9, 0x100, 0x10, 0x1, 0x6, 0x1a, 0x9, 0x6, 0x2, 0x4, 0x98, 0x8001, 0x29f, 0x79, 0x8, 0x7, 0x6, 0x7fff, 0x9, 0x3, 0x5, 0x1d, 0xc, 0x3ff, 0x4, 0xf, 0x800, 0xdb3b, 0x10000, 0x7, 0x8, 0xffff7fff, 0x5, 0x8, 0xb, 0x0, 0xfffffffb, 0x9, 0x0, 0x1, 0x7f, 0x7, 0x83c, 0x4, 0x4, 0x2, 0x7, 0xfffffffd, 0x6, 0x101, 0x401, 0x40, 0x0, 0x80000000, 0x8, 0x6, 0x1, 0x8, 0x7, 0x7, 0x8, 0x6, 0x6, 0xfea, 0x6, 0x4, 0x1ff, 0x2, 0xc75, 0x9, 0x80000000, 0x0, 0x0, 0x7fff, 0x10002, 0x9, 0x1, 0x7, 0x982, 0x0, 0x0, 0x80000000, 0x5, 0xc0000000, 0x74, 0x100, 0x7, 0xfffffff8, 0x8, 0x8, 0x3, 0x6ccd, 0x6, 0x9, 0x4, 0x5, 0x0, 0x80000001, 0x2, 0x7, 0x9, 0xfff, 0xa5, 0x1, 0x100, 0xd, 0x100, 0x80000001, 0x8aa, 0x64, 0x9, 0x7, 0x4fa57480, 0x4, 0x7fff, 0x6], 0x0, 0x8}]})

180.036493ms ago: executing program 6 (id=4958):
syz_open_dev$usbfs(0x0, 0x800000001ff, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$udambuf(0xffffffffffffff9c, 0x0, 0x2)
memfd_create(0x0, 0x2)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000008000000f7fffff700"})
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r3 = io_uring_setup(0x7, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="140100001f000103000000004800000001"], 0x114}], 0x1}, 0x24044010)

16.242908ms ago: executing program 1 (id=4959):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
close(0xffffffffffffffff)
r1 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000700)='source', &(0x7f0000000780)='c:::/\x83\xc1\xcfD\xc4AO\x06)\xb03\xfcI\x95w\x96\x9b\xe9\xa6\x1a\x96\xael\x11\xa6\x06\xe3G\xb1\x1d$\xc2;\x8f\xf3\x13\xebB\x93\x94\x01\x8b\x88\xeb\xa3\x01\rx\x86bK&\x13a~//\x18\x14ZM\xcb\xad\x92>\xe5\x01V\xdc\x05#\x13\xe9F\xa0\x1b\xf8\xe12\xe9\x80\x988\xd8?\x86\xe9i\x7f\xa8\xe0c\x94\xc1\xae\x9c\xba\x1c\xfa\xbc\xa8\xbf\xff\xfe\xfe!\x7f2\xf1\xc7P\x80A\x1c2k\xf6}P\x19\xee:i|0\x1c\x13u\xb0I\xaa\xe3\x14\x9a\x1f\x9f(\xd1$\x06\xa8&t&A0\xa7\xef\x9cL\x8e1K', 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000000140), 0x10005}, 0x38)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x0, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000000c0)='/sys/power/disk', 0x129a02, 0x0)
sendfile(r3, r2, &(0x7f0000000080)=0xb, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x5, 0x4, 0x6, 0x4, 0x0, 0xffffffffffffffff, 0x3}, 0x50)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)='I', 0x1, 0x0, 0x0, 0x0)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$binfmt_misc(r4, &(0x7f0000000100), 0x6)

0s ago: executing program 7 (id=4960):
syz_open_dev$usbfs(0x0, 0x800000001ff, 0x2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$udambuf(0xffffffffffffff9c, 0x0, 0x2)
memfd_create(0x0, 0x2)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000008000000f7fffff700"})
prctl$PR_SET_MM_MAP(0x23, 0xe, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r3 = io_uring_setup(0x7, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r4 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r4, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="140100001f000103000000004800000001"], 0x114}], 0x1}, 0x24044010)

kernel console output (not intermixed with test programs):

rface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1345.352134][   T24] usb 4-1: USB disconnect, device number 12
[ 1345.361390][   T24] ldusb 4-1:0.0: LD USB Device #0 now disconnected
[ 1345.371807][T22611] FAULT_INJECTION: forcing a failure.
[ 1345.371807][T22611] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1345.372495][   T48] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1345.386862][T22611] CPU: 0 UID: 0 PID: 22611 Comm: syz.1.4427 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1345.386887][T22611] Tainted: [L]=SOFTLOCKUP
[ 1345.386892][T22611] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1345.386901][T22611] Call Trace:
[ 1345.386908][T22611]  <TASK>
[ 1345.386914][T22611]  dump_stack_lvl+0x16c/0x1f0
[ 1345.386938][T22611]  should_fail_ex+0x512/0x640
[ 1345.386955][T22611]  _copy_from_iter+0x2a4/0x16c0
[ 1345.386980][T22611]  ? __alloc_skb+0x220/0x410
[ 1345.386994][T22611]  ? __alloc_skb+0x35d/0x410
[ 1345.387007][T22611]  ? __pfx__copy_from_iter+0x10/0x10
[ 1345.387027][T22611]  ? selinux_socket_getpeersec_dgram+0x1a4/0x370
[ 1345.387045][T22611]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[ 1345.387072][T22611]  netlink_sendmsg+0x820/0xdd0
[ 1345.387095][T22611]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1345.387121][T22611]  ____sys_sendmsg+0xa5d/0xc30
[ 1345.387142][T22611]  ? copy_msghdr_from_user+0x10a/0x160
[ 1345.387161][T22611]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1345.387190][T22611]  ___sys_sendmsg+0x134/0x1d0
[ 1345.387214][T22611]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1345.387256][T22611]  __sys_sendmsg+0x16d/0x220
[ 1345.387272][T22611]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1345.387302][T22611]  do_syscall_64+0xcd/0xf80
[ 1345.387323][T22611]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1345.387338][T22611] RIP: 0033:0x7f608f18f749
[ 1345.387351][T22611] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1345.387365][T22611] RSP: 002b:00007f608ff9f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1345.387379][T22611] RAX: ffffffffffffffda RBX: 00007f608f3e5fa0 RCX: 00007f608f18f749
[ 1345.387389][T22611] RDX: 9c281f9f6c1beafa RSI: 00002000000004c0 RDI: 0000000000000004
[ 1345.387398][T22611] RBP: 00007f608ff9f090 R08: 0000000000000000 R09: 0000000000000000
[ 1345.387411][T22611] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1345.387420][T22611] R13: 00007f608f3e6038 R14: 00007f608f3e5fa0 R15: 00007ffc037aa0b8
[ 1345.387441][T22611]  </TASK>
[ 1345.672840][T22617] FAULT_INJECTION: forcing a failure.
[ 1345.672840][T22617] name failslab, interval 1, probability 0, space 0, times 0
[ 1345.710565][T22617] CPU: 0 UID: 0 PID: 22617 Comm: syz.1.4428 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1345.710593][T22617] Tainted: [L]=SOFTLOCKUP
[ 1345.710600][T22617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1345.710610][T22617] Call Trace:
[ 1345.710617][T22617]  <TASK>
[ 1345.710624][T22617]  dump_stack_lvl+0x16c/0x1f0
[ 1345.710652][T22617]  should_fail_ex+0x512/0x640
[ 1345.710668][T22617]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 1345.710688][T22617]  should_failslab+0xc2/0x120
[ 1345.710710][T22617]  kmem_cache_alloc_noprof+0x83/0x770
[ 1345.710725][T22617]  ? security_file_alloc+0x34/0x2b0
[ 1345.710751][T22617]  ? security_file_alloc+0x34/0x2b0
[ 1345.710770][T22617]  security_file_alloc+0x34/0x2b0
[ 1345.710794][T22617]  init_file+0x93/0x4c0
[ 1345.710808][T22617]  alloc_empty_file+0x73/0x1e0
[ 1345.710821][T22617]  path_openat+0xde/0x3140
[ 1345.710837][T22617]  ? do_syscall_64+0xcd/0xf80
[ 1345.710855][T22617]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1345.710874][T22617]  ? __pfx_path_openat+0x10/0x10
[ 1345.710895][T22617]  ? __lock_acquire+0x436/0x2890
[ 1345.710913][T22617]  do_filp_open+0x20b/0x470
[ 1345.710931][T22617]  ? __pfx_do_filp_open+0x10/0x10
[ 1345.710962][T22617]  ? _raw_spin_unlock+0x28/0x50
[ 1345.710981][T22617]  ? alloc_fd+0x471/0x7d0
[ 1345.711004][T22617]  do_sys_openat2+0x121/0x290
[ 1345.711016][T22617]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1345.711029][T22617]  ? __fget_files+0x20e/0x3c0
[ 1345.711051][T22617]  __x64_sys_creat+0xcc/0x120
[ 1345.711063][T22617]  ? __pfx___x64_sys_creat+0x10/0x10
[ 1345.711075][T22617]  ? __pfx_ksys_write+0x10/0x10
[ 1345.711093][T22617]  ? rcu_is_watching+0x12/0xc0
[ 1345.711105][T22617]  ? do_syscall_64+0x91/0xf80
[ 1345.711126][T22617]  do_syscall_64+0xcd/0xf80
[ 1345.711144][T22617]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1345.711156][T22617] RIP: 0033:0x7f608f18f749
[ 1345.711167][T22617] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1345.711180][T22617] RSP: 002b:00007f608ff5d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[ 1345.711194][T22617] RAX: ffffffffffffffda RBX: 00007f608f3e6180 RCX: 00007f608f18f749
[ 1345.711203][T22617] RDX: 0000000000000000 RSI: 0000000000000108 RDI: 00002000000001c0
[ 1345.711210][T22617] RBP: 00007f608ff5d090 R08: 0000000000000000 R09: 0000000000000000
[ 1345.711218][T22617] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1345.711226][T22617] R13: 00007f608f3e6218 R14: 00007f608f3e6180 R15: 00007ffc037aa0b8
[ 1345.711244][T22617]  </TASK>
[ 1345.732583][   T48] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1345.980725][   T48] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1345.989224][   T48] usb 3-1: Product: syz
[ 1345.993459][   T48] usb 3-1: Manufacturer: syz
[ 1345.998138][   T48] usb 3-1: SerialNumber: syz
[ 1346.004723][   T48] usb 3-1: config 0 descriptor??
[ 1346.022909][   T48] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -22
[ 1346.193484][T21433] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[ 1346.358190][T21433] usb 8-1: config 1 has an invalid descriptor of length 32, skipping remainder of the config
[ 1346.512696][ T5896] usb 7-1: new high-speed USB device number 76 using dummy_hcd
[ 1346.541809][T21433] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1346.583124][T21433] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1346.584520][   T48] usb 3-1: USB disconnect, device number 67
[ 1346.592530][T21433] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1346.610397][T21433] usb 8-1: SerialNumber: syz
[ 1346.685286][ T5896] usb 7-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1346.697833][ T5896] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1346.749636][ T5896] usb 7-1: config 0 descriptor??
[ 1346.856017][T21433] usb 8-1: 0:2 : does not exist
[ 1346.889897][T21433] usb 8-1: USB disconnect, device number 14
[ 1346.957733][ T5896] udl 7-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1347.209392][ T5896] [drm] Initialized udl 0.0.1 for 7-1:0.0 on minor 2
[ 1347.239468][ T5896] [drm] Initialized udl on minor 2
[ 1347.394284][ T5896] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed
[ 1347.423990][T22645] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4436'.
[ 1347.516205][ T5896] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[ 1347.618858][T21433] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1347.619108][   T48] usb 7-1: USB disconnect, device number 76
[ 1347.666774][T21433] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[ 1347.701749][T22648] FAULT_INJECTION: forcing a failure.
[ 1347.701749][T22648] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1347.741481][   T30] audit: type=1800 audit(6059954220.713:1924): pid=22640 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=collect_data cause=failed comm="syz.3.4435" name="bus" dev="ramfs" ino=94209 res=0 errno=0
[ 1347.742556][T22648] CPU: 1 UID: 0 PID: 22648 Comm: syz.1.4437 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1347.742579][T22648] Tainted: [L]=SOFTLOCKUP
[ 1347.742584][T22648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1347.742592][T22648] Call Trace:
[ 1347.742598][T22648]  <TASK>
[ 1347.742604][T22648]  dump_stack_lvl+0x16c/0x1f0
[ 1347.742629][T22648]  should_fail_ex+0x512/0x640
[ 1347.742646][T22648]  _copy_to_user+0x32/0xd0
[ 1347.742669][T22648]  simple_read_from_buffer+0xcb/0x170
[ 1347.742692][T22648]  proc_fail_nth_read+0x197/0x240
[ 1347.742708][T22648]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1347.742726][T22648]  ? rw_verify_area+0xcf/0x6c0
[ 1347.742741][T22648]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1347.742757][T22648]  vfs_read+0x1e4/0xcf0
[ 1347.742775][T22648]  ? __pfx___mutex_lock+0x10/0x10
[ 1347.742798][T22648]  ? __pfx_vfs_read+0x10/0x10
[ 1347.742820][T22648]  ? __fget_files+0x20e/0x3c0
[ 1347.742846][T22648]  ksys_read+0x12a/0x250
[ 1347.742863][T22648]  ? __pfx_ksys_read+0x10/0x10
[ 1347.742881][T22648]  ? fput+0x70/0xf0
[ 1347.742897][T22648]  do_syscall_64+0xcd/0xf80
[ 1347.742919][T22648]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1347.742934][T22648] RIP: 0033:0x7f608f18e15c
[ 1347.742947][T22648] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1347.742960][T22648] RSP: 002b:00007f608ff9f030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1347.742975][T22648] RAX: ffffffffffffffda RBX: 00007f608f3e5fa0 RCX: 00007f608f18e15c
[ 1347.742984][T22648] RDX: 000000000000000f RSI: 00007f608ff9f0a0 RDI: 0000000000000003
[ 1347.742993][T22648] RBP: 00007f608ff9f090 R08: 0000000000000000 R09: 0000000000000000
[ 1347.743001][T22648] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1347.743010][T22648] R13: 00007f608f3e6038 R14: 00007f608f3e5fa0 R15: 00007ffc037aa0b8
[ 1347.743031][T22648]  </TASK>
[ 1349.166306][T22672] FAULT_INJECTION: forcing a failure.
[ 1349.166306][T22672] name failslab, interval 1, probability 0, space 0, times 0
[ 1349.218156][T22672] CPU: 0 UID: 0 PID: 22672 Comm: syz.2.4444 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1349.218187][T22672] Tainted: [L]=SOFTLOCKUP
[ 1349.218198][T22672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1349.218209][T22672] Call Trace:
[ 1349.218215][T22672]  <TASK>
[ 1349.218223][T22672]  dump_stack_lvl+0x16c/0x1f0
[ 1349.218252][T22672]  should_fail_ex+0x512/0x640
[ 1349.218268][T22672]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[ 1349.218289][T22672]  should_failslab+0xc2/0x120
[ 1349.218312][T22672]  kmem_cache_alloc_lru_noprof+0x87/0x770
[ 1349.218329][T22672]  ? selinux_socket_create+0xf0/0x540
[ 1349.218353][T22672]  ? sock_alloc_inode+0x25/0x1c0
[ 1349.218380][T22672]  ? __pfx_sock_alloc_inode+0x10/0x10
[ 1349.218403][T22672]  ? sock_alloc_inode+0x25/0x1c0
[ 1349.218424][T22672]  sock_alloc_inode+0x25/0x1c0
[ 1349.218444][T22672]  alloc_inode+0x64/0x240
[ 1349.218465][T22672]  sock_alloc+0x40/0x280
[ 1349.218486][T22672]  __sock_create+0xc2/0x8a0
[ 1349.218509][T22672]  ? crng_fast_key_erasure+0x1ce/0x250
[ 1349.218536][T22672]  udp_sock_create6+0xc7/0x6a0
[ 1349.218561][T22672]  ? __pfx_udp_sock_create6+0x10/0x10
[ 1349.218588][T22672]  ? crng_make_state+0x46e/0x6c0
[ 1349.218611][T22672]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1349.218633][T22672]  ? crng_make_state+0x48e/0x6c0
[ 1349.218660][T22672]  rxrpc_open_socket+0x20c/0x6b0
[ 1349.218679][T22672]  ? __pfx_rxrpc_open_socket+0x10/0x10
[ 1349.218711][T22672]  ? rcu_is_watching+0x12/0xc0
[ 1349.218732][T22672]  rxrpc_lookup_local+0xa01/0x1220
[ 1349.218754][T22672]  ? __pfx_rxrpc_lookup_local+0x10/0x10
[ 1349.218774][T22672]  ? __local_bh_enable_ip+0xa4/0x120
[ 1349.218802][T22672]  rxrpc_sendmsg+0x37e/0x680
[ 1349.218826][T22672]  ____sys_sendmsg+0xa5d/0xc30
[ 1349.218852][T22672]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1349.218888][T22672]  ___sys_sendmsg+0x134/0x1d0
[ 1349.218909][T22672]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1349.218960][T22672]  __sys_sendmsg+0x16d/0x220
[ 1349.218980][T22672]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1349.219016][T22672]  do_syscall_64+0xcd/0xf80
[ 1349.219041][T22672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1349.219058][T22672] RIP: 0033:0x7fb676f8f749
[ 1349.219071][T22672] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1349.219087][T22672] RSP: 002b:00007fb677eaf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1349.219104][T22672] RAX: ffffffffffffffda RBX: 00007fb6771e5fa0 RCX: 00007fb676f8f749
[ 1349.219115][T22672] RDX: 000000002000bcc0 RSI: 0000200000000080 RDI: 0000000000000003
[ 1349.219125][T22672] RBP: 00007fb677eaf090 R08: 0000000000000000 R09: 0000000000000000
[ 1349.219135][T22672] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1349.219145][T22672] R13: 00007fb6771e6038 R14: 00007fb6771e5fa0 R15: 00007ffff2310b48
[ 1349.219170][T22672]  </TASK>
[ 1349.219238][T22672] socket: no more sockets
[ 1349.933418][   T48] usb 3-1: new full-speed USB device number 68 using dummy_hcd
[ 1349.973466][ T5933] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[ 1350.125321][   T30] audit: type=1804 audit(6059954223.113:1925): pid=22682 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.1.4447" name="/newroot/267/file0" dev="tmpfs" ino=1413 res=1 errno=0
[ 1350.150795][T22682] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[ 1350.160199][T22682] ref_ctr increment failed for inode: 0x585 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888036a84980
[ 1350.160393][ T5933] usb 4-1: config 0 has no interfaces?
[ 1350.175515][   T48] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 0, changing to 4
[ 1350.192312][ T5933] usb 4-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1350.213056][T22683] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[ 1350.222001][T22683] ref_ctr decrement failed for inode: 0x585 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888036a84980
[ 1350.223031][   T48] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1350.233246][ T5933] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1350.257729][   T48] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1350.268534][   T48] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1350.277942][   T48] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1350.277992][ T5933] usb 4-1: config 0 descriptor??
[ 1350.288974][   T48] usb 3-1: Product: syz
[ 1350.297712][   T48] usb 3-1: Manufacturer: syz
[ 1350.302502][T22683] uprobe: syz.1.4447:22683 failed to unregister, leaking uprobe
[ 1350.303544][   T48] usb 3-1: SerialNumber: syz
[ 1350.386187][   T48] usb 3-1: config 0 descriptor??
[ 1350.397357][   T48] usb 3-1: selecting invalid altsetting 0
[ 1350.457547][T22687] FAULT_INJECTION: forcing a failure.
[ 1350.457547][T22687] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1350.478591][T22687] CPU: 0 UID: 0 PID: 22687 Comm: syz.6.4449 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1350.478619][T22687] Tainted: [L]=SOFTLOCKUP
[ 1350.478626][T22687] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1350.478635][T22687] Call Trace:
[ 1350.478641][T22687]  <TASK>
[ 1350.478648][T22687]  dump_stack_lvl+0x16c/0x1f0
[ 1350.478676][T22687]  should_fail_ex+0x512/0x640
[ 1350.478695][T22687]  _copy_from_iter+0x2a4/0x16c0
[ 1350.478723][T22687]  ? __alloc_skb+0x220/0x410
[ 1350.478737][T22687]  ? __alloc_skb+0x35d/0x410
[ 1350.478755][T22687]  ? __pfx__copy_from_iter+0x10/0x10
[ 1350.478775][T22687]  ? selinux_socket_getpeersec_dgram+0x1a4/0x370
[ 1350.478794][T22687]  ? __pfx_selinux_socket_getpeersec_dgram+0x10/0x10
[ 1350.478820][T22687]  netlink_sendmsg+0x820/0xdd0
[ 1350.478843][T22687]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1350.478873][T22687]  ____sys_sendmsg+0xa5d/0xc30
[ 1350.478895][T22687]  ? copy_msghdr_from_user+0x10a/0x160
[ 1350.478913][T22687]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1350.478942][T22687]  ___sys_sendmsg+0x134/0x1d0
[ 1350.478961][T22687]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1350.479008][T22687]  __sys_sendmsg+0x16d/0x220
[ 1350.479027][T22687]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1350.479059][T22687]  do_syscall_64+0xcd/0xf80
[ 1350.479082][T22687]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1350.479097][T22687] RIP: 0033:0x7f6e2df8f749
[ 1350.479112][T22687] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1350.479127][T22687] RSP: 002b:00007f6e2ee6c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1350.479143][T22687] RAX: ffffffffffffffda RBX: 00007f6e2e1e5fa0 RCX: 00007f6e2df8f749
[ 1350.479154][T22687] RDX: 0000000000000000 RSI: 0000200000000140 RDI: 0000000000000006
[ 1350.479164][T22687] RBP: 00007f6e2ee6c090 R08: 0000000000000000 R09: 0000000000000000
[ 1350.479174][T22687] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1350.479190][T22687] R13: 00007f6e2e1e6038 R14: 00007f6e2e1e5fa0 R15: 00007ffdbf1eadf8
[ 1350.479213][T22687]  </TASK>
[ 1350.704571][T14337] usb 4-1: USB disconnect, device number 13
[ 1350.747810][   T48] usb 3-1: USB disconnect, device number 68
[ 1350.753955][T22693] program syz.7.4450 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1350.820586][   T30] audit: type=1400 audit(6059954223.803:1926): avc:  denied  { ioctl } for  pid=22692 comm="syz.7.4450" path="socket:[94350]" dev="sockfs" ino=94350 ioctlcmd=0x9411 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[ 1350.962076][T22696] syzkaller0: entered promiscuous mode
[ 1350.968321][T22696] syzkaller0: entered allmulticast mode
[ 1350.995950][T22696] netlink: 44 bytes leftover after parsing attributes in process `syz.7.4451'.
[ 1351.137925][T22703] batadv_slave_1: entered promiscuous mode
[ 1352.251773][T22716] input: syz0 as /devices/virtual/input/input76
[ 1352.513370][T21433] usb 3-1: new full-speed USB device number 69 using dummy_hcd
[ 1353.100328][T21433] usb 3-1: config 0 interface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1353.116000][T21433] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1353.125127][T21433] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1353.135821][T21433] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1353.145953][T21433] usb 3-1: Product: syz
[ 1353.150256][T21433] usb 3-1: Manufacturer: syz
[ 1353.168846][T21433] usb 3-1: SerialNumber: syz
[ 1353.264865][T22735] FAULT_INJECTION: forcing a failure.
[ 1353.264865][T22735] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1353.287914][T21433] usb 3-1: config 0 descriptor??
[ 1353.294366][T22735] CPU: 0 UID: 0 PID: 22735 Comm: syz.3.4461 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1353.294396][T22735] Tainted: [L]=SOFTLOCKUP
[ 1353.294403][T22735] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1353.294413][T22735] Call Trace:
[ 1353.294420][T22735]  <TASK>
[ 1353.294430][T22735]  dump_stack_lvl+0x16c/0x1f0
[ 1353.294459][T22735]  should_fail_ex+0x512/0x640
[ 1353.294480][T22735]  _copy_to_user+0x32/0xd0
[ 1353.294508][T22735]  simple_read_from_buffer+0xcb/0x170
[ 1353.294535][T22735]  proc_fail_nth_read+0x197/0x240
[ 1353.294555][T22735]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1353.294575][T22735]  ? rw_verify_area+0xcf/0x6c0
[ 1353.294594][T22735]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1353.294612][T22735]  vfs_read+0x1e4/0xcf0
[ 1353.294634][T22735]  ? __pfx___mutex_lock+0x10/0x10
[ 1353.294661][T22735]  ? __pfx_vfs_read+0x10/0x10
[ 1353.294689][T22735]  ? __fget_files+0x20e/0x3c0
[ 1353.294721][T22735]  ksys_read+0x12a/0x250
[ 1353.294741][T22735]  ? __pfx_ksys_read+0x10/0x10
[ 1353.294761][T22735]  ? rcu_is_watching+0x12/0xc0
[ 1353.294784][T22735]  do_syscall_64+0xcd/0xf80
[ 1353.294810][T22735]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1353.294828][T22735] RIP: 0033:0x7f6ac038e15c
[ 1353.294843][T22735] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1353.294860][T22735] RSP: 002b:00007f6ac113e030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1353.294877][T22735] RAX: ffffffffffffffda RBX: 00007f6ac05e6090 RCX: 00007f6ac038e15c
[ 1353.294889][T22735] RDX: 000000000000000f RSI: 00007f6ac113e0a0 RDI: 0000000000000003
[ 1353.294899][T22735] RBP: 00007f6ac113e090 R08: 0000000000000000 R09: 0000000000000000
[ 1353.294909][T22735] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[ 1353.294919][T22735] R13: 00007f6ac05e6128 R14: 00007f6ac05e6090 R15: 00007ffef358dfd8
[ 1353.294945][T22735]  </TASK>
[ 1353.407517][T22729] overlay: Unknown parameter 'fsuuid'
[ 1353.453829][T21433] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -22
[ 1353.512495][   T30] audit: type=1326 audit(6059954226.493:1927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22736 comm="syz.3.4462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ac038f749 code=0x7ffc0000
[ 1353.555331][   T30] audit: type=1326 audit(6059954226.493:1928): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22736 comm="syz.3.4462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ac038f749 code=0x7ffc0000
[ 1353.586690][T21433] usb 3-1: USB disconnect, device number 69
[ 1353.602036][   T30] audit: type=1326 audit(6059954226.543:1929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22736 comm="syz.3.4462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f6ac0346357 code=0x7ffc0000
[ 1353.626142][   T30] audit: type=1326 audit(6059954226.543:1930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22736 comm="syz.3.4462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f6ac03463b6 code=0x7ffc0000
[ 1353.689671][   T30] audit: type=1326 audit(6059954226.543:1931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22736 comm="syz.3.4462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=315 compat=0 ip=0x7f6ac038f749 code=0x7ffc0000
[ 1353.713853][   T30] audit: type=1326 audit(6059954226.543:1932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22736 comm="syz.3.4462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ac038f749 code=0x7ffc0000
[ 1353.742485][   T30] audit: type=1326 audit(6059954226.543:1933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22736 comm="syz.3.4462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ac038f749 code=0x7ffc0000
[ 1353.766462][   T30] audit: type=1326 audit(6059954226.543:1934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22736 comm="syz.3.4462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f6ac038f749 code=0x7ffc0000
[ 1353.790126][   T30] audit: type=1326 audit(6059954226.543:1935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22736 comm="syz.3.4462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ac038f749 code=0x7ffc0000
[ 1353.814609][   T30] audit: type=1326 audit(6059954226.543:1936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=22736 comm="syz.3.4462" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6ac038f749 code=0x7ffc0000
[ 1353.843317][   T48] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[ 1354.111903][   T48] usb 8-1: Using ep0 maxpacket: 8
[ 1354.126412][   T48] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1354.146526][   T48] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1354.180789][   T48] usb 8-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b
[ 1354.190070][   T48] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1354.233287][   T24] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[ 1354.347620][   T48] usb 8-1: config 0 descriptor??
[ 1354.389705][   T48] hso 8-1:0.0: Can't find BULK IN endpoint
[ 1354.432131][   T24] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1354.497437][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1354.533079][   T24] usb 4-1: config 0 descriptor??
[ 1354.585328][T22741] netlink: 'syz.7.4463': attribute type 1 has an invalid length.
[ 1354.640946][T22741] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1354.745666][   T24] udl 4-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1354.759562][T22763] comedi comedi4: comedi_config --init_data is deprecated
[ 1354.830673][T22766] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[ 1354.837598][T22766] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[ 1355.333816][T14337] usb 3-1: new full-speed USB device number 70 using dummy_hcd
[ 1355.380874][T22774] xt_CONNSECMARK: invalid mode: 66
[ 1356.064912][   T24] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2
[ 1356.083591][   T24] [drm] Initialized udl on minor 2
[ 1356.210162][  T790] usb 7-1: new low-speed USB device number 77 using dummy_hcd
[ 1356.210306][   T24] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed
[ 1356.227684][   T24] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[ 1356.338435][T14337] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 0, changing to 4
[ 1356.356987][T14337] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1356.380973][T14337] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1356.387707][  T790] usb 7-1: device descriptor read/64, error -71
[ 1356.403835][T14337] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1356.417229][T14337] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1356.426804][T14337] usb 3-1: Product: syz
[ 1356.435537][T14337] usb 3-1: Manufacturer: syz
[ 1356.435714][   T48] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1356.448197][T14337] usb 3-1: SerialNumber: syz
[ 1356.450114][T14337] usb 3-1: config 0 descriptor??
[ 1356.455788][   T24] usb 4-1: USB disconnect, device number 14
[ 1356.469027][T14337] usb 3-1: selecting invalid altsetting 0
[ 1356.484090][   T48] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[ 1356.633369][  T790] usb 7-1: new low-speed USB device number 78 using dummy_hcd
[ 1356.652471][T22783] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[ 1356.661501][T22783] ref_ctr increment failed for inode: 0x5b0 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88807ac73100
[ 1356.699855][   T24] usb 3-1: USB disconnect, device number 70
[ 1356.706098][T22783] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[ 1356.715080][T22783] ref_ctr decrement failed for inode: 0x5b0 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88807ac73100
[ 1356.726343][T22783] uprobe: syz.1.4472:22783 failed to unregister, leaking uprobe
[ 1356.793741][  T790] usb 7-1: device descriptor read/64, error -71
[ 1356.903460][  T790] usb usb7-port1: attempt power cycle
[ 1357.119714][   T24] usb 8-1: USB disconnect, device number 15
[ 1357.423410][   T48] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[ 1357.643435][   T48] usb 2-1: Using ep0 maxpacket: 32
[ 1357.643432][  T790] usb 7-1: new low-speed USB device number 79 using dummy_hcd
[ 1357.657309][   T48] usb 2-1: config 0 has an invalid interface number: 136 but max is 0
[ 1357.703322][  T790] usb 7-1: device descriptor read/8, error -71
[ 1357.740171][   T48] usb 2-1: config 0 has no interface number 0
[ 1357.752287][   T48] usb 2-1: config 0 interface 136 altsetting 0 bulk endpoint 0xA has invalid maxpacket 32
[ 1357.769296][   T48] usb 2-1: New USB device found, idVendor=10cf, idProduct=8063, bcdDevice=d1.d2
[ 1357.778732][T22795] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.4474' sets config #1
[ 1357.788182][   T48] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1357.797831][   T48] usb 2-1: Product: syz
[ 1357.801995][   T48] usb 2-1: Manufacturer: syz
[ 1357.807872][   T48] usb 2-1: SerialNumber: syz
[ 1357.814888][   T48] usb 2-1: config 0 descriptor??
[ 1357.824043][T22790] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1357.885114][T22795] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4474'.
[ 1357.895551][   T48] comedi comedi5: driver 'vmk80xx' has successfully auto-configured 'K8061 (VM140)'.
[ 1357.993279][   T24] usb 8-1: new high-speed USB device number 16 using dummy_hcd
[ 1358.067270][T22787] syz_tun: entered allmulticast mode
[ 1358.244687][   T24] usb 8-1: Using ep0 maxpacket: 8
[ 1358.256609][   T24] usb 8-1: config index 0 descriptor too short (expected 30, got 18)
[ 1358.274309][   T24] usb 8-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[ 1358.289797][   T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1358.307448][   T24] usb 8-1: Product: syz
[ 1358.316851][   T24] usb 8-1: Manufacturer: syz
[ 1358.326682][   T24] usb 8-1: SerialNumber: syz
[ 1358.341599][   T24] usb 8-1: config 0 descriptor??
[ 1358.356297][   T24] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[ 1358.372992][   T24] usb 8-1: setting power ON
[ 1358.383233][   T24] dvb-usb: bulk message failed: -22 (2/0)
[ 1358.397002][   T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1358.418474][   T24] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[ 1358.443459][   T24] usb 8-1: media controller created
[ 1358.970409][T22794] dvb-usb: bulk message failed: -22 (3/0)
[ 1359.029265][T22794] cxusb: i2c wr: len=80 is too big!
[ 1359.029265][T22794] 
[ 1359.274768][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1359.295038][   T24] usb 8-1: selecting invalid altsetting 6
[ 1359.300905][   T24] usb 8-1: digital interface selection failed (-22)
[ 1359.307609][   T24] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[ 1359.318580][   T24] usb 8-1: setting power OFF
[ 1359.324145][   T24] dvb-usb: bulk message failed: -22 (2/0)
[ 1359.329959][   T24] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[ 1359.339361][   T24] (NULL device *): no alternate interface
[ 1359.554576][T22816] hfsplus: unable to find HFS+ superblock
[ 1359.994295][T22790] syz_tun: left allmulticast mode
[ 1360.030228][T21054] usb 2-1: USB disconnect, device number 4
[ 1360.289680][ T3845] Bluetooth: hci4: Frame reassembly failed (-84)
[ 1361.090244][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1361.102992][T22841] hfsplus: unable to find HFS+ superblock
[ 1361.695034][   T48] usb 7-1: new full-speed USB device number 81 using dummy_hcd
[ 1361.917599][T22853] fuse: Bad value for 'fd'
[ 1361.937182][   T48] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 0, changing to 4
[ 1361.974016][   T48] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1362.013286][   T48] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1362.013300][T14337] usb 3-1: new high-speed USB device number 71 using dummy_hcd
[ 1362.041068][T22853] SELinux: ebitmap: truncated map
[ 1362.080953][T22853] SELinux: failed to load policy
[ 1362.091266][   T48] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1362.120950][   T48] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1362.153839][   T48] usb 7-1: Product: syz
[ 1362.166992][   T48] usb 7-1: Manufacturer: syz
[ 1362.181235][   T48] usb 7-1: SerialNumber: syz
[ 1362.213632][   T48] usb 7-1: config 0 descriptor??
[ 1362.259434][   T48] usb 7-1: selecting invalid altsetting 0
[ 1362.284051][ T5826] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1362.334951][T14337] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1362.712476][T14337] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1362.745337][T14337] usb 3-1: config 0 descriptor??
[ 1362.788663][   T48] usb 7-1: USB disconnect, device number 81
[ 1362.953668][T14337] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1363.133270][T21054] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[ 1363.171131][T14337] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2
[ 1363.178219][T14337] [drm] Initialized udl on minor 2
[ 1363.295851][T21054] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1363.321146][T21054] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1363.356285][T21054] usb 4-1: config 0 descriptor??
[ 1363.358517][T14337] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed
[ 1363.372306][T14337] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[ 1363.600400][T21054] udl 4-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1363.602387][T22868] netlink: 96 bytes leftover after parsing attributes in process `syz.6.4494'.
[ 1363.634025][T21433] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1363.634687][   T48] usb 3-1: USB disconnect, device number 71
[ 1363.642020][T21433] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[ 1363.950527][T21054] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 3
[ 1363.972440][T21054] [drm] Initialized udl on minor 3
[ 1364.053533][T21054] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed
[ 1364.062076][T21054] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[ 1364.809086][ T5946] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1364.809302][  T790] usb 4-1: USB disconnect, device number 15
[ 1364.834493][ T5946] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[ 1365.333301][  T790] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[ 1365.495296][  T790] usb 2-1: Using ep0 maxpacket: 8
[ 1365.529523][  T790] usb 2-1: config index 0 descriptor too short (expected 30, got 18)
[ 1365.584727][  T790] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[ 1365.663604][  T790] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1365.703314][  T790] usb 2-1: Product: syz
[ 1365.715911][  T790] usb 2-1: Manufacturer: syz
[ 1365.745158][  T790] usb 2-1: SerialNumber: syz
[ 1365.773180][  T790] usb 2-1: config 0 descriptor??
[ 1365.797409][  T790] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[ 1365.829027][  T790] usb 2-1: setting power ON
[ 1365.845921][  T790] dvb-usb: bulk message failed: -22 (2/0)
[ 1365.869207][  T790] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1365.905373][  T790] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[ 1365.936950][  T790] usb 2-1: media controller created
[ 1365.991528][T22908] netlink: 'syz.2.4502': attribute type 1 has an invalid length.
[ 1365.992990][  T790] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1366.023442][T22908] netlink: 244 bytes leftover after parsing attributes in process `syz.2.4502'.
[ 1366.056643][T22908] NCSI netlink: No device for ifindex 0
[ 1366.086431][  T790] usb 2-1: selecting invalid altsetting 6
[ 1366.101361][  T790] usb 2-1: digital interface selection failed (-22)
[ 1366.119158][  T790] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[ 1366.162986][  T790] usb 2-1: setting power OFF
[ 1366.175937][  T790] dvb-usb: bulk message failed: -22 (2/0)
[ 1366.189695][  T790] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[ 1366.201526][  T790] (NULL device *): no alternate interface
[ 1366.251582][  T790] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[ 1366.312354][  T790] usb 2-1: USB disconnect, device number 5
[ 1367.011183][T22922] FAULT_INJECTION: forcing a failure.
[ 1367.011183][T22922] name failslab, interval 1, probability 0, space 0, times 0
[ 1367.039451][T22922] CPU: 0 UID: 0 PID: 22922 Comm: syz.1.4507 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1367.039483][T22922] Tainted: [L]=SOFTLOCKUP
[ 1367.039489][T22922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1367.039498][T22922] Call Trace:
[ 1367.039505][T22922]  <TASK>
[ 1367.039512][T22922]  dump_stack_lvl+0x16c/0x1f0
[ 1367.039543][T22922]  should_fail_ex+0x512/0x640
[ 1367.039560][T22922]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 1367.039581][T22922]  should_failslab+0xc2/0x120
[ 1367.039603][T22922]  kmem_cache_alloc_noprof+0x83/0x770
[ 1367.039621][T22922]  ? security_file_alloc+0x34/0x2b0
[ 1367.039650][T22922]  ? security_file_alloc+0x34/0x2b0
[ 1367.039673][T22922]  security_file_alloc+0x34/0x2b0
[ 1367.039698][T22922]  init_file+0x93/0x4c0
[ 1367.039715][T22922]  alloc_empty_file+0x73/0x1e0
[ 1367.039733][T22922]  path_openat+0xde/0x3140
[ 1367.039755][T22922]  ? do_syscall_64+0xcd/0xf80
[ 1367.039778][T22922]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1367.039808][T22922]  ? __pfx_path_openat+0x10/0x10
[ 1367.039841][T22922]  do_filp_open+0x20b/0x470
[ 1367.039865][T22922]  ? __pfx_do_filp_open+0x10/0x10
[ 1367.039907][T22922]  ? alloc_fd+0x471/0x7d0
[ 1367.039938][T22922]  do_sys_openat2+0x121/0x290
[ 1367.039956][T22922]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1367.039975][T22922]  ? __fget_files+0x20e/0x3c0
[ 1367.040009][T22922]  __x64_sys_openat+0x174/0x210
[ 1367.040027][T22922]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1367.040043][T22922]  ? ksys_write+0x1ac/0x250
[ 1367.040072][T22922]  do_syscall_64+0xcd/0xf80
[ 1367.040098][T22922]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1367.040114][T22922] RIP: 0033:0x7f608f18f749
[ 1367.040129][T22922] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1367.040145][T22922] RSP: 002b:00007f608ff7e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1367.040163][T22922] RAX: ffffffffffffffda RBX: 00007f608f3e6090 RCX: 00007f608f18f749
[ 1367.040175][T22922] RDX: 000000000000c100 RSI: 0000200000000400 RDI: ffffffffffffff9c
[ 1367.040185][T22922] RBP: 00007f608ff7e090 R08: 0000000000000000 R09: 0000000000000000
[ 1367.040195][T22922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1367.040206][T22922] R13: 00007f608f3e6128 R14: 00007f608f3e6090 R15: 00007ffc037aa0b8
[ 1367.040230][T22922]  </TASK>
[ 1368.770150][T22933] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 1369.293379][T14337] usb 3-1: new full-speed USB device number 72 using dummy_hcd
[ 1369.524684][T14337] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 1369.543354][T21433] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[ 1370.437865][T14337] usb 3-1: config 0 has no interface number 0
[ 1370.450035][T14337] usb 3-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[ 1370.460784][T14337] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1370.546464][T21433] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[ 1370.586382][T14337] usb 3-1: config 0 descriptor??
[ 1370.606170][T21433] usb 2-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3
[ 1370.628684][T14337] usb 3-1: selecting invalid altsetting 1
[ 1370.653571][T21433] usb 2-1: Product: syz
[ 1370.660808][T21433] usb 2-1: Manufacturer: syz
[ 1370.668001][T14337] dvb_ttusb_budget: ttusb_init_controller: error
[ 1370.694513][T14337] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[ 1370.713185][T21433] usb 2-1: SerialNumber: syz
[ 1370.726663][T21433] usb 2-1: config 0 descriptor??
[ 1370.776328][T21433] ch341 2-1:0.0: ch341-uart converter detected
[ 1370.891182][T22956] netlink: 12 bytes leftover after parsing attributes in process `syz.7.4517'.
[ 1371.190416][T14337] DVB: Unable to find symbol cx22700_attach()
[ 1371.322350][T14337] DVB: Unable to find symbol tda10046_attach()
[ 1371.357000][T14337] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[ 1371.444970][T14337] usb 3-1: USB disconnect, device number 72
[ 1371.456601][T22964] netlink: 8 bytes leftover after parsing attributes in process `syz.7.4518'.
[ 1371.504208][T22964] netlink: 'syz.7.4518': attribute type 3 has an invalid length.
[ 1372.857380][T21433] ch341-uart ttyUSB0: failed to read break control: -110
[ 1372.873301][T21433] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -110
[ 1372.979283][T14017] usb 2-1: USB disconnect, device number 6
[ 1373.034233][T14017] ch341 2-1:0.0: device disconnected
[ 1373.503682][T14017] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[ 1373.559579][T22982] netlink: 16 bytes leftover after parsing attributes in process `syz.7.4523'.
[ 1373.707181][T14017] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1373.749581][T14017] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1373.798365][T14017] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1373.833297][T14017] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1373.876393][T14017] usb 2-1: Manufacturer: syz
[ 1373.908983][T14017] usb 2-1: config 0 descriptor??
[ 1375.893492][T14017] uclogic 0003:256C:006D.0025: failed retrieving string descriptor #200: -71
[ 1376.051611][T14017] uclogic 0003:256C:006D.0025: failed retrieving pen parameters: -71
[ 1376.069804][T14017] uclogic 0003:256C:006D.0025: failed probing pen v2 parameters: -71
[ 1376.078075][T14017] uclogic 0003:256C:006D.0025: failed probing parameters: -71
[ 1376.087690][T14017] uclogic 0003:256C:006D.0025: probe with driver uclogic failed with error -71
[ 1376.853260][   T30] kauditd_printk_skb: 67 callbacks suppressed
[ 1376.853277][   T30] audit: type=1400 audit(6059954249.793:2004): avc:  denied  { bind } for  pid=23004 comm="syz.2.4527" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_rdma_socket permissive=1
[ 1376.912778][T14017] usb 2-1: USB disconnect, device number 7
[ 1377.742981][   T30] audit: type=1804 audit(6059954250.723:2005): pid=23014 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.4529" name="/newroot/222/file0" dev="tmpfs" ino=1192 res=1 errno=0
[ 1377.743964][T23014] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[ 1377.808935][T23014] ref_ctr increment failed for inode: 0x4a8 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888031249880
[ 1377.881043][T23019] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[ 1377.904964][T23019] ref_ctr decrement failed for inode: 0x4a8 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888031249880
[ 1378.013531][T23019] uprobe: syz.3.4529:23019 failed to unregister, leaking uprobe
[ 1378.559588][T23021] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4533'.
[ 1378.803300][T21433] usb 7-1: new high-speed USB device number 82 using dummy_hcd
[ 1378.983370][T21433] usb 7-1: Using ep0 maxpacket: 16
[ 1378.991025][T21433] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[ 1379.025269][T21433] usb 7-1: config 0 has no interface number 0
[ 1379.458940][T21433] usb 7-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[ 1379.493160][T21433] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1379.536793][T21433] usb 7-1: Product: syz
[ 1379.552445][T21433] usb 7-1: Manufacturer: syz
[ 1379.561505][T23032] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4530'.
[ 1379.587177][T21433] usb 7-1: SerialNumber: syz
[ 1379.742004][T21433] usb 7-1: config 0 descriptor??
[ 1380.121631][T21433] gspca_main: spca1528-2.14.0 probing 04fc:1528
[ 1380.754559][T21433] gspca_spca1528: reg_w err -71
[ 1380.787016][   T30] audit: type=1804 audit(6059954253.773:2006): pid=23045 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.4537" name="/newroot/224/file0" dev="tmpfs" ino=1203 res=1 errno=0
[ 1380.812379][T23045] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[ 1380.823307][T21433] spca1528 7-1:0.1: probe with driver spca1528 failed with error -71
[ 1380.846661][T23045] ref_ctr increment failed for inode: 0x4b3 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8880282b6200
[ 1380.871682][T21433] usb 7-1: USB disconnect, device number 82
[ 1380.927172][T23047] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[ 1380.943365][T23047] ref_ctr decrement failed for inode: 0x4b3 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8880282b6200
[ 1380.976578][T23047] uprobe: syz.3.4537:23047 failed to unregister, leaking uprobe
[ 1381.224554][T23052] fuse: Bad value for 'fd'
[ 1381.653978][T23051] SELinux: ebitmap: truncated map
[ 1381.708184][T23051] SELinux: failed to load policy
[ 1383.638501][T23068] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4542'.
[ 1386.590426][T23092] fuse: Bad value for 'fd'
[ 1387.532543][T23099] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4548'.
[ 1387.543016][T23094] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[ 1387.581407][T23094] SELinux: failed to load policy
[ 1389.221846][T23131] netlink: 'syz.3.4558': attribute type 2 has an invalid length.
[ 1389.234543][T23131] ‚#{6c: entered promiscuous mode
[ 1389.399531][T17773] Bluetooth: (null): Invalid header checksum
[ 1389.558846][ T5999] Bluetooth: (null): Invalid header checksum
[ 1389.593660][ T3845] Bluetooth: (null): Invalid header checksum
[ 1389.958500][T16428] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[ 1390.108144][T23135] netlink: 'syz.6.4545': attribute type 21 has an invalid length.
[ 1390.120533][T23135] netlink: 156 bytes leftover after parsing attributes in process `syz.6.4545'.
[ 1390.167854][T23135] netlink: 'syz.6.4545': attribute type 21 has an invalid length.
[ 1390.192400][T16428] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1390.211444][T23135] netlink: 156 bytes leftover after parsing attributes in process `syz.6.4545'.
[ 1390.332688][T16428] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1390.372298][T16428] usb 3-1: config 0 descriptor??
[ 1391.040041][T16428] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1392.076914][T16428] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2
[ 1392.083782][T16428] [drm] Initialized udl on minor 2
[ 1392.093258][T16428] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed
[ 1392.109916][T16428] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[ 1392.432254][   T48] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1392.445501][T16428] usb 3-1: USB disconnect, device number 73
[ 1392.565636][   T48] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[ 1393.252394][T23174] fuse: Bad value for 'fd'
[ 1393.477371][T23175] SELinux: ebitmap: truncated map
[ 1393.517089][T23175] SELinux: failed to load policy
[ 1395.306508][   T30] audit: type=1804 audit(6059954268.283:2007): pid=23191 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.4568" name="/newroot/233/file0" dev="tmpfs" ino=1254 res=1 errno=0
[ 1395.308257][T23191] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[ 1395.339668][T23191] ref_ctr increment failed for inode: 0x4e6 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88807bb43100
[ 1395.442201][T23192] bridge3: entered promiscuous mode
[ 1395.447538][T23192] bridge3: entered allmulticast mode
[ 1395.645851][T23193] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4573'.
[ 1396.820132][T23184] IPVS: fo: UDP 224.0.0.2:0 - no destination available
[ 1397.943724][T23204] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1397.952207][T23204] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1398.032314][T23207] nfs: Unknown parameter '&[#'
[ 1398.733295][T19126] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[ 1398.923783][T19126] usb 2-1: device descriptor read/64, error -71
[ 1399.583292][T19126] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[ 1399.603687][T23215] netlink: 'syz.6.4579': attribute type 21 has an invalid length.
[ 1399.616089][T23215] netlink: 156 bytes leftover after parsing attributes in process `syz.6.4579'.
[ 1399.634203][T23215] netlink: 'syz.6.4579': attribute type 21 has an invalid length.
[ 1399.642145][T23215] netlink: 156 bytes leftover after parsing attributes in process `syz.6.4579'.
[ 1399.733297][T19126] usb 2-1: device descriptor read/64, error -71
[ 1399.856804][T19126] usb usb2-port1: attempt power cycle
[ 1400.613684][T19126] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[ 1400.706633][T19126] usb 2-1: device descriptor read/8, error -71
[ 1400.944396][T23240] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1400.952887][T23240] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1401.093389][T19126] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[ 1401.113647][   T30] audit: type=1804 audit(6059954274.103:2008): pid=23231 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.4583" name="/newroot/478/file0" dev="tmpfs" ino=2526 res=1 errno=0
[ 1401.121914][T23231] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[ 1401.153217][T23231] ref_ctr increment failed for inode: 0x9de offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888077cbee40
[ 1401.363289][T19126] usb 2-1: device not accepting address 11, error -71
[ 1401.375868][T19126] usb usb2-port1: unable to enumerate USB device
[ 1401.429300][T23231] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[ 1401.448584][T23231] ref_ctr decrement failed for inode: 0x9de offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888077cbee40
[ 1401.463358][T23231] uprobe: syz.2.4583:23231 failed to unregister, leaking uprobe
[ 1402.191819][   T30] audit: type=1400 audit(6059954275.173:2009): avc:  denied  { ioctl } for  pid=23251 comm="syz.6.4589" path="/dev/cpu/0/msr" dev="devtmpfs" ino=87 ioctlcmd=0x6615 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[ 1402.504796][T23261] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4590'.
[ 1402.535401][T23261] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1402.544217][T23261] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1403.385074][T23268] fuse: Bad value for 'fd'
[ 1403.574095][T23272] SELinux:  policydb magic number 0x7 does not match expected magic number 0xf97cff8c
[ 1403.583915][T23272] SELinux: failed to load policy
[ 1404.823391][T16428] usb 7-1: new high-speed USB device number 83 using dummy_hcd
[ 1405.125320][T16428] usb 7-1: config 1 has an invalid descriptor of length 32, skipping remainder of the config
[ 1405.142366][T16428] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1405.168079][T16428] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1405.182941][T16428] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1405.198688][T16428] usb 7-1: SerialNumber: syz
[ 1405.341004][   T30] audit: type=1804 audit(6059954278.323:2010): pid=23296 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.4600" name="/newroot/483/file0" dev="tmpfs" ino=2554 res=1 errno=0
[ 1405.365763][T23296] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[ 1405.376438][T23296] ref_ctr increment failed for inode: 0x9fa offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888028151880
[ 1405.387683][T14017] usb 4-1: new full-speed USB device number 16 using dummy_hcd
[ 1405.397900][T23295] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[ 1405.408808][T23295] ref_ctr decrement failed for inode: 0x9fa offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888028151880
[ 1405.429245][T16428] usb 7-1: 0:2 : does not exist
[ 1405.437015][T23295] uprobe: syz.2.4600:23295 failed to unregister, leaking uprobe
[ 1405.451863][T16428] usb 7-1: unit 5 not found!
[ 1405.501463][T16428] usb 7-1: USB disconnect, device number 83
[ 1405.569019][T14017] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 0, changing to 4
[ 1405.582616][T14017] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 15380, setting to 1023
[ 1405.594138][T14017] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1405.606526][T14017] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1405.616312][T14017] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1405.625256][T14017] usb 4-1: Product: syz
[ 1405.654675][T23299] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1405.663156][T14017] usb 4-1: Manufacturer: syz
[ 1405.670188][T23299] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1405.679491][T14017] usb 4-1: SerialNumber: syz
[ 1405.701176][T14017] usb 4-1: config 0 descriptor??
[ 1405.710315][T14017] usb 4-1: selecting invalid altsetting 0
[ 1406.036089][T23294] usb 4-1: cannot submit urb 0, error -2: endpoint not enabled
[ 1406.055513][T14017] usb 4-1: USB disconnect, device number 16
[ 1406.721428][   T30] audit: type=1804 audit(6059954279.703:2011): pid=23311 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.1.4605" name="/newroot/301/file0" dev="tmpfs" ino=1594 res=1 errno=0
[ 1406.745533][T23311] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[ 1406.756316][T23311] ref_ctr increment failed for inode: 0x63a offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888028153d40
[ 1406.781479][T23313] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[ 1406.790584][T23313] ref_ctr decrement failed for inode: 0x63a offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888028153d40
[ 1406.802975][T23313] uprobe: syz.1.4605:23313 failed to unregister, leaking uprobe
[ 1406.863516][T23327] netlink: 'syz.7.4614': attribute type 10 has an invalid length.
[ 1406.879834][T23327] bond0: (slave wlan1): Opening slave failed
[ 1406.900336][T23330] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[ 1406.927673][T23326] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1406.943376][T23330] block device autoloading is deprecated and will be removed.
[ 1407.084507][T19126] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[ 1407.143375][T14017] usb 3-1: new full-speed USB device number 74 using dummy_hcd
[ 1407.269748][T19126] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1407.279353][T19126] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1407.301411][T19126] usb 4-1: config 0 descriptor??
[ 1407.334298][T14017] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1407.348041][T14017] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1407.363769][T14017] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1407.372961][T14017] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1407.381835][T14017] usb 3-1: Product: syz
[ 1407.387422][T14017] usb 3-1: Manufacturer: syz
[ 1407.392219][T14017] usb 3-1: SerialNumber: syz
[ 1407.417667][T14017] usb 3-1: config 0 descriptor??
[ 1407.450726][T14017] usb 3-1: selecting invalid altsetting 0
[ 1407.626505][T19126] udl 4-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1407.772204][  T790] usb 3-1: USB disconnect, device number 74
[ 1408.056641][T19126] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2
[ 1408.072994][T19126] [drm] Initialized udl on minor 2
[ 1408.084143][T19126] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed
[ 1408.143503][T19126] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[ 1408.366871][   T30] audit: type=1804 audit(6059954281.353:2012): pid=23343 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.1.4618" name="/newroot/303/file0" dev="tmpfs" ino=1605 res=1 errno=0
[ 1408.391157][T23343] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[ 1408.399943][T23343] ref_ctr increment failed for inode: 0x645 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888077d0ee40
[ 1408.417888][T14386] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1408.418253][T14017] usb 4-1: USB disconnect, device number 17
[ 1408.454325][T23343] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[ 1408.463074][T23343] ref_ctr decrement failed for inode: 0x645 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888077d0ee40
[ 1408.474306][T23343] uprobe: syz.1.4618:23343 failed to unregister, leaking uprobe
[ 1408.482904][T14386] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[ 1408.663326][T21289] usb 7-1: new full-speed USB device number 84 using dummy_hcd
[ 1408.856958][T23358] FAULT_INJECTION: forcing a failure.
[ 1408.856958][T23358] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1408.858296][T21289] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 0, changing to 4
[ 1408.870505][T23358] CPU: 0 UID: 0 PID: 23358 Comm: syz.2.4624 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1408.870529][T23358] Tainted: [L]=SOFTLOCKUP
[ 1408.870535][T23358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1408.870544][T23358] Call Trace:
[ 1408.870549][T23358]  <TASK>
[ 1408.870555][T23358]  dump_stack_lvl+0x16c/0x1f0
[ 1408.870581][T23358]  should_fail_ex+0x512/0x640
[ 1408.870598][T23358]  should_fail_alloc_page+0xe7/0x130
[ 1408.870618][T23358]  prepare_alloc_pages+0x401/0x670
[ 1408.870642][T23358]  __alloc_frozen_pages_noprof+0x18b/0x2430
[ 1408.870665][T23358]  ? stack_trace_save+0x8e/0xc0
[ 1408.870682][T23358]  ? __pfx_stack_trace_save+0x10/0x10
[ 1408.870697][T23358]  ? stack_depot_save_flags+0x29/0x9b0
[ 1408.870719][T23358]  ? bpf_ksym_find+0x127/0x1c0
[ 1408.870742][T23358]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1408.870755][T23358]  ? __kasan_kmalloc+0xaa/0xb0
[ 1408.870771][T23358]  ? copy_splice_read+0x1a8/0xc20
[ 1408.870791][T23358]  ? splice_direct_to_actor+0x2a1/0xa30
[ 1408.870816][T23358]  ? do_splice_direct+0x174/0x240
[ 1408.870834][T23358]  ? do_sendfile+0xb06/0xe50
[ 1408.870850][T23358]  ? __x64_sys_sendfile64+0x1d8/0x220
[ 1408.870870][T23358]  ? do_syscall_64+0xcd/0xf80
[ 1408.870888][T23358]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1408.870921][T23358]  alloc_pages_bulk_noprof+0x77a/0x1410
[ 1408.870944][T23358]  ? __pfx_alloc_pages_bulk_noprof+0x10/0x10
[ 1408.870967][T23358]  ? copy_splice_read+0x1a8/0xc20
[ 1408.870991][T23358]  copy_splice_read+0x1e1/0xc20
[ 1408.871020][T23358]  ? __pfx_copy_splice_read+0x10/0x10
[ 1408.871042][T23358]  ? look_up_lock_class+0x59/0x130
[ 1408.871065][T23358]  ? lockdep_init_map_type+0x5c/0x270
[ 1408.871084][T23358]  ? __pfx_pipe_lock_cmp_fn+0x10/0x10
[ 1408.871104][T23358]  ? __pfx_copy_splice_read+0x10/0x10
[ 1408.871123][T23358]  do_splice_read+0x285/0x370
[ 1408.871145][T23358]  splice_direct_to_actor+0x2a1/0xa30
[ 1408.871167][T23358]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1408.871191][T23358]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1408.871219][T23358]  do_splice_direct+0x174/0x240
[ 1408.871240][T23358]  ? __pfx_do_splice_direct+0x10/0x10
[ 1408.871260][T23358]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1408.871284][T23358]  ? rw_verify_area+0xcf/0x6c0
[ 1408.871302][T23358]  do_sendfile+0xb06/0xe50
[ 1408.871323][T23358]  ? __pfx_do_sendfile+0x10/0x10
[ 1408.871349][T23358]  __x64_sys_sendfile64+0x1d8/0x220
[ 1408.871370][T23358]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1408.871398][T23358]  do_syscall_64+0xcd/0xf80
[ 1408.871418][T23358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1408.871432][T23358] RIP: 0033:0x7fb676f8f749
[ 1408.871446][T23358] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1408.871460][T23358] RSP: 002b:00007fb677e8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1408.871475][T23358] RAX: ffffffffffffffda RBX: 00007fb6771e6090 RCX: 00007fb676f8f749
[ 1408.871484][T23358] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000004
[ 1408.871493][T23358] RBP: 00007fb677e8e090 R08: 0000000000000000 R09: 0000000000000000
[ 1408.871501][T23358] R10: 000000000000106f R11: 0000000000000246 R12: 0000000000000001
[ 1408.871510][T23358] R13: 00007fb6771e6128 R14: 00007fb6771e6090 R15: 00007ffff2310b48
[ 1408.871531][T23358]  </TASK>
[ 1409.492532][T21289] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 15380, setting to 1023
[ 1409.507498][T21289] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1409.554910][T21289] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1409.608391][T21289] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1409.657423][T23362] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4625'.
[ 1409.666483][T21289] usb 7-1: Product: syz
[ 1409.671492][T21289] usb 7-1: Manufacturer: syz
[ 1409.834395][T21289] usb 7-1: SerialNumber: syz
[ 1409.903807][T21289] usb 7-1: config 0 descriptor??
[ 1409.927849][T21289] usb 7-1: selecting invalid altsetting 0
[ 1410.445785][T21289] usb 7-1: USB disconnect, device number 84
[ 1410.463313][ T5875] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[ 1410.838437][ T5875] usb 2-1: config 0 has no interfaces?
[ 1410.850329][ T5875] usb 2-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1410.867722][ T5875] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1410.890529][ T5875] usb 2-1: config 0 descriptor??
[ 1411.188548][T21289] usb 2-1: USB disconnect, device number 12
[ 1411.293295][ T5875] usb 7-1: new high-speed USB device number 85 using dummy_hcd
[ 1411.443275][ T5875] usb 7-1: Using ep0 maxpacket: 8
[ 1411.452087][ T5875] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1411.492937][ T5875] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1411.538214][ T5875] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1411.579787][ T5875] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1411.639777][ T5875] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1411.689320][ T5875] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1411.959036][ T5875] usb 7-1: GET_CAPABILITIES returned 0
[ 1412.521900][ T5875] usbtmc 7-1:16.0: can't read capabilities
[ 1412.561128][ T5875] usb 7-1: USB disconnect, device number 85
[ 1413.853122][T23414] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.4639' sets config #1
[ 1413.916011][T23418] binder: 23417:23418 ioctl c0046209 0 returned -22
[ 1414.337137][   T30] audit: type=1326 audit(6059954287.323:2013): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23420 comm="syz.1.4642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608f18f749 code=0x7ffc0000
[ 1414.391127][   T30] audit: type=1326 audit(6059954287.323:2014): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23420 comm="syz.1.4642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608f18f749 code=0x7ffc0000
[ 1414.473328][   T30] audit: type=1326 audit(6059954287.323:2015): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23420 comm="syz.1.4642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f608f18f749 code=0x7ffc0000
[ 1414.534955][   T30] audit: type=1326 audit(6059954287.323:2016): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23420 comm="syz.1.4642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608f18f749 code=0x7ffc0000
[ 1414.594549][   T30] audit: type=1326 audit(6059954287.323:2017): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23420 comm="syz.1.4642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608f18f749 code=0x7ffc0000
[ 1414.660128][   T30] audit: type=1326 audit(6059954287.323:2018): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23420 comm="syz.1.4642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=113 compat=0 ip=0x7f608f18f749 code=0x7ffc0000
[ 1414.786782][   T30] audit: type=1326 audit(6059954287.323:2019): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23420 comm="syz.1.4642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608f18f749 code=0x7ffc0000
[ 1414.835005][   T30] audit: type=1326 audit(6059954287.323:2020): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23420 comm="syz.1.4642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608f18f749 code=0x7ffc0000
[ 1414.898720][   T30] audit: type=1326 audit(6059954287.323:2021): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23420 comm="syz.1.4642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f608f18f749 code=0x7ffc0000
[ 1414.931475][T23414] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4639'.
[ 1415.083885][   T30] audit: type=1326 audit(6059954287.323:2022): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=23420 comm="syz.1.4642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f608f18f749 code=0x7ffc0000
[ 1415.921963][T23422] pim6reg: entered allmulticast mode
[ 1416.042497][T23422] pim6reg: left allmulticast mode
[ 1416.333885][T14386] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[ 1416.625644][T14386] usb 3-1: config 0 has no interfaces?
[ 1416.635715][T14386] usb 3-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1416.649219][T14386] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1416.664402][T14386] usb 3-1: config 0 descriptor??
[ 1416.865516][T23459] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[ 1417.103546][T14386] usb 7-1: new high-speed USB device number 86 using dummy_hcd
[ 1417.288622][T23459] ref_ctr increment failed for inode: 0x1ee offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8880282b0c40
[ 1417.313531][ T5875] usb 3-1: USB disconnect, device number 75
[ 1417.330099][T23463] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[ 1417.339353][T23463] ref_ctr decrement failed for inode: 0x1ee offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8880282b0c40
[ 1417.375996][T23463] uprobe: syz.7.4651:23463 failed to unregister, leaking uprobe
[ 1417.467400][T14386] usb 7-1: config 1 has an invalid descriptor of length 32, skipping remainder of the config
[ 1417.513434][T14386] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1417.537195][T14386] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1417.553301][T14386] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1417.571530][T14386] usb 7-1: SerialNumber: syz
[ 1417.626251][T23467] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1418.197320][T14386] usb 7-1: 0:2 : does not exist
[ 1418.238705][T14386] usb 7-1: unit 5 not found!
[ 1418.293641][T14386] usb 7-1: USB disconnect, device number 86
[ 1418.421116][T23479] openvswitch: netlink: Duplicate key (type 1).
[ 1418.593284][ T5875] usb 3-1: new high-speed USB device number 76 using dummy_hcd
[ 1418.774669][ T5875] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1418.807873][ T5875] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1418.852164][ T5875] usb 3-1: config 0 descriptor??
[ 1419.104051][ T5875] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1419.140020][T23497] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1419.562700][T23497] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1419.649410][T23500] fuse: Bad value for 'fd'
[ 1420.072697][T23500] SELinux: ebitmap: truncated map
[ 1420.127396][T23500] SELinux: failed to load policy
[ 1420.221922][ T5875] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2
[ 1420.720411][ T5875] [drm] Initialized udl on minor 2
[ 1420.975548][ T5875] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1420.984010][ T5875] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[ 1420.991107][T21289] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1421.000111][ T5875] usb 3-1: USB disconnect, device number 76
[ 1421.012817][T21289] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[ 1421.149436][T23510] fuse: Bad value for 'fd'
[ 1421.375341][T23511] SELinux: ebitmap: truncated map
[ 1421.450640][T23511] SELinux: failed to load policy
[ 1422.165674][ T5933] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[ 1422.217433][T23522] lo speed is unknown, defaulting to 1000
[ 1422.228285][T23522] lo speed is unknown, defaulting to 1000
[ 1422.260273][T23525] ./file0: Can't lookup blockdev
[ 1422.364864][ T5933] usb 4-1: config 0 has no interfaces?
[ 1422.364897][ T5933] usb 4-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1422.364918][ T5933] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1422.366678][ T5933] usb 4-1: config 0 descriptor??
[ 1422.527216][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1422.570172][ T5933] usb 4-1: USB disconnect, device number 18
[ 1422.757514][  T790] usb 7-1: new high-speed USB device number 87 using dummy_hcd
[ 1423.086553][  T790] usb 7-1: config 1 has an invalid descriptor of length 32, skipping remainder of the config
[ 1423.116878][  T790] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1423.134496][  T790] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1423.144592][  T790] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1423.162020][  T790] usb 7-1: SerialNumber: syz
[ 1423.715090][  T790] usb 7-1: 0:2 : does not exist
[ 1423.730244][  T790] usb 7-1: unit 5 not found!
[ 1423.751531][   T30] kauditd_printk_skb: 16 callbacks suppressed
[ 1423.751547][   T30] audit: type=1804 audit(6059954296.733:2039): pid=23547 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.7.4676" name="/newroot/97/file0" dev="tmpfs" ino=536 res=1 errno=0
[ 1423.784953][  T790] usb 7-1: USB disconnect, device number 87
[ 1423.793351][T23547] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[ 1423.827071][T23547] ref_ctr increment failed for inode: 0x218 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88807a7924c0
[ 1423.993426][T23553] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[ 1424.410964][T23553] ref_ctr decrement failed for inode: 0x218 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88807a7924c0
[ 1424.423069][T23553] uprobe: syz.7.4676:23553 failed to unregister, leaking uprobe
[ 1425.948639][T23574] fuse: Bad value for 'fd'
[ 1426.762800][T23574] SELinux: ebitmap: truncated map
[ 1426.798840][T23574] SELinux: failed to load policy
[ 1427.123776][   T30] audit: type=1804 audit(6059954300.113:2040): pid=23566 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.4682" name="/newroot/245/file0" dev="tmpfs" ino=1319 res=1 errno=0
[ 1427.148202][T23566] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[ 1427.156873][T23566] ref_ctr increment failed for inode: 0x527 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88807a796200
[ 1427.179692][T23566] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[ 1427.203345][T23566] ref_ctr decrement failed for inode: 0x527 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88807a796200
[ 1427.220349][T23566] uprobe: syz.3.4682:23566 failed to unregister, leaking uprobe
[ 1428.331677][T23604] IPVS: dh: FWM 3 0x00000003 - no destination available
[ 1428.686525][T23599] usb usb1: usbfs: interface 0 claimed by hub while 'syz.2.4687' sets config #1
[ 1428.973951][T23608] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1428.992356][T23608] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1433.306047][T17326] usb 7-1: new high-speed USB device number 88 using dummy_hcd
[ 1433.313314][T23648] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4700'.
[ 1433.518518][T23641] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1433.528599][T23641] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1433.994833][T17326] usb 7-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[ 1434.014514][T17326] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1434.036103][T17326] usb 7-1: config 0 descriptor??
[ 1434.062141][T17326] gspca_main: cpia1-2.14.0 probing 0813:0001
[ 1434.428792][T23667] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4709'.
[ 1434.435321][T23668] binder: 23642:23668 ioctl c04064a0 200000000880 returned -22
[ 1434.475198][T23668] binder: 23642:23668 ioctl c04064a0 2000000009c0 returned -22
[ 1434.858093][T23674] binder: 23642:23674 ioctl c04064a0 200000000c80 returned -22
[ 1434.878879][   T30] audit: type=1400 audit(6059954307.573:2041): avc:  denied  { listen } for  pid=23666 comm="syz.1.4709" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=unix_dgram_socket permissive=1
[ 1434.958030][T23668] binder: 23642:23668 ioctl b704 200000000140 returned -22
[ 1435.027318][T23674] binder: 23642:23674 unknown command 0
[ 1435.032900][T23674] binder: 23642:23674 ioctl c0306201 2000000001c0 returned -22
[ 1435.343622][T17326] gspca_cpia1: usb_control_msg 05, error -110
[ 1435.369996][T17326] gspca_cpia1: usb_control_msg 01, error -32
[ 1435.481687][T17326] gspca_cpia1: usb_control_msg 01, error -32
[ 1435.520483][T17326] gspca_cpia1: usb_control_msg 01, error -32
[ 1435.940603][T17326] gspca_cpia1: usb_control_msg 01, error -32
[ 1435.946953][T17326] cpia1 7-1:0.0: only firmware version 1 is supported (got: 0)
[ 1436.104643][T17326] usb 7-1: USB disconnect, device number 88
[ 1436.174929][   T30] audit: type=1400 audit(6059954309.163:2042): avc:  denied  { ioctl } for  pid=23685 comm="syz.6.4713" path="socket:[100718]" dev="sockfs" ino=100718 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=nfc_socket permissive=1
[ 1438.083303][T17326] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[ 1438.458204][T17326] usb 4-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[ 1438.474953][T17326] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1438.955813][T17326] usb 4-1: config 0 descriptor??
[ 1439.159642][T17326] gspca_main: cpia1-2.14.0 probing 0813:0001
[ 1439.224898][ T5875] usb 3-1: new high-speed USB device number 77 using dummy_hcd
[ 1439.544065][T23722] binder: 23695:23722 ioctl b704 200000000140 returned -22
[ 1439.635815][ T5875] usb 3-1: config 1 has an invalid descriptor of length 32, skipping remainder of the config
[ 1439.655005][T23728] netlink: 'syz.7.4725': attribute type 12 has an invalid length.
[ 1439.680431][ T5875] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1439.845487][T23734] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4723'.
[ 1440.007506][ T5875] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1440.030123][ T5875] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1440.052300][ T5875] usb 3-1: SerialNumber: syz
[ 1440.203596][T17326] gspca_cpia1: usb_control_msg 05, error -110
[ 1440.215571][T17326] gspca_cpia1: usb_control_msg 01, error -32
[ 1440.223261][T21289] usb 7-1: new high-speed USB device number 89 using dummy_hcd
[ 1440.244436][T17326] gspca_cpia1: usb_control_msg 01, error -32
[ 1440.267354][T17326] gspca_cpia1: usb_control_msg 01, error -32
[ 1440.290216][T17326] gspca_cpia1: usb_control_msg 01, error -32
[ 1440.318103][T17326] cpia1 4-1:0.0: only firmware version 1 is supported (got: 0)
[ 1440.331001][ T5875] usb 3-1: 0:2 : does not exist
[ 1440.342278][ T5875] usb 3-1: unit 5 not found!
[ 1440.383469][ T5875] usb 3-1: USB disconnect, device number 77
[ 1440.423361][T21289] usb 7-1: Using ep0 maxpacket: 16
[ 1440.435925][T21289] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[ 1440.460587][T21289] usb 7-1: config 0 has no interface number 0
[ 1440.487488][T21289] usb 7-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[ 1440.512981][T21289] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1440.542813][T21289] usb 7-1: Product: syz
[ 1440.555003][T21289] usb 7-1: Manufacturer: syz
[ 1440.568890][T21289] usb 7-1: SerialNumber: syz
[ 1440.584582][T21289] usb 7-1: config 0 descriptor??
[ 1440.604470][T21289] gspca_main: spca1528-2.14.0 probing 04fc:1528
[ 1440.657463][ T5875] usb 4-1: USB disconnect, device number 19
[ 1441.627396][T21289] gspca_spca1528: reg_w err -110
[ 1441.923309][T21289] spca1528 7-1:0.1: probe with driver spca1528 failed with error -110
[ 1442.185430][   T30] audit: type=1804 audit(6059954315.173:2043): pid=23757 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.1.4732" name="/newroot/328/file0" dev="tmpfs" ino=1736 res=1 errno=0
[ 1442.647596][T23757] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[ 1442.667594][T23757] ref_ctr increment failed for inode: 0x6c8 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8880282b1880
[ 1442.686381][T23762] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[ 1442.717761][T23762] ref_ctr decrement failed for inode: 0x6c8 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff8880282b1880
[ 1442.739396][T23762] uprobe: syz.1.4732:23762 failed to unregister, leaking uprobe
[ 1443.071844][T23697] usb 7-1: USB disconnect, device number 89
[ 1445.514265][ T5875] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[ 1445.859386][ T5875] usb 2-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[ 1446.388805][ T5875] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1446.431139][ T5875] usb 2-1: Product: syz
[ 1446.456665][ T5875] usb 2-1: Manufacturer: syz
[ 1446.480551][ T5875] usb 2-1: SerialNumber: syz
[ 1446.580130][ T5875] usb 2-1: config 0 descriptor??
[ 1446.620984][ T5875] i2c-tiny-usb 2-1:0.0: version 6d.cc found at bus 002 address 013
[ 1447.368425][ T5875]  (null): failure reading functionality
[ 1447.379787][T21611] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[ 1447.397260][ T5875] i2c i2c-2: failure reading functionality
[ 1447.412657][ T5875] i2c i2c-2: connected i2c-tiny-usb device
[ 1447.567623][T21611] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1447.583553][T21611] usb 4-1: can't read configurations, error -61
[ 1447.670227][T23831] fuse: Bad value for 'fd'
[ 1447.821643][T21611] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[ 1447.885538][T23835] SELinux: ebitmap: truncated map
[ 1447.910861][T23835] SELinux: failed to load policy
[ 1448.269435][T21611] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1448.461380][T21611] usb 4-1: can't read configurations, error -61
[ 1448.468273][T21611] usb usb4-port1: attempt power cycle
[ 1448.813431][T21611] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[ 1448.860025][T21611] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1448.913695][T21611] usb 4-1: can't read configurations, error -61
[ 1448.977803][T23839] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1448.991950][T23697] usb 2-1: USB disconnect, device number 13
[ 1449.001594][T23839] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1449.093316][T21611] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[ 1449.115768][T21611] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1449.124529][T21611] usb 4-1: can't read configurations, error -61
[ 1449.131219][T21611] usb usb4-port1: unable to enumerate USB device
[ 1449.837903][T23854] fuse: Bad value for 'group_id'
[ 1449.843030][T23854] fuse: Bad value for 'group_id'
[ 1449.853763][T23854] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1450.186729][T23866] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1450.275952][T23866] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1450.276183][T23697] usb 3-1: new high-speed USB device number 78 using dummy_hcd
[ 1450.547304][T23697] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1450.568962][T23697] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1450.605627][T23697] usb 3-1: config 0 descriptor??
[ 1450.805273][T23871] overlay: ./file0 is not a directory
[ 1450.855694][T23697] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1451.060198][T23697] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2
[ 1451.092192][T23697] [drm] Initialized udl on minor 2
[ 1451.115900][T23875] FAULT_INJECTION: forcing a failure.
[ 1451.115900][T23875] name failslab, interval 1, probability 0, space 0, times 0
[ 1451.149290][T23875] CPU: 1 UID: 0 PID: 23875 Comm: syz.6.4766 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1451.149320][T23875] Tainted: [L]=SOFTLOCKUP
[ 1451.149325][T23875] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1451.149335][T23875] Call Trace:
[ 1451.149341][T23875]  <TASK>
[ 1451.149347][T23875]  dump_stack_lvl+0x16c/0x1f0
[ 1451.149376][T23875]  should_fail_ex+0x512/0x640
[ 1451.149391][T23875]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 1451.149409][T23875]  should_failslab+0xc2/0x120
[ 1451.149429][T23875]  kmem_cache_alloc_noprof+0x83/0x770
[ 1451.149443][T23875]  ? alloc_empty_file+0x55/0x1e0
[ 1451.149457][T23875]  ? alloc_empty_file+0x55/0x1e0
[ 1451.149466][T23875]  alloc_empty_file+0x55/0x1e0
[ 1451.149477][T23875]  alloc_file_pseudo+0x13a/0x230
[ 1451.149487][T23875]  ? __pfx_alloc_file_pseudo+0x10/0x10
[ 1451.149503][T23875]  sock_alloc_file+0x50/0x210
[ 1451.149525][T23875]  do_accept+0x240/0x530
[ 1451.149558][T23875]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1451.149580][T23875]  ? __pfx_do_accept+0x10/0x10
[ 1451.149605][T23875]  __sys_accept4_file+0xcd/0x210
[ 1451.149626][T23875]  ? __pfx___sys_accept4_file+0x10/0x10
[ 1451.149647][T23875]  __x64_sys_accept4+0xd5/0x150
[ 1451.149663][T23875]  do_syscall_64+0xcd/0xf80
[ 1451.149687][T23875]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1451.149702][T23875] RIP: 0033:0x7f6e2df8f749
[ 1451.149716][T23875] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1451.149729][T23875] RSP: 002b:00007f6e2ee6c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[ 1451.149740][T23875] RAX: ffffffffffffffda RBX: 00007f6e2e1e5fa0 RCX: 00007f6e2df8f749
[ 1451.149746][T23875] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[ 1451.149752][T23875] RBP: 00007f6e2ee6c090 R08: 0000000000000000 R09: 0000000000000000
[ 1451.149759][T23875] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1451.149765][T23875] R13: 00007f6e2e1e6038 R14: 00007f6e2e1e5fa0 R15: 00007ffdbf1eadf8
[ 1451.149778][T23875]  </TASK>
[ 1451.428670][T23697] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed
[ 1451.453618][T23697] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[ 1451.654636][ T5896] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1451.654900][   T48] usb 3-1: USB disconnect, device number 78
[ 1452.070689][ T5896] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[ 1452.143972][T23886] fuse: Bad value for 'fd'
[ 1452.228951][T23886] SELinux: ebitmap: truncated map
[ 1452.240217][T23886] SELinux: failed to load policy
[ 1453.123278][ T5896] usb 7-1: new high-speed USB device number 90 using dummy_hcd
[ 1453.644900][ T5896] usb 7-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1453.675957][ T5896] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1453.690193][ T5896] usb 7-1: config 0 descriptor??
[ 1453.900826][ T5896] udl 7-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1454.855601][ T5896] [drm] Initialized udl 0.0.1 for 7-1:0.0 on minor 2
[ 1455.069825][ T5896] [drm] Initialized udl on minor 2
[ 1456.161670][ T5896] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1456.170245][ T5896] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[ 1456.177307][T14386] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1456.185246][T14386] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[ 1456.194925][ T5896] usb 7-1: USB disconnect, device number 90
[ 1456.223281][T23697] usb 4-1: new full-speed USB device number 24 using dummy_hcd
[ 1456.815995][T23697] usb 4-1: config 0 has an invalid interface number: 205 but max is 0
[ 1456.824244][T23697] usb 4-1: config 0 has no interface number 0
[ 1456.837049][T23697] usb 4-1: New USB device found, idVendor=0403, idProduct=fa78, bcdDevice=59.e2
[ 1456.846177][T23697] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1456.857752][T23697] usb 4-1: Product: syz
[ 1456.863294][T23697] usb 4-1: Manufacturer: syz
[ 1456.867903][T23697] usb 4-1: SerialNumber: syz
[ 1456.874615][T23697] usb 4-1: config 0 descriptor??
[ 1456.883932][T23697] ftdi_sio 4-1:0.205: FTDI USB Serial Device converter detected
[ 1456.896088][T23697] ftdi_sio ttyUSB0: unknown device type: 0x59e2
[ 1457.097787][T23916] netlink: 'syz.3.4777': attribute type 1 has an invalid length.
[ 1457.161814][T23930] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1457.199211][T23916] netlink: 96 bytes leftover after parsing attributes in process `syz.3.4777'.
[ 1457.216698][T23916] netlink: 1 bytes leftover after parsing attributes in process `syz.3.4777'.
[ 1457.247337][T23916] netlink: 'syz.3.4777': attribute type 1 has an invalid length.
[ 1457.273701][T23930] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1457.285871][T23916] netlink: 'syz.3.4777': attribute type 8 has an invalid length.
[ 1457.311862][T23916] netlink: 606 bytes leftover after parsing attributes in process `syz.3.4777'.
[ 1457.321772][   T30] audit: type=1804 audit(6059954330.303:2044): pid=23929 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.7.4782" name="/newroot/120/file0" dev="tmpfs" ino=659 res=1 errno=0
[ 1457.356850][T23934] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4784'.
[ 1457.366224][T23929] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[ 1457.366244][T23929] ref_ctr increment failed for inode: 0x293 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88807bb455c0
[ 1457.387946][T23929] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[ 1457.403590][T23929] ref_ctr decrement failed for inode: 0x293 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88807bb455c0
[ 1457.430891][T14386] usb 4-1: USB disconnect, device number 24
[ 1457.439670][T23929] uprobe: syz.7.4782:23929 failed to unregister, leaking uprobe
[ 1457.454893][T14386] ftdi_sio 4-1:0.205: device disconnected
[ 1457.763899][T23944] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1457.852746][ T5896] usb 7-1: new low-speed USB device number 91 using dummy_hcd
[ 1457.985592][T23944] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1458.018075][ T5896] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[ 1458.038577][ T5896] usb 7-1: config 0 has no interface number 0
[ 1458.165598][ T5896] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1458.176705][ T5896] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[ 1458.187890][ T5896] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1458.197524][ T5896] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1458.216154][ T5896] usb 7-1: config 0 descriptor??
[ 1458.221859][T23939] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1458.234594][ T5896] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1459.225401][   T48] usb 7-1: USB disconnect, device number 91
[ 1459.344323][T23954] FAULT_INJECTION: forcing a failure.
[ 1459.344323][T23954] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1459.372057][T23954] CPU: 1 UID: 0 PID: 23954 Comm: syz.1.4788 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1459.372079][T23954] Tainted: [L]=SOFTLOCKUP
[ 1459.372082][T23954] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1459.372089][T23954] Call Trace:
[ 1459.372093][T23954]  <TASK>
[ 1459.372097][T23954]  dump_stack_lvl+0x16c/0x1f0
[ 1459.372115][T23954]  should_fail_ex+0x512/0x640
[ 1459.372128][T23954]  __kvm_read_guest_page+0x186/0x250
[ 1459.372146][T23954]  kvm_fetch_guest_virt+0x128/0x1a0
[ 1459.372164][T23954]  __do_insn_fetch_bytes+0x4fa/0x720
[ 1459.372180][T23954]  ? __pfx___do_insn_fetch_bytes+0x10/0x10
[ 1459.372193][T23954]  ? do_raw_read_unlock+0x44/0xe0
[ 1459.372209][T23954]  ? kvm_tdp_page_fault+0x47/0x3f0
[ 1459.372222][T23954]  x86_decode_insn+0xf88/0x6170
[ 1459.372244][T23954]  ? __pfx_x86_decode_insn+0x10/0x10
[ 1459.372261][T23954]  ? vmx_cache_reg+0x333/0x5e0
[ 1459.372271][T23954]  ? kvm_register_read_raw+0xe9/0x240
[ 1459.372285][T23954]  ? init_decode_cache+0xd/0x2a0
[ 1459.372300][T23954]  ? init_emulate_ctxt+0x337/0x510
[ 1459.372315][T23954]  ? __pfx_init_emulate_ctxt+0x10/0x10
[ 1459.372332][T23954]  ? rcu_qs+0x2b/0xe0
[ 1459.372344][T23954]  x86_emulate_instruction+0x838/0x1c00
[ 1459.372361][T23954]  ? __pfx_handle_io+0x10/0x10
[ 1459.372371][T23954]  handle_io+0x261/0x2b0
[ 1459.372382][T23954]  vmx_handle_exit+0x129b/0x1a00
[ 1459.372398][T23954]  vcpu_run+0x3468/0x5a80
[ 1459.372417][T23954]  ? __pfx_vcpu_run+0x10/0x10
[ 1459.372434][T23954]  ? rcu_is_watching+0x12/0xc0
[ 1459.372446][T23954]  ? kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[ 1459.372458][T23954]  kvm_arch_vcpu_ioctl_run+0xfd3/0x1860
[ 1459.372475][T23954]  kvm_vcpu_ioctl+0x76d/0x16d0
[ 1459.372493][T23954]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1459.372508][T23954]  ? __sanitizer_cov_trace_switch+0x54/0x90
[ 1459.372522][T23954]  ? do_vfs_ioctl+0x128/0x14f0
[ 1459.372535][T23954]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1459.372547][T23954]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1459.372567][T23954]  ? hook_file_ioctl_common+0x144/0x410
[ 1459.372583][T23954]  ? selinux_file_ioctl+0x180/0x270
[ 1459.372596][T23954]  ? selinux_file_ioctl+0xb4/0x270
[ 1459.372611][T23954]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[ 1459.372627][T23954]  __x64_sys_ioctl+0x18e/0x210
[ 1459.372641][T23954]  do_syscall_64+0xcd/0xf80
[ 1459.372657][T23954]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1459.372667][T23954] RIP: 0033:0x7f608f18f749
[ 1459.372677][T23954] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1459.372687][T23954] RSP: 002b:00007f608ff9f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1459.372698][T23954] RAX: ffffffffffffffda RBX: 00007f608f3e5fa0 RCX: 00007f608f18f749
[ 1459.372704][T23954] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[ 1459.372711][T23954] RBP: 00007f608ff9f090 R08: 0000000000000000 R09: 0000000000000000
[ 1459.372717][T23954] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1459.372722][T23954] R13: 00007f608f3e6038 R14: 00007f608f3e5fa0 R15: 00007ffc037aa0b8
[ 1459.372736][T23954]  </TASK>
[ 1459.892100][   T30] audit: type=1804 audit(6059954332.873:2045): pid=23957 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.4789" name="/newroot/263/file0" dev="tmpfs" ino=1421 res=1 errno=0
[ 1459.917070][T23957] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[ 1459.925801][T23957] ref_ctr increment failed for inode: 0x58d offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88802abb9880
[ 1459.937705][T23957] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[ 1459.947224][T23957] ref_ctr decrement failed for inode: 0x58d offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88802abb9880
[ 1459.958424][T23957] uprobe: syz.3.4789:23957 failed to unregister, leaking uprobe
[ 1460.643350][T23697] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[ 1460.803396][T23697] usb 3-1: device descriptor read/64, error -71
[ 1461.641666][T23697] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[ 1461.773455][T23697] usb 3-1: device descriptor read/64, error -71
[ 1462.317642][T23697] usb usb3-port1: attempt power cycle
[ 1462.373014][T24002] FAULT_INJECTION: forcing a failure.
[ 1462.373014][T24002] name failslab, interval 1, probability 0, space 0, times 0
[ 1462.412820][T24002] CPU: 1 UID: 0 PID: 24002 Comm: syz.6.4803 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1462.412850][T24002] Tainted: [L]=SOFTLOCKUP
[ 1462.412856][T24002] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1462.412866][T24002] Call Trace:
[ 1462.412872][T24002]  <TASK>
[ 1462.412879][T24002]  dump_stack_lvl+0x16c/0x1f0
[ 1462.412908][T24002]  should_fail_ex+0x512/0x640
[ 1462.412924][T24002]  ? __kmalloc_noprof+0xca/0x910
[ 1462.412952][T24002]  should_failslab+0xc2/0x120
[ 1462.412974][T24002]  __kmalloc_noprof+0xeb/0x910
[ 1462.413000][T24002]  ? video_usercopy+0x1a0/0x16c0
[ 1462.413024][T24002]  ? video_usercopy+0x1a0/0x16c0
[ 1462.413043][T24002]  ? do_vfs_ioctl+0x128/0x14f0
[ 1462.413060][T24002]  video_usercopy+0x1a0/0x16c0
[ 1462.413083][T24002]  ? __pfx___video_do_ioctl+0x10/0x10
[ 1462.413103][T24002]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1462.413128][T24002]  ? __pfx_video_usercopy+0x10/0x10
[ 1462.413168][T24002]  v4l2_ioctl+0x1bd/0x250
[ 1462.413186][T24002]  ? __pfx_v4l2_ioctl+0x10/0x10
[ 1462.413204][T24002]  __x64_sys_ioctl+0x18e/0x210
[ 1462.413223][T24002]  do_syscall_64+0xcd/0xf80
[ 1462.413248][T24002]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1462.413266][T24002] RIP: 0033:0x7f6e2df8f749
[ 1462.413280][T24002] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1462.413296][T24002] RSP: 002b:00007f6e2ee6c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1462.413313][T24002] RAX: ffffffffffffffda RBX: 00007f6e2e1e5fa0 RCX: 00007f6e2df8f749
[ 1462.413324][T24002] RDX: 0000200000000040 RSI: 00000000c0845657 RDI: 0000000000000003
[ 1462.413334][T24002] RBP: 00007f6e2ee6c090 R08: 0000000000000000 R09: 0000000000000000
[ 1462.413344][T24002] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1462.413354][T24002] R13: 00007f6e2e1e6038 R14: 00007f6e2e1e5fa0 R15: 00007ffdbf1eadf8
[ 1462.413377][T24002]  </TASK>
[ 1462.933007][T23697] usb 3-1: new high-speed USB device number 81 using dummy_hcd
[ 1462.953788][T23697] usb 3-1: device descriptor read/8, error -71
[ 1463.063429][T24011] FAULT_INJECTION: forcing a failure.
[ 1463.063429][T24011] name failslab, interval 1, probability 0, space 0, times 0
[ 1463.078881][T24011] CPU: 0 UID: 0 PID: 24011 Comm: syz.6.4809 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1463.078910][T24011] Tainted: [L]=SOFTLOCKUP
[ 1463.078915][T24011] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1463.078925][T24011] Call Trace:
[ 1463.078931][T24011]  <TASK>
[ 1463.078938][T24011]  dump_stack_lvl+0x16c/0x1f0
[ 1463.078966][T24011]  should_fail_ex+0x512/0x640
[ 1463.078980][T24011]  ? __kmalloc_noprof+0xca/0x910
[ 1463.079006][T24011]  should_failslab+0xc2/0x120
[ 1463.079026][T24011]  __kmalloc_noprof+0xeb/0x910
[ 1463.079042][T24011]  ? trace_contention_end+0xdd/0x110
[ 1463.079055][T24011]  ? __alloc_workqueue+0x112/0x1810
[ 1463.079069][T24011]  ? __alloc_workqueue+0x112/0x1810
[ 1463.079079][T24011]  __alloc_workqueue+0x112/0x1810
[ 1463.079091][T24011]  ? __pfx___mutex_lock+0x10/0x10
[ 1463.079108][T24011]  alloc_workqueue_noprof+0xd2/0x200
[ 1463.079119][T24011]  ? __pfx_alloc_workqueue_noprof+0x10/0x10
[ 1463.079131][T24011]  ? __fget_files+0x204/0x3c0
[ 1463.079151][T24011]  loop_configure+0xf86/0x15f0
[ 1463.079170][T24011]  ? stack_trace_save+0x8e/0xc0
[ 1463.079182][T24011]  ? __pfx_stack_trace_save+0x10/0x10
[ 1463.079194][T24011]  ? stack_depot_save_flags+0x29/0x9b0
[ 1463.079211][T24011]  ? __lock_acquire+0x436/0x2890
[ 1463.079225][T24011]  ? __pfx_loop_configure+0x10/0x10
[ 1463.079252][T24011]  lo_ioctl+0x271/0x1cd0
[ 1463.079270][T24011]  ? __pfx_lo_ioctl+0x10/0x10
[ 1463.079284][T24011]  ? __pfx_avc_has_extended_perms+0x10/0x10
[ 1463.079296][T24011]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1463.079311][T24011]  ? blk_get_meta_cap+0xbc/0x700
[ 1463.079324][T24011]  ? __pfx_blk_get_meta_cap+0x10/0x10
[ 1463.079338][T24011]  ? blkdev_common_ioctl+0x190/0x2b80
[ 1463.079366][T24011]  ? __pfx_lo_ioctl+0x10/0x10
[ 1463.079381][T24011]  blkdev_ioctl+0x5b0/0x6e0
[ 1463.079391][T24011]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1463.079401][T24011]  ? selinux_file_ioctl+0x180/0x270
[ 1463.079415][T24011]  ? selinux_file_ioctl+0xb4/0x270
[ 1463.079430][T24011]  ? __pfx_blkdev_ioctl+0x10/0x10
[ 1463.079440][T24011]  __x64_sys_ioctl+0x18e/0x210
[ 1463.079454][T24011]  do_syscall_64+0xcd/0xf80
[ 1463.079470][T24011]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1463.079481][T24011] RIP: 0033:0x7f6e2df8f749
[ 1463.079491][T24011] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1463.079501][T24011] RSP: 002b:00007f6e2ee6c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1463.079512][T24011] RAX: ffffffffffffffda RBX: 00007f6e2e1e5fa0 RCX: 00007f6e2df8f749
[ 1463.079518][T24011] RDX: 0000200000000500 RSI: 0000000000004c0a RDI: 0000000000000003
[ 1463.079524][T24011] RBP: 00007f6e2ee6c090 R08: 0000000000000000 R09: 0000000000000000
[ 1463.079530][T24011] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1463.079536][T24011] R13: 00007f6e2e1e6038 R14: 00007f6e2e1e5fa0 R15: 00007ffdbf1eadf8
[ 1463.079550][T24011]  </TASK>
[ 1463.412824][T23697] usb 3-1: new high-speed USB device number 82 using dummy_hcd
[ 1463.722586][T23697] usb 3-1: device not accepting address 82, error -71
[ 1463.742830][T23697] usb usb3-port1: unable to enumerate USB device
[ 1464.329779][T24027] Invalid logical block size (18)
[ 1466.581257][ T5875] usb 7-1: new full-speed USB device number 92 using dummy_hcd
[ 1466.752545][ T5875] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 0, changing to 4
[ 1466.781085][ T5875] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 15380, setting to 1023
[ 1466.801069][ T5875] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1466.824783][ T5875] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1466.851610][ T5875] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1466.871096][ T5875] usb 7-1: Product: syz
[ 1466.875283][ T5875] usb 7-1: Manufacturer: syz
[ 1466.879848][ T5875] usb 7-1: SerialNumber: syz
[ 1466.903125][ T5875] usb 7-1: config 0 descriptor??
[ 1466.924319][ T5875] usb 7-1: selecting invalid altsetting 0
[ 1467.071885][T21289] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[ 1467.210915][T21289] usb 2-1: device descriptor read/64, error -71
[ 1467.222329][T24053] usb 7-1: cannot submit urb 0, error -2: endpoint not enabled
[ 1467.269410][ T5875] usb 7-1: USB disconnect, device number 92
[ 1467.470745][T21289] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[ 1467.624140][T21289] usb 2-1: device descriptor read/64, error -71
[ 1467.783178][T21289] usb usb2-port1: attempt power cycle
[ 1468.155583][T21289] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[ 1468.227763][T21289] usb 2-1: device descriptor read/8, error -71
[ 1469.084943][T21289] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[ 1469.140810][T21289] usb 2-1: device descriptor read/8, error -71
[ 1469.160506][T24083] FAULT_INJECTION: forcing a failure.
[ 1469.160506][T24083] name failslab, interval 1, probability 0, space 0, times 0
[ 1469.189886][T24083] CPU: 0 UID: 0 PID: 24083 Comm: syz.2.4828 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1469.189914][T24083] Tainted: [L]=SOFTLOCKUP
[ 1469.189920][T24083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1469.189929][T24083] Call Trace:
[ 1469.189935][T24083]  <TASK>
[ 1469.189941][T24083]  dump_stack_lvl+0x16c/0x1f0
[ 1469.189968][T24083]  should_fail_ex+0x512/0x640
[ 1469.189983][T24083]  ? kmem_cache_alloc_noprof+0x62/0x770
[ 1469.190002][T24083]  should_failslab+0xc2/0x120
[ 1469.190022][T24083]  kmem_cache_alloc_noprof+0x83/0x770
[ 1469.190038][T24083]  ? security_file_alloc+0x34/0x2b0
[ 1469.190065][T24083]  ? security_file_alloc+0x34/0x2b0
[ 1469.190087][T24083]  security_file_alloc+0x34/0x2b0
[ 1469.190108][T24083]  init_file+0x93/0x4c0
[ 1469.190124][T24083]  alloc_empty_file+0x73/0x1e0
[ 1469.190139][T24083]  path_openat+0xde/0x3140
[ 1469.190159][T24083]  ? do_syscall_64+0xcd/0xf80
[ 1469.190178][T24083]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1469.190200][T24083]  ? __pfx_path_openat+0x10/0x10
[ 1469.190229][T24083]  do_filp_open+0x20b/0x470
[ 1469.190249][T24083]  ? __pfx_do_filp_open+0x10/0x10
[ 1469.190286][T24083]  ? alloc_fd+0x471/0x7d0
[ 1469.190313][T24083]  do_sys_openat2+0x121/0x290
[ 1469.190328][T24083]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1469.190344][T24083]  ? __fget_files+0x20e/0x3c0
[ 1469.190368][T24083]  __x64_sys_openat+0x174/0x210
[ 1469.190383][T24083]  ? __pfx___x64_sys_openat+0x10/0x10
[ 1469.190396][T24083]  ? ksys_write+0x1ac/0x250
[ 1469.190422][T24083]  do_syscall_64+0xcd/0xf80
[ 1469.190446][T24083]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1469.190462][T24083] RIP: 0033:0x7fb676f8f749
[ 1469.190475][T24083] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1469.190490][T24083] RSP: 002b:00007fb677e8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1469.190506][T24083] RAX: ffffffffffffffda RBX: 00007fb6771e6090 RCX: 00007fb676f8f749
[ 1469.190516][T24083] RDX: 0000000000880cc2 RSI: 0000200000000100 RDI: ffffffffffffff9c
[ 1469.190526][T24083] RBP: 00007fb677e8e090 R08: 0000000000000000 R09: 0000000000000000
[ 1469.190542][T24083] R10: 0000000000000020 R11: 0000000000000246 R12: 0000000000000001
[ 1469.190552][T24083] R13: 00007fb6771e6128 R14: 00007fb6771e6090 R15: 00007ffff2310b48
[ 1469.190575][T24083]  </TASK>
[ 1469.310249][T21289] usb usb2-port1: unable to enumerate USB device
[ 1470.147879][T24101] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4834'.
[ 1470.181287][T24101] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1470.192881][T24101] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1470.381709][T24096] FAULT_INJECTION: forcing a failure.
[ 1470.381709][T24096] name failslab, interval 1, probability 0, space 0, times 0
[ 1470.394592][T24096] CPU: 1 UID: 0 PID: 24096 Comm: syz.6.4832 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1470.394610][T24096] Tainted: [L]=SOFTLOCKUP
[ 1470.394614][T24096] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1470.394620][T24096] Call Trace:
[ 1470.394625][T24096]  <TASK>
[ 1470.394629][T24096]  dump_stack_lvl+0x16c/0x1f0
[ 1470.394648][T24096]  should_fail_ex+0x512/0x640
[ 1470.394658][T24096]  ? kmem_cache_alloc_lru_noprof+0x66/0x770
[ 1470.394673][T24096]  should_failslab+0xc2/0x120
[ 1470.394692][T24096]  kmem_cache_alloc_lru_noprof+0x87/0x770
[ 1470.394704][T24096]  ? __d_lookup+0x25c/0x4a0
[ 1470.394716][T24096]  ? __d_alloc+0x35/0xa80
[ 1470.394728][T24096]  ? __d_alloc+0x35/0xa80
[ 1470.394736][T24096]  __d_alloc+0x35/0xa80
[ 1470.394746][T24096]  d_alloc+0x4a/0x1e0
[ 1470.394760][T24096]  lookup_one_qstr_excl+0x175/0x250
[ 1470.394773][T24096]  start_dirop+0x59/0xb0
[ 1470.394787][T24096]  simple_start_creating+0xf4/0x100
[ 1470.394801][T24096]  ? __pfx_simple_start_creating+0x10/0x10
[ 1470.394815][T24096]  ? do_raw_spin_unlock+0x172/0x230
[ 1470.394831][T24096]  ? simple_pin_fs+0xa3/0x190
[ 1470.394845][T24096]  debugfs_start_creating.part.0+0x86/0x1c0
[ 1470.394858][T24096]  __debugfs_create_file+0xb3/0x530
[ 1470.394871][T24096]  debugfs_create_file_full+0x41/0x60
[ 1470.394884][T24096]  ? __pfx_caifdev_setup+0x10/0x10
[ 1470.394900][T24096]  ref_tracker_dir_debugfs+0x19d/0x2f0
[ 1470.394911][T24096]  ? __pfx_ref_tracker_dir_debugfs+0x10/0x10
[ 1470.394933][T24096]  ? alloc_netdev_mqs+0xd7/0x1550
[ 1470.394947][T24096]  ? lockdep_init_map_type+0x5c/0x270
[ 1470.394962][T24096]  alloc_netdev_mqs+0x314/0x1550
[ 1470.394975][T24096]  ? security_capable+0x7e/0x260
[ 1470.394990][T24096]  ldisc_open+0x155/0x970
[ 1470.395000][T24096]  ? __pfx_ldisc_open+0x10/0x10
[ 1470.395011][T24096]  ? tty_set_ldisc+0x2b8/0x780
[ 1470.395022][T24096]  ? down_write+0x14d/0x200
[ 1470.395040][T24096]  ? __pfx_ldisc_open+0x10/0x10
[ 1470.395049][T24096]  tty_ldisc_open+0x9f/0x120
[ 1470.395060][T24096]  tty_set_ldisc+0x32b/0x780
[ 1470.395073][T24096]  tty_ioctl+0xc2d/0x1650
[ 1470.395086][T24096]  ? __pfx_tty_ioctl+0x10/0x10
[ 1470.395099][T24096]  ? __pfx_ioctl_has_perm.constprop.0.isra.0+0x10/0x10
[ 1470.395118][T24096]  ? hook_file_ioctl_common+0x144/0x410
[ 1470.395133][T24096]  ? selinux_file_ioctl+0x180/0x270
[ 1470.395146][T24096]  ? selinux_file_ioctl+0xb4/0x270
[ 1470.395161][T24096]  ? __pfx_tty_ioctl+0x10/0x10
[ 1470.395174][T24096]  __x64_sys_ioctl+0x18e/0x210
[ 1470.395187][T24096]  do_syscall_64+0xcd/0xf80
[ 1470.395203][T24096]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1470.395213][T24096] RIP: 0033:0x7f6e2df8f749
[ 1470.395222][T24096] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1470.395233][T24096] RSP: 002b:00007f6e2ee2a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1470.395243][T24096] RAX: ffffffffffffffda RBX: 00007f6e2e1e6180 RCX: 00007f6e2df8f749
[ 1470.395249][T24096] RDX: 00002000000003c0 RSI: 0000000000005423 RDI: 000000000000000d
[ 1470.395255][T24096] RBP: 00007f6e2ee2a090 R08: 0000000000000000 R09: 0000000000000000
[ 1470.395261][T24096] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1470.395267][T24096] R13: 00007f6e2e1e6218 R14: 00007f6e2e1e6180 R15: 00007ffdbf1eadf8
[ 1470.395281][T24096]  </TASK>
[ 1471.005159][T24095] orangefs_mount: mount request failed with -4
[ 1472.097496][T24115] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[ 1472.106176][   T30] audit: type=1804 audit(6059954345.078:2046): pid=24115 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.6.4837" name="/newroot/539/file0" dev="tmpfs" ino=2851 res=1 errno=0
[ 1472.129366][T24115] ref_ctr increment failed for inode: 0xb23 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888036db9880
[ 1472.640874][T24121] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[ 1472.666664][T24121] ref_ctr decrement failed for inode: 0xb23 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff888036db9880
[ 1472.690348][T24121] uprobe: syz.6.4837:24121 failed to unregister, leaking uprobe
[ 1473.591910][   T30] audit: type=1804 audit(6059954346.578:2047): pid=24132 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.4842" name="/newroot/526/file0" dev="tmpfs" ino=2785 res=1 errno=0
[ 1473.593574][T24132] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: 1
[ 1473.624179][T24132] ref_ctr increment failed for inode: 0xae1 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88803124d5c0
[ 1474.280808][T24133] ref_ctr going negative. vaddr: 0x200000ffd002, curr val: -2360, delta: -1
[ 1474.294092][T24133] ref_ctr decrement failed for inode: 0xae1 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88803124d5c0
[ 1474.343715][T24133] uprobe: syz.2.4842:24133 failed to unregister, leaking uprobe
[ 1474.886458][T24149] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4847'.
[ 1475.146923][  T790] usb 7-1: new high-speed USB device number 93 using dummy_hcd
[ 1475.157630][ T5896] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[ 1475.301043][T24158] netlink: 4 bytes leftover after parsing attributes in process `syz.7.4849'.
[ 1475.423681][T24156] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1475.432213][T24156] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1475.506220][ T5896] usb 2-1: device descriptor read/64, error -71
[ 1475.513666][  T790] usb 7-1: config 220 has an invalid interface number: 76 but max is 2
[ 1475.526566][  T790] usb 7-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[ 1475.545991][  T790] usb 7-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1475.589067][  T790] usb 7-1: config 220 has no interface number 2
[ 1475.638655][  T790] usb 7-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1475.677705][  T790] usb 7-1: config 220 interface 0 has no altsetting 0
[ 1475.684506][  T790] usb 7-1: config 220 interface 76 has no altsetting 0
[ 1475.692443][  T790] usb 7-1: config 220 interface 1 has no altsetting 0
[ 1475.712668][  T790] usb 7-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1475.722694][  T790] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1475.742579][  T790] usb 7-1: Product: syz
[ 1475.752705][  T790] usb 7-1: Manufacturer: syz
[ 1475.766595][ T5896] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[ 1475.774291][  T790] usb 7-1: SerialNumber: syz
[ 1475.906556][ T5896] usb 2-1: device descriptor read/64, error -71
[ 1476.012661][  T790] uvcvideo 7-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[ 1476.020391][ T5896] usb usb2-port1: attempt power cycle
[ 1476.039261][  T790] uvcvideo 7-1:220.0: No valid video chain found.
[ 1476.058985][  T790] usb 7-1: selecting invalid altsetting 0
[ 1476.099099][  T790] usb 7-1: selecting invalid altsetting 0
[ 1476.121123][  T790] usbtest 7-1:220.1: probe with driver usbtest failed with error -22
[ 1476.171037][  T790] usb 7-1: USB disconnect, device number 93
[ 1476.425382][ T5896] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 1476.446897][ T5896] usb 2-1: device descriptor read/8, error -71
[ 1476.688922][ T5896] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[ 1476.828582][ T5896] usb 2-1: device descriptor read/8, error -71
[ 1477.008491][ T5896] usb usb2-port1: unable to enumerate USB device
[ 1479.593318][T24214] fuse: Bad value for 'fd'
[ 1480.402245][T24218] SELinux:  policydb magic number 0x0 does not match expected magic number 0xf97cff8c
[ 1480.712555][T24218] SELinux: failed to load policy
[ 1481.092003][T24232] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1481.136665][T24232] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1481.824021][T24239] fuse: Bad value for 'fd'
[ 1482.050010][T24240] SELinux: ebitmap: truncated map
[ 1482.099261][T24240] SELinux: failed to load policy
[ 1483.051507][T24255] IPVS: dh: FWM 3 0x00000003 - no destination available
[ 1483.215622][  T790] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[ 1483.243017][ T5896] usb 2-1: new full-speed USB device number 22 using dummy_hcd
[ 1483.463214][  T790] usb 4-1: Using ep0 maxpacket: 8
[ 1483.500560][  T790] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1483.584363][ T5896] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 0, changing to 4
[ 1483.744145][  T790] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1483.772658][ T5896] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 15380, setting to 1023
[ 1483.793652][  T790] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1483.812875][ T5896] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1483.819628][  T790] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1483.854001][  T790] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1483.863521][ T5896] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1483.885422][ T5896] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1483.894061][  T790] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1483.902756][ T5896] usb 2-1: Product: syz
[ 1483.908712][ T5896] usb 2-1: Manufacturer: syz
[ 1483.914933][ T5896] usb 2-1: SerialNumber: syz
[ 1483.934373][ T5896] usb 2-1: config 0 descriptor??
[ 1483.956785][ T5896] usb 2-1: selecting invalid altsetting 0
[ 1483.958409][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1484.167851][  T790] usb 4-1: GET_CAPABILITIES returned 0
[ 1484.182788][  T790] usbtmc 4-1:16.0: can't read capabilities
[ 1484.228200][T24271] usb 2-1: cannot submit urb 0, error -2: endpoint not enabled
[ 1484.242468][T21289] usb 7-1: new high-speed USB device number 94 using dummy_hcd
[ 1484.277289][   T48] usb 2-1: USB disconnect, device number 22
[ 1484.421991][ T5896] usb 4-1: USB disconnect, device number 25
[ 1484.487467][T24279] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1484.498359][T24279] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1484.507973][T21289] usb 7-1: config 0 has no interfaces?
[ 1484.513652][T21289] usb 7-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1484.522750][T21289] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1484.531907][T21289] usb 7-1: config 0 descriptor??
[ 1484.748063][ T5896] usb 7-1: USB disconnect, device number 94
[ 1485.321378][T24292] IPVS: dh: FWM 3 0x00000003 - no destination available
[ 1487.981335][T24322] fuse: Bad value for 'fd'
[ 1488.099933][T24324] SELinux: ebitmap: truncated map
[ 1488.136386][T24324] SELinux: failed to load policy
[ 1488.290500][T21289] usb 7-1: new full-speed USB device number 95 using dummy_hcd
[ 1488.463984][T21289] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 0, changing to 4
[ 1488.533967][T21289] usb 7-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 15380, setting to 1023
[ 1488.618371][T21289] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1488.666020][T21289] usb 7-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1488.725103][T21289] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1488.772589][T21289] usb 7-1: Product: syz
[ 1488.791645][T21289] usb 7-1: Manufacturer: syz
[ 1488.797221][T21289] usb 7-1: SerialNumber: syz
[ 1488.818939][T21289] usb 7-1: config 0 descriptor??
[ 1488.943335][T21289] usb 7-1: selecting invalid altsetting 0
[ 1489.319281][T24323] usb 7-1: cannot submit urb 0, error -2: endpoint not enabled
[ 1489.350167][T21289] usb 7-1: USB disconnect, device number 95
[ 1490.072876][T24347] IPVS: dh: FWM 3 0x00000003 - no destination available
[ 1490.459208][  T790] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[ 1490.997091][   T48] usb 4-1: new full-speed USB device number 26 using dummy_hcd
[ 1491.006515][  T790] usb 2-1: config 0 has no interfaces?
[ 1491.012608][  T790] usb 2-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1491.024100][  T790] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1491.039032][  T790] usb 2-1: config 0 descriptor??
[ 1491.210669][   T48] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 0, changing to 4
[ 1491.222095][   T48] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 15380, setting to 1023
[ 1491.234432][   T48] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1491.248578][   T48] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1491.260887][T21289] usb 2-1: USB disconnect, device number 23
[ 1491.319342][   T48] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1491.329442][   T48] usb 4-1: Product: syz
[ 1491.333620][   T48] usb 4-1: Manufacturer: syz
[ 1491.338237][   T48] usb 4-1: SerialNumber: syz
[ 1491.344911][   T48] usb 4-1: config 0 descriptor??
[ 1491.448538][   T48] usb 4-1: selecting invalid altsetting 0
[ 1492.050332][T24345] usb 4-1: cannot submit urb 0, error -2: endpoint not enabled
[ 1492.061679][T24364] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4908'.
[ 1492.080814][   T48] usb 4-1: USB disconnect, device number 26
[ 1493.745570][T24380] veth0_to_team: entered promiscuous mode
[ 1494.017552][T21433] usb 3-1: new full-speed USB device number 83 using dummy_hcd
[ 1494.651544][T21433] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has an invalid bInterval 0, changing to 4
[ 1494.730341][T21433] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid maxpacket 15380, setting to 1023
[ 1494.794685][T21433] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1494.830669][T21433] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1494.847051][T21433] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1494.865435][T21433] usb 3-1: Product: syz
[ 1494.875532][T21433] usb 3-1: Manufacturer: syz
[ 1494.882738][T21433] usb 3-1: SerialNumber: syz
[ 1494.900719][T21433] usb 3-1: config 0 descriptor??
[ 1494.921070][T21433] usb 3-1: selecting invalid altsetting 0
[ 1495.596836][T24404] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4918'.
[ 1495.675762][T24383] usb 3-1: cannot submit urb 0, error -2: endpoint not enabled
[ 1495.698188][T17326] usb 3-1: USB disconnect, device number 83
[ 1495.936491][T21289] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[ 1497.057430][T21289] usb 2-1: config 0 has no interfaces?
[ 1497.062956][T21289] usb 2-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1497.072059][T21289] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1497.082039][T21289] usb 2-1: config 0 descriptor??
[ 1497.277633][T21433] usb 4-1: new full-speed USB device number 27 using dummy_hcd
[ 1497.292252][T21289] usb 2-1: USB disconnect, device number 24
[ 1497.787424][T21433] usb 4-1: invalid descriptor for config index 0: type = 0x2, length = 5
[ 1497.795983][T21433] usb 4-1: can't read configurations, error -22
[ 1498.111856][T21433] usb 4-1: new full-speed USB device number 28 using dummy_hcd
[ 1498.198326][T24432] fuse: Bad value for 'fd'
[ 1498.312771][T24435] fuse: Bad value for 'fd'
[ 1498.330339][T21433] usb 4-1: invalid descriptor for config index 0: type = 0x2, length = 5
[ 1498.383609][T24436] SELinux:  policydb magic number 0x7 does not match expected magic number 0xf97cff8c
[ 1498.393925][T24436] SELinux: failed to load policy
[ 1499.095758][T21433] usb 4-1: can't read configurations, error -22
[ 1499.124017][T21433] usb usb4-port1: attempt power cycle
[ 1500.188544][T24443] Device name cannot be null; rc = [-22]
[ 1500.451060][T24460] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1500.536351][T24462] FAULT_INJECTION: forcing a failure.
[ 1500.536351][T24462] name failslab, interval 1, probability 0, space 0, times 0
[ 1500.549140][T24462] CPU: 0 UID: 0 PID: 24462 Comm: syz.2.4932 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1500.549165][T24462] Tainted: [L]=SOFTLOCKUP
[ 1500.549169][T24462] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1500.549176][T24462] Call Trace:
[ 1500.549181][T24462]  <TASK>
[ 1500.549187][T24462]  dump_stack_lvl+0x16c/0x1f0
[ 1500.549206][T24462]  should_fail_ex+0x512/0x640
[ 1500.549216][T24462]  ? __kmalloc_noprof+0xca/0x910
[ 1500.549234][T24462]  should_failslab+0xc2/0x120
[ 1500.549248][T24462]  __kmalloc_noprof+0xeb/0x910
[ 1500.549265][T24462]  ? copy_splice_read+0x1a8/0xc20
[ 1500.549298][T24462]  ? copy_splice_read+0x1a8/0xc20
[ 1500.549313][T24462]  copy_splice_read+0x1a8/0xc20
[ 1500.549329][T24462]  ? irqentry_exit+0x1dd/0x8c0
[ 1500.549343][T24462]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1500.549357][T24462]  ? __pfx_copy_splice_read+0x10/0x10
[ 1500.549380][T24462]  ? __pfx_copy_splice_read+0x10/0x10
[ 1500.549394][T24462]  do_splice_read+0x285/0x370
[ 1500.549410][T24462]  splice_direct_to_actor+0x2a1/0xa30
[ 1500.549426][T24462]  ? __pfx_direct_splice_actor+0x10/0x10
[ 1500.549443][T24462]  ? __pfx_splice_direct_to_actor+0x10/0x10
[ 1500.549463][T24462]  do_splice_direct+0x174/0x240
[ 1500.549478][T24462]  ? __pfx_do_splice_direct+0x10/0x10
[ 1500.549493][T24462]  ? __pfx_direct_file_splice_eof+0x10/0x10
[ 1500.549510][T24462]  ? rw_verify_area+0xcf/0x6c0
[ 1500.549523][T24462]  do_sendfile+0xb06/0xe50
[ 1500.549539][T24462]  ? __pfx_do_sendfile+0x10/0x10
[ 1500.549557][T24462]  __x64_sys_sendfile64+0x1d8/0x220
[ 1500.549573][T24462]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[ 1500.549590][T24462]  ? trace_irq_enable.constprop.0+0x2f/0x110
[ 1500.549606][T24462]  do_syscall_64+0xcd/0xf80
[ 1500.549621][T24462]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1500.549632][T24462] RIP: 0033:0x7fb676f8f749
[ 1500.549642][T24462] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1500.549652][T24462] RSP: 002b:00007fb677e8e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[ 1500.549662][T24462] RAX: ffffffffffffffda RBX: 00007fb6771e6090 RCX: 00007fb676f8f749
[ 1500.549668][T24462] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000004
[ 1500.549674][T24462] RBP: 00007fb677e8e090 R08: 0000000000000000 R09: 0000000000000000
[ 1500.549680][T24462] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000001
[ 1500.549686][T24462] R13: 00007fb6771e6128 R14: 00007fb6771e6090 R15: 00007ffff2310b48
[ 1500.549700][T24462]  </TASK>
[ 1500.856006][T24460] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1501.167559][T24462] batadv_slave_0: entered promiscuous mode
[ 1502.073537][   T48] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[ 1502.261710][   T48] usb 4-1: config 0 has no interfaces?
[ 1502.467495][   T48] usb 4-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1502.510703][   T48] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1502.523569][T24485] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1502.534016][   T48] usb 4-1: config 0 descriptor??
[ 1502.539679][T24485] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1502.883407][T24494] fuse: Bad value for 'fd'
[ 1502.913031][   T48] usb 4-1: USB disconnect, device number 30
[ 1502.937862][T24488] overlayfs: failed lookup in lower (newroot/154, name='file0', err=-40): overlapping layers
[ 1504.065949][T24505] IPVS: dh: FWM 3 0x00000003 - no destination available
[ 1504.570923][T24509] IPVS: dh: FWM 3 0x00000003 - no destination available
[ 1506.012661][T24522] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1506.042149][T24522] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1507.553376][T24541] FAULT_INJECTION: forcing a failure.
[ 1507.553376][T24541] name failslab, interval 1, probability 0, space 0, times 0
[ 1507.572784][T24541] CPU: 0 UID: 0 PID: 24541 Comm: syz.7.4954 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1507.572813][T24541] Tainted: [L]=SOFTLOCKUP
[ 1507.572819][T24541] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1507.572828][T24541] Call Trace:
[ 1507.572834][T24541]  <TASK>
[ 1507.572841][T24541]  dump_stack_lvl+0x16c/0x1f0
[ 1507.572868][T24541]  should_fail_ex+0x512/0x640
[ 1507.572883][T24541]  ? __kmalloc_noprof+0xca/0x910
[ 1507.572909][T24541]  should_failslab+0xc2/0x120
[ 1507.572931][T24541]  __kmalloc_noprof+0xeb/0x910
[ 1507.572957][T24541]  ? vb2_core_allocated_buffers_storage+0xc4/0x220
[ 1507.572989][T24541]  ? vb2_core_allocated_buffers_storage+0xc4/0x220
[ 1507.573014][T24541]  vb2_core_allocated_buffers_storage+0xc4/0x220
[ 1507.573041][T24541]  vb2_core_reqbufs+0x398/0xfe0
[ 1507.573073][T24541]  ? __pfx_vb2_core_reqbufs+0x10/0x10
[ 1507.573113][T24541]  __vb2_init_fileio+0x3f1/0x1100
[ 1507.573129][T24541]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1507.573152][T24541]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1507.573174][T24541]  ? __pollwait+0x271/0x460
[ 1507.573199][T24541]  vb2_core_poll+0x5ec/0x700
[ 1507.573217][T24541]  vb2_poll+0x4b/0xe0
[ 1507.573241][T24541]  vb2_fop_poll+0x10f/0x2c0
[ 1507.573267][T24541]  ? __pfx_vb2_fop_poll+0x10/0x10
[ 1507.573293][T24541]  v4l2_poll+0x163/0x320
[ 1507.573320][T24541]  ? __pfx_v4l2_poll+0x10/0x10
[ 1507.573337][T24541]  do_sys_poll+0x55c/0xdf0
[ 1507.573369][T24541]  ? __pfx_do_sys_poll+0x10/0x10
[ 1507.573416][T24541]  ? find_held_lock+0x2b/0x80
[ 1507.573441][T24541]  ? __pfx___pollwait+0x10/0x10
[ 1507.573465][T24541]  ? __pfx_pollwake+0x10/0x10
[ 1507.573526][T24541]  ? __mutex_unlock_slowpath+0x161/0x790
[ 1507.573552][T24541]  ? set_user_sigmask+0x21b/0x2b0
[ 1507.573576][T24541]  ? __pfx_set_user_sigmask+0x10/0x10
[ 1507.573598][T24541]  ? __fget_files+0x20e/0x3c0
[ 1507.573625][T24541]  __x64_sys_ppoll+0x254/0x2d0
[ 1507.573649][T24541]  ? __pfx___x64_sys_ppoll+0x10/0x10
[ 1507.573670][T24541]  ? ksys_write+0x1ac/0x250
[ 1507.573691][T24541]  ? __pfx_ksys_write+0x10/0x10
[ 1507.573719][T24541]  do_syscall_64+0xcd/0xf80
[ 1507.573743][T24541]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1507.573760][T24541] RIP: 0033:0x7fd8e0f8f749
[ 1507.573775][T24541] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1507.573791][T24541] RSP: 002b:00007fd8e1e69038 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[ 1507.573808][T24541] RAX: ffffffffffffffda RBX: 00007fd8e11e5fa0 RCX: 00007fd8e0f8f749
[ 1507.573819][T24541] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000200000000180
[ 1507.573830][T24541] RBP: 00007fd8e1e69090 R08: 0000000000000000 R09: 0000000000000000
[ 1507.573839][T24541] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1507.573849][T24541] R13: 00007fd8e11e6038 R14: 00007fd8e11e5fa0 R15: 00007ffc69daebe8
[ 1507.573874][T24541]  </TASK>
[ 1508.260310][   T31] INFO: task kworker/1:0:24 blocked for more than 143 seconds.
[ 1508.268192][   T31]       Tainted: G             L      syzkaller #0
[ 1508.274825][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1508.460323][T14386] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[ 1508.626248][   T31] task:kworker/1:0     state:D stack:18088 pid:24    tgid:24    ppid:2      task_flags:0x4208160 flags:0x00080000
[ 1508.746043][T24560] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4956'.
[ 1508.879569][   T31] Workqueue: usb_hub_wq hub_event
[ 1508.887602][   T31] Call Trace:
[ 1509.006755][   T31]  <TASK>
[ 1509.009723][   T31]  ? __schedule+0x10b9/0x6150
[ 1509.039398][   T31]  __schedule+0x1139/0x6150
[ 1509.479661][T14386] usb 4-1: config 0 has no interfaces?
[ 1509.485179][T14386] usb 4-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[ 1509.629665][   T31]  ? __lock_acquire+0x436/0x2890
[ 1509.639935][   T31]  ? __device_attach+0x1e4/0x4e0
[ 1509.645904][   T31]  ? __pfx___schedule+0x10/0x10
[ 1509.651382][   T31]  ? find_held_lock+0x2b/0x80
[ 1509.658391][   T31]  ? schedule+0x2d7/0x3a0
[ 1509.806232][   T31]  schedule+0xe7/0x3a0
[ 1509.823581][   T31]  schedule_timeout+0x257/0x290
[ 1509.859742][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1509.863984][T14386] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1509.865210][   T31]  ? mark_held_locks+0x49/0x80
[ 1509.879510][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1509.884901][   T31]  __wait_for_common+0x2fc/0x4e0
[ 1509.892109][T14386] usb 4-1: config 0 descriptor??
[ 1509.899551][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[ 1509.904964][   T31]  ? __pfx___wait_for_common+0x10/0x10
[ 1509.913006][   T31]  ? __pfx_device_del+0x10/0x10
[ 1509.917844][   T31]  ? kobject_put+0xaf/0x6f0
[ 1509.922351][   T31]  i2c_del_adapter+0x640/0x850
[ 1509.927096][   T31]  ? usb_free_stream_buffers.isra.0+0x1b8/0x2b0
[ 1509.933352][   T31]  ? __pfx_i2c_del_adapter+0x10/0x10
[ 1509.938623][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1509.943398][   T31]  ? kfree+0x27d/0x6e0
[ 1509.947457][   T31]  ? usb_urb_exit+0x1ff/0x2b0
[ 1509.952342][   T31]  dvb_usb_i2c_exit+0x9f/0xf0
[ 1509.957388][   T31]  dvb_usb_device_exit+0x334/0x580
[ 1509.962611][   T31]  ? __pfx_dvb_usb_device_exit+0x10/0x10
[ 1509.968239][   T31]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1509.973754][   T31]  cxusb_probe+0x1c9/0x7d0
[ 1509.978147][   T31]  ? mark_held_locks+0x49/0x80
[ 1509.982931][   T31]  ? __pfx_cxusb_probe+0x10/0x10
[ 1509.987843][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1509.993093][   T31]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1509.998875][   T31]  ? __pm_runtime_set_status+0x13c/0xa80
[ 1510.006345][   T31]  usb_probe_interface+0x303/0xa80
[ 1510.011543][   T31]  ? __pfx_usb_probe_interface+0x10/0x10
[ 1510.017167][   T31]  really_probe+0x241/0xb20
[ 1510.021921][   T31]  __driver_probe_device+0x1de/0x470
[ 1510.027204][   T31]  driver_probe_device+0x4c/0x1b0
[ 1510.032264][   T31]  __device_attach_driver+0x1df/0x350
[ 1510.037613][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[ 1510.043591][   T31]  bus_for_each_drv+0x159/0x1e0
[ 1510.048429][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[ 1510.053808][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1510.058986][   T31]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1510.064845][   T31]  __device_attach+0x1e4/0x4e0
[ 1510.069649][   T31]  ? __pfx___device_attach+0x10/0x10
[ 1510.074925][   T31]  ? do_raw_spin_unlock+0x172/0x230
[ 1510.080150][   T31]  device_initial_probe+0xaa/0xc0
[ 1510.085167][   T31]  bus_probe_device+0x64/0x150
[ 1510.089932][   T31]  device_add+0x116e/0x1980
[ 1510.094413][   T31]  ? __pfx_device_add+0x10/0x10
[ 1510.099237][   T31]  ? preempt_schedule_thunk+0x16/0x30
[ 1510.107932][   T31]  usb_set_configuration+0x1187/0x1e50
[ 1510.110803][T16428] usb 4-1: USB disconnect, device number 31
[ 1510.113539][   T31]  ? __pfx_usb_generic_driver_probe+0x10/0x10
[ 1510.125413][   T31]  usb_generic_driver_probe+0xb1/0x110
[ 1510.131836][   T31]  usb_probe_device+0xef/0x400
[ 1510.136603][   T31]  ? __pfx_usb_probe_device+0x10/0x10
[ 1510.142009][   T31]  really_probe+0x241/0xb20
[ 1510.146501][   T31]  __driver_probe_device+0x1de/0x470
[ 1510.151797][   T31]  ? usb_driver_applicable+0x1c7/0x220
[ 1510.157240][   T31]  driver_probe_device+0x4c/0x1b0
[ 1510.162286][   T31]  __device_attach_driver+0x1df/0x350
[ 1510.167636][   T31]  ? __pfx___device_attach_driver+0x10/0x10
[ 1510.173543][   T31]  bus_for_each_drv+0x159/0x1e0
[ 1510.178385][   T31]  ? __pfx_bus_for_each_drv+0x10/0x10
[ 1510.183779][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1510.188972][   T31]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[ 1510.194795][   T31]  __device_attach+0x1e4/0x4e0
[ 1510.199561][   T31]  ? __pfx___device_attach+0x10/0x10
[ 1510.204822][   T31]  ? do_raw_spin_unlock+0x172/0x230
[ 1510.210041][   T31]  device_initial_probe+0xaa/0xc0
[ 1510.215052][   T31]  bus_probe_device+0x64/0x150
[ 1510.219850][   T31]  device_add+0x116e/0x1980
[ 1510.224338][   T31]  ? __pfx_device_add+0x10/0x10
[ 1510.229165][   T31]  ? add_device_randomness+0xb7/0xf0
[ 1510.235824][   T31]  usb_new_device+0xd07/0x1a90
[ 1510.240841][   T31]  ? do_raw_spin_lock+0x12c/0x2b0
[ 1510.245865][   T31]  ? __pfx_usb_new_device+0x10/0x10
[ 1510.251091][   T31]  ? mark_held_locks+0x49/0x80
[ 1510.255855][   T31]  hub_event+0x313a/0x52f0
[ 1510.260327][   T31]  ? __pfx_hub_event+0x10/0x10
[ 1510.265090][   T31]  ? assoc_array_insert+0x2d50/0x3970
[ 1510.270897][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1510.275655][   T31]  process_one_work+0x9ba/0x1b20
[ 1510.280622][   T31]  ? __pfx_delayed_vfree_work+0x10/0x10
[ 1510.286151][   T31]  ? __pfx_process_one_work+0x10/0x10
[ 1510.291543][   T31]  ? assign_work+0x1a0/0x250
[ 1510.296113][   T31]  worker_thread+0x6c8/0xf10
[ 1510.300728][   T31]  ? __pfx_worker_thread+0x10/0x10
[ 1510.305821][   T31]  kthread+0x3c5/0x780
[ 1510.309900][   T31]  ? __pfx_kthread+0x10/0x10
[ 1510.314466][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1510.319245][   T31]  ? __pfx_kthread+0x10/0x10
[ 1510.323849][   T31]  ret_from_fork+0x983/0xb10
[ 1510.328414][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1510.333523][   T31]  ? __switch_to+0x7af/0x10d0
[ 1510.338178][   T31]  ? __pfx_kthread+0x10/0x10
[ 1510.343628][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1510.348386][   T31]  </TASK>
[ 1510.353107][   T31] 
[ 1510.353107][   T31] Showing all locks held in the system:
[ 1510.360966][   T31] 5 locks held by kworker/1:0/24:
[ 1510.372465][   T31]  #0: ffff888142e92548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20
[ 1510.383257][   T31]  #1: ffffc900001e7c90 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20
[ 1510.394500][   T31]  #2: ffff888143784198 (&dev->mutex){....}-{4:4}, at: hub_event+0x1c0/0x52f0
[ 1510.403417][   T31]  #3: ffff888030cdb198 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7e/0x4e0
[ 1510.412661][   T31]  #4: ffff88807c645160 (&dev->mutex){....}-{4:4}, at: __device_attach+0x7e/0x4e0
[ 1510.422247][   T31] 1 lock held by khungtaskd/31:
[ 1510.427114][   T31]  #0: ffffffff8e3c96a0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x36/0x1c0
[ 1510.436976][   T31] 2 locks held by getty/5577:
[ 1510.441646][   T31]  #0: ffff8880321250a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x24/0x80
[ 1510.451453][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x41b/0x1510
[ 1510.461745][   T31] 4 locks held by kworker/u8:3/17773:
[ 1510.467100][   T31]  #0: ffff8880b843ac98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130
[ 1510.477015][   T31]  #1: ffff8880b8524608 (psi_seq){-.-.}-{0:0}, at: __schedule+0x19b1/0x6150
[ 1510.485721][   T31]  #2: ffff8880b85262d8 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x127/0x1d0
[ 1510.495025][   T31]  #3: ffffffff9ae53120 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0x14c/0x4c0
[ 1510.505381][   T31] 3 locks held by kworker/u8:27/19016:
[ 1510.510827][   T31]  #0: ffff88813ff69948 ((wq_completion)events_unbound#2){+.+.}-{0:0}, at: process_one_work+0x128d/0x1b20
[ 1510.522144][   T31]  #1: ffffc9000494fc90 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x914/0x1b20
[ 1510.532573][   T31]  #2: ffffffff901428a8 (rtnl_mutex){+.+.}-{4:4}, at: linkwatch_event+0x51/0xc0
[ 1510.541639][   T31] 2 locks held by syz.2.4956/24546:
[ 1510.546823][   T31]  #0: ffffffff901428a8 (rtnl_mutex){+.+.}-{4:4}, at: tun_chr_close+0x38/0x230
[ 1510.555848][   T31]  #1: ffffffff8e3d4df8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: exp_funnel_lock+0x284/0x3c0
[ 1510.565896][   T31] 
[ 1510.568206][   T31] =============================================
[ 1510.568206][   T31] 
[ 1510.576842][   T31] NMI backtrace for cpu 0
[ 1510.576858][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1510.576881][   T31] Tainted: [L]=SOFTLOCKUP
[ 1510.576886][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1510.576896][   T31] Call Trace:
[ 1510.576903][   T31]  <TASK>
[ 1510.576910][   T31]  dump_stack_lvl+0x116/0x1f0
[ 1510.576936][   T31]  nmi_cpu_backtrace+0x27b/0x390
[ 1510.576955][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1510.576974][   T31]  nmi_trigger_cpumask_backtrace+0x29c/0x300
[ 1510.576994][   T31]  sys_info+0x133/0x180
[ 1510.577018][   T31]  watchdog+0xe66/0x1180
[ 1510.577042][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1510.577058][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1510.577074][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1510.577098][   T31]  ? __kthread_parkme+0x19e/0x250
[ 1510.577116][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1510.577134][   T31]  kthread+0x3c5/0x780
[ 1510.577154][   T31]  ? __pfx_kthread+0x10/0x10
[ 1510.577174][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1510.577190][   T31]  ? __pfx_kthread+0x10/0x10
[ 1510.577210][   T31]  ret_from_fork+0x983/0xb10
[ 1510.577229][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1510.577249][   T31]  ? __switch_to+0x7af/0x10d0
[ 1510.577270][   T31]  ? __pfx_kthread+0x10/0x10
[ 1510.577290][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1510.577331][   T31]  </TASK>
[ 1510.577338][   T31] Sending NMI from CPU 0 to CPUs 1:
[ 1510.719474][    C1] NMI backtrace for cpu 1
[ 1510.719490][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1510.719507][    C1] Tainted: [L]=SOFTLOCKUP
[ 1510.719512][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1510.719520][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x20
[ 1510.719542][    C1] Code: 46 5f 02 c3 cc cc cc cc 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 13 b9 11 00 fb f4 <e9> cc 35 03 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90
[ 1510.719555][    C1] RSP: 0018:ffffc90000197de8 EFLAGS: 000002c6
[ 1510.719571][    C1] RAX: 0000000005b0640f RBX: 0000000000000001 RCX: ffffffff8b78a6d9
[ 1510.719579][    C1] RDX: 0000000000000000 RSI: ffffffff8dacf6aa RDI: ffffffff8bf2b580
[ 1510.719588][    C1] RBP: ffffed1003b57498 R08: 0000000000000001 R09: ffffed10170a673d
[ 1510.719596][    C1] R10: ffff8880b85339eb R11: ffff88801dabaff0 R12: 0000000000000001
[ 1510.719604][    C1] R13: ffff88801daba4c0 R14: ffffffff9088cdd0 R15: 0000000000000000
[ 1510.719613][    C1] FS:  0000000000000000(0000) GS:ffff8881249f2000(0000) knlGS:0000000000000000
[ 1510.719626][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1510.719635][    C1] CR2: 00007f6ac05b6ad8 CR3: 000000007b0a7000 CR4: 00000000003526f0
[ 1510.719643][    C1] Call Trace:
[ 1510.719648][    C1]  <TASK>
[ 1510.719652][    C1]  default_idle+0x13/0x20
[ 1510.719664][    C1]  default_idle_call+0x6c/0xb0
[ 1510.719675][    C1]  do_idle+0x38d/0x510
[ 1510.719695][    C1]  ? __pfx_do_idle+0x10/0x10
[ 1510.719715][    C1]  cpu_startup_entry+0x4f/0x60
[ 1510.719733][    C1]  start_secondary+0x21d/0x2d0
[ 1510.719746][    C1]  ? __pfx_start_secondary+0x10/0x10
[ 1510.719761][    C1]  common_startup_64+0x13e/0x148
[ 1510.719781][    C1]  </TASK>
[ 1510.891374][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[ 1510.898209][   T31] CPU: 0 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1510.908853][   T31] Tainted: [L]=SOFTLOCKUP
[ 1510.913153][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1510.923184][   T31] Call Trace:
[ 1510.926442][   T31]  <TASK>
[ 1510.929353][   T31]  dump_stack_lvl+0x3d/0x1f0
[ 1510.933929][   T31]  vpanic+0x640/0x6f0
[ 1510.937896][   T31]  panic+0xca/0xd0
[ 1510.941594][   T31]  ? __pfx_panic+0x10/0x10
[ 1510.945989][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1510.952296][   T31]  ? nmi_trigger_cpumask_backtrace+0x1b1/0x300
[ 1510.958432][   T31]  ? nmi_trigger_cpumask_backtrace+0x2be/0x300
[ 1510.964563][   T31]  ? watchdog+0xe83/0x1180
[ 1510.968986][   T31]  ? watchdog+0xe76/0x1180
[ 1510.973382][   T31]  watchdog+0xe94/0x1180
[ 1510.977605][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1510.982343][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1510.986999][   T31]  ? lockdep_hardirqs_on+0x7c/0x110
[ 1510.992178][   T31]  ? __kthread_parkme+0x19e/0x250
[ 1510.997179][   T31]  ? __pfx_watchdog+0x10/0x10
[ 1511.001851][   T31]  kthread+0x3c5/0x780
[ 1511.005901][   T31]  ? __pfx_kthread+0x10/0x10
[ 1511.010472][   T31]  ? rcu_is_watching+0x12/0xc0
[ 1511.015210][   T31]  ? __pfx_kthread+0x10/0x10
[ 1511.019780][   T31]  ret_from_fork+0x983/0xb10
[ 1511.024349][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[ 1511.029441][   T31]  ? __switch_to+0x7af/0x10d0
[ 1511.034098][   T31]  ? __pfx_kthread+0x10/0x10
[ 1511.038667][   T31]  ret_from_fork_asm+0x1a/0x30
[ 1511.043423][   T31]  </TASK>
[ 1511.046692][   T31] Kernel Offset: disabled
[ 1511.050991][   T31] Rebooting in 86400 seconds..